Difference between revisions of "Creating a NixOS live CD"
From NixOS Wiki
(isos do now have zfs again) |
m (rollback unauthorized mass edits) Tag: Rollback |
||
| (8 intermediate revisions by 6 users not shown) | |||
| Line 1: | Line 1: | ||
| − | ==Motivation== | + | == Motivation == |
Creating a modified NixOS LiveCD out of an existing working NixOS installation has a number of benefits: | Creating a modified NixOS LiveCD out of an existing working NixOS installation has a number of benefits: | ||
* Ensures authenticity. | * Ensures authenticity. | ||
| Line 5: | Line 5: | ||
* It is easy to add your own packages and configuration changes to the image. | * It is easy to add your own packages and configuration changes to the image. | ||
| − | ==Building== | + | == Building == |
| + | |||
| + | Building minimal NixOS installation CD with the <code>nix-build</code> command by creating this <code>iso.nix</code>-file. In this example with [[Neovim]] preinstalled. | ||
| − | |||
<syntaxhighlight lang="nix"> | <syntaxhighlight lang="nix"> | ||
| − | + | { config, pkgs, ... }: | |
| − | |||
| − | {config, pkgs, ...}: | ||
{ | { | ||
imports = [ | imports = [ | ||
| Line 20: | Line 19: | ||
<nixpkgs/nixos/modules/installer/cd-dvd/channel.nix> | <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix> | ||
]; | ]; | ||
| + | environment.systemPackages = [ pkgs.neovim ]; | ||
} | } | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 27: | Line 27: | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=iso.nix | nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=iso.nix | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | Alternativley, use Nix [[Flakes]] to generate a ISO installation image, using the <code>23.11-beta</code> branch as nixpkgs source: | ||
| + | |||
| + | {{file|flake.nix|nix|<nowiki> | ||
| + | { | ||
| + | description = "Minimal NixOS installation media"; | ||
| + | inputs.nixos.url = "nixpkgs/23.11-beta"; | ||
| + | outputs = { self, nixos }: { | ||
| + | nixosConfigurations = { | ||
| + | exampleIso = nixos.lib.nixosSystem { | ||
| + | system = "x86_64-linux"; | ||
| + | modules = [ | ||
| + | "${nixos}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix" | ||
| + | ({ pkgs, ... }: { | ||
| + | environment.systemPackages = [ pkgs.neovim ]; | ||
| + | }) | ||
| + | ]; | ||
| + | }; | ||
| + | }; | ||
| + | }; | ||
| + | } | ||
| + | </nowiki>}} | ||
| + | |||
| + | The following commands will generate the iso-image | ||
| + | |||
| + | <syntaxhighlight lang="console"> | ||
| + | # git init | ||
| + | # git add flake.nix | ||
| + | # nix build .#nixosConfigurations.exampleIso.config.system.build.isoImage | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 36: | Line 66: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| + | === Testing the image === | ||
| + | |||
| + | To inspect the contents of the ISO image: | ||
| + | |||
| + | <syntaxhighlight lang="console"> | ||
| + | $ mkdir mnt | ||
| + | $ sudo mount -o loop result/iso/nixos-*.iso mnt | ||
| + | $ ls mnt | ||
| + | boot EFI isolinux nix-store.squashfs version.txt | ||
| + | $ umount mnt | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | To boot the ISO image in an emulator: | ||
| + | |||
| + | <syntaxhighlight lang="console"> | ||
| + | $ nix-shell -p qemu | ||
| + | $ qemu-system-x86_64 -enable-kvm -m 256 -cdrom result/iso/nixos-*.iso | ||
| + | </syntaxhighlight> | ||
===SSH=== | ===SSH=== | ||
| Line 72: | Line 120: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| + | === Building faster === | ||
| + | The build process is slow because of compression. | ||
| + | |||
| + | Here are some timings for <code>nix-build</code>: | ||
| + | |||
| + | {| class="wikitable" style="margin:auto" | ||
| + | |+ Compression results | ||
| + | |- | ||
| + | ! squashfsCompression !! Time !! Size | ||
| + | |- | ||
| + | | <code>lz4</code> || 100s || 59% | ||
| + | |- | ||
