2021-02-08 18:33:39 +03:00
# NixOS-Infect
2017-03-04 18:22:37 +03:00
2021-02-08 18:33:39 +03:00
## What is this?
A script to install NixOS on non-NixOS hosts.
2017-03-04 18:22:37 +03:00
2021-02-08 18:33:39 +03:00
NixOS-Infect is so named because of the high likelihood of rendering a system inoperable.
Use with extreme caution and preferably only on newly provisioned systems.
2018-12-08 02:16:00 +03:00
2021-02-08 18:33:39 +03:00
This script has successfully been tested on at least the follow hosting providers and plans:
2017-03-04 18:22:37 +03:00
2021-02-08 18:33:39 +03:00
* [DigitalOcean ](https://www.digitalocean.com/products/droplets/ )
* [Hetzner Cloud ](https://www.hetzner.com/cloud )
* [Vultr ](https://www.vultr.com/ )
* [Interserver VPS ](https://www.interserver.net/vps/ )
2021-03-12 15:36:23 +03:00
* [Tencent Cloud Lighthouse ](https://cloud.tencent.com/product/lighthouse )
2021-03-30 12:27:04 +03:00
* [OVHcloud ](https://www.ovh.com/ )
2021-06-09 23:45:06 +03:00
* [Oracle Cloud Infrastructure ](https://www.oracle.com/cloud/ )
2018-12-08 02:16:00 +03:00
2021-02-08 18:33:39 +03:00
Should you find that it works on your hoster,
feel free to update this README and issue a pull request.
2017-04-10 18:50:09 +03:00
2021-02-08 18:33:39 +03:00
## Motivation
2017-03-04 18:22:37 +03:00
2021-02-08 18:33:39 +03:00
Motivation for this script: nixos-assimilate should supplant this script entirely,
if it's ever completed.
nixos-in-place was quite broken when I tried it,
and also took a pretty janky approach that was substantially more complex than this
(although it supported more platforms):
it didn't install to root (/nixos instead),
left dregs of the old filesystem
(almost always unnecessary since starting from a fresh deployment),
and most importantly, simply didn't work for me!
(old system was being because grub wasnt properly reinstalled)
## How do I use it?
0) **Read and understand the [the script](./nixos-infect)**
1) Deploy any custom configuration you want on your host
2) Deploy your host as non-Nix Operating System.
3) Deploy an SSH key for the root user.
> *NB:* This step is important.
> The root user will not have a password when nixos-infect runs to completion.
> To enable root login, you *must* have an SSH key configured.
4) run the script with:
```
2021-12-03 21:53:33 +03:00
curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-21.11 bash -x
2021-02-08 18:33:39 +03:00
```
2018-12-08 02:16:00 +03:00
2021-02-08 18:33:39 +03:00
*NB*: This script wipes out the targeted host's root filesystem when it runs to completion.
Any errors halt execution.
A failure will leave the system in an inconsistent state,
and so it is advised to run with `bash -x` .
2017-03-04 18:22:37 +03:00
2021-02-08 18:33:39 +03:00
## Hoster notes:
### Digital Ocean
2021-05-18 21:28:34 +03:00
You may utilize Digital Ocean's "user data" mechanism (found in the Web UI or HTTP API),
2021-02-08 18:33:39 +03:00
and supply to it the following example yaml stanzas:
2017-03-04 18:22:37 +03:00
```yaml
#cloud-config
runcmd:
2021-12-03 21:53:33 +03:00
- curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | PROVIDER=digitalocean NIX_CHANNEL=nixos-21.11 bash 2>& 1 | tee /tmp/infect.log
2017-03-04 18:22:37 +03:00
```
2021-02-08 18:33:39 +03:00
#### Potential tweaks:
2017-03-04 18:22:37 +03:00
- `/etc/nixos/{,hardware-}configuration.nix` : rudimentary mostly static config
2021-02-08 18:33:39 +03:00
- `/etc/nixos/networking.nix` : networking settings determined at runtime tweak if no ipv6, different number of adapters, etc.
