chore: vastly expand notes about nixos

.vscode/settings.json

@@ -176,6 +176,7 @@
         "gpgtools",
         "groupmask",
         "growpart",
+        "guix",
         "hadolint",
         "hazelcast",
         "hdparm",
@@ -229,6 +230,8 @@
         "netcat",
         "nfsmount",
         "nindent",
+        "nixos",
+        "nixpkgs",
         "nmap",
         "nodepool",
         "nproc",

knowledge base/guix system.md

@@ -0,0 +1,65 @@
+# Guix system
+
+TODO
+
+1. [TL;DR](#tldr)
+1. [Further readings](#further-readings)
+   1. [Sources](#sources)
+
+## TL;DR
+
+<!-- Uncomment if used
+<details>
+  <summary>Setup</summary>
+
+```sh
+```
+
+</details>
+-->
+
+<!-- Uncomment if used
+<details>
+  <summary>Usage</summary>
+
+```sh
+```
+
+</details>
+-->
+
+<!-- Uncomment if used
+<details>
+  <summary>Real world use cases</summary>
+
+```sh
+```
+
+</details>
+-->
+
+## Further readings
+
+- [Website]
+- [Main repository]
+- [Guix]
+- [NixOS]
+
+### Sources
+
+<!--
+  Reference
+  ═╬═Time══
+  -->
+
+<!-- In-article sections -->
+<!-- Knowledge base -->
+[guix]: guix.md
+[nixos]: nixos.md
+
+<!-- Files -->
+<!-- Upstream -->
+[main repository]: https://github.com/project/
+[website]: https://guix.gnu.org/
+
+<!-- Others -->

knowledge base/guix.md

@@ -0,0 +1,69 @@
+# Guix
+
+Package manager for GNU/Linux systems.
+
+Takes inspiration from [Nix].<br/>
+Uses [Guile] for its configuration files.
+
+1. [TL;DR](#tldr)
+1. [Further readings](#further-readings)
+   1. [Sources](#sources)
+
+## TL;DR
+
+<!-- Uncomment if used
+<details>
+  <summary>Setup</summary>
+
+```sh
+```
+
+</details>
+-->
+
+<!-- Uncomment if used
+<details>
+  <summary>Usage</summary>
+
+```sh
+```
+
+</details>
+-->
+
+<!-- Uncomment if used
+<details>
+  <summary>Real world use cases</summary>
+
+```sh
+```
+
+</details>
+-->
+
+## Further readings
+
+- [Website]
+- [Main repository]
+- [Nix]
+- [Guix system]
+
+### Sources
+
+<!--
+  Reference
+  ═╬═Time══
+  -->
+
+<!-- In-article sections -->
+<!-- Knowledge base -->
+[guix system]: guix%20system.md
+[nix]: nix.md
+
+<!-- Files -->
+<!-- Upstream -->
+[main repository]: https://savannah.gnu.org/git/?group=guix
+[website]: https://guix.gnu.org/
+
+<!-- Others -->
+[guile]: https://www.gnu.org/software/guile/

knowledge base/nix.md

@@ -1,13 +1,14 @@
 # The Nix package manager
 
-## Table of contents <!-- omit in toc -->
-
 1. [TL;DR](#tldr)
 1. [Further readings](#further-readings)
    1. [Sources](#sources)
 
