Installing and Configure NixOS Server in a VirtualBox guest

1. Download a NixOS ISO

2. Add a New Machine in VirtualBox with OS Type "Linux / Other Linux"

Base Memory Size: 768 MB or higher.

New Hard Disk of 8 GB or higher.

Mount the CD-ROM with the NixOS ISO (by clicking on CD/DVD-ROM)

Click on Settings / System / Processor and enable PAE/NX

Click on Settings / System / Acceleration and enable "VT-x/AMD-V" acceleration

3. Save the setting and start the Virtual machine

4. Boot into install shell

5. Mount the disk as follows:

$ fdisk /dev/sda # Create a full partition, For quick setup use these commands in

order: n, p, 1, <Enter>, <Enter>, w

$ mkfs.ext4 -j -L nixos /dev/sda1

$ mount LABEL=nixos /mnt

$ nixos-generate-config --root /mnt

1. Change the configuration.nix open the main NixOS configuration file via nano:

$ nano /mnt/etc/nixos/configuration.nix

Basic Configuration

In the configuration.nix, enable the virtualbox guest service at the main block:

virtualisation.virtualbox.guest.enable = true;

Also remove the fsck that runs at startup. It will always fail to run, stopping your boot until you press

*.

boot.initrd.checkJournalingFS = false;

Then do whatever installation tasks you normally do. Make sure you add a user and give the user a

password.

You may also want to automatically log into a specific user when starting up the virtual machine,

instead of having a login screen. Set xserver displayer manager properties as follows:

services.xserver.displayManager.auto.enable = true;

services.xserver.displayManager.auto.user = "your-user";

When you are happy with your configuration file, run nixos-install and reboot.

$ nixos-install

$ reboot

Minimal Install (For Servers)

This section is about installing a minimal NixOS VirtualBox Guest for servers. It will be bare bones,

except for allowing you to ssh into it.

First off, complete the steps listed in the Base Instructions section.

Then, in the VirtualBox settings, under networking, select "Attached to: NAT" and change the host-

interface to "en1: Airport".

Replace the NixOS configuration file with the following:

{ config, pkgs, ...} :

{

boot.loader.grub.device = "/dev/sda";

# Enable virtualbox guest additions

virtualisation.virtualbox.guest.enable = true;

# Enable the sshd daemon so you can ssh

# into the

services.openssh.enable = true;

fileSystems = [

{ mountPoint = "/";

label = "nixos";

}

];

}

Finally, run nixos-install, reboot, and you'll have a working NixOS system.

$ nixos-install

$ reboot

Networking

UPDATE: This can now all be done in the VirtualBox Settings GUI for the VM: Settings -> Network -

> Advanced -> Port Forwarding.

However, you can't conveniently log in to ssh this way, so you'll need to set up port-forwarding. Doing

that is explained on this site, all you have to do is create a script named "vbox-tunnel" that contains the

following lines:

#!/bin/bash

cd /Applications/VirtualBox.app/Contents/MacOS/

./VBoxManage setextradata "$1"

"VBoxInternal/Devices/pcnet/0/LUN#0/Config/$2/Protocol" TCP

./VBoxManage setextradata "$1"

"VBoxInternal/Devices/pcnet/0/LUN#0/Config/$2/GuestPort" $3

./VBoxManage setextradata "$1"

"VBoxInternal/Devices/pcnet/0/LUN#0/Config/$2/HostPort" $4

Now execute the script:

vbox-tunnel Nix sshtunnel 22 2222

You should be able to log in to Nix now by running ssh -p 2222 localhost in your Terminal.

Enjoy!

Alternative (independent of virtual network card chosen for the guest):

VBoxManage modifyvm "Nix" --natpf1 "sshtunnel,tcp,,2222,,22"

As before, you are now able to log in to Nix by running ssh -p 2222 localhost in your terminal.

Shared Folders

Shared folders can be given a name and a path in the host system in the VirtualBox settings (Machine /

Settings / Shared Folders, then click on the "Add" icon). Add the following to the

/etc/nixos/configuration.nix to auto-mount them:

{ config, pkgs, ...} :

{

...

fileSystems."/virtualboxshare" = {

fsType = "vboxsf";

device = "nameofthesharedfolder";

options = "rw";

};

}

The folder will be available directly under the root directory.

If you want to have symlinks you have to use something like VBoxManage setextradata VM_NAME

VBoxInternal2/SharedFoldersEnableSymlinksCreate/SHARE_NAME 1 to enable them.

