I’d like to install NixOS from within my current OS (Arch Linux) without rebooting until I’m ready to switch. The reason is that I don’t have a second computer at my disposal (and I’m very uncomfortable typing on my phone) and wish to have my browser, my chats, my shell, my SSH keys and so on available during the installation process.
I have a second drive dedicated for NixOS (I want it to have its own ESP and everything). I believe the process should be fairly simple, but I’m struggling to find a good tutorial covering my needs. These are my questions:
About installing NixOS from within Arch:
Can/should I install NixOS using the Nix (2.24.7) installed on my Arch Linux? Could anyone more experienced lead me through this process? I can run a nix shell nixpkgs#nixos-install-tools but don’t quite to know how to proceed.
Can/should I install NixOS by running its live CD in a Virtual Machine? Can anyone help me run NixOS live in a Qemu/KVM, while giving it control of the second drive?
I’d like to use flakes from the get go. Could anyone suggest a good, simple, minimalistic configuration for NixOS for me to start with, which uses flakes and supports multiple hosts?
An issue I’m having is that the hardware-configuration.nix which nixos-generate-config creates seems broken. For instance its imports are [ (modulesPath + "/installer/scan/not-detected.nix") ]; and it doesn’t contain any fileSystems.
I’m unsure whether I should try to fix that file manually, since its top comment says:
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
With the help of LLMs and gazillions of configurations online, I believe I’m ready to proceed with nixos-install. nix build succeeds and everything looks good.
Now only one fear remains: that nixos-install overwrtes something on the current drive, destroying some existing filesystems or messing up with the existing bootloaders. I wish it to only touch the second drive and nothing else.
Could you guys quickly review these parts of my hardware configuration?
/dev/disk/by-uuid/ZZZZ is the ESP of the second drive. I wish NixOS’s bootloader to end up in its /EFI/nixos/.
/dev/disk/by-uuid/XXXX is a LUKS-encrypted partition on the second drive. Once decrypted it exposes /dev/disk/by-uuid/YYYY.
/dev/disk/by-uuid/YYYY is the virtual block device encrypted in the partition above, on the second disk.
If I run nixos-install --flake .#<myhost>, is it gonna write only on the partitions on the second drive without touching anything else? Is there anythink I can do to feel more secure?
I’m guessing it should be able to figure out where to write thanks to that fileSystems object, right? Does it matter whether those partitions are mounted already or not when I run the command? And I guess the encrypted device needs to be mapped already, for nixos-install to be able to work?
Very last question: is it alright what I did with the ESP/boot mount points? Or is there a more canonical approach?
After reading the manual again, I’m guessing that nixos-install doesn’t really care about that fileSystem object, and it just writes to /mnt or the parameter passed as --root.
I don’t think this will work at all, and I don’t really understand what you’re trying to accomplish with it. Just mount the ESP at /boot under the root (/mnt/boot).
As for what nixos-install will actually do, it’s a pretty simple process. All nixos-install does is build the configuration using the /nix/store under the root (/mnt/nix/store), which only touches that nix store directory. Then it chroot’s into the root (/mnt) and runs the program that sets up the boot loader. In the case of systemd-boot, it just installs kernels / initrds / boot loader entries in /boot (/mnt/boot), expecting that to be the ESP, and sets some EFI variables accordingly.
On other dristos, if I mount the ESP on /boot, the distro is going to scatter a bunch of boot-related files around the root directory of the ESP. I prefer to keep things tidier and would want the boot-related files of NixOS to end up under the directory /nixos/ (or /EFI/nixos/) of the ESP.
I’ve been achieving this for years by bind-mounting a subdirectory of the ESP onto /boot. I’m unsure whether this approach is still the recommended one, but I don’t see why it wouldn’t work?
Every distro has its own methods of installing boot loader files. The way NixOS does it with systemd-boot is not going to respect that. It’s going to install the boot loader to well-known locations under the efiSysMountPoint, bootctl is going to complain if that path isn’t a mounted ESP, and nixos kernels / initrds will be installed in certain paths expected by the entries. It’s all implemented with this script
Maybe the way you’ve done it on other distros will work if you use grub instead of systemd-boot. Personally I think grub is more trouble than it’s worth, and I have no idea if grub actually knows how to do this on its own or not. But regardless, efiSysMountPoint (which defaults to /boot) needs to point at the ESP.
Exactly. You have to have all your drives formatted already and mounted the way they would later be under /mnt or --root. Also important to note that if you created a user without specifying a password hash in your config, you’ll have to nixos-enter that mountpoint after installing and set an initial password with passwd to be able to log in.