Compare commits

...

2 commits

Author SHA1 Message Date
Andre 94377f7487 feat: Add Lix to new user template
Some checks failed
Code Check / Run nixfmt and statix (push) Waiting to run
Code Check / Run nixfmt and statix (pull_request) Has been cancelled
2024-06-22 12:37:53 -04:00
Andre 10b28d08e9 chore: Cleanup template readme and options 2024-06-22 12:28:34 -04:00
3 changed files with 49 additions and 39 deletions

View file

@ -2,19 +2,22 @@
A ready-to-run NixOS configuration with opinionated defaults.
The goal of this config is to make it as easy as possible to build a NixOS system for an out-of-the-box experience similar to user-friendly distributions like Ubuntu, Fedora, or Mint. Options are available under the `aux.system` top-level namespace. Where possible, we provided simple boolean (true/false) flags for enabling things like GPU drivers and desktop environments. You can, of course, extend this template however you'd like.
The goal of this config is to make it as easy as possible to build a NixOS system for an out-of-the-box experience similar to user-friendly distributions like Ubuntu, Fedora, or Mint. Nearly all configuration is done by editing `host/configuration.nix`. Where possible, we provided simple boolean (true/false) flags for enabling things like GPU drivers and desktop environments. These options are made available under the `aux.system` namespace. You can, of course, extend this template however you'd like.
## Getting Started
1. Install a fresh copy of NixOS and boot into your new system.
2. Download, copy, or clone this repository onto your new system.
3. Run `nixos-generate-config --show-hardware-config` to generate your system's `hardware-configuration.nix` file. Copy this file into the `host` folder, overwriting the existing `hardware-configuration.nix` file.
4. Edit `flake.nix` and set the following variables:
1. [Install a fresh copy of NixOS and boot into your new system](https://nixos.org/manual/nixos/stable/index.html#ch-installation).
2. Open a terminal and create a new copy of this template by running `nix --extra-experimental-features nix-command --extra-experimental-features flakes flake new -t github:auxolotl/templates#system nixos-config`.
3. Change into the new folder using `cd nixos-config`.
4. Run `nixos-generate-config --show-hardware-config` to generate your system's `hardware-configuration.nix` file. Copy this file into the `host` folder, overwriting the existing `hardware-configuration.nix` file.
5. Edit `flake.nix` and set the following variables:
1. Change `hostName` to the hostname you want to give this system.
2. If your system is running on an architecture other than 64-bit Linux, change `platform` to the architecture that you're using. Details on the various options are documented in `flake.nix`.
4. Edit the `host/configuration.nix` file to suit your needs. This file documents all of the different options available.
5. Run `nixos-rebuild boot --flake .#<your hostname>` and restart.
6. Enjoy your new NixOS system!
6. Edit the `host/configuration.nix` file to suit your needs. This file documents all of the different options available. In most cases, you can enable an option by changing `false` to `true`.
1. Change the `username` variable. If you installed NixOS using the standard install medium, you can change this to match the username you chose during installation. Otherwise, it will create a new user account.
2. If you're creating a new user account, don't forget to set its password by running `sudo passwd <username>`.
7. Run `sudo nixos-rebuild boot --flake .#<your hostname>` and restart.
8. Enjoy your new NixOS system!
## Additional options
@ -38,11 +41,11 @@ For users with a hybrid Nvidia GPU setup (e.g. laptop users), there's some addit
### Secure Boot support
This configuration supports [Secure Boot](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot) systems, but with some additional setup required. Secure Boot is a UEFI standard meant to prevent the pre-boot process by requiring boot images to be signed by a trusted authority. The goal is to prevent tampering, e.g. by a malicious third-party replacing your kernel image with a compromised image. In NixOS, Secure Boot support is provided by the [Lanzaboote](https://github.com/nix-community/lanzaboote) project.
