dbalan/blogng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: dbalan:1522cc294c9f29c204ce8182798faa1a8862d9e5
Branches Tags
dbalan:trunk
...
compare: dbalan:2dc607fd20a254549d0422deea3c8e03a30590cb
Branches Tags
dbalan:trunk

10 Commits
1522cc294c ... 2dc607fd20

Author SHA1 Message Date
Dhananjay Balan
2dc607fd20 Fix image link 2024-03-26 06:34:22 +01:00
Dhananjay Balan
c75420f6dd Fix the paragraph 2024-03-26 06:25:41 +01:00
Dhananjay Balan
cc8c5c8ee1 strip images 2024-03-26 05:58:46 +01:00
Dhananjay Balan
1c78150a94 [blog] Mac bootstrap with nix 2024-03-26 05:25:59 +01:00
Dhananjay Balan
e756e343e9 Add a mastodon link tag 2024-03-19 14:39:38 +01:00
Dhananjay Balan
f8a0f288b9 fix package names 2024-03-19 14:29:38 +01:00
Dhananjay Balan
c09df237fb [blogng] reduce image size 2024-02-11 22:33:49 +01:00
Dhananjay Balan
bf8f634a63 [blog] scale images properly 2024-02-11 22:19:54 +01:00
Dhananjay Balan
d9a98e1bf7 Some typos 2024-02-11 18:59:46 +01:00
Dhananjay Balan
a3bf1a177a Fix about me wording. 2024-02-11 18:53:53 +01:00
8 changed files with 568 additions and 42 deletions
Show Stats Expand all files Collapse all files

511
blog/2024-03-25-boostrap-a-macos-machine-with-nix.markdown Normal file
View File

