Dateien nach "wlin003_GamingPC" hochladen

2024-12-25 22:31:50 +01:00 · 2024-12-25 22:31:50 +01:00 · e9c1fd1a37
parent 0a4c50dd28
commit e9c1fd1a37
2 changed files with 325 additions and 0 deletions
--- a/wlin003_GamingPC/NixOS_Install.sh
+++ b/wlin003_GamingPC/NixOS_Install.sh
@ -0,0 +1,76 @@
+#!/usr/bin/env bash
+#
+################################################################################
+#
+#
+# post-installation script for NixOS unstable
+# 
+# 
+#
+################################################################################
+#
+while :
+do
+clear
+echo ""
+echo "\033[1m I N S T A L L NixOS"
+echo " --------------------------"
+echo "\033[0m"
+echo " 01.Copy over configs"
+echo " 02.Rebuld System"
+echo " 03.Update System"
+echo " 04.Cleanup System"
+echo " 05.Install "
+echo ""
+echo " x. Exit"
+echo ""
+echo -n " Please enter option [01 - 07]"
+read opt
+case $opt in
+##################################################################################
+01) echo "************ Copy over configs **********************";
+##################################################################################
+sudo cp /etc/nixos /etc/bak.nixos
+
+sudo cp -vf *.nix /etc/nixos/
+
+sudo cp -vrf home /etc/nixos/
+sudo cp -vrf packages /etc/nixos/
+sudo cp -vrf script /etc/nixos/
+sudo cp -vrf secrets /etc/nixos/
+sudo cp -vrf system /etc/nixos/
+sudo chown -R root:root /etc/nixos/
+;;
+
+##################################################################################
+02) echo "************ Rebuld System ****************";
+##################################################################################
+sudo nixos-rebuild switsh
+;;
+
+##################################################################################
+03) echo "************ Update System *****************";
+##################################################################################
+sudo nixos-rebuild switsh --upgrade
+;;
+
+##################################################################################
+04) echo "************ Cleanup System ******************";
+##################################################################################
+nix-collect-garbage -d && sudo nix-collect-garbage -d
+;;
+
+##################################################################################
+05) echo "************ Install **************************";
+##################################################################################
+#sudo nix-channel --add https://nixos.org/channels/nixos-unstable nixos
+#sudo nixos-rebuild switch --upgrade
+;;
+
+x) echo "";
+exit 1;;
+*) echo " Press [enter] key to continue. . .";
+read enterKey;;
+esac
+done
+
--- a/wlin003_GamingPC/configuration.nix
+++ b/wlin003_GamingPC/configuration.nix
@ -0,0 +1,249 @@
+{ config, pkgs, ... }:
+
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./system
+    ./packages
+  ];
+
+  # Bootloader
+  boot = {
+    loader.systemd-boot.enable = true;
+    loader.efi.canTouchEfiVariables = true;
+    #loader.systemd-boot.consoleMode = "2";
+    loader.systemd-boot.editor = false;
+    loader.systemd-boot.memtest86.enable = true;
+
+    consoleLogLevel = 3;         # silence ACPI "errors" (default is 4)
+    plymouth.enable = true;
+    tmp.useTmpfs = true;
+    tmp.tmpfsSize = "50%";       # set to auto to dynamically grow 
+    tmp.cleanOnBoot = true;
+
+    kernelPackages = pkgs.linuxPackages_latest;
+    #kernelPackages = pkgs.linuxKernel.kernels.linux_xanmod;
+    initrd.network.openvpn.enable = true;
+  };
+
+  # Enable Kernel same-page merging
+  hardware.ksm.enable = true;
+
+  # Enable networking
+  networking ={
+    networkmanager.enable = true;
+    networkmanager.plugins = with pkgs; [ networkmanager-openvpn ];
+    usePredictableInterfaceNames = false;
+    hostName = "wlin001-nixos";
+  };
+
+  #programs.nm-applet.enable = true;
+
+  #users.extraGroups.networkmanager.members = [ "root" "zulumann" ];
+
+  # Set your time zone
+  time.timeZone = "Europe/Berlin";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "de_DE.UTF-8";
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "de_DE.UTF-8";
+    LC_IDENTIFICATION = "de_DE.UTF-8";
+    LC_MEASUREMENT = "de_DE.UTF-8";
+    LC_MONETARY = "de_DE.UTF-8";
+    LC_NAME = "de_DE.UTF-8";
+    LC_NUMERIC = "de_DE.UTF-8";
+    LC_PAPER = "de_DE.UTF-8";
+    LC_TELEPHONE = "de_DE.UTF-8";
+    LC_TIME = "de_DE.UTF-8";
+  };
+
+  # Configure console keymap
+  console.keyMap = "de";
+
+  # Define a user account. Dont forget to set a password with passwd.
+  users.users.zulumann = {
+    isNormalUser = true;
+    description = "Henrik Lutzmann";
+    extraGroups = [ "networkmanager" "wheel" "audio" "video" ];
+    openssh.authorizedKeys.keyFiles = [ /etc/nixos/secrets/authorized_keys ];
+    packages = with pkgs;  [ ];
+  };
+
+  # Enable Firmware
+  hardware = {
+    #enableAllFirmware = true;
+    enableRedistributableFirmware = true;
+    cpu.amd.updateMicrocode = true;
+    #cpu.intel.updateMicrocode = true;
+  };
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  programs.mtr.enable = true;
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+
+  # Enable ZramSwap
+  zramSwap = {
+    enable = true;
+    priority = 100; 
+    memoryPercent = 25;
+    algorithm = "zstd";
+  };
+
+  # Automatic Upgrades
+  system.autoUpgrade = {
+    enable = false;
+    allowReboot = false;
+    channel = "https://channels.nixos.org/nixos-24.11";
+  };
+
+  # NixOS Settings
+  documentation.nixos.enable = true;
+  nix = {
+    gc.automatic = true;
+    gc.options = "--delete-older-than 7d";
+    optimise.automatic = true;
+    optimise.dates = [ "weekly" ];
+    settings.auto-optimise-store = true;
+    settings.cores = 4;		# maximum number of concurrent tasks during one build
+    settings.max-jobs = 4;	# maximum number of jobs that Nix will try to build in parallel
+    settings.sandbox = true;	# perform builds in a sandboxed environment
+  };
+
+  # Copy the NixOS configuration file and link it from the resulting system
+  # (/run/current-system/configuration.nix). This is useful in case you
+  # accidentally delete configuration.nix.
+  system.copySystemConfiguration = true;
+
+  # Filesystems
+  fileSystems."/run" = {
+    device = "tmpfs";
+    fsType = "tmpfs";  
+    options = [ "size=6G" ]; # Adjust based on your preferences and needs
+  };
+
+  # Fixed : better to use Dynamic 
+  fileSystems."/tmp" = {
+    device = "tmpfs";
+    fsType = "tmpfs";
+    options = [ "size=7G" ];  # Adjust based on your preferences and needs
+  };
+
+  # No access time and continuous TRIM for SSD
+  fileSystems."/".options = [ "noatime" "discard" ];
+  fileSystems."/home".options = [ "noatime" "discard" ];
+
+  fileSystems."/run/media/zulumann/HDD1.5TB" = {
+    device = "/dev/disk/by-uuid/58acb50a-9718-44fb-a7e6-199d7ef811d4";
+    fsType = "ext4";
+    options = [ "noatime" "nofail" "x-systemd.device-timeout=3" ];
+  };
+
+  fileSystems."/run/media/zulumann/HDD01" = {
+    device = "/dev/disk/by-uuid/31838396-c72f-4681-af5d-a2976459e28b";
+    fsType = "ext4";
+    options = [ "noatime" "nofail" "x-systemd.device-timeout=3" ];
+  };
+
+  fileSystems."/home/zulumann/VM-Image" = {
+    device = "/dev/disk/by-uuid/6a1bce14-88cb-4864-841e-2d384c8a853c";
+    fsType = "ext4";
+    options = [ "discard" "noatime" "nofail" "x-systemd.device-timeout=3" ];
+  };
+
+  # List services that you want to enable:
+  services = {
+    acpid.enable = true;
+    ananicy.enable = true;
+    #fwupd.enable = true;
+    gvfs.enable = true;
+    haveged.enable = true;
+    preload.enable = true;
+    udisks2.enable = true;
+    #tumbler.enable = true;
+  };
+
+  # Enable OpenSSH
+  services.openssh = {
+    enable = true;
+    openFirewall = true;
+    settings.PermitRootLogin = "no";
+    settings.PasswordAuthentication = false;
+  };
+
+  # Enable sound with pipewire
+  hardware.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    jack.enable = true;
+    #media-session.enable = true;
+  };
+
+  # Enable Avahi
+  services.avahi = {
+    enable = true;
+    openFirewall = true;
+    nssmdns4 = true;
+    publish = {
+      enable = true;
+      addresses = true;
+      domain = true;
+      hinfo = true;
+      userServices = true;
+      workstation = true;
+    };
+  };
+
+  # Enable tmux
+  programs.tmux.enable = true;
+
+  # Setup bash
+  programs.bash = {
+    completion.enable = true;
+    enableLsColors = true;
+    shellAliases = {
+      set-default-boot="sudo /run/current-system/bin/switch-to-configuration boot";
+      full-system-clean="nix-collect-garbage -d && sudo nix-collect-garbage -d";
+      full-system-upgrade="sudo nixos-rebuild switch --upgrade && flatpak update -y && nix-env -u '*'";
+      list-system-configurations="ls -l /nix/var/nix/profiles/system-*-link";
+      system-rebuild="sudo nixos-rebuild switch";
+      system-repair="sudo nixos-rebuild switch --repair";
+      full-system-repair="sudo nix-store --verify --check-contents --repair";
+      system-upgrade-information="sudo nixos-rebuild switch --upgrade dry-build";
+      local-upgrade="sudo nix-channel --update nixpkgs && nix-env -u '*'";
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    bash
+    bash-completion
+    bash-preexec
+    bashdb
+    bashSnippets
+    nix-bash-completions
+    tmux
+  ];
+
+  # Open ports in the firewall
+  # netstat -ntulp
+  networking.firewall = {
+   enable = false;
+   allowPing = true;
+   logRefusedConnections = true;
+   allowedTCPPorts = [ ];
+   allowedUDPPorts = [ ];
+   allowedTCPPortRanges = [ ];
+   allowedUDPPortRanges = [ ];
+  };
+
+  system.stateVersion = "24.11";
+
+}