diff options
-rw-r--r-- | nixos.org | 448 |
1 files changed, 226 insertions, 222 deletions
diff --git a/nixos.org b/nixos.org index 1255858..1575830 100644 --- a/nixos.org +++ b/nixos.org @@ -10,248 +10,252 @@ later For now this is the way I'm configuring nixos. There is no flakes here, just a configuration.nix and a bunch of other stuff * Prefix - The nixos config is going to consist of a bunch of "imports" which are just a bunch of configs - in the imports part of the main configuration. Then we can put each part of said config on its own source block - This does require a bit of a prefix, that lets us access packages, existing configuration and library functions - #+begin_src nix :tangle configuration.nix :noweb no-export :padline no - { config, lib, pkgs, ... }: - let - sources = import ./nix/sources.nix; - nur = import sources.NUR { inherit pkgs; }; - nurModules = import sources.NUR { }; - in - { - imports = [ - <<nixos-config>> - ]; - } - #+end_src +The nixos config is going to consist of a bunch of "imports" which are just a bunch of configs +in the imports part of the main configuration. Then we can put each part of said config on its own source block +This does require a bit of a prefix, that lets us access packages, existing configuration and library functions +#+begin_src nix :tangle configuration.nix :noweb no-export :padline no + { config, lib, pkgs, ... }: + let + sources = import ./nix/sources.nix; + nur = import sources.NUR { inherit pkgs; }; + nurModules = import sources.NUR { }; + in + { + imports = [ + <<nixos-config>> + ]; + } +#+end_src * Configuration ** Hardware - Normal nixos installation comes with a hardware-configuration file. we are not going to add the contents of that - file here ourself, but instead add it as an external module. This is the only place where we'll do this - #+begin_src nix :noweb-ref nixos-config :tangle no - ./hardware-configuration.nix - #+end_src +Normal nixos installation comes with a hardware-configuration file. we are not going to add the contents of that +file here ourself, but instead add it as an external module. This is the only place where we'll do this +#+begin_src nix :noweb-ref nixos-config :tangle no + ./hardware-configuration.nix +#+end_src ** personal stuff - First, some personal stuff, so that I can tel people my computer is mine - #+begin_src nix :noweb-ref nixos-config :tangle no - { - options.mainUser = with lib; mkOption { - type = types.str; - default = builtins.getEnv "USER"; - }; - } - #+end_src +First, some personal stuff, so that I can tel people my computer is mine +#+begin_src nix :noweb-ref nixos-config :tangle no + { + options.mainUser = with lib; mkOption { + type = types.str; + default = builtins.getEnv "USER"; + }; + } +#+end_src - and then the actual info: - #+begin_src nix :noweb-ref nixos-config :tangle no - { - mainUser = "erik"; - networking.hostName = "RACEMONSTER"; - time.timeZone = "Europe/Amsterdam"; - } - #+end_src +and then the actual info: +#+begin_src nix :noweb-ref nixos-config :tangle no + { + mainUser = "erik"; + networking.hostName = "RACEMONSTER"; + time.timeZone = "Europe/Amsterdam"; + } +#+end_src ** Main user config - This sets up a (secret) default password for the main user and also sets some default groups - #+begin_src nix :noweb-ref nixos-config :tangle no - { - users.mutableUsers = false; - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.${config.mainUser} = { - initialHashedPassword = "$6$XTH/sALyqg$G.bMWemErh4KGCAjUfT16DL96QMn/4NTmxlw6Z26wUVJn.tagQG.Fzmrz7uPkdiWZbBBFWP36.YA4hw9AcL8Q1"; - isNormalUser = true; - extraGroups = [ "video" "wheel" "NetworkManager" ]; # Enable ‘sudo’ for the user. - # shell = pkgs.nushell; - }; - } - #+end_src +This sets up a (secret) default password for the main user and also sets some default groups +#+begin_src nix :noweb-ref nixos-config :tangle no + { + users.mutableUsers = false; + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.${config.mainUser} = { + initialHashedPassword = "$6$XTH/sALyqg$G.bMWemErh4KGCAjUfT16DL96QMn/4NTmxlw6Z26wUVJn.tagQG.Fzmrz7uPkdiWZbBBFWP36.YA4hw9AcL8Q1"; + isNormalUser = true; + extraGroups = [ "video" "wheel" "NetworkManager" ]; # Enable ‘sudo’ for the user. + # shell = pkgs.nushell; + }; + } +#+end_src ** Init system - nixos is started with systemd-boot, since we don't run any other distros - #+begin_src nix :noweb-ref nixos-config :tangle no - { - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - } - #+end_src +nixos is started with systemd-boot, since we don't run any other distros +#+begin_src nix :noweb-ref nixos-config :tangle no + { + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + } +#+end_src ** nixpkgs setup - not much info here right now. emacs itself now refers to emacsng - #+begin_src nix :noweb-ref nixos-config :tangle no - { - nix.package = pkgs.nixFlakes; - nixpkgs.config.allowUnfree = true; - nixpkgs.overlays = [ - (final: prev: { - emacs = (import sources.emacs-ng).outputs.defaultPackage."x86_64-linux"; - }) - ]; - } - #+end_src +not much info here right now. emacs itself now refers to emacsng +#+begin_src nix :noweb-ref nixos-config :tangle no + { + nix.package = pkgs.nixFlakes; + nixpkgs.config.allowUnfree = true; + nixpkgs.overlays = [ + (final: prev: { + emacs = (import sources.emacs-ng).outputs.defaultPackage."x86_64-linux"; + }) + ]; + } +#+end_src *** cachix - Cachix and other substitute servers allow you to not have to compile things as much as you are supposed to - We will create a small module for cachix before we put in the rest declaratively - #+begin_src nix :noweb-ref nixos-config :tangle no - { - options.nix.cacheAttrs = with lib; mkOption { - type = with types; attrsOf str; - default = {}; +Cachix and other substitute servers allow you to not have to compile things as much as you are supposed to +We will create a small module for cachix before we put in the rest declaratively +#+begin_src nix :noweb-ref nixos-config :tangle no + { + options.nix.cacheAttrs = with lib; mkOption { + type = with types; attrsOf str; + default = {}; - }; - config = with lib; { - nix.binaryCaches = builtins.attrNames config.nix.cacheAttrs; - nix.binaryCachePublicKeys = builtins.attrValues config.nix.cacheAttrs; - }; - } - #+end_src - With the config in hand, we can now quickly and easily declare our substitute servers - #+begin_src nix :noweb-ref nixos-config :tangle no - { - nix.cacheAttrs = { - "https://crazazy.cachix.org" = "crazazy.cachix.org-1:3KaIHK26pkvd5palJH5A4Re1Hn2+GDV+aXYnftMYAm4="; - "https://emacsng.cachix.org" = "emacsng.cachix.org-1:i7wOr4YpdRpWWtShI8bT6V7lOTnPeI7Ho6HaZegFWMI="; - "https://ethancedwards8.cachix.org" = "ethancedwards8.cachix.org-1:YMasjqyFnDreRQ9GXmnPIshT3tYyFHE2lUiNhbyIxOc="; - "https://nix-community.cachix.org" = "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="; - "https://nrdxp.cachix.org" = "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4="; - "https://rycee.cachix.org" = "rycee.cachix.org-1:TiiXyeSk0iRlzlys4c7HiXLkP3idRf20oQ/roEUAh/A="; - }; - } - #+end_src + }; + config = with lib; { + nix.binaryCaches = builtins.attrNames config.nix.cacheAttrs; + nix.binaryCachePublicKeys = builtins.attrValues config.nix.cacheAttrs; + }; + } +#+end_src +With the config in hand, we can now quickly and easily declare our substitute servers +#+begin_src nix :noweb-ref nixos-config :tangle no + { + nix.cacheAttrs = { + "https://crazazy.cachix.org" = "crazazy.cachix.org-1:3KaIHK26pkvd5palJH5A4Re1Hn2+GDV+aXYnftMYAm4="; + "https://emacsng.cachix.org" = "emacsng.cachix.org-1:i7wOr4YpdRpWWtShI8bT6V7lOTnPeI7Ho6HaZegFWMI="; + "https://ethancedwards8.cachix.org" = "ethancedwards8.cachix.org-1:YMasjqyFnDreRQ9GXmnPIshT3tYyFHE2lUiNhbyIxOc="; + "https://nix-community.cachix.org" = "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="; + "https://nrdxp.cachix.org" = "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4="; + "https://rycee.cachix.org" = "rycee.cachix.org-1:TiiXyeSk0iRlzlys4c7HiXLkP3idRf20oQ/roEUAh/A="; + }; + } +#+end_src ** udev binds - I have a bindmount system so that I can easily make binds to persistent directories from my home directory - This should prevent clutter +I have a bindmount system so that I can easily make binds to persistent directories from my home directory +This should prevent clutter *** The config - This part is quite advanced. It makes entries for filesystems and then makes a systemd service to re-assign - generated temporary directories to the owner of the home folder - #+begin_src nix :noweb-ref nixos-config :tangle no - { - options = with lib; { - homeBinds = mkOption { - type = with types; listOf str; - default = [ ]; - description = "Bind mounts in your home folder"; - }; - persistRoot = mkOption { - type = types.str; - default = "/nix/persist"; - }; - }; - config = with lib; mkIf (config.homeBinds != [ ]) { - fileSystems = genAttrs (map (loc: "/home/${config.mainUser}/${loc}") config.homeBinds) - (loc: { - device = "${config.persistRoot}${loc}"; - fsType = "none"; - options = [ "bind" ]; - }); - systemd.services.fix-home-perms = { - wantedBy = [ "multi-user.target" ]; - after = map (loc: "${builtins.replaceStrings ["/"] ["-"] loc}.mount") config.homeBinds; - serviceConfig.Type = "oneshot"; - script = "chown -R ${config.mainUser} /home/${config.mainUser}"; - }; - }; - } - #+end_src +This part is quite advanced. It makes entries for filesystems and then makes a systemd service to re-assign +generated temporary directories to the owner of the home folder +#+begin_src nix :noweb-ref nixos-config :tangle no + { + options = with lib; { + homeBinds = mkOption { + type = with types; listOf str; + default = [ ]; + description = "Bind mounts in your home folder"; + }; + persistRoot = mkOption { + type = types.str; + default = "/nix/persist"; + }; + }; + config = with lib; mkIf (config.homeBinds != [ ]) { + fileSystems = genAttrs (map (loc: "/home/${config.mainUser}/${loc}") config.homeBinds) + (loc: { + device = "${config.persistRoot}${loc}"; + fsType = "none"; + options = [ "bind" ]; + }); + systemd.services.fix-home-perms = { + wantedBy = [ "multi-user.target" ]; + after = map (loc: "${builtins.replaceStrings ["/"] ["-"] loc}.mount") config.homeBinds; + serviceConfig.Type = "oneshot"; + script = "chown -R ${config.mainUser} /home/${config.mainUser}"; + }; + }; + } +#+end_src *** The binds - These are the binds themselves, they change frequently - #+begin_src nix :noweb-ref nixos-config :tangle no - { - homeBinds = [ - ".config/keybase" - ".local/share/Steam" - ".local/share/keybase" - ".mozilla/seamonkey" - ".ssh" - ".wine" - "Desktop" - "Documents" - "Music" - "Videos" - ]; - } - #+end_src +These are the binds themselves, they change frequently +#+begin_src nix :noweb-ref nixos-config :tangle no + { + homeBinds = [ + ".config/keybase" + ".local/share/Steam" + ".local/share/keybase" + ".mozilla/seamonkey" + ".ssh" + ".wine" + "Desktop" + "Documents" + "Music" + "Videos" + ]; + } +#+end_src ** Visual stuff - I don't acutally literally live in the terminal. So we have to implement some xorg and other stuff +I don't acutally literally live in the terminal. So we have to implement some xorg and other stuff *** Basics - Enable printing, sound and a good keyboard, along with x11 itself - #+begin_src nix :noweb-ref nixos-config :tangle no - { - # Enable CUPS to print documents. - services.printing.enable = true; +Enable printing, sound and a good keyboard, along with x11 itself +#+begin_src nix :noweb-ref nixos-config :tangle no + { + # Enable CUPS to print documents. + services.printing.enable = true; - # Enable sound. - sound.enable = true; - hardware.pulseaudio.enable = true; + # Enable sound. + sound.enable = true; + hardware.pulseaudio.enable = true; - # Enable the X11 windowing system. - services.xserver.enable = true; - services.xserver.layout = "us"; - services.xserver.xkbVariant = "altgr-intl"; - services.xserver.xkbOptions = "eurosign:e"; - # touchpad controls - services.xserver.libinput.enable = true; - } - #+end_src + # Enable the X11 windowing system. + services.xserver.enable = true; + services.xserver.layout = "us"; + services.xserver.xkbVariant = "altgr-intl"; + services.xserver.xkbOptions = "eurosign:e"; + # touchpad controls + services.xserver.libinput.enable = true; + } +#+end_src *** XFCE - I have decided to be lazy and not install a fancy window manager or whatever into the system. Thats headache - #+begin_src nix :noweb-ref nixos-config :tangle no - { - services.xserver.displayManager.lightdm.enable = true; - services.xserver.desktopManager.xfce.enable = true; - } - #+end_src +I have decided to be lazy and not install a fancy window manager or whatever into the system. Thats headache +#+begin_src nix :noweb-ref nixos-config :tangle no + { + services.xserver.displayManager.lightdm.enable = true; + services.xserver.desktopManager.xfce.enable = true; + } +#+end_src ** Networking - Some default network settings for my laptop - #+begin_src nix :noweb-ref nixos-config :tangle no - { - networking.networkmanager.enable = true; # Enables wireless support via wpa_supplicant. - networking.useDHCP = false; - networking.interfaces.enp0s31f6.useDHCP = true; - networking.interfaces.wlp1s0.useDHCP = true; - } - #+end_src +Some default network settings for my laptop +#+begin_src nix :noweb-ref nixos-config :tangle no + { + networking.networkmanager.enable = true; # Enables wireless support via wpa_supplicant. + networking.useDHCP = false; + networking.interfaces.enp0s31f6.useDHCP = true; + networking.interfaces.wlp1s0.useDHCP = true; + } +#+end_src ** packages *** Core packages - These are the normal packages that I use for core maintenance - #+begin_src nix :noweb-ref nixos-config :tangle no - { - environment.systemPackages = with pkgs; [ - gitFull - curl - vim - nur.repos.crazazy.seamonkey - (wine.override { wineBuild = "wineWow"; }) - ]; - } - #+end_src +These are the normal packages that I use for core maintenance +#+begin_src nix :noweb-ref nixos-config :tangle no + { + environment.systemPackages = with pkgs; [ + gitFull + curl + vim + nur.repos.crazazy.seamonkey + (wine.override { wineBuild = "wineWow"; }) + ]; + } +#+end_src *** Steam - I like to play videogames sometimes, however steam also requires a little more special attention - #+begin_src nix :noweb-ref nixos-config :tangle no - { - imports = [ - nurModules.repos.crazazy.modules.private.steam-config - ]; - environment.systemPackages = with pkgs; [ - steam - ]; - } - #+end_src +I like to play videogames sometimes, however steam also requires a little more special attention +#+begin_src nix :noweb-ref nixos-config :tangle no + { + imports = [ + nurModules.repos.crazazy.modules.private.steam-config + ]; + environment.systemPackages = with pkgs; [ + steam + ]; + } +#+end_src *** Emacs - Emacs needs to be integrated into the rest of the system. We are going to do that via a emacs daemon - #+begin_src nix :noweb-ref nixos-config :tangle no - { - services.emacs = { - package = import ./emacs.nix; - enable = true; - }; - homeBinds = [ - ".config/emacs" - ]; - } - #+end_src +Emacs needs to be integrated into the rest of the system. We are going to do that via a emacs daemon +#+begin_src nix :noweb-ref nixos-config :tangle no + { + services.emacs = { + package = with pkgs; runCommand "wrapped-emacs" {} '' + mkdir -p $out + cp -r ${import ./emacs.nix} $out + ${makeWrapper}/bin/wrapProgram $out/bin/emacs --set WEBKIT_FORCE_SANDBOX 0 + ''; + enable = true; + }; + homeBinds = [ + ".config/emacs" + ]; + } +#+end_src *** QEMU & frens - I also sometimes run qemu vms. The qemu's manager will be libvirtd, but not sure if I will even use that - #+begin_src nix :noweb-ref nixos-config :tangle no - { - virtualisation.libvirtd.enable = true; - } - #+end_src +I also sometimes run qemu vms. The qemu's manager will be libvirtd, but not sure if I will even use that +#+begin_src nix :noweb-ref nixos-config :tangle no + { + virtualisation.libvirtd.enable = true; + } +#+end_src |