jacobpascual/openzfs-docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update NixOS configuration, clean up RHEL, Fedora, Arch guide mount section

Browse Source 
Closes #397

Signed-off-by: Maurice Zhou <jasper@apvc.uk>
This commit is contained in:
Maurice Zhou
2023-03-16 14:37:09 +01:00
committed by George Melikov
parent a69befb2ce
commit b6cf700f62
14 changed files with 130 additions and 626 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/Getting Started/NixOS/Root on ZFS/1-preparation.rst
View File

@@ -42,6 +42,9 @@ Preparation
INST_PARTSIZE_SWAP=4
It is recommeneded to set this value higher if your computer has
less than 8GB of memory, otherwise ZFS might fail to build.
Root pool size, use all remaining disk space if not set::
INST_PARTSIZE_RPOOL=

84
docs/Getting Started/NixOS/Root on ZFS/3-system-configuration.rst
View File

@@ -6,18 +6,25 @@ System Configuration
.. contents:: Table of Contents
:local:
#. Download system configuration from this repo::
#. Enter ephemeral nix-shell with git support::
mkdir -p /mnt/etc/nixos/
curl -o /mnt/etc/nixos/configuration.nix -L \
https://github.com/openzfs/openzfs-docs/raw/master/docs/Getting%20Started/NixOS/Root%20on%20ZFS/configuration.nix
mkdir -p /mnt/etc/
echo DISK=$DISK > ~/disk
nix-shell -p git
#. Clone template flake configuration::
source ~/disk
git clone https://github.com/ne9z/dotfiles-flake.git /mnt/etc/nixos
git -C /mnt/etc/nixos checkout openzfs-guide
#. Customize configuration to your hardware::
for i in $DISK; do
sed -i \
"s|PLACEHOLDER_FOR_DEV_NODE_PATH|\"${i%/*}/\"|" \
/mnt/etc/nixos/configuration.nix
"s|/dev/disk/by-id/|${i%/*}/|" \
/mnt/etc/nixos/hosts/exampleHost/default.nix
break
done
@@ -25,11 +32,12 @@ System Configuration
for i in $DISK; do
diskNames="$diskNames \"${i##*/}\""
done
tee -a /mnt/etc/nixos/machine.nix <<EOF
{
bootDevices = [ $diskNames ];
}
EOF
sed -i "s|\"bootDevices_placeholder\"|$diskNames|g" \
/mnt/etc/nixos/hosts/exampleHost/default.nix
sed -i "s|\"hostId_placeholder\"|\"$(head -c4 /dev/urandom | od -A none -t x4| sed 's| ||g')\"|g" \
/mnt/etc/nixos/hosts/exampleHost/default.nix
#. Set root password::
@@ -38,16 +46,42 @@ System Configuration
Declare password in configuration::
sed -i \
"s|PLACEHOLDER_FOR_ROOT_PWD_HASH|\""${rootPwd}"\"|" \
/mnt/etc/nixos/configuration.nix
"s|rootHash_placeholder|${rootPwd}|" \
/mnt/etc/nixos/hosts/exampleHost/default.nix
#. Optional: enable NetworkManager for easier wireless configuration and enable desktop
environments. See ``man configuration.nix`` for details. By default, the system is
installed without any other software.
#. If using a system architecture other than amd64 (x86_64-linux), such as
``aarch64-linux``, change architecture in
``/mnt/etc/nixos/flake.nix``.
#. Optional: add SSH public key for root and change host name in
``/mnt/etc/nixos/hosts/exampleHost/default.nix``.
#. From now on, the complete configuration of the system will be
tracked by git, set a user name and email address to continue::
git -C /mnt/etc/nixos config user.email "you@example.com"
git -C /mnt/etc/nixos config user.name "Alice Q. Nixer"
#. Commit changes to local repo::
git -C /mnt/etc/nixos commit -asm 'initial installation'
#. Exit ephemeral nix shell with git::
exit
#. Update flake lock file to track latest system version::
nix \
--extra-experimental-features 'nix-command flakes' \
flake update --commit-lock-file \
"git+file:///mnt/etc/nixos"
#. Install system and apply configuration::
nixos-install --no-root-passwd --root /mnt
nixos-install --no-root-passwd --flake "git+file:///mnt/etc/nixos#exampleHost"
If the host name was changed, use the new host name in this command.
#. Unmount filesystems::
@@ -58,12 +92,13 @@ System Configuration
reboot
#. Optional: manage system configuration with git.
#. NetworkManager is enabled by default. To manage network
connections, execute::
#. Optional: immutable root filesystem can be enabled by
using this `configuration file
<https://github.com/openzfs/openzfs-docs/raw/master/docs/Getting%20Started/NixOS/Root%20on%20ZFS/configuration-immutable.nix>`__.
Apply your own hardware configuration in this file,
nmtui
#. Optional: immutable root filesystem can be enabled by setting
``my.boot.immutable`` option to ``true``.
then execute::
nixos-rebuild boot
@@ -161,9 +196,10 @@ replaced with the following procedure.
Let the new disk resilver. Check status with ``zpool status``.
#. Update NixOS system configuration::
#. Update NixOS system configuration and commit changes to git repo::
sed -i "s|${BAD##*/}|${NEW##*/}|" /etc/nixos/machine.nix
sed -i "s|${BAD##*/}|${NEW##*/}|" /etc/nixos/hosts/exampleHost/default.nix
git -C /etc/nixos commit
#. Apply the updated NixOS system configuration, reinstall bootloader, then reboot::

