2021-02-08 18:33:39 +03:00
# NixOS-Infect
2017-03-04 18:22:37 +03:00
2021-02-08 18:33:39 +03:00
## What is this?
A script to install NixOS on non-NixOS hosts.
2017-03-04 18:22:37 +03:00
2021-02-08 18:33:39 +03:00
NixOS-Infect is so named because of the high likelihood of rendering a system inoperable.
Use with extreme caution and preferably only on newly provisioned systems.
2018-12-08 02:16:00 +03:00
2021-02-08 18:33:39 +03:00
This script has successfully been tested on at least the follow hosting providers and plans:
2017-03-04 18:22:37 +03:00
2021-02-08 18:33:39 +03:00
* [DigitalOcean ](https://www.digitalocean.com/products/droplets/ )
* [Hetzner Cloud ](https://www.hetzner.com/cloud )
* [Vultr ](https://www.vultr.com/ )
* [Interserver VPS ](https://www.interserver.net/vps/ )
2021-03-12 15:36:23 +03:00
* [Tencent Cloud Lighthouse ](https://cloud.tencent.com/product/lighthouse )
2021-03-30 12:27:04 +03:00
* [OVHcloud ](https://www.ovh.com/ )
2021-06-09 23:45:06 +03:00
* [Oracle Cloud Infrastructure ](https://www.oracle.com/cloud/ )
2022-04-03 20:21:36 +03:00
* [GalaxyGate ](https://galaxygate.net )
2022-06-13 02:17:46 +03:00
* [Cockbox ](https://cockbox.org )
2022-11-04 08:03:37 +03:00
* [Google Cloud Platform ](https://cloud.google.com/ )
2022-11-04 08:01:56 +03:00
* [Contabo ](https://contabo.com )
2022-12-20 08:28:21 +03:00
* [Windcloud ](https://windcloud.de/ )
2022-12-20 08:24:02 +03:00
* [Clouding.io ](https://clouding.io )
2018-12-08 02:16:00 +03:00
2021-02-08 18:33:39 +03:00
Should you find that it works on your hoster,
feel free to update this README and issue a pull request.
2017-04-10 18:50:09 +03:00
2021-02-08 18:33:39 +03:00
## Motivation
2017-03-04 18:22:37 +03:00
2021-02-08 18:33:39 +03:00
Motivation for this script: nixos-assimilate should supplant this script entirely,
if it's ever completed.
nixos-in-place was quite broken when I tried it,
and also took a pretty janky approach that was substantially more complex than this
(although it supported more platforms):
it didn't install to root (/nixos instead),
left dregs of the old filesystem
(almost always unnecessary since starting from a fresh deployment),
and most importantly, simply didn't work for me!
(old system was being because grub wasnt properly reinstalled)
## How do I use it?
0) **Read and understand the [the script](./nixos-infect)**
1) Deploy any custom configuration you want on your host
2) Deploy your host as non-Nix Operating System.
3) Deploy an SSH key for the root user.
> *NB:* This step is important.
> The root user will not have a password when nixos-infect runs to completion.
> To enable root login, you *must* have an SSH key configured.
4) run the script with:
```
2022-06-13 02:18:23 +03:00
curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-22.05 bash -x
2021-02-08 18:33:39 +03:00
```
2018-12-08 02:16:00 +03:00
2021-02-08 18:33:39 +03:00
*NB*: This script wipes out the targeted host's root filesystem when it runs to completion.
Any errors halt execution.
A failure will leave the system in an inconsistent state,
and so it is advised to run with `bash -x` .
2017-03-04 18:22:37 +03:00
2021-02-08 18:33:39 +03:00
## Hoster notes:
### Digital Ocean
2021-05-18 21:28:34 +03:00
You may utilize Digital Ocean's "user data" mechanism (found in the Web UI or HTTP API),
2021-02-08 18:33:39 +03:00
and supply to it the following example yaml stanzas:
2017-03-04 18:22:37 +03:00
```yaml
#cloud-config
runcmd:
2022-06-13 02:18:23 +03:00
- curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | PROVIDER=digitalocean NIX_CHANNEL=nixos-22.05 bash 2>& 1 | tee /tmp/infect.log
2017-03-04 18:22:37 +03:00
```
2021-02-08 18:33:39 +03:00
#### Potential tweaks:
2017-03-04 18:22:37 +03:00
- `/etc/nixos/{,hardware-}configuration.nix` : rudimentary mostly static config
2021-02-08 18:33:39 +03:00
- `/etc/nixos/networking.nix` : networking settings determined at runtime tweak if no ipv6, different number of adapters, etc.
