Diskussion:NixOS

Aus C3D2
Wechseln zu: Navigation, Suche

Ideen für Ideen zu und rund um NixOS

NixOS meets iRedMail

(g)ui the whole configuration.nix

  • gui oder wui
  • Unmöglichkeit von Typos
  • bessere Übersicht zu (allen) verfügbaren Optionen
  • ...

NixOS as FreeBSD

aka uNix oder FreeNix oder NixBSD

nixpkgs on BSD

FreeBSD
Siehe Diskussion:BSD#FreeBSD meets Nixpkgs
Dragonfly BSD
Anwendungsbeispiele
nix für Jails

my perfect NixOS laptop installation

The goal is to set up a sweet default for the usage of a (usual) laptop running NixOS.

Probably we are going to use a ThinkPad (idea of the project denkende Bretter bohren). Of course everybody can bring their own device.

The "perfect" setup seems to be:

  • NixOS
  • ZFS (for everything but /boot)
    ext4 might be possible also but is not as feature rich. btrfs should be also available to install (NixOS) on.
  • 2 mirrored disks (nice to have)
    (A caddy for a second disk (for a ThinkPad) will be there for testing such a setup. user:vater has got one.)
  • all data encrypted (as far as possible - for / but probably without /boot)
    Probably we have to use the 18.03 (version of NixOS, a prerelease) b/c we also want to test native ZFS encryption.
    Those who are interested to run LUKS - the "typical" way to encrypt devices on GNU/Linux - can do of course.
    ZFS native encryption is one of the newest features of ZFS, driven by the ZoL community. (It is not available on FreeBSD at present (2017-10).)
  • (maybe a device or file for swap)

Installation

Hardware

Laptop
lenovo ThikPad T430
Massenspeicher
  • 2 x 500 GB HDD
  • 1 x 24 GB SSD
  • 1 x 16 GB USB
Arbeitsspeicher
  • 2 x 8 GB DDR3

Partitionieren und Formatieren

Bestandsaufnahme der verfuegbaren Geraete an Massenspeicher
lsblk
fdisk -l /dev/sda
Disk /dev/sda: 465.8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
fdisk -l /dev/sdb
Disk /dev/sdb: 22.4 GiB, 24015495168 bytes, 46905264 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
fdisk -l /dev/sdc
Disk /dev/sdc: 14.9 GiB, 16005464064 bytes, 31260672 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
fdisk -l /dev/sdd
Disk /dev/sdd: 465.8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Partitionierung eines verfuegbaren Geraetes an Massenspeicher
Pauschales Erstellen einer neuen Partitionstabelle auf jedem Geraet, das kuenftig Bestandteil vom Setup sein soll
BTW: Das kann auch gern auf der grafischen Oberflaeche mit GParted gemacht werden.
  • Geraet im Dropdown-Menue auswaehlen
  • Device -> Create Partion Table
  • gpt im Dropdown-Menue auswaehlen
  • Bestaetigen

???

sgdisk -p /dev/sda
Number  Start (sector)    End (sector)  Size       Code  Name
   1            2048         2099199   1024.0 MiB  8300  Linux filesystem
   2         2099200       976773119   464.8 GiB   8300  Linux filesystem
sgdisk -Z /dev/sda
GPT data structures destroyed! You may now partition the disk using fdisk or other utilities.
sgdisk -o /dev/sda
Creating new GPT entries.
The operation has completed successfully.
sgdisk -p /dev/sda
Disk /dev/sdd: 976773168 sectors, 465.8 GiB
Model:
Sector size (logical/physical): 512/4096 bytes
Disk identifier (GUID):
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 976773134
Partitions will be aligned on 2048-sector boundaries
Total free space is 976773101 sectors (465.8 GiB)

Number  Start (sector)    End (sector)  Size       Code  Name

Achtung!
Bisher wurde ausschliesslich mit MBR erfolgreich die Installation durchgefuehrt.


sgdisk -a1 -n2:34:2047 -t2:EF02 /dev/sda
sgdisk -n1:0:0 -t1:BF01 /dev/sda
sgdisk -p /dev/sda
Disk /dev/sda: 976773168 sectors, 465.8 GiB
Model:
Sector size (logical/physical): 512/4096 bytes
Disk identifier (GUID):
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 976773134
Partitions will be aligned on 8-sector boundaries
Total free space is 0 sectors (0 bytes)

Number  Start (sector)    End (sector)  Size       Code  Name
   1            2048       976773134   465.8 GiB   BF01  
   2              34            2047   1007.0 KiB  EF02
Partitionierung eines weiteren Geraetes an Massenspeicher

Replizieren der Partitionstablle vom eingerichteten Geraet sda auf das gleichermassen einzurichtende Geraet sdd

sgdisk /dev/sda -R /dev/sdd
The operation has completed successfully.