 ## TL;DR
 
+<details>
+  <summary>Setup</summary>
+
 ```sh
 # Install Nix in single-user mode (suggested).
 # Works on most Linux even *without systemd* or with SELinux *enabled*.
@@ -20,9 +21,32 @@ curl -L 'https://nixos.org/nix/install' | sh
 bash <(curl -L 'https://nixos.org/nix/install') --daemon
 
 
+# Uninstall Nix in single-user mode.
+# Also remove references from '~/.bash_profile' and '~/.zshenv'.
+rm -rf '/nix'
+
+# Uninstall Nix in multi-user mode.
+# Oooh boi.
+# Check https://nixos.org/manual/nix/stable/installation/uninstall#multi-user.
+```
+
+</details>
+
+<details>
+  <summary>Usage</summary>
+
+```sh
 # List configured channels.
 nix-channel --list
 
+# Add channels.
+nix-channel --add 'https://channels.nixos.org/nixos-24.05' 'nixos'
+nix-channel --add 'https://channels.nixos.org/nixos-24.05-small' 'nixos'
+nix-channel --add 'https://channels.nixos.org/nixos-unstable' 'nixos'
+
+# Remove channels.
+nix-channel --remove 'nixos'
+
 # Update channels.
 nix-channel --update
 nix-channel --update 'nixpkgs'
@@ -38,6 +62,11 @@ nix-env --query --installed
 nix-env -qa --attr 'nixpkgs'
 nix-env --query --available --attr 'nixpkgs'
 
+# Search packages.
+# See <https://nixos.wiki/wiki/Searching_packages>
+curl 'https://search.nixos.org/packages?channel=24.05&from=0&size=150&sort=relevance&type=packages&query=vscode'
+nix --extra-experimental-features 'nix-command' --extra-experimental-features 'flakes' search 'nixpkgs' 'git'
+
 # Install packages.
 nix-env -i 'coreutils'
 nix-env --install --attr 'nixpkgs.parallel'
@@ -64,12 +93,18 @@ nix-shell --packages 'cowsay' 'lolcat'
 # state of the user environment, then run specific commands in it and exit.
 nix-shell -p 'cowsay' 'lolcat' --run 'cowsay "something" | lolcat'
 
-# Free up space occupied by unreachable store objects like packages used in
+
-# temporary shell environments.
+# Remove old and unreferenced packages.
 nix-collect-garbage
+nix-store --gc
+# Do the same for specific profiles.
+nix-env -p '/nix/var/nix/profiles/per-user/jonah/profile' --delete-generations 'old'
+nix-env -p '/nix/var/nix/profiles/per-user/sam/profile' --delete-generations '14d'
+
+# Delete old roots.
+# Removes the ability to roll back to the deleted ones.
 nix-collect-garbage --delete-old
 nix-collect-garbage -d --dry-run
-nix-store --gc
 
 
 # Evaluate Nix expressions in an interactive session.
@@ -81,19 +116,21 @@ nix-instantiate --eval
 nix-instantiate --eval 'path/to/file.nix'
 
 
-# Uninstall Nix in single-user mode.
+# Scan the entire store for corrupt paths.
-# Also remove references from '~/.bash_profile' and '~/.zshenv'.
+nix-store --verify --check-contents --repair
-rm -rf '/nix'
 
-# Uninstall Nix in multi-user mode.
+# Replace identical files with hard links.
-# Oooh boi.
+# It can take quite a while to finish.
-# Check https://nixos.org/manual/nix/stable/installation/uninstall#multi-user.
+nix-store --optimise
 ```
 
+</details>
+
 ## Further readings
 
 - [Website]
 - [NixOS]
+- [Guix]
 
 ### Sources
 
@@ -105,6 +142,7 @@ rm -rf '/nix'
   -->
 
 <!-- Knowledge base -->
+[guix]: guix.md
 [nixos]: nixos.md
 
 <!-- Upstream -->

knowledge base/nixos.md

@@ -1,17 +1,118 @@
 # NixOS
 
-TODO
+Linux distribution based on [Nix].
 
+1. [TL;DR](#tldr)
+1. [Automatic Upgrades](#automatic-upgrades)
+1. [Automatic package cleanup](#automatic-package-cleanup)
 1. [Further readings](#further-readings)
 
+## TL;DR
+
+Refer [Nix] for the package manager's commands.
+
+The `/etc/nixos/configuration.nix` file contains the current configuration of the local system.<br/>
+Execute `nixos-rebuild switch` **as root** whenever one changes something in there to apply the changes.
+
+When multiple modules define an option, NixOS will try to **merge** all the definitions.
+
+System configurations are stored in the `/nix/var/nix/profiles/system` profile.
+
+<details>
+  <summary>Usage</summary>
+
+```sh
+# Open the manual in a browser window.
+nixos-help
+
+# Inspect the system configuration.
+nixos-rebuild repl
+
+# Apply changes to the system configuration.
+# Only builds the configuration.
+sudo nixos-rebuild build
+# Switches the running system to the new configuration.
+# Does *not* make it the default for booting.
+sudo nixos-rebuild test
+# Makes it the default for booting.
+# Does *not* apply it to the running system.
+sudo nixos-rebuild boot
+# Makes it the default configuration for booting.
+# Also tries to apply it to the running system.
+sudo nixos-rebuild switch
+# Make the new configuration show as an entry in GRUB.
+sudo nixos-rebuild switch -p 'new entry'
+
+# Upgrade NixOS to the latest version in the chosen channel.
+# Equivalent to `sudo nix-channel --update 'nixos' && nixos-rebuild switch`.
+sudo nixos-rebuild switch --upgrade
+
+# Test a new configuration in a sandbox.
+# Requires hardware virtualization.
+# Builds and runs a QEMU VM containing the desired configuration.
+sudo nixos-rebuild build-vm && ./result/bin/run-*-vm
+```
+
+```sh
+# Prefer using the '--attr' option with nix.
+# The normal command (e.g. `nix-env -i 'k3s'`) got always killed in tests.
+nix-env --install --attr 'nixos.k3s'
+nix-env --upgrade --attr 'nixos.parallel'
+```
+
+</details>
+
+## Automatic Upgrades
+
+Enable the `nixos-upgrade.service` to automatically keep a NixOS system up-to-date by adding the following to the
+`/etc/nixos/configuration.nix` file:
+
+```plaintext
+{
+  system.autoUpgrade.enable = true;
+  system.autoUpgrade.allowReboot = true;
+}
+```
+
+If the `allowReboot` option is set to `false`, the service just runs `nixos-rebuild switch --upgrade` to upgrade the
+system to the latest version in the current channel.<br/>
+If it is set to `true`, then the system will also automatically reboot if the new generation contains any different
+initrd, kernel or kernel module.
+
+Specify a channel explicitly in the same file, e.g.:
+
+```plaintext
+{ system.autoUpgrade.channel = "https://channels.nixos.org/nixos-24.05"; }
+```
+
+Check when the service runs by looking at the output of `systemctl list-timers 'nixos-upgrade.timer'`.
+
+## Automatic package cleanup
+
+Enable `nix-gc.service` to automatically remove old, unreferenced packages.
+
+One can set the system up to run this unit automatically at certain points in time:
+
+```plaintext
+{
+  nix.gc.automatic = true;
+  nix.gc.dates = "03:15";
+}
+```
+
 ## Further readings
 
