GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → martinbaillie → dotfiles

martinbaillie / dotfiles

Licence: other
🏠

Programming Languages

Nix
1067 projects
emacs lisp
2029 projects
shell
77523 projects
lua
6591 projects
Makefile
30231 projects
CSS
56736 projects
YASnippet
69 projects

Labels

macosdotfilesnixopenbsdemacsnixosexwmnix-flake

Projects that are alternatives of or similar to dotfiles

deadnix
Scan Nix files for dead code
Stars: ✭ 121 (+128.3%)
Mutual labels:  nix, nixos, nix-flake
dotfiles
Dotfiles
Stars: ✭ 25 (-52.83%)
Mutual labels:  nix, nixos, nix-flake
base16.nix
Quickly theme programs in your favourite base16 colorscheme
Stars: ✭ 61 (+15.09%)
Mutual labels:  nix, nixos, nix-flake
nixdots
I have no idea what the hell I'm doing
Stars: ✭ 46 (-13.21%)
Mutual labels:  nix, nixos, nix-flake
digga
A flake utility library to craft shell-, home-, and hosts- environments.
Stars: ✭ 818 (+1443.4%)
Mutual labels:  nix, nixos, nix-flake
nyx
⚙️Nix[OS] Configuration
Stars: ✭ 50 (-5.66%)
Mutual labels:  nix, nixos, nix-flake
flake-utils-plus
Use Nix flakes without any fluff.
Stars: ✭ 280 (+428.3%)
Mutual labels:  nix, nixos, nix-flake
nix-config
A collection of my system configs and dotfiles
Stars: ✭ 35 (-33.96%)
Mutual labels:  nix, nixos, nix-flake
dotnix
nix stuff
Stars: ✭ 27 (-49.06%)
Mutual labels:  nix, nixos, nix-flake
microvm.nix
NixOS MicroVMs
Stars: ✭ 136 (+156.6%)
Mutual labels:  nix, nixos, nix-flake
nix-configs
My Nix{OS} configuration files
Stars: ✭ 54 (+1.89%)
Mutual labels:  nix, nixos, nix-flake
system
The system configuration of a professional yak shaver
Stars: ✭ 42 (-20.75%)
Mutual labels:  nix, nixos, nix-flake
emergency-kexec
Kexec into an in-memory emergency system
Stars: ✭ 21 (-60.38%)
Mutual labels:  nix, nixos
elemental
Elemental, the component parts of a Nix/OS development system.
Stars: ✭ 44 (-16.98%)
Mutual labels:  nix, nixos
nix-home
A Nix Home Manager setup. I've now moved to a new configuration system at hugoreeves/elemental
Stars: ✭ 60 (+13.21%)
Mutual labels:  nix, nixos
nixops-tutorial
Tutorial for practical deployments with NixOps
Stars: ✭ 93 (+75.47%)
Mutual labels:  nix, nixos
dotfiles
My personal dotfiles
Stars: ✭ 71 (+33.96%)
Mutual labels:  nix, nix-flake
nix-portable
Nix - Static, Permissionless, Installation-free, Pre-configured
Stars: ✭ 356 (+571.7%)
Mutual labels:  nix, nixos
nixpkgs
Nix Packages collection used in Nubank
Stars: ✭ 24 (-54.72%)
Mutual labels:  nix, nixos
presentations
Presentations at the Tokyo Nixos Meetup
Stars: ✭ 57 (+7.55%)
Mutual labels:  nix, nixos
View All Similar Projects ➔

🏡 https://img.shields.io/badge/built_with-Nix-5277C3.svg?logo=nixos&labelColor=24292E https://img.shields.io/travis/martinbaillie/dotfiles/master.svg?label=NixOS&logo=travis&labelColor=24292E https://github.com/martinbaillie/dotfiles/workflows/macOS/badge.svg

About

Welcome to the bikeshed!

This repository houses all my machine configurations expressed declaratively using a Nix flake. It covers both my personal and work devices that are running either NixOS or macOS.

The expressions are organised into platform-agnostic modules that leverage the likes of the nixpkgs, home-manager and nix-darwin to fully configure the OS and userspace from scratch.

These days I am spending the majority of time in either Firefox or Emacs (+vterm). On NixOS I am using EXWM and on macOS I am usually just running native fullscreen, ⌘↹ing between the two previously mentioned apps. Additionally, a simple theming system is used to switch various things between light and dark versions, and a secrets attribute set (kept encrypted in a private repository) is referenced throughout.

NOTE: Some twisted souls found value in all the ricing of the previous incarnation of this repository. I’ll keep archived on this branch for reference.

CI (Travis for NixOS, GitHub Actions for macOS) runs on push. The jobs generate a special CI machine that imports every module, and derives either a NixOS VM (via QEMU) or simply builds on a fresh Darwin agent VM (in the case of macOS). The resultant binaries are pushed to Cachix and subsequently become available for any of my other machines, saving a lot of wasted battery!

The Makefile (in conjunction with some helpful aliases) is used to drive most actions, abstracting away NixOS/macOS differences where necessary.

Installation Notes

Below are some rough platform specific installation notes I use to go from fresh installs to fully configured machine.

macOS

From a fresh macOS install.

Enable SSHd

sudo systemsetup -setremotelogin on

Install XCode

sudo xcodebuild -license

Install Homebrew for those macOS GUI apps unmanageable through Nix

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"

[APPLE SILICON] Install Rosetta2

softwareupdate --install-rosetta

Install Nix (multi-user)

NOTE: Do not use sudo here.