254
docs/Getting Started/NixOS/Root on ZFS/configuration-immutable.nix
View File

@@ -1,254 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, modulesPath, ... }:
let
zfsRoot.partitionScheme = {
biosBoot = "-part5";
efiBoot = "-part1";
swap = "-part4";
bootPool = "-part2";
rootPool = "-part3";
};
zfsRoot.devNodes = PLACEHOLDER_FOR_DEV_NODE_PATH; # MUST have trailing slash! /dev/disk/by-id/
zfsRoot.bootDevices = (import ./machine.nix).bootDevices;
zfsRoot.mirroredEfi = "/boot/efis/";
in {
# adjust according to your platform, such as
imports = [
# (modulesPath + "/profiles/qemu-guest.nix")
# (modulesPath + "/profiles/all-hardware.nix")
(modulesPath + "/installer/scan/not-detected.nix")
];
systemd.services.zfs-mount.enable = false;
# networking.hostName = "nixos"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
# };
# Configure keymap in X11
# services.xserver.layout = "us";
# services.xserver.xkbOptions = {
# "eurosign:e";
# "caps:escape" # map caps to escape.
# };
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# Define a user account. Don't forget to set a password with passwd.
# users.users.alice = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = with pkgs; [
# firefox
# thunderbird
# ];
# };
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs;
[
# vim
## Do not forget to add an editor to edit configuration.nix!
## The Nano editor is also installed by default.
# wget
mg
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = false;
users.users.root = {
##hash: mkpasswd -m SHA-512 -s
initialHashedPassword = PLACEHOLDER_FOR_ROOT_PWD_HASH;
openssh.authorizedKeys.keys = [
];
};
programs.git.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"virtio_blk"
"ehci_pci"
"nvme"
"uas"
"sd_mod"
"sr_mod"
"sdhci_pci"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems = {
"/" = {
device = "rpool/nixos/empty";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
"/oldroot" = {
device = "rpool/nixos/root";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
neededForBoot = true;
};
"/nix" = {
device = "/oldroot/nix";
fsType = "none";
options = [ "bind" "X-mount.mkdir" ];
};
"/etc/nixos" = {
device = "/oldroot/etc/nixos";
fsType = "none";
options = [ "bind" "X-mount.mkdir" ];
};
"/home" = {
device = "rpool/nixos/home";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
"/var/lib" = {
device = "rpool/nixos/var/lib";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
"/var/log" = {
device = "rpool/nixos/var/log";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
"/boot" = {
device = "bpool/nixos/root";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
} // (builtins.listToAttrs (map (diskName: {
name = zfsRoot.mirroredEfi + diskName + zfsRoot.partitionScheme.efiBoot;
value = {
device = zfsRoot.devNodes + diskName + zfsRoot.partitionScheme.efiBoot;
fsType = "vfat";
options = [
"x-systemd.idle-timeout=1min"
"x-systemd.automount"
"noauto"
"nofail"
];
};
}) zfsRoot.bootDevices));
swapDevices = (map (diskName: {
device = zfsRoot.devNodes + diskName + zfsRoot.partitionScheme.swap;
discardPolicy = "both";
randomEncryption = {
enable = true;
allowDiscards = true;
};
}) zfsRoot.bootDevices);
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.networkmanager.enable = true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
boot.supportedFilesystems = [ "zfs" ];
networking.hostId = "abcd1234";
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
boot.loader.efi.efiSysMountPoint = with builtins;
(zfsRoot.mirroredEfi + (head zfsRoot.bootDevices) + zfsRoot.partitionScheme.efiBoot);
boot.zfs.devNodes = zfsRoot.devNodes;
boot.loader.efi.canTouchEfiVariables = false;
boot.loader.generationsDir.copyKernels = true;
boot.loader.grub.efiInstallAsRemovable = true;
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.copyKernels = true;
boot.loader.grub.efiSupport = true;
boot.loader.grub.zfsSupport = true;
boot.loader.grub.extraInstallCommands = with builtins;
(toString (map (diskName:
"cp -r " + config.boot.loader.efi.efiSysMountPoint + "/EFI" + " "
+ zfsRoot.mirroredEfi + diskName + zfsRoot.partitionScheme.efiBoot + "\n")
(tail zfsRoot.bootDevices)));
boot.loader.grub.devices =
(map (diskName: zfsRoot.devNodes + diskName) zfsRoot.bootDevices);
boot.initrd.postDeviceCommands = ''
if ! grep -q zfs_no_rollback /proc/cmdline; then
zpool import -N rpool
zfs rollback -r rpool/nixos/empty@start
zpool export -a
fi
'';
}