@ -0,0 +1,511 @@
---
layout: post
title: "Bootstrapping a Mac with Nix"
date: 2024-03-25
comments: true
tags: nix, macos, apple, nix-darwin, brew, homebrew
---
With [nix-darwin](https://github.com/LnL7/nix-darwin) and
[home-manager](https://github.com/nix-community/home-manager) it is possible to
manage almost all of a mac configuration declaratively. So when I got my new
Macbook I was pretty sure this is the way to go. Unfortunately, the bootstrap
is a bit involved. These are my notes from the process, which hopefully
serves as a tutorial.
## Installing dependencies
We need to install some software manually before we can go full steam with
configurations stored as nix files, the primary one being `nix` itself.
Install nix with the [determinate systems nix installer](https://install.determinate.systems/), it comes with sensible defaults and a nicer uninstaller.
Unfortunately, the GUI installer installs `x86_64` version of nix, so I had to use `curl |sh` for my `aarch64` Macbook.
```sh
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
```
![](/images/nix-install.png)
If you haven't already, also install `Xcode tools` with `xcode-select --install`
## Generating initial configurations
We are going to use `nix-darwin` to keep a system wide configuration, which
would represent packages that are installed, configuration for packages and
configuration like shell aliases, files etc.
nix-darwin has support for both classic `configuration.nix` tied to a nix-channel
as well as flakes, I chose the latter as it allows more finer control over dependency versions[^1].
```sh
% nix flake init -t nix-darwin
wrote: /Users/db/code/private/config/flake.nix
# replace the hostname
% sed -i '' "s/simple/$(scutil --get LocalHostName)/" flake.nix
# Add to revision control
git init
git add flake.nix
```
This generates an example flake file, with some boilerplate code to get started.
With some light editing:
1. Moved the configuration to its on own file `configuration.nix`, and added it to git tree[^2].
2. The appropriate `hostPlatform` for your mac. `nixpkgs.hostPlatform = "aarch64-darwin";`
3. Set the home directory path `users.users.dj.home = "/Users/dj";`
We end up with
### flake.nix
```nix
{
description = "System flake configuration file";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nix-darwin.url = "github:LnL7/nix-darwin";
nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = inputs@{ self, nix-darwin, nixpkgs }: {
# Build darwin flake using:
# $ darwin-rebuild build --flake .#MacBook-Pro
darwinConfigurations."MacBook-Pro" =
nix-darwin.lib.darwinSystem {
system = "aarch64-darwin";
modules = [ ./configuration.nix ];
};
# Expose the package set, including overlays, for convenience.
darwinPackages = self.darwinConfigurations."MacBook-Pro".pkgs;
};
}
```
### configuration.nix
```nix
{ config, lib, pkgs, ... }:
{
# List packages installed in system profile. To search by name, run:
# $ nix-env -qaP | grep wget
environment.systemPackages = with pkgs; [
];
users.users.dj.home = "/Users/dj";
# Auto upgrade nix package and the daemon service.
services.nix-daemon.enable = true;
# nix.package = pkgs.nix;
# Necessary for using flakes on this system.
nix.settings.experimental-features = "nix-command flakes";
# Create /etc/zshrc that loads the nix-darwin environment.
programs.zsh.enable = true; # default shell on catalina
# programs.fish.enable = true;
# Used for backwards compatibility, please read the changelog before changing.
# $ darwin-rebuild changelog
system.stateVersion = 3;
nix.configureBuildUsers = true;
# The platform the configuration will be used on.
nixpkgs.hostPlatform = "aarch64-darwin";
}
```
Its time to bootstrap the system with `nix-darwin`!
```sh
% nix run nix-darwin -- switch --flake ~/.config/nix-darwin
building the system configuration...
[1/38/42 built, 227 copied (1406.7/1407.6 MiB), 237.3 MiB DL] building darwin-uninstaller (fixupPhase): str
Password:
setting up /run via /etc/synthetic.conf...
user defaults...
setting up user launchd services...
setting up /Applications/Nix Apps...
setting up pam...
applying patches...
setting up /etc...
system defaults...
setting up launchd services...
creating service org.nixos.activate-system
reloading service org.nixos.nix-daemon
reloading nix-daemon...
waiting for nix-daemon
waiting for nix-daemon
configuring networking...
setting nvram variables...
```
During the bootstrap, `nix-darwin` installs the command `darwin-rebuild`, subsequent rebuilds should use `darwin-rebuild`.
Both `nix-darwin` and `darwin-rebuild` follows same semantics as `nixos-rebuild`, `test` for test activation, `build` for only building the configuration, `switch` for commit and activate etc.
## Install some packages
I have a set of packages that I like to have available system-wide (for all users). Add those to
`environment.systemPackages` in `configuration.nix`, which gives us:
```nix
{ config, lib, pkgs, ... }:
{
# List packages installed in system profile. To search by name, run:
# $ nix-env -qaP | grep wget
environment.systemPackages = with pkgs; [
vim
curl
gitAndTools.gitFull
mg
mosh
];
...
```
Activate with `darwin-rebuild switch --flake ~/path-to-config-directory`
## Home Manager
[home-manager](https://github.com/nix-community/home-manager) is a nix community project for managing user environments, it comes with a [tone of module for configuring more day-to-day user facing programs](https://home-manager-options.extranix.com/), for e.g the git module for configuring, well git.
```nix
programs.git = {
enable = true;
extraConfig = {
github.user = "<user>";
init = { defaultBranch = "trunk"; };
diff = { external = "${pkgs.difftastic}/bin/difft"; };
};
};
```
Install `home-manager` with flakes,
1. Add a flake input in the inputs section
```nix
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
```
2. And add the module to the `modules` section
```nix
home-manager.darwinModules.home-manager {
# `home-manager` config
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.db = import ./home.nix;
};
```
I choose to keep the home configuration in a separate file, `home.nix`.
```nix
{ config, lib, pkgs, ... }:
{
home.stateVersion = "23.11";
programs.git = {
enable = true;
userName = "name";
userEmail = "mail@example.org";
extraConfig = {
github.user = "<user>";
init = { defaultBranch = "trunk"; };
diff = { external = "${pkgs.difftastic}/bin/difft"; };
};
};
}
```
Also the updated `flake.nix` is now
```nix
{
description = "System flake configuration file";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nix-darwin.url = "github:LnL7/nix-darwin";
nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = inputs@{ self, nix-darwin, nixpkgs, home-manager, nix-homebrew
, homebrew-core, homebrew-cask, homebrew-bundle, ... }:
{
# Build darwin flake using:
# $ darwin-rebuild build --flake .#MacBook-Pro
darwinConfigurations."MacBook-Pro" =
nix-darwin.lib.darwinSystem {
system = "aarch64-darwin";
modules = [
./configuration.nix
home-manager.darwinModules.home-manager
{
# `home-manager` config
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.db = import ./home.nix;
}
];
};
# Expose the package set, including overlays, for convenience.
darwinPackages =
self.darwinConfigurations."MacBook-Pro".pkgs;
};
}
```
If you get an error `Error: HOME is set to "/Users/<username>" but we expect "/var/empty"`, make sure you have set `users.users.<username>.home` in configuration.nix.
## Manage homebrew applications
Sadly, nix still has some catching up to do with mac compatibility, biggest gripe for me was [accessing GUI apps with spotlight seems to need some workarounds](https://github.com/LnL7/nix-darwin/issues/214). Luckily brew solves this and we can just install applications with brew, still managed by nix.
`nix-darwin` can declaratively manage brew packages, however we need [nix-homebrew](https://github.com/zhaofengli/nix-homebrew) to install brew itself and manage the taps declaratively.
Grab nix-homebrew using flakes, and also add the taps itself as inputs, this maybe the most underrated flakes feature. We can pin the taps to a specific version!
```nix
inputs = {
nix-homebrew = {
url = "github:zhaofengli-wip/nix-homebrew";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
homebrew-core = {
url = "github:homebrew/homebrew-core";
flake = false;
};
homebrew-cask = {
url = "github:homebrew/homebrew-cask";
flake = false;
};
homebrew-bundle = {
url = "github:homebrew/homebrew-bundle";
flake = false;
};
```
.. and import the module into the system configuration.
```nix
nix-homebrew.darwinModules.nix-homebrew
{
nix-homebrew = {
enable = true;
# Apple Silicon Only: Also install Homebrew under the default Intel prefix for Rosetta 2
enableRosetta = true;
user = "username";
taps = {
"homebrew/homebrew-core" = homebrew-core;
"homebrew/homebrew-cask" = homebrew-cask;
"homebrew/homebrew-bundle" = homebrew-bundle;
};
mutableTaps = false;
};
}
```
The package installations are itself managed by nix-darwin, using `homebrew.*` options.
```nix
homebrew = {
enable = true;
global.autoIpdate = false;
casks = [ "kitty" ];
};
```
## Fin!
If you have followed through all of the above, like me, you should have a mac with almost everything configured declaratively, using nix.
Further customizations options can be found in
- [nix-darwin options search](https://daiderd.com/nix-darwin/manual/index.html), you could also use `man configuration.nix`
- [Home manager option search](https://home-manager-options.extranix.com/)
This setup helps me share configuration with my other machines; they are just an `import` away! However this bootstrapping is neither simple nor short, that's definitly something to improve.
[^1]: Explaining flakes or nix nuanceses are out of scope and probably out of my reach, <https://nixos-and-flakes.thiscute.world/> is a better resource.
[^2]: For flake build system to find them, git should be aware of the files.
## Final configuration files
<details>
<summary>flake.nix</summary>
```nix
{
description = "System flake configuration file";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nix-darwin.url = "github:LnL7/nix-darwin";
nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-homebrew = { url = "github:zhaofengli-wip/nix-homebrew"; };
homebrew-core = {
url = "github:homebrew/homebrew-core";
flake = false;
};
homebrew-cask = {
url = "github:homebrew/homebrew-cask";
flake = false;
};
homebrew-bundle = {
url = "github:homebrew/homebrew-bundle";
flake = false;
};
};
outputs = inputs@{ self, nix-darwin, nixpkgs, home-manager, nix-homebrew
, homebrew-core, homebrew-cask, homebrew-bundle, ... }: {
# Build darwin flake using:
# $ darwin-rebuild build --flake .#MacBook-Pro
darwinConfigurations."MacBook-Pro" =
nix-darwin.lib.darwinSystem {
system = "aarch64-darwin";
modules = [
./configuration.nix
home-manager.darwinModules.home-manager
{
# `home-manager` config
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.db = import ./home.nix;
}
nix-homebrew.darwinModules.nix-homebrew
{
nix-homebrew = {
enable = true;
# Apple Silicon Only: Also install Homebrew under the default Intel prefix for Rosetta 2
enableRosetta = true;
user = "db";
taps = {
"homebrew/homebrew-core" = homebrew-core;
"homebrew/homebrew-cask" = homebrew-cask;
"homebrew/homebrew-bundle" = homebrew-bundle;
};
mutableTaps = false;
};
}
];
};
# Expose the package set, including overlays, for convenience.
darwinPackages =
self.darwinConfigurations."MacBook-Pro".pkgs;
};
}
```
</details>
<details>
<summary>configuration.nix</summary>
```nix
{ config, lib, pkgs, ... }:
{
# List packages installed in system profile. To search by name, run:
# $ nix-env -qaP | grep wget
environment.systemPackages = with pkgs; [
vim
curl
gitAndTools.gitFull
mg
mosh
];
homebrew = {
enable = true;
global.autoUpdate = false;
casks = [ "kitty" ];
};
users.users.db.home = "/Users/db";
# Auto upgrade nix package and the daemon service.
services.nix-daemon.enable = true;
# nix.package = pkgs.nix;
# Necessary for using flakes on this system.
nix.settings.experimental-features = "nix-command flakes";
# Create /etc/zshrc that loads the nix-darwin environment.
programs.zsh.enable = true; # default shell on catalina
# programs.fish.enable = true;
# Used for backwards compatibility, please read the changelog before changing.
# $ darwin-rebuild changelog
system.stateVersion = 3;
nix.configureBuildUsers = true;
# The platform the configuration will be used on.
nixpkgs.hostPlatform = "aarch64-darwin";
}
```
</details>
<details>
<summary>home.nix</summary>
```nix
{ config, pkgs, ... }:
{
home.stateVersion = "23.11";
programs.git = {
enable = true;
userName = "user name";
userEmail = "email";
extraConfig = {
github.user = "gh_user";
init = { defaultBranch = "trunk"; };
diff = { external = "${pkgs.difftastic}/bin/difft"; };
};
};
}
```
</details>

