Running NixOS in a Proxmox LXC Container
#NixOS, #Proxmox
1. Download NixOS Image
There is a difference between LXC container image and VM images. Copy the link for container image that can be found here: Hydra - nixos:release-24.05:nixos.lxdContainerImage.x86_64-linux
In Proxmox navigate to Datacenter -> Your Host -> Local storage -> ISO Images -> Download from URL
2. Create Container
Create container with the following config using the image downloaded on the previous step.
# Where the template file is located
TEMPLATE_STORAGE='local'
# Name of the template file downloaded from Hydra.
TEMPLATE_FILE='nixos-2024-10-31-release-24.05-lxdContainerImage.x86_64-linux.tar.xz'
# Name to assign to new NixOS container.
CONTAINER_HOSTNAME='homie'
# Which storage location to place the new NixOS container.
CONTAINER_STORAGE='local-zfs'
# How much RAM to assign the new container.
CONTAINER_RAM_IN_MB='1024'
# How much disk space to assign the new container.
CONTAINER_DISK_SIZE_IN_GB='20'
pct create "$(pvesh get /cluster/nextid)" \
--arch amd64 \
"${TEMPLATE_STORAGE}:vztmpl/${TEMPLATE_FILE}" \
--ostype unmanaged \
--description nixos \
--hostname "${CONTAINER_HOSTNAME}" \
--net0 name=eth0,bridge=vmbr0,ip=dhcp,firewall=1 \
--storage "${CONTAINER_STORAGE}" \
--memory "${CONTAINER_RAM_IN_MB}" \
--rootfs ${CONTAINER_STORAGE}:${CONTAINER_DISK_SIZE_IN_GB} \
--unprivileged 1 \
--features nesting=1 \
--cmode console \
--onboot 1 \
--start 1
3. Set SSH Auth Keys For Your Github User
Set SSH auth keys for your Github user to be able to ssh from your machine.
GITHUB_USERNAME="YOUR_GITHUB_USERNAME"
mkdir -p ~/.ssh && \
curl "https://github.com/${GITHUB_USERNAME}.keys" > ~/.ssh/authorized_keys
4. Create Initial NixOS Config
Create config file:
nano /etc/nixos/configuration.nix
Paste basic configuration:
{
modulesPath,
config,
pkgs,
...
}: let
hostname = "nixos";
user = "tempuser";
password = "somepass";
timeZone = "America/New_York";
defaultLocale = "en_US.UTF-8";
in {
imports = [
# Include the default lxc/lxd configuration.
"${modulesPath}/virtualisation/lxc-container.nix"
];
boot.isContainer = true;
networking.hostName = hostname;
environment.systemPackages = with pkgs; [
vim
];
services.openssh.enable = true;
time.timeZone = timeZone;
i18n = {
defaultLocale = defaultLocale;
extraLocaleSettings = {
LC_ADDRESS = defaultLocale;
LC_IDENTIFICATION = defaultLocale;
LC_MEASUREMENT = defaultLocale;
LC_MONETARY = defaultLocale;
LC_NAME = defaultLocale;
LC_NUMERIC = defaultLocale;
LC_PAPER = defaultLocale;
LC_TELEPHONE = defaultLocale;
LC_TIME = defaultLocale;
};
};
users = {
mutableUsers = false;
users."${user}" = {
isNormalUser = true;
password = password;
extraGroups = ["wheel"];
};
};
# Enable passwordless sudo.
security.sudo.extraRules = [
{
users = [user];
commands = [
{
command = "ALL";
options = ["NOPASSWD"];
}
];
}
];
# Supress systemd units that don't work because of LXC.
systemd.suppressedSystemUnits = [
"dev-mqueue.mount"
"sys-kernel-debug.mount"
"sys-fs-fuse-connections.mount"
];
nix.settings.experimental-features = ["nix-command" "flakes"];
system.stateVersion = "24.05";
}
5. Rebuld the System
Rebuild the system with initial config and reboot.
nix-channel --update && \
nixos-rebuild switch --upgrade && \
echo "install complete, rebooting..." && \
poweroff --reboot
Comments