Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.
Awesome Lists | Featured Topics | Projects
https://github.com/martinbaillie/dotfiles

🏠
https://github.com/martinbaillie/dotfiles
dotfiles emacs exwm macos nix nix-flake nixos openbsd
Last synced: about 20 hours ago
JSON representation
🏠
Host: GitHub
URL: https://github.com/martinbaillie/dotfiles
Owner: martinbaillie
Created: 2015-12-29T08:35:09.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2024-02-06T11:41:46.000Z (8 months ago)
Last Synced: 2024-09-22T20:02:45.958Z (5 days ago)
Topics: dotfiles, emacs, exwm, macos, nix, nix-flake, nixos, openbsd
Language: Nix
Homepage:
Size: 11.8 MB
Stars: 83
Watchers: 8
Forks: 6
Open Issues: 0
Metadata Files:
- Readme: README.org
Awesome Lists containing this project

README

        #+BEGIN_html



#+END_html

* :house_with_garden: [[https://builtwithnix.org][https://img.shields.io/badge/built_with-Nix-5277C3.svg?logo=nixos&labelColor=24292E]]  [[https://travis-ci.org/martinbaillie/dotfiles][https://img.shields.io/travis/martinbaillie/dotfiles/master.svg?label=NixOS&logo=travis&labelColor=24292E]]  [[https://github.com/martinbaillie/dotfiles/actions?query=workflow%3AmacOS][https://github.com/martinbaillie/dotfiles/workflows/macOS/badge.svg]] :TOC_2:noexport:

- [[#about][About]]

- [[#installation-notes][Installation Notes]]

  - [[#macos][macOS]]

  - [[#nixos][NixOS]]

- [[#references][References]]

* About

Welcome to the [[https://en.wiktionary.org/wiki/bikeshedding][bikeshed]]!

This repository houses all my [[machines][machine configurations]] expressed declaratively using a [[https://nixos.org/nix][Nix]] [[https://nixos.wiki/wiki/Flakes][flake]]. It covers both my personal and work devices that are running either NixOS or macOS.

The expressions are organised into platform-agnostic [[modules][modules]] that leverage the likes of the [[https://github.com/NixOS/nixpkgs][nixpkgs]], [[https://github.com/rycee/home-manager][home-manager]] and [[https://github.com/LnL7/nix-darwin][nix-darwin]] to fully configure the OS and userspace from scratch.

These days I am spending the majority of time in either Firefox or Emacs (+[[https://github.com/akermu/emacs-libvterm][vterm]]). On NixOS I am using [[https://github.com/ch11ng/exwm][EXWM]] and on macOS I am usually just running native fullscreen, ⌘↹ing between the two previously mentioned apps. Additionally, a simple [[modules/themes][theming]] system is used to switch various things between light and dark versions, and a [[options.nix#L22][secrets]] attribute set (kept encrypted in a private repository) is referenced throughout.

#+BEGIN_QUOTE

NOTE: Some twisted souls found value in all the ricing of the previous incarnation of this repository. I'll keep archived on this [[../../tree/archive][branch]] for reference.

#+END_QUOTE

CI (Travis for NixOS, GitHub Actions for macOS) runs on push. The jobs generate a special [[machines/ci/default.nix][CI machine]] that imports every module, and derives either a NixOS VM (via QEMU) or simply builds on a fresh Darwin agent VM (in the case of macOS). The resultant binaries are pushed to [[https://cachix.org/][Cachix]] and subsequently become available for any of my other machines, saving a lot of wasted battery!

The [[Makefile][Makefile]] (in conjunction with some helpful [[default.nix#L58][aliases]]) is used to drive most actions, abstracting away NixOS/macOS differences where necessary.

* Installation Notes

Below are some rough platform specific installation notes I use to go from fresh installs to fully configured machine.

** macOS

From a fresh macOS install.