# curl https://nixos.org/nix/install | sh
sh <(curl -L https://nixos.org/nix/install) --darwin-use-unencrypted-nix-store-volume --daemon

Enable Flakes and experimental commands

Move to experimental.

nix-env -iA nixpkgs.nixUnstable
cat << EOF | sudo tee -a /etc/nix/nix.conf
experimental-features = nix-command flakes
extra-platforms = x86_64-darwin aarch64-darwin
EOF
sudo launchctl kickstart -k system/org.nixos.nix-daemon

[OPTIONAL] Confirm remotely accessible

ssh $REMOTE nix-daemon --version

[OPTIONAL] Seed Nix store contents from an existing Darwin machine

nix copy --no-check-sigs --keep-going --to ssh-ng://$REMOTE ~/.nix-profile

Grab dotfiles using forwarded agent

sudo git clone --recursive [email protected]:martinbaillie/dotfiles.git /etc/dotfiles
sudo chown -R $USER: /etc/dotfiles

Optionally decrypt secrets one-off

If not forwarding.

nix-shell -p gpg
mkdir -m 700 ~/.gnupg-temp
<download gpg key>  > ~/.gnupg-temp/temporary.asc
gpg --homedir ~/.gnupg-temp --import temporary.asc
gpg --homedir ~/.gnupg-temp -d secrets.nix.gpg > secrets.nix
gpg-connect-agent --homedir ~/.gnupg-temp KILLAGENT /bye
rm -r ~/.gnupg-temp

Set up Cachix one-off

nix-shell -p cachix
cachix use martinbaillie

Switch to Nix configuration based on hostname

make switch

Switch login shell to zsh

chsh -s /run/current-system/sw/bin/zsh $USER

Configure Emacs

make config-emacs

Configure Casks

Set Flux, Karabiner, Spectacle, Cursorcerer to start at boot, install kernel extensions and so on.

Bump Kernel / User Limits

NixOS

Media

Download and verify latest NixOS minimal ISO:

"21.05"

#+RESULTS[8f7a4f3511d5d6152ec17fdf52addc1eecd1a880]: nixos-ver

21.05

(format "%s.2796.110a2c9ebbf" nixos-ver)

#+RESULTS[d02522c67a569b479981b108c6d2236d90a80aec]: nixos-rel

21.05.2796.110a2c9ebbf

(format "https://releases.nixos.org/nixos/%s" nixos-ver)

#+RESULTS[6ea8b95b40577283983b31f1862093ba872ded97]: nixos-url

https://releases.nixos.org/nixos/21.05

curl -O ${NIXOS_URL}/nixos-${NIXOS_REL}/nixos-minimal-${NIXOS_REL}-x86_64-linux.iso
curl -O ${NIXOS_URL}/nixos-${NIXOS_REL}/nixos-minimal-${NIXOS_REL}-x86_64-linux.iso.sha256
sha256sum -c nixos-minimal-${NIXOS_REL}-x86_64-linux.iso.sha256

Create a bootable NixOS USB (macOS example):

diskutil list # Find USB
diskutil unmountDisk /dev/disk2
dd if=nixos-minimal-${NIXOS_REL}-x86_64-linux.iso of=/dev/rdisk2 bs=4m
diskutil unmountDisk /dev/disk2

Create a bootable NixOS USB (NixOS example):

lsblk -i # Locate the device.
cp nixos-minimal-${NIXOS_REL}-x86_64-linux.iso /dev/sdX # Target whole disk.

BIOS Tweaks (ThinkPad)

  • [X] Disable Secure Boot
  • [X] Enable CSM Support

Boot

Setup networking:

sudo su
wpa_supplicant -B -i interface -c <(wpa_passphrase 'SSID' 'key')
ip addr

Conduct rest of install from other laptop for convenience (+SSH agent forwarding):

ssh -A root@<addr>

Partition

Create a 500M boot partition:

gdisk /dev/nvme0n1
#  o (create new empty partition table)
#  n (add partition, 500M, type ef00 EFI)
#  n (add partition, remaining space, type 8301 Linux Reserved - in the absence of a LUKS code)
#  w (write partition table and exit)

Setup the encrypted LUKS partition and open it:

cryptsetup luksFormat /dev/nvme0n1p2
cryptsetup luksOpen /dev/nvme0n1p2 enc-pv

Create two logical volumes (swap and root):

pvcreate /dev/mapper/enc-pv
vgcreate vg /dev/mapper/enc-pv
lvcreate -L 8G -n swap vg
lvcreate -l '100%FREE' -n root vg

Format the partitions:

mkfs.fat -F 32 /dev/nvme0n1p1
mkfs.ext4 -L root /dev/vg/root
mkswap -L swap /dev/vg/swap

Install

Mount the partitions just created under /mnt:

mount /dev/vg/root /mnt
mkdir /mnt/boot
mount /dev/nvme0n1p1 /mnt/boot
swapon /dev/vg/swap

Install:

useradd -m -G wheel martin
sudo su - martin
nix-shell -p git --run \
    git clone --recursive [email protected]:martinbaillie/dotfiles.git \
    /mnt/etc/dotfiles

nix-shell -p nixUnstable -p git
sudo -E nixos-install --option pure-eval no --flake .\#$HOSTNAME

# make -C /mnt/etc/dotfiles install

Iterative Troubleshooting

If system doesn’t boot:

cryptsetup luksOpen /dev/nvme0n1p2 enc-pv
lvchange -a y /dev/vg/swap
lvchange -a y /dev/vg/root
mount /dev/vg/root /mnt
mount /dev/nvme0n1p1 /mnt/boot
swapon /dev/vg/swap
wpa_supplicant -B -i interface -c <(wpa_passphrase 'SSID' 'key')
nixos-enter

Try again.

Import GPG key

gpg --import ~/.gnupg/gpg.asc

Configure Emacs

make config-emacs

References

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].