Install NixOS on Hetzner Online: Difference between revisions

Revision as of 22:17, 29 May 2020

This article is about installing NixOS on Hetzner Online, which provides dedicated bare-metal servers.

This is not to be confused with Hetzner Cloud, that provides VMs (an example for how to install NixOS there is shown here).

There are three ways at the time to install NixOS on Hetzner dedicated:

From Hetzner's rescue image one can boot into the nixos installer using a custom kexec image that is configured with the fixed IPv6 provided by Hetzner and also contain your ssh key. Tip: The kexec tarball as generated by nixos-generators can remain put into the /boot partition for future use.
Hetzner also provides an interface to upload your own ISO-images. Also here you may want to build your own iso-image, which has openssh with ssh keys due the lack of a remote console.
An easier method to install NixOS on Hetzner, is to use the existing integration into NixOps.
An example to install NixOS in the Hetzner rescue mode, including full RAID partitioning, is available here.

Network configuration

From Hetzner's web interface, one can obtain both ipv4/ipv6 addresses and gateways. Hetzner does announce ipv6 addresses servers, so you need to assign those statically. In this example we use networkd to configure the interface. The same configuration can be used for both the kexec installation image and the final server configuration.

{ ... }: {
  # This make sure that our interface is named `eth0`.
  # This should be ok as long as you don't have multiple physical network cards
  # For multiple cards one could add a netdev unit to rename the interface based on the mac address
  networking.usePredictableInterfaceNames = false;
  systemd.network = {
    enable = true;
    networks."eth0".extraConfig = ''
      [Match]
      Name = eth0
      [Network]
      # Add your own assigned ipv6 subnet here here!
      Address = 2a01:4f9:ffff::1/64
      Gateway = fe80::1
      # optionally you can do the same for ipv4 and disable DHCP (networking.dhcpcd.enable = false;)
      # Address =  144.x.x.x/26
      # Gateway = 144.x.x.1
    '';
  };
}

Another possibility is to use networking.interfaces:

let
  external-mac = "00:11:22:33:44:55";
  ext-if = "et0";
  external-ip = "144.x.x.x";
  external-gw = "144.x.x.255";
  external-ip6 = "2a01:XXXX:XXXX::1";
  external-gw6 = "fe80::1";
  external-netmask = 27;
  external-netmask6 = 64;
in {
  # rename the external interface based on the MAC of the interface
  services.udev.extraRules = ''SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"'';
  networking = {
    interfaces."${ext-if}" = {
      ipv4.addresses = [{
        address = external-ip;
        prefixLength = external-netmask;
      }];
      ipv6.addresses = [{
        address = external-ip6;
        prefixLength = external-netmask6;
      }];
    };
    defaultGateway6 = {
      address = external-gw6;
      interface = ext-if;
    };
    defaultGateway = external-gw;
  };
}

@@ Line 1: / Line 1: @@
 This article is about installing NixOS on [https://www.hetzner.com/dedicated-rootserver?country=us Hetzner Online], which provides dedicated
-bare-metal servers. This is not to be confused by [https://www.hetzner.com/cloud Hetzner cloud], that provides VMs.
+bare-metal servers.
-There are three ways at the time to install NixOS on Hetzner
+This is not to be confused with [https://www.hetzner.com/cloud Hetzner Cloud], that provides VMs (an example for how to install NixOS there is shown [https://gist.github.com/nh2/c02612e05d1a0f5dc9fd50dda04b3e48 here]).
+There are three ways at the time to install NixOS on Hetzner dedicated:
 # From Hetzner's rescue image one can boot into the nixos installer using a custom kexec image that is configured with the fixed IPv6 provided by Hetzner and also contain your ssh key. Tip: The kexec tarball as generated by [https://github.com/nix-community/nixos-generators nixos-generators] can remain put into the /boot partition for future use.