227
docs/Getting Started/NixOS/Root on ZFS/configuration.nix
View File

@@ -1,227 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, modulesPath, ... }:
let
zfsRoot.partitionScheme = {
biosBoot = "-part5";
efiBoot = "-part1";
swap = "-part4";
bootPool = "-part2";
rootPool = "-part3";
};
zfsRoot.devNodes = PLACEHOLDER_FOR_DEV_NODE_PATH; # MUST have trailing slash! /dev/disk/by-id/
zfsRoot.bootDevices = (import ./machine.nix).bootDevices;
zfsRoot.mirroredEfi = "/boot/efis/";
in {
# adjust according to your platform, such as
imports = [
# (modulesPath + "/profiles/qemu-guest.nix")
# (modulesPath + "/profiles/all-hardware.nix")
(modulesPath + "/installer/scan/not-detected.nix")
];
systemd.services.zfs-mount.enable = false;
# networking.hostName = "nixos"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
# };
# Configure keymap in X11
# services.xserver.layout = "us";
# services.xserver.xkbOptions = {
# "eurosign:e";
# "caps:escape" # map caps to escape.
# };
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# Define a user account. Don't forget to set a password with passwd.
# users.users.alice = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = with pkgs; [
# firefox
# thunderbird
# ];
# };
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs;
[
# vim
## Do not forget to add an editor to edit configuration.nix!
## The Nano editor is also installed by default.
# wget
mg
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = false;
users.users.root = {
##hash: mkpasswd -m SHA-512 -s
initialHashedPassword = PLACEHOLDER_FOR_ROOT_PWD_HASH;
openssh.authorizedKeys.keys = [
];
};
programs.git.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"virtio_blk"
"ehci_pci"
"nvme"
"uas"
"sd_mod"
"sr_mod"
"sdhci_pci"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems = {
"/" = {
device = "rpool/nixos/root";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
"/home" = {
device = "rpool/nixos/home";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
"/var/lib" = {
device = "rpool/nixos/var/lib";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
"/var/log" = {
device = "rpool/nixos/var/log";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
"/boot" = {
device = "bpool/nixos/root";
fsType = "zfs";
options = [ "X-mount.mkdir" ];
};
} // (builtins.listToAttrs (map (diskName: {
name = zfsRoot.mirroredEfi + diskName + zfsRoot.partitionScheme.efiBoot;
value = {
device = zfsRoot.devNodes + diskName + zfsRoot.partitionScheme.efiBoot;
fsType = "vfat";
options = [
"x-systemd.idle-timeout=1min"
"x-systemd.automount"
"noauto"
"nofail"
];
};
}) zfsRoot.bootDevices));
swapDevices = (map (diskName: {
device = zfsRoot.devNodes + diskName + zfsRoot.partitionScheme.swap;
discardPolicy = "both";
randomEncryption = {
enable = true;
allowDiscards = true;
};
}) zfsRoot.bootDevices);
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.networkmanager.enable = true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
boot.supportedFilesystems = [ "zfs" ];
networking.hostId = "abcd1234";
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
boot.loader.efi.efiSysMountPoint = with builtins;
(zfsRoot.mirroredEfi + (head zfsRoot.bootDevices) + zfsRoot.partitionScheme.efiBoot);
boot.zfs.devNodes = zfsRoot.devNodes;
boot.loader.efi.canTouchEfiVariables = false;
boot.loader.generationsDir.copyKernels = true;
boot.loader.grub.efiInstallAsRemovable = true;
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.copyKernels = true;
boot.loader.grub.efiSupport = true;
boot.loader.grub.zfsSupport = true;
boot.loader.grub.extraInstallCommands = with builtins;
(toString (map (diskName:
"cp -r " + config.boot.loader.efi.efiSysMountPoint + "/EFI" + " "
+ zfsRoot.mirroredEfi + diskName + zfsRoot.partitionScheme.efiBoot + "\n")
(tail zfsRoot.bootDevices)));
boot.loader.grub.devices =
(map (diskName: zfsRoot.devNodes + diskName) zfsRoot.bootDevices);
}