Installing NixOS along side Windows 10

It’s time to do the system installation dance again. This time I got the Lenovo ThinkPad X1 Yoga. This new laptop is great, I immediately found back the old Thinkpad feel with the familiar middle knob on the keyboard, but it also sports a foldable touch screen and stylus to be used as a tablet.

This time around I thought I’d take some personal notes. The goal here is: keep Windows for tablet mode (and gaming), install NixOS alongside (with obligatory full disk encryption).

Windows preparation

After the usual windows updates it’s time to shrink the disk. Follow the instructions here: http://www.download3k.com/articles/How-to-shrink-a-disk-volume-beyond-the-point-where-any-unmovable-files-are-located-00432

Then make a new partition with the windows disk utility. In the end your should have:

Note
With 8GB of RAM I don’t really need a swap partition. YMMV.
Note
Both Windows 10 and NixOS will share the EFI partition

BIOS tuning

On boot press F1 to enter the BIOS setup.

Disable secure boot to allow the installation of NixOS.

I also changed a couple of other settings: * VT was disabled, this is useful for virtualization * WoL was enabled, this is useless in a laptop context * EFI networking stack was enabled, also useless in a laptop context

NixOS installation

INFO: The official docs are a wonderful source of information.

Download the latest ISO from https://nixos.org/ and then dd it onto a USB dongle. I used the last 16.09 ISO which is almost ready to be released from http://releases.nixos.org/nixos/16.09/nixos-16.09beta172.e3bdf6b/ → graphical ISO.

Plug the USB dongle into the laptop and reboot.

Setting up the disk encryption

Before installing NixOS we need to setup the disk. As usual the ArchLinux Wiki is the best source of information for that: https://wiki.archlinux.org/index.php/Disk_encryption

Here we assume that /dev/sda4 is the NixOS parititon. From the previous table, /dev/sda2 has snuck in, I don’t know what it is but it’s super small so it doesn’t matter.

Note
Why is the disk not visible as /dev/nvme0 ?

I also decided to use LUKS+dm-crypt and then put an ext4 partition on top.

Wipe the partition
$ cryptsetup open --type plain /dev/sda4 container --key-file /dev/random
$ dd if=/dev/zero of=/dev/mapper/container status=progress bs=1M
$ cryptsetup close container
Note
adding bs=1M improved the speed from 79MB/s to 500MB/s.
Setup crypt
$ cryptsetup -v luksFormat /dev/sda4
[enter password]
$ cryptsetup open --type luks /dev/sda4 cryptroot
[enter password]
$ mkfs.ext4 -L nixos /dev/mapper/cryptroot
$ mount /dev/disk/by-label/nixos /mnt
$ mkdir /mnt/boot
$ mount /dev/sda1 /mnt/boot

TODO: Check if any SDD-specific options apply.

Connect to the Internet

The NixOS installer needs the network to be available to install the system. The ISO is using NetworkManager to configure the network so just run nmtui for a graphical setup to configure the wireless card.

Note
Why are the iw and iwconfig commands missing?
Note
Networking setup is missing in the official docs.

Configure

On 16.09 nixos-generate-config properly detects the full disk encryption.

$ nixos-generate-config --root /mnt

Open /mnt/etc/nixos/configuration.nix and add networking.networkmanager.enable = true;

Install

$ nixos-install
$ reboot

That’s it for now. The next steps will be to copy my old laptop’s /etc/nixos/configuration.nix file and all the data from my home directory.