Merge pull request #449 from staticdev/feature/install-packages-with-home-manager

NixOS config

Author: staticdev

.github/workflows/constraints.txt

@@ -1,4 +1,3 @@
-pip==24.0
-ansible==9.2.0
-ansible-lint==24.2.0
+ansible==10.7.0
+ansible-lint==25.1.0
 yamllint==1.35.1

.github/workflows/release.yml

@@ -19,7 +19,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
-          python-version: "3.12"
+          python-version: "3.13"
 
       - name: Check if there is a parent commit
         id: check-parent-commit

.github/workflows/tests.yml

@@ -20,54 +20,62 @@ jobs:
       - name: Set up Python 3.
         uses: actions/setup-python@v5
         with:
-          python-version: "3.12"
+          python-version: "3.13"
 
-      - name: Upgrade pip
+      - name: Install UV
+        uses: astral-sh/setup-uv@v5
+        with:
+          version: ">=0.5.24"
+
+      - name: Create venv
         run: |
-          pip install --constraint=.github/workflows/constraints.txt pip
-          pip --version
+          uv venv
 
-      - name: Upgrade ansible-lint
+      - name: Install ansible-lint
         run: |
-          pip install --constraint=.github/workflows/constraints.txt ansible-lint ansible
+          uv pip install --constraint=.github/workflows/constraints.txt ansible-lint ansible
 
-      - name: Upgrade yamllint
+      - name: Install yamllint
         run: |
-          pip install --constraint=.github/workflows/constraints.txt yamllint
+          uv pip install --constraint=.github/workflows/constraints.txt yamllint
 
       - name: Lint code.
         run: |
-          yamllint .
-          ansible-lint
+          uv run yamllint .
+          uv run ansible-lint
 
-  molecule:
-    name: Molecule
-    runs-on: ubuntu-latest
+  # molecule:
+  #   name: Molecule
+  #   runs-on: ubuntu-latest
 
-    strategy:
-      matrix:
-        distro:
-          - debian12
-    steps:
-      - name: Check out the repository
-        uses: actions/checkout@v4
+  #   strategy:
+  #     matrix:
+  #       distro:
+  #         - debian12
+  #   steps:
+  #     - name: Check out the repository
+  #       uses: actions/checkout@v4
 
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.12"
+  #     - name: Set up Python
+  #       uses: actions/setup-python@v5
+  #       with:
+  #         python-version: "3.13"
 
-      - name: Upgrade pip
-        run: |
-          python3 -m pip install --constraint=.github/workflows/constraints.txt pip
-          python3 -m pip --version
+  #     - name: Install UV
+  #       uses: astral-sh/setup-uv@v5
+  #       with:
+  #         version: ">=0.5.24"
+
+  #     - name: Create venv
+  #       run: |
+  #         uv venv
 
-      - name: Install test dependencies
-        run: pip3 install --constraint=.github/workflows/constraints.txt ansible 'molecule-plugins[podman]' podman
+  #     - name: Install test dependencies
+  #       run: uv pip install --constraint=.github/workflows/constraints.txt ansible 'molecule-plugins[podman]' podman
 
-      - name: Run Molecule tests
-        run: molecule -v test
-        env:
-          PY_COLORS: "1"
-          ANSIBLE_FORCE_COLOR: "1"
-          MOLECULE_DISTRO: ${{ matrix.distro }}
+  #     - name: Run Molecule tests
+  #       run: uv run molecule -v test
+  #       env:
+  #         PY_COLORS: "1"
+  #         ANSIBLE_FORCE_COLOR: "1"
+  #         MOLECULE_DISTRO: ${{ matrix.distro }}

.gitignore

@@ -7,8 +7,10 @@ config*.yml
 .python-version
 *.txt
 
-# Pycharm
+# Jetbrains IDEs
 .idea/
 
 # Visual Studio Code
 .vscode/
+
+**/flake.lock

.pre-commit-config.yaml

@@ -1,25 +1,11 @@
 ---
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.3.0
+    rev: v5.0.0
     hooks:
       - id: check-added-large-files
       - id: check-toml
       - id: check-yaml
       - id: end-of-file-fixer
       - id: trailing-whitespace
       - id: check-added-large-files
-  - repo: https://github.com/pre-commit/mirrors-prettier
-    rev: v2.7.1
-    hooks:
-      - id: prettier
-  - repo: https://github.com/adrienverge/yamllint.git
-    rev: v1.26.3
-    hooks:
-      - id: yamllint
-        args: ["-c=.yamllint", "."]
-  - repo: https://github.com/ansible-community/ansible-lint.git
-    rev: v6.10.2
-    hooks:
-      - id: ansible-lint
-        files: \.(yaml|yml)$

.yamllint

@@ -13,4 +13,5 @@ rules:
 ignore: |
   .github/stale.yml
   .cache
+  .venv
   roles

CONTRIBUTING.md

@@ -35,7 +35,7 @@ Request features on the [Issue Tracker].
 
