From b2bd12c7c0039c33b81e1e88b825e1606ee899e2 Mon Sep 17 00:00:00 2001 From: Martin Fischer Date: Fri, 29 Nov 2024 07:38:10 +0100 Subject: refactor: enable host-specific configuration --- nixos/README.md | 9 ++-- nixos/configuration.nix | 74 --------------------------------- nixos/hamac-configuration.nix | 75 ++++++++++++++++++++++++++++++++++ nixos/hamac-hardware-configuration.nix | 40 ++++++++++++++++++ nixos/hardware-configuration.nix | 40 ------------------ nixos/nixpkgs/path.nix | 2 - nixos/rebuild | 28 +++++++++++-- 7 files changed, 145 insertions(+), 123 deletions(-) delete mode 100644 nixos/configuration.nix create mode 100644 nixos/hamac-configuration.nix create mode 100644 nixos/hamac-hardware-configuration.nix delete mode 100644 nixos/hardware-configuration.nix delete mode 100644 nixos/nixpkgs/path.nix (limited to 'nixos') diff --git a/nixos/README.md b/nixos/README.md index 6c4bcb1..1a9c50e 100644 --- a/nixos/README.md +++ b/nixos/README.md @@ -31,10 +31,13 @@ We're assuming that you just installed NixOS by going through the [official inst ``` nixos-generate-config --dir . ``` -3. Pin Nixpkgs to the [latest stable version](https://nixos.org/manual/nixos/stable/release-notes) using npins: +3. Rename the files to `$host-configuration.nix` and `$host-hardware-configuration.nix` where `$host` is the configured hostname. + Add `# channel="..."` to the start of the `$host-configuration.nix` file where `...` is the key of a channel pinned in `npins/sources.json`. + A new channel can be pinned with: + ``` nix-shell -p npins --run \ - 'npins init --bare && npins add --name nixos channel nixos-23.11' + 'npins add --name nixos channel nixos-23.11' ``` 4. Remove all stateful channels: ``` @@ -42,7 +45,7 @@ We're assuming that you just installed NixOS by going through the [official inst ``` 5. Rebuild: ``` - sudo ./rebuild switch + sudo HOSTNAME=$host ./rebuild switch ``` 6. Log out and back in again. diff --git a/nixos/configuration.nix b/nixos/configuration.nix deleted file mode 100644 index 7d785ab..0000000 --- a/nixos/configuration.nix +++ /dev/null @@ -1,74 +0,0 @@ -# See the configuration.nix(5) man page and the NixOS manual (accessible by running `nixos-help`). - -{ config, pkgs, ... }: - -{ - imports = [ - ./hardware-configuration.nix - ./sanix.nix - ]; - - # Bootloader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - networking.hostName = "nixos"; # Define your hostname. - - networking.networkmanager.enable = true; - - time.timeZone = "Europe/Vienna"; - - i18n.defaultLocale = "en_US.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "en_US.UTF-8"; - LC_IDENTIFICATION = "en_US.UTF-8"; - LC_MEASUREMENT = "en_US.UTF-8"; - LC_MONETARY = "en_US.UTF-8"; - LC_NAME = "en_US.UTF-8"; - LC_NUMERIC = "en_US.UTF-8"; - LC_PAPER = "en_US.UTF-8"; - LC_TELEPHONE = "en_US.UTF-8"; - LC_TIME = "en_US.UTF-8"; - }; - - users.users.martin = { - isNormalUser = true; - description = "Martin"; - extraGroups = [ "networkmanager" "wheel" ]; - packages = with pkgs; []; - }; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "24.05"; # Did you read the comment? - -} diff --git a/nixos/hamac-configuration.nix b/nixos/hamac-configuration.nix new file mode 100644 index 0000000..306260d --- /dev/null +++ b/nixos/hamac-configuration.nix @@ -0,0 +1,75 @@ +# channel="nixos" +# See the configuration.nix(5) man page and the NixOS manual (accessible by running `nixos-help`). + +{ config, pkgs, ... }: + +{ + imports = [ + ./hamac-hardware-configuration.nix + ./sanix.nix + ]; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "hamac"; + + networking.networkmanager.enable = true; + + time.timeZone = "Europe/Vienna"; + + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; + + users.users.martin = { + isNormalUser = true; + description = "Martin"; + extraGroups = [ "networkmanager" "wheel" ]; + packages = with pkgs; []; + }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + # services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "24.05"; # Did you read the comment? + +} diff --git a/nixos/hamac-hardware-configuration.nix b/nixos/hamac-hardware-configuration.nix new file mode 100644 index 0000000..54b9d60 --- /dev/null +++ b/nixos/hamac-hardware-configuration.nix @@ -0,0 +1,40 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/7b33d046-ffd6-4baf-8bd8-a88e3c04d538"; + fsType = "ext4"; + }; + + boot.initrd.luks.devices."luks-cf2639e7-1f9c-4c2d-989a-ef2d9950f751".device = "/dev/disk/by-uuid/cf2639e7-1f9c-4c2d-989a-ef2d9950f751"; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/3FA1-5306"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/hardware-configuration.nix b/nixos/hardware-configuration.nix deleted file mode 100644 index 54b9d60..0000000 --- a/nixos/hardware-configuration.nix +++ /dev/null @@ -1,40 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/7b33d046-ffd6-4baf-8bd8-a88e3c04d538"; - fsType = "ext4"; - }; - - boot.initrd.luks.devices."luks-cf2639e7-1f9c-4c2d-989a-ef2d9950f751".device = "/dev/disk/by-uuid/cf2639e7-1f9c-4c2d-989a-ef2d9950f751"; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/3FA1-5306"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/nixos/nixpkgs/path.nix b/nixos/nixpkgs/path.nix deleted file mode 100644 index 7ae177e..0000000 --- a/nixos/nixpkgs/path.nix +++ /dev/null @@ -1,2 +0,0 @@ -# The Nixpkgs path to use -(import ../npins).nixos.outPath diff --git a/nixos/rebuild b/nixos/rebuild index 98101c1..3cb086e 100755 --- a/nixos/rebuild +++ b/nixos/rebuild @@ -1,10 +1,30 @@ #!/usr/bin/env bash set -euo pipefail -# nix-instantiate --eval has no raw mode yet -nixpkgsPath=$(nix-instantiate --eval --read-write-mode nixpkgs/path.nix | tr -d \") -# Get the ./configuration.nix relative to this script -configPath=$(realpath -- "$(dirname -- "${BASH_SOURCE[0]}")/configuration.nix") +# Enable all future paths in this script to be relative to the directory containing the script. +cd "$(dirname -- "${BASH_SOURCE[0]}")" + +configPath=$(realpath -- "$HOSTNAME-configuration.nix") + +if [ ! -f $configPath ]; then + echo "aborting: $configPath doesn't exist" + exit 1 +fi + +firstLine=$(head -n1 "$configPath") + +if ! echo "$firstLine" | grep -E ^"# channel *=" > /dev/null; then + echo "aborting: $configPath doesn't start with \`# channel=\"...\"\`, where ... is a pin from sources.json" + exit 1 +fi + +nix-eval() { + nix-instantiate --eval --read-write-mode "$@" \ + | tr -d \" # nix-instantiate has no raw output yet (like the experimental nix eval) +} + +channel=$(nix-eval --argstr line "$(echo $firstLine | tr -d \#)" --expr '{line}: (builtins.fromTOML line).channel') +nixpkgsPath=$(nix-eval --argstr channel "$channel" --expr '{channel}: (import ./npins).${channel}.outPath') # nixos-rebuild always reads Nixpkgs from the NIX_PATH, # so we need to set it explicitly to our pinned version -- cgit v1.2.3