feat: NixOS template for new users #33

Open
8bitbuddhist wants to merge 14 commits from new-user-templates into main
7 changed files with 245 additions and 37 deletions
Showing only changes of commit f534c95342 - Show all commits

View file

@ -1,12 +1,14 @@
# Auxolotl System Template # Auxolotl New User System Configuration
A ready-to-run NixOS template with sane defaults. A ready-to-run NixOS configuration with opinionated defaults.
The goal of this config is to make it as easy as possible to build a NixOS system for an out-of-the-box experience similar to user-friendly distributions like Ubuntu, Fedora, or Mint. Options are available under the `aux.system` top-level namespace. Where possible, we provided simple boolean (true/false) flags for enabling things like GPU drivers and desktop environments. You can, of course, extend this template however you'd like.
## Getting Started ## Getting Started
1. Install a fresh copy of NixOS and boot into your new system. 1. Install a fresh copy of NixOS and boot into your new system.
2. Download, copy, or clone this repository onto your new system. 2. Download, copy, or clone this repository onto your new system.
3. Run `nixos-generate-config --show-hardware-config` to generate your system's `hardware-configuration.nix` file. Copy this file into the `host` folder, overwriting the existing file. 3. Run `nixos-generate-config --show-hardware-config` to generate your system's `hardware-configuration.nix` file. Copy this file into the `host` folder, overwriting the existing `hardware-configuration.nix` file.
4. Edit `flake.nix` and set the following variables: 4. Edit `flake.nix` and set the following variables:
1. Change `hostName` to the hostname you want to give this system. 1. Change `hostName` to the hostname you want to give this system.
2. If your system is running on an architecture other than 64-bit Linux, change `platform` to the architecture that you're using. Details on the various options are documented in `flake.nix`. 2. If your system is running on an architecture other than 64-bit Linux, change `platform` to the architecture that you're using. Details on the various options are documented in `flake.nix`.
@ -30,6 +32,10 @@ modules = [
] ]
``` ```
#### Nvidia GPU support
For users with a hybrid Nvidia GPU setup (e.g. laptop users), there's some additional setup you need to do. This setup requires you to find the PCI bus IDs for your Nvidia GPU and your secondary GPU (usually an integrated Intel or AMD GPU). [The NixOS wiki has instructions on how to find these](https://nixos.wiki/wiki/Nvidia#Laptop_Configuration:_Hybrid_Graphics_.28Nvidia_Optimus_PRIME.29). Once you have the bus IDs, you can set `aux.system.gpu.nvidia.hybrid.busIDs.intel` or `aux.system.gpu.nvidia.hybrid.busIDs.amd`.
### Secure Boot support ### Secure Boot support
This configuration supports [Secure Boot](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot) systems, but with some additional setup required. Secure Boot is a UEFI standard meant to prevent the pre-boot process by requiring boot images to be signed by a trusted authority. The goal is to prevent tampering, e.g. by a malicious third-party replacing your kernel image with a compromised image. In NixOS, Secure Boot support is provided by the [Lanzaboote](https://github.com/nix-community/lanzaboote) project. This configuration supports [Secure Boot](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot) systems, but with some additional setup required. Secure Boot is a UEFI standard meant to prevent the pre-boot process by requiring boot images to be signed by a trusted authority. The goal is to prevent tampering, e.g. by a malicious third-party replacing your kernel image with a compromised image. In NixOS, Secure Boot support is provided by the [Lanzaboote](https://github.com/nix-community/lanzaboote) project.

View file

@ -8,6 +8,9 @@
let let
# Do not change this value! This tracks when NixOS was installed on your system. # Do not change this value! This tracks when NixOS was installed on your system.
stateVersion = "24.11"; stateVersion = "24.11";
# Set the username for the initial user.
username = "axol";
in in
{ {
imports = [ ./hardware-configuration.nix ]; imports = [ ./hardware-configuration.nix ];
@ -20,20 +23,17 @@ in
time.timeZone = "Europe/Amsterdam"; time.timeZone = "Europe/Amsterdam";
# Define your user account(s). Don't forget to set a password with passwd. # Define your user account(s). Don't forget to set a password with passwd.
users.users = { users.users.${username} = {
# Replace "axol" with your preferred username. isNormalUser = true;
"axol" = { extraGroups = [ "wheel" ];
isNormalUser = true;
extraGroups = [ "wheel" ];
# Enter any additional packages specific to this user here. # Enter any additional packages specific to this user here.
packages = with pkgs; [ ]; packages = with pkgs; [ ];
};
}; };
# Configure home-manager for your user. # Configure home-manager for your user.
# For configuration options, see https://nix-community.github.io/home-manager/#using-home-manager # For configuration options, see https://nix-community.github.io/home-manager/#using-home-manager
home-manager.users.axol = { home-manager.users.${username} = {
# The state version is required and should stay at the version you originally installed. # The state version is required and should stay at the version you originally installed.
