Skip to content

Wimpy's NixOS, nix-darwin & Home Manager Configurations ❄️

License

Notifications You must be signed in to change notification settings

wimpysworld/nix-config

Repository files navigation

Sith Happens

Wimpy's NixOS, nix-darwin & Home Manager Configurations

Made with 💝 for NixOS & macOS

This repository contains a Nix Flake for configuring my computers and/or their home environment. It is not intended to be a drop in configuration for your computer, but might serve as a reference or starting point for your own configuration. If you are looking for a more generic NixOS configuration template, I highly recommend nix-starter-configs. 👍️ These computers are managed by this Nix flake ❄️

Hostname Board CPU RAM Primary GPU Secondary GPU Role OS State
vader MEG-X570-UNIFY AMD Ryzen 9 5950X 128GB Fighter RX 7900 GRE RTX 2000E Ada Generation 🖥️ ❄️
phasma MEG-X570-ACE AMD Ryzen 9 5900X 128GB Fighter RX 7900 GRE RTX 2000E Ada Generation 🖥️ ❄️
sidious ThinkPad P1 Gen 1 Intel Xeon E-2176M 64GB NVIDIA Quadro P2000 Max-Q Intel UHD Graphics P630 💻️🎭️ ❄️
palpatine ⤴️ ⤴️ ⤴️ ⤴️ ⤴️ 💻️🎭️ 🪟
tanis ThinkPad Z13 Gen 1 AMD Ryzen 5 PRO 6650U 32GB AMD Radeon 660M 💻️ ❄️
shaa ThinkPad T14s Gen 1 AMD Ryzen 5 PRO 4650U 16GB AMD Radeon RX Vega 6 💻️ ❄️
momin Macbook Air M2 15" Apple M2 8-core CPU 24GB Apple M2 10-core GPU 💻️ 🍏
krall Macbook Pro (Mid 2015) Intel Core i7 16GB Intel Iris Pro Graphics 💻️ 🍏
steamdeck Steam Deck 64GB LCD Zen 2 4c/8t 16GB 8 RDNA 2 CUs 🎮️ 🐧
crawler QEMU - - VirGL 🐄 ❄️
dagger QEMU - - VirGL 🐄 ❄️
defender Lima - - - 🐄 🐧
fighter Lima - - - 🐄 🐧
revan Z390-DESIGNARE Intel Core i9-9900K 64GB Intel UHD Graphics 630 NVIDIA T1000 ☁️ ❄️ 🚧
malak B360 HD3P-LM Intel Core i7-8700 128GB Intel UHD Graphics 630 - ☁️ ❄️ 🚧

Workstation and server host names are Sith Lords and the virtual machines are named after TIE fighter series. Dual boot systems have the NixOS install named a Sith Lord and the "other" OS named after their public-facing persona.

Key

  • 🎭️ : Dual boot
  • 🖥️ : Desktop
  • 💻️ : Laptop
  • 🎮️ : Games Machine
  • 🐄 : Virtual Machine
  • ☁️ : Server
  • 🧟 : Not in service

As featured on Linux Matters podcast! 🎙️ I am a presenter on Linux Matters and this configuration was featured in Episode 7 - Immutable Desktop Linux for Anyone.

Linux Matters Podcast
Linux Matters Podcast

Structure

The nixos/_mixins and home-manager/_mixins are a collection of composited configurations based on the arguments defined in flake.nix.

Installing 💾

  • Boot off an .iso image created by this flake using build-iso console or build-iso <desktop> (see below) 💿
  • Put the .iso image on a USB drive, I use USBImager
  • Boot the target computer from the USB drive
  • Two installation options are available: 1 Run install-system <hostname> <username> from a terminal
    • The install script uses Disko to automatically partition and format the disks, then uses my flake via nixos-install to complete a full-system installation
    • This flake is copied to the target user's home directory as ~/Zero/nix-config
    • nixos-enter is used to automatically chroot into the new system and apply the Home Manager configuration 2 The desktop iso image includes the graphical Calamares installer if an ad-hoc system installation is required
  • Make a cuppa 🫖
  • Reboot 🥾

Installing to a remote host 🌍

As Disko is used to declare the disk layout for all my NixOS hosts, each NixOS configurations can be deployed to a remote host using nixos-anywhere. I've created a simple wrapper around nixos-anywhere that makes it a bit simpler to deploy a NixOS configuration to a remote host. For example, malak is a Hetzner dedicated server. To deploy it, enable the Hetzner Rescue system and then execute the following command from one of my workstations:

install-anywhere malak <ip-address>

When the deployment is complete, the remote host will be automatically rebooted. I keep my Home Manager configuration separate from my NixOS configuration, so after the NixOS configuration has been deployed, I SSH in to the remote host and activate the Home Manager configuration:

sudo chown -Rv "$USER":users "$HOME/.config"
git clone https://github.com/wimpysworld/nix-config "$HOME/Zero/nix-config"
home-manager switch -b backup --flake "$HOME/Zero/nix-config"

