Skip to content

Ekhorn/nix_config

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

134 Commits
.archive
.archive
 
 
.config/nvim
.config/nvim
 
 
anywhere
anywhere
 
 
hosts
hosts
 
 
modules
modules
 
 
overlays
overlays
 
 
patches
patches
 
 
shells
shells
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
flake.lock
flake.lock
 
 
flake.nix
flake.nix
 
 

Repository files navigation

Nix Configuration

Minimal Installation

Based on https://nixos.org/manual/nixos/stable/#sec-installation-manual

sudo -i
Configure wifi 
sudo systemctl start wpa_supplicant
wpa_cli
0
set_network 0 ssid "network"
OK
set_network 0 psk "password"
OK
enable_network 0
OK
quit

UEFI (GPT)

parted /dev/disk1 -- mklabel gpt
parted /dev/disk1 -- mkpart root ext4 512MB -8GB
parted /dev/disk1 -- mkpart swap linux-swap -8GB 100%
parted /dev/disk1 -- mkpart ESP fat32 1MB 512MB
parted /dev/disk1 -- set 3 esp on

(Optional) LUKS Setup

cryptsetup luksFormat /dev/disk1part1
cryptsetup luksOpen /dev/disk1part1 crypted
mkfs.ext4 /dev/mapper/crypted

Formatting

mkfs.ext4 -L nixos /dev/disk1part1 # Skip when using LUKS
mkswap -L swap /dev/disk1part2
mkfs.fat -F 32 -n boot /dev/disk1part3

Installing

mount /dev/disk/by-label/nixos /mnt # No LUKS
mount /dev/mapper/crypted /mnt # LUKS
mkdir -p /mnt/boot
mount -o umask=077 /dev/disk/by-label/boot /mnt/boot
swapon /dev/disk1part2
nixos-generate-config --root /mnt

Configure hostname, enable networking.networkmanager.enable, set user with package git and save.

nano /mnt/etc/nixos/configuration.nix

Install nixos

nixos-install

Set user password and reboot.

nixos-enter --root /mnt -c 'passwd user'
reboot

Setup

Assuming the repo is cloned (use nmtui for wifi).

cd develop/nix_config

Copy the hardware configuration to the host directory.

cp /etc/nixos/hardware-configuration.nix hosts/my-host

Wipe the old nixos configuration.

sudo rm -rf /etc/nixos/*

Symlink new configuration.

sudo ln -s $(pwd)/flake.nix /etc/nixos/flake.nix

Lastly, rebuild the nixos configuration and reboot.

sudo nixos-rebuild switch .#my-host
reboot

Post-install Secrets Configuration

Update password manager.

unison
keepassxc ~/Desktop/$USER.kdbx

Create and add new ssh key.

ssh-keygen
cat ~/.ssh/id_*.pub >> modules/nixos/authorized_keys
git commit -m "conf: add authorized public key" --no-gpg-sign

Then copy GPG from other system, you may need to reboot the system.

ssh other@hostname 'gpg --export-secret-keys -a "$(gpg -K | rg -o "[A-F0-9]{40}")"' | gpg --import
gpg --edit-key "$(gpg -K | rg -o "[A-F0-9]{40}")"
seahorse

Mounting drives

List drives

lsblk -f -o NAME,UUID,FSTYPE,SIZE

Set drive to mount

nvim hosts/new-host/hardware-configuration.nix
fileSystems."/mnt/hdd" =
  { device = "/dev/disk/by-uuid/uuid";
    fsType = "ext4";
  };

Troubleshooting

Zed editor Java JDTLS oneshot error

rm -r /tmp/jdtls-*
Figured out through 
strace -f -o trace.log zeditor --foreground .
cat trace.log | rg jdtls

NixOS Anywhere

nix run github:nix-community/nixos-anywhere -- \
  --generate-hardware-config nixos-generate-config ./<configuration-name>/hardware-configuration.nix --no-substitute-on-destination \
  --flake .#<configuration-name> root@<ip address>
ssh user@<ip address>
ssh root@<ip address>
passwd user
  services.openssh = {
    enable = true;
    ports = [ 22 ];
    settings = {
      # PasswordAuthentication = false;
      # PermitRootLogin = "no";
      # UsePAM = false;
      # KbdInteractiveAuthentication = false;
    };
  };
nixos-rebuild --target-host user@ip-address --use-remote-sudo switch --flake .#<configuration-name>

VMs

Resize disk

Host

sudo qemu-img resize /path/to/qemu/<vm-name>.qcow2 +10G

Guest

lsblk
sudo parted /dev/vda
> print
> resizepart 1 10GB
> quit
sudo resize2fs /dev/vda1
df -h

Troubleshooting

After updating firmware

Error: Unable to find 'efi' firmware that is compatible with the current version

Update the firmware path in the VM configuration.

Find paths 
fd secure-code /nix/store/
/nix/store/ddf1vssb23g4jbdivhfgwi0iaimpz7my-qemu-9.1.3/share/qemu/edk2-x86_64-secure-code.fd
/nix/store/ddf1vssb23g4jbdivhfgwi0iaimpz7my-qemu-9.1.3/share/qemu/edk2-i386-secure-code.fd
/nix/store/sq4s9m7n5nj6asjddbbr46wnxp42sxrg-qemu-9.1.2/share/qemu/edk2-x86_64-secure-code.fd
/nix/store/sq4s9m7n5nj6asjddbbr46wnxp42sxrg-qemu-9.1.2/share/qemu/edk2-i386-secure-code.fd
fd vars.fd /nix/store
/nix/store/ddf1vssb23g4jbdivhfgwi0iaimpz7my-qemu-9.1.3/share/qemu/edk2-arm-vars.fd
/nix/store/ddf1vssb23g4jbdivhfgwi0iaimpz7my-qemu-9.1.3/share/qemu/edk2-riscv-vars.fd
/nix/store/ddf1vssb23g4jbdivhfgwi0iaimpz7my-qemu-9.1.3/share/qemu/edk2-i386-vars.fd
/nix/store/sq4s9m7n5nj6asjddbbr46wnxp42sxrg-qemu-9.1.2/share/qemu/edk2-arm-vars.fd
/nix/store/sq4s9m7n5nj6asjddbbr46wnxp42sxrg-qemu-9.1.2/share/qemu/edk2-riscv-vars.fd
/nix/store/sq4s9m7n5nj6asjddbbr46wnxp42sxrg-qemu-9.1.2/share/qemu/edk2-i386-vars.fd

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages