diff options
author | Florian Klink <flokli@flokli.de> | 2019-08-31 02:59:23 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-08-31 02:59:23 +0200 |
commit | 4e586dea50e6f39f40ab065ed382b431d5947233 (patch) | |
tree | 4ca3221b277922a93e6370511a92f5fe391b4e4a | |
parent | 27bd71c00838ac186cf8add66a1692ac5109f9c4 (diff) | |
parent | d6eb5b068fa893a5e5c571d8c94d15d12ebabf63 (diff) | |
download | nixlib-4e586dea50e6f39f40ab065ed382b431d5947233.tar nixlib-4e586dea50e6f39f40ab065ed382b431d5947233.tar.gz nixlib-4e586dea50e6f39f40ab065ed382b431d5947233.tar.bz2 nixlib-4e586dea50e6f39f40ab065ed382b431d5947233.tar.lz nixlib-4e586dea50e6f39f40ab065ed382b431d5947233.tar.xz nixlib-4e586dea50e6f39f40ab065ed382b431d5947233.tar.zst nixlib-4e586dea50e6f39f40ab065ed382b431d5947233.zip |
Merge pull request #63773 from flokli/installation-device-fixes
installation-device.nix: explain sshd usage, don't include clone-config
4 files changed, 39 insertions, 27 deletions
diff --git a/nixos/doc/manual/configuration/profiles/clone-config.xml b/nixos/doc/manual/configuration/profiles/clone-config.xml index 234835845e2d..21c4ea75d6dd 100644 --- a/nixos/doc/manual/configuration/profiles/clone-config.xml +++ b/nixos/doc/manual/configuration/profiles/clone-config.xml @@ -11,4 +11,11 @@ creating the image in the first place. As a result it allows users to edit and rebuild the live-system. </para> + + <para> + On images where the installation media also becomes an installation target, + copying over <literal>configuration.nix</literal> should be disabled by + setting <literal>installer.cloneConfig</literal> to <literal>false</literal>. + This is already done in <literal>sd-image.nix</literal>. + </para> </section> diff --git a/nixos/doc/manual/configuration/profiles/installation-device.xml b/nixos/doc/manual/configuration/profiles/installation-device.xml index 3dcdf403d89d..192ae955b689 100644 --- a/nixos/doc/manual/configuration/profiles/installation-device.xml +++ b/nixos/doc/manual/configuration/profiles/installation-device.xml @@ -6,33 +6,31 @@ <title>Installation Device</title> <para> - Provides a basic configuration for installation devices like CDs. This means - enabling hardware scans, using the <link linkend="sec-profile-clone-config"> - Clone Config profile</link> to guarantee - <filename>/etc/nixos/configuration.nix</filename> exists (for - <command>nixos-rebuild</command> to work), a copy of the Nixpkgs channel - snapshot used to create the install media. + Provides a basic configuration for installation devices like CDs. + This enables redistributable firmware, includes the + <link linkend="sec-profile-clone-config">Clone Config profile</link> + and a copy of the Nixpkgs channel, so <command>nixos-install</command> + works out of the box. </para> - <para> - Additionally, documentation for <link linkend="opt-documentation.enable"> - Nixpkgs</link> and <link linkend="opt-documentation.nixos.enable">NixOS - </link> are forcefully enabled (to override the + Documentation for <link linkend="opt-documentation.enable">Nixpkgs</link> + and <link linkend="opt-documentation.nixos.enable">NixOS</link> are + forcefully enabled (to override the <link linkend="sec-profile-minimal">Minimal profile</link> preference); the - NixOS manual is shown automatically on TTY 8, sudo and udisks are disabled. - Autologin is enabled as root. + NixOS manual is shown automatically on TTY 8, udisks is disabled. + Autologin is enabled as <literal>nixos</literal> user, while passwordless + login as both <literal>root</literal> and <literal>nixos</literal> is possible. + Passwordless <command>sudo</command> is enabled too. + <link linkend="opt-networking.wireless.enable">wpa_supplicant</link> is + enabled, but configured to not autostart. </para> - <para> - A message is shown to the user to start a display manager if needed, ssh with - <xref linkend="opt-services.openssh.permitRootLogin"/> are enabled (but - doesn't autostart). WPA Supplicant is also enabled without autostart. + It is explained how to login, start the ssh server, and if available, + how to start the display manager. </para> <para> - Finally, vim is installed, root is set to not have a password, the kernel is - made more silent for remote public IP installs, and several settings are - tweaked so that the installer has a better chance of succeeding under - low-memory environments. + Several settings are tweaked so that the installer has a better chance of + succeeding under low-memory environments. </para> </section> diff --git a/nixos/modules/installer/cd-dvd/sd-image.nix b/nixos/modules/installer/cd-dvd/sd-image.nix index 7f355a132496..07f6f627e6c0 100644 --- a/nixos/modules/installer/cd-dvd/sd-image.nix +++ b/nixos/modules/installer/cd-dvd/sd-image.nix @@ -194,5 +194,9 @@ in rm -f /nix-path-registration fi ''; + + # the installation media is also the installation target, + # so we don't want to provide the installation configuration.nix. + installer.cloneConfig = false; }; } diff --git a/nixos/modules/profiles/installation-device.nix b/nixos/modules/profiles/installation-device.nix index 1a6e06995603..fd30220ce1c9 100644 --- a/nixos/modules/profiles/installation-device.nix +++ b/nixos/modules/profiles/installation-device.nix @@ -55,13 +55,16 @@ with lib; services.mingetty.autologinUser = "nixos"; # Some more help text. - services.mingetty.helpLine = - '' - - The "nixos" and "root" account have empty passwords. ${ - optionalString config.services.xserver.enable - "Type `sudo systemctl start display-manager' to\nstart the graphical user interface."} - ''; + services.mingetty.helpLine = '' + The "nixos" and "root" accounts have empty passwords. + + Type `sudo systemctl start sshd` to start the SSH daemon. + You then must set a password for either "root" or "nixos" + with `passwd` to be able to login. + '' + optionalString config.services.xserver.enable '' + Type `sudo systemctl start display-manager' to + start the graphical user interface. + ''; # Allow sshd to be started manually through "systemctl start sshd". services.openssh = { |