Technology

Reliable and reproducible Linux installation with NixOS

February 8, 2022

When using an operating system, upgrading packages or installing new ones are common tasks that introduce the risk of affecting system stability. NixOS is a Linux distribution that ensures the reliability of the operating system and enables easy reproducibility of the current and previous state of the system.

This article follows ours Nix introduction and deploy NixOS on your computer. It explains how NixOS works, how to obtain and install it, and how Nix ensures reliability. Your machine will boot with a working NixOS system and you will gain knowledge of how NixOS, the Nix package manager and Home Manager interact together.

What is NixOS?

NixOS is a Linux distribution. It is built on top of Nix, a functional package manager, which language is inspired by functional programming. NixOS takes the power of the Nix package manager and applies it to the entire system. This means, among other things, that it is easy to roll back the entire system's configuration to a previous state. As a complement to the system managed by NixOS, Home Manager manages a user environment.

Why NixOS?

NixOS applied Nix fundamentals to the entire system. It leads to:

System reproducibility: given a specification of a system (in a NixOS configuration file) it is possible to reproduce the entire system (modulo mutable state, such as the contents of databases for example) to another machine.
Atomic upgrades and rollbacks: changes made at the system level or package level can always be rolled back.
Dependency Management: NixOS uses Nix package management. Nix ensures that the dependency declaration is complete when you install a package. Because Nix stores packages in isolation between them, it is possible to have different versions of the same package installed. So different packages can then use different versions of the same dependency without problems. That the management of dependencies does not lead to apps with huge sizes as is the case with flatpack.

Installation of NixOS

The machine used during the installation is a Dell Precision 5520 laptop with 1 TB SSD and 32 GB RAM. The instructions should apply to any machine, whether it's a development PC, a laptop, or a virtual machine.

Get the NixOS ISO

NixOS ISO image can be downloaded from NixOS download page. The ISO image file comes in two options:

The graphical ISO image (the easiest choice): with this option, the installation is easier because it has the graphical interface and network, ready to use, needed for the installation.
The Minimal ISO Image (Non-Graphical): This is the minimalistic ISO image in terms of content. The advantage is the smaller size of the ISO image. But the downside is that there is more to prepare before installation. How to use prepare the network in the installer.

Networking must be configured prior to installation to download the requested dependencies.

My installation uses the graphical ISO image with Gnome desktop environment. The size is relatively small, about 2 GB.

Start the installer

The .iso disk imaging is used to create a bootable USB drive. The NixOS official documentation covers the process. Follow Ubuntu documentation for a more user-friendly approach using balenaEtcher.

Once done, reboot your target machine and boot from the USB drive. The screen displays a graphical interface where NixOS can be configured and installed. An initial screen suggests several variants of the installer, select the first suggestion. A few seconds later, Gnome is running from the USB system. Open a new terminal.

Partitioning

The NixOS installer does no partitioning or formatting. It is the responsibility of the user. To perform this operation, it is necessary to know the name of the hard drive. The command below helps to know the hard drive name:

In our case of installation was the name of the hard drive /dev/nvme0n1. But depending on the disk type (SATA, SSD, NVMe, …) it is possible to have alternative values such as e.g. /dev/sda. For the rest of this article, commands are based on the device name /dev/nvme0n1.

Once the drive name is known, the next step is partitioning. In our case, a single partition is completely dedicated to the operating system. Hibernation during reboot persists system state on disk to swap space. It thus requires the creation of a change partition. It is not recommended to enable hibernation on systems with large RAM resources such as a server. If you choose to enable hibernation, set the swap size to 1.5 times the RAM size.

The UEFI partition scheme is used as the boot method. The swap partition uses 50 GiB. The MBR partition scheme is also presented for illustration purposes.

From the terminal, log in as root with sudo su -. Both fdisk and Parted are valid tools for partitioning the drive.

Formatting

Quick summary, in our setup NixOS targets /dev/nvme0n1 disk. The /dev/nvme0n1p2 the partition is the root of the Linux system. The /dev/nvme0n1p3 the partition is the swap unit.

In this step, the goals are to format the partitions, activate the swap partition, and mount the target file system on which NixOS will be installed. Here are commands for UEFI and MBR (Legacy boot) boot methods:

UEFI case


mkfs.ext4 -L nixos /dev/nvme0n1p2
mkswap -L swap /dev/nvme0n1p3
mkfs.fat -F 32 -n boot /dev/nvme0n1p1

mount /dev/disk/by-label/nixos /mnt
swapon /dev/nvme0n1p3
mkdir -p /mnt/boot
mount /dev/disk/by-label/boot /mnt/boot

MBR case

mkfs.ext4 -L nixos /dev/nvme0n1p1
mkswap -L swap /dev/nvme0n1p2
mount /dev/disk/by-label/nixos /mnt
swapon /dev/nvme0n1p2
nixos-generate-config --root /mnt

NixOS configuration

Installation is done via the NixOS configuration file in the /mnt/etc/nixos/configuration.nix. Commands to generate the configuration file and open it for release:

nixos-generate-config --root /mnt
nano /mnt/etc/nixos/configuration.nix

In the NixOS philosophy, the NixOS configuration file reflects the entire system. It includes the packages to install, the service to run, the settings to apply, the network configuration, and potentially much more. To make this introduction easier to understand, we'll start with a minimal configuration and complete it when the system reboots. In the future, you will be prompted to perform this configuration. That way, on a new machine installation, you have the ability to clone your configuration and reuse it, or a subset of it, to a new targeted environment.

