Finalize Working Version (#1)
* Add more GNOME helpers. * Fix typo, adjust output. * Update readme. * Add more programs and a TBD. * Add OpenJDK 8 as well. * More programs, fix mlocate, start working on GNOME settings. * Add success message. * Fixing favorites, for some reason the files are different on NixOS than systems using Ansible. * Add cron. Start working on header details. * Modify Python configuration for ansible playbooks. * More work on Python. Still not getting success with psutil. * NixOS, python, and psutil are still being dumb with ansible. * Add imagemagick for compressing file sizes. * Automatically create backups the first time this is run each day. * Create an example file. * More comments, SSHD config, a few fixes, some TBDs, and general reorganization. * Add a disclaimer. * Make the file look more like a developer wrote it. * Try adding wallets. Exodus seems broken. Monero works. * Start trying a different route for dconf settings. May require "home manager". * Add Docker. * Create a static and ansible file. Import them, and give examples of what they are for. * Add comments brainstorming how to do the different setups. * Add home-manager. Still no luck with dconf. Not in Ansible either. * Add godot. * Add zsh. * Move to Godot4. * Remove extra space. * Add balena etcher for USB sticks. * Remove etcher, seems to have broken ability to update or install anything. * Add a bittorrent client. * Remove excess ssh ports. They were probably for testing.
This commit is contained in:
parent
580c8757c6
commit
730eaf9faa
11
README.md
11
README.md
@ -1,2 +1,11 @@
|
||||
# nixos
|
||||
# My NixOS Configuration(s)
|
||||
Configuration file and helper scripts for my NixOS setup.
|
||||
|
||||
Just startred researching NixOS at the end of August 2023 and seeing if it makes
|
||||
more sense than using Ansible across a multitude of different OS's.
|
||||
|
||||
## DISCLAIMERS
|
||||
### THIS PROJECT IS A WORK IN PROGRESS
|
||||
|
||||
Currently still considered early alpha phase. Things work, but still have a ways
|
||||
to go before the system is completely ready for "production".
|
||||
|
45
activate.sh
45
activate.sh
@ -6,21 +6,56 @@
|
||||
DIR="$(dirname -- "${BASH_SOURCE[0]}")"
|
||||
PROG="$(basename -- "${BASH_SOURCE[0]}")"
|
||||
|
||||
nix_ext="nix"
|
||||
nixos_dir="/etc/nixos"
|
||||
date_YYYYMMDD="`date "+%Y%m%d"`"
|
||||
backup_dir="$nixos_dir/${date_YYYYMMDD}_Backups"
|
||||
|
||||
## Main ##
|
||||
|
||||
echo "Requesting sudo password if it has not already been requested recently."
|
||||
sudo echo "Success!"
|
||||
|
||||
# Make a backup if one does not already exist for today.
|
||||
if [[ ! -e "$backup_dir" ]]; then
|
||||
echo -e "\nSaving backups for today."
|
||||
sudo mkdir -pv "$backup_dir"
|
||||
sudo cp -v "$nixos_dir"/*."$nix_ext" "$backup_dir"/
|
||||
fi
|
||||
|
||||
# Ensure unmaintained files exist for import.
|
||||
nix_static=$nixos_dir/static.nix
|
||||
if [[ ! -e $nix_static ]]; then
|
||||
echo "Creating '$nix_static'."
|
||||
echo -e "{ config, pkgs, nix, ... }:\n\n{\n #\n}" | sudo tee $nix_static
|
||||
fi
|
||||
nix_ansible=$nixos_dir/ansible.nix
|
||||
if [[ ! -e $nix_ansible ]]; then
|
||||
echo "Creating '$nix_ansible' from '$nix_static'."