**** Enable SSHd

#+BEGIN_SRC shell

sudo systemsetup -setremotelogin on

#+END_SRC

**** Install XCode

#+BEGIN_SRC shell

sudo xcodebuild -license

#+END_SRC

**** Change hostname to match target Nix machine

#+begin_src shell

sudo scutil --set HostName nixmachine

sudo scutil --set LocalHostName nixmachine

sudo scutil --set ComputerName nixmachine

dscacheutil -flushcache

#+end_src

**** Add a new =keys= group

For sops-nix.

1. System settings --> Users and Groups --> Add Account --> Group

2. Press (i) on =keys= and attach it to =mbaillie=

**** Install Homebrew for those macOS GUI apps unmanageable through Nix

#+BEGIN_SRC shell

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"

#+END_SRC

**** [APPLE SILICON] Install Rosetta2

#+begin_src shell

softwareupdate --install-rosetta

#+end_src

**** Install Nix (multi-user)

#+BEGIN_SRC shell

curl --proto '=https' --tlsv1.2 -sSf -L \

    https://install.determinate.systems/nix | \

    sh -s -- install

#+END_SRC

**** [OPTIONAL] Seed Nix store contents from an existing Darwin machine

#+BEGIN_SRC shell

nix copy --no-check-sigs --keep-going --to ssh-ng://$REMOTE ~/.nix-profile

#+END_SRC

**** Grab dotfiles using forwarded agent

#+BEGIN_SRC shell

sudo git clone --recursive [email protected]:martinbaillie/dotfiles.git /etc/dotfiles

sudo chown -R $USER: /etc/dotfiles

#+END_SRC

**** Set up Cachix one-off

#+BEGIN_SRC shell

nix-shell -p cachix

cachix use martinbaillie

#+END_SRC

**** Switch to Nix configuration based on hostname

#+BEGIN_SRC shell

make switch

#+END_SRC

**** Switch login shell to zsh

#+BEGIN_SRC shell

chsh -s /run/current-system/sw/bin/zsh $USER

#+END_SRC

**** Configure Emacs

#+BEGIN_SRC shell

make config-emacs

#+END_SRC

**** Configure Casks

Set Flux, Karabiner, Spectacle, Cursorcerer to start at boot, install kernel

extensions and so on.

**** Bump Kernel / User Limits

** NixOS

**** Media

[[https://nixos.org/nixos/download.html][Download]] and verify latest NixOS minimal ISO:

#+NAME: nixos-ver

#+BEGIN_SRC emacs-lisp :cache yes

"21.05"

#+END_SRC

#+RESULTS[8f7a4f3511d5d6152ec17fdf52addc1eecd1a880]: nixos-ver

: 21.05

#+NAME: nixos-rel

#+BEGIN_SRC emacs-lisp :cache yes :var nixos-ver=nixos-ver

(format "%s.2796.110a2c9ebbf" nixos-ver)

#+END_SRC

#+RESULTS[d02522c67a569b479981b108c6d2236d90a80aec]: nixos-rel

: 21.05.2796.110a2c9ebbf

#+NAME: nixos-url

#+BEGIN_SRC emacs-lisp :cache yes :var nixos-ver=nixos-ver

(format "https://releases.nixos.org/nixos/%s" nixos-ver)

#+END_SRC

#+RESULTS[6ea8b95b40577283983b31f1862093ba872ded97]: nixos-url

: https://releases.nixos.org/nixos/21.05

#+BEGIN_SRC shell :exports code :var NIXOS_REL=nixos-rel NIXOS_URL=nixos-url

curl -O ${NIXOS_URL}/nixos-${NIXOS_REL}/nixos-minimal-${NIXOS_REL}-x86_64-linux.iso

curl -O ${NIXOS_URL}/nixos-${NIXOS_REL}/nixos-minimal-${NIXOS_REL}-x86_64-linux.iso.sha256

sha256sum -c nixos-minimal-${NIXOS_REL}-x86_64-linux.iso.sha256

#+END_SRC

Create a bootable NixOS USB (macOS example):

#+BEGIN_SRC shell :exports code :var NIXOS_REL=nixos-rel NIXOS_URL=nixos-url

diskutil list # Find USB

diskutil unmountDisk /dev/disk2

dd if=nixos-minimal-${NIXOS_REL}-x86_64-linux.iso of=/dev/rdisk2 bs=4m

diskutil unmountDisk /dev/disk2

#+END_SRC

Create a bootable NixOS USB (NixOS example):

#+BEGIN_SRC shell :exports code :var NIXOS_REL=nixos-rel NIXOS_URL=nixos-url

lsblk -i # Locate the device.

cp nixos-minimal-${NIXOS_REL}-x86_64-linux.iso /dev/sdX # Target whole disk.

#+END_SRC

**** BIOS Tweaks (ThinkPad)

- [X] Disable Secure Boot

- [X] Enable CSM Support

**** Boot

Setup networking:

#+BEGIN_SRC shell

sudo su

wpa_supplicant -B -i interface -c <(wpa_passphrase 'SSID' 'key')

ip addr

#+END_SRC

Conduct rest of install from other laptop for convenience (+SSH agent forwarding):

#+BEGIN_SRC shell

ssh -A root@

#+END_SRC

**** Partition

Create a =500M= boot partition:

#+BEGIN_SRC shell

gdisk /dev/nvme0n1

#  o (create new empty partition table)

#  n (add partition, 500M, type ef00 EFI)

#  n (add partition, remaining space, type 8301 Linux Reserved - in the absence of a LUKS code)

#  w (write partition table and exit)

#+END_SRC

Setup the encrypted LUKS partition and open it:

#+BEGIN_SRC shell

cryptsetup luksFormat /dev/nvme0n1p2

cryptsetup luksOpen /dev/nvme0n1p2 enc-pv

#+END_SRC

Create two logical volumes (swap and root):

#+BEGIN_SRC shell

pvcreate /dev/mapper/enc-pv

vgcreate vg /dev/mapper/enc-pv

lvcreate -L 8G -n swap vg

lvcreate -l '100%FREE' -n root vg

#+END_SRC

Format the partitions:

#+BEGIN_SRC shell

mkfs.fat -F 32 /dev/nvme0n1p1

mkfs.ext4 -L root /dev/vg/root

mkswap -L swap /dev/vg/swap

#+END_SRC

**** Install

Mount the partitions just created under /mnt:

#+BEGIN_SRC shell

mount /dev/vg/root /mnt

mkdir /mnt/boot

mount /dev/nvme0n1p1 /mnt/boot

swapon /dev/vg/swap

#+END_SRC

Install:

#+BEGIN_SRC shell

useradd -m -G wheel martin

sudo su - martin

nix-shell -p git --run \

    git clone --recursive [email protected]:martinbaillie/dotfiles.git \

    /mnt/etc/dotfiles

nix-shell -p nixUnstable -p git

sudo -E nixos-install --option pure-eval no --flake .\#$HOSTNAME

# make -C /mnt/etc/dotfiles install

#+END_SRC

**** Iterative Troubleshooting

If system doesn't boot:

#+BEGIN_SRC shell

cryptsetup luksOpen /dev/nvme0n1p2 enc-pv

lvchange -a y /dev/vg/swap

lvchange -a y /dev/vg/root

mount /dev/vg/root /mnt

mount /dev/nvme0n1p1 /mnt/boot

swapon /dev/vg/swap

wpa_supplicant -B -i interface -c <(wpa_passphrase 'SSID' 'key')

nixos-enter

#+END_SRC

Try again.

**** Import GPG key

#+BEGIN_SRC shell

gpg --import ~/.gnupg/gpg.asc

#+END_SRC

**** Configure Emacs

#+BEGIN_SRC shell

make config-emacs

#+END_SRC

* References

- [[https://github.com/hlissner][@hlissner]]

- [[https://github.com/jwiegley][@jwiegley]]

- [[https://github.com/cmacrae][@cmacrae]]