Merge pull request #63773 from flokli/installation-device-fixes

installation-device.nix: explain sshd usage, don't include clone-config
This commit is contained in:
Florian Klink 2019-08-31 02:59:23 +02:00 committed by GitHub
commit 4e586dea50
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 40 additions and 28 deletions

View File

@ -11,4 +11,11 @@
creating the image in the first place. As a result it allows users to edit
and rebuild the live-system.
</para>
<para>
On images where the installation media also becomes an installation target,
copying over <literal>configuration.nix</literal> should be disabled by
setting <literal>installer.cloneConfig</literal> to <literal>false</literal>.
This is already done in <literal>sd-image.nix</literal>.
</para>
</section>

View File

@ -6,33 +6,31 @@
<title>Installation Device</title>
<para>
Provides a basic configuration for installation devices like CDs. This means
enabling hardware scans, using the <link linkend="sec-profile-clone-config">
Clone Config profile</link> to guarantee
<filename>/etc/nixos/configuration.nix</filename> exists (for
<command>nixos-rebuild</command> to work), a copy of the Nixpkgs channel
snapshot used to create the install media.
Provides a basic configuration for installation devices like CDs.
This enables redistributable firmware, includes the
<link linkend="sec-profile-clone-config">Clone Config profile</link>
and a copy of the Nixpkgs channel, so <command>nixos-install</command>
works out of the box.
</para>
<para>
Additionally, documentation for <link linkend="opt-documentation.enable">
Nixpkgs</link> and <link linkend="opt-documentation.nixos.enable">NixOS
</link> are forcefully enabled (to override the
Documentation for <link linkend="opt-documentation.enable">Nixpkgs</link>
and <link linkend="opt-documentation.nixos.enable">NixOS</link> are
forcefully enabled (to override the
<link linkend="sec-profile-minimal">Minimal profile</link> preference); the
NixOS manual is shown automatically on TTY 8, sudo and udisks are disabled.
Autologin is enabled as root.
NixOS manual is shown automatically on TTY 8, udisks is disabled.
Autologin is enabled as <literal>nixos</literal> user, while passwordless
login as both <literal>root</literal> and <literal>nixos</literal> is possible.
Passwordless <command>sudo</command> is enabled too.
<link linkend="opt-networking.wireless.enable">wpa_supplicant</link> is
enabled, but configured to not autostart.
</para>
<para>
It is explained how to login, start the ssh server, and if available,
how to start the display manager.
</para>
<para>
A message is shown to the user to start a display manager if needed, ssh with
<xref linkend="opt-services.openssh.permitRootLogin"/> are enabled (but
doesn't autostart). WPA Supplicant is also enabled without autostart.
</para>
<para>
Finally, vim is installed, root is set to not have a password, the kernel is
made more silent for remote public IP installs, and several settings are
tweaked so that the installer has a better chance of succeeding under
low-memory environments.
Several settings are tweaked so that the installer has a better chance of
succeeding under low-memory environments.
</para>
</section>

View File

@ -194,5 +194,9 @@ in
rm -f /nix-path-registration
fi
'';
# the installation media is also the installation target,
# so we don't want to provide the installation configuration.nix.
installer.cloneConfig = false;
};
}

View File

@ -55,13 +55,16 @@ with lib;
services.mingetty.autologinUser = "nixos";
# Some more help text.
services.mingetty.helpLine =
''
services.mingetty.helpLine = ''
The "nixos" and "root" accounts have empty passwords.
The "nixos" and "root" account have empty passwords. ${
optionalString config.services.xserver.enable
"Type `sudo systemctl start display-manager' to\nstart the graphical user interface."}
'';
Type `sudo systemctl start sshd` to start the SSH daemon.
You then must set a password for either "root" or "nixos"
with `passwd` to be able to login.
'' + optionalString config.services.xserver.enable ''
Type `sudo systemctl start display-manager' to
start the graphical user interface.
'';
# Allow sshd to be started manually through "systemctl start sshd".
services.openssh = {