nixos-anywhere/README.md

# nixos-anywhere - install nixos everywhere via ssh

<img src="https://raw.githubusercontent.com/numtide/nixos-anywhere/main/docs/logo.png" width="256" height="256">

nixos-anywhere (formally known as nixos-remote) makes it possible to install
nixos from Linux machines reachable via ssh. Under the hood uses a
[kexec image](https://github.com/nix-community/nixos-images#kexec-tarballs) to
boot into a NixOS installer from a running Linux system. It then uses
[disko](https://github.com/nix-community/disko) to partition and format the
disks on the target system before it installs the user provided nixos
configuration.

## Requirements

`nixos-anywhere` can detect nixos installer if those contain the identifier
`VARIANT=installer` in their `/etc/os-release` file. This is the case for the
nixos-unstable installer and will be also part of nixos 23.05. If installer is
detected `nixos-anywhere` will not try to kexec into its own image.

If your system is not booted into a nixos installer than the following
requirements apply for kexec to succeed:

- `x86_64` Linux system with kexec support (most `x86_64` machine do have kexec
  support) or you have to provide your own
  [image](https://github.com/numtide/nixos-anywhere#using-your-own-kexec-image)
- At least 1.5GB RAM (swap does not count). If you do not have enough RAM you
  will see failures unpacking the initrd), this is because kexec needs to load
  the whole nixos into memory.

## Usage

Needs a repo with your configurations with flakes. For a minimal example
checkout https://github.com/numtide/nixos-anywhere-examples.

Your NixOS configuration will also need a
[disko](https://github.com/nix-community/disko) configuration as we can see in
our
[example](https://github.com/numtide/nixos-anywhere-examples/blob/9768e438b1467ec55d42e096860e7199bd1ef43d/flake.nix#L15-L19)

Afterwards you can just run:

```
nix run github:numtide/nixos-anywhere -- root@yourip --flake github:your-user/your-repo#your-system
```

The parameter passed to `--flake` should point to your nixos configuration
exposed in your flake (`nixosConfigurations.your-system` in the example above).

<!-- `$ bash ./src/nixos-anywhere.sh --help` -->
```
Usage: nixos-anywhere [options] ssh-host

Options:

* -f, --flake flake
  set the flake to install the system from
* -L, --print-build-logs
  print full build logs
* -s, --store-paths
  set the store paths to the disko-script and nixos-system directly
  if this is give, flake is not needed
* --no-reboot
  do not reboot after installation, allowing further customization of the target installation.
* --kexec url
  use another kexec tarball to bootstrap NixOS
* --stop-after-disko
  exit after disko formating, you can then proceed to install manually or some other way
* --extra-files files
  files to copy into the new nixos installation
* --disk-encryption-keys remote_path local_path
  copy the contents of the file or pipe in local_path to remote_path in the installer environment,
  after kexec but before installation. Can be repeated.
* --no-substitute-on-destination
  disable passing --substitute-on-destination to nix-copy
* --debug
  enable debug output
* --option KEY VALUE
  nix option to pass to every nix related command
* --from store-uri
  URL of the source Nix store to copy the nixos and disko closure from
* --build-on-remote
  build the closure on the remote machine instead of locally and copy-closuring it
```

## Using your own kexec image

By default `nixos-anywhere` will download the kexec image from
[here](https://github.com/nix-community/nixos-images#kexec-tarballs). It is also
possible to provide your own by providing a file to `--kexec`. The image will
than uploaded prior to executing.

```shell
nixos-anywhere \
  --kexec "$(nix build --print-out-paths github:nix-community/nixos-images#packages.x86_64-linux.kexec-installer-noninteractive-nixos-unstable)/nixos-kexec-installer-noninteractive-x86_64-linux.tar.gz" \
  --flake 'github:your-user/your-repo#your-system' \
  root@yourip
```

`--kexec` can be useful for example for aarch64-linux, where there is no
pre-build image. The following example assumes that your local machine can build
for aarch64-linux either natively or through a remote builder

```shell
nixos-anywhere \
  --kexec "$(nix build --print-out-paths github:nix-community/nixos-images#packages.aarch64-linux.kexec-installer-noninteractive-nixos-unstable)/nixos-kexec-installer-noninteractive-aarch64-linux.tar.gz" \
  --flake 'your-flake#your-system' \
  root@yourip
```

