What are your ‘defaults’ for your desktop Linux installations, especially when they deviate from your distros defaults? What are your reasons for this deviations?
To give you an example what I am asking for, here is my list with reasons (funnily enough, using these settings on Debian, which are AFAIK the defaults for Fedora):
-
Btrfs: I use Btrfs for transparent compression which is a game changer for my use cases and using it w/o Raid I had never trouble with corrupt data on power failures, compared to ext4.
-
ZRAM: I wrote about it somewhere else, but ZRAM transformed even my totally under-powered HP Stream 11" with 4GB Ram into a usable machine. Nowadays I don’t have swap partitions anymore and use ZRAM everywhere and it just works ™.
-
ufw: I cannot fathom why firewalls with all ports but ssh closed by default are not the default. Especially on Debian, where unconfigured services are started by default after installation, it does not make sense to me.
My next project is to slim down my Gnome desktop installation, but I guess this is quite common in the Debian community.
Before you ask: Why not Fedora? - I love Fedora, but I need something stable for work, and Fedoras recent kernels brake virtual machines for me.
Edit: Forgot to mention ufw
- NixOS
- disko + nixos-anywhere (automatic partitioning & remote installation of new systems)
- stylix (system-wide theming)
- agenix (secret management)
- impermanence (managing persistent data)
- nixos containers for sandboxing applications & services (using systemd-nspawn)
- TMPFS as /
- LUKS
- BTRFS as /nix (might try bcachefs)
- SWAP partition (= RAM size, to susbend to disk)
- Greetd with TUIgreet (DM)
- SwayFX (WM)
- Kitty & foot (term)
- Nushell (shell)
- Helix (editor)
- Firefox (browser)
- slackhq/nebula (c.f. self-hosted tailscale, connecting my systems beyond double NATs)
EDIT1: fix “DE” -> “DM”
This is a very interesting setup would you mind providing more explanation / documentation? Also would you mind sharing your nixOS config? I would love to try it.
My system configuration can be found on git.sr.ht/~sntx/flake. I’ve linked the file tree pinned to the version 0.1.1 of my config, since I’m currrently restructuring the entire config[1] as the current tree is non-optimal[2].
The documentation in the README in combination with the files should cover most of what I’ve described, with the following exception: disko is not present to the repo yet, since I’ve set it up with a forked version of my config and the merge depends on finishing the restructuring of my system configuration.
- You can take a look at these (non-declarative) installation steps to get an idea on how TMPFS as root can be setup
- If you’re interested, I can also DM you the disko expression for it
The goal is to provide definitions for desktops, user-packages, system-packages, themes and users. Each system can then enable a set of users, which in turn have their own desktop, user-packages and theme. A system can also enable system-packages for itself, independent of users. If a user is enabled that has a desktop set, the system will need to have display-manager set as well, which should launch the users configured desktop. ↩︎
The current config assumes a primary user, and can only configure a single DE and apply the application/service configs only to that user. ↩︎
This looks like a whole project. What is the overall goal of this build?
I am very new to nixOS and am interested in it. Specifically for ansible scripts to build out easily replicateable docker hosts for lab. I have also considered it for switching my primary desktop and laptops as being able to have the same OS with everything the way I like it is also intriguing.
Sorry for theate response. P.S. I love your wallpaper.
Now that’s quite an interesting NixOS setup, I’m especially intrigued by the tmpfs root portion. The link you provided was a great read, and I’ll keep this and honestly most of what you’ve described in mind for when I mess with NixOS again.
There are also these two blog posts by elis on setting up tmpfs specifically. Though these posts rather are setup guides, than “talking about the philosophy” of systems design.