I'm trying to follow this guide to install NixOS
using Btrfs, LUKS and LVM. The main usage of this page for me will be remembering what I did! My laptop is ASUS ROG GL553VD.
Just downloaded Plasma Desktop, 64bit and create a bootable Flash Drive. Then boot up to NixOS Live CD. Using gparted to create two partitions, One 200MB vfat EFI partittion and the rest of SSD drive will be an encrypted partition.
DISK=/dev/nvme0n1
# Format the EFI partition
mkfs.vfat -n BOOT "$DISK"p1
cryptsetup --verify-passphrase -v luksFormat "$DISK"p2
cryptsetup open "$DISK"p2 enc
# Creat the swap inside the encrypted partition
pvcreate /dev/mapper/enc
vgcreate lvm /dev/mapper/enc
lvcreate --size 32G --name swap lvm
lvcreate --extents 100%FREE --name root lvm
mkswap /dev/lvm/swap
mkfs.btrfs /dev/lvm/root
swapon /dev/lvm/swap
# Then create subvolumes
mount -t btrfs /dev/lvm/root /mnt
# We first create the subvolumes outlined above:
btrfs subvolume create /mnt/root
btrfs subvolume create /mnt/home
btrfs subvolume create /mnt/nix
btrfs subvolume create /mnt/persist
btrfs subvolume create /mnt/log
# We then take an empty *readonly* snapshot of the root subvolume,
# which we'll eventually rollback to on every boot.
btrfs subvolume snapshot -r /mnt/root /mnt/root-blank
umount /mnt
# Mount the directories
mount -o subvol=root,compress=zstd,noatime /dev/lvm/root /mnt
mkdir /mnt/home
mount -o subvol=home,compress=zstd,noatime /dev/lvm/root /mnt/home
mkdir /mnt/nix
mount -o subvol=nix,compress=zstd,noatime /dev/lvm/root /mnt/nix
mkdir /mnt/persist
mount -o subvol=persist,compress=zstd,noatime /dev/lvm/root /mnt/persist
mkdir -p /mnt/var/log
mount -o subvol=log,compress=zstd,noatime /dev/lvm/root /mnt/var/log
# don't forget this!
mkdir /mnt/boot
mount "$DISK"p1 /mnt/boot
Then create configurations
nixos-generate-config --root /mnt
Edit the generated config as follow. The /mnt/etc/nixos/hardware-configuration.nix
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" "asus_wmi" "hid_asus" "nouveau" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/98e0d3e3-d66e-440c-82af-4a2ccbc3bfd4";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" "noatime" ];
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/98e0d3e3-d66e-440c-82af-4a2ccbc3bfd4";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" "noatime" ];
};
fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/98e0d3e3-d66e-440c-82af-4a2ccbc3bfd4";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" "noatime" ];
};
fileSystems."/persist" =
{ device = "/dev/disk/by-uuid/98e0d3e3-d66e-440c-82af-4a2ccbc3bfd4";
fsType = "btrfs";
options = [ "subvol=persist" "compress=zstd" "noatime" ];
neededForBoot = true;
};
fileSystems."/var/log" =
{ device = "/dev/disk/by-uuid/98e0d3e3-d66e-440c-82af-4a2ccbc3bfd4";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" "noatime" ];
neededForBoot = true;
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/C91D-901F";
fsType = "vfat";
};
swapDevices = [ ];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
And this is /etc/nixos/configuration.nix
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.supportedFilesystems = [ "btrfs" ];
hardware.enableAllFirmware = true;
nixpkgs.config.allowUnfree = true;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.grub = {
enable = true;
version = 2;
device = "nodev";
efiSupport = true;
enableCryptodisk = true;
};
boot.initrd.luks.devices = {
root = {
# Use https://nixos.wiki/wiki/Full_Disk_Encryption
device = "/dev/disk/by-uuid/TO find this hash use lsblk -f. It's the UUID of nvme0n1p2";
preLVM = true;
};
};
networking.hostName = "rog"; # Define your hostname.
networking.networkmanager.enable = true;
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
networking.useDHCP = false;
networking.interfaces.enp3s0.useDHCP = true;
networking.interfaces.wlp2s0.useDHCP = true;
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# };
# Enable the Plasma 5 Desktop Environment.
services.xserver.enable = true;
services.xserver.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma5.enable = true;
# Configure keymap in X11
# services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with ‘passwd’.
users.users.hadi = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
hashedPassword = "Run mkpasswd -m sha-512 to generate it";
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
wget vim git mkpasswd
firefox
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It‘s perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.09"; # Did you read the comment?
}
The final configuration that I currently use can be found in this Github repository, however, be careful after cloning and comparing it with generated configs above, comment out boot.initrd.postDeviceCommands, and all the lines related to linking to /persist directory in the boot.nix file first, then run
nixos-install
reboot
After rebooting you can follow the original document to copy some directories to the /persist and bring back the relavent linking lines that you commented before.
The rest of setup is perfectly worked out in my case. It's fun to have a fresh install after each reboot. I'm really thankful @mt-caret.