2017-03-04 18:22:37 +03:00
2017-04-19 02:25:42 +03:00
```yaml
#cloud-config
write_files:
- path: /etc/nixos/host.nix
permissions: '0644'
content: |
{pkgs, ...}:
{
environment.systemPackages = with pkgs; [ vim ];
}
runcmd:
2022-06-13 02:18:23 +03:00
- curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | PROVIDER=digitalocean NIXOS_IMPORT=./host.nix NIX_CHANNEL=nixos-22.05 bash 2>& 1 | tee /tmp/infect.log
2018-12-08 02:16:00 +03:00
```
2021-02-08 18:33:39 +03:00
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|CentOS |6.9 x32 | _failure_ |2020-03-30|
|CentOS |6.9 x64 | _failure_ |2020-03-30|
|CentOS |7.6 x64 | _failure_ |2020-03-30|
|CentOS |8.1 x64 |**success**|2020-03-30|
|CoreOS |2345.3.0 (stable)| _unable_ |2020-03-30|
|CoreOS |2411.1.0 (beta) | _unable_ |2020-03-30|
|CoreOS |2430.0.0 (alpha) | _unable_ |2020-03-30|
|Debian |10.3 x64 |**success**|2020-03-30|
|Debian |9.12 x64 |**success**|2020-03-30|
|Fedora |30 x64 |**success**|2020-03-30|
|Fedora |31 x64 |**success**|2020-03-30|
|FreeBSD |11.3 x64 ufs | _failure_ |2020-03-30|
|FreeBSD |11.3 x64 zfs | _failure_ |2020-03-30|
|FreeBSD |12.1 x64 ufs | _failure_ |2020-03-30|
|FreeBSD |12.1 x64 zfs | _failure_ |2020-03-30|
|RancherOS |v1.5.5 | _unable_ |2020-03-30|
|Ubuntu |16.04.6 (LTS) x32|**success**|2020-03-30|
|Ubuntu |16.04.6 (LTS) x64|**success**|2020-03-30|
|Ubuntu |18.04.3 (LTS) x64|**success**|2020-03-30|
|Ubuntu |19.10 x64 |**success**|2020-03-30|
2022-03-28 22:56:24 +03:00
|Ubuntu |20.04 x64 |**success**|2022-03-23|
2022-11-04 08:01:39 +03:00
|Ubuntu |22.04 x64 |**success**|2022-10-14|
2021-02-08 18:33:39 +03:00
### Vultr
To set up a NixOS Vultr server,
2022-06-13 02:19:38 +03:00
instantiate an Ubuntu box with the following "Cloud-Init User-Data":
2017-04-19 02:25:42 +03:00
2018-12-08 02:16:00 +03:00
```bash
2018-12-09 01:16:18 +03:00
#!/bin/sh
2022-06-13 02:18:23 +03:00
curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-22.05 bash
2017-04-19 02:25:42 +03:00
```
2018-12-09 01:16:18 +03:00
Allow for a few minutes over the usual Ubuntu deployment time for NixOS to download & install itself.
2018-12-08 02:16:00 +03:00
2021-02-08 18:33:39 +03:00
#### Tested on
2022-06-13 02:19:38 +03:00
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
| Ubuntu | 18.10 x64 |**success**|(Unknown) |
| Ubuntu | 22.04 x64 |**success**|2022-07-04|
2021-02-08 18:33:39 +03:00
2020-02-23 17:10:46 +03:00
2021-02-08 18:33:39 +03:00
### Hetzner cloud
Hetzner cloud works out of the box.
When creating a server provide the following script as "User data":
2020-02-23 17:10:46 +03:00
```
2020-07-19 20:44:53 +03:00
#!/bin/sh
2022-06-13 02:18:23 +03:00
curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-22.05 bash 2>& 1 | tee /tmp/infect.log
2020-02-23 17:10:46 +03:00
```
2021-02-08 18:33:39 +03:00
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
2022-07-11 20:24:22 +03:00
| Debian | 11 |**success**|2021-11-26|
| Ubuntu | 20.04 x64 |**success**|(Unknown) |
| Ubuntu | 22.04 x64 |**success**|2022-06-29|
2021-02-08 18:33:39 +03:00
### InterServer VPS
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Debian | 9 |**success**|2021-01-29|
|Debian | 10 |**success**|2021-01-29|
|Ubuntu | 20.04 |**success**|2021-01-29|
|Ubuntu | 18.04 |**success**|2021-01-29|
|Ubuntu | 14.04 |**success**|2021-01-29|
2021-03-12 15:36:23 +03:00
### Tencent Cloud Lighthouse
Tencent Cloud Lighthouse **Hong Kong** Region Works out of the box.
