Install NixOS on Linode: Difference between revisions
imported>Fadenb Created page with "The high level approach that these directions will take is to boot into the Rescue Mode, then mount the partitions we'll install on, install NixOS and NixPkgs on the Rescue Di..." |
imported>Fadenb No edit summary |
||
| Line 1: | Line 1: | ||
This tutorial is written for people who want to run NixOS on a Linode instance. We assume you are using the KVM hypervisor instead of the older hypervisor, Xen. | |||
In this tutorial, we will show you how to set up NixOS on Linode by setting up disk, installing Nix onto the rescue OS, and use Nix to install NixOS onto your disks. | |||
== Create a Linode Instance == | |||
Linode uncreatively calls each virtual server a Linode itself. We'll be calling them a Linode instance. Create one of whichever size you prefer and wherever you prefer to locate it. Linode will direct you to the Dashboard tab of the [https://manager.linode.com/ Linode Manager]. | |||
=== | == Setup Disks == | ||
=== Create Disk Images === | |||
On the Dashboard tab, there is an option Create a new disk. You will need to create a single disk. | |||
* label: nixos | |||
* type: ext4 | |||
* size: Maximum | |||
Note: The label is arbitrary. | |||
=== Boot into Finnix === | |||
Now that you have the disks created, it's time to boot the Linode instance. Go to the Rescue tab in the ''Linode Manager'', and select ''Reboot into Rescue Mode'', which uses Finnix as an OS. | |||
=== | Now that it's started, connect to it via ''SSH''. In the ''Remote Access'' tab of the ''Linode Manager'', there's either ''Lish via Ajaxterm'' or ''Lish via SSH''. The SSH option is much more pleasant to use since Ajaxterm disconnects after a couple minutes of idle. Pick one, and connect. If it asks for a password, give your Linode password. | ||
mount /dev/ | |||
Once in, it'll say <code>Welcome to Finnix!</code> amongst other things. | |||
''Note'': The Lish shell does not let you scroll back and if you write or paste a line that is longer than the line length, it'll write over the beginning of your line visually. Even if you ssh into it through a terminal that doesn't have these issues, you will get them. Just be glad you only need to use Lish to set up NixOS, not use it. | |||
=== Repartitioning === | |||
With this single disk, we are going to repartition it into four different disks: A disk for <code>grub</code>, a boot disk, a swap disk, and the actual nixos disk. To do this, we will use <code>gdisk</code>. Without a swap disk, the actual installation with run out of memory. | |||
gdisk /dev/sda | |||
To create new partitions, type <code>n</code> and follow the instructions. The following table shows the values you need. When finished, write your changes and exit with <code>w</code>. This will create four devices, <code>/dev/sda1</code> through <code>/dev/sda4</code>. | |||
Number Start (sector) End (sector) Size Code Name | |||
1 2048 4095 1024.0 KiB EF02A BIOS boot partition | |||
2 4096 1028095 500.0 MiB 8300 Linux filesystem | |||
3 1028096 3125247 1024.0 MiB 8200 Linux swap | |||
4 3125248 50331614B 22.5 GiB 8300 Linux filesystem | |||
'''A:''' Note that the BIOS boot partition with `EF02` is mandatory because the direct disk boot approach requires that you set aside this sector for your BIOS. | |||
'''B:''' The end sector for the final partition is dependent upon the size of the Linode you are creating. This sector is the final sector on the smallest available Linode instance. | |||
After creating, we now need to format them, since <code>gdisk</code> does not actually format them. | |||
mkfs.ext4 -L nixos /dev/sda4 | |||
mkfs.ext4 -L boot /dev/sda2 | |||
mkswap -L swap /dev/sda3 | |||
=== Mounting === | |||
The devices now need to be mounted, and swap turned on. | |||
mount /dev/sda4 /mnt | |||
mkdir /mnt/boot | mkdir /mnt/boot | ||
mount /dev/ | mount /dev/sda2 /mnt/boot | ||
swapon /dev/sda3 | |||
==Install | == Install Nix == | ||
We are going to install ''Nix'' into your Rescue System and use that to install ''NixOS'' onto your <code>nixos</code> disk. ''Nix'' can be used without ''NixOS'', and that is what we are doing here - installing ''Nix'' so that it can install ''NixOS'' which will come with its own ''Nix''. | |||
=== | === Create Temp User === | ||
Installing Nix as root | Installing Nix as root does not work. Create a new user so that you can install Nix. This new user will '''not''' exist once the process is finished. | ||
We will also need a group <code>nixbld</code> and a set of users in that group. | |||
adduser nix | adduser nix | ||