A minimal NixOS configuration file targeting the Gnome desktop environment and UEFI boot method is shown below. If you want to start with a more complete system, you can enrich the configuration with your own properties or use the more comprehensive configuration file suggested at the end of this article.

{ config, pkgs, ... }:

{
  imports =
    [ 
      ./hardware-configuration.nix
    ];

  
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  
  
  
  
  networking.useDHCP = false;
  networking.interfaces.wlp2s0.useDHCP = true;
  networking.networkmanager.enable = true;

  
  services.xserver.enable = true;

  
  services.xserver.displayManager.gdm.enable = true;
  services.xserver.desktopManager.gnome.enable = true;
  
  
  services.xserver.layout = "fr";

  
  sound.enable = true;
  hardware.pulseaudio.enable = true;

  
  services.xserver.libinput.enable = true;

  
  
  users.users.florent = {
    isNormalUser = true;
    initialPassword = "secret";  
    extraGroups = [ "wheel" ]; 
  };

  
  
  environment.systemPackages = with pkgs; [
    vim
  ];

  
  services.openssh.enable = true;

  
  
  
  
  
  
  system.stateVersion = "21.05"; 
}

Installation

This is the last step before rebooting into the system. Internet connection is required to download dependencies. The installation reflects the contents of the configuration created earlier. The command to start the installation is:

A root password is requested. Once done, the system is ready on reboot.

Modify the NixOS configuration

Once the system is up, the system will evolve with your needs. New tools are installed, services are started, and the configuration is updated. This is part of the system life cycle regardless of whether the system targets a development machine or a production server.

The NixOS configuration file reflects the system-level configuration and affects all users created on the machine. In addition, Home manager works at the user level. It installs software and configuration for a specific user.

Adding the package curl at the system level is done with the configuration below:

{ config, pkgs, ... }:

{
  ...
  environment.systemPackages = with pkgs; [
    vim 
    curl
  ];
  ...
}

Each change to the NixOS configuration file results in a new boot configuration. The commands below build the configuration declared in the NixOS configuration file and make it the default boot configuration:

In any application of the command nixos-rebuild switch, a new boot configuration is available at the beginning of the operating system. Here is a sample screen on reboot:

Command to list the boot configurations on NixOS:

sudo nix-env -p /nix/var/nix/profiles/system --list-generations

Our Nix introduction lists the most common commands.

What is Home Manager?

Home Manager is a tool for managing a user environment using the Nix package manager. As such, it completes NixOS. There are two ways to use Home Manager:

Use it standalone home manager tool

It allows management of a user's home directory independently of the system as a whole. There are two configuration files to maintain: a file for the system-level configuration (/etc/nixos/configuration.nix) and a file for the user-level configuration (~/config/nixpkgs/home.nix). The former requires root privileges while the latter is executed by the user without sudoers permissions.
As a module in a NixOS system configuration

It allows managing system-level configuration and user-level configuration within a single file (/etc/nixos/configuration.nix). Root-level permission is required to apply Home Manager updates.

I found it easier to maintain my system configuration in a single file. After all, I am the only user of my development machine. Below we cover the installation of Home Manager as a module in the NixOS system configuration.

Home Manager as a module in NixOS

Installing Home Manager as a NixOS module requires root-level privileges. From the terminal, log in as root with sudo su -. Then follow the steps below to configure Home Manager:

Use the commands below to add the Home Manager channel:

nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager

nix-channel --update

add in imports section in the NixOS configuration file. A new NixOS option is called home-manager.users is now available.

Given the NixOS configuration file example in Sec Generating and configuring the NixOS configuration fileadd Home Manager module to install python3 package and to configure the dot file .git for a user named florent gives:

{ config, pkgs, ... }:

{
  imports =
    [
      ./hardware-configuration.nix
            <home-manager/nixos>    ];

  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  networking.useDHCP = false;
  networking.interfaces.wlp2s0.useDHCP = true;
  networking.networkmanager.enable = true;
  services.xserver.enable = true;
  services.xserver.displayManager.gdm.enable = true;
  services.xserver.desktopManager.gnome.enable = true;
  services.xserver.layout = "fr";
  sound.enable = true;
  hardware.pulseaudio.enable = true;
  services.xserver.libinput.enable = true;
  users.users.florent = {
    isNormalUser = true;
    initialPassword = "titi"  
    extraGroups = [ "wheel" ]; 
  };
    home-manager.users.florent = { pkgs, ...}: {        home.packages = [       pkgs.python3    ];        programs.git = {      enable = true;      userName = "Florent";      userEmail = "florent@adaltas.com";    };  };
  environment.systemPackages = with pkgs; [
    vim 
    curl
  ];
  services.openssh.enable = true;
  system.stateVersion = "21.05"; 
}

As before, use nixos-rebuild switch to apply changes.

Conclusion

NixOS applies Nix fundamentals to the entire system for a holistic Nix experience. Nix simplifies the process of saving, sharing or replicating the configuration of machines. Applied to the entire system, it creates a flexible, reliable and reproducible Linux distribution. One can easily imagine the appeal of these benefits applied to CI/CD environments and distributed clusters.

#Reliable #reproducible #Linux #installation #NixOS

Source link

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Join Our Team!

Contact Us