From 5517f337e1f3e813258bd3b7b9070979c2865c27 Mon Sep 17 00:00:00 2001 From: caem Date: Sun, 18 Jun 2023 22:52:24 +0200 Subject: [PATCH 1/9] Add initial framework for config --- README.md | 41 ----------- common.nix | 20 ++++++ configuration.nix | 43 ------------ environments/plasma.nix | 11 --- flake.lock | 60 ++++++++++++++++ flake.nix | 26 +++++++ packages/vim/package.nix | 35 ++++++++++ profile.nix | 2 - profiles/workstation.nix | 69 ------------------- sets/base/common.nix | 11 --- sets/base/devel.nix | 9 --- sets/base/plasma.nix | 7 -- sets/devel/c.nix | 11 --- sets/devel/git.nix | 7 -- sets/drivers/nvidia.nix | 8 --- sets/drivers/tablet.nix | 7 -- sets/graphics/art.nix | 9 --- sets/graphics/video.nix | 8 --- sets/meta/sysadmin.nix | 11 +++ .../hardware/qemu-vm.nix | 19 ++--- systems/qemu-vm.nix | 13 ++++ username.nix | 2 +- users/none.nix | 1 + users/user.nix | 44 +++++------- 24 files changed, 190 insertions(+), 284 deletions(-) delete mode 100644 README.md create mode 100644 common.nix delete mode 100644 configuration.nix delete mode 100644 environments/plasma.nix create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 packages/vim/package.nix delete mode 100644 profile.nix delete mode 100644 profiles/workstation.nix delete mode 100644 sets/base/common.nix delete mode 100644 sets/base/devel.nix delete mode 100644 sets/base/plasma.nix delete mode 100644 sets/devel/c.nix delete mode 100644 sets/devel/git.nix delete mode 100644 sets/drivers/nvidia.nix delete mode 100644 sets/drivers/tablet.nix delete mode 100644 sets/graphics/art.nix delete mode 100644 sets/graphics/video.nix create mode 100644 sets/meta/sysadmin.nix rename hardware-configuration.nix => systems/hardware/qemu-vm.nix (59%) create mode 100644 systems/qemu-vm.nix create mode 100644 users/none.nix diff --git a/README.md b/README.md deleted file mode 100644 index 87936ee..0000000 --- a/README.md +++ /dev/null @@ -1,41 +0,0 @@ -### Old Hyprland config can be found [here](https://github.com/c4em/nixos-system-config/tree/deprecated) -# nixos-system-config -Modular NixOS configuration with dotfiles. -## Usage -You should have basic knowledge of NixOS before using this project. Begin at `configuration.nix` and read through the files by following imports. -Everything should be commented. If something is not satisfactory, feel free to open up an issue or pull request. -## Layout -``` -/etc/nixos/ -├── configuration.nix ; master configuration file -├── environments ; Desktop environment specific config -│   └── plasma.nix -├── hardware-configuration.nix ; Replace this with your current hardware-configuration.nix -├── overlays ; Package overlays -├── packages ; Package specifix configuration -├── profile.nix ; Specify the profile to use -├── profiles ; Profiles, for example for different machines or workflows -│   └── workstation.nix -├── sets ; Sets of packages to install -│   ├── base -│   │   ├── common.nix -│   │   ├── devel.nix -│   │   └── plasma.nix -│   ├── devel -│   │   ├── c.nix -│   │   └── git.nix -│   ├── drivers -│   │   ├── nvidia.nix -│   │   └── tablet.nix -│   └── graphics -│   ├── art.nix -│   └── video.nix -├── username.nix ; Set current user -└── users ; Users - └── user.nix -``` -## Todo -- [ ] Hyprland configuration -- [ ] Clean up sets directory -- [ ] Add screenshots to README.md -- [ ] Home-manager configuration diff --git a/common.nix b/common.nix new file mode 100644 index 0000000..36f9179 --- /dev/null +++ b/common.nix @@ -0,0 +1,20 @@ +# Common configuration for all systems + +{ config, pkgs, ... }: + +{ + nix = { + settings.auto-optimise-store = true; + + # Clean generations older than a week + gc = { + automatic = false; # Flip this to do it automatically + dates = "weekly"; + options = "--delete-older-than 7d"; + }; + }; + + nixpkgs.config.allowUnfree = true; + + system.stateVersion = "23.05"; +} diff --git a/configuration.nix b/configuration.nix deleted file mode 100644 index 2d5071c..0000000 --- a/configuration.nix +++ /dev/null @@ -1,43 +0,0 @@ -# Master configuration file -{ config, pkgs, ... }: -let - # User configurations are stored under ./user/[username].nix - # Set the corresponding value in ./username.nix - user = import ./username.nix; -in -{ - imports = [ - ./users/${user}.nix - - # Include the results of the hardware scan. - ./hardware-configuration.nix - - # Uncomment the profile you want to use - ./profiles/workstation.nix - ]; - - # General NixOS configuration - nix = { - settings.auto-optimise-store = true; - # Automatically remove generations older than a week - gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 7d"; - }; - }; - - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - - # Use the unstable channel - system.autoUpgrade = { - enable = true; - channel = "https://nixos.org/channels/nixos-unstable"; - }; - - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.05"; -} - diff --git a/environments/plasma.nix b/environments/plasma.nix deleted file mode 100644 index a19848c..0000000 --- a/environments/plasma.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ - ../sets/base/plasma.nix - ]; - - services.xserver.enable = true; - services.xserver.displayManager.sddm.enable = true; - services.xserver.desktopManager.plasma5.enable = true; -} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..14dcb52 --- /dev/null +++ b/flake.lock @@ -0,0 +1,60 @@ +{ + "nodes": { + "impermanence": { + "locked": { + "lastModified": 1684264534, + "narHash": "sha256-K0zr+ry3FwIo3rN2U/VWAkCJSgBslBisvfRIPwMbuCQ=", + "owner": "nix-community", + "repo": "impermanence", + "rev": "89253fb1518063556edd5e54509c30ac3089d5e6", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "impermanence", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1686921029, + "narHash": "sha256-J1bX9plPCFhTSh6E3TWn9XSxggBh/zDD4xigyaIQBy8=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c7ff1b9b95620ce8728c0d7bd501c458e6da9e04", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "impermanence": "impermanence", + "nixpkgs": "nixpkgs", + "unstable": "unstable" + } + }, + "unstable": { + "locked": { + "lastModified": 1686960236, + "narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "04af42f3b31dba0ef742d254456dc4c14eedac86", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..fc18dd0 --- /dev/null +++ b/flake.nix @@ -0,0 +1,26 @@ +{ + description = "Modular multi-purpose NixOS configuration."; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05"; + unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + + # https://nixos.wiki/wiki/Impermanence + impermanence.url = "github:nix-community/impermanence"; + }; + + outputs = { self, nixpkgs, ... }@attrs: let + user = import ./username.nix; + in { + # Debugging VM configuration + nixosConfigurations.qemu-vm = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./users/${user}.nix + ./common.nix + ./systems/qemu-vm.nix + ./systems/hardware/qemu-vm.nix + ]; + }; + }; +} diff --git a/packages/vim/package.nix b/packages/vim/package.nix new file mode 100644 index 0000000..53f15b5 --- /dev/null +++ b/packages/vim/package.nix @@ -0,0 +1,35 @@ +{ pkgs, ... }: + +{ + environment.variables = { EDITOR = "vim"; }; + + environment.systemPackages = with pkgs; [ + ((vim_configurable.override { }).customize{ + name = "vim"; + + vimrcConfig.packages.plugins = with pkgs.vimPlugins; { + start = [ vim-nix ]; + opt = []; + }; + + vimrcConfig.customRC = '' + syntax on + set tabstop=4 + set shiftwidth=4 smarttab + set expandtab + set noswapfile + set incsearch + set noerrorbells + set smartindent + set number + set relativenumber + set nobackup + set undofile + set scrolloff=8 + set sidescrolloff=8 + set fileencoding='utf-8' + set nohlsearch + ''; + }) + ]; +} diff --git a/profile.nix b/profile.nix deleted file mode 100644 index b02be5f..0000000 --- a/profile.nix +++ /dev/null @@ -1,2 +0,0 @@ -# Select profile from ./profiles/ directory -"workstation" diff --git a/profiles/workstation.nix b/profiles/workstation.nix