11
css/pages.css
View File

@ -6,19 +6,24 @@ body {
max-width: 1000px; max-width: 1000px;
padding: 1em; padding: 1em;
text-align: left; text-align: left;
font-size: 16pt; font-size: 14pt;
} }
h1 { h1 {
font-weight: normal; font-weight: normal;
font-family: Charter, "Bitstream Charter", "Sitka Text", Cambria, serif; font-family: Charter, "Bitstream Charter", "Sitka Text", Cambria, serif;
font-size: 38pt; font-size: 36pt;
font-weight: bold; font-weight: bold;
} }
h2 { h2 {
font-family: Charter, "Bitstream Charter", "Sitka Text", Cambria, serif; font-family: Charter, "Bitstream Charter", "Sitka Text", Cambria, serif;
font-size: 24pt; font-size: 22pt;
margin-top: 1.5em; margin-top: 1.5em;
font-weight: bold; font-weight: bold;
} }
img {
width: 400px;
height: auto;
}

1
css/theme.css
View File

@ -155,6 +155,7 @@ code {
img { img {
max-width: 100%; max-width: 100%;
margin: 0px; margin: 0px;
height: auto;
} }
figure { figure {

6
flake.nix
View File

@ -16,10 +16,10 @@
builder = pkgs.haskellPackages.callCabal2nix "blogng" ./. { }; builder = pkgs.haskellPackages.callCabal2nix "blogng" ./. { };
in { in {
packages.default = self.packages.${system}.website; packages.default = self.packages.${system}.blog;
defaultPackage = self.packages.${system}.default; defaultPackage = self.packages.${system}.default;
packages.website = pkgs.stdenv.mkDerivation rec { packages.blog = pkgs.stdenv.mkDerivation rec {
name = "blog"; name = "blog";
LANG = "en_US.UTF-8"; LANG = "en_US.UTF-8";
LC_ALL = "en_US.UTF-8"; LC_ALL = "en_US.UTF-8";
@ -49,6 +49,8 @@
cabal-install cabal-install
nodePackages.prettier nodePackages.prettier
python3 python3
# mogrify -strip to strip images
imagemagick
]; ];
}; };
devShell = self.devShells.${system}.default; devShell = self.devShells.${system}.default;

BIN
images/nix-install.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 489 KiB