|
||||
cp -v $nix_static $nix_ansible
|
||||
fi
|
||||
|
||||
# Start the chain.
|
||||
sudo echo "Success!" &&
|
||||
sleep 0 &&
|
||||
|
||||
# Essentials, jeez!
|
||||
echo "Making sure that /bin/bash is available." &&
|
||||
sudo ln -vqfs `which bash` /bin/bash &&
|
||||
echo -e "\nMaking sure that /bin/bash is available." &&
|
||||
sudo ln -vfs `which bash` /bin/bash &&
|
||||
|
||||
# Install Home Manager for usage in configuration.nix type files.
|
||||
echo -e "\nAdd Home Manager." &&
|
||||
sudo nix-channel \
|
||||
--add https://github.com/nix-community/home-manager/archive/master.tar.gz \
|
||||
home-manager
|
||||
sudo nix-channel --update
|
||||
|
||||
# Main install.
|
||||
echo "Switching to the new configuration." &&
|
||||
sudo cp $DIR/configuration.nix /etc/nixos/configuration.nix &&
|
||||
echo -e "\nSwitching to the new configuration." &&
|
||||
sudo cp "$DIR"/*."$nix_ext" "$nixos_dir"/ &&
|
||||
sudo nixos-rebuild switch &&
|
||||
|
||||
# Completed successfully.
|
||||
echo -e "\nSuccess!" &&
|
||||
exit 0
|
||||
|
||||
## Errors ##
|
||||
|
25
ansible.nix.example
Normal file
25
ansible.nix.example
Normal file
@ -0,0 +1,25 @@
|
||||
# The ansible.nix file is for the Hyperling Ansible project to maintain. It
|
||||
# should never be altered by hand unless Ansible has been turned off cron.
|
||||
# https://github.com/Hyperling/ansible
|
||||
{ config, pkgs, nix, ... }:
|
||||
|
||||
{
|
||||
# tasks/general/software/swap.yml
|
||||
# Use general.ini to set up the swap commands and this should be generated.
|
||||
swapDevices = [ { device = "/swapfile"; } ];
|
||||
|
||||
###
|
||||
# TBD
|
||||
##
|
||||
# Should this file include others? Or use blockinfile? searching for the
|
||||
# headers below and then add their contents if they are wanted? Doing more
|
||||
# includes might get messy, would probably want an entire ansible folder
|
||||
# rather than adding more stuff to the roor /etc/nixos directory.
|
||||
###
|
||||
|
||||
## General ##
|
||||
|
||||
## Workstation ##
|
||||
|
||||
## Server ##
|
||||
}
|
@ -2,13 +2,56 @@
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
###############################################################################
|
||||
# Helpful Documentation
|
||||
#
|
||||
# NixOS Manual:
|
||||
# https://nixos.org/manual/nixos/stable/
|
||||
#
|
||||
# NixOS All Options:
|
||||
# https://nixos.org/manual/nixos/stable/options.html
|
||||
#
|
||||
# Option Search:
|
||||
# https://search.nixos.org/options
|
||||
#
|
||||
# Package Search:
|
||||
# https://search.nixos.org/packages
|
||||
###############################################################################
|
||||
|
||||
###############################################################################
|
||||
# TBD
|
||||
# Make each section is own $.nix file and include it based on Ansible checks.
|
||||
###############################################################################
|
||||
|
||||
{ config, pkgs, nix, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
#############################################################################
|
||||
# System Configuration
|
||||
#############################################################################
|
||||
|
||||
imports =[
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
# Include any static entries that are handled outside of this project.
|
||||
./static.nix
|
||||
# Include anything that Ansible has created.
|
||||
./ansible.nix
|
||||
# Home Manager.
|
||||
<home-manager/nixos>
|
||||
];
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
|
||||
#############################################################################
|
||||
# System Package Configuration
|
||||
#############################################################################
|
||||
|
||||
# Bootloader.
|
||||
boot.loader.grub.enable = true;
|
||||
@ -23,6 +66,25 @@
|
||||
# Enable grub cryptodisk
|
||||
boot.loader.grub.enableCryptodisk=true;
|
||||
|
||||
# TBD: Does not work. Goes in "nix.conf"?
|
||||
#nix.extraOptions = "
|
||||
# --extra-experimental-features
|
||||
#";
