search

PedroRegisPOAR / NixOS-configuration.nix

Here I am versioning my NixOS stuff, the goal is to have a remote backup.
0 stars 0 forks source link

Things to be documented #1

Open PedroRegisPOAR opened 3 years ago

PedroRegisPOAR commented 3 years ago

Installation

Really useful: https://releases.nixos.org/?prefix=nixos/22.05/

TODO: Part 0, could merge the injection of the flag --extra-experimental-features 'nix-command flakes'

Part 1: should work in almost every place, only needed nix CLI working (tested it in Ubuntu 20.04)

nix --extra-experimental-features 'nix-command flakes' shell nixpkgs#wget nixpkgs#coreutils

Part 2: downloading some fixed/pinned url's NixOS ISO and testing its sha256sum

wget https://releases.nixos.org/nixos/22.05/nixos-22.05.1460.9e96b1562d6/nixos-plasma5-22.05.1460.9e96b1562d6-x86_64-linux.iso

wget https://releases.nixos.org/nixos/22.05/nixos-22.05.1460.9e96b1562d6/nixos-plasma5-22.05.1460.9e96b1562d6-x86_64-linux.iso.sha256
cat nixos-plasma5-22.05.1460.9e96b1562d6-x86_64-linux.iso.sha256 | sha256sum -c

Part 3: making an bootable flash drive/USB stick

# nix --extra-experimental-features 'nix-command flakes' run nixpkgs#etcher
NIXPKGS_ALLOW_INSECURE=1 nix --extra-experimental-features 'nix-command flakes' run nixpkgs#etcher --impure

From:

Part 4: install it using the Calamares graphical installer

Part 5: after the install just copy paste

nix \
--extra-experimental-features 'nix-command flakes' \
profile \
install \
nixpkgs#gitMinimal

test -f "$HOME"/.gitconfig || { cat << EOF > "$HOME"/.gitconfig
[user]
    name = Pedro O. A. Regis
    email = pedroalencarregis@hotmail.com
EOF
} && git config --list \
&& git config user.name \
&& git config user.email

sudo cp -r /etc/nixos/ /etc/nixos-backup \
&& sudo rm -f /etc/nixos/{configuration.nix,hardware-configuration.nix} \
&& sudo chown "$(id -u)":"$(id -g)" -R /etc/nixos \
&& nix \
flake \
--extra-experimental-features 'nix-command flakes' \
clone \
github:PedroRegisPOAR/NixOS-configuration.nix \
--dest /etc/nixos/

# TODO: explain this magic
cd /etc/nixos/ \
&& git remote set-url origin $(git remote show origin | grep "Fetch URL" | sed 's/ *Fetch URL: //' | sed 's/https:\/\/github.com\//git@github.com:/')

# nix \
# build \
# github:PedroRegisPOAR/NixOS-configuration.nix#nixosConfigurations.pedroregispoar.config.system.build.toplevel
# 
# TODO: study
# sudo nixos-rebuild boot --install-bootloader --flake '/etc/nixos#pedroregispoar'

cd /etc/nixos/ \
&& git checkout nixos-22.05 \
&& cp -f /etc/nixos-backup/hardware-configuration.nix /etc/nixos/  \
&& git add hardware-configuration.nix \
&& git commit -m 'Adds newly created hardware-configuration.nix'

sudo \
-E \
su \
-p \
-c \
"
nixos-rebuild test --flake '/etc/nixos#pedroregispoar' \
&& nixos-rebuild switch --flake '/etc/nixos#pedroregispoar' \
&& reboot
"

Once I got this erros, and I was willing to save time, so pressed Ctrl + c:

[sudo] password for pedro: 
Cloning into '/etc/nixos'...
remote: Enumerating objects: 659, done.
remote: Counting objects: 100% (145/145), done.
remote: Compressing objects: 100% (99/99), done.
remote: Total 659 (delta 93), reused 98 (delta 46), pack-reused 514
Receiving objects: 100% (659/659), 102.59 KiB | 1.07 MiB/s, done.
Resolving deltas: 100% (405/405), done.
branch 'nixos-22.05' set up to track 'origin/nixos-22.05'.
Switched to a new branch 'nixos-22.05'
[nixos-22.05 d0584dd] Adds newly created hardware-configuration.nix
 1 file changed, 2 insertions(+), 2 deletions(-)
building the system configuration...
warning: error: unable to download 'https://cache.nixos.org/nar/0b2vvkawcb1xx2kczi8yjj9bkm4rsgbqzw6673jn2a2xlyarai46.nar.xz': HTTP error 200 ('') (curl error: Timeout was reached); retrying from offset 35651584 in 346 ms
warning: error: unable to download 'https://cache.nixos.org/nar/10j3b9c6r4qxhrzwynm7x6xj9f6phm5w4gqdxb23y8q4140dccbf.nar.xz': HTTP error 200 ('') (curl error: Timeout was reached); retrying from offset 5214729 in 251 ms
warning: error: unable to download 'https://cache.nixos.org/nar/0szhzmbj0bhpnbm7nsgrxsbk7hyp7zpm75jvzys7ihkacahhsckw.nar.xz': HTTP error 200 ('') (curl error: Timeout was reached); retrying from offset 4620279 in 290 ms
warning: error: unable to download 'https://cache.nixos.org/nar/1rx22qyn2hq5lq3xy2zkvydqdh6wmcavqa6yj30hqc7ks1b0snck.nar.xz': HTTP error 200 ('') (curl error: Timeout was reached); retrying from offset 1245184 in 325 ms
warning: error: unable to download 'https://cache.nixos.org/nar/10j3b9c6r4qxhrzwynm7x6xj9f6phm5w4gqdxb23y8q4140dccbf.nar.xz': Timeout was reached (28); retrying from offset 5214729 in 695 ms
warning: error: unable to download 'https://cache.nixos.org/nar/0szhzmbj0bhpnbm7nsgrxsbk7hyp7zpm75jvzys7ihkacahhsckw.nar.xz': Timeout was reached (28); retrying from offset 4620279 in 527 ms
warning: error: unable to download 'https://cache.nixos.org/nar/1rx22qyn2hq5lq3xy2zkvydqdh6wmcavqa6yj30hqc7ks1b0snck.nar.xz': Timeout was reached (28); retrying from offset 1245184 in 595 ms
warning: error: unable to download 'https://cache.nixos.org/nar/0b2vvkawcb1xx2kczi8yjj9bkm4rsgbqzw6673jn2a2xlyarai46.nar.xz': Timeout was reached (28); retrying from offset 35651584 in 677 ms
warning: error: unable to download 'https://cache.nixos.org/nar/0szhzmbj0bhpnbm7nsgrxsbk7hyp7zpm75jvzys7ihkacahhsckw.nar.xz': Timeout was reached (28); retrying from offset 4620279 in 1057 ms
warning: error: unable to download 'https://cache.nixos.org/nar/10j3b9c6r4qxhrzwynm7x6xj9f6phm5w4gqdxb23y8q4140dccbf.nar.xz': Timeout was reached (28); retrying from offset 5214729 in 1362 ms
warning: error: unable to download 'https://cache.nixos.org/nar/1rx22qyn2hq5lq3xy2zkvydqdh6wmcavqa6yj30hqc7ks1b0snck.nar.xz': Timeout was reached (28); retrying from offset 1245184 in 1178 ms
warning: error: unable to download 'https://cache.nixos.org/nar/0b2vvkawcb1xx2kczi8yjj9bkm4rsgbqzw6673jn2a2xlyarai46.nar.xz': Timeout was reached (28); retrying from offset 35651584 in 1328 ms
[0/770 built, 4/97/1558 copied (255.6/11625.5 MiB), 44.6/3713.1 MiB DL] fetching font-adobe-75dpi-1.0.3 from https://cache.nixos.org^C
error: interrupted by the user

And re run the last command.

Part 6: after the reboot, lets generate an new key to be able to use git via ssh

Note: considering having an flash drive bootable, backup and install from scratch (github/some remote) is really magic.

For some really unknown reason the system just did not show up the interface any more, broken system.