home.stateVersion = stateVersion; home.stateVersion = stateVersion;
@ -46,6 +46,7 @@ in
# Configure the system. # Configure the system.
aux.system = { aux.system = {
# Enable to allow unfree (e.g. closed source) packages. # Enable to allow unfree (e.g. closed source) packages.
# Some settings may override this (e.g. enabling Nvidia GPU support).
# https://nixos.org/manual/nixpkgs/stable/#sec-allow-unfree # https://nixos.org/manual/nixpkgs/stable/#sec-allow-unfree
allowUnfree = false; allowUnfree = false;
@ -53,21 +54,51 @@ in
# IMPORTANT: Read the README before enabling this option! # IMPORTANT: Read the README before enabling this option!
bootloader.secureboot.enable = false; bootloader.secureboot.enable = false;
# Enable or disable Bluetooth support.
bluetooth.enable = true;
# Change the default text editor. Options are "emacs", "nano", or "vim". # Change the default text editor. Options are "emacs", "nano", or "vim".
editor = "nano"; editor = "nano";
# Additional system packages to install.
packages = [ ];
# Change how long old generations are kept for. # Change how long old generations are kept for.
retentionPeriod = "30d"; retentionPeriod = "30d";
# Enable GPU support.
gpu = {
# Enable AMD GPU support.
amd.enable = false;
# Enable Intel GPU support.
intel.enable = false;
nvidia = {
# Enable Nvidia GPU support.
enable = false;
hybrid = {
# Enables support for hybrid GPUs (e.g. for laptops and systems with integrated GPUs).
enable = false;
# Define the bus IDs for your GPUs.
# For more info on where to find bus IDs, see https://nixos.wiki/wiki/Nvidia#Configuring_Optimus_PRIME:_Bus_ID_Values_.28Mandatory.29
busIDs = {
nvidia = "";
intel = "";
amd = "";
};
# Enable sync mode for faster performance at the cost of higher battery usage.
# If sync is disabled, you'll need to run GPU-accelerated applications using 'nvidia-offload <command>'.
sync = false;
};
};
};
ui.desktops = { ui.desktops = {
# Enable the Budgie desktop environment. # Enable the Budgie desktop environment.
# https://buddiesofbudgie.org/ # https://buddiesofbudgie.org/
budgie.enable = false; budgie.enable = false;
# Enables the Hyperland desktop environment. # Enable the Hyperland desktop environment.
# https://hyprland.org/ # https://hyprland.org/
hyprland.enable = false; hyprland.enable = false;

View file

@ -0,0 +1,30 @@
# Enables AMD GPU support.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.gpu.amd;
in
{
options = {
aux.system.gpu.amd.enable = lib.mkEnableOption (lib.mdDoc "Enables AMD GPU support.");
};
config = lib.mkIf cfg.enable {
boot.initrd.kernelModules = [ "amdgpu" ];
services.xserver = {
enable = true;
videoDrivers = [ "amdgpu" ];
};
hardware.opengl = {
extraPackages = [ pkgs.amdvlk ];
# 32-bit application compatibility
driSupport32Bit = true;
extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ];
};
};
}

View file

@ -0,0 +1,44 @@
# Enables Intel GPU support.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.gpu.intel;
in
{
options = {
aux.system.gpu.intel.enable = lib.mkEnableOption (lib.mdDoc "Enables Intel GPU support.");
};
config = lib.mkIf cfg.enable {
# Configuration options from NixOS-Hardware: https://github.com/NixOS/nixos-hardware/blob/master/common/gpu/intel/default.nix
boot.initrd.kernelModules = [ "i915" ];
environment.variables.VDPAU_DRIVER = "va_gl";
hardware.opengl.extraPackages = with pkgs; [
(
if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
vaapiIntel
else
intel-vaapi-driver
)
libvdpau-va-gl
intel-media-driver
];
hardware.opengl.extraPackages32 = with pkgs.driversi686Linux; [
(
if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
vaapiIntel
else
intel-vaapi-driver
)
libvdpau-va-gl
intel-media-driver
];
};
}

View file

@ -0,0 +1,81 @@
# Enables Nvidia GPU support.
{
pkgs,
config,
lib,
...