Generieren einer neuen (abweichenden) GUID fuer das gleichermassen einzurichtende Geraet sdd

sgdisk -G /dev/sdd
Erstellen vom Spiegel der Partitionen fuers Booten
(leider) ohne ZFS
Spiegeln (in Anlehnung an den Spiegel von ZFS) der Geraete

Erstellen von einem Spiegel der Partitionen (sda1 und sdd1) fuer das Booten der einheitlich eingerichteten Geraete sda und sdd

mdadm --create /dev/md127 --metadata=0.90 --level=mirror --raid-devices=2 /dev/sda1 /dev/sdd1
mdadm: array /dev/md127 started.

(theoretisches) Zerstoeren vom Spiegel der Partitionen (sda1 und sdd1)

mdadm --stop /dev/md127
mdadm --zero-superblock /dev/sda1 /dev/sdd1

(optionales) Anzeigen lassen der Einzelheiten des erstellten Spiegels

mdadm --detail /dev/md127
mkfs.ext4 -m 0 -L boot -j /dev/md127
mke2fs 1.43.7 (16-Oct-2017)
Creating filesystem with 122096368 4k blocks and 30531584 inodes
Filesystem UUID: eb3bd738-a661-400e-a0dc-990bace991d7
Superblock backups stored on blocks: 
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 
        4096000, 7962624, 11239424, 20480000, 23887872, 71663616, 78675968, 
        102400000

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (262144 blocks): done
Writing superblocks and filesystem accounting information:
done
Erstellen vom gespiegelten Pool der Partitionen fuer ZFS
zpool create -f -o ashift=12 -o altroot=/mnt -O encryption=aes-256-gcm -O keyformat=passphrase zroot mirror /dev/sda1 /dev/sdd1
Enter passphrase:
Re-enter passphrase:
Erstellen der Datasets gespiegelten Pool der Partitionen fuer ZFS
zfs create -o mountpoint=none zroot/root
zfs create -o mountpoint=legacy -o sync=disabled zroot/root/tmp
zfs create -o mountpoint=legacy zroot/root/nixos
zfs create -o mountpoint=legacy zroot/root/home
zfs set compression=lz4 zroot/root/home
Einhaengen der Speicher fuer die Installation
mount -t zfs zroot/root/nixos /mnt
mkdir /mnt/{home,tmp,boot}
mount /dev/md127 /mnt/boot/
mount -t zfs zroot/root/home /mnt/home/
mount -t zfs zroot/root/tmp /mnt/tmp/
Einhaengen der Speicher fuer die Installation
nixos-generate-config --root /mnt
writing /mnt/etc/nixos/hardware-configuration.nix...
writing /mnt/etc/nixos/configuration.nix...
Einhaengen der Speicher fuer die Installation
nixos-generate-config --root /mnt
writing /mnt/etc/nixos/hardware-configuration.nix...
warning: not overwriting existing /mnt/etc/nixos/configuration.nix
cat /mnt/etc/nixos/hardware-configuration.nix
# Do not modify this file!  It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations.  Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, ... }:

{
  imports =
    [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
    ];

  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ata_piix" "usb_storage" "sd_mod" "sdhci_pci" ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];

  fileSystems."/" =
    { device = "zroot/root/nixos";
      fsType = "zfs";
    };

  fileSystems."/boot" =
    { device = "/dev/disk/by-uuid/161f4a4b-93da-4722-a8bf-035451b28201";
      fsType = "ext4";
    };

  fileSystems."/home" =
    { device = "zroot/root/home";
      fsType = "zfs";
    };

  fileSystems."/tmp" =
    { device = "zroot/root/tmp";
      fsType = "zfs";
    };

  swapDevices =
    [ { device = "/dev/disk/by-uuid/8d44ba2b-4cc3-4f7f-b4b4-6e78f461222b"; }
    ];

  nix.maxJobs = lib.mkDefault 4;
####  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
cat /mnt/etc/nixos/hardware-configuration.nix
# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ config, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
    ];

