History

Tom Hubrecht ea27842782 All checks were successful Check meta / check_meta (pull_request) Successful in 21s Details Check meta / check_dns (pull_request) Successful in 21s Details Check workflows / check_workflows (push) Successful in 22s Details Check workflows / check_workflows (pull_request) Successful in 28s Details Build all the nodes / netaccess01 (pull_request) Successful in 31s Details Build all the nodes / netcore01 (pull_request) Successful in 32s Details Build the shell / build-shell (pull_request) Successful in 31s Details Build all the nodes / netcore02 (pull_request) Successful in 35s Details Build all the nodes / netcore00 (pull_request) Successful in 35s Details Run pre-commit on all files / pre-commit (pull_request) Successful in 36s Details Build all the nodes / ap01 (pull_request) Successful in 47s Details Build all the nodes / bridge01 (pull_request) Successful in 1m5s Details Build all the nodes / hypervisor02 (pull_request) Successful in 1m10s Details Build all the nodes / build01 (pull_request) Successful in 1m13s Details Build all the nodes / geo01 (pull_request) Successful in 1m19s Details Build all the nodes / hypervisor01 (pull_request) Successful in 1m23s Details Build all the nodes / tower01 (pull_request) Successful in 1m29s Details Build all the nodes / storage01 (pull_request) Successful in 1m34s Details Build all the nodes / geo02 (pull_request) Successful in 1m39s Details Build all the nodes / hypervisor03 (pull_request) Successful in 1m39s Details Build all the nodes / cof02 (pull_request) Successful in 1m41s Details Build all the nodes / web02 (pull_request) Successful in 1m44s Details Build all the nodes / vault01 (pull_request) Successful in 1m48s Details Build all the nodes / rescue01 (pull_request) Successful in 1m50s Details Build all the nodes / web03 (pull_request) Successful in 1m50s Details Build all the nodes / compute01 (pull_request) Successful in 2m2s Details Build all the nodes / iso (pull_request) Successful in 2m3s Details Build all the nodes / web01 (pull_request) Successful in 2m4s Details Check meta / check_meta (push) Successful in 18s Details Check meta / check_dns (push) Successful in 23s Details Build the shell / build-shell (push) Successful in 32s Details Build all the nodes / netcore02 (push) Successful in 33s Details Run pre-commit on all files / pre-commit (push) Successful in 32s Details Build all the nodes / netaccess01 (push) Successful in 33s Details Build all the nodes / netcore00 (push) Successful in 33s Details Build all the nodes / netcore01 (push) Successful in 33s Details Build all the nodes / ap01 (push) Successful in 47s Details Build all the nodes / build01 (push) Successful in 1m3s Details Build all the nodes / geo01 (push) Successful in 1m10s Details Build all the nodes / bridge01 (push) Successful in 1m11s Details Build all the nodes / hypervisor02 (push) Successful in 1m11s Details Build all the nodes / geo02 (push) Successful in 1m26s Details Build all the nodes / web02 (push) Successful in 1m30s Details Build all the nodes / storage01 (push) Successful in 1m32s Details Build all the nodes / hypervisor01 (push) Successful in 1m36s Details Build all the nodes / hypervisor03 (push) Successful in 1m40s Details Build all the nodes / web03 (push) Successful in 1m44s Details Build all the nodes / iso (push) Successful in 1m49s Details Build all the nodes / compute01 (push) Successful in 1m49s Details Build all the nodes / rescue01 (push) Successful in 1m49s Details Build all the nodes / tower01 (push) Successful in 1m54s Details Build all the nodes / cof02 (push) Successful in 2m2s Details Build all the nodes / vault01 (push) Successful in 2m8s Details Build all the nodes / web01 (push) Successful in 2m43s Details feat(iso): Add README		2025-04-25 14:40:32 +02:00
..
_configuration.nix	feat(iso): place iso inside hive	2025-04-25 10:08:43 +02:00
README.md	feat(iso): Add README	2025-04-25 14:40:32 +02:00

README.md

ISO Installation

Once the iso is booted, there are several steps to take:

Partition the disk

Mount the partions

mount $rootDevice /mnt
mkdir /mnt/boot
mount $bootDevice /mnt/boot

swapon $swapDevice

nixos-generate-config --root /mnt

Setup the base configuration

export NIX="/mnt/etc/nixos/"

mv $NIX/configuration.nix $NIX/base-configuration.nix

Edit a new file configuration.nix with the following contents:

{ pkgs, ... }:

{
  imports = [ ./base-configuration.nix ];

  boot = {
    tmp.cleanOnBoot = true;
  };

  console.keyMap = "fr";

  time.timeZone = "Europe/Paris";

  environment.systemPackages = with pkgs; [
    neovim
    wget
    kitty.terminfo
  ];

  # Activate SSH and set the keys
  services.openssh = {
    enable = true;

    settings.PasswordAuthentication = false;
  };

  users.users.root.openssh.authorizedKeys.keyFiles = [ ./rootKeys ];
}

ZFS setup

If ZFS is to be installed (e.g. for large servers), add to the configuration:

  boot = {
    supportedFilesystems = [ "zfs" ];
    zfs.forceImportRoot = false;
    zfs.extraPools = [
      ...
    ];
  };

  networking.hostId = ...;

Where the list of pools to include is obtained with:

zpool list -Ho name | sed 's/^/"/;s/$/"/'

and the host id with:

head -c4 /dev/urandom | od -A none -t x4 | sed 's/ //'

Setup the network configuration

Add the network configuration:

  networking = {
    hostName = "${name}";
    domain = "${site}.infra.dgnum.eu";

    useNetworkd = true;
  };

  systemd.network.networks = {
    "10-${interface}" = {
      name = ${interface};
      address = [ "${address}/${prefix}" ];
      routes = [ { Gateway = "..." ; GatewayOnLink = true; } ];
      dns = [ ... ];
    };
  };

If the default DNS are accessible, set them to:

[
  "1.1.1.1#cloudflare-dns.com"
  "8.8.8.8#dns.google"
  "1.0.0.1#cloudflare-dns.com"
  "8.8.4.4#dns.google"
]

Otherwise (in Jourdan especially), set them to the local DNS.

Copy the ssh keys

cp /etc/ssh/authorized_keys.d/root $NIX/rootKeys

Perform the installation

nixos-install