Rozdíly

Zde můžete vidět rozdíly mezi vybranou verzí a aktuální verzí dané stránky.

--- navody:distribuce:nixos [2017/10/31 08:48] – [Common issues] ssh, systemd232/233 rmarko
+++ navody:distribuce:nixos [2022/02/13 17:40] – page id Aither
@@ Řádek 1: / Řádek 1: @@
+<page>manuals:distributions:nixos</page>
 ===== NixOS =====
-NixOS template is available based on NixOS 17.03. NixOS allows declarative configuration management of the whole system and deployed services.
+NixOS allows declarative configuration management of the whole system and deployed services.
-==== Configuration ====
+To start using NixOS on vpsFree.cz, make sure you're on a node with [[navody:vps:vpsadminos]], you can recognize it e.g. by the kernel version:
-Configuration is available at <code>/etc/nixos/configuration.nix</code>
+<code>
+# uname -rv
+.9.2 #1-vpsAdminOS SMP Fri Oct 30 12:31:53 UTC 2020
+</code>
-This can be altered to change container configuration on the fly or for next reboot. Try changing container hostname and running <code>nixos-rebuild switch</code> to build new configuration and directly switch to it. To switch to new configuration after reboot (set as a default boot profile) use <code>nixos-rebuild boot</code>
+If you have set your public SSH keys in vpsAdmin the key will be automatically deployed and you can login as root right away. To be able to login with a password you need to set the password manually after your container is created.
-==== Package installation ====
+==== Initial setup & informations ====
-Packages can be installed system wide via configuration.nix or for local profile via <code>nix-env</code>
+After installing NixOS (mainly talking about stable release) you **have to know**, that there is activated firewall by default blocking everything except ssh (port no. 22) so if you want to run some webserver (for example nginx) you have to tell firewall to not block your ports with this in your /etc/nixos/configuration.nix:nixos
-To install vim use <code>nix-env -iA nixos.vim</code>
+<code>networking.firewall.allowedTCPPorts = [ 80 443 ];</code>
-To search for a package use <code>nix-env -qaP postgre</code>
+Then don'rt forget to do
-==== Manual ====
+<code> nixos-rebuild switch</code> so your changes will take effect (without rebooting)
-Consult NixOS manual for more https://nixos.org/nixos/manual/
-==== Common issues ====
+==== Configuration ====
-=== SSH public key deployment fails ===
+Configuration is available at <code>/etc/nixos/configuration.nix</code>
-This can occur on first boot of the template when there's no ''/root'' yet. Disable automatic key deployment and deploy key manually **after** the containers boot.
+This can be altered to change container configuration on the fly or for next reboot. Try changing container hostname and running <code>nixos-rebuild switch</code> to build new configuration and directly switch to it. To switch to new configuration after reboot (set as a default boot profile) use <code>nixos-rebuild boot</code>
-=== error: while setting up the build environment: unable to load seccomp BPF program: Invalid argument ===
+If you are using channels you can update your system by running <code>nixos-rebuild switch --upgrade</code>
-Nix ≥ 1.11.10 requires seccomp, which is not available on vpsFree. To fix this, pin Nix to 1.11.9 by adding the following option to ''configuration.nix'' and rebuilding the system:
+==== Package installation ====
-<code>
+Packages can be installed system wide via configuration.nix or for local profile via <code>nix-env</code>
-    nix.package = (import (pkgs.fetchFromGitHub {
-	owner = "NixOS";
-	repo = "nixpkgs";
-	rev = "300fa462b31ad2106d37fcdb4b504ec60dfd62aa";
-	sha256 = "1cbjmi34ll5xa2nafz0jlsciivj62mq78qr3zl4skgdk6scl328s";
-    }) {}).nix;
-</code>
-In the future, it will be possible to [[https://github.com/NixOS/nix/commit/1dd29d7aebae706f3e90a18bbfae727f2ed03c70|disable seccomp usage]].
+To install vim use <code>nix-env -iA nixos.vim</code>
-=== systemd 233+ compatibility issues ===
+To search for a package use <code>nix-env -qaP postgre</code>
-Causes boot failures, workaround is pinning systemd to version 232:
