NixOS is a Linux distribution that has a different take on
package and system management. Instead of installing and configuring packages
manually the system is declared in a
/etc/nixos/configuration.nix file. The interesting part is that the file and all it’s dependencies are calculated using checksums and stored in a content-addressable store. From this stems a number of benefits like the possiblity to switch back to older generations.
On my current server I am using ansible to setup the machine but the drawback with these configuration management tools (chef, puppet, …) is that they only describe what needs to be installed and there is a whole grey area where things are undefined. Removing a package is not simply to remove the package dependency declaration but it needs to be explicitly listed as being removed. Unlike NixOS. Enthropy being what it is I am looking forward to having my whole machine managed by a declarative file.
Vultr (affiliated link) is a VPS host that provides SSD machines in many locations. There exist a lot of competition out there but they do a couple of things right. The most important being that it’s possible to install machines with a custom ISO. NixOS is not available on competitors like DigitalOcean and while it’s possible to swap roots the whole operation is always a bit brittle. Vultr also provides other niceties like IPv6, private networks and a VNC management console. Finally I could also deploy on EC2 (which NixOS provides images for) but the price is a bit too high for my personal use. $16.0/month for 2 CPU, 2GB or RAM and 45GB of SSD sits just right for me. Linode is also a nice and maybe more well-known alternative.
Anyways, these are the reasons. Plus I am also curious and like to try out new things.
Uploading the ISO
After creating a Vultr account, first we have to upload the NixOS ISO.
- Go to https://my.vultr.com/iso/
- Paste the https://nixos.org/releases/nixos/latest-iso-minimal-x86_64-linux aurl
- Click upload
Vultr also supports iPXE. It would be nice to use that to automate all of the next instruction but I haven’t looked into it yet.
Creating the machine
- Go to https://my.vultr.com/deploy/
- Operating system: Custom
- My ISOs: the minimal NixOS ISO
- Fill in all the other things that you want
- “Place Order”
- wait (~60 seconds)
The machine is booted on the ISO but now needs to be setup.
Getting SSH access
Next we want to get SSH access to the machine. Since we don’t have access let’s use the management console to add the SSH keys.
- Go to https://my.vultr.com/index.php
- Click on “Manage” -> “View Console”. This gives a VNC window.
The simplest way to setup SSH is to fetch the SSH public keys from GitHub if you have an account. I made a little script that automates these steps over here.
curl -L http://git.io/vOGOo | user=<your_github_user> sh in the VNC
management console. Now you should be able the SSH into the machine using
Working around the MTU issue
The next step is trying to contact https://cache.nixos.org/nix-cache-info and it was blocking. Something in-between is breaking the MTU Path Discovery (diagnostic). I filed an issue with Vultr but I don’t think it’s their fault, it’s just that most machines are accessing the web trough an encapsulate protocol like PPPoE and therefore have a MTU lower than 15000. If you’re seeing the next steps hang on that URL the workaroud is to lower the eth0 MTU by running:
ifconfig eth0 mtu 1400
This step also needs to be repeated after installation to get access to the NixOS pre-built packages and channel updates.
Installing the system
Now that we have SSH access to the machine let’s follow the instructions given by the NixOS manual.
fdisk /dev/vda n a w mkfs.ext4 -L nixos /dev/vda1 mount -L nixos /mnt nixos-generate-config --root /mnt
Then edit the
/mnt/etc/nixos/configuration.nix with vim or nano. Make sure
to set the
true. The rest is up to you. You can also
come back to it later after installation.
The “Getting SSH access” step might have to be repeated but otherwise the system should be good to go. There is a whole new world to explore and I hope to cover some more of it in next installments once I have replaced my current server with it.