1
0
Fork 0

General: update NOS; Users: switch to Starship shell prompt

This commit is contained in:
Aires 2024-10-15 10:22:53 -04:00
parent d1796eedb3
commit b5a01ad121
7 changed files with 54 additions and 1851 deletions

View file

@ -11,32 +11,33 @@ A full set of configuration files managed via NixOS. This project is an **unoffi
Secrets are managed using [git-crypt](https://github.com/AGWA/git-crypt). To unlock the repo, use `git-crypt unlock [path to key file]`. git-crypt will transparently encrypt/decrypt files stored in `modules/secrets` going forward, but you'll need this key file on all hosts that are using secrets.
Note: This is a poor man's secret management solution. These secrets will be world-readable in the `/nix/store/`.
> [!NOTE]
> This is a poor man's secret management solution. If you use this, your secrets will be world-readable in the `/nix/store/`.
### First-time installation
When installing on a brand new system, partition the main drive into two partitions: a `/boot` partition, and a LUKS partition. Then, run `bin/format-drives.sh --root [root partition] --luks [luks partition]`. This also creates a `hardware-configuration.nix` file.
When installing on a brand new system, partition the main drive into two partitions: a `/boot` partition, and a LUKS partition. Then, run `bin/format-drives.sh --root [root partition] --luks [luks partition]` (the script will request sudo privileges):
```sh
./bin/format-drives.sh --boot /dev/nvme0n1p1 --luks /dev/nvme0n1p2
```
Next, set up the host's config under in the `hosts` folder by copying `configuration.nix.template` and `hardware-configuration.nix.template` into a new folder.
Next, set up the host's config under in the `hosts` folder by copying `configuration.nix.template` and `hardware-configuration.nix.template` into a new folder. Running `format-drives.sh` also generates a `hardware-configuration.nix` file you can use.
Then, add the host to `flake.nix` under the `nixosConfigurations` section.
Finally, run the NixOS installer, replacing `host` with your actual hostname:
```sh
nixos-install --verbose --root /mnt --flake .#host --no-root-password
sudo nixos-install --verbose --root /mnt --flake .#host --no-root-password
```
> [!TIP]
> This config installs a nixos-rebuild wrapper called `nos` (NixOS Operations Script). Basic install/upgrade commands can be run using `nos`, but more advanced stuff should use `nixos-rebuild`.
> This config installs a nixos-rebuild wrapper called `nos` (NixOS Operations Script) that handles pulling and pushing changes to your configuration repository via git. For more info, run `nixos-operations-script --help`.
### Running updates
To update a system, run `sudo nixos-operations-script` (or just `sudo nos`). To commit updates back to the repo, use `sudo nos --update`.
To update a system, run `nixos-operations-script` (or just `nos`). To commit updates back to the repo, use `nos --update`. Do not run this script as root - it will automatically request sudo permissions as needed.
#### Automatic updates
@ -52,16 +53,16 @@ aux.system.services.autoUpgrade = {
};
```
Automatic updates work by `git pull`ing the latest version of the repo from Forgejo. This repo gets updated nightly by [`Hevana`](./hosts/Hevana), which updates the `flake.lock` file and pushes it back up to Forgejo. Only one host needs to do this, but you can safely enable it for multiple hosts as long as they have access to the same repository. You can enable this feature on a host using `aux.system.services.autoUpgrade.pushUpdates = true;`.
Automatic updates work by running `nos`. There's an additional `pushUpdates` option that, when enabled, updates the `flake.lock` file and pushes it back up to the Git repository. Only one host needs to do this (in this case, it's [Hevana](./hosts/Hevana), but you can safely enable it on multiple hosts as long as they use the same repository and update at different times.
#### Manually updating
Run `nos` to update the system. Use the `--update` flag to update `flake.lock` as part of the process. For the first build, you'll need to specify the path to your `flake.nix` file and the hostname using `--flake /path/to/flake.nix/#hostname`.
Run `nos` to update the system. Use the `--update` flag to update `flake.lock` as part of the process. For the first build, you'll need to specify the path to your `flake.nix` file and the hostname using `nos --hostname my_hostname --flake /path/to/flake.nix`.
After the first build, you can omit the hostname and path:
```sh
nos --update
nos
```
This is the equivalent of running:

View file

@ -1,12 +1,13 @@
#!/usr/bin/env bash
# Wrapper script for nixos-rebuild
# The NixOS Operations Script (NOS) is a wrapper script for nixos-rebuild and Flake-based configurations.
# It handles pulling the latest version of your repository using Git, running system updates, and pushing changes back up.
# Configuration parameters
operation="switch" # The nixos-rebuild operation to use