+==== Manual ====
-<code>
-    nixpkgs.config.packageOverrides = super:
-	let systemdGperfCompat = super.systemd.override { gperf = super.gperf_3_0; };
-	in {
-          systemd = systemdGperfCompat.overrideAttrs ( oldAttrs: rec {
-            version = "232";
-            name = "systemd-${version}";
-            src = pkgs.fetchFromGitHub {
-              owner = "nixos";
-              repo = "systemd";
-              rev = "66e778e851440fde7f20cff0c24d23538144be8d";
-              sha256 = "1valz8v2q4cj0ipz2b6mh5p0rjxpy3m88gg9xa2rcc4gcmscndzk";
-            };
-          });
-    };
-</code>
-==== Details ====
+Consult NixOS manual for more https://nixos.org/nixos/manual/
-Log contents
-<code>
-Failed to canonicalize path /etc/systemd/system/local-fs.target.d: Too many levels of symbolic links
-$ journalctl -o verbose
-    _EXE=/nix/store/n5ksbh1hx275zfbqbalhghzpxp1w73lf-systemd-234/lib/systemd/systemd
-    _CMDLINE=/run/current-system/systemd/lib/systemd/systemd --system --deserialize 19
-    CODE_FILE=src/shared/dropin.c
-    CODE_LINE=133
-    CODE_FUNC=unit_file_find_dir
-    ERRNO=40
-    MESSAGE=Failed to canonicalize path /etc/systemd/system/local-fs.target.d: Too many levels of symbolic links
-$ # strace output
-open("/etc/systemd/system/local-fs.target", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = -1 ELOOP (Too many levels of symbolic links)
-readlinkat(AT_FDCWD, "/etc/systemd/system/local-fs.target", "/nix/store/n5ksbh1hx275zfbqbalhg"..., 99) = 94
-open("/nix/store/n5ksbh1hx275zfbqbalhghzpxp1w73lf-systemd-234/example/systemd/system/local-fs.target", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = 12
-fcntl(12, F_GETFL)              = 0xa8000 (flags O_RDONLY|O_LARGEFILE|O_NOFOLLOW|O_CLOEXEC)
-fstat(12, {st_mode=S_IFREG|0444, st_size=507, ...}) = 0
-fstat(12, {st_mode=S_IFREG|0444, st_size=507, ...}) = 0
-getpid()                        = 1
-fstat(12, {st_mode=S_IFREG|0444, st_size=507, ...}) = 0
-read(12, "#  This file is part of systemd."..., 512) = 507
-open("/dev/urandom", O_RDONLY|O_NOCTTY|O_CLOEXEC) = 13
-read(13, "\26\265jV\260\276\7\3300\22J\264m~j\37", 16) = 16
-close(13)                       = 0
-read(12, "", 512)               = 0
-close(12)                       = 0
-open("/", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 12
-openat(12, "etc", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 13
-fstat(13, {st_mode=S_IFDIR|0755, st_size=50, ...}) = 0
-close(12)                       = 0
-openat(13, "systemd", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 12
-fstat(12, {st_mode=S_IFDIR|0755, st_size=10, ...}) = 0
-close(13)                       = 0
-openat(12, "system", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = -1 ELOOP (Too many levels of symbolic links)
-close(12)                       = 0
-writev(3, [{"Failed to canonicalize path /etc"..., 104}, {"\n", 1}], 2) = 105
-open("/", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 12
-openat(12, "etc", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 13
-fstat(13, {st_mode=S_IFDIR|0755, st_size=50, ...}) = 0
-close(12)                       = 0
-openat(13, "systemd", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = 12
-fstat(12, {st_mode=S_IFDIR|0755, st_size=10, ...}) = 0
-close(13)                       = 0
-openat(12, "system", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|0x200000) = -1 ELOOP (Too many levels of symbolic links)
-close(12)                       = 0
-writev(3, [{"Failed to canonicalize path /etc"..., 100}, {"\n", 1}], 2) = 101
-open("/etc/systemd/system/emergency.target", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = -1 ELOOP (Too many levels of symbolic links)
-readlinkat(AT_FDCWD, "/etc/systemd/system/emergency.target", "/nix/store/n5ksbh1hx275zfbqbalhg"..., 99) = 95
-open("/nix/store/n5ksbh1hx275zfbqbalhghzpxp1w73lf-systemd-234/example/systemd/system/emergency.target", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = 12
-fcntl(12, F_GETFL)              = 0xa8000 (flags O_RDONLY|O_LARGEFILE|O_NOFOLLOW|O_CLOEXEC
-</code>

Znalostní báze

Uživatelské nástroje

Nástroje pro tento web

Rozdíly

Nástroje pro stránku