This configuration supports [Secure Boot](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot) systems, but with some additional setup required. Secure Boot is a UEFI standard meant to prevent tampering with the pre-boot process, e.g. by a malicious third-party replacing your kernel image with a compromised image. In NixOS, Secure Boot support is provided by the [Lanzaboote](https://github.com/nix-community/lanzaboote) project.
To enable Secure Boot support:
1. Install NixOS using the default `systemd-boot` bootloader, and with Secure Boot disabled via UEFI. To confirm this, run `bootctl status` and look for output similar to the following:
1. Install NixOS using the default `systemd-boot` bootloader, and with Secure Boot disabled via UEFI. To confirm this, run `bootctl status` on a fresh NixOS installation and look for output similar to the following:
```sh
$ bootctl status
System:

View file

@ -1,20 +1,31 @@
{
description = "A system flake with various options for bootstrapping a complete Aux install.";
description = "A system flake with various options for bootstrapping a complete NixOS install.";
inputs = {
# Import the desired Nix channel. Defaults to unstable, which uses a fully tested rolling release model.
# You can find a list of channels at https://nixos.wiki/wiki/Nix_channels
# To follow a different channel, replace `nixos-unstable` with the channel name, e.g. `nixos-24.05`.
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
# Use Lix in place of Nix.
# If you'd rather use regular Nix, remove `lix-module.nixosModules.default` from the `modules` section below.
# To learn more about Lix, see https://lix.systems/
lix-module = {
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0-rc1.tar.gz";
inputs.nixpkgs.follows = "nixpkgs";
};
# Flatpak support
nix-flatpak.url = "github:gmodena/nix-flatpak/v0.4.1";
# Import the desired Nixpkgs repo. Defaults to unstable.
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
# SecureBoot support
lanzaboote.url = "github:nix-community/lanzaboote/v0.4.0";
# NixOS hardware quirks
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
# Add Home-manager support
# Home-manager support
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
@ -27,6 +38,7 @@
auxlib,
home-manager,
lanzaboote,
lix-module,
nix-flatpak,
nixos-hardware,
nixpkgs,
@ -47,37 +59,32 @@
aarch64-darwin - M-series Macs.
*/
platform = "x86_64-linux";
baseModules = [
./modules/autoimport.nix
home-manager.nixosModules.home-manager
lanzaboote.nixosModules.lanzaboote
nix-flatpak.nixosModules.nix-flatpak
# Set global home-manager settings
{
home-manager = {
/*
When running, Home Manager will use the global package cache.
It will also back up any files that it would otherwise overwrite.
The originals will have the extension ".home-manager_backup".
*/
useGlobalPkgs = true;
useUserPackages = true;
backupFileExtension = "home-manager_backup";
};
}
];
in
{
nixosConfigurations."${hostName}" = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs;
};
modules = baseModules ++ [
modules = [
{
networking.hostName = hostName;
nixpkgs.hostPlatform = platform;
home-manager = {
/*
When running, Home Manager will use the global package cache.
It will also back up any files that it would otherwise overwrite.
The originals will have the extension ".home-manager_backup".
*/
useGlobalPkgs = true;
useUserPackages = true;
backupFileExtension = "home-manager_backup";
};
}
./modules/autoimport.nix
home-manager.nixosModules.home-manager
lanzaboote.nixosModules.lanzaboote
lix-module.nixosModules.default
nix-flatpak.nixosModules.nix-flatpak
./host/configuration.nix
# NixOS-Hardware

View file

@ -10,7 +10,7 @@ let
stateVersion = "24.11";
# Set the username for the initial user.
username = "axol";
username = builtins.abort "Please set your username via the 'username' variable in configuration.nix";
in
{
imports = [ ./hardware-configuration.nix ];
@ -22,7 +22,7 @@ in
# To see all available timezones, run `timedatectl list-timezones`.
time.timeZone = "Europe/Amsterdam";
# Define your user account(s). Don't forget to set a password with `passwd`.
# Define your user account(s). If this user doesn't already have a password, don't forget to set one using `passwd`.
users.users.${username} = {
isNormalUser = true;
extraGroups = [ "wheel" ];
@ -106,7 +106,7 @@ in
# https://buddiesofbudgie.org/
budgie.enable = false;
# Enable the Hyperland desktop environment.
# Enable the Hyprland desktop environment.
# https://hyprland.org/
hyprland.enable = false;