| + | | <code>gzip -Xcompression-level 1</code> || 105s || 52% | ||
| + | |- | ||
| + | | <code>gzip</code> || 210s || 49% | ||
| + | |- | ||
| + | | <code>xz -Xdict-size 100%</code> (default) || 450s || 43% | ||
| + | |} | ||
| + | |||
| + | See also: [https://gist.github.com/baryluk/70a99b5f26df4671378dd05afef97fce mksquashfs benchmarks] | ||
| + | |||
| + | If you don't care about file size, you can use a faster compression | ||
| + | by adding this to your <code>iso.nix</code>: | ||
| + | |||
| + | <syntaxhighlight lang="nix"> | ||
| + | { | ||
| + | isoImage.squashfsCompression = "gzip -Xcompression-level 1"; | ||
| + | } | ||
| + | </syntaxhighlight> | ||
==See also== | ==See also== | ||
| − | * [https://nixos.org/nixos/ | + | * [https://nixos.org/manual/nixos/stable/index.html#sec-building-image NixOS Manual: Building a NixOS (Live) ISO]. |
[[Category:NixOS]] | [[Category:NixOS]] | ||
[[Category:Installation]] | [[Category:Installation]] | ||
[[Category:Deployment]] | [[Category:Deployment]] | ||
| − | [[Category: | + | [[Category:Cookbook]] |
Latest revision as of 10:53, 6 April 2024
Motivation
Creating a modified NixOS LiveCD out of an existing working NixOS installation has a number of benefits:
- Ensures authenticity.
- No need for internet access.
- It is easy to add your own packages and configuration changes to the image.
Building
Building minimal NixOS installation CD with the nix-build command by creating this iso.nix-file. In this example with Neovim preinstalled.
{ config, pkgs, ... }:
{
imports = [
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
# Provide an initial copy of the NixOS channel so that the user
# doesn't need to run "nix-channel --update" first.
<nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
];
environment.systemPackages = [ pkgs.neovim ];
}
Build the image via:
nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=iso.nix
Alternativley, use Nix Flakes to generate a ISO installation image, using the 23.11-beta branch as nixpkgs source:
flake.nix
{
description = "Minimal NixOS installation media";
inputs.nixos.url = "nixpkgs/23.11-beta";
outputs = { self, nixos }: {
nixosConfigurations = {
exampleIso = nixos.lib.nixosSystem {
system = "x86_64-linux";
modules = [
"${nixos}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"
({ pkgs, ... }: {
environment.systemPackages = [ pkgs.neovim ];
})
];
};
};
};
}
The following commands will generate the iso-image
# git init
# git add flake.nix
# nix build .#nixosConfigurations.exampleIso.config.system.build.isoImage
The resulting image can be found in result:
$ ls result/iso/
nixos-17.09.git.158ec57-x86_64-linux.iso
Testing the image
To inspect the contents of the ISO image:
$ mkdir mnt
$ sudo mount -o loop result/iso/nixos-*.iso mnt
$ ls mnt
boot EFI isolinux nix-store.squashfs version.txt
$ umount mnt
To boot the ISO image in an emulator:
$ nix-shell -p qemu
$ qemu-system-x86_64 -enable-kvm -m 256 -cdrom result/iso/nixos-*.iso
SSH
In your iso.nix:
{
...
# Enable SSH in the boot process.
systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AaAeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee username@host"
];
...
}
Static IP Address
Static IP addresses can be set in the image itself. This can be useful for VPS installation.
{
...
networking = {
usePredictableInterfaceNames = false;
interfaces.eth0.ip4 = [{
address = "64.137.201.46";
prefixLength = 24;
}];
defaultGateway = "64.137.201.1";
nameservers = [ "8.8.8.8" ];
};
...
}
Building faster
The build process is slow because of compression.
Here are some timings for nix-build:
| squashfsCompression | Time | Size |
|---|---|---|
lz4 |
100s | 59% |
gzip -Xcompression-level 1 |
105s | 52% |
gzip |
210s | 49% |
xz -Xdict-size 100% (default) |
450s | 43% |
See also: mksquashfs benchmarks
If you don't care about file size, you can use a faster compression
by adding this to your iso.nix:
{
isoImage.squashfsCompression = "gzip -Xcompression-level 1";
}