|
||||
|
||||
#############################################################################
|
||||
# General Networking Configuration
|
||||
#############################################################################
|
||||
|
||||
# Enable networking
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
# Open ports in the firewall.
|
||||
# networking.firewall.allowedTCPPorts = [ ... ];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
# Or disable the firewall altogether.
|
||||
# networking.firewall.enable = false;
|
||||
|
||||
# TBD: Should this be here?
|
||||
boot.initrd.luks.devices."luks-39ae7203-d5af-47bf-95f6-b4f0eefebfc6".keyFile = "/crypto_keyfile.bin";
|
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
|
||||
@ -30,8 +92,9 @@
|
||||
# networking.proxy.default = "http://user:password@proxy:port/";
|
||||
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||
|
||||
# Enable networking
|
||||
networking.networkmanager.enable = true;
|
||||
#############################################################################
|
||||
# Locale
|
||||
#############################################################################
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "America/Phoenix";
|
||||
@ -51,6 +114,25 @@
|
||||
LC_TIME = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
#############################################################################
|
||||
# User Setup
|
||||
#############################################################################
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
users.users.ling = {
|
||||
isNormalUser = true;
|
||||
description = "Hyperling";
|
||||
extraGroups = [ "networkmanager" "wheel" "sudo" "mlocate" "docker" ];
|
||||
#packages = with pkgs; [
|
||||
# #firefox
|
||||
# #thunderbird
|
||||
#];
|
||||
};
|
||||
|
||||
#############################################################################
|
||||
# Desktop Environment
|
||||
#############################################################################
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
services.xserver.enable = true;
|
||||
|
||||
@ -58,6 +140,83 @@
|
||||
services.xserver.displayManager.gdm.enable = true;
|
||||
services.xserver.desktopManager.gnome.enable = true;
|
||||
|
||||
# Remove the GNOME default packages.
|
||||
#services.gnome.core-utilities.enable = false;
|
||||
|
||||
###
|
||||
# GSettings, DConf type stuff.
|
||||
##
|
||||
# https://nixos.wiki/wiki/GNOME
|
||||
#services.xserver.desktopManager.gnome = {
|
||||
# extraGSettingsOverrides = ''
|
||||
# # Favorite apps in gnome-shell
|
||||
# [org.gnome.shell]
|
||||
# favorite-apps= \
|
||||
# [ 'org.gnome.Terminal.desktop', 'gnome-system-monitor.desktop' \
|
||||
# , 'org.gnome.Nautilus.desktop' \
|
||||
# , 'librewolf.desktop', 'firefox.desktop' \
|
||||
# , 'org.gnome.Evolution.desktop', 'deltachat.desktop' \
|
||||
# , 'codium.desktop' \
|
||||
# , 'org.shotcut.Shotcut.desktop', 'lbry.desktop' \
|
||||
# , 'android-studio.desktop' \
|
||||
# , 'signal-desktop.desktop' \
|
||||
# ]
|
||||
#
|
||||
# # TBD Need to finish figuring out how to load these.
|
||||
# [org.gnome.shell.extensions.dash-to-dock]
|
||||
# dock-position='LEFT'
|
||||
# dock-fixed=true
|
||||
# dash-max-icon-size=28
|
||||
# '';
|
||||
#
|
||||
# extraGSettingsOverridePackages = [
|
||||
# pkgs.gnome.gnome-shell # for org.gnome.shell, not sure if it works TBD.
|
||||
# #pkgs.gnomeExtensions.dash-to-dock # TBD Not sure what to do here yet.
|
||||
# ];
|
||||
#};
|
||||
|
||||
# Maybe try this?
|
||||
# https://hoverbear.org/blog/declarative-gnome-configuration-in-nixos/
|
||||
#programs.dconf.enable = true;
|
||||
#dconf.settings = {
|
||||
# "org/gnome/shell/" = {
|
||||
# favorite-apps = [
|
||||
# "org.gnome.Terminal.desktop"
|
||||
# "gnome-system-monitor.desktop"
|
||||
# "org.gnome.Nautilus.desktop"
|
||||
# "librewolf.desktop"
|
||||
# "firefox.desktop"
|
||||
# "org.gnome.Evolution.desktop"
|
||||
# "deltachat.desktop"
|
||||
# "codium.desktop"
|
||||
# "org.shotcut.Shotcut.desktop"
|
||||
# "lbry.desktop"
|
||||
# "android-studio.desktop"
|
||||
# "signal-desktop.desktop"
|
||||
# ];
|
||||
# };
|
||||
#};
