diff --git a/system/README.md b/system/README.md index 35d4f4d..762bb01 100644 --- a/system/README.md +++ b/system/README.md @@ -2,19 +2,22 @@ A ready-to-run NixOS configuration with opinionated defaults. -The goal of this config is to make it as easy as possible to build a NixOS system for an out-of-the-box experience similar to user-friendly distributions like Ubuntu, Fedora, or Mint. Options are available under the `aux.system` top-level namespace. Where possible, we provided simple boolean (true/false) flags for enabling things like GPU drivers and desktop environments. You can, of course, extend this template however you'd like. +The goal of this config is to make it as easy as possible to build a NixOS system for an out-of-the-box experience similar to user-friendly distributions like Ubuntu, Fedora, or Mint. Nearly all configuration is done by editing `host/configuration.nix`. Where possible, we provided simple boolean (true/false) flags for enabling things like GPU drivers and desktop environments. These options are made available under the `aux.system` namespace. You can, of course, extend this template however you'd like. ## Getting Started -1. Install a fresh copy of NixOS and boot into your new system. -2. Download, copy, or clone this repository onto your new system. -3. Run `nixos-generate-config --show-hardware-config` to generate your system's `hardware-configuration.nix` file. Copy this file into the `host` folder, overwriting the existing `hardware-configuration.nix` file. -4. Edit `flake.nix` and set the following variables: +1. [Install a fresh copy of NixOS and boot into your new system](https://nixos.org/manual/nixos/stable/index.html#ch-installation). +2. Open a terminal and create a new copy of this template by running `nix --extra-experimental-features nix-command --extra-experimental-features flakes flake new -t github:auxolotl/templates#system nixos-config`. +3. Change into the new folder using `cd nixos-config`. +4. Run `nixos-generate-config --show-hardware-config` to generate your system's `hardware-configuration.nix` file. Copy this file into the `host` folder, overwriting the existing `hardware-configuration.nix` file. +5. Edit `flake.nix` and set the following variables: 1. Change `hostName` to the hostname you want to give this system. 2. If your system is running on an architecture other than 64-bit Linux, change `platform` to the architecture that you're using. Details on the various options are documented in `flake.nix`. -4. Edit the `host/configuration.nix` file to suit your needs. This file documents all of the different options available. -5. Run `nixos-rebuild boot --flake .#` and restart. -6. Enjoy your new NixOS system! +6. Edit the `host/configuration.nix` file to suit your needs. This file documents all of the different options available. In most cases, you can enable an option by changing `false` to `true`. + 1. Change the `username` variable. If you installed NixOS using the standard install medium, you can change this to match the username you chose during installation. Otherwise, it will create a new user account. + 2. If you're creating a new user account, don't forget to set its password by running `sudo passwd `. +7. Run `sudo nixos-rebuild boot --flake .#` and restart. +8. Enjoy your new NixOS system! ## Additional options @@ -38,11 +41,11 @@ For users with a hybrid Nvidia GPU setup (e.g. laptop users), there's some addit ### Secure Boot support -This configuration supports [Secure Boot](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot) systems, but with some additional setup required. Secure Boot is a UEFI standard meant to prevent the pre-boot process by requiring boot images to be signed by a trusted authority. The goal is to prevent tampering, e.g. by a malicious third-party replacing your kernel image with a compromised image. In NixOS, Secure Boot support is provided by the [Lanzaboote](https://github.com/nix-community/lanzaboote) project. +This configuration supports [Secure Boot](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot) systems, but with some additional setup required. Secure Boot is a UEFI standard meant to prevent tampering with the pre-boot process, e.g. by a malicious third-party replacing your kernel image with a compromised image. In NixOS, Secure Boot support is provided by the [Lanzaboote](https://github.com/nix-community/lanzaboote) project. To enable Secure Boot support: -1. Install NixOS using the default `systemd-boot` bootloader, and with Secure Boot disabled via UEFI. To confirm this, run `bootctl status` and look for output similar to the following: +1. Install NixOS using the default `systemd-boot` bootloader, and with Secure Boot disabled via UEFI. To confirm this, run `bootctl status` on a fresh NixOS installation and look for output similar to the following: ```sh $ bootctl status System: diff --git a/system/flake.nix b/system/flake.nix index 72d635b..e4f1db1 100644 --- a/system/flake.nix +++ b/system/flake.nix @@ -1,5 +1,5 @@ { - description = "A system flake with various options for bootstrapping a complete Aux install."; + description = "A system flake with various options for bootstrapping a complete NixOS install."; inputs = { # Flatpak support @@ -46,37 +46,31 @@ aarch64-darwin - M-series Macs. */ platform = "x86_64-linux"; - - baseModules = [ - ./modules/autoimport.nix - home-manager.nixosModules.home-manager - lanzaboote.nixosModules.lanzaboote - nix-flatpak.nixosModules.nix-flatpak - # Set global home-manager settings - { - home-manager = { - /* - When running, Home Manager will use the global package cache. - It will also back up any files that it would otherwise overwrite. - The originals will have the extension ".home-manager_backup". - */ - useGlobalPkgs = true; - useUserPackages = true; - backupFileExtension = "home-manager_backup"; - }; - } - ]; in { nixosConfigurations."${hostName}" = nixpkgs.lib.nixosSystem { specialArgs = { inherit inputs; }; - modules = baseModules ++ [ + modules = [ { networking.hostName = hostName; nixpkgs.hostPlatform = platform; + home-manager = { + /* + When running, Home Manager will use the global package cache. + It will also back up any files that it would otherwise overwrite. + The originals will have the extension ".home-manager_backup". + */ + useGlobalPkgs = true; + useUserPackages = true; + backupFileExtension = "home-manager_backup"; + }; } + ./modules/autoimport.nix + home-manager.nixosModules.home-manager + lanzaboote.nixosModules.lanzaboote + nix-flatpak.nixosModules.nix-flatpak ./host/configuration.nix # NixOS-Hardware diff --git a/system/host/configuration.nix b/system/host/configuration.nix index 78ad617..96f8c6c 100644 --- a/system/host/configuration.nix +++ b/system/host/configuration.nix @@ -10,7 +10,7 @@ let stateVersion = "24.11"; # Set the username for the initial user. - username = "axol"; + username = builtins.abort "Please set your username via the 'username' variable in configuration.nix"; in { imports = [ ./hardware-configuration.nix ]; @@ -22,7 +22,7 @@ in # To see all available timezones, run `timedatectl list-timezones`. time.timeZone = "Europe/Amsterdam"; - # Define your user account(s). Don't forget to set a password with ‘passwd’. + # Define your user account(s). If this user doesn't already have a password, don't forget to set one using `passwd`. users.users.${username} = { isNormalUser = true; extraGroups = [ "wheel" ]; @@ -106,7 +106,7 @@ in # https://buddiesofbudgie.org/ budgie.enable = false; - # Enable the Hyperland desktop environment. + # Enable the Hyprland desktop environment. # https://hyprland.org/ hyprland.enable = false;