As noted that vboxsf is quite slow, and NFS, CIFS or 9P might be a better choice if the host support

these networking.

Vagrant boxes

Using Vagrant requires maintaining base boxes and some plugins

Install/remove software

How to install software

There are (at least) four distinct ways to install software, with different purposes. These are

Installing into the global system environment Installing into the root user profile Installing into a normal user profile Installing into a project/program-specific environment (e.g. with nix-shell or nixos-container)

System environment installation

This method makes software globally available for all users, and is the closest to functionality such as

apt-get install in Debian/Ubuntu. This option is only available if you are running a full NixOS

installation, as opposed to standalone Nix.

Note: This method is preferred over the next method (root user profile) due to potential issues with kernel modules [TODO: needs more clarification].

To install a package to the system environment, add it to the corresponding

environment.systemPackages list in /etc/nixos/configuration.nix

environment.systemPackages = with pkgs; [

zsh wget

];

and then run:

nixos-rebuild switch

Removing software installed into the system environment is almost the same process - remove the

package from environment.systemPackages, then run nixos-rebuild switch

Root user installation

Software installed via nix-env as root is also globally available to all users, e.g.

nix-env -i links2

Note: generally the method above (system environment) is preferable to this. However this method could be useful if you have a standalone Nix installation (in which case the method above is not available).

To remove software installed in this way, use nix-env as the root user

nix-env -e links2

Normal user installation

This method makes software available only for the user who installs it. Take care not to use sudo, or

else you have hit the case above (root user installation)

nix-env -i links2

To remove software installed in this way, use nix-env

nix-env -e links2

Installing into a subshell

In some cases, you may want access to a program for a specific task or project, but do not want to

install it into your user or system profiles. For example, if you have five projects under development,

each of which depends on a different version of the Python interpreter, then you can constrain each

interpreter to be available only within the context of the corresponding project, instead of trying to

install them into the system/user profiles. For more information see

https://nixos.org/wiki/Develop_software_with_unique_profiles_using_Nix

Garbage collection

Removing software as described above will not immediately free up disk space. This is because

previous generations of profiles are maintained to enable rollbacks. To free up disk space run

nix-env --delete-generations old

nix-collect-garbage

Note: nix-env --delete-generations old should be run as the same user (root or normal user) from whose profile you uninstalled software

Note: as a shortcut to garbage collect everything not currently used by some profile, run as root

nix-collect-garbage -d

Note: after garbage-collecting old generations, rolling back to them is no longer possible

How to list installed software

Software per user

That works for each 'shell' of a single user:

nix-env -q

Software in the environment.systemPackages

There is no command to list that at this time (8jun2011)

But there is this workaround (tnx to niksnut!):

nix-store -q --references /var/run/current-system/sw

Run this to see package names only:

nix-store -q --references /var/run/current-system/sw | cut -d'-' -f2-

How to update installed software

Software per user nix-env -u --keep-going

If you want to update even SW that haven't changed version but something did change (deps. etc.) use

nix-env -u --keep-going --leq

Software in the environment.systemPackages

If you have updated your channel with

nix-channel --update

Or updated them manually, by hand, or pulling updates from a source control system then you can use:

nixos-rebuild switch

To update any installed packages with updated nix expressions.

Or you can use :

nixos-rebuild switch --upgrade

How to roll back software

To undo the last

nixos-rebuild switch

You can

nixos-rebuild switch --rollback

Note this does not revert configuration files like /etc/nixos/configuration.nix to their previous states so

if you do not change them by hand the next "nixos-rebuild switch" will install them again.

To see the available system generations you can pass the profile to nix-env:

nix-env -p /nix/var/nix/profiles/system --list-generations

To rollback the system to an earlier generation:

nix-env --switch-generation 3141 -p /nix/var/nix/profiles/system

/nix/var/nix/profiles/system/bin/switch-to-configuration switch

For per-user packages.

nix-env --rollback

Also see nix-env --list-generations, which will list out the number of previous generations and the time

stamp of their creation.