## Developer guide

To run `nixos-anywhere` from the repo:

```console
nix run . -- --help
```

To format the code

```console
nix fmt
```

# Further Reading 

@tfc has written a walkthrough on how use nixos-anywhere to bootstrap hetzner cloud servers as well as dedicated ones on his blog: https://galowicz.de/2023/04/05/single-command-server-bootstrap/
rename nixos-remote to nixos-anywhere 2023-02-01 21:49:46 +03:00			`# nixos-anywhere - install nixos everywhere via ssh`
add minimal README 2022-11-10 18:49:56 +03:00
README: point to main branch for logo 2023-02-02 12:16:07 +03:00			`<img src="https://raw.githubusercontent.com/numtide/nixos-anywhere/main/docs/logo.png" width="256" height="256">`
add logo 2023-02-01 22:33:08 +03:00
reformat with prettier 2023-02-02 10:23:12 +03:00			`nixos-anywhere (formally known as nixos-remote) makes it possible to install`
			`nixos from Linux machines reachable via ssh. Under the hood uses a`
			`[kexec image](https://github.com/nix-community/nixos-images#kexec-tarballs) to`
			`boot into a NixOS installer from a running Linux system. It then uses`
			`[disko](https://github.com/nix-community/disko) to partition and format the`
			`disks on the target system before it installs the user provided nixos`
README: extend 2022-11-22 23:46:43 +03:00			`configuration.`

			`## Requirements`

Change 'remote' -> 'anywhere' 2023-02-06 23:50:32 +03:00			`nixos-anywhere` can detect nixos installer if those contain the identifier
mention nixos installer detection 2023-02-02 10:22:40 +03:00			`VARIANT=installer` in their `/etc/os-release` file. This is the case for the
			`nixos-unstable installer and will be also part of nixos 23.05. If installer is`
Change 'remote' -> 'anywhere' 2023-02-06 23:50:32 +03:00			detected `nixos-anywhere` will not try to kexec into its own image.
mention nixos installer detection 2023-02-02 10:22:40 +03:00
			`If your system is not booted into a nixos installer than the following`
			`requirements apply for kexec to succeed:`

README: fix markup 2023-05-07 22:58:11 +03:00			- `x86_64` Linux system with kexec support (most `x86_64` machine do have kexec
reformat with prettier 2023-02-02 10:23:12 +03:00			`support) or you have to provide your own`
			`[image](https://github.com/numtide/nixos-anywhere#using-your-own-kexec-image)`
reduce memory consumption 2023-05-07 22:57:22 +03:00			`- At least 1.5GB RAM (swap does not count). If you do not have enough RAM you`
README: extend 2022-11-22 23:46:43 +03:00			`will see failures unpacking the initrd), this is because kexec needs to load`
			`the whole nixos into memory.`

add minimal README 2022-11-10 18:49:56 +03:00			`## Usage`
README: extend 2022-11-22 23:38:11 +03:00
reformat with prettier 2023-02-02 10:23:12 +03:00			`Needs a repo with your configurations with flakes. For a minimal example`
			`checkout https://github.com/numtide/nixos-anywhere-examples.`

			`Your NixOS configuration will also need a`
			`[disko](https://github.com/nix-community/disko) configuration as we can see in`
			`our`
			`[example](https://github.com/numtide/nixos-anywhere-examples/blob/9768e438b1467ec55d42e096860e7199bd1ef43d/flake.nix#L15-L19)`
README: extend 2022-11-22 23:38:11 +03:00
			`Afterwards you can just run:`

add minimal README 2022-11-10 18:49:56 +03:00			```
rename nixos-remote to nixos-anywhere 2023-02-01 21:49:46 +03:00			`nix run github:numtide/nixos-anywhere -- root@yourip --flake github:your-user/your-repo#your-system`
add minimal README 2022-11-10 18:49:56 +03:00			```
README: extend 2022-11-22 23:38:11 +03:00
			The parameter passed to `--flake` should point to your nixos configuration
			exposed in your flake (`nixosConfigurations.your-system` in the example above).
extend README 2022-12-31 14:55:20 +03:00
src/nixos-anywhere.sh: add shebang It's not strictly needed because Nix wraps it with writeShellApplication, but it makes it easier for the script to be standalone and use the right syntax highlighter in shells. Invoke it with bash in the README because of the Nix build sandbox missing /usr/bin/env 2023-05-10 11:33:28 +03:00			<!-- `$ bash ./src/nixos-anywhere.sh --help` -->
README: format with mdsh Use mdsh to keep the option parsing outputs in the README in sync with the script. 2023-05-10 11:28:37 +03:00			```
rename nixos-remote to nixos-anywhere 2023-02-01 21:49:46 +03:00			`Usage: nixos-anywhere [options] ssh-host`
extend README 2022-12-31 14:55:20 +03:00
			`Options:`

