Nixian - NixOS-inspired Debian configuration
After running NixOS on my main laptop for a couple of months, I decided to go back to Debian. While NixOS is very innovative, it's also very different, and the most simple things that would work on any other Linux distribution are very counter-intuitive on NixOS, and that's not a good fit for a system that I use to be productive. (I still use it on one of my servers though.)
But of course I was heavily inspired by NixOS and decided to carry over some of the ideas of NixOS to Debian, mainly:
I don't configure my system by hand anymore. I have a script that I run whenever I want to change system settings or install packages, so that if I were to reinstall my system, I can just copy my home directory and run this script, and can get to work immediately.
Let me present the structure of my script:
#!/usr/bin/env bash
set -ex
# Set up Services
systemctl enable ...
systemctl --user enable ...
systemctl disable ...
systemctl --user disable ...
# Install/remove packages
packages_remove=(
konqueror
)
packages_admin=(
apt-file
net-tools
tmux
rsync
...
)
packages_dev=(
ansible
kicad
meld
kcachegrind
...
)
packages_desktop=(
mpv
kdenlive
mediainfo
retroarch
...
)
packages_flatpak=(
im.riot.Riot
...
)
sudo apt install -y "${packages_admin[@]}"
sudo apt install -y "${packages_dev[@]}"
sudo apt install -y "${packages_desktop[@]}"
sudo apt remove "${packages_remove[@]}"
flatpak install "${packages_flatpak[@]}"
# Block malicious domains
blocked_domains=(
analytics.google.com
accounts.firefox.com
api.getpocket.com
...
)
sudo sed -i '/.*#autoadded$/d' /etc/hosts
echo "0.0.0.0 ${blocked_domains[@]} #autoadded" | sudo tee -a /etc/hosts >/dev/null
# Configure kernel modules
sudo tee <<EOF /etc/modprobe.d/blacklist.conf >/dev/null
...
EOF
sudo tee <<EOF /etc/modules >/dev/null
...
EOF
# Cronjobs
sudo rm /etc/cron.d/autodeploy-*
sudo tee <<EOF /etc/cron.hourly/autodeploy-backup-something >/dev/null
#!/bin/sh
# ... some script here ...
EOF
sudo tee <<EOF /etc/cron.daily/autodeploy-reset-something >/dev/null
#!/bin/sh
# ... another script here ...
EOF
sudo chmod 755 /etc/cron.*/autodeploy-*
I could have done all of this with ansible, but in the end, ansible is excruciatingly slow and unnecessarily complex. This works well, and I've been using it happily for a few months now. Let's see how well this ages :).
— 2023-08-30, by hut, tags: #linux