diff options
-rw-r--r-- | nixos.org | 453 |
1 files changed, 223 insertions, 230 deletions
diff --git a/nixos.org b/nixos.org index 1575830..5495401 100644 --- a/nixos.org +++ b/nixos.org @@ -3,259 +3,252 @@ #+HTML_HEAD: <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/latex.css@1.6.0/style.min.css" integrity="sha256-Ncz7wrwMhIHPJupOT4BWvsCDbduC61SmpMasJCmvPB8=" crossorigin="anonymous"> #+HTML_HEAD:<style>body { max-width : 120ch; }</style> #+OPTIONS: ^:nil p:t - -This is the nixos config. Right now it is a bit of a hack because I don't have a [[https://github.com/rasendubi/dotfiles#patch-ob-tangle][ob-tangle patch]] but that can come -later - For now this is the way I'm configuring nixos. There is no flakes here, just a configuration.nix and a bunch of other stuff * Prefix -The nixos config is going to consist of a bunch of "imports" which are just a bunch of configs -in the imports part of the main configuration. Then we can put each part of said config on its own source block -This does require a bit of a prefix, that lets us access packages, existing configuration and library functions -#+begin_src nix :tangle configuration.nix :noweb no-export :padline no - { config, lib, pkgs, ... }: - let - sources = import ./nix/sources.nix; - nur = import sources.NUR { inherit pkgs; }; - nurModules = import sources.NUR { }; - in - { - imports = [ - <<nixos-config>> - ]; - } -#+end_src + The nixos config is going to consist of a bunch of "imports" which are just a bunch of configs + in the imports part of the main configuration. Then we can put each part of said config on its own source block + This does require a bit of a prefix, that lets us access packages, existing configuration and library functions + #+begin_src nix :tangle configuration.nix :noweb no-export :padline no + { config, lib, pkgs, ... }: + let + sources = import ./nix/sources.nix; + nur = import sources.NUR { inherit pkgs; }; + nurModules = import sources.NUR { }; + in + { + imports = [ + <<nixos-config>> + ]; + } + #+end_src * Configuration ** Hardware -Normal nixos installation comes with a hardware-configuration file. we are not going to add the contents of that -file here ourself, but instead add it as an external module. This is the only place where we'll do this -#+begin_src nix :noweb-ref nixos-config :tangle no - ./hardware-configuration.nix -#+end_src + Normal nixos installation comes with a hardware-configuration file. we are not going to add the contents of that + file here ourself, but instead add it as an external module. This is the only place where we'll do this + #+begin_src nix :noweb-ref nixos-config :tangle no + ./hardware-configuration.nix + #+end_src ** personal stuff -First, some personal stuff, so that I can tel people my computer is mine -#+begin_src nix :noweb-ref nixos-config :tangle no - { - options.mainUser = with lib; mkOption { - type = types.str; - default = builtins.getEnv "USER"; - }; - } -#+end_src + First, some personal stuff, so that I can tel people my computer is mine + #+begin_src nix :noweb-ref nixos-config :tangle no + { + options.mainUser = with lib; mkOption { + type = types.str; + default = builtins.getEnv "USER"; + }; + } + #+end_src -and then the actual info: -#+begin_src nix :noweb-ref nixos-config :tangle no - { - mainUser = "erik"; - networking.hostName = "RACEMONSTER"; - time.timeZone = "Europe/Amsterdam"; - } -#+end_src + and then the actual info: + #+begin_src nix :noweb-ref nixos-config :tangle no + { + mainUser = "erik"; + networking.hostName = "RACEMONSTER"; + time.timeZone = "Europe/Amsterdam"; + } + #+end_src ** Main user config -This sets up a (secret) default password for the main user and also sets some default groups -#+begin_src nix :noweb-ref nixos-config :tangle no - { - users.mutableUsers = false; - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.