|
||||
|
||||
# Or this?
|
||||
# https://rycee.gitlab.io/home-manager/index.html#sec-install-nixos-module
|
||||
# https://rycee.gitlab.io/home-manager/options.html#opt-dconf.settings
|
||||
#programs.dconf.enable = true;
|
||||
#home-manager.users.ling = { pkgs, ... }: {
|
||||
#
|
||||
# home.packages = [ pkgs.atool pkgs.httpie ];
|
||||
#
|
||||
# dconf.settings = {
|
||||
# "/org/gnome/shell/extensions/dash-to-dock" = {
|
||||
# dock-position = "'LEFT'";
|
||||
# dock-fixed = true;
|
||||
# dash-max-icon-size = 24;
|
||||
# };
|
||||
# };
|
||||
#
|
||||
#};
|
||||
|
||||
##
|
||||
|
||||
# Configure keymap in X11
|
||||
services.xserver = {
|
||||
layout = "us";
|
||||
@ -87,25 +246,22 @@
|
||||
# Enable touchpad support (enabled default in most desktopManager).
|
||||
# services.xserver.libinput.enable = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
users.users.ling = {
|
||||
isNormalUser = true;
|
||||
description = "Hyperling";
|
||||
extraGroups = [ "networkmanager" "wheel" "sudo" ];
|
||||
packages = with pkgs; [
|
||||
#firefox
|
||||
#thunderbird
|
||||
];
|
||||
};
|
||||
#############################################################################
|
||||
# Package Management
|
||||
#############################################################################
|
||||
|
||||
# Allow unfree packages
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
###
|
||||
# List packages installed in system profile.
|
||||
##
|
||||
# To search for names, run `nix search wget` or use the website in the header.
|
||||
environment.systemPackages = with pkgs; [
|
||||
###
|
||||
# General
|
||||
ansible
|
||||
##
|
||||
#ansible # try installing under Python then maybe it can use psutil?
|
||||
vim
|
||||
mlocate
|
||||
git
|
||||
@ -115,26 +271,98 @@
|
||||
wget
|
||||
nmap
|
||||
lynis
|
||||
htop
|
||||
neofetch
|
||||
cowsay
|
||||
cron
|
||||
zsh
|
||||
|
||||
# Python Setup
|
||||
# Main documentation
|
||||
# https://nixos.org/manual/nixpkgs/stable/#python
|
||||
# See what modules are available, and which Python they are attached to:
|
||||
# ls -l $(find "$(dirname $(which python))/.." -name site-packages)
|
||||
# Looks like 3.10, not 3.11 like was being installed. So annoying!
|
||||
# https://discourse.nixos.org/t/python3-not-importing-modules/22061/2
|
||||
#python3
|
||||
(python3.withPackages(ps: with ps; [
|
||||
pip # Works fine! Can access via `pip` or `python -m pip`.
|
||||
psutil # Not working. Not in path nor `-m`. Maybe not supposed to be, but ansible dconf module still saying "ModuleNotFoundError: No module named 'psutil'" Maybe add to ansible's python somehow?
|
||||
ansible # Nope, not accessible!!! WHAT!!!
|
||||
ansible-core # It's here! Thanks https://pypi.org/project/ansible/, psutil still not available though!!!!!!!!!!!!!
|
||||
]))
|
||||
#python3Packages.pip
|
||||
#python3Packages.psutil # This does not work either, nor any 310 type versions.
|
||||
#python3Packages.ansible # This does not work either, nor any 310 type versions.
|
||||
###
|
||||
|
||||
###
|
||||
# Coding
|
||||
##
|
||||
vscodium
|
||||
android-studio
|
||||
dbeaver
|
||||
bash
|
||||
kotlin
|
||||
nodejs
|
||||
ksh
|
||||
zsh
|
||||
zulu # OpenJDK
|
||||
#zulu8 # OpenJDK 8
|
||||
#python2
|
||||
#python
|
||||
#godot # If using C#
|
||||
godot_4 # If using Godot Script
|
||||
###
|
||||
|
||||
###
|
||||
# Editing
|
||||
##
|
||||
gimp
|
||||
shotcut
|
||||
openshot-qt
|
||||
obs-studio
|
||||
ffmpeg
|
||||
###
|
||||
|
||||
###
|
||||
# Workstation
|
||||
gnomeExtensions.dock-from-dash
|
||||
evolution
|
||||
signal-desktop
|
||||
lbry
|
||||
##
|
||||
gnomeExtensions.dash-to-dock
|
||||
gnome.nautilus
|
||||
gnome.gnome-tweaks
|
||||
gnome.dconf-editor
|
||||
#gnome.gnome-terminal # This does not theme well and is different from Console.
|
||||
gnome.gnome-system-monitor
|
||||
gnome.gedit
|
||||
gnome.geary
|
||||
gnome.evince
|
||||
librewolf
|
||||
firefox
|
||||
htop
|
||||
evolution
|
||||
deltachat-desktop
|
||||
signal-desktop
|
||||
lbry
|
||||
libreoffice
|
||||
vlc
|
||||
remmina
|
||||
imagemagick
|
||||
#etcher # Broken as of 20231013, uses too old a version of Electron.
|
||||
transmission
|
||||
|
||||
# Wallets
|
||||
#exodus # Not being found, 403 error.
|
||||
monero-gui
|
||||
###
|
||||
|
||||
###
|
||||
# Server
|
||||
##
|
||||
# Not needed, prefer setting 'virtualisation.docker.enable'.
|
||||
#docker
|
||||
#docker-buildx
|
||||
#docker-compose
|
||||
###
|
||||
];
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
@ -145,23 +373,40 @@
|
||||
# enableSSHSupport = true;
|
||||
# };
|
||||
|
||||
# List services that you want to enable:
|
||||
## List services that you want to enable ##
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
# services.openssh.enable = true;
|
||||
# Configure the OpenSSH daemon.
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
ports = [
|
||||
22
|
||||
];
|
||||
settings = {
|
||||
PermitRootLogin = "no";
|
||||
AllowTcpForwarding = "no";
|
||||
ClientAliveInterval = 60;
|
||||
ClientAliveCountMax = 2;
|
||||
Compression = "no";
|
||||
LogLevel = "VERBOSE";
|
||||
MaxAuthTries = 3;
|
||||
MaxSessions = 2;
|
||||
TCPKeepAlive = "no";
|
||||
X11Forwarding = false;
|
||||
AllowAgentForwarding = "no";
|
||||
PermitEmptyPasswords = "no";
|
||||
};
|
||||
};
|
||||
|
||||
# Open ports in the firewall.
|
||||
# networking.firewall.allowedTCPPorts = [ ... ];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
# Or disable the firewall altogether.
|
||||
# networking.firewall.enable = false;
|
||||
#############################################################################
|
||||
# Non-System Package Configuration
|
||||
#############################################################################
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
# Be able to use the locate command.
|
||||
services.locate.locate = pkgs.mlocate;
|
||||
services.locate.localuser = null;
|
||||
services.locate.enable = true;
|
||||
|
||||
# Docker
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
}
|
||||
|
35
hardware-configuration.nix.example
Normal file
35
hardware-configuration.nix.example
Normal file
@ -0,0 +1,35 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
networking.hostName = "my-nixos-system"; # Define your hostname.
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/abc-123-456-xyz";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."luks-1337-h4x0r-c00l-3ncrypt10n".device = "/dev/disk/by-uuid/more-alphabet-soup";
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp5s0f1u6u3.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
9
static.nix.example
Normal file
9
static.nix.example
Normal file
@ -0,0 +1,9 @@
|
||||
# File for adding system-specific configurations outside of any project, system,
|
||||
# or ansible maintained files. Any specific recommendations are below.
|
||||
{ config, pkgs, nix, ... }:
|
||||
|
||||
{
|
||||
# This would be a good place to set up your swap file or partition if not
|
||||
# using the Ansible project. It maintains this in ansible.nix, not here.
|
||||
swapDevices = [ { device = "/swapfile"; } ];
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user