 ## How to set up your development environment
 
-You need Python 3.12+ and the following tools:
+You need Python 3.13+ and the following tools:
 
 - [Molecule]
 - [Podman]
@@ -53,6 +53,7 @@ The good thing is to install them you just need [Ansible] and this playbook.
 
 ## How to test the project
 
+
 Run the tests locally:
 
 ```sh
@@ -73,37 +74,6 @@ vagrant up
 
 The default password for `root` in the VM is `vagrant`.
 
-#### Enabling contrib / non-free / non-free-firmware
-
-Keep in mind one maybe need extra steps to enable extra apt packages eg. to install `torbrowser-launcher` (from contrib) or `firmware-amd-graphics` (from non-free-firmware):
-
-1. comment out provision part of `Vagrantfile`:
-
-   ```
-       # Run playbook
-       #config.vm.provision "ansible" do |ansible|
-       #  ansible.playbook = "main.yml"
-       #  ansible.verbose = "vv"
-       #end
-   ```
-
-1. run `vagrant up` and then `vagrant login`
-1. edit `/etc/apt/sources.list` to add the desired streams eg.:
-
-   ```
-   deb https://deb.debian.org/debian bookworm main contrib non-free-firmware
-   deb-src https://deb.debian.org/debian bookworm main contrib non-free-firmware
-   deb https://deb.debian.org/debian bookworm-updates main contrib non-free-firmware
-   deb-src https://deb.debian.org/debian bookworm-updates main contrib non-free-firmware
-   deb https://deb.debian.org/debian-security bookworm-security main contrib non-free-firmware
-   deb-src https://deb.debian.org/debian-security bookworm-security main contrib non-free-firmware
-   deb https://deb.debian.org/debian bookworm-backports main contrib non-free-firmware
-   deb-src https://deb.debian.org/debian bookworm-backports main contrib non-free-firmware
-   ```
-
-1. uncomment the provisioning part again on `Vagrantfile`
-1. run `vagrant provision`
-
 ## How to submit changes
 
 Open a [pull request] to submit changes to this project.

README.md

@@ -8,66 +8,39 @@
 
 ## Features
 
+- Support processor architectures: x86_64 (only one for now, may be extended in the future).
 - Development: [Golang], [NodeJs] and [Python tools].
-  - IDEs: [VSCodium] and [Pycharm] installation.
-- Browsers: [Firefox] ESR replacement with official PPA and configuration; and [Brave] installation.
-- Package manager installation: [Nix] and [Home Manager].
-- Packages intallation: apt, nix, snap, npm and ruby gems.
-  - Note: pip packages are enforced to not be installed globally on Debian 12 by [PEP-668].
-- Replaces [LibreOffice] with [OnlyOffice].
-- Assorted FOSS programs: [Cryptomator], [KeyPass], [OBS], [OpenRGB], [RClone], and [Signal] messenger installation.
-- Configurations: dotfiles, shell/terminals, [Gnome], [Git], ssh, keyboard...
+  - IDEs: [VSCodium] installation (via Nixpkgs).
+- Browsers: [Brave], [Firefox] and [Mullvad Browser] (via Nix).
+- Containers and virtualization: [Docker], [Podman] and [libvirtd].
+- Office: installs [OnlyOffice] (via Nixpkgs).
+- Assorted FOSS programs: [Cryptomator], [KeyPass], [OBS] (via Nixpkgs), [OpenRGB], [RClone], and [Signal] (via Nixpkgs) messenger installation.
+- Configurations: dotfiles, zsh (via Nix), terminals, [Gnome], [Git], ssh, keyboard...
 
-Note: this is an opinionated setup I personally use for software development on [Debian] 12. You can customize all the changes following instructions in [Overriding Defaults](#overriding-defaults).
+Note: this is an opinionated setup I personally use for software development on [NixOS](https://nixos.org). You can customize all the changes following instructions in [Overriding Defaults](#overriding-defaults).
 
 ## Requirements
 
-1. [Ansible] installed:
-
-   ```sh
-   sudo apt install ansible-core
-   ```
-
-   If you get an error saying no installation candidate, edit your apt sources files with:
-
-   ```sh
-   sudo gedit /etc/apt/sources.list
-   ```
-
-   Remove DVD repos (if you see them) and make sure you have:
-
-   ```sh
-   deb http://deb.debian.org/debian/ bookworm main contrib non-free-firmware
-   deb-src http://deb.debian.org/debian/ bookworm main contrib non-free-firmware
-
-   deb http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware
-   deb-src http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware
-
-   # bookworm-updates, to get updates before a point release is made;
-   # see https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports
-   deb http://deb.debian.org/debian/ bookworm-updates main contrib non-free-firmware
-   deb-src http://deb.debian.org/debian/ bookworm-updates main contrib non-free-firmware
-   ```
-
-   1. If **~/.local/bin** is not on **echo \$PATH**, you can add it with the command:
-
-   ```sh
-   sudo echo 'export PATH=$PATH:~/.local/bin' >> ~/.bashrc && source ~/.bashrc
-   ```
+1. Install latest stable, recommended Minimal ISO image from [NixOS download ISO page](https://nixos.org/download/#nixos-iso).
+1. [Ansible] installed. Make sure you have it in you `local.nix` either in `systemWidePkgs` or `mainUser.pkgs`.
 
 ## Installation
 
-1. [Download] and extract this playbook or clone this repository to your local drive.
+1. Create a `local.nix` file from [eg folder](eg/local.nix) and change:
+  - git variables.
+  - main Linux username.
+  - timezone.
+  - browser configurations.
+1. Create at /etc/nixos a `flake.nix` file [eg folder](eg/flake.nix).
 
    ```sh
-   git clone [email protected]:staticdev/linux-workstation-playbook.git
+   curl -s "https://raw.githubusercontent.com/staticdev/linux-workstation-playbook/main/eg/flake.nix?token=$(date +%s)" -o /etc/nixos/flake.nix
+   nixos-generate-config
+   nixos-rebuild boot --upgrade-all
    ```
 
-1. Install dependencies by entering the terminal in the playbook folder and run the command:
-
-   ```sh
-   ansible-galaxy install -fr requirements.yml
-   ```
+1. Rebuild hardware config with `sudo nixos-generate-config`.
+1. Rebuild your system with `sudo nixos-rebuild boot --upgrade-all`.
 
 ## Usage
 
@@ -129,15 +102,9 @@ installed_packages:
   - go
 ```
 
