Every time I reboot my nixos machine, I have to ssh in as the original user from when I first installed and configured nixos and run sudo nixos-rebuild switch --flake /etc/nixos#hobby and then log out. Only then can I ssh in as the user defined in my configuration.nix.
The original user is not defined anywhere in my nix configurations but its user folder is still in /home. I’m scared to remove it because I might lock myself out of the machine.
Is the boot loader not loading the configuration.nix or my flakes?
My /etc/nixos/configuration.nix currently has
boot.loader.grub.enable = false;
boot.loader.generic-extlinux-compatible.enable = true;
...
users.users.myUsername = {
isNormalUser = true;
extraGroups = [ "networkmanager" "wheel" ];
openssh.authorizedKeys.keys = [ "..." ];
};
but again, with this I can ssh in as myUsername until after logging in as the original user and rebuilding.
1 Like
This sounds like you are booting the initial generation every time, and then re-switching into the real, desired generation, post-boot.
To troubleshoot a bit, after you have it in a “good state”, run readlink -f /run/current-system. Then reboot, and check the value of readlink -f /run/current-system.
2 Likes
Thanks for the help.
"good state":
/nix/store/yr9bply98spwv0asancn6khz1q85y90q-nixos-system-eris-24.05.20240406.a6057e3
"after rebooting"
/nix/store/cy1g9ffq83lrk4ccamxi405zmnmda5hc-nixos-system-nixos-23.05pre433819.2dea0f4c2d6
After some digging into the Bootloader doc, I tried garbage collecting and a
sudo nixos-rebuild boot --flake /etc/nixos#hobby
I also tried setting the configurationLimit boot.loader.grub.configurationLimit = 10; but that hasn’t helped either.
Does this look okay in the hardware-configuration.nix? Should I remove the /boot/efi?
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ehci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/f9d5f34d-5743-4ac1-bfc8-29d5ddbb82a0";
fsType = "ext4";
};
fileSystems."/boot/efi" =
{ device = "/dev/disk/by-uuid/0E0B-EEA0";
fsType = "vfat";
};
Do you have split UEFI and boot partitions? It’s suspicious that you don’t have a /boot where NixOS is going to try to install generation kernel/initrd/cmdlines to.
I suspect if you look, you’re going to find goodies under /boot, and that it’s not a mountpoint… which would cause this problem.
2 Likes
You are right. there is a /boot/nixos, a /boot/efi and a /boot/extlinux
It’s been so long since I first configured everything that I can’t remember for certain but I’m pretty sure I left the hardware-configuration.nix alone after the installation steps.
Maybe I just remove the efi fileSystem?
That depends on how you have partitioned your disk.
I can’t recall if we use the setup recommended by systemd, but I think the default happy path for most NixOS users is to use the UEFI partition as /boot, so the UEFI binaries and the actual generation contents are side-by-side.
It’s possible that you could get away with not having a /boot depending on your rootfs, but I’d highly recommend having a separate /boot, or …
Alternatively, nixpkgs now supports XBOOTLDR, where you can have systemd-boot’s binary on /efi and generation files on /boot (but this would require configuring BOTH fs mounts, and some extra options).
I think I’ve just bunged things up in such a way it will take 10x longer to fix than just reinstall NixOS from scratch.
Thanks for your help. I also saw you’re at Determinate Systems, which I discovered somewhat recently as I’m trying to get back into this. Kudos to what you’re trying to do.
Weird choice for a boot loader, depending on the hardware. My understanding is that this one doesn’t actually configure a boot loader; it just puts some config files in /boot (along with kernels / initrds) and hopes that you’ve got some kind of firmware or boot loader (like u-boot) that supports them. It’s used on the Raspberry Pi SD images because it is preferred to separate the configuration of the “platform firmware” (including u-boot) from the configuration of NixOS. But if you’re not using something like the rpi, it’s a weird choice.
This makes it even a little stranger, for two reasons. 1) You’ve enabled a boot loader that isn’t going to configure files for EFI. 2) You’ve mounted your ESP at /boot/efi instead of /boot. The latter is… acceptable, sorta, but you have to set boot.loader.efi.efiSysMountPoint to that path for it to work. Now, as @colemickens says, nowadays you can separate the ESP from the XBOOTLDR, but frankly I don’t know why you would unless you’re trying to avoid reformatting an existing ESP and partition layout, so this seems unlikely to be relevant to you.
Anyway, all this is to say that I think you just need to configure a boot loader that actually works on your system. If this is an RPi, then I actually would expect boot.loader.generic-extlinux-compatible.enable = true; to work, if you started with the NixOS SD image. But on a typical PC, you’re almost certainly using UEFI, and that means you almost certainly want to just enable grub or systemd-boot. You’ll want the ESP configured to mount at /boot rather than /boot/efi, and you’ll want to make sure that any boot loader that you’re not using is not present in the ESP.
1 Like
This is a mini-PC but I may have used a guide for Raspberry Pis because that’s where I started learning NixOS.
I’ve started from scratch. Now there’s just a fileSystems."/" and a fileSystems."/boot" and the bootloader.systemd-boot.
1 Like