You will need to set a password. It will never be asked for, but you need to have one anyways. | |||
groupadd -r nixbld | groupadd -r nixbld | ||
| Line 39: | Line 70: | ||
nixbld$n; done | nixbld$n; done | ||
''Note:'' If you paste this all in at once, only the <code>adduser</code> command will execute. Do the <code>adduser</code>command separately from the other commands. | |||
=== Download and Build === | |||
Now, to install ''Nix'' itself, we need to set up an environment to install in and then download and run the ''Nix'' installer as the <code>nix</code> user. | |||
Now do the Nix install: | Now do the Nix install: | ||
update-ca-certificates | |||
mkdir /nix | |||
chown -R nix /nix | |||
su - nix | su - nix | ||
bash <(curl https://nixos.org/nix/install) | bash <(curl https://nixos.org/nix/install) | ||
exit | exit | ||
''Note:'' Yes, we are piping curl into bash. You'll have to trust that the nixos.org website isn't hacked. | |||
Now that ''Nix'' is installed, the rest must be done as <code>root</code>, which the <code>exit</code> puts you back into. From here on, you do not need the <code>nix</code> user at all. | |||
=== Create a Nix Profile === | |||
Next up, create a ''Nix profile'' for the root user, remove the default ''nixpkgs'' channel, and add the nixos channel. | |||
. ~nix/.nix-profile/etc/profile.d/nix.sh | . ~nix/.nix-profile/etc/profile.d/nix.sh | ||
nix-channel --remove nixpkgs | nix-channel --remove nixpkgs | ||
nix-channel --add http://nixos.org/channels/nixos-17. | nix-channel --add http://nixos.org/channels/nixos-17.09 nixos | ||
nix-channel --update | nix-channel --update | ||
== | == Optional: Install vim for editing (>= 2048mb linode) == | ||
nix-env -i vim | If you want to use <code>vim</code> to edit text instead of <code>nano</code>, install it. | ||
nix-env -i vim_configurable | |||
''Note:'' Because the size of your linode determines the size of the / ramdisk, only a linode larger or equal to 2048 will fit vim. | |||
== Install nixos-install packages == | |||
cat <<EOF > configuration.nix | Next up, let's actually get the NixOS installation file. Create a configuration file for ''Nix'' that is mostly empty, set some shell variables, and then install some packages. | ||
cat <<EOF > /root/configuration.nix | |||
{ fileSystems."/" = {}; | { fileSystems."/" = {}; | ||
boot.loader.grub.enable = false; | boot.loader.grub.enable = false; | ||
} | } | ||
EOF | EOF | ||
export NIX_PATH=nixpkgs=/root/.nix-defexpr/channels/nixos:nixos=/root/.nix-defexpr/channels/nixos/nixos | export NIX_PATH=nixpkgs=/root/.nix-defexpr/channels/nixos:nixos=/root/.nix-defexpr/channels/nixos/nixos | ||
export NIXOS_CONFIG=/root/configuration.nix | export NIXOS_CONFIG=/root/configuration.nix | ||
nix-env -i -A config.system.build.nixos-install -A config.system.build.nixos-option -A config.system.build.nixos-generate-config -f "<nixos>" | nix-env -i -A config.system.build.nixos-install \ | ||
-A config.system.build.nixos-option \ | |||
-A config.system.build.nixos-generate-config \ | |||
-f "<nixos>" | |||
== Configure NixOS == | |||
Now that you have the NixOS installation packages installed, it's time to build the configuration for your system. | |||
If you already have a configuration file that you saved somewhere else, you can put it in <code>/mnt/etc/nixos/configuration.nix</code> directly. If you do so, jump down to Install NixOS! | |||
=== Generate configuration files === | |||
These will generate your configuration files in <code>/mnt/etc/nixos/</code>. | |||
export NIX_PATH=nixpkgs=/root/.nix-defexpr/channels/nixos:nixos=/root/.nix-defexpr/channels/nixos/nixos | export NIX_PATH=nixpkgs=/root/.nix-defexpr/channels/nixos:nixos=/root/.nix-defexpr/channels/nixos/nixos | ||
nixos-generate-config --root /mnt | nixos-generate-config --root /mnt | ||
== | === Fix hardware-configuration.nix === | ||
The hardware scan fails to find the correct setup for us. As such, replace the <code>hardware-configuration.nix</code> file with the following: | |||
imports = | |||
[ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> | |||
]; | |||
Note: The only part that changes is the thing in <code><></code> brackets. | |||
=== Fix Kernel Modules Setting === | |||
Make sure in your <code>hardware_configuration.nix</code>, you have the following line. You can add other kernel modules if you want. | |||
boot.initrd.availableKernelModules = [ "virtio_net" "virtio_pci" "virtio_blk" "virtio_scsi" "9p" "9pnet_virtio" "ata_piix" "virtio_pci" ]; | |||
The NixOS 2014.12 <code>qemu-guest</code> hardware module is missing the virtio_scsi module. | |||