deleted file mode 100644 index 68be2bc..0000000 --- a/profiles/workstation.nix +++ /dev/null @@ -1,69 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ - # Environments - ../environments/plasma.nix # KDE/Plasma - # ../environments/hyprland.nix # Todo - - # Package sets - ../sets/base/common.nix - ../sets/drivers/nvidia.nix - ../sets/drivers/tablet.nix - ../sets/base/devel.nix - ../sets/graphics/art.nix - ../sets/graphics/video.nix - ]; - - # Bootloader - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.loader.efi.efiSysMountPoint = "/boot/efi"; - - # Hostname - networking.hostName = "nixos"; - - # Networking - networking.networkmanager.enable = true; - - # Timezone - time.timeZone = "Europe/Berlin"; - - # Locale - i18n.defaultLocale = "en_US.UTF-8"; - console.keyMap = "uk"; - i18n.extraLocaleSettings = { - LC_ADDRESS = "de_DE.UTF-8"; - LC_IDENTIFICATION = "de_DE.UTF-8"; - LC_MEASUREMENT = "de_DE.UTF-8"; - LC_MONETARY = "de_DE.UTF-8"; - LC_NAME = "de_DE.UTF-8"; - LC_NUMERIC = "de_DE.UTF-8"; - LC_PAPER = "de_DE.UTF-8"; - LC_TELEPHONE = "de_DE.UTF-8"; - LC_TIME = "de_DE.UTF-8"; - }; - - services.xserver = { - layout = "gb"; - xkbVariant = ""; - }; - - # Nvidia - services.xserver.videoDrivers = [ "nvidia" ]; - hardware.opengl.enable = true; - hardware.nvidia.modesetting.enable = true; - - # Enable audio - sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; -} - diff --git a/sets/base/common.nix b/sets/base/common.nix deleted file mode 100644 index be9e1d3..0000000 --- a/sets/base/common.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - neovim - firefox - neofetch - tree - ]; -} - diff --git a/sets/base/devel.nix b/sets/base/devel.nix deleted file mode 100644 index 4c8d9cc..0000000 --- a/sets/base/devel.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ - ../devel/git.nix - ../devel/c.nix - ]; -} - diff --git a/sets/base/plasma.nix b/sets/base/plasma.nix deleted file mode 100644 index 1dc2601..0000000 --- a/sets/base/plasma.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - kate - ]; -} diff --git a/sets/devel/c.nix b/sets/devel/c.nix deleted file mode 100644 index 1d1398c..0000000 --- a/sets/devel/c.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - gcc - clang - clang-tools - gnumake - ]; -} - diff --git a/sets/devel/git.nix b/sets/devel/git.nix deleted file mode 100644 index 197e22e..0000000 --- a/sets/devel/git.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - git - ]; -} diff --git a/sets/drivers/nvidia.nix b/sets/drivers/nvidia.nix deleted file mode 100644 index fdf60e6..0000000 --- a/sets/drivers/nvidia.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, pkgs, ... }: - -{ - services.xserver.videoDrivers = [ "nvidia" ]; - hardware.opengl.enable = true; - hardware.nvidia.modesetting.enable = true; -} - diff --git a/sets/drivers/tablet.nix b/sets/drivers/tablet.nix deleted file mode 100644 index c90699c..0000000 --- a/sets/drivers/tablet.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config, pkgs, ... }: - -{ - hardware.opentabletdriver.enable = true; - hardware.opentabletdriver.daemon.enable = true; -} - diff --git a/sets/graphics/art.nix b/sets/graphics/art.nix deleted file mode 100644 index fa9ceb3..0000000 --- a/sets/graphics/art.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - krita - gimp - ]; -} - diff --git a/sets/graphics/video.nix b/sets/graphics/video.nix deleted file mode 100644 index b3830f7..0000000 --- a/sets/graphics/video.