nixos配置与管理
大约 6 分钟
nixos安装与配置
安装
安装过程照一般的linux系统配置即可
基础配置
首先打开系统配置目录,然后使用nano打开配置文件
cd /etc/nixos/
nano configuration.nix
在任意一处添加此代码:
nix.settings.experimental-features = ["nix-command" "flakes"];
environment.systemPackages = with pkgs; [
wget
curl
unzip
neovim
vim
];
保存之后,执行以下命令:
nix-rebuild switch
提示
这一步是用于开启flake和nix命令行功能,添加一些基础软件,因为开始时的系统里面是没有东西的。
注意
最好在此步更改root密码防止忘记,不过在安装过程中会要求你设置root密码
环境配置
首先创建以下目录结构:
├── flake.lock
├── flake.nix
├── home
│ └── lexon
│ └── default.nix
├── os
│ ├── configuration.nix
│ ├── hardware-configuration.nix
│ └── network.nix
└── user.nix
flake.nix是入口文件flake.lock是版本管理文件home目录是管理系统下的其他用户环境os目录是管理系统配置状态等等user.nix是管理用户权限
configuration.nix和hardware-configuration.nix请用原本在/etc/nixos下面的两个文件进行替换。其他文件均是空文件 flake.lock请在编辑完flake.nix之后使用以下命令生成:
nix flake update
home目录创建用户的形式为(假设用户名称为:user):
- 在
home目录下面创建名称为user的文件夹 - 创建一个
default.nix - 添加内容
编辑文件
此处仅展示较为主要的配置
flake.nix
{
outputs = inputs@{
self
,nixpkgs
,home-manager
,...
}:
let
userSettings = rec {
username = "lexon";
name = "lexon";
font = "JetBrains Mono";
fontPkg = pkgs.noto-fonts;
};
systemSettings = {
system = "x86_64-linux";
hostname = "lexon";
profile = "lexon";
timezone = "Asia/HongKong";
locale = "en_US.UTF-8";
version = "24.05";
desktopUser = "lexon";
i18n = "en_HK.UTF-8";
};
pkgs = (import nixpkgs {
system = systemSettings.system;
config = {
allowUnfree = true;
allowUnfreePredicate = true;
};
overlays = [ ];
});
in
{
nixosConfigurations.lexon-nixos = nixpkgs.lib.nixosSystem {
system = systemSettings.system;
specialArgs = {
inherit inputs;
inherit userSettings;
inherit systemSettings;
};
modules = [
home-manager.nixosModules.home-manager
./os/configuration.nix
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.lexon = import ./home/lexon;
home-manager.extraSpecialArgs = {
inherit userSettings;
};
}
./user.nix
];
};
};
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
};
}
configuration.nix
这个配置只需要对照原本生成的配置自定义添加或删除就好。
({ config, lib, pkgs,systemSettings, userSettings, ... }:
{
imports = [
./hardware-configuration.nix
./network.nix
];
# Enable experimental features for Nix
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Set the system timezone
time.timeZone = systemSettings.timezone;
# Select internationalisation properties.
i18n.defaultLocale = systemSettings.i18n;
# --- services start ---
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the XFCE Desktop Environment.
services.xserver.displayManager.lightdm.enable = true;
services.xserver.desktopManager.xfce.enable = true;
# Configure keymap in X11
services.xserver.xkb = {
layout = "us";
variant = "";
};
# Enable automatic login for the user.
services.displayManager.autoLogin.enable = true;
services.displayManager.autoLogin.user = systemSettings.desktopUser;
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
# Enable the OpenSSH server
services.openssh.enable = true;
# --- services end ---
# Install firefox.
programs.firefox.enable = true;
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
# System packages to be installed
environment.systemPackages = with pkgs; [
wget
curl
unzip
neovim
vim
home-manager
tcpdump
];
