diff --git a/wlin003_GamingPC/NixOS_Install.sh b/wlin003_GamingPC/NixOS_Install.sh new file mode 100644 index 0000000..7a3ac25 --- /dev/null +++ b/wlin003_GamingPC/NixOS_Install.sh @@ -0,0 +1,76 @@ +#!/usr/bin/env bash +# +################################################################################ +# +# +# post-installation script for NixOS unstable +# +# +# +################################################################################ +# +while : +do +clear +echo "" +echo "\033[1m I N S T A L L NixOS" +echo " --------------------------" +echo "\033[0m" +echo " 01.Copy over configs" +echo " 02.Rebuld System" +echo " 03.Update System" +echo " 04.Cleanup System" +echo " 05.Install " +echo "" +echo " x. Exit" +echo "" +echo -n " Please enter option [01 - 07]" +read opt +case $opt in +################################################################################## +01) echo "************ Copy over configs **********************"; +################################################################################## +sudo cp /etc/nixos /etc/bak.nixos + +sudo cp -vf *.nix /etc/nixos/ + +sudo cp -vrf home /etc/nixos/ +sudo cp -vrf packages /etc/nixos/ +sudo cp -vrf script /etc/nixos/ +sudo cp -vrf secrets /etc/nixos/ +sudo cp -vrf system /etc/nixos/ +sudo chown -R root:root /etc/nixos/ +;; + +################################################################################## +02) echo "************ Rebuld System ****************"; +################################################################################## +sudo nixos-rebuild switsh +;; + +################################################################################## +03) echo "************ Update System *****************"; +################################################################################## +sudo nixos-rebuild switsh --upgrade +;; + +################################################################################## +04) echo "************ Cleanup System ******************"; +################################################################################## +nix-collect-garbage -d && sudo nix-collect-garbage -d +;; + +################################################################################## +05) echo "************ Install **************************"; +################################################################################## +#sudo nix-channel --add https://nixos.org/channels/nixos-unstable nixos +#sudo nixos-rebuild switch --upgrade +;; + +x) echo ""; +exit 1;; +*) echo " Press [enter] key to continue. . ."; +read enterKey;; +esac +done + diff --git a/wlin003_GamingPC/configuration.nix b/wlin003_GamingPC/configuration.nix new file mode 100644 index 0000000..1fd6370 --- /dev/null +++ b/wlin003_GamingPC/configuration.nix @@ -0,0 +1,249 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ./system + ./packages + ]; + + # Bootloader + boot = { + loader.systemd-boot.enable = true; + loader.efi.canTouchEfiVariables = true; + #loader.systemd-boot.consoleMode = "2"; + loader.systemd-boot.editor = false; + loader.systemd-boot.memtest86.enable = true; + + consoleLogLevel = 3; # silence ACPI "errors" (default is 4) + plymouth.enable = true; + tmp.useTmpfs = true; + tmp.tmpfsSize = "50%"; # set to auto to dynamically grow + tmp.cleanOnBoot = true; + + kernelPackages = pkgs.linuxPackages_latest; + #kernelPackages = pkgs.linuxKernel.kernels.linux_xanmod; + initrd.network.openvpn.enable = true; + }; + + # Enable Kernel same-page merging + hardware.ksm.enable = true; + + # Enable networking + networking ={ + networkmanager.enable = true; + networkmanager.plugins = with pkgs; [ networkmanager-openvpn ]; + usePredictableInterfaceNames = false; + hostName = "wlin001-nixos"; + }; + + #programs.nm-applet.enable = true; + + #users.extraGroups.networkmanager.members = [ "root" "zulumann" ]; + + # Set your time zone + time.timeZone = "Europe/Berlin"; + + # Select internationalisation properties. + i18n.defaultLocale = "de_DE.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "de_DE.UTF-8"; + LC_IDENTIFICATION = "de_DE.UTF-8"; + LC_MEASUREMENT = "de_DE.