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - kdenlive - ]; -} - diff --git a/sets/meta/sysadmin.nix b/sets/meta/sysadmin.nix new file mode 100644 index 0000000..426ec2d --- /dev/null +++ b/sets/meta/sysadmin.nix @@ -0,0 +1,11 @@ +{ config, pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ + htop + wget + curl + ]; + + services.openssh.enable = true; +} diff --git a/hardware-configuration.nix b/systems/hardware/qemu-vm.nix similarity index 59% rename from hardware-configuration.nix rename to systems/hardware/qemu-vm.nix index b7ae331..66180bc 100644 --- a/hardware-configuration.nix +++ b/systems/hardware/qemu-vm.nix @@ -5,30 +5,24 @@ { imports = - [ (modulesPath + "/installer/scan/not-detected.nix") + [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/56ec7666-a2ea-4e77-9015-00151b9b7884"; + { device = "/dev/disk/by-uuid/126df580-7925-4bb4-b280-9e7e1c238d3e"; fsType = "btrfs"; - options = [ "subvol=@" ]; }; - fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/F076-283D"; + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/8F2D-7123"; fsType = "vfat"; }; - fileSystems."/mnt/vault" = { - device = "/dev/disk/by-uuid/048d175b-0e3e-4ec7-955b-3d9a45f9f237"; - fsType = "xfs"; - }; - swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking @@ -36,8 +30,7 @@ # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp34s0.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/systems/qemu-vm.nix b/systems/qemu-vm.nix new file mode 100644 index 0000000..5fa99da --- /dev/null +++ b/systems/qemu-vm.nix @@ -0,0 +1,13 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ../sets/meta/sysadmin.nix + ../packages/vim/package.nix + ]; + + boot.loader.grub.enable = true; + boot.loader.grub.device = "/dev/vda"; + + time.timeZone = "Europe/Berlin"; +} diff --git a/username.nix b/username.nix index 8cc2f7f..718f367 100644 --- a/username.nix +++ b/username.nix @@ -1,2 +1,2 @@ -# Select user from the ./users/ directory +# Select the user from the ./users directory "user" diff --git a/users/none.nix b/users/none.nix new file mode 100644 index 0000000..a1677ed --- /dev/null +++ b/users/none.nix @@ -0,0 +1 @@ +{ } diff --git a/users/user.nix b/users/user.nix index 32ab12b..da135ab 100644 --- a/users/user.nix +++ b/users/user.nix @@ -1,30 +1,20 @@ { config, pkgs, ... }: + { - imports = [ - ]; - - users.users.user = { - isNormalUser = true; - description = "user"; - extraGroups = [ - "wheel" - "networkmanager" - "audio" - "video" - "docker" - "plugdev" - ]; - }; - - # Set to false to disable sudo password prompt - security = { - sudo.wheelNeedsPassword = true; - }; - -# home-manager.users.user = { -# home.stateVersion = "22.11"; -# }; - - # programs.home-manager.enable = true; + users.users.user = { + isNormalUser = true; + initialPassword = "ReplaceMe"; + description = "user"; + extraGroups = [ + "wheel" + "audio" + "video" + "docker" + "podman" + "networkmanager" + "kvm" + "libvirt" + "plugdev" + ]; + }; } - From a1c5c3b291ca99f9eec1bae2c30e0237345ac327 Mon Sep 17 00:00:00 2001 From: caem Date: Mon, 19 Jun 2023 22:32:04 +0200 Subject: [PATCH 2/9] Update qemu partitions to use btrfs subvolumes in preperation to erase my darlings --- systems/hardware/qemu-vm.nix | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/systems/hardware/qemu-vm.nix b/systems/hardware/qemu-vm.nix index 66180bc..16ef2fe 100644 --- a/systems/hardware/qemu-vm.nix +++ b/systems/hardware/qemu-vm.nix @@ -14,12 +14,38 @@ boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/126df580-7925-4bb4-b280-9e7e1c238d3e"; + { device = "/dev/disk/by-uuid/cba5b18e-14e6-479d-baf5-0827fced96e7"; fsType = "btrfs"; + options = [ "subvol=root" ]; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/cba5b18e-14e6-479d-baf5-0827fced96e7"; + fsType = "btrfs"; + options = [ "subvol=home" ]; + }; + + fileSystems."/nix" = + { device = "/dev/disk/by-uuid/cba5b18e-14e6-479d-baf5-0827fced96e7"; + fsType = "btrfs"; + options = [ "subvol=nix" ]; + }; + + fileSystems."/persist" = + { device = "/dev/disk/by-uuid/cba5b18e-14e6-479d-baf5-0827fced96e7"; + fsType = "btrfs"; + options = [ "subvol=persist" ]; + }; + + fileSystems."/var/log" = + { device = "/dev/disk/by-uuid/cba5b18e-14e6-479d-baf5-0827fced96e7"; + fsType = "btrfs"; + options = [ "subvol=log" ]; + neededForBoot = true; }; fileSystems."