feat: NixOS template for new users #33
|
@ -2,19 +2,22 @@
|
||||||
|
|
||||||
A ready-to-run NixOS configuration with opinionated defaults.
|
A ready-to-run NixOS configuration with opinionated defaults.
|
||||||
|
|
||||||
The goal of this config is to make it as easy as possible to build a NixOS system for an out-of-the-box experience similar to user-friendly distributions like Ubuntu, Fedora, or Mint. Options are available under the `aux.system` top-level namespace. Where possible, we provided simple boolean (true/false) flags for enabling things like GPU drivers and desktop environments. You can, of course, extend this template however you'd like.
|
The goal of this config is to make it as easy as possible to build a NixOS system for an out-of-the-box experience similar to user-friendly distributions like Ubuntu, Fedora, or Mint. Nearly all configuration is done by editing `host/configuration.nix`. Where possible, we provided simple boolean (true/false) flags for enabling things like GPU drivers and desktop environments. These options are made available under the `aux.system` namespace. You can, of course, extend this template however you'd like.
|
||||||
|
|
||||||
## Getting Started
|
## Getting Started
|
||||||
|
|
||||||
1. Install a fresh copy of NixOS and boot into your new system.
|
1. [Install a fresh copy of NixOS and boot into your new system](https://nixos.org/manual/nixos/stable/index.html#ch-installation).
|
||||||
2. Download, copy, or clone this repository onto your new system.
|
2. Open a terminal and create a new copy of this template by running `nix --extra-experimental-features nix-command --extra-experimental-features flakes flake new -t github:auxolotl/templates#system nixos-config`.
|
||||||
3. Run `nixos-generate-config --show-hardware-config` to generate your system's `hardware-configuration.nix` file. Copy this file into the `host` folder, overwriting the existing `hardware-configuration.nix` file.
|
3. Change into the new folder using `cd nixos-config`.
|
||||||
4. Edit `flake.nix` and set the following variables:
|
4. Run `nixos-generate-config --show-hardware-config` to generate your system's `hardware-configuration.nix` file. Copy this file into the `host` folder, overwriting the existing `hardware-configuration.nix` file.
|
||||||
|
5. Edit `flake.nix` and set the following variables:
|
||||||
1. Change `hostName` to the hostname you want to give this system.
|
1. Change `hostName` to the hostname you want to give this system.
|
||||||
2. If your system is running on an architecture other than 64-bit Linux, change `platform` to the architecture that you're using. Details on the various options are documented in `flake.nix`.
|
2. If your system is running on an architecture other than 64-bit Linux, change `platform` to the architecture that you're using. Details on the various options are documented in `flake.nix`.
|
||||||
4. Edit the `host/configuration.nix` file to suit your needs. This file documents all of the different options available.
|
6. Edit the `host/configuration.nix` file to suit your needs. This file documents all of the different options available. In most cases, you can enable an option by changing `false` to `true`.
|
||||||
5. Run `nixos-rebuild boot --flake .#<your hostname>` and restart.
|
1. Change the `username` variable. If you installed NixOS using the standard install medium, you can change this to match the username you chose during installation. Otherwise, it will create a new user account.
|
||||||
6. Enjoy your new NixOS system!
|
2. If you're creating a new user account, don't forget to set its password by running `sudo passwd <username>`.
|
||||||
|
7. Run `sudo nixos-rebuild boot --flake .#<your hostname>` and restart.
|
||||||
|
8. Enjoy your new NixOS system!
|
||||||
|
|
||||||
## Additional options
|
## Additional options
|
||||||
|
|
||||||
|
@ -38,11 +41,11 @@ For users with a hybrid Nvidia GPU setup (e.g. laptop users), there's some addit
|
||||||
|
|
||||||
### Secure Boot support
|
### Secure Boot support
|
||||||
|
|
||||||
This configuration supports [Secure Boot](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot) systems, but with some additional setup required. Secure Boot is a UEFI standard meant to prevent the pre-boot process by requiring boot images to be signed by a trusted authority. The goal is to prevent tampering, e.g. by a malicious third-party replacing your kernel image with a compromised image. In NixOS, Secure Boot support is provided by the [Lanzaboote](https://github.com/nix-community/lanzaboote) project.
|
This configuration supports [Secure Boot](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot) systems, but with some additional setup required. Secure Boot is a UEFI standard meant to prevent tampering with the pre-boot process, e.g. by a malicious third-party replacing your kernel image with a compromised image. In NixOS, Secure Boot support is provided by the [Lanzaboote](https://github.com/nix-community/lanzaboote) project.
