Installing and Configure NixOS Server in a VirtualBox Guest
-
Upload
manaf-hasibuan -
Category
Documents
-
view
1.043 -
download
22
description
Transcript of Installing and Configure NixOS Server in a VirtualBox Guest
Installing and Configure NixOS Server in a VirtualBox guest
1. Download a NixOS ISO
2. Add a New Machine in VirtualBox with OS Type "Linux / Other Linux"
Base Memory Size: 768 MB or higher.
New Hard Disk of 8 GB or higher.
Mount the CD-ROM with the NixOS ISO (by clicking on CD/DVD-ROM)
Click on Settings / System / Processor and enable PAE/NX
Click on Settings / System / Acceleration and enable "VT-x/AMD-V" acceleration
3. Save the setting and start the Virtual machine
4. Boot into install shell
5. Mount the disk as follows:
$ fdisk /dev/sda # Create a full partition, For quick setup use these commands in
order: n, p, 1, <Enter>, <Enter>, w
$ mkfs.ext4 -j -L nixos /dev/sda1
$ mount LABEL=nixos /mnt
$ nixos-generate-config --root /mnt
1. Change the configuration.nix open the main NixOS configuration file via nano:
$ nano /mnt/etc/nixos/configuration.nix
Basic Configuration
In the configuration.nix, enable the virtualbox guest service at the main block:
virtualisation.virtualbox.guest.enable = true;
Also remove the fsck that runs at startup. It will always fail to run, stopping your boot until you press
*.
boot.initrd.checkJournalingFS = false;
Then do whatever installation tasks you normally do. Make sure you add a user and give the user a
password.
You may also want to automatically log into a specific user when starting up the virtual machine,
instead of having a login screen. Set xserver displayer manager properties as follows:
services.xserver.displayManager.auto.enable = true;
services.xserver.displayManager.auto.user = "your-user";
When you are happy with your configuration file, run nixos-install and reboot.
$ nixos-install
$ reboot
Minimal Install (For Servers)
This section is about installing a minimal NixOS VirtualBox Guest for servers. It will be bare bones,
except for allowing you to ssh into it.
First off, complete the steps listed in the Base Instructions section.
Then, in the VirtualBox settings, under networking, select "Attached to: NAT" and change the host-
interface to "en1: Airport".
Replace the NixOS configuration file with the following:
{ config, pkgs, ...} :
{
boot.loader.grub.device = "/dev/sda";
# Enable virtualbox guest additions
virtualisation.virtualbox.guest.enable = true;
# Enable the sshd daemon so you can ssh
# into the
services.openssh.enable = true;
fileSystems = [
{ mountPoint = "/";
label = "nixos";
}
];
}
Finally, run nixos-install, reboot, and you'll have a working NixOS system.
$ nixos-install
$ reboot
Networking
UPDATE: This can now all be done in the VirtualBox Settings GUI for the VM: Settings -> Network -
> Advanced -> Port Forwarding.
However, you can't conveniently log in to ssh this way, so you'll need to set up port-forwarding. Doing
that is explained on this site, all you have to do is create a script named "vbox-tunnel" that contains the
following lines:
#!/bin/bash
cd /Applications/VirtualBox.app/Contents/MacOS/
./VBoxManage setextradata "$1"
"VBoxInternal/Devices/pcnet/0/LUN#0/Config/$2/Protocol" TCP
./VBoxManage setextradata "$1"
"VBoxInternal/Devices/pcnet/0/LUN#0/Config/$2/GuestPort" $3
./VBoxManage setextradata "$1"
"VBoxInternal/Devices/pcnet/0/LUN#0/Config/$2/HostPort" $4
Now execute the script:
vbox-tunnel Nix sshtunnel 22 2222
You should be able to log in to Nix now by running ssh -p 2222 localhost in your Terminal.
Enjoy!
Alternative (independent of virtual network card chosen for the guest):
VBoxManage modifyvm "Nix" --natpf1 "sshtunnel,tcp,,2222,,22"
As before, you are now able to log in to Nix by running ssh -p 2222 localhost in your terminal.
Shared Folders
Shared folders can be given a name and a path in the host system in the VirtualBox settings (Machine /
Settings / Shared Folders, then click on the "Add" icon). Add the following to the
/etc/nixos/configuration.nix to auto-mount them:
{ config, pkgs, ...} :
{
...
fileSystems."/virtualboxshare" = {
fsType = "vboxsf";
device = "nameofthesharedfolder";
options = "rw";
};
}
The folder will be available directly under the root directory.
If you want to have symlinks you have to use something like VBoxManage setextradata VM_NAME
VBoxInternal2/SharedFoldersEnableSymlinksCreate/SHARE_NAME 1 to enable them.
As noted that vboxsf is quite slow, and NFS, CIFS or 9P might be a better choice if the host support
these networking.
Vagrant boxes
Using Vagrant requires maintaining base boxes and some plugins
Install/remove software
How to install software
There are (at least) four distinct ways to install software, with different purposes. These are
Installing into the global system environment Installing into the root user profile Installing into a normal user profile Installing into a project/program-specific environment (e.g. with nix-shell or nixos-container)
System environment installation
This method makes software globally available for all users, and is the closest to functionality such as
apt-get install in Debian/Ubuntu. This option is only available if you are running a full NixOS
installation, as opposed to standalone Nix.
Note: This method is preferred over the next method (root user profile) due to potential issues with kernel modules [TODO: needs more clarification].
To install a package to the system environment, add it to the corresponding
environment.systemPackages list in /etc/nixos/configuration.nix
environment.systemPackages = with pkgs; [
zsh wget
];
and then run:
nixos-rebuild switch
Removing software installed into the system environment is almost the same process - remove the
package from environment.systemPackages, then run nixos-rebuild switch
Root user installation
Software installed via nix-env as root is also globally available to all users, e.g.
nix-env -i links2
Note: generally the method above (system environment) is preferable to this. However this method could be useful if you have a standalone Nix installation (in which case the method above is not available).
To remove software installed in this way, use nix-env as the root user
nix-env -e links2
Normal user installation
This method makes software available only for the user who installs it. Take care not to use sudo, or
else you have hit the case above (root user installation)
nix-env -i links2
To remove software installed in this way, use nix-env
nix-env -e links2
Installing into a subshell
In some cases, you may want access to a program for a specific task or project, but do not want to
install it into your user or system profiles. For example, if you have five projects under development,
each of which depends on a different version of the Python interpreter, then you can constrain each
interpreter to be available only within the context of the corresponding project, instead of trying to
install them into the system/user profiles. For more information see
https://nixos.org/wiki/Develop_software_with_unique_profiles_using_Nix
Garbage collection
Removing software as described above will not immediately free up disk space. This is because
previous generations of profiles are maintained to enable rollbacks. To free up disk space run
nix-env --delete-generations old
nix-collect-garbage
Note: nix-env --delete-generations old should be run as the same user (root or normal user) from whose profile you uninstalled software
Note: as a shortcut to garbage collect everything not currently used by some profile, run as root
nix-collect-garbage -d
Note: after garbage-collecting old generations, rolling back to them is no longer possible
How to list installed software
Software per user
That works for each 'shell' of a single user:
nix-env -q
Software in the environment.systemPackages
There is no command to list that at this time (8jun2011)
But there is this workaround (tnx to niksnut!):
nix-store -q --references /var/run/current-system/sw
Run this to see package names only:
nix-store -q --references /var/run/current-system/sw | cut -d'-' -f2-
How to update installed software
Software per user nix-env -u --keep-going
If you want to update even SW that haven't changed version but something did change (deps. etc.) use
nix-env -u --keep-going --leq
Software in the environment.systemPackages
If you have updated your channel with
nix-channel --update
Or updated them manually, by hand, or pulling updates from a source control system then you can use:
nixos-rebuild switch
To update any installed packages with updated nix expressions.
Or you can use :
nixos-rebuild switch --upgrade
How to roll back software
To undo the last
nixos-rebuild switch
You can
nixos-rebuild switch --rollback
Note this does not revert configuration files like /etc/nixos/configuration.nix to their previous states so
if you do not change them by hand the next "nixos-rebuild switch" will install them again.
To see the available system generations you can pass the profile to nix-env:
nix-env -p /nix/var/nix/profiles/system --list-generations
To rollback the system to an earlier generation:
nix-env --switch-generation 3141 -p /nix/var/nix/profiles/system
/nix/var/nix/profiles/system/bin/switch-to-configuration switch
For per-user packages.
nix-env --rollback
Also see nix-env --list-generations, which will list out the number of previous generations and the time
stamp of their creation.
Manage nix-build/nix-shell
In /nix/var/nix/gcroots/auto there are links like these:
lrwxrwxrwx 1 root root 74 Jul 3 2013 182qrbs2zqkm6g4waqw4xl7pc484zyss ->
/home/joachim/Desktop/projects/nixos/nixpkgs/pkgs/desktops/kde-4.10/result/
lrwxrwxrwx 1 root root 12 Feb 1 18:23 7h9kz6xpi43rhva1alqny0hi54w6203b ->
/root/result
lrwxrwxrwx 1 root root 45 Jul 31 2013 9355idpn9cxg4xfxgwwjvrdlg481gr0s ->
/home/joachim/Desktop/projects/nix-ray/result/
lrwxrwxrwx 1 root root 47 Mar 20 00:15 964c6j34pd3b6qm418gc4j2pmwj890l7 ->
/home/joachim/Desktop/projects/nixos/nix/result/
lrwxrwxrwx 1 root root 51 Mar 20 00:50 bwj2bawqgg8v2hw41h7zyidky2wsynar ->
/home/joachim/Desktop/projects/nixos/nixpkgs/result/
lrwxrwxrwx 1 root root 32 May 12 16:19 mh0rdyn6ldcdljjzwpfzgfhmwyl7hi51 ->
/tmp/nix-build.Jyenoc/derivation
lrwxrwxrwx 1 root root 30 Aug 20 2013 q1s5wwxrnn6dc0g856vxz22lfad4gg6h ->
/home/joachim/Downloads/result/
You can remove all, which you do not need anymore BUT except this one:
lrwxrwxrwx 1 root root 43 Jun 12 2012 77pq4kkwkcsbxczg1d3hhvi4n33la519 ->
/nix/var/nix/gcroots/per-user/root/channels/
Afterwards run:
nix-store --gc
Repair your installation
Fix corrupted or missing store paths by redownloading or rebuilding them. Note that this is slow
because it requires computing a cryptographic hash of the contents of every path in the closure of the
build.
$ export NIX_REMOTE=""
$ nix-store --verify --check-contents --repair
Note: both commands need to be run as root
If these command didn't help, it may be that
$ nix-store --delete $(nix-store --verify --check-contents)
will help. It lists every corrupted path and removes it together with all reverse dependencies. This can
fail if some of corrupted files are still used by some GC roots.
nix-channels
NixOS channels are now the default mechanism for keeping NixOS up to date. (A channel is a Nix
mechanism for distributing a consistent set of Nix expressions and binaries.)
A quick summary on how to use it (official docs):
$ nix-channel --add https://nixos.org/channels/name nixos
$ nix-channel --update
$ nixos-rebuild switch
Currently there are nixos and nixpkgs unstable channels, and release-14.12 channel which only
receives security+maintenance updates.
The NixOS channel contains a copy of Nixpkgs, so after "nix-channel --update" you can install
packages via nix-env:
$ nix-env -i thunderbird
or, if you prefer the "-A" option:
$ nix-env -iA nixos.pkgs.thunderbird
The advantages of using a channel over the previous way (doing "svn up /etc/nixos/*" a.k.a. nixos-
checkout) are:
Correctness: The channel is only updated to a new revision of NixOS/Nixpkgs if it passes certain tests - specifically, if the "tested" job succeeds (http://hydra.nixos.org/job/nixos/trunk-combined/tested). So you have a reasonable certainty that the new version will actually work. By contrast, if you update to the latest revision using nixos-checkout, it's quite possible that somebody just committed something that broke the entire system.
Efficiency: The channel is only updated after all Hydra builds in that revision have finished, *and* all binaries have been mirrored. So you don't have to worry about somebody just having committed something that causes a huge recompilation.
This makes keeping NixOS up to date a rather more pleasant activity, IMHO (Eelco Dolstra).
Some things to note:
The downloaded channel sources are linked from /nix/var/nix/profiles/per-user/root/channels/nixos (which is actually in the Nix store). The $NIX_PATH environment variable contains this directory, so <nixos> and <nixpkgs> in Nix expressions resolve there unless overridden through $NIX_PATH or the "-I" flag.
In principle, you can do rollbacks on the channels profile ("nix-env -p /nix/var/nix/profiles/per-user/root/channels --rollback") if you don't like the result of a "nix-channel --update".
The NixOS installation CD no longer contains or installs /etc/nixos/{nixos,nixpkgs} but instead uses the NixOS channel. You can of course run "nixos-checkout" if you want a working tree for development. (In other news, "nixos-checkout" now accepts a argument to specify the desired location of the working trees, e.g. "nixos-checkout /home/eelco/Dev". The default location /etc/nixos may eventually go away since it's a weird location for keeping large source trees.)
To use a development tree in nixos-rebuild, just use the -I flag, e.g. "nixos-rebuild switch -I /home/eelco/Dev".
The "nixpkgs_sys" link in ~/.nix-defexpr is no longer created. Instead you can use "nixos.pkgs" in "nix-env -iA" calls, as shown above. "nixos.pkgs" is the Nixpkgs in the NixOS channel, so it's guaranteed to have binaries available.
The command "nixos-version" prints out the NixOS version you're currently running, e.g. "14.02pre-1dd0e05 (Baboon)". The version string include the NixOS and Nixpkgs revisions, respectively.
nix-channels advanced usage
Tip: often you would use nix-channel --update and maybe nixos-rebuild boot so that the newly built
system is activated after the next reboot. but say you wanted to change a very minimal setting in
your current system before the next boot, like:
network settings (dhcp vs static ip) install a service (like httpd) or anything similar
which should affect the currently executed system profile, then you have to revert to the nix-channel
version you were using to build the current system profile.
first run nixos-version
nixos-version
14.11pre52840.c347f1c (Caterpillar)
nixos-version is a simple script from '/run/current-system/sw/bin/nixos-version'. note down the version
'pre52840.c347f1c' and then do this:
for i in `find -L /nix/var/nix/profiles/per-user/root -name .version-suffix`; do
echo "$i"; echo -n " "; cat $i; echo ""; done
/nix/var/nix/profiles/per-user/root/channels-123-link/nixos/nixpkgs/.version-
suffix
pre49475.74f6be0
/nix/var/nix/profiles/per-user/root/channels-121-link/nixos/nixpkgs/.version-
suffix
pre48350.41cd2d8
/nix/var/nix/profiles/per-user/root/channels-125-link/nixos/nixpkgs/.version-
suffix
pre51468.2c0cc6c
/nix/var/nix/profiles/per-user/root/channels-128-link/nixos/nixpkgs/.version-
suffix
pre52840.c347f1c
/nix/var/nix/profiles/per-user/root/channels-122-link/nixos/nixpkgs/.version-
suffix
pre48350.41cd2d8
/nix/var/nix/profiles/per-user/root/channels-129-link/nixos/nixpkgs/.version-
suffix
pre54658.6221af5
/nix/var/nix/profiles/per-user/root/channels-127-link/nixos/nixpkgs/.version-
suffix
pre52727.5d97886
/nix/var/nix/profiles/per-user/root/channels-126-link/nixos/nixpkgs/.version-
suffix
pre52020.7bc3005
/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/.version-suffix
pre54658.6221af5
/nix/var/nix/profiles/per-user/root/channels-124-link/nixos/nixpkgs/.version-
suffix
pre50818.b5fe0d3
as it turns out, the link we were searching for was:
/nix/var/nix/profiles/per-user/root/channels-128-link/nixos/nixpkgs/.version-
suffix
pre52840.c347f1c
finally activate 128:
nix-env -p /nix/var/nix/profiles/per-user/root/channels --list-generations
nix-env -p /nix/var/nix/profiles/per-user/root/channels -G 128
and finally you can affect your current system profile with this:
nixos-rebuild switch
note: the previous nixos-rebuild boot will still listed be in GRUB but your default nix-channel is now
poiting to 128 (and not 129) so if you want to make updates you have to run nix-channel --update
again.
note: also beware of the garbage collector: running nix-collect-garbage -d will cause everything not
currently in use to be removed, after which even a small change to your config may require
rebuilding/redownloading a large number of packages which had previously been cached.
How to change the used kernel version
boot.kernelPackages # see http://hydra.nixos.org/job/nixos/trunk/manual/latest/download
For example: add
boot.kernelPackages = pkgs.linuxPackages_2_6_25;
to your /etc/nixos/configuration.nix
Or check for more recent entries by:
nix-env -qa | grep linux-2.6.
How to use a different version of a package
KDE
1. Look into pkgs/top-level/all-packages.nix (when you have checked out nixpkgs using git) and try to
find something like this:
kde4 = recurseIntoAttrs pkgs.kde47;
kde47 = kdePackagesFor pkgs.kde47 "4.7";
kde410 = kdePackagesFor pkgs.kde410 "4.10";
2. Now pick one of the versions by adding the lines below to /etc/nixos/configuration.nix:
nixpkgs.config.packageOverrides = pkgs : rec {
kde4 = pkgs.kde410;
};
3. Install all kde stuff into the envinronment.systemPackages
environment.systemPackages = with pkgs; [
zsh
linuxPackages.virtualbox
wget
kde4.kdemultimedia
kde4.kdegraphics
kde4.kdeutils
kde4.applications
kde4.kdegames
kde4.kdeedu
kde4.kdebindings
kde4.kdeaccessibility
#kde4.kde_baseapps
kde4.kactivities
kde4.kdeadmin
kde4.kdeartwork
#kde4.kde_base_artwork
kde4.kdenetwork
kde4.kdepim
kde4.kdepimlibs
kde4.kdeplasma_addons
kde4.kdesdk
kde4.kdetoys
#kde4.kde_wallpapers
kde4.kdewebdev
#kde4.oxygen_icons
kde4.kdebase_workspace
kde4.kdelibs
kde4.kdevelop
kde4.kdevplatform
];
4. Finally do:
nixos-rebuild switch
GRUB
1. Similar to the kde example search the all-packages.nix for available grub versions
2. To use a different version of grub add this line to /etc/nixos/configuration.nix
nixpkgs.config.packageOverrides = pkgs : rec { grub2 = pkgs.grub198; };
Nix Installing Packages
How to install a software package using Nix?
The easiest way to get Nix expressions is to use the community's NixPkgs repository. After setting it
up, use the nix-env command to install the packages defined there.
$ nix-channel --add http://nixos.org/channels/nixpkgs-unstable
$ nix-channel --update
$ nix-env --install hello
The nix-channel command registers URL which has a Nix expression. Then, we use nix-channel -
-update to download this Nix expression. Finally, we use the nix-env --install command to install
the "hello" package. The nix-env command installs or removes software in our environment.
How to query available software packages?
Besides the "hello" package, what else can we install? We can use the nix-env --query --
available command on the command line, or its aliases.
$ nix-env --query --available firefox
$ nix-env --query --available
$ nix-env --query --available | grep firefox
$ nix-env -q -a | grep firefox
$ nix-env -qa | grep firefox
We can also see which packages we currently have installed by using the nix-env --query --
installed command.
$ nix-env --query --installed
$ nix-env -q
The all-packages.nix file is the source of these commands, which contains the declarations and
definitions of Nix packages. The attributes in this file which are defined by the callPackage or
mkDerivation functions define a Nix package, which means we can use these attribute names to install
them on the command line. Note that the implementation of these Nix packages are stored elsewhere in
the pkgs directory, which keeps the package list easy to read.
Let's install some other packages we found in the all-packages.nix file, such as the dropbox and
bitcoin packages.
$ nix-env --install firefox
$ nix-env --install dropbox bitcoin
$ nix-env -i dropbox bitcoin
How to uninstall software packages?
And of course, we can uninstall packages by using the nix-env --uninstall command.
$ nix-env --uninstall firefox
$ nix-env -e firefox
Howto find a package in NixOS
Using the websearch
You will find many packages with options here:
http://nixos.org/nixos/options.html http://nixos.org/nixos/packages.html
Simple package query
The most straight-forward way to see a list of all available packages is to use the nix-env command.
This method is a bit slow, as every package must be evaluated when generating the list. (Note: In the
results, the first column is the package's attribute path.)
nix-env -qa [-P] [--out-path] [ -f $NIXPKGS_ALL ]
Aliases
The command to query available packages is relatively long, but we can define shortcuts or aliases. To
define a shell function as an alias, Bash-shell users can add this to their ~/.bashrc file.
queryNixPkgs(){ nix-env -qa \* -P -f $NIXPKGS_ALL | grep -i "$1"; }
Alternative:
nix?(){ nix-env -qa \* -P | fgrep -i "$1"; }
Used like:
nix? sublime
Finding a package that provides a given command/executable
On NixOS, command-not-found can be used:
[tmtynkky@nixvm:~]$ command-not-found ar
The program ‘ar’ is currently not installed. It is provided by
several packages. You can install it by typing one of the following:
nix-env -i binutils
nix-env -i elfutils
Unfortunately, there currently isn't an easy way to do this on standalone Nix.
Use nox
The program nox, installable by doing nix-env -iA nixos.pkgs.nox, is designed to let you search
for packages and choose which ones to install.
For instance, if you wanted to install htop, you would send the command nox htop and it would show
the following output (with colors if your terminal supports it):
$ nox htop
nox htop
Refreshing cache
1 htop-1.0.3 (nixos.pkgs.htop)
An interactive process viewer for Linux
2 htop-1.0.3 (nixpkgs.htop)
An interactive process viewer for Linux
Packages to install: _
You then choose which one you want, e.g. the first one, and type 1<enter>, and it'll be installed.
Install by attribute
A package can be defined in a few different ways. Sometimes, a package is implemented in a
complicated way, likely to share part of its definition with another package. In a case like this, a
package may be defined in an attribute set one level deeper than the usual package set defined in the
top-level/all-packages.nix file.
For example, the following Nix expression contains the myPackage package, defined in a deep attribute
set.
{
attr = { subattr = { subattr = { myPackage = mkDerivation ...; } } }
# Or, an alternative notation:
attr.subattr.subattr.package = mkDerivation ...;
}
Packages which are defined in a set deeper than normal can be added to a higher-level set by using the
recurseIntoAttrs function. If they are included in a higher-level set, their installation should be
simple. If not, the package can be referenced by using its full attribute path in an expression.
For example, to install the package defined in the above Nix expression, pass its full attribute path to
the nix-env program and use the -A flag.
nix-env -i -A attr.subattr.subattr.package
Indexing and searching Nix files
One method of quickly finding the attribute names of packages is to use the Ctags program, which is a
tool used for code navigation. To use this method, install the ctagsWrapped package, then use the
ctags command line program to index Nix files or directories of Nix files, such as a directory which
contains the NixPkgs repository. This package customizes a ctags installation by adding a definition for
the Nix syntax. To learn more about the Ctags program,
Howto keep multiple packages up to date at once
he standard way
to keep a set of packages up-to-date in Nix is to install them into a profile -- typically the default
profile -- and to run
nix-env -u \*
or possibly even
nix-env -u \* --always
However there are some pitfalls:
1) lowPrio packages will be used last. Thus if lowPrio is added to nixpkgs for any reason it may happen
that -u which should update packages even downgrades a package. Even experienced users do run into
this problem at least once in their life :)
2) You don't know about packages which either got renamed or removed. Then month later you depend
on something and its gone wondering why - cause you've always had it in your env.. (You can always
install old versions using hydra, still you want to know about those changes). This is one way to detect
missing or renamed packages
nix-env -i $(nix-env -q \*) --dry-run
3) nix-env -u is slow. Because it does not use attr paths all of nixpkgs has to be evaluated always.
4) It may happen that you uninstall gimp keeping gimp plugins in your env. Then you install a newer
gimp and wonder why the older plugin does no longer match the newer gimp, why it does no longer
work. You'll spend time on debugging it. Don't take me verbatim. This is an example about which kind
of issues may happen if you don't use collections for some purposes.
The collection way
The alternative is using package collections referring to packages by name. Nix offers a mechanism for
that purpose, too, namely the buildEnv function, which can be used as follows:
# ~/.nixpkgs/config.nix
{
packageOverrides = pkgs_: with pkgs_; { # pkgs_ is the original set of packages
all = with pkgs; buildEnv { # pkgs is your overriden set of packages itself
name = "all";
paths = [
gitAndTools.hub
mercurial
ncdu
haskellPackages.pandoc
wine
# …
];
};
};
}
That code snippet creates a "collection package", which consists of the union of several others, and it
can be installed by running either of the following commands:
nix-env -iA nixpkgs.all # accessed by attribute thus faster
nix-env -i all
The easiest way to update a collection is to reinstall it because nix-env -i usually replaces packages
having the same name. Thus nix-env -iA all will tell you that everything still evaluates and
everything is fine. One way to be done.
The collection name attribute usually does not include a version number, thus "nix-env -u \*" is
typically not going to update that package even if its components have changed. In that case, it is
necessary to pass the --always flag to the update operation, to evaluate everything from the ground up.
Downside: nix-env -q \* will not show the contents of a collection. You have to fall back to nix-
store -q operations or look up the contents in your ~/.nixpkgs/config.nix file
Its hard to say which way is better. Try both and use what fits your needs.
How to update when Nix is too old to evaluate Nixpkgs
If you're here because of an error message, run:
Linux:
curl -L https://hydra.nixos.org/job/nixos/trunk-combined/nixpkgs.nix.x86_64-
linux/latest-finished/nix/pkg/nix-1.10-x86_64-linux.nixpkg \
| nix-install-package --non-interactive -
Darwin / Mac:
curl -L https://hydra.nixos.org/job/nixpkgs/trunk/nix.x86_64-darwin/latest-
finished/nix/pkg/nix-1.10-x86_64-darwin.nixpkg \
| nix-install-package --non-interactive -
Note: If you are on an arm platform there is no hydra build. In that case contact develpers on irc
#nixos or ask on the mailing list.
Note: If you are using a non-standard nix install location and cannot use cached binaries, this won't
work.
To find out why read below:
The latest version of Nixpkgs may use features which are not available in our version of Nix. The result
of this is being unable to install or reference packages from Nixpkgs. For example, the current Nixpkgs
uses features of Nix 1.10, but we may only have Nix 1.8. To resolve this situation, we must acquire a
newer version of Nix.
Contents
1 Upgrading NixOS 2 Upgrading Nix
o 2.1 Installing via Browser o 2.2 Installing via Command Line
2.2.1 Trusted Binary Caches 3 Developers tips
Upgrading NixOS
nixos-rebuild automatically fetches and uses the latest version of Nix (as long as you don't use the -
-fast option), so no special action is required.
Upgrading Nix
To upgrade Nix, we must obtain the newer version's binaries. There are two easy ways to do this, both
of which fetch the binaries directly from the Nix project's build server. This method doesn't require
evaluating Nixpkgs, so it works great for upgrading the Nix program, itself.
Installing via Browser
If we have a browser installed on the target platform, we can open the page for the latest nix available
for our platform x86_64, i686 hosted by the Nix project's build server, and click the "One-click Install"
link. This links to a file having a .nixpkg file extension, which should be set up to be handled by the
nix-install-package program.
Installing via Command Line
If the platform doesn't have a browser installed, which is a common case for servers, we can directly
use the nix-install-package program. See the commands at the top of the page to accomplish this.
If you are running a 32bit system you have to replace x86_64 with i686.
Trusted Binary Caches
The recommended method for upgrading Nix is by using the nix-install-package program. This
program uses the "nix.conf" file to verify that the URL is included in the "trusted_binary_caches".
Running nix-install-package as root is not constrained in this manner, but it will only install the
specified package for the root user, rather than for our normal user account.
Therefore, if our installation is rejected due to being hosted by an untrusted host, we must add the
hostname to the "nix.conf" file. For NixOS users, add the hostname to the nix.trustedBinaryCaches
configuration option and rebuild the machine. For users of other OSs, manually edit the "nix.conf" file,
usually found in the /etc/nix/ directory.
Developers tips
Sometimes developers use their own nixpkgs trees.
nixos-rebuild reads _NIXOS_REBUILD_REEXEC variable. Setting it to non-zero instructs system-wide nixos-rebuild to re-exec it's version from the developer's tree.
OpenSSH
Installation nix-env -i openssh
Tips and Tricks
Key based authentication ssh-keygen -t rsa
ssh-copy-id -i id_rsa.pub [email protected]
Samba
this guide will help you on how to use samba on nixos.
excerpt of /etc/nixos/configuration.nix services.samba = {
enable = true;
shares = {
data =
{ path = "/srv/data";
"read only" = "yes";
browseable = "yes";
"guest ok" = "no";
"valid users" = "myuser";
};
};
extraConfig = ''
guest account = nobody
map to guest = bad user
'';
};
To setup a public share, try this magic:
services.samba = {
enable = true;
shares = {
Videos =
{ path = "/home/me/Videos";
"read only" = "yes";
browseable = "yes";
"guest ok" = "yes";
};
};
extraConfig = ''
guest account = smbguest
map to guest = bad user
'';
};
If your firewall is enabled, or if you want to consider enabling it:
networking.firewall.enable = true;
networking.firewall.allowPing = true;
networking.firewall.allowedTCPPorts = [ 445 139 ];
networking.firewall.allowedUDPPorts = [ 137 138 ];
Note: In order to affect your system by your nix-language-specific changes you have to evaluate it,
run (as root):
$ nixos-rebuild switch
samba should startup afterwards
stopping/restarting the services stop samba
start samba
restart samba
Wordpress
this guide shows how to manage a single wordpress instance. if you need more than one instance, it
needs to be extended using a unique id system like in mediawiki.nix.
httpd extraSubservices example
add this to your configuration.nix file:
let
wordpress-generate = type: namee: version: sha256s:
pkgs.stdenv.mkDerivation rec {
name = "${namee}-wordpress-${type}";
src = pkgs.fetchsvn rec {
url = if (type == "plugin") then
"http://plugins.svn.wordpress.org/${namee}/tags/${version}"
else if (type == "theme") then
"http://themes.svn.wordpress.org/${namee}/${version}"
else
"";
sha256 = sha256s;
};
installPhase = "mkdir -p $out; cp -R * $out/";
};
addFromServerPlugin = wordpress-generate "plugin" "add-from-server" "3.2.0.3"
"0d05c78sakj0b2mf0k0cq5r3qbg0xbw6i67mc8za4y9c5lp7am19";
wordpressImporterPlugin = wordpress-generate "plugin" "wordpress-importer"
"0.6.1" "0shf5i9x8hr7mnxhrlmd5vb4v891p36cfnqrl7pyppv9dibdxjaf";
tinyMCEAdvancedPlugin = wordpress-generate "plugin" "tinymce-advanced" "4.1.9"
"03xlyf184i037ka5rymgnj2blza5k2kl9fykd05rh4z18q1x4cih";
polylangPlugin = wordpress-generate "plugin" "polylang" "1.7.5"
"1fy47jyyj5mlpgq9340zdrn0s0gpbkfg2hvjz9l3y26h5skkvgmh";
postgresqlForWordpressPlugin = wordpress-generate "plugin" "postgresql-for-
wordpress" "1.3.1"
"f11a5d76af884c7bec2bc653ed5bd29d3ede9a8657bd67ab7824e329e5d809e8";
responsiveTheme = wordpress-generate "theme" "responsive" "1.9.7.6"
"07g19jzjdshhnsaigl5wapnnnnsmxjwz6x7rqf310fdz28wcz14w";
responsiveMobileTheme = wordpress-generate "theme" "responsive-mobile" "0.0.6"
"0li307p3n483lxy0dw92gkxiqsv0gsgnsldpqxnlc9j21czrj401";
in
...
######### <wordpress using httpd> #########################################
# nix-env -qaP mysql
services.mysql = {
enable = true;
package = pkgs.mysql;
};
services.httpd = {
enable = true;
logPerVirtualHost = true;
adminAddr="[email protected]";
extraModules = [
{ name = "php5"; path = "${pkgs.php}/modules/libphp5.so"; }
];
virtualHosts = [
# webservice5 (http)
{
hostName = "webservice5";
serverAliases = [ "webservice5" "www.webservice5" ];
extraSubservices =
[
{
serviceType = "wordpress";
dbPassword = "wordpress";
wordpressUploads = "/data/uploads";
themes = [ responsiveTheme responsiveMobileTheme ];
plugins = [ polylangPlugin wordpressImporterPlugin
tinyMCEAdvancedPlugin addFromServerPlugin ];
languages = [ "de_DE" "en_GB" ];
}
];
}
];
};
######### </wordpress using httpd> ###########################
Note: In order to affect your system by your nix-language-specific changes you have to evaluate it,
run (as root):
$ nixos-rebuild switch
zabbix
Zabbix is an enterprise open source monitoring solution for networks and applications. It is designed to
monitor and track the status of various network services, servers, and other network hardware.
the setup
networking = {
firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
};
};
services.httpd = {
enable = true;
hostName = "localhost";
adminAddr = "[email protected]";
virtualHosts = [
{ hostName = "zabbix";
extraSubservices = pkgs.lib.singleton {
serviceType = "zabbix";
hostName = "webhost1";
urlPrefix = "";
configFile = pkgs.writeText "zabbix.conf.php" ''
<?php
global $DB;
$DB['TYPE'] = 'POSTGRESQL';
$DB['SERVER'] = ''';
$DB['PORT'] = '0';
$DB['DATABASE'] = 'zabbix';
$DB['USER'] = 'zabbix';
$DB['PASSWORD'] = ''';
$DB['SCHEMA'] = ''';
$ZBX_SERVER = 'localhost';
$ZBX_SERVER_PORT = '10051';
$ZBX_SERVER_NAME = ''';
$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
?>
'';
};
}
];
};
services.zabbixServer.enable = true;
services.zabbixServer.dbServer = "";
services.zabbixAgent.enable = true;
services.postgresql = {
enable = true;
package = pkgs.postgresql92;
authentication = pkgs.lib.mkOverride 10 ''
local zabbix all ident map=zabbix
local all all ident
'';
identMap = ''
zabbix zabbix zabbix
zabbix ${config.services.httpd.user} zabbix
'';
extraConfig = ''
listen_addresses = '''
'';
};
Note: In order to affect your system by your nix-language-specific changes you have to evaluate it,
run (as root):
$ nixos-rebuild switch
default user
your first login on http://localhost/zabbix
user: Admin
pass: zabbix