/boot" = - { device = "/dev/disk/by-uuid/8F2D-7123"; + { device = "/dev/disk/by-uuid/5725-D092"; fsType = "vfat"; }; From fb414ef4911dd86de8eea8ade6e43d37e0aa5720 Mon Sep 17 00:00:00 2001 From: caem Date: Sat, 24 Jun 2023 20:56:54 +0200 Subject: [PATCH 3/9] Fix impermanence vm --- flake.nix | 5 +-- sets/meta/sysadmin.nix | 3 +- common.nix => systems/common.nix | 2 +- systems/hardware/qemu-vm.nix | 61 +++++++++++-------------------- systems/persist/.common.nix.un~ | Bin 0 -> 549 bytes systems/persist/common.nix | 19 ++++++++++ systems/persist/qemu-vm.nix | 7 ++++ systems/qemu-vm.nix | 7 +++- username.nix | 2 - 9 files changed, 59 insertions(+), 47 deletions(-) rename common.nix => systems/common.nix (94%) create mode 100644 systems/persist/.common.nix.un~ create mode 100644 systems/persist/common.nix create mode 100644 systems/persist/qemu-vm.nix delete mode 100644 username.nix diff --git a/flake.nix b/flake.nix index fc18dd0..fbe1b76 100644 --- a/flake.nix +++ b/flake.nix @@ -10,16 +10,15 @@ }; outputs = { self, nixpkgs, ... }@attrs: let - user = import ./username.nix; + user = "user"; # Select user from `./users` directory in { # Debugging VM configuration nixosConfigurations.qemu-vm = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; + specialArgs = attrs; modules = [ ./users/${user}.nix - ./common.nix ./systems/qemu-vm.nix - ./systems/hardware/qemu-vm.nix ]; }; }; diff --git a/sets/meta/sysadmin.nix b/sets/meta/sysadmin.nix index 426ec2d..c9eaddd 100644 --- a/sets/meta/sysadmin.nix +++ b/sets/meta/sysadmin.nix @@ -1,10 +1,11 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { environment.systemPackages = with pkgs; [ htop wget curl + git ]; services.openssh.enable = true; diff --git a/common.nix b/systems/common.nix similarity index 94% rename from common.nix rename to systems/common.nix index 36f9179..f695755 100644 --- a/common.nix +++ b/systems/common.nix @@ -1,6 +1,6 @@ # Common configuration for all systems -{ config, pkgs, ... }: +{ ... }: { nix = { diff --git a/systems/hardware/qemu-vm.nix b/systems/hardware/qemu-vm.nix index 16ef2fe..a1ec463 100644 --- a/systems/hardware/qemu-vm.nix +++ b/systems/hardware/qemu-vm.nix @@ -1,53 +1,36 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{lib, modulesPath, ... }: { - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; boot.initrd.kernelModules = [ ]; + + boot.initrd.postDeviceCommands = lib.mkAfter '' + zfs rollback -r local/root@blank + ''; + boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/cba5b18e-14e6-479d-baf5-0827fced96e7"; - fsType = "btrfs"; - options = [ "subvol=root" ]; - }; + boot.zfs.devNodes = "/dev/disk/by-path"; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/cba5b18e-14e6-479d-baf5-0827fced96e7"; - fsType = "btrfs"; - options = [ "subvol=home" ]; - }; + fileSystems."/" = { + device = "local/root"; + fsType = "zfs"; + }; - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/cba5b18e-14e6-479d-baf5-0827fced96e7"; - fsType = "btrfs"; - options = [ "subvol=nix" ]; - }; - - fileSystems."/persist" = - { device = "/dev/disk/by-uuid/cba5b18e-14e6-479d-baf5-0827fced96e7"; - fsType = "btrfs"; - options = [ "subvol=persist" ]; - }; - - fileSystems."/var/log" = - { device = "/dev/disk/by-uuid/cba5b18e-14e6-479d-baf5-0827fced96e7"; - fsType = "btrfs"; - options = [ "subvol=log" ]; - neededForBoot = true; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/5725-D092"; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/1FD8-C4B8"; fsType = "vfat"; - }; + }; + + fileSystems."/nix" = { + device = "local/nix"; + fsType = "zfs"; + }; swapDevices = [ ]; diff --git a/systems/persist/.common.nix.un~ b/systems/persist/.common.nix.un~ new file mode 100644 index 0000000000000000000000000000000000000000..c4f888e167e36198945bcf961c06b6ddc5463208 GIT binary patch literal 549 zcmWH`%$*;a=aT=Ffhphemi^88H4n3A$2e4VXU}fz%y}-qUghqEM#e|_)=!QyFfa%M zF*0BTazGdaU~DiyWx7Qy3q&OT0z@8#1W5_NME(N-+!&bPC{4u>07gd)G&;UY0L|qG gVp#BlqC!dm2`K5OmL%&Jm!{;W78NU*Ha=ek0LwooU;qFB literal 0 HcmV?d00001 diff --git a/systems/persist/common.nix b/systems/persist/common.nix new file mode 100644 index 0000000..62d5674 --- /dev/null +++ b/systems/persist/common.nix @@ -0,0 +1,19 @@ +{ impermanence, ... }: + +{ + imports = [ + impermanence.nixosModules.impermanence + ]; + + environment.persistence."