I am trying to install NixOS 22.11 on a microSD card, with zfs and luks encryption. The architecture of the installation medium is detected as x86_64; the architecture of the target is detected as i386-PC. I am trying to boot on legacy BIOS firmware. My configuration.nix options are:
imports = [./hardware-configuration.nix]
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/mmcblk1";
boot.loader.grub.zfsSupport = true;
boot.initrd.luks.devices = {
crypted = {
device = "/dev/disk/by-uuid/[long uuid]";
preLVM = true;
allowDiscards = true;
};
};
networking.hostName = "nixos";
networking.networkManager.enable = true;
networking.hostId = "adb3dfa5";
I cannot get logs of these stalled boots: journalctl returns no entries, and disabling the splash image and setting grub to text-only just gets me a black screen. Booting from grub’s command line, it also stalls after I enter the command boot. Does anyone know what the problem here might be and how to fix it?
Can you post the hardware-configuration.nix? Do you have a separate partition for /boot? Or is Grub boot directly off the ZFS+LUKS partition? If so, that could be your issue because A) Grub’s LUKS support is extremely slow, and B) Grub’s ZFS support is incomplete so your pool has to severely limit the ZFS feature flags it has enabled.
I have a separate partition for /boot; that one is VFAT, no LUKS.
The hardware configuration is:
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = ["xhci_pci" "usb_storage" "sd_mod" "sdhci_pci"];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "rpool/local/root";
fsType = "zfs";
};
fileSystems."/nix" = {
device = "rpool/local/nix";
fsType = "zfs";
};
fileSystems."/home" = {
device = "rpool/safe/home";
fsType = "zfs";
};
fileSystems."/persist" = {
device = "rpool/safe/persist";
fsType = "zfs";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/[boot uuid]";
fsType = "vfat";
};
swapDevices = [ ];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
@ElvishJerricco Can you figure anything out based on this? If not, what else do you need?
I don’t really know, sorry. Everything looks ok to me. You can get rid of boot.loader.grub.zfsSupport = true if you have /boot on its own partition, but I doubt that would affect anything.
Is it relevant at all that the laptop I am using is/was ChromeOS, with RW_LEGACY boot installed so I can boot from external devices?
Sometimes (I’m not sure what config options did this, or if it’s just transient) I am asked to enter my encryption password before the splash screen. Other times, I’m not. That might also be relevant, but I’m not sure.
When you say “splash” what exactly do you mean? Do you have plymouth enabled? Either disable plymouth or hit escape to view the text console instead, because whatever’s going on will be displayed there.
It shows the nixos logo and the word “NixOS” in a large font in the top left (it showed this when selecting GRUB config as well), and nothing else. I haven’t deliberately enabled plymouth. Nothing changes when I press escape at that point. I do in fact press escape earlier in the boot process to bring up a menu of which device to boot from and select the microSD card.
Also, I have to hold the power button to turn the computer offf at that point.
Oh, I don’t think that’s a splash. I think that’s just the last thing grub displays before trying to start NixOS.
My first guess is that it is booting, but just not displaying the console because you need a console=... kernel parameter, but I have no earthly idea what value would work for you.
the architecture of the target is detected as i386-PC
What do you mean by this? How are you determining this?
It says so when I run nixos-install:
Installing the GRUB2 boot loader on /dev/mmcbk1...
Installing for the i386-pc platform.
I think that’s just a grub-ism. It should be properly configured for x86_64. So yea, I’m back to thinking it’s probably a console= parameter of some kind… hopefully. If you write your configuration to enable an SSH server, you can test this by seeing if the machine shows up on the network and trying to SSH into it. If you can do that, then it’s just that the console isn’t showing up, but it is booting.
Is there a way to connect the machine to the network then? Even if I set services.tmate-ssh-server.enable = true; , the machine has to be connected to the network to SSH into it.
@ElvishJerricco I still have no idea how I’d be able to SSH into the rebooted machine, given ther’s no opportunity to connect it to the network during the boot.
I now have boot.loader.grub.enableCryptodisk = true;, and recreated my zpool to only have feaures compatible with grub, as described at ZFS - ArchWiki . No change.
Those were not necessary steps. If your /boot file system is not on ZFS, you don’t need to limit the pool to grub-compatible features. And if /boot is not on LUKS, then you don’t need to enable cryptodisk.
Noted; I guess it’s a similar case to boot.loader.grub.zfsSupport.
What hardware is this on btw? Is it a bog standard PC? Or an x86_64 Chrome Book? Or what? What kind of graphics?
x86_64 Chrome Book, AFAICT. Made by ASUS. I installed RW_LEGACY boot from mr chromebox. When I boot the device, I have to press Ctrl+L to exit developer mode and go to legacy boot, where I then select a device to boot from.