-For [Nix] packages, it is necessary to specify a command that will verify if it is already installed, most binaries support `--version` or just `version`, eg:
+To have you own dotfiles, just fork the [dotfiles eg. repo] and change the url of `dotfiles_repo` or just change `configure_dotfiles` to false if you do not want it.
 
-```yaml
-nix_packages:
-  - name: git
-    check_cmd: git --version
-  - name: kubectl
-    check_cmd: kubectl version --client
-```
+For [Nix] packages, update your [Home Manager] config on your dotfiles repo.
 
 Other package managers:
 
@@ -152,8 +119,6 @@ npm_packages:
   - name: webpack
 ```
 
-To have you own dotfiles, just fork the [dotfiles eg. repo] and change the url of `dotfiles_repo` or just change `configure_dotfiles` to false if you do not want it.
-
 Any variable can be overridden in **config.yml**; see the supporting roles' documentation for a complete list of available variables.
 
 ### Use with a remote machine
@@ -188,11 +153,11 @@ please [file an issue] along with a detailed description.
 This project was inspired by [@geerlingguy]'s [Mac Development Ansible Playbook].
 
 [@geerlingguy]: https://github.com/geerlingguy
-[ansible]: https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html
 [brave]: https://brave.com/
 [contributor guide]: https://github.com/staticdev/linux-workstation-playbook/blob/main/CONTRIBUTING.md
 [cryptomator]: https://cryptomator.org/
 [debian]: https://www.debian.org/
+[docker]: https://www.docker.com/
 [dotfiles eg. repo]: https://github.com/staticdev/dotfiles-eg
 [download]: https://github.com/staticdev/linux-workstation-playbook/archive/refs/heads/main.zip
 [file an issue]: https://github.com/staticdev/linux-workstation-playbook/issues
@@ -201,17 +166,19 @@ This project was inspired by [@geerlingguy]'s [Mac Development Ansible Playbook]
 [gnome]: https://www.gnome.org/
 [golang]: https://go.dev/
 [home manager]: https://github.com/nix-community/home-manager
-[libreoffice]: https://www.libreoffice.org/
+[libvirtd]: https://libvirt.org/manpages/libvirtd.html
 [nodejs]: https://nodejs.org/
 [keypass]: https://keepass.info/
 [mac development ansible playbook]: https://github.com/geerlingguy/mac-dev-playbook
 [mit]: https://opensource.org/licenses/MIT
+[mullvad browser]: https://mullvad.net/en/browser
 [nix]: https://nixos.org/
+[nixos download iso page]: https://nixos.org/download/#nixos-iso
 [obs]: https://obsproject.com/
 [onlyoffice]: https://github.com/ONLYOFFICE/
 [openrgb]: https://gitlab.com/CalcProgrammer1/OpenRGB
 [pep-668]: https://peps.python.org/pep-0668/
-[pycharm]: https://www.jetbrains.com/pycharm/
+[podman]: https://podman.io/
 [python tools]: https://github.com/staticdev/ansible-role-python-developer
 [rclone]: https://rclone.org/
 [signal]: https://signal.org