442577eb25
* tutorial: nixos configurations on vm Co-authored-by: Benoit de Chezelles <bew@users.noreply.github.com> Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io> Co-authored-by: Henrik <i97henka@gmail.com>
8.4 KiB
(nixos-vms)=
NixOS virtual machines
One of the most important features of NixOS is the ability to configure the entire system declaratively, including packages to be installed, services to be run, as well as other settings and options.
NixOS configurations can be used to test and use NixOS using a virtual machine, independent of an installation on a "bare metal" computer.
:::{important} A NixOS configuration is a Nix language function following the NixOS module convention. :::
What will you learn?
This tutorial serves as an introduction creating NixOS virtual machines. Virtual machines are a practical tool for debugging NixOS configurations.
What do you need?
- A working Nix installation on Linux, or NixOS
- Basic knowledge of the Nix language
Starting from the default NixOS configuration
In this tutorial you will use the default configuration that is shipped with NixOS.1
:::{admonition} NixOS
On NixOS, use the nixos-generate-config command to create a configuration file that contains some useful defaults and configuration suggestions.
By default, the configuration file is located at /etc/nixos/configuration.nix.
To avoid overwriting this file you have to specify the output directory.
Create a NixOS configuration in your working directory:
nixos-generate-config --dir ./
In the working directory you will then find two files:
-
hardware-configuration.nixis specific to the hardwarenix-generate-configis being run on. You can ignore that file for this tutorial because it has no effect inside a virtual machine. -
configuration.nixcontains various suggestions and comments for the initial setup of a desktop computer. :::
The default configuration of NixOS without comments is:
{ config, pkgs, ... }:
{
imports = [ ./hardware-configuration.nix ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
services.xserver.enable = true;
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
system.stateVersion = "22.05";
}
To be able to log in add the following lines to the returned attribute set:
users.users.alice = {
isNormalUser = true;
extraGroups = [ "wheel" ];
packages = with pkgs; [
firefox
tree
];
};
:::{admonition} NixOS
On NixOS your configuration generated using nix-generate-config contains this user configuration commented out.
:::
Additionally, you need to specify a password for this user.
For the purpose of demonstration only, you specify an insecure, plain text password by adding the initialPassword option to the user configuration:2
initialPassword = "testpw";
This tutorial focuses on testing NixOS configurations on a virtual machine.
Therefore you will remove the reference to hardware-configuration.nix:
- imports = [ ./hardware-configuration.nix ];
The complete configuration.nix file now looks like this:
{ config, pkgs, ... }:
{
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
services.xserver.enable = true;
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
users.users.alice = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
packages = with pkgs; [
firefox
tree
];
initialPassword = "testpw";
};
system.stateVersion = "22.11";
}
Creating a QEMU based virtual machine using a configuration
A virtual machine is created with the nix-build command.
To select configuration.nix in the working directory, specify the configuration file on the command line:
nix-build '<nixpkgs/nixos>' -A vm \
-I nixpkgs=channel:nixos-22.11 \
-I nixos-config=./configuration.nix
This command builds the attribute vm from the nixos-22.11 release of NixOS, using the NixOS configuration as specified in the relative path.
Detailed explanation
The first optional argument of nix-build is a path to the derivation to be built.
With '<nixpkgs>' Nix is instructed to resolve the search path defined with the NIX_PATH environment variable or the -I option.
The virtual machine setup is provided by NixOS, which is part of the nixpkgs repository, therefore we use '<nixpkgs/nixos>'.
The -A option specifies the attribute to pick from the provided Nix expression <nixpkgs>.
To build the virtual machine, you choose the vm attribute as defined in nixos/default.nix.
The -I option adds search paths.
Here we set nixpkgs to refer to a specific version of NixOS and to set nix-config to the configuration.nix file in the current directory.
:::{admonition} NixOS
On NixOS the $NIX_PATH environment variable is usually set up automatically, and there is also a convenience command for building virtual machines.
You can use the current version of nixpkgs to build the virtual machine like this:
nixos-rebuild build-vm -I nixos-config=./configuration.nix
:::
Running the virtual machine
The previous command created a link with the name result in the working directory.
It links to the directory that contains the virtual machine.
ls -R ./result
result:
bin system
result/bin:
run-nixos-vm
Run the virtual machine:
./result/bin/run-nixos-vm
This command opens a window that shows the boot process of the virtual machine and ends at the gdm login screen where you can log in as alice with the password testpw.
Running the virtual machine will create a nixos.qcow2 file in the current directory.
This disk image file contains the dynamic state of the virtual machine.
It can interfere with debugging as it keeps the state of previous runs, for example the user password.
You should delete this file when you change the configuration:
rm nixos.qcow2
References
- Nix manual:
nix-buildman page. - Nix manual: common cli options.
- Nix manual:
NIX_PATHenvironment variable. - NixOS Manual: NixOS Configuration.
- NixOS Manual: Modules.
- NixOS Manual Reference: Options.
- NixOS Manual: NixOS cli.
- Wiki entry: nixos-rebuild build-vm.
- NixOS source code:
configuration templateintools.nix. - NixOS source code:
vmattribute indefault.nix.
-
This configuration template is used. ↩︎
-
Warning: Do not use plain text passwords outside of this example unless you know what you are doing. See
initialHashedPasswordorssh.authorizedKeysfor more secure alternatives. ↩︎