 - [Website]
+- [Manual]
 
 <!--
   Reference
   ═╬═Time══
   -->
 
+<!-- Knowledge base -->
+[nix]: nix.md
+
 <!-- Upstream -->
+[manual]: https://nixos.org/manual/nixos/stable/
 [website]: https://nixos.org

snippets/nixos/commands.fish

@@ -0,0 +1,5 @@
+#!/usr/bin/env fish
+
+nix-env -i --attr 'nixos.kubectl' 'nixos.k9s' 'nixos.helm'
+
+sudo nixos-rebuild switch

snippets/nixos/configuration.nix

@@ -0,0 +1,77 @@
+# Basic NIX modules.
+{ config, pkgs, ... }:
+
+/* Option definitions */
+{
+  system.stateVersion = "23.11";
+
+  # Bootloader.
+  boot.loader.grub = {
+    enable = true;
+    device = "/dev/sda";
+    useOSProber = false;
+  };
+
+  # Localization.
+  console.keyMap = "us";
+  time.timeZone = "Europe/Amsterdam";
+  i18n.defaultLocale = "en_US.UTF-8";
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "nl_NL.UTF-8";
+    LC_IDENTIFICATION = "nl_NL.UTF-8";
+    LC_MEASUREMENT = "nl_NL.UTF-8";
+    LC_MONETARY = "nl_NL.UTF-8";
+    LC_NAME = "nl_NL.UTF-8";
+    LC_NUMERIC = "nl_NL.UTF-8";
+    LC_PAPER = "nl_NL.UTF-8";
+    LC_TELEPHONE = "nl_NL.UTF-8";
+    LC_TIME = "nl_NL.UTF-8";
+  };
+
+  # Networking.
+  networking.hostName = "nixos-vm";
+
+  ## SSH.
+  # Automatically opens port 22 in the firewall.
+  services.openssh.enable = true;
+
+  # Package management.
+  nixpkgs.config.allowUnfree = true;
+  environment.systemPackages = with pkgs; [
+    git
+    tmux
+    vim
+  ];
+
+  # SUID wrappers.
+  programs.mtr.enable = true;
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+
+  # Users.
+  users.users.mike = {
+    isNormalUser = true;
+    description = "Mike Wazowski";
+    extraGroups = [
+      "networkmanager"
+      "wheel"
+    ];
+    packages = with pkgs; [
+      chezmoi
+      firefox
+      kate
+      lefthook
+      # thunderbird
+      vscode
+    ];
+  };
+
+  # Include external configuration files.
+  imports = [
+    ./hardware-configuration.nix  # usually autogenerated by the system
+    ./kde.nix
+    ./k3s.nix
+  ];
+}

snippets/nixos/k3s.nix

@@ -0,0 +1,11 @@
+{
+  # Refer https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/networking/cluster/k3s/README.md
+  boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
+  networking.firewall.enable = false;
+  services.k3s = {
+    enable = true;
+    role = "server";
+    token = "12345";
+    clusterInit = true;
+  };
+}

snippets/nixos/kde.nix

@@ -0,0 +1,11 @@
+{
+  services.xserver = {
+    enable = true;
+    desktopManager.plasma5.enable = true;
+    xkb = {
+      layout = "it";
+      variant = "";
+    };
+  };
+  services.displayManager.sddm.enable = true;
+}