hostname=$(/run/current-system/sw/bin/hostname) # The name of the host to build
flakeDir="${FLAKE_DIR}" # Path to the flake file (and optionally the hostname). Defaults to the FLAKE_DIR environment variable.
update=false # Whether to update flake.lock (false by default)
user=$(/run/current-system/sw/bin/whoami) # Which user account to use for git commands (defaults to whoever called the script)
flakeDir="${FLAKE_DIR}" # Path to the flake file (and optionally the hostname)
update=false # Whether to update and commmit flake.lock
user=$(/run/current-system/sw/bin/whoami) # Which user account to use for git commands
remainingArgs="" # All remaining arguments that haven't yet been processed (will be passed to nixos-rebuild)
function usage() {
@ -16,15 +17,17 @@ function usage() {
echo " 1. Pull the latest version of your Nix config repository"
echo " 2. Run 'nixos-rebuild switch'."
echo ""
echo "Advanced usage: nixos-operations-script.sh [-o|--operation operation] [-f|--flake path-to-flake] [extra nixos-rebuild parameters]"
echo "Options:"
echo " -h, --help Show this help screen."
echo " -o, --operation The nixos-rebuild operation to perform."
echo " -f, --flake <path> The path to your flake.nix file (and optionally, the hostname to build)."
echo " -U, --update Update and commit flake.lock."
echo " -u, --user Which user account to run git commands under."
echo "Advanced usage: nixos-operations-script.sh [-h | --hostname hostname-to-build] [-o | --operation operation] [-f | --flake path-to-flake] [extra nixos-rebuild parameters]"
echo ""
exit 2
echo "Options:"
echo " --help Show this help screen."
echo " -f, --flake [path] The path to your flake.nix file (defualts to the FLAKE_DIR environment variable)."
echo " -h, --hostname [hostname] The name of the host to build (defaults to the current system's hostname)."
echo " -o, --operation [operation] The nixos-rebuild operation to perform (defaults to 'switch')."
echo " -U, --update Update and commit the flake.lock file."
echo " -u, --user [username] Which user account to run git commands under (defaults to the user running this script)."
echo ""
exit 0
}
# Argument processing logic shamelessly stolen from https://stackoverflow.com/questions/192249/how-do-i-parse-command-line-arguments-in-bash
@ -36,6 +39,11 @@ while [[ $# -gt 0 ]]; do
shift
shift
;;
--hostname|-h)
hostname="$2"
shift
shift
;;
--update|--upgrade|-U)
update=true
shift
@ -50,9 +58,8 @@ while [[ $# -gt 0 ]]; do
shift
shift
;;
--help|-h)
--help)
usage
exit 0
;;
*)
POSITIONAL_ARGS+=("$1") # save positional arg
@ -80,9 +87,9 @@ else
echo "Skipping 'nix flake update'..."
fi
options="--flake $flakeDir $remainingArgs --use-remote-sudo --log-format multiline-with-logs"
options="--flake ${flakeDir}#${hostname} ${remainingArgs} --use-remote-sudo --log-format multiline-with-logs"
echo "Running this operation: nixos-rebuild $operation $options"
/run/wrappers/bin/sudo -u root /run/current-system/sw/bin/nixos-rebuild $operation $options
echo "Running this operation: nixos-rebuild ${operation} ${options}"
/run/wrappers/bin/sudo -u $user /run/current-system/sw/bin/nixos-rebuild $operation $options
exit 0

View file

@ -59,6 +59,7 @@ in
noto-fonts-emoji
liberation_ttf
fira-code
fira-code-nerdfont
fira-code-symbols
fira
roboto-slab

View file

@ -87,16 +87,13 @@ in
matchBlocks = config.secrets.users.aires.sshConfig;
};
# Set up Zsh
# Tweak Zsh
zsh = {
oh-my-zsh = {
theme = "gentoo";
};
shellAliases = {
nos = "nixos-operations-script";
z = "zellij";
update = "upgrade";
upgrade = "nos";
upgrade = "nos --update";
};
loginExtra = "fastfetch --memory-percent-green 75 --memory-percent-yellow 90";
};

View file

@ -1,29 +1,24 @@
# Additional ZSH settings via Home Manager
{ pkgs, ... }:
{
programs.zsh = {
programs = {
# Set up Starship
# https://starship.rs/
starship = {
enable = true;
enableZshIntegration = true;
};
zsh = {
enable = true;
autosuggestion.enable = true;
syntaxHighlighting.enable = true;
history.ignoreDups = true; # Do not enter command lines into the history list if they are duplicates of the previous event.
prezto = {
git.submoduleIgnore = "untracked"; # Ignore submodules when they are untracked.
};
plugins = [
{
name = "zsh-nix-shell";
file = "nix-shell.plugin.zsh";
src = pkgs.fetchFromGitHub {
owner = "chisui";
repo = "zsh-nix-shell";
rev = "v0.8.0";
sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7";
};
initExtra = ''
function set_win_title(){
echo -ne "\033]0; $(basename "$PWD") \007"
}
];
oh-my-zsh = {
enable = true;
plugins = [ "git" ];
precmd_functions+=(set_win_title)
'';
};
};
}

View file

@ -90,23 +90,6 @@ in
enable = true;
matchBlocks = config.secrets.users.gremlin.sshConfig;
};
# Set up Zsh
zsh = {
# Install and source the p10k theme
plugins = [
{
name = "powerlevel10k";
src = pkgs.zsh-powerlevel10k;
file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme";
}
{
name = "powerlevel10k-config";
src = ./p10k-config;
file = "p10k.zsh";
}
];
};
};
};
})

File diff suppressed because it is too large Load diff