|
|
| Line 85: |
Line 85: |
| nix.settings = { | | nix.settings = { |
| experimental-features = "nix-command flakes"; | | experimental-features = "nix-command flakes"; |
| auto-optimise-store = true;
| |
| }; | | }; |
| | | |
| Line 91: |
Line 90: |
| pkgs.vim | | pkgs.vim |
| pkgs.git | | pkgs.git |
| pkgs.zip
| |
| pkgs.unzip
| |
| pkgs.wget
| |
| ]; | | ]; |
| | | |
| Line 110: |
Line 106: |
| ]; | | ]; |
| | | |
| documentation.nixos.enable = false;
| |
| time.timeZone = "Europe/London"; | | time.timeZone = "Europe/London"; |
| i18n.defaultLocale = "en_GB.UTF-8"; | | i18n.defaultLocale = "en_US.UTF-8"; |
| console.keyMap = "us"; | | console.keyMap = "us"; |
| nix.settings.trusted-users = [ "@wheel" ];
| |
| | | |
| boot.loader.grub.enable = true; | | boot.loader.grub.enable = true; |
| Line 141: |
Line 135: |
| }; | | }; |
| }; | | }; |
| | |
| networking.firewall.allowedTCPPorts = [ 22 ]; | | networking.firewall.allowedTCPPorts = [ 22 ]; |
| | | |
| # This value determines the NixOS release from which the default
| | system.stateVersion = "24.11"; |
| # settings for stateful data, like file locations and database versions
| |
| # on your system were taken. It‘s perfectly fine and recommended to leave
| |
| # this value at the release version of the first install of this system.
| |
| # Before changing this value read the documentation for this option
| |
| # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
| |
| system.stateVersion = "24.11"; # Did you read the comment? | |
| } | | } |
|
| |
|
|
| |
|
| To access the system, you will need to ensure that port 22 on the VM is available via the Hetzner firewall. | | To access the VM, you will need to ensure that port 22 on the VM is opened via the Hetzner firewall if that is configured. |
|
| |
|
| === nixos-anywhere === | | === nixos-anywhere === |
| The tutorial assumes you already have an account on Hetzner Cloud, and no prior access to a system with NixOS or nix CLI utility installed: | | The tutorial assumes you already have an account on Hetzner Cloud, and no prior access to a system with NixOS or nix CLI utility installed. |
| # Create a temp folder for future use. Run:<syntaxhighlight lang="shell">
| | #First upload your SSH key via the Hetzner Web UI |
| mkdir /tmp/my-first-flake
| | #Then click yourself a VM. For the OS choose Ubuntu but anything should work. This guide was tested with x86_64-linux but aarch64 should work with the note from below. |
| </syntaxhighlight>'''Note''': this folder will be mounted into docker container on the next step. Having the folder on the host system enables editing files using a familiar editor, available on the host system, such as VS Code or neovim.
| |
| #Enter docker container. Run:<syntaxhighlight lang="shell"> | |
| docker run --rm --interactive --tty --mount type=bind,source=/tmp/my-first-flake,target=/tmp/my-first-flake alpine:3.20 ash
| |
| </syntaxhighlight>'''Note''': this is done in a container in order to reduce the "setup footprint and residue", allowing to throw away this setup environment quickly.
| |
| #Install <code>nix</code> and <code>hcloud</code> CLI utilities. Run:<syntaxhighlight lang="shell">
| |
| apk add nix hcloud openssh
| |
| </syntaxhighlight>
| |
| #Authenticate <code>hcloud</code> CLI utility. Run:<syntaxhighlight lang="shell">
| |
| hcloud context create my-first-context
| |
| </syntaxhighlight>
| |
| #When asked, enter value of the token in the prompt. '''Note''': the token with "Read/Write" permissions can be obtained on a project page inside Hetzner Cloud: <nowiki>https://console.hetzner.cloud/projects/0000000/security/tokens</nowiki>
| |
| #Create an SSH key:<syntaxhighlight lang="sh">
| |
| ssh-keygen -t ed25519 -f /root/.ssh/id_ed25519 -N ''
| |
| </syntaxhighlight>
| |
| #Upload your public key to Hetzner:<syntaxhighlight lang="shell">
| |
| hcloud ssh-key create --name 'My public key' --public-key-from-file /root/.ssh/id_ed25519.pub
| |
| </syntaxhighlight>
| |
| #Create a VM on Hetzner. Run:<syntaxhighlight lang="shell"> | |
| hcloud server create --name my-hetzner-vm --type cpx21 --image ubuntu-24.04 --location fsn1 --ssh-key 'My public key'
| |
| </syntaxhighlight>Write down the IP. '''Note 1''': this tutorial uses <code>cpx21</code> VM instance type which corresponds to an x86 architecture marchine with 3 CPU cores and 4GB of RAM, and <code>fsn1</code> location which corresponds to a data center in the city of Falkenstein in Germany. A list of all instance types can be obtained by running command <code>hcloud server-type list</code>, while a list of all locations can be obtained by running <code>hcloud location list</code> command. '''Note 2''': Hopefully, Hetzner Cloud team will support NixOS disk images soon, see [https://www.reddit.com/r/NixOS/comments/1desdbv/could_we_convince_hetzner_to_add_nixos_as_a/ Could we convince Hetzner to add Nixos as a standard image choice].
