NixOS for the Impatient

NixOS is a Linux distribution configured utilizing Nix. It’s
declarative, that means that the complete system state may be outlined in a single
.nix
file; and reproducible, that means you’ll be able to have a number of computer systems arrange
identically.
If this appears like a bullshit timesink like Arch or Gentoo: it’s not. There was
a time when the thought of spending a day typing cryptsetup incantations
right into a terminal would have been interesting. That point is previous. I don’t use
distros that lack a graphical installer (working fdisk
is frankly beneath my
dignity) or that require in depth upkeep. I’m not constructing my very own kernel
with some bespoke set of paranoid CFLAGS
. I simply need one thing that works.
NixOS works. It truly works nice.
This publish is about how I arrange NixOS. I don’t know Nix finest practices and
haven’t the time to be taught, what I do know is my setup works and is simple to
perceive, and that’s ok at current.
Head over to downloads and choose a graphical ISO picture.
Set up
The installer is predicated on Calamares and may be very consumer pleasant. I need to
spotlight two options specifically.
Firstly, a minor factor, timezones are separated from locales. I take advantage of
en_US.UTF-8
all over the place, however plenty of installers provide you with some obscure locale
in case your timezone is exterior the US. Right here they’re appropriately
separated:
Secondly, one thing extra necessary: full disk encryption is totally
supported out of the field. That is essential: full disk encryption must be the
default. Some distros like Ubuntu and Debian additionally help it within the installer,
whereas others deal with this as some unique edge case, and there could be some
incomplete wiki web page that lists the handfuls of instructions you need to run to arrange
LUKS manually.
For my setup I selected to wipe the entire disk (I dual-boot, however have every OS in a
separate disk, which actually is the one tractable strategy to do it), and selected swap
plus hibernation so I can droop the pc. One other plus right here is the complete
disk encryption setup, by default, offers you infinite retries in case you misspell
the password. I’ve a protracted disk encryption password so this can be a lifesaver:
with Ubuntu and Debian it was locked at three retries, and I’d repeatedly fail
that many occasions and have to carry down the facility button to attempt once more, which feels
like smothering the poor laptop computer.
Different minor issues: I selected “enable unfree software program” and the Pantheon
desktop because it’s like a nicer model of previous GNOME 2.
Troubleshooting Notice: while you get to the “Partitions” web page, be sure the
label on the upper-right hand nook reads “GPT” and never “MBR”. Putting in on an
MBR system offers you a severely degraded setup. Fixing that is only a matter of
opening up GParted (which comes with the installer) and altering the
partition desk for the disk, assuming the disk is empty.
Put up-Set up
A journey of a thousand lightyears begins with a easy step. Let’s take a small
step: altering the hostname.
By default, NixOS’s configuration lives in /and so forth/nixos
. Finally we are going to transfer
this to a extra handy place. There are two recordsdata right here: configuration.nix
is the primary factor we’ll use, and hardware-configuration.nix
is generated for
you by the installer.
First, open up the primary configuration file:
$ sudo nano /and so forth/nixos/configuration.nix
Navigate to networking.hostName
. The default worth is "nixos"
. Change it to
one thing you want:
networking.hostName = "sextant"
Apply the configuration with:
$ sudo nixos-rebuild change
Now, attempting to start out a brand new terminal window after altering hostnames would possibly error,
so you need to log off and log again in to look at your new hostname. For many
adjustments, nevertheless, they take impact instantly. How a lot you need to do relies upon
on how a lot you’ve modified: in case you’ve up to date your .bashrc
you’ll should open
a brand new terminal, in case you’ve up to date your window supervisor config you’ll should
reboot the window supervisor, and so forth.
That is the essential sample to configuring Nix: you make a change to your config
file, run one command, and the system is up to date.
Putting in Packages
There’s two methods to put in packages: system-wide and consumer particular. Open the
configuration.nix
file once more. System-wide packages go in environmentSystemPackages
:
atmosphere.systemPackages = with pkgs; [
firefox
];
Person-specific packages go in customers.customers.$USER.packages
:
customers.customers.eudoxia.packages = with pkgs; [
emacs
];
Dotfiles
To handle our dotfiles we’d like a Nix plugin referred to as Home Manager. Go to
/and so forth/nixos
, create a file house.nix
, and write this in:
{ config, pkgs, ... }:
let
home-manager = builtins.fetchTarball {
url = "https://github.com/nix-community/home-manager/archive/release-22.11.tar.gz";
sha256 = "1cp2rpprcfl4mjsrsrpfg6278nf05a0mpl3m0snksvdalfmc5si5";
};
in
{
imports = [
(import "${home-manager}/nixos")
];
home-manager.customers.eudoxia = {
# This must be the identical worth as `system.stateVersion` in
# your `configuration.nix` file.
house.stateVersion = "22.11";
};
}
Now open configuration.nix
and add house.nix
to the imports:
imports = [
./hardware-configuration.nix
./home.nix
];
This configuration does nothing however make Dwelling Supervisor obtainable. Now, the
easiest doable subsequent step: create a .foorc
dotfile within the house listing,
with some contents. Open house.nix
and underneath stateVersion
add this:
home-manager.customers.eudoxia = {
# This must be the identical worth as `system.stateVersion` in
# your `configuration.nix` file.
house.stateVersion = "22.11";
house.file = {
".foorc" = {
textual content = ''
Howdy, world!
