Skip to content

ZeroDeth/nixos

 
 

Repository files navigation

Introduction

Welcome to my modular NixOS system configuration.

There are three essential components: hosts, users and modules.

A host expression represents a physical or virtual machine. A host has one or more users and imports their configuration.

User configrations are handled by Home Manager.

Modules are regular NixOS/Home Manager modules used by host and user expressions.

Additions to /nix

  • /nix/nixpkgs - A clone of the nixpkgs repository
  • /nix/current - The active configuration
  • /nix/channels/nixos - Local copy of the unstable channel, used as the default Nix expression search path

Additions to /etc

  • /etc/nixos/options.json - JSON file of all available NixOS options
  • /etc/nixos/system-packages - List of installed packages

Files & directories

Main directory

Scripts

  • rebuild.sh - Wrapper for nixos-rebuild switch

    Example

    ./rebuild.sh xps15@home
  • update.sh - Updates flake inputs, /nix/nixpkgs and packages managed by niv

  • clean-up.sh - Removes old generations and collects garbage

VSCode

Scripts to simplify the work with VSCode extensions.

  • add-vscode-extension.sh - Add VSCode extension to nix/sources.json

    Example

    ./add-vscode-extension.sh formulahendry.auto-rename-tag
  • update-vscode-extensions.sh - Updates all extensions to the latest version

IntelliJ IDEA

Scripts to simplify the work with IntelliJ IDEA plugins.

  • add-idea-plugin.sh - Add IDEA plugin to nix/sources.json

hosts/

  • _all - Base expression, imported by all other hosts
  • xps15 - Contains common configuration for Dell XPS15
  • xps15@home - Specialization of xps15 for home
  • ...

users/

  • _all - Base expression, imported by all other users
  • markus - My base user configuraton
  • markus@home - Specialization for home
  • ...

modules/

nixos/

  • android - Support for Android devices
  • avahi - Configures avahi
  • base-packages - Collection of essential CLI tools
  • btrfs - Configures btrfs
  • build-essentials - Build essentials
  • command-not-found - Adds simple command-not-found script
  • compatibility - Adds fhs-shell, a FHS-compatible shell
  • desktop - Essential packages for desktop environments
  • docker - Adds Docker and utilities
  • ecryptfs - Support for eCryptfs
  • emacs - Adds Emacs
  • fonts - Adds some fonts
  • gnome - Configures Gnome desktop environment
  • grub-efi - Configures GRUB for UEFI systems
  • kodi - Adds Kodi
  • kvm - Support for KVM
  • libreoffice - Adds LibreOffice
  • nvidia - Configures proprietary NVIDIA drivers
  • nix - Nix configuration and additions
  • opengl - Configures OpenGL
  • pipewire - Configures PipeWire
  • resolved - Configures systemd-resolved
  • snapper - Configures Snapper to create snapshots of /home on boot
  • sshd - Configures OpenSSH server
  • steam - Configures Steam
  • sway - Configures sway window manager
  • systemd-boot - Configures systemd-boot
  • virtualbox - Adds VirutalBox and utilities
  • waydroid - Adds Waydroid
  • wayland - Adds Wayland utilities
  • x11 - Configures X11

home-manager/

  • ansible - Adds Ansible
  • bash - Configures Bash shell
  • borg-backup - Adds job which runs BorgBackup/borgmatic
  • chromeos - Use if ChromeOS
  • chromium - Configures Chromium web browser and extensions
  • cloud-tools - Kubernetes and cloud related packages
  • conky - Configures conky
  • dconf - Loads dconf configuration from file
  • disable-bluetooth - Disables Bluetooth on start
  • doom-emacs - Configures Doom Emacs
  • emacs - Configures Emacs
  • fish - Configures Fish shell
  • hide-applications - Hides applications from launcher
  • java-development - Java development related packages
  • non-nixos - Use if other Linux OS than NixOS
  • nixos - NixOS configuration and additions
  • vscode-profiles - Adds VSCode with multiple profiles

overlays/

Contains some custom overlays.

  • application/networking/browsers/chromium - Chromium with Wayland support
  • desktops/gnome/core/gnome-terminal - Gnome Terminal with transparency patch
  • desktops/gnome/core/nautilus - Change grid icon sizes
  • tools/package-management/nix - Patched to allow downloads from VSCode Marketplace

pkgs/

Contains a bunch of extra packages.

repos/

  • credentials - Local repository with one file default.nix, which is used to store the passwords for users. Must be created manually.

    Example

    {
      user.password = "password";
      # user.hashedPassword = "..."; # Generated with 'mkpasswd -m sha-512'
    }

These repositories are added as Git submodules.

examples/docker/

Demonstrates how to build a Docker image from Nix expressions.

nix build --impure
docker load < result
docker run --rm -ti hello-docker:latest

examples/jdk15/

Shows how to create development shells with Nix expressions.

nix develop

Appendix A: Example NixOS installation (VirtualBox)