  # Use the GRUB 2 boot loader.
  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;
  # boot.loader.grub.efiSupport = true;
  # boot.loader.grub.efiInstallAsRemovable = true;
  # boot.loader.efi.efiSysMountPoint = "/boot/efi";
  # Define on which hard drive you want to install Grub.
  # boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
        boot.loader.grub.devices = [ "/dev/sda" "/dev/sdd" ];

        boot.zfs.enableUnstable = true;
        boot.supportedFilesystems = [ "zfs" ];

  # networking.hostName = "nixos"; # Define your hostname.
  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
        networking.hostId = "ac174b52";

  # Select internationalisation properties.
  # i18n = {
  #   consoleFont = "Lat2-Terminus16";
  #   consoleKeyMap = "us";
  #   defaultLocale = "en_US.UTF-8";
  # };
        i18n = {
                consoleFont = "Lat2-Terminus16";
                consoleKeyMap = "us";
                defaultLocale = "en_US.UTF-8";
        };

  # Set your time zone.
  # time.timeZone = "Europe/Amsterdam";
        time.timeZone = "Europe/Berlin";

  # List packages installed in system profile. To search by name, run:
  # $ nix-env -qaP | grep wget
  # environment.systemPackages = with pkgs; [
  #   wget vim
  # ];
       environment.systemPackages = with pkgs; [
                wget
                vim
                firefox
        ];  


  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.bash.enableCompletion = true;
        programs.bash.enableCompletion = true;
  # programs.mtr.enable = true;
        programs.mtr.enable = true;
  # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
        programs.gnupg.agent = { enable = true; enableSSHSupport = true; };

  # List services that you want to enable:

  # Enable the OpenSSH daemon.
  # services.openssh.enable = true;
        services.openssh.enable = true;

  # Open ports in the firewall.
  # networking.firewall.allowedTCPPorts = [ ... ];
  # networking.firewall.allowedUDPPorts = [ ... ];
  # Or disable the firewall altogether.
  # networking.firewall.enable = false;

  # Enable CUPS to print documents.
  # services.printing.enable = true;

  # Enable the X11 windowing system.
  # services.xserver.enable = true;
        services.xserver.enable = true;
  # services.xserver.layout = "us";
        services.xserver.layout = "us";
  # services.xserver.xkbOptions = "eurosign:e";
        services.xserver.xkbOptions = "eurosign:e";

  # Enable touchpad support.
  # services.xserver.libinput.enable = true;

  # Enable the KDE Desktop Environment.
  # services.xserver.displayManager.sddm.enable = true;
        services.xserver.displayManager.sddm.enable = true;
  # services.xserver.desktopManager.plasma5.enable = true;
        services.xserver.desktopManager.plasma5.enable = true;

  # Define a user account. Don't forget to set a password with ‘passwd’.
  # users.extraUsers.guest = {
  #   isNormalUser = true;
  #   uid = 1000;
  # };

  # This value determines the NixOS release with which your system is to be
  # compatible, in order to avoid breaking some software such as database
  # servers. You should change this only after NixOS release notes say you
  # should.
  system.stateVersion = "18.03"; # Did you read the comment?

}
Ersetzen eines der Geraete an Massenspeicher

tbc

MBR
GPT

booting from ZFS

GRUB kann doch ZFS, oder?

oder ist das nur ein Ding für FreeBSD?

Das Übergeben vom Passwort ist dann vielleicht noch einmal ein anderer Akt. (Ich bilde mir ein, dass als PC-BSD zeitweise GRUB nutzte, das da bereits bei GRUB das Passwort abverlangt wurde. (set kFreeBSD.kern.geom.eli.passphrase="$pass" oder so ein Pfeffer[1]))

Domains

  • nix
    • guide
    • style
    • support
    • training
    • earth
    • international
    • world
    • land
    • city
    • farm
    • team
    • group
    • community
    • center
    • school
    • academy
    • institute
    • company
    • promo
    • tools
    • network
  • nixos
  • https://github.com/trueos/trueos-core/blob/master/overlays/install-overlay/boot/grub/grub.cfg.trueos