Reproducible localhost based on NixOS

Go to file

Mikhail Klementev b48edef789 Set users default password		2019-07-21 14:22:27 +00:00
etc	Move x* to xsession	2019-07-20 10:33:02 +00:00
.gitignore	Initial	2019-05-31 00:08:17 +00:00
configuration.nix	Set users default password	2019-07-21 14:22:27 +00:00
desktop.nix	Move keyboard settings to home-manager	2019-07-18 21:24:55 +00:00
docker.nix	Sync packages	2019-07-12 17:06:25 +00:00
hacks.nix	Implements docker-based fhs env wrapper	2019-07-05 19:49:51 +00:00
home-manager.nix	Move x* to xsession	2019-07-20 10:33:02 +00:00
LICENSE	Initial	2019-05-31 00:08:17 +00:00
networking.nix	Whitelist port 2443 for captive portals	2019-06-01 18:46:06 +00:00
packages.nix	Remove telegram-desktop	2019-07-19 20:39:05 +00:00
README.md	Set users default password	2019-07-21 14:22:27 +00:00
secrets.nix.example	Add secrets example	2019-06-21 19:14:17 +00:00
security.nix	Mount /nix inside docker	2019-07-17 17:30:19 +00:00
suspend.nix	Initial	2019-05-31 00:08:17 +00:00
wireless-networks.nix.example	Add wireless networks sample	2019-06-21 19:16:58 +00:00

README.md

Fully reproducible localhost

Installation

parted...
cryptsetup...
mount...

nix-env -iA nixos.gitMinimal
git clone https://code.dumpstack.io/infra/localhost.git /mnt/etc/nixos/

cp wireless-networks.nix.example wireless-networks.nix
nano wireless-networks.nix

cp secrets.nix.example secrets.nix
nano secrets.nix

nix-channel --add https://nixos.org/channels/nixos-unstable unstable
nix-channel --update

nixos-generate-config --root /mnt

nixos-install
reboot

After install

Initial password for root is root, and for user is user.

Default network configuration is VPN-only, so if you don't have plans to use it you need to change iptables rules (remove iptables -P OUTPUT DROP from networking.nix) and remove services.openvpn.servers.vpn from networking.nix.