Manage nix-build/nix-shell

In /nix/var/nix/gcroots/auto there are links like these:

lrwxrwxrwx 1 root root 74 Jul 3 2013 182qrbs2zqkm6g4waqw4xl7pc484zyss ->

/home/joachim/Desktop/projects/nixos/nixpkgs/pkgs/desktops/kde-4.10/result/

lrwxrwxrwx 1 root root 12 Feb 1 18:23 7h9kz6xpi43rhva1alqny0hi54w6203b ->

/root/result

lrwxrwxrwx 1 root root 45 Jul 31 2013 9355idpn9cxg4xfxgwwjvrdlg481gr0s ->

/home/joachim/Desktop/projects/nix-ray/result/

lrwxrwxrwx 1 root root 47 Mar 20 00:15 964c6j34pd3b6qm418gc4j2pmwj890l7 ->

/home/joachim/Desktop/projects/nixos/nix/result/

lrwxrwxrwx 1 root root 51 Mar 20 00:50 bwj2bawqgg8v2hw41h7zyidky2wsynar ->

/home/joachim/Desktop/projects/nixos/nixpkgs/result/

lrwxrwxrwx 1 root root 32 May 12 16:19 mh0rdyn6ldcdljjzwpfzgfhmwyl7hi51 ->

/tmp/nix-build.Jyenoc/derivation

lrwxrwxrwx 1 root root 30 Aug 20 2013 q1s5wwxrnn6dc0g856vxz22lfad4gg6h ->

/home/joachim/Downloads/result/

You can remove all, which you do not need anymore BUT except this one:

lrwxrwxrwx 1 root root 43 Jun 12 2012 77pq4kkwkcsbxczg1d3hhvi4n33la519 ->

/nix/var/nix/gcroots/per-user/root/channels/

Afterwards run:

nix-store --gc

Repair your installation

Fix corrupted or missing store paths by redownloading or rebuilding them. Note that this is slow

because it requires computing a cryptographic hash of the contents of every path in the closure of the

build.

$ export NIX_REMOTE=""

$ nix-store --verify --check-contents --repair

Note: both commands need to be run as root

If these command didn't help, it may be that

$ nix-store --delete $(nix-store --verify --check-contents)

will help. It lists every corrupted path and removes it together with all reverse dependencies. This can

fail if some of corrupted files are still used by some GC roots.

nix-channels

NixOS channels are now the default mechanism for keeping NixOS up to date. (A channel is a Nix

mechanism for distributing a consistent set of Nix expressions and binaries.)

A quick summary on how to use it (official docs):

$ nix-channel --add https://nixos.org/channels/name nixos

$ nix-channel --update

$ nixos-rebuild switch

Currently there are nixos and nixpkgs unstable channels, and release-14.12 channel which only

receives security+maintenance updates.

The NixOS channel contains a copy of Nixpkgs, so after "nix-channel --update" you can install

packages via nix-env:

$ nix-env -i thunderbird

or, if you prefer the "-A" option:

$ nix-env -iA nixos.pkgs.thunderbird

The advantages of using a channel over the previous way (doing "svn up /etc/nixos/*" a.k.a. nixos-

checkout) are:

Correctness: The channel is only updated to a new revision of NixOS/Nixpkgs if it passes certain tests - specifically, if the "tested" job succeeds (http://hydra.nixos.org/job/nixos/trunk-combined/tested). So you have a reasonable certainty that the new version will actually work. By contrast, if you update to the latest revision using nixos-checkout, it's quite possible that somebody just committed something that broke the entire system.

Efficiency: The channel is only updated after all Hydra builds in that revision have finished, *and* all binaries have been mirrored. So you don't have to worry about somebody just having committed something that causes a huge recompilation.

This makes keeping NixOS up to date a rather more pleasant activity, IMHO (Eelco Dolstra).

Some things to note:

The downloaded channel sources are linked from /nix/var/nix/profiles/per-user/root/channels/nixos (which is actually in the Nix store). The $NIX_PATH environment variable contains this directory, so <nixos> and <nixpkgs> in Nix expressions resolve there unless overridden through $NIX_PATH or the "-I" flag.

In principle, you can do rollbacks on the channels profile ("nix-env -p /nix/var/nix/profiles/per-user/root/channels --rollback") if you don't like the result of a "nix-channel --update".

The NixOS installation CD no longer contains or installs /etc/nixos/{nixos,nixpkgs} but instead uses the NixOS channel. You can of course run "nixos-checkout" if you want a working tree for development. (In other news, "nixos-checkout" now accepts a argument to specify the desired location of the working trees, e.g. "nixos-checkout /home/eelco/Dev". The default location /etc/nixos may eventually go away since it's a weird location for keeping large source trees.)

To use a development tree in nixos-rebuild, just use the -I flag, e.g. "nixos-rebuild switch -I /home/eelco/Dev".

