# nixos-anywhere and disko This is an example repository for nixos-anywhere and disko. Inspiration: * Introductory presentation: https://pad.lassul.us/cccamp-workshop * https://github.com/numtide/nixos-anywhere-examples Manuals: * disko reference: https://github.com/nix-community/disko/blob/master/docs/reference.md * nixos-anywhere reference: https://github.com/nix-community/nixos-anywhere/blob/main/docs/reference.md ## Build installer ISO with passwordless SSH ```shell nix-build '' -A config.system.build.isoImage -I nixos-config=iso.nix # aarch64 ISO (requires emulation) #nix-build '' -A config.system.build.isoImage -I nixos-config=iso.nix --argstr system aarch64-linux ls result/iso/*.iso ``` ## Hardware Configuration Boot the target machine into NixOS live ISO. Then execute the following, ideally while connected as root via SSH: ```shell nixos-generate-config --no-filesystems --root /mnt cat /mnt/etc/nixos/hardware-configuration.nix ``` Save the output to a new file in [./hardware-configs/](./hardware-configs/). In [./flake.nix](./flake.nix) replace `./hardware-configs/yodaHP.nix` with it. Note: The hardware configuration should not contain any `fileSystems.` options as these are generated based on your disko configuration. --- Furthermore, in [./flake.nix](./flake.nix) replace `disko.devices.disk.disk1.device` with the id of your target block device. --- Lastly, in [./flake.nix](./flake.nix) replace `pbkdf-memory` with your amount of RAM - 500 MB. --- Optionally, if `ssh-fde-unlock.nix` is imported in [./flake.nix](./flake.nix), replace the kernel network driver with the correct one there. ## Installation To run the interactive vm test run: ```shell nix --extra-experimental-features nix-command --extra-experimental-features flakes \ run github:numtide/nixos-anywhere -- -f '.#mysystem' --vm-test ``` To install on remote target machine: ```shell nix --extra-experimental-features nix-command --extra-experimental-features flakes \ run github:numtide/nixos-anywhere -- --flake '.#mysystem' -p 22 root@192.168.178.106 ``` To install on remote target machine **and** print the SSH fingerprint of the new system. If no encrypted disks are set up, the disk password can be left empty: ```shell ./install-helper.sh 22 root@192.168.178.106 ``` ## Updating dependencies Recreate the lock file (i.e. update all inputs) and commit the new lock file: ```shell nix --extra-experimental-features nix-command --extra-experimental-features flakes \ flake update --commit-lock-file ``` ## TODOs - Hetzner Cloud example: https://github.com/numtide/nixos-anywhere-examples/blob/main/flake.nix