Script for installing Linux environments

.envrc

use flake
lefthook install

README.md

Usage:

Workstation:

curl -L https://files.heywoodlh.io/scripts/linux.sh | bash -s -- workstation --ansible --home-manager

Server:

curl -L https://files.heywoodlh.io/scripts/linux.sh | bash -s -- server --ansible --home-manager

Working with the Gist:

Source: https://gist.github.com/heywoodlh/b7bd4b4d067dd93402b04015a0ee3531

git clone git@github.com:b7bd4b4d067dd93402b04015a0ee3531.git linux-scripts

flake.lock

{
  "nodes": {
    "flake-utils": {
      "inputs": {
        "systems": "systems"
      },
      "locked": {
        "lastModified": 1710146030,
        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1717464529,
        "narHash": "sha256-cvNZu6TQ4nCJEVA6rRE35xMyU/m04HDJWfixPC0I9AM=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "5a7646f59010bf91d68cf323bf3ae8ca5d31d3ef",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "flake-utils": "flake-utils",
        "nixpkgs": "nixpkgs"
      }
    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    }
  },
  "root": "root",
  "version": 7
}

flake.nix

{
  description = "linux-scripts dev shell";

  inputs.nixpkgs.url = "github:NixOS/nixpkgs";
  inputs.flake-utils.url = "github:numtide/flake-utils";

  outputs = inputs @ {
    self,
    nixpkgs,
    flake-utils,
  }:
    flake-utils.lib.eachDefaultSystem (system: let
      pkgs = nixpkgs.legacyPackages.${system};
    in {
      devShell = pkgs.mkShell {
        name = "linux-scripts-dev";
        buildInputs = with pkgs; [
          lefthook
        ];
      };

      formatter = pkgs.alejandra;
    });
}

lefthook.yml

pre-commit:
  commands:
    upload-fastmail:
      run: |
        ./upload.sh

linux.sh

#!/usr/bin/env bash
# Script to setup bare-minimum Linux env
# TESTING
if [[ $EUID -eq 0 ]]
then
    echo "This script must not be run as root"
    exit 1
fi

if ! uname | grep -iq 'Linux'
then
    echo "This script must be run on a Linux system"
    exit 1
fi

print-usage () {
    printf "\nUsage: %s [workstation|server] [--ansible --home-manager]\n" "$0"
    exit 0
}

[[ $# -eq 0 ]] && print-usage

# Exit if $1 doesn't exist or is not workstation/server
system="$1"
[[ "${system}" != "workstation" && "${system}" != "server" ]] && print-usage

# If --ansible provided, set ansible=true
echo "$@" | grep -q '\-\-ansible' && ansible=true
# If --home-manager provided, set home-manager=true
echo "$@" | grep -q '\-\-home-manager' && home_manager=true

# Install Nix
if [ ! -d /nix ]
then
    echo "Installing Nix"
    curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install --no-confirm
    sudo chown -R "$EUID" /nix
fi
[ -e /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh ] && . /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh

install-nix-package () {
    package_bin="$1"
    package_source="$2"
    unfree="$3"

    exists=false
    ls -l "$HOME/.nix-profile/bin/${package_bin}" &>/dev/null && exists=true

    if [[ "${exists}" == "false" ]]
    then
        if [[ -n "${unfree}" ]]
        then
            echo "Installing unfree package ${package_source}"
            NIXPKGS_ALLOW_UNFREE=1 nix profile install "${package_source}" --impure
        else
            echo "Installing package ${package_source}"
            nix profile install "${package_source}"
        fi
    else
        echo "Package ${package_source} already exists"
    fi
}

if [[ "${home_manager}" != "true" ]]
then
    echo "Installing standalone packages"
    # Install flakes
    flakes="vim tmux git"
    for flake in $flakes
    do
        install-nix-package "${flake}" "github:heywoodlh/flakes?dir=${flake}"
    done

