Initial working commit for new user system templates
Some checks are pending
Code Check / Run nixfmt and statix (push) Waiting to run

This commit is contained in:
Andre 2024-06-13 10:00:35 -04:00
parent 821048587f
commit 27ddb4119d
15 changed files with 511 additions and 143 deletions

View file

@ -2,15 +2,15 @@
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1714562304,
"narHash": "sha256-Mr3U37Rh6tH0FbaDFu0aZDwk9mPAe7ASaqDOGgLqqLU=",
"owner": "auxolotl",
"lastModified": 1718149104,
"narHash": "sha256-Ds1QpobBX2yoUDx9ZruqVGJ/uQPgcXoYuobBguyKEh8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "bcd44e224fd68ce7d269b4f44d24c2220fd821e7",
"rev": "e913ae340076bbb73d9f4d3d065c2bca7caafb16",
"type": "github"
},
"original": {
"owner": "auxolotl",
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"

12
system/README.md Normal file
View file

@ -0,0 +1,12 @@
# Auxolotl System Template
A (nearly) complete and ready-to-run NixOS template.
## Getting Started
1. Install a fresh copy of NixOS and boot into your new system.
2. Run [command] to generate your system's `hardware-configuration.nix` file.
3. Copy `hardware-configuration.nix` into the `hosts/myHost` folder.
4. Edit the `hosts/myHost/configuration.nix` file to suit your needs. This file is fully documented with all of the different options available in this template.
5. Run `nixos-rebuild boot --flake .` and restart.
6. Enjoy your new NixOS system!

View file

@ -1,126 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkb.options in tty.
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# hardware.pulseaudio.enable = true;
# OR
# services.pipewire = {
# enable = true;
# pulse.enable = true;
# };
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.users.axol = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
packages = with pkgs; [ firefox ];
};
# List packages installed in system profile. To search, run:
# $ nix search wget
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This option allows you to use some features (flakes and the new Nix CLI) which have not yet been stabilized.
# Although they aren't yet stabilized, many Nix users use them and simple workflows are unlikely to break
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nix = {
gc.automatic = true;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
};
system.stateVersion = "24.05"; # Did you read the comment?
}

View file

@ -1,28 +1,58 @@
{
description = "A simple system flake using some Aux defaults";
description = "A system flake with various options for bootstrapping a complete Aux install.";
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
inputs = {
# Import Auxolotl libs
auxlib.url = "https://git.auxolotl.org/auxolotl/labs/archive/main.tar.gz?dir=lib";
# Import the desired Nixpkgs repo. Defaults to unstable.
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
# SecureBoot support
lanzaboote.url = "github:nix-community/lanzaboote/v0.4.0";
};
outputs =
inputs@{ nixpkgs, ... }:
inputs@{
self,
nixpkgs,
lanzaboote,
auxlib,
...
}:
let
forAllSystems =
function:
nixpkgs.lib.genAttrs [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
] (system: function nixpkgs.legacyPackages.${system});
baseModules = [
./modules/autoimport.nix
lanzaboote.nixosModules.lanzaboote
];
system = "x86_64-linux";
hostName = builtins.abort "You need to fill in your hostName"; # Set this variable equal to your hostName
in
{
nixosConfigurations.${hostName} = nixpkgs.lib.nixosSystem {
modules = [
./configuration.nix
nixosConfigurations."myHost" = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs;
};
system = "x86_64-linux";
modules = baseModules ++ [
./host/configuration.nix
{
networking.hostName = hostName;
nixpkgs.hostPlatform = system;
}
];
};
specialArgs = {
inherit inputs;
};
};
formatter = forAllSystems (pkgs: pkgs.nixfmt-rfc-style);
};
}

View file

@ -1 +0,0 @@
builtins.abort "Please run 'nixos-generate-config --show-hardware-config' and copy the output into hardware-configuration.nix"

View file

@ -0,0 +1,42 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
];
###*** Please set these variables first. ***###
nixpkgs.hostPlatform = "x86_64-linux"; # This assumes this is a standard 64-bit Linux system.
# Set your time zone.
time.timeZone = "Europe/Amsterdam";
# Define a user account. Don't forget to set a password with passwd.
users.users.axol = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
packages = with pkgs; [ ]; # Enter any additional packages specific to this user here.
};
###*** This is where you toggle options. ***###
###*** To enable an option, set its value to "true". ***###
aux = {
editor = "nano"; # Change the default text editor. Options are "emacs", "nano", or "vim".
ui.desktops = {
gnome.enable = false; # Enable the Gnome desktop environment.
kde.enable = false; # Enable the KDE desktop environment.
};
};
# Enable printing via CUPS
services.printing.enable = false;
# Do not change this value!
system.stateVersion = "24.11";
}