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + LC_NAME = "de_DE.UTF-8"; + LC_NUMERIC = "de_DE.UTF-8"; + LC_PAPER = "de_DE.UTF-8"; + LC_TELEPHONE = "de_DE.UTF-8"; + LC_TIME = "de_DE.UTF-8"; + }; + + # Configure console keymap + console.keyMap = "de"; + + # Define a user account. Dont forget to set a password with passwd. + users.users.zulumann = { + isNormalUser = true; + description = "Henrik Lutzmann"; + extraGroups = [ "networkmanager" "wheel" "audio" "video" ]; + openssh.authorizedKeys.keyFiles = [ /etc/nixos/secrets/authorized_keys ]; + packages = with pkgs; [ ]; + }; + + # Enable Firmware + hardware = { + #enableAllFirmware = true; + enableRedistributableFirmware = true; + cpu.amd.updateMicrocode = true; + #cpu.intel.updateMicrocode = true; + }; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + programs.mtr.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + # Enable ZramSwap + zramSwap = { + enable = true; + priority = 100; + memoryPercent = 25; + algorithm = "zstd"; + }; + + # Automatic Upgrades + system.autoUpgrade = { + enable = false; + allowReboot = false; + channel = "https://channels.nixos.org/nixos-24.11"; + }; + + # NixOS Settings + documentation.nixos.enable = true; + nix = { + gc.automatic = true; + gc.options = "--delete-older-than 7d"; + optimise.automatic = true; + optimise.dates = [ "weekly" ]; + settings.auto-optimise-store = true; + settings.cores = 4; # maximum number of concurrent tasks during one build + settings.max-jobs = 4; # maximum number of jobs that Nix will try to build in parallel + settings.sandbox = true; # perform builds in a sandboxed environment + }; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + system.copySystemConfiguration = true; + + # Filesystems + fileSystems."/run" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = [ "size=6G" ]; # Adjust based on your preferences and needs + }; + + # Fixed : better to use Dynamic + fileSystems."/tmp" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = [ "size=7G" ]; # Adjust based on your preferences and needs + }; + + # No access time and continuous TRIM for SSD + fileSystems."/".options = [ "noatime" "discard" ]; + fileSystems."/home".options = [ "noatime" "discard" ]; + + fileSystems."/run/media/zulumann/HDD1.5TB" = { + device = "/dev/disk/by-uuid/58acb50a-9718-44fb-a7e6-199d7ef811d4"; + fsType = "ext4"; + options = [ "noatime" "nofail" "x-systemd.device-timeout=3" ]; + }; + + fileSystems."/run/media/zulumann/HDD01" = { + device = "/dev/disk/by-uuid/31838396-c72f-4681-af5d-a2976459e28b"; + fsType = "ext4"; + options = [ "noatime" "nofail" "x-systemd.device-timeout=3" ]; + }; + + fileSystems."/home/zulumann/VM-Image" = { + device = "/dev/disk/by-uuid/6a1bce14-88cb-4864-841e-2d384c8a853c"; + fsType = "ext4"; + options = [ "discard" "noatime" "nofail" "x-systemd.device-timeout=3" ]; + }; + + # List services that you want to enable: + services = { + acpid.enable = true; + ananicy.enable = true; + #fwupd.enable = true; + gvfs.enable = true; + haveged.enable = true; + preload.enable = true; + udisks2.enable = true; + #tumbler.enable = true; + }; + + # Enable OpenSSH + services.openssh = { + enable = true; + openFirewall = true; + settings.PermitRootLogin = "no"; + settings.PasswordAuthentication = false; + }; + + # Enable sound with pipewire + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + #media-session.enable = true; + }; + + # Enable Avahi + services.avahi = { + enable = true; + openFirewall = true; + nssmdns4 = true; + publish = { + enable = true; + addresses = true; + domain = true; + hinfo = true; + userServices = true; + workstation = true; + }; + }; + + # Enable tmux + programs.tmux.enable = true; + + # Setup bash + programs.bash = { + completion.enable = true; + enableLsColors = true; + shellAliases = { + set-default-boot="sudo /run/current-system/bin/switch-to-configuration boot"; + full-system-clean="nix-collect-garbage -d && sudo nix-collect-garbage -d"; + full-system-upgrade="sudo nixos-rebuild switch --upgrade && flatpak update -y && nix-env -u '*'"; + list-system-configurations="ls -l /nix/var/nix/profiles/system-*-link"; + system-rebuild="sudo nixos-rebuild switch"; + system-repair="sudo nixos-rebuild switch --repair"; + full-system-repair="sudo nix-store --verify --check-contents --repair"; + system-upgrade-information="sudo nixos-rebuild switch --upgrade dry-build"; + local-upgrade="sudo nix-channel --update nixpkgs && nix-env -u '*'"; + }; + }; + + environment.systemPackages = with pkgs; [ + bash + bash-completion + bash-preexec + bashdb + bashSnippets + nix-bash-completions + tmux + ]; + + # Open ports in the firewall + # netstat -ntulp + networking.firewall = { + enable = false; + allowPing = true; + logRefusedConnections = true; + allowedTCPPorts = [ ]; + allowedUDPPorts = [ ]; + allowedTCPPortRanges = [ ]; + allowedUDPPortRanges = [ ]; + }; + + system.stateVersion = "24.11"; + +}