Nixian - NixOS-inspired Debian configuration

After running NixOS on my main laptop for a couple of months, I decided to go back to Debian. While NixOS is very innovative, it's also very different, and the most simple things that would work on any other Linux distribution are very counter-intuitive on NixOS, and that's not a good fit for a system that I use to be productive. (I still use it on one of my servers though.)

But of course I was heavily inspired by NixOS and decided to carry over some of the ideas of NixOS to Debian, mainly:

I don't configure my system by hand anymore. I have a script that I run whenever I want to change system settings or install packages, so that if I were to reinstall my system, I can just copy my home directory and run this script, and can get to work immediately.

Let me present the structure of my script:

#!/usr/bin/env bash

set -ex


# Set up Services
systemctl enable ...
systemctl --user enable ...
systemctl disable ...
systemctl --user disable ...


# Install/remove packages
packages_remove=(
    konqueror
)

packages_admin=(
    apt-file
    net-tools
    tmux
    rsync
    ...
)

packages_dev=(
    ansible
    kicad
    meld
    kcachegrind
    ...
)

packages_desktop=(
    mpv
    kdenlive
    mediainfo
    retroarch
    ...
)

packages_flatpak=(
    im.riot.Riot
    ...
)

sudo apt install -y "${packages_admin[@]}"
sudo apt install -y "${packages_dev[@]}"
sudo apt install -y "${packages_desktop[@]}"
sudo apt remove "${packages_remove[@]}"
flatpak install "${packages_flatpak[@]}"


# Block malicious domains
blocked_domains=(
    analytics.google.com
    accounts.firefox.com
    api.getpocket.com
    ...
)

sudo sed -i '/.*#autoadded$/d' /etc/hosts
echo "0.0.0.0 ${blocked_domains[@]} #autoadded" | sudo tee -a /etc/hosts >/dev/null


# Configure kernel modules
sudo tee <<EOF /etc/modprobe.d/blacklist.conf >/dev/null
...
EOF

sudo tee <<EOF /etc/modules >/dev/null
...
EOF


# Cronjobs
sudo rm /etc/cron.d/autodeploy-*

sudo tee <<EOF /etc/cron.hourly/autodeploy-backup-something >/dev/null
#!/bin/sh
# ... some script here ...
EOF

sudo tee <<EOF /etc/cron.daily/autodeploy-reset-something >/dev/null
#!/bin/sh
# ... another script here ...
EOF

sudo chmod 755 /etc/cron.*/autodeploy-*

I could have done all of this with ansible, but in the end, ansible is excruciatingly slow and unnecessarily complex. This works well, and I've been using it happily for a few months now. Let's see how well this ages :).