| |
| # On your host computer, create a folder. Run:<syntaxhighlight lang="shell">
| |
| mkdir -p /tmp/my-first-flake/my-vms/my-hetzner-vm/
| |
| </syntaxhighlight>
| |
| #Using a code editor on your host computer, create 4 files. File contents, as well as the location of where to put corresponding file are indicated below:<syntaxhighlight lang="nix"> | | #Using a code editor on your host computer, create 4 files. File contents, as well as the location of where to put corresponding file are indicated below:<syntaxhighlight lang="nix"> |
| # /tmp/my-first-flake/my-vms/my-hetzner-vm/hardware-configuration.nix | | # /tmp/my-hetzner-vm/hardware-configuration.nix |
|
| |
|
| { config, lib, pkgs, modulesPath, ... }: | | { config, lib, pkgs, modulesPath, ... }: |
| Line 201: |
Line 167: |
| } | | } |
| </syntaxhighlight><syntaxhighlight lang="nix"> | | </syntaxhighlight><syntaxhighlight lang="nix"> |
| # /tmp/my-first-flake/my-vms/my-hetzner-vm/disko-config.nix | | # /tmp/my-hetzner-vm/disko-config.nix |
|
| |
|
| { | | { |
| Line 241: |
Line 207: |
| } | | } |
| </syntaxhighlight><syntaxhighlight lang="nix"> | | </syntaxhighlight><syntaxhighlight lang="nix"> |
| # /tmp/my-first-flake/my-vms/my-hetzner-vm/configuration.nix | | # /tmp/my-hetzner-vm/configuration.nix |
|
| |
|
| { config, lib, pkgs, ... }: | | { config, lib, pkgs, ... }: |
| Line 265: |
Line 231: |
| enable = true; | | enable = true; |
| defaultEditor = true; | | defaultEditor = true; |
| configure = {
| |
| customRC = ''
| |
| colorscheme habamax
| |
| '';
| |
|
| |
| packages.packages = {
| |
| start = [
| |
| pkgs.vimPlugins.nerdtree
| |
| ];
| |
| };
| |
| };
| |
| }; | | }; |
|
| |
|
| Line 281: |
Line 236: |
| } | | } |
| </syntaxhighlight>'''Note''': the value of <code>initialHashedPassword</code> above was obtained using <code>mkpasswd</code> command in Linux, and corresponds to <code>Password.123</code> string used as password.<syntaxhighlight lang="nix"> | | </syntaxhighlight>'''Note''': the value of <code>initialHashedPassword</code> above was obtained using <code>mkpasswd</code> command in Linux, and corresponds to <code>Password.123</code> string used as password.<syntaxhighlight lang="nix"> |
| # /tmp/my-first-flake/flake.nix | | # /tmp/my-hetzner-vm/flake.nix |
|
| |
|
| { | | { |
| Line 305: |
Line 260: |
|
| |
|
| modules = [ | | modules = [ |
| ./my-vms/my-hetzner-vm/configuration.nix | | ./configuration.nix |
| inputs.disko.nixosModules.disko | | inputs.disko.nixosModules.disko |
| ]; | | ]; |
| Line 312: |
Line 267: |
| }; | | }; |
| } | | } |
| </syntaxhighlight>'''Note''': all these files constitute what's known as a ''nix [[flake]]''. The flake in question is small, though not exactly a minimal one. | | </syntaxhighlight> |
| #Build NixOS from flake. Run:<syntaxhighlight lang="shell"> | | #To build NixOS from the flake run:<syntaxhighlight lang="shell"> |
| nix run --extra-experimental-features 'nix-command flakes' github:nix-community/nixos-anywhere/1.3.0 -- --flake /tmp/my-first-flake#my-hetzner-vm root@0.0.0.0 --build-on-remote | | nix run --extra-experimental-features 'nix-command flakes' github:nix-community/nixos-anywhere --flake /tmp/my-first-flake#my-hetzner-vm root@0.0.0.0 --build-on-remote |
| </syntaxhighlight>'''Note''': replace <code>0.0.0.0</code> with an IP address obtained during an earlier step. | | </syntaxhighlight>'''Note''': replace <code>0.0.0.0</code> with an IP address obtained during an earlier step. |
| The NixOS on Hetzner is installed! | | The NixOS on Hetzner is installed! |
|
| |
| Let's do a few more steps to customize the installation.
| |
| #Copy flake files onto the server. Run:<syntaxhighlight lang="shell">
| |
| scp -r /tmp/my-first-flake eugene@0.0.0.0:~/
| |
| </syntaxhighlight>'''Note''': again, replace <code>0.0.0.0</code> with an IP address obtained via <code>hcloud server ip my-hetzner-vm</code>.
| |
| #Using <code>neovim</code> editor on the VM, modify <code>configuration.nix</code> to include a package containing Elixir programming language runtime for <code>eugene</code> user. Run:<syntaxhighlight lang="shell">
| |
| nvim my-first-flake/my-vms/my-hetzner-vm/configuration.nix
| |
|
| |
| </syntaxhighlight>Edit the <code>configuration.nix</code> so that <code>users</code> block looks like this:<syntaxhighlight lang="shell">
| |
| # ~/my-first-flake/my-vms/my-hetzner-vm/configuration.nix
| |
| # ...
| |
| users.users.eugene = {
| |
| isNormalUser = true;
| |
| extraGroups = [ "wheel" ];
| |
| initialHashedPassword = "$y$j9T$2DyEjQxPoIjTkt8zCoWl.0$3mHxH.fqkCgu53xa0vannyu4Cue3Q7xL4CrUhMxREKC"; # Password.123
| |
|
| |
| packages = [
| |
| pkgs.beam.packages.erlang_26.elixir_1_16
| |
| ];
| |
| };
| |
| # ...
| |
| </syntaxhighlight>
| |
| #Re-build NixOS. Run:<syntaxhighlight lang="shell">
| |
| sudo nixos-rebuild switch --flake ./my-first-flake#my-hetzner-vm
| |
| </syntaxhighlight>
| |
|
| |
|
| === disko === | | === disko === |