[GPLv3+] install nixos over the existing OS in a DigitalOcean droplet (and others with minor modifications)
Find a file
Bryan Bennett 9f6428761d
Rewrite README (#67)
Increase clarity of operation procedure,
explicitly state tested hosters & OS versions,
and switch to using semantic linefeeds.
2021-02-08 07:33:39 -08:00
LICENSE added LICENSE 2018-10-24 07:54:29 -07:00
nixos-infect avoid using NIX_PATH in resulting hardware-configuration.nix (#65) 2020-12-31 22:50:30 -08:00
README.md Rewrite README (#67) 2021-02-08 07:33:39 -08:00

NixOS-Infect

What is this?

A script to install NixOS on non-NixOS hosts.

NixOS-Infect is so named because of the high likelihood of rendering a system inoperable. Use with extreme caution and preferably only on newly provisioned systems.

This script has successfully been tested on at least the follow hosting providers and plans:

Should you find that it works on your hoster, feel free to update this README and issue a pull request.

NB: OpenVZ-based virtualization providers are known not to work with nixos-infect (or any other OS takeover script). This is core to how OpenVZ operates and cannot be resolved.

Motivation

Motivation for this script: nixos-assimilate should supplant this script entirely, if it's ever completed. nixos-in-place was quite broken when I tried it, and also took a pretty janky approach that was substantially more complex than this (although it supported more platforms): it didn't install to root (/nixos instead), left dregs of the old filesystem (almost always unnecessary since starting from a fresh deployment), and most importantly, simply didn't work for me! (old system was being because grub wasnt properly reinstalled)

How do I use it?

  1. Read and understand the the script
  2. Deploy any custom configuration you want on your host
  3. Deploy your host as non-Nix Operating System.
  4. Deploy an SSH key for the root user.

NB: This step is important. The root user will not have a password when nixos-infect runs to completion. To enable root login, you must have an SSH key configured.

  1. run the script with:
  curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-20.09 bash -x

NB: This script wipes out the targeted host's root filesystem when it runs to completion. Any errors halt execution. A failure will leave the system in an inconsistent state, and so it is advised to run with bash -x.

Hoster notes:

Digital Ocean

You mmay utilize Digital Ocean's "user data" mechanism (found in the Web UI or HTTP API), and supply to it the following example yaml stanzas:

#cloud-config

runcmd:
  - curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | PROVIDER=digitalocean NIX_CHANNEL=nixos-20.09 bash 2>&1 | tee /tmp/infect.log

Potential tweaks:

  • /etc/nixos/{,hardware-}configuration.nix: rudimentary mostly static config
  • /etc/nixos/networking.nix: networking settings determined at runtime tweak if no ipv6, different number of adapters, etc.
#cloud-config
write_files:
- path: /etc/nixos/host.nix
  permissions: '0644'
  content: |
    {pkgs, ...}:
    {
      environment.systemPackages = with pkgs; [ vim ];
    }    
runcmd:
  - curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | PROVIDER=digitalocean NIXOS_IMPORT=./host.nix NIX_CHANNEL=nixos-20.09 bash 2>&1 | tee /tmp/infect.log

Tested on

Distribution Name Status test date
CentOS 6.9 x32 failure 2020-03-30
CentOS 6.9 x64 failure 2020-03-30
CentOS 7.6 x64 failure 2020-03-30
CentOS 8.1 x64 success 2020-03-30
CoreOS 2345.3.0 (stable) unable 2020-03-30
CoreOS 2411.1.0 (beta) unable 2020-03-30
CoreOS 2430.0.0 (alpha) unable 2020-03-30
Debian 10.3 x64 success 2020-03-30
Debian 9.12 x64 success 2020-03-30
Fedora 30 x64 success 2020-03-30
Fedora 31 x64 success 2020-03-30
FreeBSD 11.3 x64 ufs failure 2020-03-30
FreeBSD 11.3 x64 zfs failure 2020-03-30
FreeBSD 12.1 x64 ufs failure 2020-03-30
FreeBSD 12.1 x64 zfs failure 2020-03-30
RancherOS v1.5.5 unable 2020-03-30
Ubuntu 16.04.6 (LTS) x32 success 2020-03-30
Ubuntu 16.04.6 (LTS) x64 success 2020-03-30
Ubuntu 18.04.3 (LTS) x64 success 2020-03-30
Ubuntu 19.10 x64 success 2020-03-30

Vultr

To set up a NixOS Vultr server, instantiate an Ubuntu box with the following "Startup Script":

#!/bin/sh

curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-20.09 bash

Allow for a few minutes over the usual Ubuntu deployment time for NixOS to download & install itself.

Tested on

Distribution Name Status test date Slug ID
Ubuntu 18.10 x64 success (Unknown) (Unknown) (Unknown)

Hetzner cloud

Hetzner cloud works out of the box. When creating a server provide the following script as "User data":

#!/bin/sh

curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-20.09 bash 2>&1 | tee /tmp/infect.log

Tested on

Distribution Name Status test date
Ubuntu 20.04 x64 success (Unknown)

InterServer VPS

Tested on

Distribution Name Status test date
Debian 9 success 2021-01-29
Debian 10 success 2021-01-29
Ubuntu 20.04 success 2021-01-29
Ubuntu 18.04 success 2021-01-29
Ubuntu 14.04 success 2021-01-29