How do I actually run a successful installation with nixos-anywhere?

iFreilicht · July 22, 2024, 5:32pm

I’ve been struggling now for a while to get nixos-anywhere to run an installation in such a way that the resulting system is bootable.

For reference, my configuration can be found here.

First issue was that it rebooted despite not being successful when setting the boot partition. My fault, but annoying. Next issue I faced was that the swapfile wasn’t created automatically (not sure why, but the systemd unit hung forever), which I bypassed with swapDevices = pkgs.lib.mkForce [ ];.

Then I found that even a successful installation will not allow you to set a root password like nixos-install usually would. Now I tried running the installation like this:

$ nix run github:nix-community/nixos-anywhere -- --build-on-remote --no-reboot --flake path:$PWD#junction root@nixos

Which gets me stuck again. I can log in with ssh root@nixos afterwards, but all the drives have been unmounted already. No worries, I do a quick mount /dev/sdf2 /mnt. But now:

$ passwd --root /mnt felix
passwd: pam_start() failed, error 26

I feel like I’m seriously holding it wrong. This shouldn’t be so difficult, and many people are using nixos-anywhere to great effect for fully automated installs, so it’s definitely possible somehow.

Am I supposed to set the root password in some other way? Is there some hidden way that allows me to add additional ssh command during the installation process maybe?

misuzu · July 22, 2024, 6:16pm

Try this: sudo nixos-enter --root /mnt -c 'passwd felix'
I’d use ssh keys though

iFreilicht · July 23, 2024, 5:16am

I am using ssh keys, but AFAICT at least root needs a password, otherwise the system doesn’t fully start up.

I’ll try that, thanks!

iFreilicht · July 31, 2024, 2:56pm

So the problem was just my configuration, not the lack of a root account password. I tried to use disko to set up a ZFS pool and datasets, which failed to automount because of this known issue. This left me in a state where the following message was displayed:

You are in emergency mode. After logging in, type "journalctl -xb" to view system logs, "systemctl reboot" to reboot, "systemctl default" or “exit” to boot into default mode.

Cannot open access to console, the root account is locked. See sulogin(8) to continue.

Press Enter to continue.

I interpreted this incorrectly, thinking the locked root account was the issue, because I could not ssh into the machine. However, after pressing Enter once, systemd brought up all services required for the default target, including ssh.

After fixing the configuration issue, this error message went away.