Nixos useful stuff
Managing system configurations
- List system configurations:
nix-env --list-generations --profile /nix/var/nix/profiles/system - Creating a new configuration:
- Simulate building the configuration (as well as syntax checking):
nixos-rebuild dry-build - Build and apply new configuration:
nixos-rebuild switch - Update packages and build new configuration:
nixos-rebuild switch --upgrade
- Simulate building the configuration (as well as syntax checking):
- Rollback to previous configuration:
nixos-rebuild switch --rollback- Currently rolling back to another configuration than the previous one is not supported, but multiple rollback commands can be executed one after the other.
Managing nix channels
Nix channels are where packages are published, they are equivalent of the "releases" in other distributions.
The current stable channel can generally be found by going on nixos.org and looking for the "announcements" page, or by going on the channels directory and looking for the highest version number.
It is generally safe to switch between channels, with the exception that after switching to a newer channel which changes the database schema, it might then be impossible to roll back to a previous channel (which should not be needed anyway).
- Show the current channel:
nix-channel --list | grep nixos - Switch to a different channel:
nix-channel --add {channel url, e.g. https://channels.nixos.org/nixos-1.2} nixos - Update packages from the current channel:
nix-channel --update, note that the new packages will not be used until the nextnixos-rebuild. As such,nixos-rebuild switch --upgrademight be more useful.
Freeing up disk space
Nixos does not delete old versions of packages that are used by previous system configurations: they are kept so that a rollback is always possible. This can make the disk usage go up quickly, so commands exist to delete old configurations and optimise disk usage if needed.
- Delete all system configurations except the currently in use:
nix-collect-garbage -d- Only delete all system configuration older than a certain age:
nix-collect-garbage --delete-older-than {time ago (e.g. 2d)} - Accepts a
--dry-runflag that simulates the deletions but without actually deleting anything
- Only delete all system configuration older than a certain age:
- Delete packages not used by any system configuration, without deleting system configurations themselves:
nix-collect-garbage - Optimise disk usage by hard-linking together files that appear in different packages/version with exactly the same content:
nix-store --optimise
Update packages without using too much disk space
Putting all the above together, updating packages keeping only the current configuration as backup:
nix-collect-garbage -dto remove all system configurations except the one currently in usenixos-rebuild switch --upgradeto upgrade all packages into a new system configurationnix-store --optimiseto reduce disk usage of new configuration
Testing packages
Any user can create a temporary shell with some additional packages installed by running nix-shell -p {packages}. The packages do not persist after the shell has been closed.
User management
See the Nixos manual.
In order to manage users in a declarative-only way:
- Set
users.mutableUsers = false;: users will now only exist if declared in the configuration. Imperative commands for managing users and groups, such as useradd, are no longer available. - Configuration example for adding a user name alice:
users.users.alice = {
isNormalUser = true;
description = "Alice Foobar";
extraGroups = [
"wheel"
"networkmanager"
];
openssh.authorizedKeys.keys = [
"ssh-dss AAAAB3Nza... alice@foobar"
];
hashedPassword = "$6$DICyZPtOZcWUIULB$hOaPtCKeTJUxHeFDyBUI9nGeX5LCLAqvZOEtAZQTFbLuum5upMt10.9LtGmY01Fc7w.Wi2OFwA5YHyJJC18MM/";
};
- The hashed password can be obtained by running
mkpasswd -m sha-512(included in themkpasswdpackage)