			`* -f, --flake flake`
			`set the flake to install the system from`
README: sync with command options 2023-01-12 02:25:14 +03:00			`* -L, --print-build-logs`
			`print full build logs`
extend README 2022-12-31 14:55:20 +03:00			`* -s, --store-paths`
			`set the store paths to the disko-script and nixos-system directly`
			`if this is give, flake is not needed`
README: sync with command options 2023-01-12 02:25:14 +03:00			`* --no-reboot`
			`do not reboot after installation, allowing further customization of the target installation.`
extend README 2022-12-31 14:55:20 +03:00			`* --kexec url`
			`use another kexec tarball to bootstrap NixOS`
			`* --stop-after-disko`
			`exit after disko formating, you can then proceed to install manually or some other way`
			`* --extra-files files`
			`files to copy into the new nixos installation`
README: sync with command options 2023-01-12 02:25:14 +03:00			`* --disk-encryption-keys remote_path local_path`
			`copy the contents of the file or pipe in local_path to remote_path in the installer environment,`
			`after kexec but before installation. Can be repeated.`
add --from option 2023-01-17 18:28:44 +03:00			`* --no-substitute-on-destination`
			`disable passing --substitute-on-destination to nix-copy`
extend README 2022-12-31 14:55:20 +03:00			`* --debug`
			`enable debug output`
add --from option 2023-01-17 18:28:44 +03:00			`* --option KEY VALUE`
			`nix option to pass to every nix related command`
			`* --from store-uri`
			`URL of the source Nix store to copy the nixos and disko closure from`
README.md: add build-on-remote 2023-05-10 06:51:28 +03:00			`* --build-on-remote`
			`build the closure on the remote machine instead of locally and copy-closuring it`
extend README 2022-12-31 14:55:20 +03:00			```

			`## Using your own kexec image`

reformat with prettier 2023-02-02 10:23:12 +03:00			By default `nixos-anywhere` will download the kexec image from
			`[here](https://github.com/nix-community/nixos-images#kexec-tarballs). It is also`
			possible to provide your own by providing a file to `--kexec`. The image will
			`than uploaded prior to executing.`
extend README 2022-12-31 14:55:20 +03:00
reformat with prettier 2023-02-02 10:23:12 +03:00			```shell
rename nixos-remote to nixos-anywhere 2023-02-01 21:49:46 +03:00			`nixos-anywhere \`
switch to non-interactive installer Massive size decrease: 820 MB -> 321 MB 2023-05-07 23:05:10 +03:00			`--kexec "$(nix build --print-out-paths github:nix-community/nixos-images#packages.x86_64-linux.kexec-installer-noninteractive-nixos-unstable)/nixos-kexec-installer-noninteractive-x86_64-linux.tar.gz" \`
extend README 2022-12-31 14:55:20 +03:00			`--flake 'github:your-user/your-repo#your-system' \`
			`root@yourip`
			```

			`--kexec` can be useful for example for aarch64-linux, where there is no
reformat with prettier 2023-02-02 10:23:12 +03:00			`pre-build image. The following example assumes that your local machine can build`
			`for aarch64-linux either natively or through a remote builder`
extend README 2022-12-31 14:55:20 +03:00
reformat with prettier 2023-02-02 10:23:12 +03:00			```shell
rename nixos-remote to nixos-anywhere 2023-02-01 21:49:46 +03:00			`nixos-anywhere \`
switch to non-interactive installer Massive size decrease: 820 MB -> 321 MB 2023-05-07 23:05:10 +03:00			`--kexec "$(nix build --print-out-paths github:nix-community/nixos-images#packages.aarch64-linux.kexec-installer-noninteractive-nixos-unstable)/nixos-kexec-installer-noninteractive-aarch64-linux.tar.gz" \`
extend README 2022-12-31 14:55:20 +03:00			`--flake 'your-flake#your-system' \`
			`root@yourip`
			```
expose nixos-remote tools in devshell 2023-01-12 17:26:01 +03:00
			`## Developer guide`

rename nixos-remote to nixos-anywhere 2023-02-01 21:49:46 +03:00			To run `nixos-anywhere` from the repo:
expose nixos-remote tools in devshell 2023-01-12 17:26:01 +03:00
			```console
			`nix run . -- --help`
			```

			`To format the code`

			```console
			`nix fmt`
			```
Add link to blogpost @tfc has written a nice walk-through on his blog at: https://galowicz.de/2023/04/05/single-command-server-bootstrap/ . This links to it in README.md 2023-04-05 15:26:39 +03:00
			`# Further Reading`

			`@tfc has written a walkthrough on how use nixos-anywhere to bootstrap hetzner cloud servers as well as dedicated ones on his blog: https://galowicz.de/2023/04/05/single-command-server-bootstrap/`