=== Make sure GRUB and Linux use serial console for lish === | |||
As lish requires output to a serial console, some further changes are required in configuration.nix to ensure that you can use lish to administer nixos. | |||
== | boot.kernelParams = [ "console=ttyS0" ]; | ||
boot.loader.grub.extraConfig = "serial; terminal_input serial; terminal_output serial"; | |||
Without the first line, you will never see the Linux kernel load in the lish console, and without the second line you will never see the GRUB menu. | |||
=== | === Tell GRUB the boot device === | ||
In configuration.nix, uncomment the following line: | |||
= | boot.loader.grub.device = "/dev/sda"; | ||
Longview Service (Optional) | |||
To enable [https://manager.linode.com/longview/ Longview] metrics: | |||
services.longview.enable = true; | |||
services.longview.apiKey = "01234567-89AB-CDEF-0123456789ABCDEF"; | |||
The apiKey value can be found in Longview settings. The Longview service is not yet available in the stable channel. | |||
=== Other Changes === | |||
Do other changes. Get your users set up as you want them. Get databases and what not set up. Set up your ports. Anything you care about really. | |||
Revision as of 10:46, 30 June 2017
This tutorial is written for people who want to run NixOS on a Linode instance. We assume you are using the KVM hypervisor instead of the older hypervisor, Xen.
In this tutorial, we will show you how to set up NixOS on Linode by setting up disk, installing Nix onto the rescue OS, and use Nix to install NixOS onto your disks.
Create a Linode Instance
Linode uncreatively calls each virtual server a Linode itself. We'll be calling them a Linode instance. Create one of whichever size you prefer and wherever you prefer to locate it. Linode will direct you to the Dashboard tab of the Linode Manager.
Setup Disks
Create Disk Images
On the Dashboard tab, there is an option Create a new disk. You will need to create a single disk.
- label: nixos
- type: ext4
- size: Maximum
Note: The label is arbitrary.
Boot into Finnix
Now that you have the disks created, it's time to boot the Linode instance. Go to the Rescue tab in the Linode Manager, and select Reboot into Rescue Mode, which uses Finnix as an OS.
Now that it's started, connect to it via SSH. In the Remote Access tab of the Linode Manager, there's either Lish via Ajaxterm or Lish via SSH. The SSH option is much more pleasant to use since Ajaxterm disconnects after a couple minutes of idle. Pick one, and connect. If it asks for a password, give your Linode password.
Once in, it'll say Welcome to Finnix! amongst other things.
Note: The Lish shell does not let you scroll back and if you write or paste a line that is longer than the line length, it'll write over the beginning of your line visually. Even if you ssh into it through a terminal that doesn't have these issues, you will get them. Just be glad you only need to use Lish to set up NixOS, not use it.
Repartitioning
With this single disk, we are going to repartition it into four different disks: A disk for grub, a boot disk, a swap disk, and the actual nixos disk. To do this, we will use gdisk. Without a swap disk, the actual installation with run out of memory.
gdisk /dev/sda
To create new partitions, type n and follow the instructions. The following table shows the values you need. When finished, write your changes and exit with w. This will create four devices, /dev/sda1 through /dev/sda4.
Number Start (sector) End (sector) Size Code Name 1 2048 4095 1024.0 KiB EF02A BIOS boot partition 2 4096 1028095 500.0 MiB 8300 Linux filesystem 3 1028096 3125247 1024.0 MiB 8200 Linux swap 4 3125248 50331614B 22.5 GiB 8300 Linux filesystem
A: Note that the BIOS boot partition with `EF02` is mandatory because the direct disk boot approach requires that you set aside this sector for your BIOS. B: The end sector for the final partition is dependent upon the size of the Linode you are creating. This sector is the final sector on the smallest available Linode instance.
After creating, we now need to format them, since gdisk does not actually format them.
mkfs.ext4 -L nixos /dev/sda4 mkfs.ext4 -L boot /dev/sda2 mkswap -L swap /dev/sda3
Mounting
The devices now need to be mounted, and swap turned on.
mount /dev/sda4 /mnt mkdir /mnt/boot mount /dev/sda2 /mnt/boot swapon /dev/sda3
Install Nix
We are going to install Nix into your Rescue System and use that to install NixOS onto your nixos disk. Nix can be used without NixOS, and that is what we are doing here - installing Nix so that it can install NixOS which will come with its own Nix.