    # Configure Desktop
    if [[ "${system}" == "workstation" ]]
    then
        echo "Configuring GNOME"
        nix run "github:heywoodlh/flakes?dir=gnome"
        echo "Configuring Firefox"
        nix run "github:heywoodlh/flakes?dir=firefox#firefox-setup"
    fi

    # Install 1password
    install-nix-package "op" "github:heywoodlh/flakes?dir=1password" "unfree"
    [[ "${system}" == "workstation" ]] && install-nix-package "1password" "nixpkgs#_1password-gui" "unfree"
    [[ "${system}" == "workstation" ]] && mkdir -p ~/.config/autostart && ln -s ~/.nix-profile/share/applications/1password.desktop ~/.config/autostart/1password.desktop &>/dev/null
    [[ "${system}" == "workstation" ]] && nix run "github:heywoodlh/flakes?dir=1password#op-desktop-setup" && chmod u+w ~/.config/1Password/settings/settings.json

    # Install Lima for Docker
    install-nix-package "lima" "nixpkgs#lima"
    install-nix-package "docker" "nixpkgs#docker-client"
else
    # If WSL
    if which wsl.exe &>/dev/null
    then
        echo "WSL detected, starting dconf manually"
        export $(dbus-launch)
    fi

    if [[ "${system}" == "workstation" ]]
    then
        echo "Installing home-manager desktop configuration"
        nix run "github:heywoodlh/nixos-configs#homeConfigurations.heywoodlh.activationPackage" --impure --no-write-lock-file
    fi

    if [[ ${system} == "server" ]]
    then
        echo "Installing home-manager server configuration"
        nix run "github:heywoodlh/nixos-configs#homeConfigurations.heywoodlh-server.activationPackage" --impure --no-write-lock-file
    fi
fi

# Run ansible playbooks
if [[ "${ansible}" == "true" ]]
then
    echo "Running ansible playbooks"
    nix run "github:heywoodlh/flakes/$(git ls-remote https://github.com/heywoodlh/flakes | head -1 | awk '{print $1}')?dir=ansible#${system}"
fi

# If WSL
if which wsl.exe &>/dev/null
then
    echo "WSL detected, adding WSL configuration"
    mkdir -p $HOME/bin
cat > $HOME/bin/windows-firefox-setup << EOL
#!/usr/bin/env bash
drive="\$(cmd.exe /c "<nul set /p=%UserProfile%" 2>/dev/null | cut -d':' -f1 | tr [:upper:] [:lower:])"
firefox_profile="/mnt/\${drive}/\$(cmd.exe /c "<nul set /p=%UserProfile%" 2>/dev/null | sed 's/\\\/\//g' | cut -d':' -f2)/AppData/Roaming/Mozilla/Firefox/Profiles"
nix --extra-experimental-features "flakes nix-command" run "github:heywoodlh/flakes?dir=firefox#firefox-setup" -- "\${firefox_profile}"
EOL
    chmod +x "$HOME/bin/windows-firefox-setup"
fi


# Symlink vim if it doesn't exist
[[ -e /usr/local/bin/vim ]] || sudo ln -s "$HOME/.nix-profile/bin/vim" /usr/local/bin/vim

upload.sh

#!/usr/bin/env bash

# Get list of files, minus the script itself
script_dir="$(echo "$(dirname $0)")"
files="$(ls "${script_dir}" | grep -vE "$(basename "$0")|lefthook.yml")"

username="$(op-wrapper.sh item get "3qaxsqbv5dski4wqswxapc7qoi" --fields label=username)"
password="$(op-wrapper.sh item get "3qaxsqbv5dski4wqswxapc7qoi" --fields label=webdav)"

endpoint="https://myfiles.fastmail.com/files/scripts"

[[ -z "${username}" ]] && echo "Username not found" && exit 1
[[ -z "${password}" ]] && echo "Password not found" && exit 1

for file in ${files}
do
    echo "Uploading ${file} to ${endpoint}/${file}"
    curl --user "${username}:${password}" -T "${script_dir}/${file}" "${endpoint}/${file}"
done