8
pages/about.md
View File

@ -1,11 +1,11 @@
# [Dhananjay Balan](https://dbalan.in) # [Dhananjay Balan](https://dbalan.in)
![](./images/profile.jpg){height=400px} ![](./images/profile.jpg)
Interested in **all things technology**. Easily nerd snipe-able, especially when related to old tech, photography, cooking or biking. Interested in **all things technology**. Easily nerd-sniped, especially when related to old tech, photography, cooking or biking.
Hailing from **Kerala, India**, Currently based in **Berlin, Germany**. Hailing from **Kerala, India**, Based in **Berlin, Germany**.
Currently tending infrastructure at [Voltus](https://voltus.co), previously at [Port Zero](https://port-zero.com), [CLIQZ](https://cliqz.com) and [Plivo](https://plivo.com), an outdated résumé is available at <https://resume.dbalan.in> Currently tending infrastructure at [Voltus](https://voltus.co), previously at [Port Zero](https://port-zero.com), [CLIQZ](https://cliqz.com) and [Plivo](https://plivo.com), an outdated résumé is available at <https://resume.dbalan.in>
@ -15,7 +15,7 @@ Always building, seldom finishing
- <https://quotes.dbalan.in> — an opinionated minimal readwise.io clone ([source](https://git.planet-express.in/dbalan/quotes-api)) - <https://quotes.dbalan.in> — an opinionated minimal readwise.io clone ([source](https://git.planet-express.in/dbalan/quotes-api))
- <https://cookbook.dbalan.in> -- Recipe lists on cooking rotation, over-engineered this one to generate a static site from yaml spec ([source](https://github.com/dbalan/recipes)). - <https://cookbook.dbalan.in> -- Recipe lists on cooking rotation, over-engineered this one to generate a static site from yaml spec ([source](https://github.com/dbalan/recipes)).
- <http://nossl.dbalan.in> -- Webpage with no TLS termination, a landing page for those nasty captive portal redirects. - <http://nossl.dbalan.in> -- Webpage with no TLS termination, a landing page for those nasty captive portal redirects.
- <https://github.com/NixOS/nixpkgs> — NixOS is my main daily driver, my frustrations with it sometimes result in patches upstream. - <https://github.com/NixOS/nixpkgs> — NixOS is my main daily driver, my frustrations sometimes result in patches.
## Elsewhere on the Internet ## Elsewhere on the Internet
- I love getting mail, say hi -- `hey AT this domain` - I love getting mail, say hi -- `hey AT this domain`

72
templates/default.html
View File

@ -1,38 +1,44 @@
<!doctype html> <!doctype html>
<html lang="en"> <html lang="en">
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8" />
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>$title$</title> <title>$title$</title>
<link rel="stylesheet" href="/css/fonts.css" /> <link rel="stylesheet" href="/css/fonts.css" />
<link rel="stylesheet" href="/css/theme.css" /> <link rel="stylesheet" href="/css/theme.css" />
<link rel="stylesheet" href="/css/syntax.css" /> <link rel="stylesheet" href="/css/syntax.css" />
</head> </head>
<body> <body>
<header> <header>
<div class="header"> <div class="header">
<div id="title"><a href="/">BINARY STROLLS</a></div> <div id="title"><a href="/">BINARY STROLLS</a></div>
<div id="nav"><a href="/archive.html">Archive</a><a href="https://dbalan.in">About</a></div> <div id="nav">
<a href="/archive.html">Archive</a><a href="https://dbalan.in"
>About</a
>
</div> </div>
</header> </div>
<section> </header>
$body$ <section>$body$</section>
</section> <hr id="footerdiv" />
<hr id="footerdiv"> <footer>
<footer> <p><a href="https://notwork.in/@notmycommit">Comments? toot me!</a></p>
<p><a href="https://notwork.in/@notmycommit">Comments? toot me!</a></p> <p>
<p> <a href="https://git.sr.ht/~dbalan/blogng">Source Code</a> -
<a href="https://git.sr.ht/~dbalan/blogng">Source Code</a> - <a href="https://jaspervdj.be/hakyll/"> built with hakyll</a> -
<a href="https://jaspervdj.be/hakyll/"> built with hakyll</a> - <a href="/atom.xml"> Atom Feed</a>
<a href="/atom.xml"> Atom Feed</a> </p>
</p> <a href="https://creativecommons.org/licenses/by-nc/4.0/"
<a href="https://creativecommons.org/licenses/by-nc/4.0/"><img src="/images/cc-by-nc.svg"></a> ><img src="/images/cc-by-nc.svg"
<p> /></a>
Want to become a better programmer? <a href="https://www.recurse.com/scout/click?t=7fa4273c56d752484c0e30d3fbb0d52a">Join the Recurse Center!</a> <p>
</p> Want to become a better programmer?
<a
</footer> href="https://www.recurse.com/scout/click?t=7fa4273c56d752484c0e30d3fbb0d52a"
</body> >Join the Recurse Center!</a
</body> >
</p>
</footer>
</body>
</html> </html>

1
templates/pages.html
View File

@ -10,6 +10,7 @@
<link rel="stylesheet" href="/css/theme.css" /> <link rel="stylesheet" href="/css/theme.css" />
<link rel="stylesheet" href="/css/syntax.css" /> <link rel="stylesheet" href="/css/syntax.css" />
<link rel="stylesheet" href="/css/pages.css" /> <link rel="stylesheet" href="/css/pages.css" />
<link rel="me" href="https://notwork.in/@notmycommit" />
<!-- Place favicon.ico in the root directory --> <!-- Place favicon.ico in the root directory -->
</head> </head>