Preparation

File system

  • Create partitions

    parted /dev/sda -- mklabel gpt
    parted /dev/sda -- mkpart ESP fat32 1MiB 512MiB
    parted /dev/sda -- set 1 esp on
    parted /dev/sda -- mkpart primary 512MiB 100%
  • Set up LUKS

    cryptsetup luksFormat /dev/sda2
    cryptsetup luksOpen /dev/sda2 crypt
  • Create filesystems

    mkfs.btrfs -L nixos /dev/mapper/crypt
    mount /dev/disk/by-label/nixos /mnt/
    btrfs subvolume create /mnt/root
    btrfs subvolume create /mnt/nix
    btrfs subvolume create /mnt/var
    btrfs subvolume create /mnt/home
    btrfs subvolume create /mnt/home/.snapshots
    btrfs subvolume create /mnt/data
    umount /mnt
    
    mkfs.fat -F 32 -n boot /dev/sda1
  • Mount volumes

    mount /dev/disk/by-label/nixos -o subvol=root,noatime,compress=zstd:1 /mnt
    mkdir -p /mnt/{boot,data,home,nix,var}
    mount /dev/disk/by-label/boot /mnt/boot/
    mount /dev/disk/by-label/nixos -o subvol=data,noatime,compress=zstd:1 /mnt/data
    mount /dev/disk/by-label/nixos -o subvol=home,noatime,compress=zstd:1 /mnt/home
    mount /dev/disk/by-label/nixos -o subvol=nix,noatime,compress=zstd:1 /mnt/nix
    mount /dev/disk/by-label/nixos -o subvol=var,noatime,compress=zstd:1 /mnt/var

Swap

  • Create swap file

    truncate -s 0 /mnt/.swapfile
    chattr +C /mnt/.swapfile
    btrfs property set /mnt/.swapfile compression none
    fallocate -l 4G /mnt/.swapfile
    chmod 600 /mnt/.swapfile
  • Activate swap

    mkswap /mnt/.swapfile
    swapon /mnt/.swapfile
    

Installation

  • Enter Nix shell

    nix-shell -p git nixUnstable
  • Clone repository

    cd /mnt/data
    git clone https://github.com/mrkuz/nixos.git
    cd nixos
  • Change dotfiles.url in flake.nix to point to the GitHub repository, not local directory.

    {
      dotfiles = {
        url = "github:mrkuz/dotfiles";
        flake = false;
      };
    }
  • Create credentials repository

    mkdir repos/credentials
    cd repos/credentials
    git config --global user.name "User"
    git config --global user.email "user@localhost"
    git init
  • Create repos/credentials/default.nix and set password for the user user.

    {
      user.password = "...";
      # user.hashedPassword = "..."; # Generated with 'mkpasswd -m sha-512'sha-512'
    }
    git add default.nix
    git commit -m "Add credentials"
  • Update credentials.url in flake.nix. Must be an absolute path.

  • Update inputs

    export NIX_CONFIG="experimental-features = nix-command flakes"
    ./update.sh
  • Install

    nixos-install --root /mnt --flake /mnt/data/nixos#virtualbox
  • Reboot

Final steps

  • Move configuration to final location

    mkdir -p ~/etc/
    sudo mv /data/nixos ~/etc
    sudo chown user:user -R ~/etc/nixos
    cd ~/etc/nixos
  • Initialize submodules

    git submodule init
    git submodule update
  • Replace dotfiles.url and credentials.url in flake.nix with absolute paths.

    {
      dotfiles = {
        url = "/home/user/etc/nixos/repos/dotfiles";
        flake = false;
      };
      credentials = {
        url = "/home/user/etc/nixos/repos/credentials";
        flake = false;
      };
    }
  • Clone nixpkgs (optional)

    sudo git clone https://github.com/NixOS/nixpkgs.git /nix/nixpkgs
    cd /nix/nixpkgs
    sudo git checkout nixos-unstable
  • Update and rebuild system

    ./update.sh
    ./rebuild.sh virtualbox

Appendix B: Example installation on Ubuntu

  • Install nix

    sh <(curl -L https://nixos.org/nix/install) --daemon
  • Add yourself as trusted user to /etc/nix/nix.conf

    trusted-users = root user
    
  • Clone nixpkgs (optional)

    sudo git clone https://github.com/NixOS/nixpkgs.git /nix/nixpkgs
    cd /nix/nixpkgs
    sudo git checkout nixos-unstable
  • Clone repository

    mkdir ~/etc
    cd ~/etc
    git clone https://github.com/mrkuz/nixos.git
    cd nixos
  • Initialize submodules

    git submodule init
    git submodule update
  • Create credentials repository with empty default.nix

    mkdir repos/credentials
    cd repos/credentials
    git init
    touch default.nix
    git add default.nix
    git commit -m "Add credentials"
    cd ../..
  • Replace dotfiles.url and credentials.url in flake.nix with absolute paths.

    {
      dotfiles = {
        url = "/home/user/etc/nixos/repos/dotfiles";
        flake = false;
      };
      credentials = {
        url = "/home/user/etc/nixos/repos/credentials";
        flake = false;
      };
    }
  • Update inputs and install

    export NIX_CONFIG="experimental-features = nix-command flakes"
    ./update.sh
    nix build .#user@ubuntu
    ./result/activate

Appendix C: Build and run Docker image

nix build .#docker
docker import result/tarball/nixos-system-x86_64-linux.tar.xz nixos
docker run --rm -t --name nixos --tmpfs /run -v /sys/fs/cgroup:/sys/fs/cgroup:ro nixos /init

# Other terminal
docker exec -ti nixos /run/current-system/sw/bin/bash

Appendix D: File structures

Hosts

  1. Imports
  2. Modules
  3. Boot
  4. Networking
  5. Filesystems
  6. Hardware
  7. systemd
  8. Services
  9. Security
  10. Virtualization
  11. Environment
  12. Activation
  13. Packages
  14. Fonts
  15. Users

NixOS modules

Same as hosts

Home Manager modules

  1. Packages
  2. Services
  3. Activation

Users

  1. Imports
  2. Modules
  3. Files
  4. Services
  5. Activation
  6. Packages

About

My NixOS configuration.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Nix 94.2%
  • Shell 5.8%