${config.mainUser} = { - initialHashedPassword = "$6$XTH/sALyqg$G.bMWemErh4KGCAjUfT16DL96QMn/4NTmxlw6Z26wUVJn.tagQG.Fzmrz7uPkdiWZbBBFWP36.YA4hw9AcL8Q1"; - isNormalUser = true; - extraGroups = [ "video" "wheel" "NetworkManager" ]; # Enable ‘sudo’ for the user. - # shell = pkgs.nushell; - }; - } -#+end_src + This sets up a (secret) default password for the main user and also sets some default groups + #+begin_src nix :noweb-ref nixos-config :tangle no + { + users.mutableUsers = false; + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.${config.mainUser} = { + initialHashedPassword = "$6$XTH/sALyqg$G.bMWemErh4KGCAjUfT16DL96QMn/4NTmxlw6Z26wUVJn.tagQG.Fzmrz7uPkdiWZbBBFWP36.YA4hw9AcL8Q1"; + isNormalUser = true; + extraGroups = [ "video" "wheel" "NetworkManager" ]; # Enable ‘sudo’ for the user. + # shell = pkgs.nushell; + }; + } + #+end_src ** Init system -nixos is started with systemd-boot, since we don't run any other distros -#+begin_src nix :noweb-ref nixos-config :tangle no - { - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - } -#+end_src + nixos is started with systemd-boot, since we don't run any other distros + #+begin_src nix :noweb-ref nixos-config :tangle no + { + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + } + #+end_src ** nixpkgs setup -not much info here right now. emacs itself now refers to emacsng -#+begin_src nix :noweb-ref nixos-config :tangle no - { - nix.package = pkgs.nixFlakes; - nixpkgs.config.allowUnfree = true; - nixpkgs.overlays = [ - (final: prev: { - emacs = (import sources.emacs-ng).outputs.defaultPackage."x86_64-linux"; - }) - ]; - } -#+end_src + not much info here right now. emacs itself now refers to emacsng + #+begin_src nix :noweb-ref nixos-config :tangle no + { + nix.package = pkgs.nixFlakes; + nixpkgs.config.allowUnfree = true; + nixpkgs.overlays = [ + (final: prev: { + emacs = (import sources.emacs-ng).outputs.defaultPackage."x86_64-linux"; + emacsWithPackages = final.emacs.pkgs.withPackages; + }) + ]; + } + #+end_src *** cachix -Cachix and other substitute servers allow you to not have to compile things as much as you are supposed to -We will create a small module for cachix before we put in the rest declaratively -#+begin_src nix :noweb-ref nixos-config :tangle no - { - options.nix.cacheAttrs = with lib; mkOption { - type = with types; attrsOf str; - default = {}; + Cachix and other substitute servers allow you to not have to compile things as much as you are supposed to + We will create a small module for cachix before we put in the rest declaratively + #+begin_src nix :noweb-ref nixos-config :tangle no + { + options.nix.cacheAttrs = with lib; mkOption { + type = with types; attrsOf str; + default = {}; - }; - config = with lib; { - nix.binaryCaches = builtins.attrNames config.nix.cacheAttrs; - nix.binaryCachePublicKeys = builtins.attrValues config.nix.cacheAttrs; - }; - } -#+end_src -With the config in hand, we can now quickly and easily declare our substitute servers -#+begin_src nix :noweb-ref nixos-config :tangle no - { - nix.cacheAttrs = { - "https://crazazy.cachix.org" = "crazazy.cachix.org-1:3KaIHK26pkvd5palJH5A4Re1Hn2+GDV+aXYnftMYAm4="; - "https://emacsng.cachix.org" = "emacsng.cachix.org-1:i7wOr4YpdRpWWtShI8bT6V7lOTnPeI7Ho6HaZegFWMI="; - "https://ethancedwards8.cachix.org" = "ethancedwards8.cachix.org-1:YMasjqyFnDreRQ9GXmnPIshT3tYyFHE2lUiNhbyIxOc="; - "https://nix-community.cachix.org" = "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="; - "https://nrdxp.cachix.org" = "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4="; - "https://rycee.cachix.org" = "rycee.cachix.org-1:TiiXyeSk0iRlzlys4c7HiXLkP3idRf20oQ/roEUAh/A="; - }; - } -#+end_src + }; + config = with lib; { + nix.binaryCaches = builtins.attrNames config.nix.cacheAttrs; + nix.binaryCachePublicKeys = builtins.attrValues config.nix.cacheAttrs; + }; + } + #+end_src + With the config in hand, we can now quickly and easily declare our substitute servers + #+begin_src nix :noweb-ref nixos-config :tangle no + { + nix.cacheAttrs = { + "https://crazazy.cachix.org" = "crazazy.cachix.org-1:3KaIHK26pkvd5palJH5A4Re1Hn2+GDV+aXYnftMYAm4="; + "https://emacsng.cachix.org" = "emacsng.cachix.org-1:i7wOr4YpdRpWWtShI8bT6V7lOTnPeI7Ho6HaZegFWMI="; + "https://ethancedwards8.cachix.org" = "ethancedwards8.cachix.org-1:YMasjqyFnDreRQ9GXmnPIshT3tYyFHE2lUiNhbyIxOc="; + "https://nix-community.cachix.org" = "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="; + "https://nrdxp.cachix.org" = "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4="; + "https://rycee.cachix.org" = "rycee.cachix.org-1:TiiXyeSk0iRlzlys4c7HiXLkP3idRf20oQ/roEUAh/A="; + }; + } + #+end_src ** udev binds -I have a bindmount system so that I can easily make binds to persistent directories from my home directory -This should prevent clutter + I have a bindmount system so that I can easily make binds to persistent directories from my home directory + This should prevent clutter *** The config -This part is quite advanced. It makes entries for filesystems and then makes a systemd service to re-assign -generated temporary directories to the owner of the home folder -#+begin_src nix :noweb-ref nixos-config :tangle no - { - options = with lib; { - homeBinds = mkOption { - type = with types; listOf str; - default = [ ]; - description = "Bind mounts in your home folder"; - }; - persistRoot = mkOption { - type = types.str; - default = "/nix/persist"; - }; - }; - config = with lib; mkIf (config.homeBinds != [ ]) { - fileSystems = genAttrs (map (loc: "/home/${config.mainUser}/${loc}") config.homeBinds) - (loc: { - device = "${config.persistRoot}${loc}"; - fsType = "none"; - options = [ "bind" ]; - }); - systemd.services.fix-home-perms = { - wantedBy = [ "multi-user.target" ]; - after = map (loc: "${builtins.replaceStrings ["/"] ["-"] loc}.mount") config.homeBinds; - serviceConfig.Type = "oneshot"; - script = "chown -R ${config.mainUser} /home/${config.mainUser}"; - }; - }; - } -#+end_src + This part is quite advanced. It makes entries for filesystems and then makes a systemd service to re-assign + generated temporary directories to the owner of the home folder + #+begin_src nix :noweb-ref nixos-config :tangle no + { + options = with lib; { + homeBinds = mkOption { + type = with types; listOf str; + default = [ ]; + description = "Bind mounts in your home folder"; + }; + persistRoot = mkOption { + type = types.str; + default = "/nix/persist"; + }; + }; + config = with lib; mkIf (config.homeBinds != [ ]) { + fileSystems = genAttrs (map (loc: "/home/${config.mainUser}/${loc}") config.homeBinds) + (loc: { + device = "${config.persistRoot}${loc}"; + fsType = "none"; + options = [ "bind" ]; + }); + systemd.services.fix-home-perms = { + wantedBy = [ "multi-user.target" ]; + after = map (loc: "${builtins.replaceStrings ["/"] ["-"] loc}.mount") config.homeBinds; + serviceConfig.Type = "oneshot"; + script = "chown -R ${config.mainUser} /home/${config.mainUser}"; + }; + }; + } + #+end_src *** The binds -These are the binds themselves, they change frequently -#+begin_src nix :noweb-ref nixos-config :tangle no - { - homeBinds = [ - ".config/keybase" - ".local/share/Steam" - ".local/share/keybase" - ".mozilla/seamonkey" - ".ssh" - ".wine" - "Desktop" - "Documents" - "Music" - "Videos" - ]; - } -#+end_src + These are the binds themselves, they change frequently + #+begin_src nix :noweb-ref nixos-config :tangle no + { + homeBinds = [ + ".config/keybase" + ".local/share/Steam" + ".local/share/keybase" + ".mozilla/seamonkey" + ".ssh" + ".wine" + "Desktop" + "Documents" + "Music" + "Videos" + ]; + } + #+end_src ** Visual stuff -I don't acutally literally live in the terminal. So we have to implement some xorg and other stuff + I don't acutally literally live in the terminal. So we have to implement some xorg and other stuff *** Basics -Enable printing, sound and a good keyboard, along with x11 itself -#+begin_src nix :noweb-ref nixos-config :tangle no - { - # Enable CUPS to print documents. - services.printing.enable = true; + Enable printing, sound and a good keyboard, along with x11 itself + #+begin_src nix :noweb-ref nixos-config :tangle no + { + # Enable CUPS to print documents. + services.printing.enable = true; - # Enable sound. - sound.enable = true; - hardware.pulseaudio.enable = true; + # Enable sound. + sound.enable = true; + hardware.pulseaudio.enable = true; - # Enable the X11 windowing system. - services.xserver.enable = true; - services.xserver.layout = "us"; - services.xserver.xkbVariant = "altgr-intl"; - services.xserver.xkbOptions = "eurosign:e"; - # touchpad controls - services.xserver.libinput.enable = true; - } -#+end_src + # Enable the X11 windowing system. + services.xserver.enable = true; + services.xserver.layout = "us"; + services.xserver.xkbVariant = "altgr-intl"; + services.xserver.xkbOptions = "eurosign:e"; + # touchpad controls + services.xserver.libinput.enable = true; + } + #+end_src *** XFCE -I have decided to be lazy and not install a fancy window manager or whatever into the system. Thats headache -#+begin_src nix :noweb-ref nixos-config :tangle no - { - services.xserver.displayManager.lightdm.enable = true; - services.xserver.desktopManager.xfce.enable = true; - } -#+end_src + I have decided to be lazy and not install a fancy window manager or whatever into the system. Thats headache + #+begin_src nix :noweb-ref nixos-config :tangle no + { + services.xserver.displayManager.lightdm.enable = true; + services.xserver.desktopManager.xfce.enable = true; + } + #+end_src ** Networking -Some default network settings for my laptop -#+begin_src nix :noweb-ref nixos-config :tangle no - { - networking.networkmanager.enable = true; # Enables wireless support via wpa_supplicant. - networking.useDHCP = false; - networking.interfaces.enp0s31f6.useDHCP = true; - networking.interfaces.wlp1s0.useDHCP = true; - } -#+end_src + Some default network settings for my laptop + #+begin_src nix :noweb-ref nixos-config :tangle no + { + networking.networkmanager.enable = true; # Enables wireless support via wpa_supplicant. + networking.useDHCP = false; + networking.interfaces.enp0s31f6.useDHCP = true; + networking.interfaces.wlp1s0.useDHCP = true; + } + #+end_src ** packages *** Core packages -These are the normal packages that I use for core maintenance -#+begin_src nix :noweb-ref nixos-config :tangle no - { - environment.systemPackages = with pkgs; [ - gitFull - curl - vim - nur.repos.crazazy.seamonkey - (wine.override { wineBuild = "wineWow"; }) - ]; - } -#+end_src + These are the normal packages that I use for core maintenance + #+begin_src nix :noweb-ref nixos-config :tangle no + { + environment.systemPackages = with pkgs; [ + gitFull + curl + vim + nur.repos.crazazy.seamonkey + (wine.override { wineBuild = "wineWow"; }) + ]; + } + #+end_src *** Steam -I like to play videogames sometimes, however steam also requires a little more special attention -#+begin_src nix :noweb-ref nixos-config :tangle no - { - imports = [ - nurModules.repos.crazazy.modules.private.steam-config - ]; - environment.systemPackages = with pkgs; [ - steam - ]; - } -#+end_src + I like to play videogames sometimes, however steam also requires a little more special attention + #+begin_src nix :noweb-ref nixos-config :tangle no + { + imports = [ + nurModules.repos.crazazy.modules.private.steam-config + ]; + environment.systemPackages = with pkgs; [ + steam + ]; + } + #+end_src *** Emacs -Emacs needs to be integrated into the rest of the system. We are going to do that via a emacs daemon -#+begin_src nix :noweb-ref nixos-config :tangle no - { - services.emacs = { - package = with pkgs; runCommand "wrapped-emacs" {} '' - mkdir -p $out - cp -r ${import ./emacs.nix} $out - ${makeWrapper}/bin/wrapProgram $out/bin/emacs --set WEBKIT_FORCE_SANDBOX 0 - ''; - enable = true; - }; - homeBinds = [ - ".config/emacs" - ]; - } -#+end_src + Emacs needs to be integrated into the rest of the system. We are going to do that via a emacs daemon + #+begin_src nix :noweb-ref nixos-config :tangle no + { + services.emacs = { + # package = import ./emacs.nix; + enable = true; + }; + homeBinds = [ + ".config/emacs" + ]; + } + #+end_src *** QEMU & frens -I also sometimes run qemu vms. The qemu's manager will be libvirtd, but not sure if I will even use that -#+begin_src nix :noweb-ref nixos-config :tangle no - { - virtualisation.libvirtd.enable = true; - } -#+end_src + I also sometimes run qemu vms. The qemu's manager will be libvirtd, but not sure if I will even use that + #+begin_src nix :noweb-ref nixos-config :tangle no + { + virtualisation.libvirtd.enable = true; + } + #+end_src |