View file

@ -0,0 +1,39 @@
#builtins.abort "Please run 'nixos-generate-config --show-hardware-config' and copy the output into hardware-configuration.nix"
# Surface Laptop Go 1st gen
{
config,
lib,
pkgs,
modulesPath,
hostName,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd = {
availableKernelModules = [ ];
kernelModules = [ ];
};
kernelModules = [ ];
extraModulePackages = [ ];
};
fileSystems = {
"/" = {
device = "/dev/sda2";
fsType = "btrfs";
options = [ "subvol=@,compress=zstd,discard" ];
};
"/boot" = {
device = "/dev/sda1";
fsType = "vfat";
};
};
networking.useDHCP = lib.mkDefault true;
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -0,0 +1,27 @@
# Auto-import Nix files in this folder, recursively.
# Sourced from https://github.com/evanjs/nixos_cfg/blob/4bb5b0b84a221b25cf50853c12b9f66f0cad3ea4/config/new-modules/default.nix
{ lib, ... }:
with lib;
let
# Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype
getDir =
dir:
mapAttrs (file: type: if type == "directory" then getDir "${dir}/${file}" else type) (
builtins.readDir dir
);
# Collects all files of a directory as a list of strings of paths
files =
dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir));
# Search all files and folders within and below the current directory.
# Filters out files and directories that don't belong, and makes the strings absolute.
validFiles =
dir:
map (file: ./. + "/${file}") (
filter (file: file != "autoimport.nix" && hasSuffix ".nix" file) (files dir)
);
in
{
imports = validFiles ./.;
}

View file

@ -0,0 +1,66 @@
# Configuration options specific to bootloader management.
# SecureBoot is handled via Lanzaboote. See https://github.com/nix-community/lanzaboote
{
config,
lib,
pkgs,
...
}:
# Bootloader
let
cfg = config.aux.bootloader;
in
{
options = {
aux.bootloader = {
enable = lib.mkOption {
description = "Automatically configures the bootloader. Set to false to configure manually.";
type = lib.types.bool;
default = true;
};
secureboot.enable = lib.mkEnableOption (lib.mdDoc "Enables Secureboot support.");
tpm2.enable = lib.mkEnableOption (lib.mdDoc "Enables TPM2 support.");
};
};
config = lib.mkIf cfg.enable (
lib.mkMerge [
(lib.mkIf cfg.secureboot.enable {
boot = {
# Enable Secure Boot
bootspec.enable = true;
# Use Lanzaboote in place of systemd-boot.
loader.systemd-boot.enable = false;
loader.efi.canTouchEfiVariables = true;
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
};
})
# Set up TPM if enabled. See https://nixos.wiki/wiki/TPM
(lib.mkIf (cfg.tpm2.enable) {
# After installing and rebooting, set it up via https://wiki.archlinux.org/title/Systemd-cryptenroll#Trusted_Platform_Module
environment.systemPackages = with pkgs; [ tpm2-tss ];
security.tpm2 = {
enable = true;
pkcs11.enable = true;
tctiEnvironment.enable = true;
};
})
# Use the default systemd-boot bootloader.
(lib.mkIf (!cfg.secureboot.enable) {
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
})
]
);
}

View file

@ -0,0 +1,42 @@
# Basic system-wide text editor configuration.
{
pkgs,
config,
lib,
inputs,
...
}:
let
cfg = config.aux.editor;
in
{
options = {
aux.editor = lib.mkOption {
description = "Selects the default text editor.";
default = "nano";
type = lib.types.enum [
"vim"
"nano"
"emacs"
];
};
};
config = lib.mkMerge [
(lib.mkIf (cfg == "emacs") {
services.emacs = {
enable = true;
defaultEditor = true;
};
})
(lib.mkIf (cfg == "nano") {
programs.nano = {
enable = true;
syntaxHighlight = true;
};
environment.variables."EDITOR" = "nano";
})
(lib.mkIf (cfg == "vim") { programs.vim.defaultEditor = true; })
];
}

View file

@ -0,0 +1,24 @@
# Core Nix configuration
{
pkgs,
config,
lib,
inputs,
...
}:
{
nix = {
# Enable Flakes
settings.experimental-features = [
"nix-command"
"flakes"
];
# Enable periodic nix store optimization
optimise.automatic = true;
# Configure NixOS to use the same software channel as Flakes
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
};
}

