The goal of my current NixOS configuration is to create a multi machine / multi user setup where a single user X can have different profiles across multiple machines.
If you want to learn more about NixOS and the way you can install & configure it, I can recommend the following resources:
- Getting Started with NixOS by Mathias Benaets
- Will T Nix Guides by Will Taylor
Basically the steps are the following:
- download one of the NixOS iso images from the NixOS website;
- burn the iso to a bootable USB flash drive (or copy it to a flash drive prepared with Ventoy);
- boot the installation media;
- partition the drives from your computer (make sure to verify whether your computer supports UEFI boot or only legacy BIOS boot, and don’t forget to label the partitions);
- generate the NixOS config;
- install NixOS;
Guides:
Prepare a usb flash drive with Ventoy and copy the NixOS iso image onto it, now you can boot up the NixOS installer.
First identify whether your computer uses UEFI or legacy BIOS for booting and then choose the appropriate partioning scheme.
https://gist.github.com/martijnvermaat/76f2e24d0239470dd71050358b4d5134
If you want to encrypt multiple partitions, it is good to know that upon booting the decryption password for the first partition will also be used for decrypting all subsequent partitions. Which means that if you want to enter only one password for decryption you’ll need to encrypt all partitions with the same password.
You can either choose to encrypt the partitions (or drives) first and them use those as physical volumes for LVM (LUKS + LVM or LVM on top of LUKS) or you can set up LVM first and encrypt the logical volums with LUKS later (LVM + LUKS or LUKS on top of LVM). I prefer to use LUKS + LVM.
Create at least 2 partitions one boot partition and one root partition, the boot partition will either be an ext4 partition (legacy BIOS) or a ESP/fat partition (UEFI) whereas the root partition will be a LVM (8300 Linux LVM) partition. When the partitioning is done, you can setup the encrytion:
$ cryptset luksFormat /dev/sda2 # encrypt the partition with luks $ cryptsetup luksOpen /dev/sda2 sda2-enc # decrypt the partition to a device name sda2-enc
Now we are ready to add our encrypted volume to LVM:
$ pvcreate /dev/mapper/sda2-enc # add our encrypted partition as physical volume to LVM $ vgcreate vg-nixos /dev/mapper/sda2-enc # add the physical volume to volumegroup vg-nixos $ lvcreate -L 8G -n lv-swap vg-nixos # setup a logical volume (8GB size) for swap purposes in vg-nixos $ lvcreate -l '100%FREE' -n lv-root vg-nixos # create a logical volume for your root (remaing size) in vg-nixos
Format the swap and root partitions:
$ mkswap -L swap /dev/vg-nixos/lv-swap $ mkfs.ext4 -L root /dev/vg-nixos/lv-root
You can configure NixOS to automatically clean up your system, see the section about storage optimization for more info.
First list the generations:
sudo nix-env --list-generations # or following command does not work the use profile options sudo nix-env --list-generations --profile /nix/var/nix/profiles/system
To remove the unused generations, you run the nix-env command with profile and delete-generations option.
The delete-generations option accept an ID as an argument. In this argument, you pass one or multiple IDs. To delete the
old generation in NixOS.
sudo nix-env --delete-generations 10 # or sudo nix-env --delete-generations 10 11 12 13 14 15 16 17 18 19 20 21 # or following command does not work the use profile options sudo nix-env --profile /nix/var/nix/profiles/system --delete-generations 10 # or sudo nix-env --profile /nix/var/nix/profiles/system --delete-generations 10 11 12 13 14 15 16 17 18 19 20 21
Afterwards don’t forget to run the garbage collector:
sudo nix-store --gc
There is also a convenient little utility nix-collect-garbage, which when invoked with the -d (–delete-old) switch
deletes all old generations of all profiles in /nix/var/nix/profiles. So
sudo nix-collect-garbage -d
is a quick and easy way to clean up your system.
First, collect garbages in your system, then rebuild the bootloader.
Execute garbage collection for NixOS:
# remove everything older than 14 days sudo nix-collect-garbage --delete-older-than 14d # or remove all old generations (everything but the current generation) sudo nix-collect-garbage -d
Rebuild the bootloader:
sudo nixos-rebuild boot --flake .