Creating a NixOS live CD: Difference between revisions

Line 1:

== motivation ==

creating a modified NIXOS live CD out of a working nixos installation gives you the benefits:

Line 37:

Line 38:

}

=== ~~step 1/3: starting ssh automatically in the image and adding a ssh~~ key ~~to it ===~~

=== Start SSH with your SSH key

~~setting a default password on the boot cdrom (so that nobody can login using the default 'unset' password:~~

~~TODO~~

~~=== step 2/3: starting ssh automatically in the image and adding a ssh key to it ===~~

In your configuration.nix:

~~this is a hack, however it surely gives you an idea how to modify the stuff there~~:

~~in '''/etc/nixos/nixos/modules/installer/cd-dvd/installation-cd-base~~.~~nix''' add:~~

<code>

~~mkdir -p~~ /~~root~~/.ssh/

services.openssh = {

~~echo '~~ssh~~-rsa ssh-rsa AAAAB3Nz~~...~~(cut here)~~...~~AzV foo@bar' > /~~root/.ssh~~/authorized_keys~~

enable = true;

~~at the end of~~

hostKeys = [

* boot.~~postBootCommands~~ =

{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }

];

};

# enable ssh in the iso boot process

systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ];

users.users.root.openssh.authorizedKeys.keys [

"ssh-rsa AAAAB3NzaC1y...== me@my-laptop"

];

~~=== step 3~~/~~3: starting ssh automatically in the image and adding a ssh key to it ===~~

</code>

~~'''THIS IS NOT WORKING YET: IGNORE LINES BELOW'''~~

~~vi /etc/nixos/nixos/modules/installer/cd-dvd/system-tarball-pc.nix~~

~~comment this line with a leading '#':~~

~~jobs.openssh.startOn = "network interfaces started";~~

== software installation inside the 'once' deployed and booted image ==

in case you have booted from your image you can add software as described here:

* [[install/remove software]]

~~<del>Without NixOS you need to supply the [https://svn.nixos.org/repos/nix/nixos/trunk/ source] instead of /etc/nixos/nixos.</del>(SVN is dead, https://github.com/NixOS/nixpkgs ? )~~

== references ==

Line 68:

Line 67:

[[Category:Installation]]

[[Category:Deployment]]

[[Category:HOW-TO]]

@@ Line 1: / Line 1: @@
 == motivation ==
 creating a modified NIXOS live CD out of a working nixos installation gives you the benefits:
@@ Line 37: / Line 38: @@
   }
-=== step 1/3: starting ssh automatically in the image and adding a ssh key to it ===
+=== Start SSH with your SSH key
-setting a default password on the boot cdrom (so that nobody can login using the default 'unset' password:
-TODO
-=== step 2/3: starting ssh automatically in the image and adding a ssh key to it ===
+In your configuration.nix:
-this is a hack, however it surely gives you an idea how to modify the stuff there:
-in '''/etc/nixos/nixos/modules/installer/cd-dvd/installation-cd-base.nix''' add:
+<code>
-        mkdir -p /root/.ssh/
+  services.openssh = {
-        echo 'ssh-rsa ssh-rsa  AAAAB3Nz...(cut here)...AzV foo@bar' > /root/.ssh/authorized_keys
+    enable = true;
-at the end of
+    hostKeys = [
-* boot.postBootCommands =
+      { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
+    ];
+  };
+  # enable ssh in the iso boot process
+  systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ];
+  users.users.root.openssh.authorizedKeys.keys [
+    "ssh-rsa AAAAB3NzaC1y...== me@my-laptop"
+  ];
-=== step 3/3: starting ssh automatically in the image and adding a ssh key to it ===
+</code>
-'''THIS IS NOT WORKING YET: IGNORE LINES BELOW'''
- vi /etc/nixos/nixos/modules/installer/cd-dvd/system-tarball-pc.nix
-comment this line with a leading '#':
- jobs.openssh.startOn = "network interfaces started";
 == software installation inside the 'once' deployed and booted image ==
 in case you have booted from your image you can add software as described here:
 * [[install/remove software]]
-<del>Without NixOS you need to supply the [https://svn.nixos.org/repos/nix/nixos/trunk/ source] instead of /etc/nixos/nixos.</del>(SVN is dead, https://github.com/NixOS/nixpkgs ? )
 == references ==
@@ Line 68: / Line 67: @@
 [[Category:Installation]]
 [[Category:Deployment]]
+[[Category:HOW-TO]]