'';
};
};
};
Working sudo nixos-rebuild change
you can find a write-protected .foorc
file in your house listing.
Upgrading
Added on 2023-06-03.
Lately, 23.05 was launched. To improve, I first up to date my model of Dwelling Supervisor:
let
home-manager = builtins.fetchTarball {
- url = "https://github.com/nix-community/home-manager/archive/release-22.11.tar.gz";
- sha256 = "1cp2rpprcfl4mjsrsrpfg6278nf05a0mpl3m0snksvdalfmc5si5";
+ url = "https://github.com/nix-community/home-manager/archive/release-23.05.tar.gz";
+ sha256 = "1ixy1bi21nq0dlfzpn72k1gjdm8aq7h84wvl1ysff7lmqc4gi1jf";
};
Then I ran:
$ sudo nix-channel --add https://nixos.org/channels/nixos-23.05 nixos
$ sudo nixos-rebuild boot -I nixos-config=path-to-my-config.nix --upgrade
I needed to take away just a few recordsdata that had been bothering Dwelling Supervisor, however the error
messages identified precisely what to do.
The above directions are sufficient to get going. This part describes tips on how to
make the setup a bit extra tractable. Particularly, we’re gonna transfer the
configuration to a git repo and transfer the dotfiles to recordsdata exterior the .nix
configuration so that they’re not embedded strings.
Step one is to make a folder for the dotfiles:
$ mkdir dotfiles
$ cd dotfiles
$ git init
Then, copy your current configuration:
$ cp /and so forth/nixos/configuration.nix configuration.nix
$ cp /and so forth/nixos/house.nix house.nix
$ cp /and so forth/nixos/hardware-configuration.nix hardware-configuration.nix
$ git add .
For simplicity, add a script that permits you to rapidly reapply the configuration
with out having to recollect any Nix-specific instructions. I name mine recrank.sh
:
#!/usr/bin/env bash
sudo nixos-rebuild change -I nixos-config=configuration.nix
The -I
flag tells nixos-rebuild
to make use of the native configuration relatively than
the one in /and so forth/nixos
.
Then make a folder on your house listing’s dotfiles:
And replica something you would possibly want: .bashrc
, git
configuration, X11 sources,
and so forth.
Then modify your house.nix
to load the dotfiles from the sources/
listing. For instance:
house.file = {
".bashrc".supply = ./sources/bashrc.sh";
".emacs.d/init.el".supply = ./sources/init.el;
".config/git/config".supply = ./sources/gitconfig.txt;
".Xresources".supply = ./sources/xresources.txt;
};
Then run the recrank script, and also you’ll discover your dotfiles of their goal
areas. If you wish to copy an entire listing of recordsdata without delay, you are able to do
one thing like this:
".native/bin" = {
supply = ./sources/scripts;
recursive = true;
};
This may create a ~/.native/bin
listing and duplicate the contents of
sources/scripts/
there.
For an instance setup, see my dotfiles repo. This setup is shared throughout my
desktop and laptop computer, utilizing similar configuration besides every one has a
completely different hostname and {hardware} configuration. I take advantage of Syncthing
which robotically syncs my private recordsdata when each computer systems are on on the
similar time.
My dotfiles repo is ten years previous. Over time I’ve tried completely different
schemes for managing them. What I settled on for the longest chunk of time was a
bash script to put in software program after which copy some supply dotfiles to their
locations. This works properly sufficient, however for 2 drawbacks:
- Typically I’d set up one thing by hand and neglect so as to add it to the bootstrap
script. - Analogously, I’d make a change to a dotfile in its goal location, out of
expedience, and neglect to use the change to the corresponding file within the
dotfiles repo.
And so the dwell configuration and my dotfiles would slowly drift over time. When
I ran the bootstrap script, I had no thought whether or not it will overwrite some key
a part of my config I’d forgotten to repeat over to the repo.
I attempted GNU Stow, a “symlink farm” supervisor, to symlink relatively than copy
my dotfiles. So adjustments made to the dwell dotfiles robotically replace the
repo. However symlinks are brittle: shifting the dotfiles listing broke every thing.
Nix solves each issues:
- I can’t set up packages by hand, I can solely add them to the Nix
configuration. - The dotfiles that
home-manager
creates are write-protected, so I can’t
change them straight, relatively, I’ve to vary them within the dotfiles repo and
run the script to use the adjustments.
Up to now, there’d all the time been one thing I wasn’t completely completely happy about with my
setup. For the primary time, I’m completely glad with my system
configuration. Utilizing NixOS has been completely pleasurable.