2017-03-04 18:22:37 +03:00
2017-04-19 02:25:42 +03:00
```yaml
#cloud-config
write_files:
- path: /etc/nixos/host.nix
permissions: '0644'
content: |
{pkgs, ...}:
{
environment.systemPackages = with pkgs; [ vim ];
}
runcmd:
2021-12-03 21:53:33 +03:00
- curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | PROVIDER=digitalocean NIXOS_IMPORT=./host.nix NIX_CHANNEL=nixos-21.11 bash 2>& 1 | tee /tmp/infect.log
2018-12-08 02:16:00 +03:00
```
2021-02-08 18:33:39 +03:00
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|CentOS |6.9 x32 | _failure_ |2020-03-30|
|CentOS |6.9 x64 | _failure_ |2020-03-30|
|CentOS |7.6 x64 | _failure_ |2020-03-30|
|CentOS |8.1 x64 |**success**|2020-03-30|
|CoreOS |2345.3.0 (stable)| _unable_ |2020-03-30|
|CoreOS |2411.1.0 (beta) | _unable_ |2020-03-30|
|CoreOS |2430.0.0 (alpha) | _unable_ |2020-03-30|
|Debian |10.3 x64 |**success**|2020-03-30|
|Debian |9.12 x64 |**success**|2020-03-30|
|Fedora |30 x64 |**success**|2020-03-30|
|Fedora |31 x64 |**success**|2020-03-30|
|FreeBSD |11.3 x64 ufs | _failure_ |2020-03-30|
|FreeBSD |11.3 x64 zfs | _failure_ |2020-03-30|
|FreeBSD |12.1 x64 ufs | _failure_ |2020-03-30|
|FreeBSD |12.1 x64 zfs | _failure_ |2020-03-30|
|RancherOS |v1.5.5 | _unable_ |2020-03-30|
|Ubuntu |16.04.6 (LTS) x32|**success**|2020-03-30|
|Ubuntu |16.04.6 (LTS) x64|**success**|2020-03-30|
|Ubuntu |18.04.3 (LTS) x64|**success**|2020-03-30|
|Ubuntu |19.10 x64 |**success**|2020-03-30|
### Vultr
To set up a NixOS Vultr server,
instantiate an Ubuntu box with the following "Startup Script":
2017-04-19 02:25:42 +03:00
2018-12-08 02:16:00 +03:00
```bash
2018-12-09 01:16:18 +03:00
#!/bin/sh
2021-12-03 21:53:33 +03:00
curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-21.11 bash
2017-04-19 02:25:42 +03:00
```
2018-12-09 01:16:18 +03:00
Allow for a few minutes over the usual Ubuntu deployment time for NixOS to download & install itself.
2018-12-08 02:16:00 +03:00
2021-02-08 18:33:39 +03:00
#### Tested on
|Distribution| Name | Status | test date| Slug | ID |
|------------|-----------------|-----------|----------|------------------|---------|
| Ubuntu | 18.10 x64 |**success**|(Unknown) | (Unknown) |(Unknown)|
2020-02-23 17:10:46 +03:00
2021-02-08 18:33:39 +03:00
### Hetzner cloud
Hetzner cloud works out of the box.
When creating a server provide the following script as "User data":
2020-02-23 17:10:46 +03:00
```
2020-07-19 20:44:53 +03:00
#!/bin/sh
2021-12-03 21:53:33 +03:00
curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-21.11 bash 2>& 1 | tee /tmp/infect.log
2020-02-23 17:10:46 +03:00
```
2021-02-08 18:33:39 +03:00
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
2021-11-28 05:38:24 +03:00
|Debian | 11 |**success**|2021-11-26|
2021-02-08 18:33:39 +03:00
|Ubuntu | 20.04 x64 |**success**|(Unknown) |
### InterServer VPS
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Debian | 9 |**success**|2021-01-29|
|Debian | 10 |**success**|2021-01-29|
|Ubuntu | 20.04 |**success**|2021-01-29|
|Ubuntu | 18.04 |**success**|2021-01-29|
|Ubuntu | 14.04 |**success**|2021-01-29|
2021-03-12 15:36:23 +03:00
### Tencent Cloud Lighthouse
Tencent Cloud Lighthouse **Hong Kong** Region Works out of the box.
Other Regions in China may not work because of the unreliable connection between China and global Internet or [GFW ](https://en.wikipedia.org/wiki/Great_Firewall ).
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Debian | 10 |**success**|2021-03-11|
2021-03-30 12:27:04 +03:00
### OVHcloud
Before executing the install script, you may need to check your mounts with `df -h` . By default, OVH adds a relatively short in memory `tmpfs` mount on the `/tmp` folder, so the install script runs short in memory and fails. Just execute `umount /tmp` before launching the install script. Full install process described [here ](https://lyderic.origenial.fr/install-nixos-on-ovh )
|Distribution| Name | Status | test date|
|------------|-------------------|-----------|----------|
|Arch Linux | Arch Linux x86-64 |**success**|2021-03-25|
2021-05-04 09:28:14 +03:00
|Debian | 10 |**success**|2021-04-29|
2021-11-17 23:52:20 +03:00
|Debian | 11 |**success**|2021-11-17|
2021-06-09 23:45:06 +03:00
### Oracle Cloud Infrastructure
Tested for both VM.Standard.E2.1.Micro (x86) and VM.Standard.A1.Flex (AArch64) instances.
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Oracle Linux| 7.9 |**success**|2021-05-31|
2021-12-31 08:58:18 +03:00
### Aliyun ECS
Aliyun ECS tested on ecs.s6-c1m2.large, region **cn-shanghai** , needs a little bit tweaks:
- replace nix binary cache with [tuna mirror ](https://mirrors.tuna.tsinghua.edu.cn/help/nix/ ) (with instructions in the page)
#### Tested on
|Distribution| Name | Status | test date|
|------------|-----------------|-----------|----------|
|Ubuntu | 20.04 |**success**|2021-12-28|