The "nixpkgs_sys" link in ~/.nix-defexpr is no longer created. Instead you can use "nixos.pkgs" in "nix-env -iA" calls, as shown above. "nixos.pkgs" is the Nixpkgs in the NixOS channel, so it's guaranteed to have binaries available.

The command "nixos-version" prints out the NixOS version you're currently running, e.g. "14.02pre-1dd0e05 (Baboon)". The version string include the NixOS and Nixpkgs revisions, respectively.

nix-channels advanced usage

Tip: often you would use nix-channel --update and maybe nixos-rebuild boot so that the newly built

system is activated after the next reboot. but say you wanted to change a very minimal setting in

your current system before the next boot, like:

network settings (dhcp vs static ip) install a service (like httpd) or anything similar

which should affect the currently executed system profile, then you have to revert to the nix-channel

version you were using to build the current system profile.

first run nixos-version

nixos-version

14.11pre52840.c347f1c (Caterpillar)

nixos-version is a simple script from '/run/current-system/sw/bin/nixos-version'. note down the version

'pre52840.c347f1c' and then do this:

for i in `find -L /nix/var/nix/profiles/per-user/root -name .version-suffix`; do

echo "$i"; echo -n " "; cat $i; echo ""; done

/nix/var/nix/profiles/per-user/root/channels-123-link/nixos/nixpkgs/.version-

suffix

pre49475.74f6be0

/nix/var/nix/profiles/per-user/root/channels-121-link/nixos/nixpkgs/.version-

suffix

pre48350.41cd2d8

/nix/var/nix/profiles/per-user/root/channels-125-link/nixos/nixpkgs/.version-

suffix

pre51468.2c0cc6c

/nix/var/nix/profiles/per-user/root/channels-128-link/nixos/nixpkgs/.version-

suffix

pre52840.c347f1c

/nix/var/nix/profiles/per-user/root/channels-122-link/nixos/nixpkgs/.version-

suffix

pre48350.41cd2d8

/nix/var/nix/profiles/per-user/root/channels-129-link/nixos/nixpkgs/.version-

suffix

pre54658.6221af5

/nix/var/nix/profiles/per-user/root/channels-127-link/nixos/nixpkgs/.version-

suffix

pre52727.5d97886

/nix/var/nix/profiles/per-user/root/channels-126-link/nixos/nixpkgs/.version-

suffix

pre52020.7bc3005

/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/.version-suffix

pre54658.6221af5

/nix/var/nix/profiles/per-user/root/channels-124-link/nixos/nixpkgs/.version-

suffix

pre50818.b5fe0d3

as it turns out, the link we were searching for was:

/nix/var/nix/profiles/per-user/root/channels-128-link/nixos/nixpkgs/.version-

suffix

pre52840.c347f1c

finally activate 128:

nix-env -p /nix/var/nix/profiles/per-user/root/channels --list-generations

nix-env -p /nix/var/nix/profiles/per-user/root/channels -G 128

and finally you can affect your current system profile with this:

nixos-rebuild switch

note: the previous nixos-rebuild boot will still listed be in GRUB but your default nix-channel is now

poiting to 128 (and not 129) so if you want to make updates you have to run nix-channel --update

again.

note: also beware of the garbage collector: running nix-collect-garbage -d will cause everything not

currently in use to be removed, after which even a small change to your config may require

rebuilding/redownloading a large number of packages which had previously been cached.

How to change the used kernel version

boot.kernelPackages # see http://hydra.nixos.org/job/nixos/trunk/manual/latest/download

For example: add

boot.kernelPackages = pkgs.linuxPackages_2_6_25;

to your /etc/nixos/configuration.nix

Or check for more recent entries by:

nix-env -qa | grep linux-2.6.

How to use a different version of a package

KDE

1. Look into pkgs/top-level/all-packages.nix (when you have checked out nixpkgs using git) and try to

find something like this:

kde4 = recurseIntoAttrs pkgs.kde47;

kde47 = kdePackagesFor pkgs.kde47 "4.7";

kde410 = kdePackagesFor pkgs.kde410 "4.10";

2. Now pick one of the versions by adding the lines below to /etc/nixos/configuration.nix:

nixpkgs.config.packageOverrides = pkgs : rec {

kde4 = pkgs.kde410;

};

