nixos

A continuously updated reproducable config for:

• a desktop workstation
• a laptop (Lenovo Thinkpad T450s)
• a mail+calendar+web+DNS server running in AWS (edwardh)
• a raspberry pi cluster

Where everything about my systems is controlled by NixOS in plenty of detail, making for a perfectly-configured install every time, down to the seconds on the clock!

Table of Contents

• Tour
• Desktop Screenshots
• Network Layout
• Want to try it out?
• Installation
• Troubleshooting
• Tasks

Tour

Here is an overview of the most important files and folders in my config:

• modules/nixos is the most most important folder, as it contains the core of my configuration (desktop environment/theming, ssh config, git config, zsh config, etc.) as parts that can be included and reused across systems.
• systems contains the individual configurations for each of my systems, importing some of the modules, and adding some per-device extras.
• flake.nix defines the ssh keys used for login across all of my systems, along with the versions of nixpkgs to use, and the files to use for each machine's config.
• custom-packages contains modified versions of existing programs used by me.
• neovim contains lua-based neovim configuration, modified from @a-h's config.

Desktop Screenshots

Installation

Boot from NixOS installation media

Tip

Using the minimal installation media is recommended, as it is smaller and faster to download. However, you cannot use network manager (nmtui) to setup wireless networking with the minimal image.

Set up internet

Note

If you already have a wired connection, you can skip this step.

sudo systemctl start wpa_supplicant
sudo wpa_cli
> add_network
> set_network 0 ssid "your_ssid_here"
> set_network 0 psk "your_password_here"
> enable_network 0
> save_config
> quit

Partition and format

Caution

This deletes your data, check drive names carefully.

cfdisk /dev/drivename

Now, delete any/all existing partitions on the disk and create two new partitions:

• a 1G "EFI System" partition,
• and a generic "Linux Filesystem" partition to fill the rest of the disk.

First, format the EFI System partition with FAT:

mkfs.fat -F 32 -n boot /dev/drivename1

Then, format the swap partition, giving it the label of 'swap':

mkswap -L swap /dev/drivename2

And finally, format the main Linux Filesystem partition with ext4, giving it the label of 'nixos':

mkfs.ext4 -L nixos /dev/drivename3

These drive labels are used by the system config in fileSystems.nix to avoid hardcoding drive UUIDs.

Mount to edit.

To edit the contents of the disk, it needs to be mounted into a folder. First, mount the main Linux Filesystem:

mount /dev/whatever3 /mnt # Mount root filesystem

Then, mount the boot filesystem:

mkdir -p /mnt/boot
mount /dev/whatever1 /mnt/boot # Mount boot partition

Finally, enable the swap:

swapon /dev/whatever2 # Use the swap partition

First system install.

Generate example configuration as referance.

nixos-generate-config --root ./

Note

Copy unique parts of the autogenerated hardware-configuration.nix to the hardware.nix of the system to ensure compatibilty with hardware.

Download this repo. This is stored in a tmpfs, so it will be lost on reboot.

nix-shell -p git
git clone https://github.com/headblockhead/nixos.git

Warning

Changes made to this copy of the nixos are not saved, so copy changes to the /mnt folder or other means of persistance to avoid pain later.

Build and install. Set a root password, it can be anything as we will disable direct root in a minute.

cd nixos
nixos-install --root /mnt --flake .#HOSTNAME
reboot

Set password and lock root

Use a TTY shell to login as root, then set the user password.

passwd headb

Finally, delete the password for the root user and lock the root account.

sudo passwd -dl root
sudo usermod -L root

Post-installation

GNOME theme for Firefox

source: firefox-gnome-theme

curl -s -o- https://raw.githubusercontent.com/rafaelmardojai/firefox-gnome-theme/master/scripts/install-by-curl.sh | bash

GPG

gpg --card-edit
> fetch
> quit

Gopass

Complete the first half of the setup form, then quit when reaching 'generating new key pair'.

gopass clone git@github.com:headblockhead/gopass

Troubleshooting

Missing boot option

Try re-installing the bootloader from installation media. Or move EFI files to generic locations for old BIOSes:

mv /boot/EFI/NixOS-boot /boot/EFI/boot
mv /boot/EFI/boot/grubx64.efi /boot/EFI/boot/bootx64.efi

No display output after GRUB

Try adding nomodeset to the kernel parameters in GRUB.

Tasks

nixos

Switch to the new nixos configuration.

sudo nixos-rebuild switch --flake .#

test-deploy

Deploy the nixos configurations to all machines, without setting the boot-default.

nixos-rebuild test --target-host rpi4-01 --sudo --no-reexec --flake .#rpi4-01
nixos-rebuild test --target-host rpi4-02 --sudo --no-reexec --flake .#rpi4-02
# nixos-rebuild test --target-host rpi5-01 --sudo --no-reexec --flake .#rpi5-01
nixos-rebuild test --target-host rpi5-02 --sudo --no-reexec --flake .#rpi5-02
nixos-rebuild test --target-host rpi5-03 --sudo --no-reexec --flake .#rpi5-03
nixos-rebuild test --target-host edwardh.dev --sudo --no-reexec --flake .#edwardh

rollout

Deploy the nixos configurations to all machines, setting the boot-default.

nixos-rebuild switch --target-host rpi4-01 --sudo --no-reexec --flake .#rpi4-01
nixos-rebuild switch --target-host rpi4-02 --sudo --no-reexec --flake .#rpi4-02
# nixos-rebuild switch --target-host rpi5-01 --sudo --no-reexec --flake .#rpi5-01
nixos-rebuild switch --target-host rpi5-02 --sudo --no-reexec --flake .#rpi5-02
nixos-rebuild switch --target-host rpi5-03 --sudo --no-reexec --flake .#rpi5-03
nixos-rebuild switch --target-host edwardh.dev --sudo --no-reexec --flake .#edwardh