}:
let
cfg = config.aux.system.gpu.nvidia;
in
{
options = {
aux.system.gpu.nvidia = {
enable = lib.mkEnableOption (lib.mdDoc "Enables Nvidia GPU support.");
hybrid = {
enable = lib.mkEnableOption (lib.mdDoc "Enables hybrid GPU support.");
sync = lib.mkEnableOption (
lib.mdDoc "Enables sync mode for faster performance at the cost of higher battery usage."
);
busIDs = {
nvidia = lib.mkOption {
description = "The bus ID for your Nvidia GPU.";
type = lib.types.str;
example = "PCI:0:2:0";
default = "";
};
intel = lib.mkOption {
description = "The bus ID for your integrated Intel GPU. If you don't have an Intel GPU, you can leave this blank.";
type = lib.types.str;
example = "PCI:14:0:0";
default = "";
};
amd = lib.mkOption {
description = "The bus ID for your integrated AMD GPU. If you don't have an AMD GPU, you can leave this blank.";
type = lib.types.str;
example = "PCI:54:0:0";
default = "";
};
};
};
};
};
config = lib.mkIf cfg.enable {
assertions = [
{
assertion = (cfg.hybrid.busIDs.nvidia != "");
message = "You need to define a bus ID for your Nvidia GPU. To learn how to find the bus ID, see https://nixos.wiki/wiki/Nvidia#Configuring_Optimus_PRIME:_Bus_ID_Values_.28Mandatory.29.";
}
{
assertion = (cfg.hybrid.busIDs.intel != "" || cfg.busIDs.amd != "");
message = "You need to define a bus ID for your non-Nvidia GPU. To learn how to find your bus ID, see https://nixos.wiki/wiki/Nvidia#Configuring_Optimus_PRIME:_Bus_ID_Values_.28Mandatory.29.";
}
];
aux.system.allowUnfree = true;
services.xserver.videoDrivers = lib.mkDefault [ "nvidia" ];
hardware.graphics.extraPackages = with pkgs; [ vaapiVdpau ];
hardware.nvidia = {
modesetting.enable = true;
nvidiaSettings = lib.mkIf (config.aux.system.ui.desktops.enable) true;
package = config.boot.kernelPackages.nvidiaPackages.stable;
prime = lib.mkIf cfg.hybrid.enable {
offload = lib.mkIf (!cfg.hybrid.sync) {
enable = true;
enableOffloadCmd = true; # Provides `nvidia-offload` command.
};
sync.enable = lib.mkIf cfg.hybrid.sync true;
nvidiaBusId = cfg.hybrid.busIDs.nvidia;
intelBusId = cfg.hybrid.busIDs.intel;
amdgpuBusId = cfg.hybrid.busIDs.amd;
};
};
};
}

View file

@ -3,33 +3,47 @@
pkgs, pkgs,
config, config,
lib, lib,
inputs,
... ...
}: }:
let
cfg = config.aux.system;
in
{ {
# Set up the environment options = {
environment = { aux.system.packages = lib.mkOption {
# Install base packages description = "Additional system packages to install. This is just a wrapper for environment.systemPackages.";
systemPackages = with pkgs; [ type = lib.types.listOf lib.types.package;
bash default = [ ];
dconf # Needed to fix an issue with Home-manager. See https://github.com/nix-community/home-manager/issues/3113 example = lib.literalExpression "[ pkgs.firefox pkgs.thunderbird ]";
direnv };
git
home-manager
p7zip
];
}; };
services = { config = {
# Enable fwupd (firmware updater) # Set up the environment
fwupd.enable = true; environment = {
# Install base packages
systemPackages =
config.aux.system.packages
++ (with pkgs; [
bash
dconf # Needed to fix an issue with Home-manager. See https://github.com/nix-community/home-manager/issues/3113
direnv
git
home-manager
p7zip
]);
};
services = {
# Enable fwupd (firmware updater)
fwupd.enable = true;
# Enable trim on supported drives # Enable trim on supported drives
fstrim.enable = true; fstrim.enable = true;
# Enable disk monitoring # Enable disk monitoring
smartd = { smartd = {
enable = true; enable = true;
autodetect = true; autodetect = true;
};
}; };
}; };
} }

View file

@ -27,6 +27,8 @@ in
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
aux.system.ui.audio.enable = true; aux.system.ui.audio.enable = true;
hardware.bluetooth.enable = true;
boot = { boot = {
# Enable Plymouth for graphical bootsplash. # Enable Plymouth for graphical bootsplash.
plymouth = { plymouth = {