Skip to content

nix-community/nixos-images

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

nixos-images

Automatically weekly updated images for NixOS. This project is intended to extend the images created by hydra.nixos.org. We are currently creating the images listed below:

Kexec tarballs

These images are used for unattended remote installation in nixos-anywhere.

Kexec is a mechanism in Linux to load a new kernel from a running Linux to replace the current kernel. This is useful for booting the Nixos installer from existing Linux distributions, such as server provider that do not offer a NixOS option. After running kexec, the NixOS installer exists only in memory. At the time of writing, this requires secure boot off in BIOS settings and at least 1GB of physical RAM (swap does not count) in the system. If not enough RAM is available, the initrd cannot be loaded. Because the NixOS runs only in RAM, users can reformat all the system's discs to prepare for a new NixOS installation.

It can be booted as follows by running these commands as root:

curl -L https://github.com/nix-community/nixos-images/releases/latest/download/nixos-kexec-installer-noninteractive-x86_64-linux.tar.gz | tar -xzf- -C /root
/root/kexec/run

The kexec installer comes with the following features:

  • Re-uses ssh host keys from the sshd to not break .ssh/known_hosts
  • Authorized ssh keys are read from /root/.ssh/authorized_keys, /root/.ssh/authorized_keys2 and /etc/ssh/authorized_keys.d/root
  • Static ip addresses and routes are restored after reboot. Interface that had dynamic addresses before are configured with DHCP and to accept prefixes from ipv6 router advertisement

The actual kexec happens with a slight delay (6s). This allows for easier integration into automated nixos installation scripts, since you can cleanly disconnect from the running machine before the kexec takes place. The tarball is also designed to be run from NixOS, which can be useful for new installations

Iso installer images

This image allows to boot a NixOS installer off a USB-Stick. This installer has been optimized for remote installation i.e. with nixos-anywhere and clan notably:

  • Enables openssh by default
  • Generates a random root password on each login
  • Enables a Tor hidden SSH service so that by using the torify ssh <hash>.onion, one can log in from remote machines.
  • Prints a QR-Code that contains local addresses, the root password
  • Includes the IWD deamon for easier wifi setups:
    • Run iwctl in the terminal for an interactive wifi setup interface.

Screenshot of the installer

Netboot images

You can boot the netboot image using this ipxe script. It consists of the kernel image and initrd.