I did not want to spend lots of time trying to figure out an hack way to recover the system. I did a boot from this previously built flash drive and backup the "frozen" (actually read only file system) from the just died system and a full re install.

command -v ssh-keygen || nix profile install nixpkgs#openssh
command -v git || nix profile install nixpkgs#git

ssh-keygen \
-t ed25519 \
-C "$(git config user.email)" \
-f "${HOME}"/.ssh/id_ed25519 \
-N '' \
&& echo \
&& cat "${HOME}"/.ssh/id_ed25519.pub \
&& echo

Go to: https://github.com/settings/ssh/new

Optional, but recommended:

ssh -T -o ConnectTimeout=3 git@github.com &>/dev/null  
ssh -T -o ConnectTimeout=3 git@github.com &>/dev/null  
test $? -eq 1 || echo 'Error in ssh -T -o ConnectTimeout=3 git@github.com'

Part 7: removes the backup folder and push to the remote the new hardware-configuration.nix

sudo rm -fr /etc/nixos-backup

cd /etc/nixos/ \
&& git push

Troubleshooting

Am I booted in Legacy or UEFI?

[ -d /sys/firmware/efi/efivars ] && echo "UEFI" || echo "Legacy"

From: https://nixos.wiki/wiki/Bootloader

Not needed

nix \
--extra-experimental-features 'nix-command flakes' \
flake \
update \
--override-input nixpkgs github:NixOS/nixpkgs/nixos-22.05
nix \
--extra-experimental-features 'nix-command flakes' \
flake \
update \
--override-input nixpkgs github:SuperSandro2000/nixpkgs/i18n-always-c

https://www.youtube.com/watch?v=aeDbYuJyXr8&t=43s

nix \
--extra-experimental-features 'nix-command flakes' \
build \
github:PedroRegisPOAR/NixOS-configuration.nix/nixos-22.05#nixosConfigurations.pedroregispoar.config.system.build.toplevel

I was being hitted by a really annoying permission denied error.

Solution:

sudo chown --recursive pedro  /etc/nixos

Generalise?

sudo chown --recursive "$USER" /etc/nixos
nix \
build \
github:PedroRegisPOAR/NixOS-configuration.nix#nixosConfigurations.pedroregispoar.config.system.build.toplevel

https://github.com/tfc/nixos-offline-installer#how-to-test-in-qemu

https://search.nixos.org/options?channel=22.05&show=system.copySystemConfiguration&from=0&size=50&sort=relevance&type=packages&query=copySystemConfiguration

https://discourse.nixos.org/t/declarative-kde-configuration/15901/5

PedroRegisPOAR commented 1 year ago 
ISO_NAME='nixos-minimal-22.05.1043.5afb1b7dcf4-x86_64-linux.iso'
test -f $ISO_NAME \
|| wget https://releases.nixos.org/nixos/22.05/$ISO_NAME

EXPECTED_256SUM='9a47bd1b8cc86ec966a008196ac1f7fe1099104dba345b73a1a4dad97c6b6f33'
echo $EXPECTED_256SUM' '$ISO_NAME | sha256sum -c
rm -fv nixos.qcow2
qemu-img create -f qcow2 nixos.qcow2 10G

qemu-kvm \
-m 3G \
-nic user \
-boot d \
-cdrom $ISO_NAME \
-hda nixos.qcow2 \
-enable-kvm \
-cpu host \
-smp $(nproc)

WIP:

rm -fv nixos.qcow2
qemu-img create -f qcow2 nixos.qcow2 10G

qemu-kvm \
-m 3G \
-nic user \
-boot d \
-cdrom $ISO_NAME \
-hda nixos.qcow2 \
-enable-kvm \
-cpu host \
-smp $(nproc) \
-net nic,model=virtio \
-net user,hostfwd=tcp:127.0.0.1:9000-:9000 \
-device virtio-gpu-pci \
-device virtio-keyboard-pci

http://ix.io/4fqV

TODO: document it https://t.me/nixosbrasil/45184

PedroRegisPOAR commented 1 year ago 
nix shell nixpkgs#ventoy-bin-full
lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
sda      8:0    0 465.8G  0 disk 
├─sda1   8:1    0   7.4G  0 part 
├─sda2   8:2    0 139.7G  0 part 
├─sda3   8:3    0   513M  0 part 
└─sda4   8:4    0 318.1G  0 part 
sdb      8:16   0 111.8G  0 disk 
├─sdb1   8:17   0   512M  0 part /boot/efi
└─sdb2   8:18   0 111.3G  0 part /nix/store
                                 /
sr0     11:0    1  1024M  0 rom  
zram0  253:0    0   1.5G  0 disk [SWAP]

Plug the USB stick, and run again:

lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
sda      8:0    0 465.8G  0 disk 
├─sda1   8:1    0   7.4G  0 part 
├─sda2   8:2    0 139.7G  0 part 
├─sda3   8:3    0   513M  0 part 
└─sda4   8:4    0 318.1G  0 part 
sdb      8:16   0 111.8G  0 disk 
├─sdb1   8:17   0   512M  0 part /boot/efi
└─sdb2   8:18   0 111.3G  0 part /nix/store
                                 /
sdc      8:32   1  28.9G  0 disk 
└─sdc1   8:33   1  28.9G  0 part 
sr0     11:0    1  1024M  0 rom  
zram0  253:0    0   1.5G  0 disk [SWAP]
sudo $(which ventoy) -i /dev/sdc

https://nixos.org/download.html https://releases.nixos.org/nixos/22.11/nixos-22.11.2203.285b3ff0660

https://ubuntu.com/download/desktop

https://getfedora.org/pt_BR/workstation/download/ https://getfedora.org/pt_BR/security/

https://alpinelinux.org/downloads/

https://wiki.centos.org/HowTos/InstallFromUSBkey https://www.centos.org/download/ http://mirror.uepg.br/centos/7/isos/x86_64/

https://www.debian.org/CD/live/ https://www.debian.org/CD/verify

For tests https://www.microsoft.com/pt-br/software-download/windows11

ISO_NAME='nixos-plasma5-22.11.2203.285b3ff0660-x86_64-linux.iso'
URL_ISO='https://releases.nixos.org/nixos/22.11/nixos-22.11.2203.285b3ff0660/'"$ISO_NAME"

test -f "$ISO_NAME" || wget "$URL_ISO"

test -f "$ISO_NAME".sha256 || wget "$URL_ISO".sha256

cat "$ISO_NAME".sha256 | sha256sum -c
ISO_NAME='ubuntu-22.04.1-desktop-amd64.iso'
URL_ISO='https://releases.ubuntu.com/22.04.1/'"$ISO_NAME"

test -f "$ISO_NAME" || wget "$URL_ISO"

echo c396e956a9f52c418397867d1ea5c0cf1a99a49dcf648b086d2fb762330cc88d'  '"$ISO_NAME" | sha256sum -c
ISO_NAME='Fedora-Workstation-Live-x86_64-37-1.7.iso'
URL_CHECKSUM='https://getfedora.org/static/checksums/37/iso/Fedora-Workstation-37-1.7-x86_64-CHECKSUM'
URL_ISO='https://download.fedoraproject.org/pub/fedora/linux/releases/37/Workstation/x86_64/iso/'"$ISO_NAME"

test -f "$ISO_NAME" || wget "$URL_ISO"

test -f "$ISO_NAME"-CHECKSUM || wget "$URL_CHECKSUM"
echo 9c69005baafdba6e4ff04c1cf4779121b7fc9aacab80b4633394576da336a515'  '"$ISO_NAME" | sha256sum -c
ISO_NAME='alpine-standard-3.17.1-x86.iso'
URL_ISO='https://dl-cdn.alpinelinux.org/alpine/v3.17/releases/x86/'"$ISO_NAME"

test -f "$ISO_NAME" || wget "$URL_ISO"

test -f "$ISO_NAME".sha256 || wget "$URL_ISO".sha256

cat "$ISO_NAME".sha256 | sha256sum -c
ISO_NAME='CentOS-7-x86_64-DVD-2009.iso'
BASE_URL='http://mirror.uepg.br/centos/7/isos/x86_64/'
URL_ISO="$BASE_URL""$ISO_NAME"

test -f "$ISO_NAME" || wget "$URL_ISO"

test -f sha256sum.txt || wget "$BASE_URL"sha256sum.txt
echo e33d7b1ea7a9e2f38c8f693215dd85254c3a4fe446f93f563279715b68d07987'  '"$ISO_NAME" | sha256sum -c
ISO_NAME='debian-11.6.0-amd64-netinst.iso'
URL_ISO='https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/'"$ISO_NAME"

test -f "$ISO_NAME" || wget "$URL_ISO"
NIXPKGS_ALLOW_INSECURE=1 nix run --impure nixpkgs#etcher

Other

https://manjaro.org/download/