/nix/persist/common" = { + directories = [ + "/etc/ssh" + "/var/lib" + ]; + + files = [ + "/etc/machine-id" + "/etc/shadow" + ]; + }; +} diff --git a/systems/persist/qemu-vm.nix b/systems/persist/qemu-vm.nix new file mode 100644 index 0000000..27f4abc --- /dev/null +++ b/systems/persist/qemu-vm.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + imports = [ + ./common.nix + ]; +} diff --git a/systems/qemu-vm.nix b/systems/qemu-vm.nix index 5fa99da..13ba35d 100644 --- a/systems/qemu-vm.nix +++ b/systems/qemu-vm.nix @@ -1,13 +1,18 @@ -{ config, pkgs, ... }: +{ ... }: { imports = [ + ./hardware/qemu-vm.nix ../sets/meta/sysadmin.nix ../packages/vim/package.nix + ./common.nix + ./persist/qemu-vm.nix ]; boot.loader.grub.enable = true; boot.loader.grub.device = "/dev/vda"; + networking.hostId = "e78229f8"; + time.timeZone = "Europe/Berlin"; } diff --git a/username.nix b/username.nix deleted file mode 100644 index 718f367..0000000 --- a/username.nix +++ /dev/null @@ -1,2 +0,0 @@ -# Select the user from the ./users directory -"user" From 45d315023f207c9fae4da72db2723fa37a961ac3 Mon Sep 17 00:00:00 2001 From: caem Date: Sat, 24 Jun 2023 21:01:28 +0200 Subject: [PATCH 4/9] Add vim files to gitignore --- .gitignore | 13 +++++++++++++ systems/persist/.common.nix.un~ | Bin 549 -> 0 bytes 2 files changed, 13 insertions(+) delete mode 100644 systems/persist/.common.nix.un~ diff --git a/.gitignore b/.gitignore index 0f4ce10..8580356 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,14 @@ nixos/result + +# -- Vim -- +# swap +[._]*.s[a-w][a-z] +[._]s[a-w][a-z] +# session +Session.vim +# temporary +.netrwhist +*~ +# auto-generated tag files +tags + diff --git a/systems/persist/.common.nix.un~ b/systems/persist/.common.nix.un~ deleted file mode 100644 index c4f888e167e36198945bcf961c06b6ddc5463208..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 549 zcmWH`%$*;a=aT=Ffhphemi^88H4n3A$2e4VXU}fz%y}-qUghqEM#e|_)=!QyFfa%M zF*0BTazGdaU~DiyWx7Qy3q&OT0z@8#1W5_NME(N-+!&bPC{4u>07gd)G&;UY0L|qG gVp#BlqC!dm2`K5OmL%&Jm!{;W78NU*Ha=ek0LwooU;qFB From 26694e1e52c689123347360ee05aca7775eda324 Mon Sep 17 00:00:00 2001 From: caem Date: Sat, 24 Jun 2023 23:09:01 +0200 Subject: [PATCH 5/9] Add base homserver config --- .gitignore | 14 +---------- flake.nix | 9 +++++++ packages/vim/package.nix | 1 - systems/hardware/homeserver.nix | 44 +++++++++++++++++++++++++++++++++ systems/homeserver.nix | 38 ++++++++++++++++++++++++++++ systems/persist/common.nix | 1 - systems/persist/homeserver.nix | 7 ++++++ users/user.nix | 4 +-- 8 files changed, 101 insertions(+), 17 deletions(-) create mode 100644 systems/hardware/homeserver.nix create mode 100644 systems/homeserver.nix create mode 100644 systems/persist/homeserver.nix diff --git a/.gitignore b/.gitignore index 8580356..19d94c8 100644 --- a/.gitignore +++ b/.gitignore @@ -1,14 +1,2 @@ nixos/result - -# -- Vim -- -# swap -[._]*.s[a-w][a-z] -[._]s[a-w][a-z] -# session -Session.vim -# temporary -.netrwhist -*~ -# auto-generated tag files -tags - +pw diff --git a/flake.nix b/flake.nix index fbe1b76..ac44b6f 100644 --- a/flake.nix +++ b/flake.nix @@ -12,6 +12,15 @@ outputs = { self, nixpkgs, ... }@attrs: let user = "user"; # Select user from `./users` directory in { + nixosConfigurations.homeserver = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = attrs; + modules = [ + ./users/${user}.nix + ./systems/homeserver.nix + ]; + }; + # Debugging VM configuration nixosConfigurations.qemu-vm = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; diff --git a/packages/vim/package.nix b/packages/vim/package.nix index 53f15b5..6736793 100644 --- a/packages/vim/package.nix +++ b/packages/vim/package.nix @@ -24,7 +24,6 @@ set number set relativenumber set nobackup - set undofile set scrolloff=8 set sidescrolloff=8 set fileencoding='utf-8' diff --git a/systems/hardware/homeserver.nix b/systems/hardware/homeserver.nix new file mode 100644 index 0000000..ae36bf3 --- /dev/null +++ b/systems/hardware/homeserver.nix @@ -0,0 +1,44 @@ +{ config, lib, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "ums_realtek" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + boot.initrd.postDeviceCommands = lib.mkAfter '' + zfs rollback -r local/root@blank + ''; + + fileSystems."