Other Regions in China may not work because of the unreliable connection between China and global Internet or [GFW ](https://en.wikipedia.org/wiki/Great_Firewall ).
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Debian | 10 |**success**|2021-03-11|
2021-03-30 12:27:04 +03:00
### OVHcloud
Before executing the install script, you may need to check your mounts with `df -h` . By default, OVH adds a relatively short in memory `tmpfs` mount on the `/tmp` folder, so the install script runs short in memory and fails. Just execute `umount /tmp` before launching the install script. Full install process described [here ](https://lyderic.origenial.fr/install-nixos-on-ovh )
|Distribution| Name | Status | test date|
|------------|-------------------|-----------|----------|
|Arch Linux | Arch Linux x86-64 |**success**|2021-03-25|
2021-05-04 09:28:14 +03:00
|Debian | 10 |**success**|2021-04-29|
2021-11-17 23:52:20 +03:00
|Debian | 11 |**success**|2021-11-17|
2022-06-19 23:19:13 +03:00
|Ubuntu | 22.04 |**success**|2022-06-19|
2021-06-09 23:45:06 +03:00
### Oracle Cloud Infrastructure
Tested for both VM.Standard.E2.1.Micro (x86) and VM.Standard.A1.Flex (AArch64) instances.
#### Tested on
2022-04-20 11:17:21 +03:00
|Distribution| Name | Status | test date| Shape |
|------------|-----------------|-----------|----------|----------|
|Oracle Linux| 7.9 |**success**|2021-05-31| |
|Ubuntu | 20.04 |**success**|2022-03-23| |
|Ubuntu | 20.04 |**success**|2022-04-19| free arm |
|Oracle Linux| 8.0 | -failure- |2022-04-19| free amd |
|CentOS | 8.0 | -failure- |2022-04-19| free amd |
|Oracle Linux| 7.9[1] |**success**|2022-04-19| free amd |
2022-11-15 06:31:11 +03:00
|Ubuntu | 22.04 |**success**|2022-11-13| free arm |
2022-04-20 11:17:21 +03:00
[1] The Oracle 7.9 layout has 200Mb for /boot 8G for swap
PR#100 Adopted 8G Swap device
2021-12-31 08:58:18 +03:00
### Aliyun ECS
Aliyun ECS tested on ecs.s6-c1m2.large, region **cn-shanghai** , needs a little bit tweaks:
- replace nix binary cache with [tuna mirror ](https://mirrors.tuna.tsinghua.edu.cn/help/nix/ ) (with instructions in the page)
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Ubuntu | 20.04 |**success**|2021-12-28|
2022-04-03 20:21:36 +03:00
### GalaxyGate
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Ubuntu | 20.04 |**success**|2022-04-02|
2022-06-13 02:17:46 +03:00
### Cockbox
Requred some Xen modules to work out, after that NixOS erected itself without a hinch.
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Ubuntu | 20.04 |**success**|2022-06-12|
2022-11-04 08:01:56 +03:00
2022-11-04 08:03:37 +03:00
### Google Cloud Platform
#### Tested on
|Distribution. | Name | Status | test date|
|-------------------------------------|-----------------|-----------|----------|
| Ubuntu on Ampere Altra (Arm64) | 20.04 |**success**|2022-09-07|
2022-11-04 08:01:56 +03:00
### Contabo
Tested on Cloud VPS. Contabo sets the hostname to something like `vmi######.contaboserver.net` , Nixos only allows RFC 1035 compliant hostnames ([see here](https://search.nixos.org/options?show=networking.hostName& query=hostname)). Run `hostname something_without_dots` before running the script. If you run the script before changing the hostname - remove the `/etc/nixos/configuration.nix` so it's regenerated with the new hostname.
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Ubuntu | 22.04 |**success**|2022-09-26|
2022-12-20 08:24:02 +03:00
2022-12-20 08:28:21 +03:00
### Windcloud
Tested on vServer. The network configuration seems to be important so the same tweaks as for DigitalOcean are necessary (see above).
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Ubuntu | 20.04 |**success**|2022-12-09|
2022-12-20 08:26:47 +03:00
### ServArica
Requires the same static network settings that Digital Ocean does.
curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | PROVIDER=servarica NIX_CHANNEL=nixos-22.05 bash
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Ubuntu | 20.04 | success |2022-11-26|
2022-12-20 08:24:02 +03:00
### Clouding.io
I could not get it to run via UserData scripts, but downloading and executing the script worked flawlessly.
### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Debian | 11 |**success**|2022-12-20|
2022-12-20 08:26:47 +03:00