|
||||||
|
|
||||||
To enable Secure Boot support:
|
To enable Secure Boot support:
|
||||||
|
|
||||||
1. Install NixOS using the default `systemd-boot` bootloader, and with Secure Boot disabled via UEFI. To confirm this, run `bootctl status` and look for output similar to the following:
|
1. Install NixOS using the default `systemd-boot` bootloader, and with Secure Boot disabled via UEFI. To confirm this, run `bootctl status` on a fresh NixOS installation and look for output similar to the following:
|
||||||
```sh
|
```sh
|
||||||
$ bootctl status
|
$ bootctl status
|
||||||
System:
|
System:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
{
|
{
|
||||||
description = "A system flake with various options for bootstrapping a complete Aux install.";
|
description = "A system flake with various options for bootstrapping a complete NixOS install.";
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
# Flatpak support
|
# Flatpak support
|
||||||
|
@ -46,14 +46,16 @@
|
||||||
aarch64-darwin - M-series Macs.
|
aarch64-darwin - M-series Macs.
|
||||||
*/
|
*/
|
||||||
platform = "x86_64-linux";
|
platform = "x86_64-linux";
|
||||||
|
in
|
||||||
baseModules = [
|
|
||||||
./modules/autoimport.nix
|
|
||||||
home-manager.nixosModules.home-manager
|
|
||||||
lanzaboote.nixosModules.lanzaboote
|
|
||||||
nix-flatpak.nixosModules.nix-flatpak
|
|
||||||
# Set global home-manager settings
|
|
||||||
{
|
{
|
||||||
|
nixosConfigurations."${hostName}" = nixpkgs.lib.nixosSystem {
|
||||||
|
specialArgs = {
|
||||||
|
inherit inputs;
|
||||||
|
};
|
||||||
|
modules = [
|
||||||
|
{
|
||||||
|
networking.hostName = hostName;
|
||||||
|
nixpkgs.hostPlatform = platform;
|
||||||
home-manager = {
|
home-manager = {
|
||||||
/*
|
/*
|
||||||
When running, Home Manager will use the global package cache.
|
When running, Home Manager will use the global package cache.
|
||||||
|
@ -65,18 +67,10 @@
|
||||||
backupFileExtension = "home-manager_backup";
|
backupFileExtension = "home-manager_backup";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
];
|
./modules/autoimport.nix
|
||||||
in
|
home-manager.nixosModules.home-manager
|
||||||
{
|
lanzaboote.nixosModules.lanzaboote
|
||||||
nixosConfigurations."${hostName}" = nixpkgs.lib.nixosSystem {
|
nix-flatpak.nixosModules.nix-flatpak
|
||||||
specialArgs = {
|
|
||||||
inherit inputs;
|
|
||||||
};
|
|
||||||
modules = baseModules ++ [
|
|
||||||
{
|
|
||||||
networking.hostName = hostName;
|
|
||||||
nixpkgs.hostPlatform = platform;
|
|
||||||
}
|
|
||||||
./host/configuration.nix
|
./host/configuration.nix
|
||||||
|
|
||||||
# NixOS-Hardware
|
# NixOS-Hardware
|
||||||
|
|
|
@ -10,7 +10,7 @@ let
|
||||||
stateVersion = "24.11";
|
stateVersion = "24.11";
|
||||||
|
|
||||||
# Set the username for the initial user.
|
# Set the username for the initial user.
|
||||||
username = "axol";
|
username = builtins.abort "Please set your username via the 'username' variable in configuration.nix";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [ ./hardware-configuration.nix ];
|
imports = [ ./hardware-configuration.nix ];
|
||||||
|
@ -22,7 +22,7 @@ in
|
||||||
# To see all available timezones, run `timedatectl list-timezones`.
|
# To see all available timezones, run `timedatectl list-timezones`.
|
||||||
time.timeZone = "Europe/Amsterdam";
|
time.timeZone = "Europe/Amsterdam";
|
||||||
|
|
||||||
# Define your user account(s). Don't forget to set a password with ‘passwd’.
|
# Define your user account(s). If this user doesn't already have a password, don't forget to set one using `passwd`.
|
||||||
users.users.${username} = {
|
users.users.${username} = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = [ "wheel" ];
|
extraGroups = [ "wheel" ];
|
||||||
|
@ -106,7 +106,7 @@ in
|
||||||
# https://buddiesofbudgie.org/
|
# https://buddiesofbudgie.org/
|
||||||
budgie.enable = false;
|
budgie.enable = false;
|
||||||
|
|
||||||
# Enable the Hyperland desktop environment.
|
# Enable the Hyprland desktop environment.
|
||||||
# https://hyprland.org/
|
# https://hyprland.org/
|
||||||
hyprland.enable = false;
|
hyprland.enable = false;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue