Due to the recent xz backdoor incident, all releases containing this commit have been taken down. It is currently thought that NixOS does not cause the backdoor to actually trigger, but out of an abundance of caution any release containing the malicious code has been removed , and new releases will not be produced until the PR reverting the relevant commit makes its way into PR has been merged, releases are resuming.nixos-unstable. Its progress can be tracked here.
This repo builds NixOS disk images of various formats using Github Actions. They can be downloaded here. The configuration built contains the respective guest agent of the cloud provider/virtual machine manager (where relevant) and cloud-init (for archives without -nocloud). If a different default configuration is desired: fork this repository, make edits to one of the flakes and wait for the workflow job to complete. Enable read and write permissions for all scopes for automated undrafting and setting releases to latest. Without it the builds still work, the associated releases will just be marked as a draft if they ever have to be rerun.
In order to provide a stable download URL for scripts trying to fetch the latest release, the archive containing the image file will be consistently named nixos-<format>-<configuration>.7z, where is a subset of the strings specified by nixos-generators here, or one of the following:
| format | description |
|---|---|
| oracle | Oracle Cloud Infrastructure image |
Currently available configurations are:
| configuration | description |
|---|---|
| nocloud | Base configuration with openssh and systemd-networkd |
| default | cloud-init enabled |
| graphical | LXDE enabled and root password set to "nixos" to allow for interactive login |
Configuration files can be found in the configurations folder. -<configuration> in the archive name is ommited for the default configuration for download link consistency reasons (it was the first and formerly the only configuration).
The name of the image itself is variable (partly in order to supoort VMMs that require their images to be named a certain way), but it is guaranteed to be the only file in the archive. If the image must also be of known name, the archive can be extracted to an empty directory and renamed like so.
- Currently, cloud-init runs, but its capabilities are limited by its conflicts with the declarative nature of NixOS. This means that some modules may behave differently compared to the imperative distros. In particular, it seems that setting authorized_keys for non-root users doesn't work.
- All configs are built with the
nixos-unstablebranch of nixpkgs.nixos-rebuildcannot downgrade the system back tonixos-23.11and before due to this change. Images built from the stable branch are coming soon.
The configuration built is based on a modified version of voidus' nixos cloud-init base image.