aaron/nixconfig
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
101 Commits 9 Branches 0 Tags
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

0x29a nixos config

My personal nixos configuration files for different environments.

basic system installation

  • The installations presented in this repository are always luks encrypted
  • For simplicity I'm using device labels rather than uuids
  1. the partitioning layout should look somewhat like this after the installation
NAME               MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
nvme0n1            259:0    0 476.9G  0 disk
├─nvme0n1p1        259:1    0     2G  0 part  /boot
└─nvme0n1p2        259:2    0 474.9G  0 part
  └─cryptroot      254:0    0 474.9G  0 crypt
    ├─lvmroot-swap 254:1    0    20G  0 lvm   [SWAP]
    ├─lvmroot-home 254:2    0   250G  0 lvm   /home
    └─lvmroot-root 254:3    0 204.9G  0 lvm   /nix/store
  1. prepare the installation
# format the boot partition
mkfs.fat -F 32 /dev/sda1 -n "nixboot"
# create an encrypted partition
cryptsetup luksFormat -y --label="nixcrypt" /dev/sda2
# open the encrypted partition and map it to /dev/mapper/cryptroot
cryptsetup luksOpen /dev/sda2 cryptroot

# create the physical volume
pvcreate /dev/mapper/cryptroot
# create a volume group inside
vgcreate lvmroot /dev/mapper/cryptroot
# create the swap volume
lvcreate --size 8G lvmroot --name nwap
# if you desire, create a home volume
lvcreate --size 150G lvmroot --name home
# create the root volume
lvcreate -l 100%FREE lvmroot --name root

# format as usual for root partition
mkfs.ext4 -L "nixroot" /dev/mapper/lvmroot-root
# if you previously made the home partition, do it too
mkfs.ext4 -L "nixhome" /dev/mapper/lvmroot-home
# format the swap partition
mkswap -L "nixswap" /dev/mapper/lvmroot-swap

# mount root
mount /dev/disk/by-label/nixroot /mnt
# mount boot
mount --mkdir /dev/sda1 /mnt/boot
# again, if you did the home volume
mount --mkdir /dev/disk/by-label/nixhome /mnt/home
# turn on swap
swapon /dev/disk/by-label/nixswap
  1. prepare nixos
# generate templates and update the hardware-configuration.nix
sudo nixos-generate-config --root /mnt

# add cryptd to the kernelModules
boot.initrd.kernelModules = [ "dm-snapshot" "cryptd" ];

# add file systems using labels
fileSystems."/" =
  { device = "/dev/disk/by-label/nixroot";
    fsType = "ext4";
  };
fileSystems."/boot" =
  { device = "/dev/disk/by-label/nixboot";
    fsType = "vfat";
    options = [ "fmask=0022" "dmask=0022" ];
  };
fileSystems."/home" =
  { device = "/dev/disk/by-label/nixhome";
    fsType = "ext4";
  };
swapDevices =
  [ { device = "/dev/disk/by-label/nixswap"; }
  ];

# point the bootloader to the luks device
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-label/nixcrypt";
  1. install nixos
cd /mnt
sudo nixos-install

how to deploy the inital config

  • Don't forget to install the bootloader, if you changed it since nixos-install
$ sudo nixos-rebuild --install-bootloader switch --flake .#host_name

how to upgrade the system

$ cd /path/to/repo
$ sudo nix flake update
$ sudo nixos-rebuild switch --flake .#host_name
$ sudo nix-collect-garbage

how to use nix-helper

The tool nix-helper is installed by this configuration. It simplifies administrating nixos and adds more output to the rebuild command. It also features a diff after a successful build. The command uses the NH_FLAKE environment variable to be able to run from whatever directory.

Basic commands with a set NH_FLAKE variable are:

$ nh os switch
$ nh os build
$ nh os test
$ nh clean all --keep 5

There is also the option to interface with home-manager by using nh home switchbut this isn't necessary since home-manager is imported as a module in this config.

author

aaron aaron@0x29a.ch

Reference in New Issue View Git Blame Copy Permalink
Description
personal nixos configuration files
automationnixnixos
Readme 217 KiB
Languages
Nix 100%