3. Install all kde stuff into the envinronment.systemPackages

environment.systemPackages = with pkgs; [

zsh

linuxPackages.virtualbox

wget

kde4.kdemultimedia

kde4.kdegraphics

kde4.kdeutils

kde4.applications

kde4.kdegames

kde4.kdeedu

kde4.kdebindings

kde4.kdeaccessibility

#kde4.kde_baseapps

kde4.kactivities

kde4.kdeadmin

kde4.kdeartwork

#kde4.kde_base_artwork

kde4.kdenetwork

kde4.kdepim

kde4.kdepimlibs

kde4.kdeplasma_addons

kde4.kdesdk

kde4.kdetoys

#kde4.kde_wallpapers

kde4.kdewebdev

#kde4.oxygen_icons

kde4.kdebase_workspace

kde4.kdelibs

kde4.kdevelop

kde4.kdevplatform

];

4. Finally do:

nixos-rebuild switch

GRUB

1. Similar to the kde example search the all-packages.nix for available grub versions

2. To use a different version of grub add this line to /etc/nixos/configuration.nix

nixpkgs.config.packageOverrides = pkgs : rec { grub2 = pkgs.grub198; };

Nix Installing Packages

How to install a software package using Nix?

The easiest way to get Nix expressions is to use the community's NixPkgs repository. After setting it

up, use the nix-env command to install the packages defined there.

$ nix-channel --add http://nixos.org/channels/nixpkgs-unstable

$ nix-channel --update

$ nix-env --install hello

The nix-channel command registers URL which has a Nix expression. Then, we use nix-channel -

-update to download this Nix expression. Finally, we use the nix-env --install command to install

the "hello" package. The nix-env command installs or removes software in our environment.

How to query available software packages?

Besides the "hello" package, what else can we install? We can use the nix-env --query --

available command on the command line, or its aliases.

$ nix-env --query --available firefox

$ nix-env --query --available

$ nix-env --query --available | grep firefox

$ nix-env -q -a | grep firefox

$ nix-env -qa | grep firefox

We can also see which packages we currently have installed by using the nix-env --query --

installed command.

$ nix-env --query --installed

$ nix-env -q

The all-packages.nix file is the source of these commands, which contains the declarations and

definitions of Nix packages. The attributes in this file which are defined by the callPackage or

mkDerivation functions define a Nix package, which means we can use these attribute names to install

them on the command line. Note that the implementation of these Nix packages are stored elsewhere in

the pkgs directory, which keeps the package list easy to read.

Let's install some other packages we found in the all-packages.nix file, such as the dropbox and

bitcoin packages.

$ nix-env --install firefox

$ nix-env --install dropbox bitcoin

$ nix-env -i dropbox bitcoin

How to uninstall software packages?

And of course, we can uninstall packages by using the nix-env --uninstall command.

$ nix-env --uninstall firefox

$ nix-env -e firefox

Howto find a package in NixOS

Using the websearch

You will find many packages with options here:

http://nixos.org/nixos/options.html http://nixos.org/nixos/packages.html

Simple package query

The most straight-forward way to see a list of all available packages is to use the nix-env command.

This method is a bit slow, as every package must be evaluated when generating the list. (Note: In the

results, the first column is the package's attribute path.)

nix-env -qa [-P] [--out-path] [ -f $NIXPKGS_ALL ]

Aliases

The command to query available packages is relatively long, but we can define shortcuts or aliases. To

define a shell function as an alias, Bash-shell users can add this to their ~/.bashrc file.

queryNixPkgs(){ nix-env -qa \* -P -f $NIXPKGS_ALL | grep -i "$1"; }

Alternative:

nix?(){ nix-env -qa \* -P | fgrep -i "$1"; }

Used like:

nix? sublime

Finding a package that provides a given command/executable

On NixOS, command-not-found can be used:

[tmtynkky@nixvm:~]$ command-not-found ar

The program ‘ar’ is currently not installed. It is provided by

several packages. You can install it by typing one of the following:

nix-env -i binutils

nix-env -i elfutils

Unfortunately, there currently isn't an easy way to do this on standalone Nix.

Use nox

The program nox, installable by doing nix-env -iA nixos.pkgs.nox, is designed to let you search

for packages and choose which ones to install.

For instance, if you wanted to install htop, you would send the command nox htop and it would show

the following output (with colors if your terminal supports it):

$ nox htop

nox htop

Refreshing cache

1 htop-1.0.3 (nixos.pkgs.htop)

An interactive process viewer for Linux

2 htop-1.0.3 (nixpkgs.htop)

An interactive process viewer for Linux

Packages to install: _

You then choose which one you want, e.g. the first one, and type 1<enter>, and it'll be installed.