# Bootloader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.loader.grub.useOSProber = true;
# Define your hostname.
networking.hostName = systemSettings.hostname;
# Configure the NixOS release version
system.stateVersion = systemSettings.version; # This should match the NixOS version you are using
# Additional documentation
#services.nixosManual.showManual = true; # Enable NixOS manual in the system
})
netwok.nix
{lib, ...}:
{
networking.interfaces.ens33.ipv4.addresses = [{
address = "192.168.2.131";
prefixLength = 24;
}];
networking.defaultGateway = {
address = "192.168.2.2";
interface = "ens33";
};
networking.nameservers = [ "8.8.8.8" "4.2.2.2" ];
# open sshd service port
networking.firewall.allowedTCPPorts = [22];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault false;
# networking.interfaces.ens33.useDHCP = lib.mkDefault true;
}
user.nix
{ pkgs, ... }:
{
users.users.lexon = {
isNormalUser = true;
home = "/home/lexon";
group = "lexon";
extraGroups = [ "networkmanager" "wheel" ];
};
users.groups.lexon = {};
}
defualt.nix
{ config, pkgs, lib, ... }:
{
imports = [
#./nvim
];
# 注意修改这里的用户名与用户目录
home.username = "lexon";
home.homeDirectory = lib.mkForce "/home/lexon";
#home.sessionVariables = {
# EDITOR = "nvim";
#};
# 直接将当前文件夹的配置文件,链接到 Home 目录下的指定位置
# home.file.".config/i3/wallpaper.jpg".source = ./wallpaper.jpg;
# 递归将某个文件夹中的文件,链接到 Home 目录下的指定位置
# home.file.".config/nvim" = {
# source = ./nvim;
# recursive = true; # 递归整个文件夹
# executable = true; # 将其中所有文件添加「执行」权限
# };
# 直接以 text 的方式,在 nix 配置文件中硬编码文件内容
# home.file.".xxx".text = ''
# xxx
# '';
# 设置鼠标指针大小以及字体 DPI(适用于 4K 显示器)
xresources.properties = {
"Xcursor.size" = 16;
"Xft.dpi" = 96;
};
# 通过 home.packages 安装一些常用的软件
# 这些软件将仅在当前用户下可用,不会影响系统级别的配置
# 建议将所有 GUI 软件,以及与 OS 关系不大的 CLI 软件,都通过 home.packages 安装
home.packages = with pkgs;[
# 如下是我常用的一些命令行工具,你可以根据自己的需要进行增删
neofetch
nnn # terminal file manager
# archives
zip
xz
unzip
p7zip
# utils
ripgrep # recursively searches directories for a regex pattern
jq # A lightweight and flexible command-line JSON processor
yq-go # yaml processor https://github.com/mikefarah/yq
eza # A modern replacement for ‘ls’
fzf # A command-line fuzzy finder
# networking tools
mtr # A network diagnostic tool
iperf3
dnsutils # `dig` + `nslookup`
ldns # replacement of `dig`, it provide the command `drill`
aria2 # A lightweight multi-protocol & multi-source command-line download utility
socat # replacement of openbsd-netcat
nmap # A utility for network discovery and security auditing
ipcalc # it is a calculator for the IPv4/v6 addresses
# misc
cowsay
file
which
tree
gnused
gnutar
gawk
zstd
gnupg
# nix related
#
# it provides the command `nom` works just like `nix`
# with more details log output
nix-output-monitor
# productivity
glow # markdown previewer in terminal
btop # replacement of htop/nmon
iotop # io monitoring
iftop # network monitoring
# system call monitoring
strace # system call monitoring
ltrace # library call monitoring
lsof # list open files
# system tools
sysstat
lm_sensors # for `sensors` command
ethtool
pciutils # lspci
usbutils # lsusb
#env
docker
python3
];
# git 相关配置
programs.git = {
enable = true;
userName = "lexon";
userEmail = "lexonnewb@foxmail.com";
};
# 启用 starship,这是一个漂亮的 shell 提示符
programs.starship = {
enable = true;
# 自定义配置
settings = {
add_newline = false;
aws.disabled = true;
gcloud.disabled = true;
line_break.disabled = true;
};
};
# alacritty - 一个跨平台终端,带 GPU 加速功能
programs.alacritty = {
enable = true;
# 自定义配置
settings = {
env.TERM = "xterm-256color";
font = {
size = 12;
draw_bold_text_with_bright_colors = true;
};
scrolling.multiplier = 5;
selection.save_to_clipboard = true;
};
};
programs.bash = {
enable = true;
enableCompletion = true;
# TODO 在这里添加你的自定义 bashrc 内容
bashrcExtra = ''
export PATH="$PATH:$HOME/bin:$HOME/.local/bin:$HOME/go/bin"
'';
# TODO 设置一些别名方便使用,你可以根据自己的需要进行增删
shellAliases = {
k = "kubectl";
urldecode = "python3 -c 'import sys, urllib.parse as ul; print(ul.unquote_plus(sys.stdin.read()))'";
urlencode = "python3 -c 'import sys, urllib.parse as ul; print(ul.quote_plus(sys.stdin.read()))'";
};
};
# This value determines the Home Manager release that your
# configuration is compatible with. This helps avoid breakage
# when a new Home Manager release introduces backwards
# incompatible changes.
#
# You can update Home Manager without changing this value. See
# the Home Manager release notes for a list of state version
# changes in each release.
home.stateVersion = "24.05";
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}
打包&安装
编辑完成之后,检查语法:
nix flake check
执行完成之后无输出即是语法无问题,之后打包:
nixos-rebuild build --flake .#lexon-nixos
注意
注意,lexon-nixos是在flake.nix文件配置的,可根据关键字搜索
打包完成无任何问题时,目录下面会多出来一个result目录,他是指向/nix/store的,请直接执行:
sudo result/bin/switch-to-configuration test
这一步是测试配置是否对系统有不良影响,所以要针对性测试,比如说网络测试(假设修改了网络配置的话),如果没问题,请执行以下命令应用配置。
sudo result/bin/switch-to-configuration switch
应用完成之后请重新打开终端,如果涉及系统层面修改,建议重启系统、
问题:
未设置用户组
Exactly one of users.users.lexon.isSystemUser and users.users.lexon.isNormalUser must be set.
- users.users.lexon.group is unset. This used to default to nogroup, but this is unsafe. For example you can create a group for this user with: users.users.lexon.group = "lexon"; users.groups.lexon = {};
出现这种情况请在user.nix对应添加
users.users.lexon.isNormalUser = true
users.groups.lexon = {};
即可解决。
插件版本与系统版本不匹配
trace: warning: lexon profile: You are using Home Manager version 24.05 and Nixpkgs version 23.11.
选择一个降本或升本即可。关键词为:
stateVersion
添加新的nvim配置文件显示无法获取
/nix/store/k4lv68vhyn5q6hh337zw24nizjgdm4fr-source/home/lexon/nvim/config/lsp-rust.lua': No such file or directory
遇到这个问题请将文件提交到git之后在行构建