Applying Changes ✨

I clone this repo to ~/Zero/nix-config. NixOS and Home Manager changes are applied separately because I tend to iterate on the Home Manager configuration more frequently than the NixOS configuration.

gh repo clone wimpysworld/nix-config "$HOME/Zero/nix-config"
  • ❄️ NixOS & macOS: A build-host and switch-host aliases are provided that build the NixOS or nix-darwin configuration and switch to it respectively.
  • 🏠️ Home Manager: A build-home and switch-home aliases are provided that build the Home Manager configuration and switch to it respectively.
  • 🌍️ All: There are also build-all and switch-all aliases that build and switch to both the NixOS/nix-darwin and Home Manager configurations.

ISO 📀

The build-iso script is included that creates .iso images from this flake. The following modes are available:

  • build-iso console (terminal environment): Includes install-system for automated installation.
  • build-iso gnome (GNOME Desktop environment): Includes install-system and Calamares installation.
  • build-iso mate (MATE Desktop environment): Includes install-system and Calamares installation.
  • build-iso pantheon (Pantheon Desktop environment): Includes install-system and Calamares installation.
  • build-iso lomiri (Lomiri Desktop environment): Includes install-system and Calamares installation.

Live images will be left in $HOME/Zero/nix-config/result/iso/ and are also injected into ~/Quickemu/nixos-console and ~/Quickemu/nixos-<desktop> respectively. The console .iso image is also periodically built and published via GitHub Actions and is available in this project's Releases.

What's in the box? 🎁

Nix is configured with flake support and the unified CLI enabled.

Structure

Here's the directory structure I'm using:

.
├── darwin
│  ├── _mixins
│  │  ├── desktop
│  │  ├── scripts
│  │  └── users
│  ├── momin
│  ├── krall
│  └── default.nix
├── home-manager
│  ├── _mixins
│  │  ├── configs
│  │  ├── desktop
│  │  ├── features
│  │  ├── scripts
│  │  ├── services
│  │  └── users
│  └── default.nix
├── lib
│  └── default.nix
├── nixos
│  ├── _mixins
│  │  ├── configs
│  │  ├── desktop
│  │  ├── features
│  │  ├── scripts
│  │  ├── services
│  │  └── users
│  ├── iso-console
│  ├── iso-gnome -> iso-console
│  ├── iso-mate -> iso-console
│  ├── iso-pantheon -> iso-console
│  ├── iso-lomiri -> iso-console
│  ├── crawler -> dagger
│  ├── dagger
│  ├── malak
│  ├── phasma
│  ├── revan
│  ├── sidious
│  ├── tanis
│  ├── vader
│  └── default.nix
├── overlays
│  └── default.nix
├── pkgs
│  └── default.nix
├── secrets
│  └── secrets.yaml
└── flake.nix
  • The NixOS, macOS (darwin) and Home Manager configurations are in the nixos, darwin and home-manager directories respectively, they are structured in a similar way with _mixins directories that contain the configurations applied via mixin pattern that compose the final configuration.
  • The lib directory contains helper functions for the nixos, nix-darwin and home-manager configurations.
  • The overlays directory hold my custom overlays.
  • The pkgs directory contains my custom local packages.
  • The secrets directory contains secrets managed by sops-nix.
  • The default.nix files in the root of each directory are the entry points.

The Shell 🐚

Fish shell 🐟️ with Starship 🚀 and a collection of tools that deliver a "Modern Unix" experience. The base system has a firewall enabled and also includes OpenSSH, sops-nix for secret management, Tailscale, Distrobox and, of course, a delightfully configured micro. (Fight me! 🥊) Useful shell scripts I used to keep in muddle of git repos are now migrated to NixOS scripts and Home Manager scripts to provide a declarative, reproducible and shellcheck validated toolbox 🧰

fastfetch on Phasma

The Desktop 🖥️

GNOME 👣 Hyprland 💧 MATE 🧉 Pantheon 🏛️ and Lomiri 📱 desktop options are available. The font configuration is common for all desktops using Work Sans and Fira Code. The usual creature comforts you'd expect to find in a Linux Desktop are integrated such as Pipewire, Bluetooth, Avahi, CUPS, SANE and NetworkManager.

Desktops NixOS Home Manager Theme
👣 GNOME GNOME NixOS GNOME Home Manager Catppuccin Mocha
💧 Hyprland Hyprland NixOS Hyprland Home Manager Catppuccin Mocha
🧉 MATE MATE NixOS MATE Home Manager Catppuccin Mocha
🏛️ Pantheon Pantheon NixOS Pantheon Home Manager Catppuccin Mocha
📱 Lomiri Lomiri NixOS 🚧

Eye Candy 👀🍬

Hyprland on Shaa

Hyprland on Shaa; a work in progress; soon to be daily driver

Pantheon on Phasma

Pantheon on Phasma; daily driver

Post-install Checklist

Things I currently need to do manually after installation.

Secrets

  • Provision /var/lib/private/sops/age/keys.txt
  • Provision ~/.config/sops/age/keys.txt
  • Run gpg-restore
  • Run determinate-nixd login
  • Keybase - keybase login
  • Tailscale - sudo tailscale up --operator="$USER"
  • 1Password - authenticate
  • LastPass - authenticate

Accounts

  • Atuin
    • atuin login -u <username>
    • atuin sync -f
  • Brave - enroll sync
  • Chatterino - authenticate
  • Discord - authenticate
  • GitKraken - authenticate with GitHub
  • Grammarly - authenticate
  • Maelstral - maestral_qt
  • Matrix - authenticate
  • Syncthing - Connect API and introduce host
  • Telegram - authenticate
  • VSCode - authenticate with GitHub enable sync
  • Wavebox - authenticate Google and restore profile

System

defender and fighter are Ubuntu virtual machines run under Lima for my Ubuntu MATE development and testing environments.

  • On Linux run
    • incus admin init --minimal
    • create-defender
    • create-fighter
  • On macOS run
    • install-homebrew
    • Run Podman Desktop to create podman machine

Malak

  • Create ntfy user and ACLs sudo ntfy user add --role=admin <username> sudo ntfy access everyone <topic> rw

Themes

Some applications require manual configuration to apply the correct theme.

  • Enable Stylus Sync to Dropbox to get Catppuccin userstyles and Enable Patch CSP
    • Brave
    • Chrome
    • Chromium
    • Firefox
    • Wavebox
  • Cider
    • Open Cider
    • Menu → Marketplace → Themes
    • Find Catppuccin and your favorite flavor
    • Click Install
  • Discord OpenAsar
    • Add Catppuccin CSS
/* mocha */
@import url("https://catppuccin.github.io/discord/dist/catppuccin-mocha.theme.css");
@import url("https://catppuccin.github.io/discord/dist/catppuccin-mocha-blue.theme.css");

Windows Boot Manager on multi-disk systems

One of my laptops (sidious) is a multi-disk system with Windows 11 Pro 🪟 installed on a separate disk from NixOS. The Windows EFI partition is not automatically detected by systemd-boot, because it is on a different disk. The following steps are required to copy the Windows Boot Manager to the NixOS EFI partition so dual-booting is possible.

Find Windows EFI Partition

lsblk -o NAME,FSTYPE,SIZE,MOUNTPOINT

Mount Windows EFI Partition

sudo mkdir /mnt/win-efi
sudo mount /dev/nvme1n1p1 /mnt/win-efi

Copy Contents of Windows EFI to NixOS EFI

sudo rsync -av /mnt/win-efi/EFI/Microsoft/ /boot/EFI/Microsoft/

Clean up

sudo umount /mnt/win-efi
sudo rm -rf /mnt/win-efi

Reboot and systemd-boot should now offer the option to boot NixOS and Windows.

Inspirations 🧑‍🏫

Before preparing my NixOS and Home Manager configurations I looked at what other Nix users were doing. My colleagues shared their configs and tips which included nome from Luc Perkins, nixos-config from Cole Helbling, flake from Ana Hoverbear and her Declarative GNOME configuration with NixOS blog post. A couple of friends also shared their configurations and here's Jon Seager's nixos-config and Matthew Croughan's nixcfg.

I liked the directory hierarchy in Jon Seager's nixos-config and the mixin pattern used in Matthew Croughan's nixcfg, so my Nix configuration is influenced by both of those. Ana's excellent Declarative GNOME configuration with NixOS blog post was essential to achieving a fully declaritive desktop configuration 🚀

After I created my initial flake I found nix-starter-configs by Gabriel Fontes which is an excellent starting point. I have since incorporated many of the techniques it demonstrates. Similarly, some of my nix-darwin configuration is inspired by nix-darwin-kickstarter.

There's plenty to learn from browsing other people's Nix configurations. I recommend a search of GitHub nixos configuration from time to time to see what interesting techniques you pick up and new tools you might discover ️🕵️

My use of Disko and automated installation script were inspired by the these blog posts: