NixOS
Table of Contents
NixOS
Notes on running in OpenBSD VMM
Installation
Install was surprisingly easy! I basically told grub to use the serial console, and everything else JustWorked™!
Some things I needed to do:
- Use MBR. This is a limitation of VMM.
- NixOS sees the disk as
/dev/vda - In
/etc/nixos/configuration.nix- Tell kernel to use the serial console with
boot.kernelParams = [ "console=ttyS0,115200n8" ];. - Set
networking.interfaces.enp0s2.macAddressso that I can get specific IPs from dhcpd.
- Tell kernel to use the serial console with
Notes on running
The clock runs incredibly slow! About 10 real seconds for one second on the VM.
This can be fixed by running a Linux kernel module or via a patch that teaches Linux how to use VMM's clock.
/etc/nixos/configuration.nix
{ config, pkgs, options, ... }:
{
imports =
[
./hardware-configuration.nix
];
# boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelPatches = [
{
name = "pd-time-fix";
patch = ./pd.diff;
}
];
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/vda";
boot.kernelParams = [
"console=ttyS0,115200n8"
];
# No IPv6
networking.enableIPv6 = false;
networking.hostName = "nx";
networking.wireless.enable = false;
networking.interfaces.enp0s2.useDHCP = true;
networking.interfaces.enp0s2.macAddress = "fe:e1:bb:d1:1d:47";
networking.timeServers = options.networking.timeServers.default;
services.openntpd.enable = true;
time.timeZone = "US/Mountain";
environment.systemPackages = with pkgs; [
fish
fzf
git
man
vim
go
];
services.openssh = {
enable = true;
permitRootLogin = "prohibit-password";
};
networking.firewall.allowedTCPPorts = [ 22 ];
services.xserver.enable = false;
# services.xserver.layout = "us";
users.users.root = {
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDEKElNAm/BhLnk4Tlo00eHN5bO131daqt2DIeikw0b2AAAABHNzaDo= qbit@litr.bold.daemon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZExBj4QByLZSyKJ5+fPQnqDNrbsFz1IQWbFqCDcq9g qbit@ren.bold.daemon"
];
};
programs.fish.enable = true;
users.users.qbit = {
isNormalUser = true;
home = "/home/qbit";
shell = pkgs.fish;
description = "Aaron Bieber";
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDEKElNAm/BhLnk4Tlo00eHN5bO131daqt2DIeikw0b2AAAABHNzaDo= qbit@litr.bold.daemon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZExBj4QByLZSyKJ5+fPQnqDNrbsFz1IQWbFqCDcq9g qbit@ren.bold.daemon"
];
};
system.stateVersion = "20.03";
}
Examples
Use an unstable package
nixpkgs.overlays =
[ (self: super: {
vaultwarden = unstable.vaultwarden;
}) ];