From 931658a79bb5a76e9d1d64bf0f09b8629c9083b1 Mon Sep 17 00:00:00 2001 From: Mark Nipper Date: Mon, 26 Feb 2024 15:53:49 -0800 Subject: Add initial NixOS configuration for ginaz --- ginaz/README | 48 +++++++++++++++++++++ ginaz/configuration.nix | 93 ++++++++++++++++++++++++++++++++++++++++ ginaz/hardware-configuration.nix | 47 ++++++++++++++++++++ 3 files changed, 188 insertions(+) create mode 100644 ginaz/README create mode 100644 ginaz/configuration.nix create mode 100644 ginaz/hardware-configuration.nix diff --git a/ginaz/README b/ginaz/README new file mode 100644 index 0000000..0d54d8d --- /dev/null +++ b/ginaz/README @@ -0,0 +1,48 @@ +# boot NixOS installer +# connect wireless +# start terminal +passwd +sudo passwd +sudo systemctl restart sshd +# connect remotely via SSH to IP from: ip a s + +DISK=/dev/disk/by-id/nvme-SAMSUNG_MZVL21T0HCLR-00BL2_S64NNX0T233166 +cat /dev/urandom > ${DISK} +wipefs ${DISK}; sgdisk -z ${DISK}; sgdisk -og ${DISK} +sgdisk --new 1::+1G --typecode=1:EF00 --change-name=1:'boot' ${DISK} +sgdisk --new 2::+32G --typecode=2:8200 --change-name=2:'swap' ${DISK} +sgdisk --new 3::-0 --typecode=3:BF00 --change-name=3:'rpool' ${DISK} +partprobe +udevadm settle +fdisk -l ${DISK} +mkfs.fat -F32 -nboot ${DISK}-part1 +mkswap -L swap ${DISK}-part2 +swapon /dev/disk/by-label/swap +zpool create -o ashift=12 -o autotrim=on -O acltype=posixacl -O compression=on -O dnodesize=auto -O normalization=formD -O encryption=on -O keyformat=passphrase -O keylocation=prompt -O relatime=on -O xattr=sa -O mountpoint=none -O canmount=off -f rpool ${DISK}-part3 +zfs create -p -o mountpoint=legacy rpool/local/root +zfs snapshot rpool/local/root@blank +mount -t zfs rpool/local/root /mnt +mkdir /mnt/boot +mount /dev/disk/by-label/boot /mnt/boot +zfs create -p -o mountpoint=legacy rpool/local/nix +mkdir /mnt/nix +mount -t zfs rpool/local/nix /mnt/nix +zfs create -p -o mountpoint=legacy rpool/user/home/root +mkdir /mnt/root +mount -t zfs rpool/user/home/root /mnt/root +zfs create -p -o mountpoint=legacy rpool/user/home/nipsy +mkdir -p /mnt/home/nipsy +mount -t zfs rpool/user/home/nipsy /mnt/home/nipsy + +nixos-generate-config --root /mnt + +cat /mnt/etc/nixos/configuration.nix +cat /mnt/etc/nixos/hardware-configuration.nix + +#nixos-install --root /mnt +nixos-install + +cd / +umount -Rl /mnt +zpool export -a +reboot diff --git a/ginaz/configuration.nix b/ginaz/configuration.nix new file mode 100644 index 0000000..32259fa --- /dev/null +++ b/ginaz/configuration.nix @@ -0,0 +1,93 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page, on +# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). + +{ config, lib, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + boot.initrd.kernelModules = [ "zfs" ]; + #boot.initrd.postDeviceCommands = ''zpool import -lf rpool''; + boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.generationsDir.copyKernels = true; + boot.loader.systemd-boot.enable = true; + boot.supportedFilesystems = [ "zfs" ]; + boot.zfs.devNodes = "/dev/disk/by-label"; + + environment.shells = with pkgs; [ zsh ]; + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + curl + firefox + i3 + vim + wget + ]; + + i18n.defaultLocale = "en_US.UTF-8"; + + networking.hostId = "8425e349"; + networking.hostName = "ginaz"; + networking.networkmanager.enable = true; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + programs.mtr.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + programs.zsh.enable = true; + + security.rtkit.enable = true; + + services.openssh = { + enable = true; + settings.PasswordAuthentication = false; + settings.KbdInteractiveAuthentication = false; + settings.PermitRootLogin = "yes"; + }; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; + services.printing.enable = true; + services.xserver.displayManager.lightdm.enable = true; + services.xserver.enable = true; + services.xserver.libinput.enable = true; + services.xserver.xkb.layout = "us"; + services.xserver.xkb.options = "caps:super,compose:ralt"; + services.zfs.autoScrub.enable = true; + services.zfs.trim.enable = true; + + system.copySystemConfiguration = true; + system.stateVersion = "23.11"; + + time.timeZone = "America/Los_Angeles"; + + users.groups.nipsy.gid = 1000; + users.users.nipsy = { + isNormalUser = true; + group = "nipsy"; + home = "/home/nipsy"; + description = "Mark Nipper"; + extraGroups = [ "wheel" "networkmanager" ]; + #packages = with pkgs; [ + # firefox + # tree + #]; + shell = pkgs.zsh; + openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIbKppxX6GF88fAfXJZR4ZcPzwopi7TAy+v/dmWso+7f nipsy@arrakis.bitgnome.net" ]; + }; + + users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIbKppxX6GF88fAfXJZR4ZcPzwopi7TAy+v/dmWso+7f nipsy@arrakis.bitgnome.net" ]; +} diff --git a/ginaz/hardware-configuration.nix b/ginaz/hardware-configuration.nix new file mode 100644 index 0000000..3d76693 --- /dev/null +++ b/ginaz/hardware-configuration.nix @@ -0,0 +1,47 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "rpool/local/root"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-label/boot"; + fsType = "vfat"; + }; + + fileSystems."/nix" = + { device = "rpool/local/nix"; + fsType = "zfs"; + }; + + fileSystems."/root" = + { device = "rpool/user/home/root"; + fsType = "zfs"; + }; + + fileSystems."/home/nipsy" = + { device = "rpool/user/home/nipsy"; + fsType = "zfs"; + }; + + swapDevices = + [ { device = "/dev/disk/by-label/swap"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} -- cgit v1.2.3