/" = { + device = "local/root"; + fsType = "zfs"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/5C0E-1600"; + fsType = "vfat"; + }; + + fileSystems."/nix" = { + device = "local/nix"; + fsType = "zfs"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/systems/homeserver.nix b/systems/homeserver.nix new file mode 100644 index 0000000..fc4f368 --- /dev/null +++ b/systems/homeserver.nix @@ -0,0 +1,38 @@ +{ ... }: + +{ + imports = [ + ./common.nix + ./hardware/homeserver.nix + ./persist/homeserver.nix + ../sets/meta/sysadmin.nix + ../packages/vim/package.nix + ]; + + boot.loader = { + efi = { + canTouchEfiVariables = true; + }; + grub = { + enable = true; + efiSupport = true; + device = "nodev"; + }; + }; + + networking = { + hostId = "95f846dc"; + interfaces = { + eno1.ipv4.addresses = [{ + address = "192.168.2.69"; + prefixLength = 24; + }]; + }; + }; + + time.timeZone = "Europe/Berlin"; + + console = { + keyMap = "uk"; + }; +} diff --git a/systems/persist/common.nix b/systems/persist/common.nix index 62d5674..12c5c4f 100644 --- a/systems/persist/common.nix +++ b/systems/persist/common.nix @@ -13,7 +13,6 @@ files = [ "/etc/machine-id" - "/etc/shadow" ]; }; } diff --git a/systems/persist/homeserver.nix b/systems/persist/homeserver.nix new file mode 100644 index 0000000..27f4abc --- /dev/null +++ b/systems/persist/homeserver.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + imports = [ + ./common.nix + ]; +} diff --git a/users/user.nix b/users/user.nix index da135ab..2968bdd 100644 --- a/users/user.nix +++ b/users/user.nix @@ -1,9 +1,9 @@ -{ config, pkgs, ... }: +{ ... }: { users.users.user = { isNormalUser = true; - initialPassword = "ReplaceMe"; + passwordFile = "/nix/config/pw"; # mkpasswd in config dir description = "user"; extraGroups = [ "wheel" From eafad2af578acee0c234b0b10b092c6c8066992f Mon Sep 17 00:00:00 2001 From: caem Date: Sun, 25 Jun 2023 12:21:00 +0200 Subject: [PATCH 6/9] Update homserver config --- packages/nginx/homeserver.nix | 13 ++++++++++++ packages/syncthing/homeserver.nix | 18 ++++++++++++++++ systems/hardware/homeserver.nix | 5 +++++ systems/homeserver.nix | 35 ++++++++++++++++++++++++------- users/media.nix | 8 +++++++ 5 files changed, 72 insertions(+), 7 deletions(-) create mode 100644 packages/nginx/homeserver.nix create mode 100644 packages/syncthing/homeserver.nix create mode 100644 users/media.nix diff --git a/packages/nginx/homeserver.nix b/packages/nginx/homeserver.nix new file mode 100644 index 0000000..1ab6038 --- /dev/null +++ b/packages/nginx/homeserver.nix @@ -0,0 +1,13 @@ +{ ... }: + +{ + services.nginx.enable = true; + services.nginx.virtualHosts."192.168.2.69" = { + root = "/mnt/mass/Torrents"; + extraConfig = '' + autoindex on; + ''; + }; + + networking.firewall.allowedTCPPorts = [ 80 ]; +} diff --git a/packages/syncthing/homeserver.nix b/packages/syncthing/homeserver.nix new file mode 100644 index 0000000..cddef3b --- /dev/null +++ b/packages/syncthing/homeserver.nix @@ -0,0 +1,18 @@ +{ ... }: + +{ + imports = [ + ../../users/media.nix + ]; + + services.syncthing = { + enable = true; + user = "media"; + dataDir = "/mnt/mass"; + configDir = "/mnt/mass/Services/Syncthing"; + guiAddress = "0.0.0.0:8384"; + }; + + networking.firewall.allowedTCPPorts = [ 8384 22000 ]; + networking.firewall.allowedUDPPorts = [ 22000 21027 ]; +} diff --git a/systems/hardware/homeserver.nix b/systems/hardware/homeserver.nix index ae36bf3..6083dac 100644 --- a/systems/hardware/homeserver.nix +++ b/systems/hardware/homeserver.nix @@ -29,6 +29,11 @@ fsType = "zfs"; }; + fileSystems."