Nix Configurations
This is my humble flakes-only collection of all and everything needed to set up and maintain all my nixified devices.
Features
- Automation scripts to setup a fresh installation and update the system easily
- Secret management in NixOS (agenix) and home-manager (homeage) with age
- nix-on-droid-managed android phone with home-manager
- Generated shell scripts are always linted with shellcheck
- Checks source code with deadnix, statix and nixpkgs-fmt (using nix-formatter-pack)
- Github Actions pipeline for aarch64-linux systems
- Every output is built with Github Actions and pushed to cachix
- Weekly automatic flake input updates committed to master when CI passes
- Automatic deployments on all NixOS systems with cachix deployment agents after successful pipeline runs
Supported configurations
- NixOS-managed
argon
(Oracle Cloud Compute Instance)krypton
(private server)neon
(private laptop)xenon
(Raspberry Pi 3B+)
- home-manager-managed
M386
with Ubuntu 20.04 (work laptop)gamer
on WSL2 with Ubuntu 20.04 (windows dual boot for games and stuff)
- nix-on-droid-managed
oneplus5
See flake.nix for more information like system
.
First installation
If any of these systems need to be reinstalled, you can run:
nix run \
--option extra-substituters "https://gerschtli.cachix.org" \
--option extra-trusted-public-keys "gerschtli.cachix.org-1:dWJ/WiIA3W2tTornS/2agax+OI0yQF8ZA2SFjU56vZ0=" \
github:Gerschtli/nix-config#setup
Note:
- NixOS-managed systems should be set up like written in the NixOS manual.
Manual instructions for some systems
Raspberry Pi
- Build image
nix build ".#rpi-image"
- Copy (
dd
)result/sd-image/*.img
to sd-card - Inject sd-card in raspberry and boot
Update firmware
Firmware of Raspberry Pi needs to be updated manually on a regular basis with the following steps:
- Build firmware
nix build ".#rpi-firmware"
- Mount
/dev/disk/by-label/FIRMWARE
- Create backup of all files
- Copy
result/*
to firmware partition (ensure that old ones are deleted) - Unmount and reboot
Ubuntu 20.04
# update and install system packages
sudo apt update
sudo apt upgrade
sudo apt install zsh
# install nix setup
sh <(curl -L https://nixos.org/nix/install) --no-channel-add --no-modify-profile
. ~/.nix-profile/etc/profile.d/nix.sh
nix run \
--extra-experimental-features "nix-command flakes" \
--option extra-substituters "https://gerschtli.cachix.org" \
--option extra-trusted-public-keys "gerschtli.cachix.org-1:dWJ/WiIA3W2tTornS/2agax+OI0yQF8ZA2SFjU56vZ0=" \
github:Gerschtli/nix-config#setup
# download and install UbuntuMono from nerdfonts.com
# set login shell
chsh -s /bin/zsh
# configure inotify watcher
echo "fs.inotify.max_user_watches = 524288" | sudo tee /etc/sysctl.d/local.conf
# set default shell (needed if using home-manager to setup xsession)
sudo ln -snf bash /bin/sh
Oracle Cloud ARM Compute Instance
- Create final boot volume
- Create any instance
- Detach boot volume
- Create bootstrap instance
- Create "VM.Standard.A1.Flex"
- with Ubuntu 20.04
- 1 OCPUs and 6 GB of memory
- set ssh public key
- Attach previously created boot volume as block volume (via ISCSI)
- ssh into instance with
ubuntu
user - Login as
root
- Set ssh public key in
/root/.ssh/authorized_keys
and run nixos-infect:cat /home/ubuntu/.ssh/authorized_keys > /root/.ssh/authorized_keys curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-22.05 bash -x
- ssh into instance with
root
user - Add the following to
/etc/nixos/configuration.nix
:{ boot.loader.grub.efiSupport = true; boot.loader.grub.device = "nodev"; services.openiscsi.enable = true; services.openiscsi.name = "x"; }
- Activate with
nixos-rebuild switch
- Copy and run ISCSI mount commands from Oracle Cloud WebUI
- Install NixOS like described in NixOS manual with following options:
{ services.openssh.enable = true; services.openssh.permitRootLogin = "yes"; }
- Copy and run ISCSI unmount commands from Oracle Cloud WebUI
- Detach volume in Oracle Cloud WebUI
- Create "VM.Standard.A1.Flex"
- Create final instance
- Create instance of previously created boot volume
- ssh into instance with
root
user and password - Run setup script like
nix run \ --extra-experimental-features "nix-command flakes" \ --option extra-substituters "https://gerschtli.cachix.org" \ --option extra-trusted-public-keys "gerschtli.cachix.org-1:dWJ/WiIA3W2tTornS/2agax+OI0yQF8ZA2SFjU56vZ0=" \ github:Gerschtli/nix-config#setup
Note: This is all needed to be able to partition the volume to have more than 100MB available in /boot
. The boot
volume of the bootstrap instance can be reused at any time.
TODOs
- NixOS setup script:
/home/tobias/.age
is missing - Provide ISO-images for NixOS configurations
- Set up nixos-shell and similar for an ubuntu image to easily test setup script