Install by attribute

A package can be defined in a few different ways. Sometimes, a package is implemented in a

complicated way, likely to share part of its definition with another package. In a case like this, a

package may be defined in an attribute set one level deeper than the usual package set defined in the

top-level/all-packages.nix file.

For example, the following Nix expression contains the myPackage package, defined in a deep attribute

set.

{

attr = { subattr = { subattr = { myPackage = mkDerivation ...; } } }

# Or, an alternative notation:

attr.subattr.subattr.package = mkDerivation ...;

}

Packages which are defined in a set deeper than normal can be added to a higher-level set by using the

recurseIntoAttrs function. If they are included in a higher-level set, their installation should be

simple. If not, the package can be referenced by using its full attribute path in an expression.

For example, to install the package defined in the above Nix expression, pass its full attribute path to

the nix-env program and use the -A flag.

nix-env -i -A attr.subattr.subattr.package

Indexing and searching Nix files

One method of quickly finding the attribute names of packages is to use the Ctags program, which is a

tool used for code navigation. To use this method, install the ctagsWrapped package, then use the

ctags command line program to index Nix files or directories of Nix files, such as a directory which

contains the NixPkgs repository. This package customizes a ctags installation by adding a definition for

the Nix syntax. To learn more about the Ctags program,

Howto keep multiple packages up to date at once

he standard way

to keep a set of packages up-to-date in Nix is to install them into a profile -- typically the default

profile -- and to run

nix-env -u \*

or possibly even

nix-env -u \* --always

However there are some pitfalls:

1) lowPrio packages will be used last. Thus if lowPrio is added to nixpkgs for any reason it may happen

that -u which should update packages even downgrades a package. Even experienced users do run into

this problem at least once in their life :)

2) You don't know about packages which either got renamed or removed. Then month later you depend

on something and its gone wondering why - cause you've always had it in your env.. (You can always

install old versions using hydra, still you want to know about those changes). This is one way to detect

missing or renamed packages

nix-env -i $(nix-env -q \*) --dry-run

3) nix-env -u is slow. Because it does not use attr paths all of nixpkgs has to be evaluated always.

4) It may happen that you uninstall gimp keeping gimp plugins in your env. Then you install a newer

gimp and wonder why the older plugin does no longer match the newer gimp, why it does no longer

work. You'll spend time on debugging it. Don't take me verbatim. This is an example about which kind

of issues may happen if you don't use collections for some purposes.

The collection way

The alternative is using package collections referring to packages by name. Nix offers a mechanism for

that purpose, too, namely the buildEnv function, which can be used as follows:

# ~/.nixpkgs/config.nix

{

packageOverrides = pkgs_: with pkgs_; { # pkgs_ is the original set of packages

all = with pkgs; buildEnv { # pkgs is your overriden set of packages itself

name = "all";

paths = [

gitAndTools.hub

mercurial

ncdu

haskellPackages.pandoc

wine

# …

];

};

};

}

That code snippet creates a "collection package", which consists of the union of several others, and it

can be installed by running either of the following commands:

nix-env -iA nixpkgs.all # accessed by attribute thus faster

nix-env -i all

The easiest way to update a collection is to reinstall it because nix-env -i usually replaces packages

having the same name. Thus nix-env -iA all will tell you that everything still evaluates and

everything is fine. One way to be done.

The collection name attribute usually does not include a version number, thus "nix-env -u \*" is

typically not going to update that package even if its components have changed. In that case, it is

necessary to pass the --always flag to the update operation, to evaluate everything from the ground up.

Downside: nix-env -q \* will not show the contents of a collection. You have to fall back to nix-

store -q operations or look up the contents in your ~/.nixpkgs/config.nix file

Its hard to say which way is better. Try both and use what fits your needs.

How to update when Nix is too old to evaluate Nixpkgs

If you're here because of an error message, run:

Linux:

curl -L https://hydra.nixos.org/job/nixos/trunk-combined/nixpkgs.nix.x86_64-

linux/latest-finished/nix/pkg/nix-1.10-x86_64-linux.nixpkg \

| nix-install-package --non-interactive -

Darwin / Mac:

curl -L https://hydra.nixos.org/job/nixpkgs/trunk/nix.x86_64-darwin/latest-

finished/nix/pkg/nix-1.10-x86_64-darwin.nixpkg \

| nix-install-package --non-interactive -

Note: If you are on an arm platform there is no hydra build. In that case contact develpers on irc

#nixos or ask on the mailing list.

Note: If you are using a non-standard nix install location and cannot use cached binaries, this won't

work.

To find out why read below:

The latest version of Nixpkgs may use features which are not available in our version of Nix. The result

of this is being unable to install or reference packages from Nixpkgs. For example, the current Nixpkgs

uses features of Nix 1.10, but we may only have Nix 1.8. To resolve this situation, we must acquire a

newer version of Nix.

Contents

1 Upgrading NixOS 2 Upgrading Nix

o 2.1 Installing via Browser o 2.2 Installing via Command Line

2.2.1 Trusted Binary Caches 3 Developers tips

Upgrading NixOS

nixos-rebuild automatically fetches and uses the latest version of Nix (as long as you don't use the -

-fast option), so no special action is required.

Upgrading Nix

To upgrade Nix, we must obtain the newer version's binaries. There are two easy ways to do this, both

of which fetch the binaries directly from the Nix project's build server. This method doesn't require

evaluating Nixpkgs, so it works great for upgrading the Nix program, itself.

Installing via Browser

If we have a browser installed on the target platform, we can open the page for the latest nix available

for our platform x86_64, i686 hosted by the Nix project's build server, and click the "One-click Install"

link. This links to a file having a .nixpkg file extension, which should be set up to be handled by the

nix-install-package program.

Installing via Command Line

If the platform doesn't have a browser installed, which is a common case for servers, we can directly

use the nix-install-package program. See the commands at the top of the page to accomplish this.

If you are running a 32bit system you have to replace x86_64 with i686.

Trusted Binary Caches

The recommended method for upgrading Nix is by using the nix-install-package program. This

program uses the "nix.conf" file to verify that the URL is included in the "trusted_binary_caches".

Running nix-install-package as root is not constrained in this manner, but it will only install the

specified package for the root user, rather than for our normal user account.

Therefore, if our installation is rejected due to being hosted by an untrusted host, we must add the

hostname to the "nix.conf" file. For NixOS users, add the hostname to the nix.trustedBinaryCaches

configuration option and rebuild the machine. For users of other OSs, manually edit the "nix.conf" file,

usually found in the /etc/nix/ directory.

Developers tips

Sometimes developers use their own nixpkgs trees.

nixos-rebuild reads _NIXOS_REBUILD_REEXEC variable. Setting it to non-zero instructs system-wide nixos-rebuild to re-exec it's version from the developer's tree.

OpenSSH

Installation nix-env -i openssh

Tips and Tricks

Key based authentication ssh-keygen -t rsa

ssh-copy-id -i id_rsa.pub login@target.com

Samba

this guide will help you on how to use samba on nixos.

excerpt of /etc/nixos/configuration.nix services.samba = {

enable = true;

shares = {

data =

{ path = "/srv/data";

"read only" = "yes";

browseable = "yes";

"guest ok" = "no";

"valid users" = "myuser";

};

};

extraConfig = ''

guest account = nobody

map to guest = bad user

'';

};

To setup a public share, try this magic:

services.samba = {

enable = true;

shares = {

Videos =

{ path = "/home/me/Videos";

"read only" = "yes";

browseable = "yes";

"guest ok" = "yes";

};

};

extraConfig = ''

guest account = smbguest

map to guest = bad user

'';

};

If your firewall is enabled, or if you want to consider enabling it:

networking.firewall.enable = true;

networking.firewall.allowPing = true;

networking.firewall.allowedTCPPorts = [ 445 139 ];

networking.firewall.allowedUDPPorts = [ 137 138 ];

Note: In order to affect your system by your nix-language-specific changes you have to evaluate it,

run (as root):

$ nixos-rebuild switch

samba should startup afterwards

stopping/restarting the services stop samba

start samba

restart samba

Wordpress

this guide shows how to manage a single wordpress instance. if you need more than one instance, it

needs to be extended using a unique id system like in mediawiki.nix.

httpd extraSubservices example

add this to your configuration.nix file:

let

wordpress-generate = type: namee: version: sha256s:

pkgs.stdenv.mkDerivation rec {

name = "${namee}-wordpress-${type}";

src = pkgs.fetchsvn rec {

url = if (type == "plugin") then

"http://plugins.svn.wordpress.org/${namee}/tags/${version}"

else if (type == "theme") then

"http://themes.svn.wordpress.org/${namee}/${version}"

else

"";

sha256 = sha256s;

};

installPhase = "mkdir -p $out; cp -R * $out/";