/mnt/mass" = { + device = "/dev/disk/by-uuid/f04baac4-40a9-4115-b09d-83b252ee69ad"; + fsType = "xfs"; + }; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/systems/homeserver.nix b/systems/homeserver.nix index fc4f368..c32506e 100644 --- a/systems/homeserver.nix +++ b/systems/homeserver.nix @@ -7,20 +7,30 @@ ./persist/homeserver.nix ../sets/meta/sysadmin.nix ../packages/vim/package.nix + ../packages/nginx/homeserver.nix + ../packages/syncthing/homeserver.nix ]; - boot.loader = { - efi = { - canTouchEfiVariables = true; + boot = { + loader = { + efi = { + canTouchEfiVariables = true; + }; + grub = { + enable = true; + efiSupport = true; + device = "nodev"; + }; }; - grub = { - enable = true; - efiSupport = true; - device = "nodev"; + + kernel = { + sysctl."net.ipv6.conf.eth0.disable_ipv6" = true; }; }; networking = { + hostName = "homeserver"; + enableIPv6 = false; hostId = "95f846dc"; interfaces = { eno1.ipv4.addresses = [{ @@ -34,5 +44,16 @@ console = { keyMap = "uk"; + nameservers = [ "1.1.1.1" "8.8.8.8" ]; + defaultGateway = "192.168.2.1"; + firewall = { + enable = true; + allowedTCPPorts = [ 22 ]; + }; + }; + + # To not mess up SSH sessions from weird terminals + environment.sessionVariables = rec { + TERM = "xterm"; }; } diff --git a/users/media.nix b/users/media.nix new file mode 100644 index 0000000..96c0a5b --- /dev/null +++ b/users/media.nix @@ -0,0 +1,8 @@ +{ ... }: + +{ + users.users.media = { + isNormalUser = true; + description = "media"; + }; +} From 6863db4fe3c593308b207afad8555e4e64bf1a91 Mon Sep 17 00:00:00 2001 From: caem Date: Sun, 25 Jun 2023 12:23:16 +0200 Subject: [PATCH 7/9] fuck you git --- systems/homeserver.nix | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/systems/homeserver.nix b/systems/homeserver.nix index c32506e..561fa03 100644 --- a/systems/homeserver.nix +++ b/systems/homeserver.nix @@ -38,12 +38,6 @@ prefixLength = 24; }]; }; - }; - - time.timeZone = "Europe/Berlin"; - - console = { - keyMap = "uk"; nameservers = [ "1.1.1.1" "8.8.8.8" ]; defaultGateway = "192.168.2.1"; firewall = { @@ -52,6 +46,10 @@ }; }; + time.timeZone = "Europe/Berlin"; + + console.keyMap = "uk"; + # To not mess up SSH sessions from weird terminals environment.sessionVariables = rec { TERM = "xterm"; From 52eb7d0db336747e96d8e491bb38ae2256b15839 Mon Sep 17 00:00:00 2001 From: caem Date: Sun, 25 Jun 2023 12:28:01 +0200 Subject: [PATCH 8/9] Add syncthing marker to gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 19d94c8..dfc1fa4 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ nixos/result pw +.stfolder From 2a0aedbd67a5e2a767413db1655411d5a9f98017 Mon Sep 17 00:00:00 2001 From: caem Date: Sun, 25 Jun 2023 12:44:09 +0200 Subject: [PATCH 9/9] Add readme --- README.md | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..ff004ab --- /dev/null +++ b/README.md @@ -0,0 +1,41 @@ +# nixos-system-config +Modular multi-purpose NixOS configuration. + +## About +Feel free to do whatever with this configuration. +This configuration [erases your darlings](https://grahamc.com/blog/erase-your-darlings/) using ZFS snapshots. +Currently only used for my homeserver, [desktop runs on Gentoo](https://git.dirae.org/caem/dotfiles). + +## Layout +``` +/nix/config +├── flake.lock +├── flake.nix ; Master configuration file +├── overlays ; Package overlays +├── packages ; Packages with configurations +│   ├── nginx +│   │   └── homeserver.nix +│   ├── syncthing +│   │   └── homeserver.nix +│   └── vim +│   └── package.nix +├── pw ; Password of your user +├── sets ; Sets of packages +│   └── meta +│   └── sysadmin.nix +├── systems ; System specific configuration +│   ├── common.nix +│   ├── hardware ; Hardware configuration of each system +│   │   ├── homeserver.nix +│   │   └── qemu-vm.nix +│   ├── homeserver.nix +│   ├── persist ; Persistence configuration of each system +│   │   ├── common.nix +│   │   ├── homeserver.nix +│   │   └── qemu-vm.nix +│   └── qemu-vm.nix +└── users ; User specific configuration + ├── media.nix + ├── none.nix + └── user.nix +```