Set keyboard layout for azerty
loadkeys frSet larger font if screen is 4K
setfont ter-v32nIf wifi is needed, start wpa_supplicant and connect to wifi
systemctl start wpa_supplicant.service
wpa_cli <<EOF
add_network
set_network 0 ssid "$WIFI_SSID"
set_network 0 psk "$WIFI_PASSWORD"
set_network 0 key_mgmt WPA-PSK
enable_network 0
EOFUsing fdisk, create partitions as follow:
| device | start | end | type |
|---|---|---|---|
| /dev/sdx1 | 2048 | +512MB | EFI System |
| /dev/sdx2 | +512MB | 100% | Linux LVM |
fdisk /dev/sdx
# TODO : see how to do commands with partedCreate a luks volume label as crypted
cryptsetup --label crypted luksFormat /dev/sdx2Open the luks volume and call it anything (e.g. "cryptlvm")
cryptsetup open /dev/sdx2 cryptlvmConfigure LVM physical volume and main volume group
pvcreate /dev/mapper/cryptlvm
vgcreate $TARGET_HOSTNAME /dev/mapper/cryptlvmCreate LVM volumes
lvcreate -L 70G $TARGET_HOSTNAME -n docker
lvcreate -L 50G $TARGET_HOSTNAME -n nix
lvcreate -L 10G $TARGET_HOSTNAME -n home
lvcreate -L 5G $TARGET_HOSTNAME -n root
lvcreate -L 2G $TARGET_HOSTNAME -n swapFormat volumes (create appropriate file system on each)
mkfs.ext4 -L nix /dev/$TARGET_HOSTNAME/nix
mkfs.ext4 -L root /dev/$TARGET_HOSTNAME/root
mkfs.ext4 -L home /dev/$TARGET_HOSTNAME/home
mkfs.ext4 -L docker /dev/$TARGET_HOSTNAME/docker
mkswap -L swap /dev/$TARGET_HOSTNAME/swap
mkfs.fat -F 32 -n boot /dev/sdx1Mount the volumes on the live file system ready for the chroot
mount /dev/disk/by-label/root /mnt
mkdir /mnt/nix
mount /dev/disk/by-label/nix /mnt/nix
mkdir /mnt/home
mount /dev/disk/by-label/home /mnt/home
mkdir -p /mnt/var/lib/docker
mount /dev/disk/by-label/docker /mnt/var/lib/docker
mkdir /mnt/boot
mount /dev/disk/by-label/boot /mnt/boot
swapon /dev/disk/by-label/swapGenerate default configuration
nixos-generate-config --root /mntChange minial settings in /mnt/etc/nixos/configuration.nix
- uncomment the "networkmanager" line
- choose an hostname
- choose a timezone
- add the first user
users.users.tristan.isNormalUser = true;
users.users.tristan.extraGroups = ["wheel"];Install the system base
NIXPKGS_ALLOW_UNFREE=1 nixos-installreboot into the new system and login as root
Change my user's password
loadkeys fr
passwd tristanLog in as tristan
Connect again to the wifi
nmcli device wifi connect "$WIFI_SSID" password "$WIFI_PASSWORD"Configure channels (ad nixpkgs-unstable for pinning)
sudo nix-channel --add https://github.com/nix-community/home-manager/archive/release-23.05.tar.gz home-manager
sudo nix-channel --add https://channels.nixos.org/nixos-unstable nixpkgs-unstable
sudo nix-channel --updatePull my configuration and apply user environnment
nix-shell -p git
git clone https://github.com/0b11stan/nixconfig.git ~/sources/github.com/0b11stan/nixconfig/
cd ~/sources/github.com/0b11stan/nixconfig/
sudo nixos-rebuild switch -I nixos-config=./system/configuration.nix- editor: neovim (config)
- window manager: swaywm (config)
- password manager: password store (config)
- browser: qutebrowser (config)
- terminal: alacritty (config)
- communication: tutanota and signal
- containerization: podman
- package mdfmt
- package bloodhound
- format markdown files on save
- configure colored man pages
- merge "system" and "user" config ? (see here)
- install and configure swaylock
- install and configure swayidle
- failed password attempts trigger a picture (see this post)
- failed password attempts send the photo to myself (using signal-cli)
- failed password attempts show the picture on the login screen