};

addFromServerPlugin = wordpress-generate "plugin" "add-from-server" "3.2.0.3"

"0d05c78sakj0b2mf0k0cq5r3qbg0xbw6i67mc8za4y9c5lp7am19";

wordpressImporterPlugin = wordpress-generate "plugin" "wordpress-importer"

"0.6.1" "0shf5i9x8hr7mnxhrlmd5vb4v891p36cfnqrl7pyppv9dibdxjaf";

tinyMCEAdvancedPlugin = wordpress-generate "plugin" "tinymce-advanced" "4.1.9"

"03xlyf184i037ka5rymgnj2blza5k2kl9fykd05rh4z18q1x4cih";

polylangPlugin = wordpress-generate "plugin" "polylang" "1.7.5"

"1fy47jyyj5mlpgq9340zdrn0s0gpbkfg2hvjz9l3y26h5skkvgmh";

postgresqlForWordpressPlugin = wordpress-generate "plugin" "postgresql-for-

wordpress" "1.3.1"

"f11a5d76af884c7bec2bc653ed5bd29d3ede9a8657bd67ab7824e329e5d809e8";

responsiveTheme = wordpress-generate "theme" "responsive" "1.9.7.6"

"07g19jzjdshhnsaigl5wapnnnnsmxjwz6x7rqf310fdz28wcz14w";

responsiveMobileTheme = wordpress-generate "theme" "responsive-mobile" "0.0.6"

"0li307p3n483lxy0dw92gkxiqsv0gsgnsldpqxnlc9j21czrj401";

in

...

######### <wordpress using httpd> #########################################

# nix-env -qaP mysql

services.mysql = {

enable = true;

package = pkgs.mysql;

};

services.httpd = {

enable = true;

logPerVirtualHost = true;

adminAddr="js@lastlog.de";

extraModules = [

{ name = "php5"; path = "${pkgs.php}/modules/libphp5.so"; }

];

virtualHosts = [

# webservice5 (http)

{

hostName = "webservice5";

serverAliases = [ "webservice5" "www.webservice5" ];

extraSubservices =

[

{

serviceType = "wordpress";

dbPassword = "wordpress";

wordpressUploads = "/data/uploads";

themes = [ responsiveTheme responsiveMobileTheme ];

plugins = [ polylangPlugin wordpressImporterPlugin

tinyMCEAdvancedPlugin addFromServerPlugin ];

languages = [ "de_DE" "en_GB" ];

}

];

}

];

};

######### </wordpress using httpd> ###########################

Note: In order to affect your system by your nix-language-specific changes you have to evaluate it,

run (as root):

$ nixos-rebuild switch

zabbix

Zabbix is an enterprise open source monitoring solution for networks and applications. It is designed to

monitor and track the status of various network services, servers, and other network hardware.

the setup

networking = {

firewall = {

enable = true;

allowedTCPPorts = [ 80 443 ];

};

};

services.httpd = {

enable = true;

hostName = "localhost";

adminAddr = "example@example.org";

virtualHosts = [

{ hostName = "zabbix";

extraSubservices = pkgs.lib.singleton {

serviceType = "zabbix";

hostName = "webhost1";

urlPrefix = "";

configFile = pkgs.writeText "zabbix.conf.php" ''

<?php

global $DB;

$DB['TYPE'] = 'POSTGRESQL';

$DB['SERVER'] = ''';

$DB['PORT'] = '0';

$DB['DATABASE'] = 'zabbix';

$DB['USER'] = 'zabbix';

$DB['PASSWORD'] = ''';

$DB['SCHEMA'] = ''';

$ZBX_SERVER = 'localhost';

$ZBX_SERVER_PORT = '10051';

$ZBX_SERVER_NAME = ''';

$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;

?>

'';

};

}

];

};

services.zabbixServer.enable = true;

services.zabbixServer.dbServer = "";

services.zabbixAgent.enable = true;

services.postgresql = {

enable = true;

package = pkgs.postgresql92;

authentication = pkgs.lib.mkOverride 10 ''

local zabbix all ident map=zabbix

local all all ident

'';

identMap = ''

zabbix zabbix zabbix

zabbix ${config.services.httpd.user} zabbix

'';

extraConfig = ''

listen_addresses = '''

'';

};

Note: In order to affect your system by your nix-language-specific changes you have to evaluate it,

run (as root):

$ nixos-rebuild switch

default user

your first login on http://localhost/zabbix

user: Admin

pass: zabbix