Create Temp User
Installing Nix as root does not work. Create a new user so that you can install Nix. This new user will not exist once the process is finished.
We will also need a group nixbld and a set of users in that group.
adduser nix
You will need to set a password. It will never be asked for, but you need to have one anyways.
groupadd -r nixbld
for n in $(seq 1 10); do useradd -c "Nix build user $n" \
-d /var/empty -g nixbld -G nixbld -M -N -r -s "$(which nologin)" \
nixbld$n; done
Note: If you paste this all in at once, only the adduser command will execute. Do the addusercommand separately from the other commands.
Download and Build
Now, to install Nix itself, we need to set up an environment to install in and then download and run the Nix installer as the nix user.
Now do the Nix install:
update-ca-certificates mkdir /nix chown -R nix /nix su - nix bash <(curl https://nixos.org/nix/install) exit
Note: Yes, we are piping curl into bash. You'll have to trust that the nixos.org website isn't hacked.
Now that Nix is installed, the rest must be done as root, which the exit puts you back into. From here on, you do not need the nix user at all.
Create a Nix Profile
Next up, create a Nix profile for the root user, remove the default nixpkgs channel, and add the nixos channel.
. ~nix/.nix-profile/etc/profile.d/nix.sh nix-channel --remove nixpkgs nix-channel --add http://nixos.org/channels/nixos-17.09 nixos nix-channel --update
Optional: Install vim for editing (>= 2048mb linode)
If you want to use vim to edit text instead of nano, install it.
nix-env -i vim_configurable
Note: Because the size of your linode determines the size of the / ramdisk, only a linode larger or equal to 2048 will fit vim.
Install nixos-install packages
Next up, let's actually get the NixOS installation file. Create a configuration file for Nix that is mostly empty, set some shell variables, and then install some packages.
cat <<EOF > /root/configuration.nix
{ fileSystems."/" = {};
boot.loader.grub.enable = false;
}
EOF
export NIX_PATH=nixpkgs=/root/.nix-defexpr/channels/nixos:nixos=/root/.nix-defexpr/channels/nixos/nixos
export NIXOS_CONFIG=/root/configuration.nix
nix-env -i -A config.system.build.nixos-install \
-A config.system.build.nixos-option \
-A config.system.build.nixos-generate-config \
-f "<nixos>"
Configure NixOS
Now that you have the NixOS installation packages installed, it's time to build the configuration for your system.
If you already have a configuration file that you saved somewhere else, you can put it in /mnt/etc/nixos/configuration.nix directly. If you do so, jump down to Install NixOS!
Generate configuration files
These will generate your configuration files in /mnt/etc/nixos/.
export NIX_PATH=nixpkgs=/root/.nix-defexpr/channels/nixos:nixos=/root/.nix-defexpr/channels/nixos/nixos nixos-generate-config --root /mnt
Fix hardware-configuration.nix
The hardware scan fails to find the correct setup for us. As such, replace the hardware-configuration.nix file with the following:
imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
Note: The only part that changes is the thing in <> brackets.
Fix Kernel Modules Setting
Make sure in your hardware_configuration.nix, you have the following line. You can add other kernel modules if you want.
boot.initrd.availableKernelModules = [ "virtio_net" "virtio_pci" "virtio_blk" "virtio_scsi" "9p" "9pnet_virtio" "ata_piix" "virtio_pci" ];
The NixOS 2014.12 qemu-guest hardware module is missing the virtio_scsi module.
Make sure GRUB and Linux use serial console for lish
As lish requires output to a serial console, some further changes are required in configuration.nix to ensure that you can use lish to administer nixos.
boot.kernelParams = [ "console=ttyS0" ]; boot.loader.grub.extraConfig = "serial; terminal_input serial; terminal_output serial";
Without the first line, you will never see the Linux kernel load in the lish console, and without the second line you will never see the GRUB menu.
Tell GRUB the boot device
In configuration.nix, uncomment the following line:
boot.loader.grub.device = "/dev/sda";
Longview Service (Optional) To enable Longview metrics:
services.longview.enable = true; services.longview.apiKey = "01234567-89AB-CDEF-0123456789ABCDEF";
The apiKey value can be found in Longview settings. The Longview service is not yet available in the stable channel.
Other Changes
Do other changes. Get your users set up as you want them. Get databases and what not set up. Set up your ports. Anything you care about really.