View file

@ -0,0 +1,51 @@
# Enables audio support.
{
pkgs,
lib,
config,
...
}:
let
cfg = config.aux.ui.audio;
in
{
options = {
aux.ui.audio = {
enable = lib.mkEnableOption (lib.mdDoc "Enables audio.");
enableLowLatency = lib.mkEnableOption (
lib.mdDoc "Enables low-latency audio (may cause crackling) per https://nixos.wiki/wiki/PipeWire#Low-latency_setup."
);
};
};
config = lib.mkIf cfg.enable {
# Enable sound with pipewire.
sound.enable = true;
security.rtkit.enable = true;
hardware.pulseaudio = {
enable = false;
package = pkgs.pulseaudioFull; # Enable extra audio codecs
};
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
# Reduce audio latency per https://nixos.wiki/wiki/PipeWire#Low-latency_setup
extraConfig.pipewire = lib.mkIf cfg.enableLowLatency {
"92-low-latency.conf" = {
"context.properties" = {
"default.clock.rate" = 48000;
"default.clock.quantum" = 32;
"default.clock.min-quantum" = 32;
"default.clock.max-quantum" = 32;
};
};
};
};
};
}

View file

@ -0,0 +1,50 @@
# Common desktop environment modules
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.ui.desktops;
in
{
options = {
aux.ui.desktops = {
enable = lib.mkEnableOption (lib.mdDoc "Enables base desktop environment support.");
xkb = lib.mkOption {
description = "The keyboard layout to use by default. Defaults to us.";
type = lib.types.attrs;
default = {
layout = "us";
variant = "";
};
};
};
};
config = lib.mkIf cfg.enable {
aux.ui.audio.enable = true;
services = {
# Configure the xserver
xserver = {
# Enable the X11 windowing system.
enable = true;
# Enable touchpad support (enabled by default in most desktop managers, buuuut just in case).
libinput.enable = true;
# Configure keymap in X11
xkb = config.aux.ui.desktops.xkb;
};
};
# Support for AppImage files
programs.appimage = {
enable = true;
binfmt = true;
};
};
}

View file

@ -0,0 +1,72 @@
# Enables the Gnome desktop environment.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.ui.desktops.gnome;
in
{
options = {
aux.ui.desktops.gnome.enable = lib.mkEnableOption (
lib.mdDoc "Enables the Gnome Desktop Environment."
);
};
config = lib.mkIf cfg.enable {
aux.ui.desktops.enable = true;
# Enable Gnome
services.xserver = {
# Remove default packages that came with the install
excludePackages = [ pkgs.xterm ];
desktopManager.gnome.enable = true;
displayManager.gdm.enable = true;
};
environment = {
# Remove extraneous Gnome packages
gnome.excludePackages = with pkgs.gnome; [
gnome-software # Built-in software manager
totem # video player
tali # poker game
iagno # go game
hitori # sudoku game
atomix # puzzle game
];
# Install additional quality-of-life packages
systemPackages = with pkgs; [
gnome.gnome-tweaks # Gnome tweak tool
gnome.gnome-themes-extra # Additional themes
];
# Install GStreamer plugins
# References:
# https://wiki.nixos.org/wiki/GStreamer
# https://github.com/NixOS/nixpkgs/issues/195936
sessionVariables.GST_PLUGIN_SYSTEM_PATH_1_0 = lib.makeSearchPathOutput "lib" "lib/gstreamer-1.0" (
with pkgs.gst_all_1;
[
gstreamer
gst-plugins-base
gst-plugins-good
gst-plugins-bad
gst-plugins-ugly
gst-libav
gst-vaapi
]
);
};
# Gnome UI integration for KDE apps
qt = {
enable = true;
platformTheme = "gnome";
style = "adwaita-dark";
};
};
}

View file

@ -0,0 +1,40 @@
# Enables the KDE desktop environment.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.ui.desktops.kde;
in
{
options = {
aux.ui.desktops.kde = {
enable = lib.mkEnableOption (lib.mdDoc "Enables the KDE Desktop Environment.");
useX11 = lib.mkEnableOption (lib.mdDoc "Uses X11 instead of Wayland.");
};
};
config = lib.mkIf cfg.enable {
aux.ui.desktops.enable = true;
services = {
displayManager.sddm.enable = true;
desktopManager.plasma6.enable = true;
xserver.displayManager = lib.mkIf cfg.useX11 {
defaultSession = "plasmaX11";
sddm.wayland.enable = true;
};
};
# Enable Gnome integration
qt = {
enable = true;
platformTheme = "gnome";
style = "adwaita-dark";
};
};
}