1
0
Reproducible localhost based on NixOS
Go to file
2019-08-31 08:15:50 +00:00
etc Use default pinentry, show it on all workspaces 2019-07-24 19:54:46 +00:00
.gitignore Initial 2019-05-31 00:08:17 +00:00
configuration.nix CPU Throttling Fix 2019-08-22 22:11:33 +00:00
desktop.nix Remove uMatrix 2019-08-22 22:14:55 +00:00
docker.nix Sync packages 2019-07-12 17:06:25 +00:00
hacks.nix Implements docker-based fhs env wrapper 2019-07-05 19:49:51 +00:00
home-manager.nix gpg-agent is already defined globally 2019-08-15 09:52:48 +00:00
LICENSE Initial 2019-05-31 00:08:17 +00:00
networking.nix Make network settings more reproducible 2019-07-21 14:58:08 +00:00
packages.nix packages: add out-of-tree.io 2019-08-31 08:15:50 +00:00
README.md Update README.md 2019-07-21 20:30:34 +00:00
secrets.nix.example Add secrets example 2019-06-21 19:14:17 +00:00
security.nix Mount /nix inside docker 2019-07-17 17:30:19 +00:00
suspend.nix Initial 2019-05-31 00:08:17 +00:00
thinkpad.nix CPU Throttling Fix 2019-08-22 22:11:33 +00:00
wireless-networks.nix.example Add wireless networks sample 2019-06-21 19:16:58 +00:00

Fully reproducible localhost

Download NixOS installation ISO

Notes:

  1. I assume that latest stable (e.g. 19.03) ISO will be used for installation.
  2. Check services.xserver.videoDrivers in desktop.nix. If you not sure it's better to remove the line completely.
  3. Default network configuration is VPN-only, so if you don't have plans to use it you need to change iptables rules (remove iptables -P OUTPUT DROP from networking.nix) and remove services.openvpn.servers.vpn from networking.nix.
  4. GUI settings is optimized for 3840x2160 on 15".

Installation

parted /dev/vda mklabel gpt
parted /dev/vda mkpart EFI fat32 0% 512M
parted /dev/vda set 1 esp on
parted /dev/vda mkpart NIX ext4 512M 100%

cryptsetup luksFormat /dev/vda2
cryptsetup open /dev/vda2 nix

mkfs.vfat -F32 /dev/vda1
mkfs.ext4 /dev/mapper/nix

mount /dev/mapper/nix /mnt/
mkdir /mnt/boot
mount /dev/vda1 /mnt/boot

nix-env -iA nixos.gitMinimal
git clone https://code.dumpstack.io/infra/localhost.git /mnt/etc/nixos/

cd /mnt/etc/nixos

cp wireless-networks.nix.example wireless-networks.nix
nano wireless-networks.nix

cp secrets.nix.example secrets.nix
nano secrets.nix

nix-channel --add https://nixos.org/channels/nixos-unstable unstable
nix-channel --update

nixos-generate-config --root /mnt

nixos-install
reboot

After install

Initial user password for is user.

sudo nix-channel --add https://nixos.org/channels/nixos-unstable unstable