..
2023-10-11 21:02:16 +02:00
2023-10-16 18:32:46 +02:00
2023-11-03 12:56:52 +01:00
2023-10-12 12:04:12 +02:00

nixos-anywhere and disko

This is an example repository for nixos-anywhere and disko.

Inspiration:

Manuals:

Build installer ISO with passwordless SSH

nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=iso.nix
# aarch64 ISO (requires emulation)
#nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=iso.nix --argstr system aarch64-linux

ls result/iso/*.iso

Hardware Configuration

Boot the target machine into NixOS live ISO. Then execute the following, ideally while connected as root via SSH:

nixos-generate-config --no-filesystems --root /mnt
cat /mnt/etc/nixos/hardware-configuration.nix

Save the output to a new file in ./hardware-configs/. In ./flake.nix replace ./hardware-configs/yodaHP.nix with it.

Note: The hardware configuration should not contain any fileSystems.<name> options as these are generated based on your disko configuration.


Furthermore, in ./flake.nix replace disko.devices.disk.disk1.device with the id of your target block device.


Lastly, in ./flake.nix replace pbkdf-memory with your amount of RAM - 500 MB.

Installation

To run the interactive vm test run:

nix --extra-experimental-features nix-command --extra-experimental-features flakes \
  run github:numtide/nixos-anywhere -- -f '.#mysystem' --vm-test

To install on remote target machine:

# yodaHP
nix --extra-experimental-features nix-command --extra-experimental-features flakes \
  run github:numtide/nixos-anywhere -- --flake '.#mysystem' -p 22 root@192.168.178.106

To install on remote target machine and print the SSH fingerprint of the new system. If no encrypted disks are set up, the disk password can be left empty:

# yodaHP
./install-helper.sh 22 root@192.168.178.106

Updating dependencies

Recreate the lock file (i.e. update all inputs) and commit the new lock file:

nix --extra-experimental-features nix-command --extra-experimental-features flakes \
  flake update --commit-lock-file

TODOs