Installing a Physical Machine

Now that you have created a machine, added some services, and set up secrets, this guide will walk you through how to deploy it.

Step 0. Prerequisites

RAM > 2GB
Two Computers: You need one computer that you're getting ready (we'll call this the Target Computer) and another one to set it up from (we'll call this the Setup Computer). Make sure both can talk to each other over the network using SSH.
Machine configuration: See our basic adding and configuring machine guide
Initialized secrets: See secrets for how to initialize your secrets.
USB Flash Drive: See Clan Installer

Image Installer

This method makes use of the image installers.

The installer will randomly generate a password and local addresses on boot, then run a SSH server with these preconfigured. The installer shows its deployment relevant information in two formats, a text form, as well as a QR code.

This is an example of the booted installer.

┌─────────────────────────────────────────────────────────────────────────────────────┐
│ ┌───────────────────────────┐                                                       │
│ │███████████████████████████│ # This is the QR Code (1)                             │
│ │██ ▄▄▄▄▄ █▀▄█▀█▀▄█ ▄▄▄▄▄ ██│                                                       │
│ │██ █   █ █▀▄▄▄█ ▀█ █   █ ██│                                                       │
│ │██ █▄▄▄█ █▀▄ ▀▄▄▄█ █▄▄▄█ ██│                                                       │
│ │██▄▄▄▄▄▄▄█▄▀ ▀▄▀▄█▄▄▄▄▄▄▄██│                                                       │
│ │███▀▀▀ █▄▄█ ▀▄   ▄▀▄█   ███│                                                       │
│ │██▄██▄▄█▄▄▀▀██▄▀ ▄▄▄ ▄▀█▀██│                                                       │
│ │██ ▄▄▄▄▄ █▄▄▄▄ █ █▄█ █▀ ███│                                                       │
│ │██ █   █ █ █  █ ▄▄▄  ▄▀▀ ██│                                                       │
│ │██ █▄▄▄█ █ ▄ ▄    ▄ ▀█ ▄███│                                                       │
│ │██▄▄▄▄▄▄▄█▄▄▄▄▄▄█▄▄▄▄▄█▄███│                                                       │
│ │███████████████████████████│                                                       │
│ └───────────────────────────┘                                                       │
│ ┌─────────────────────────────────────────────────────────────────────────────────┐ │
│ │Root password: cheesy-capital-unwell  # password (2)                             │ │
│ │Local network addresses:                                                         │ │
│ │enp1s0           UP    192.168.178.169/24 metric 1024 fe80::21e:6ff:fe45:3c92/64 │ │
│ │enp2s0           DOWN                                                            │ │
│ │wlan0            DOWN # connect to wlan (3)                                      │ │
│ │Onion address: 6evxy5yhzytwpnhc2vpscrbti3iktxdhpnf6yim6bbs25p4v6beemzyd.onion    │ │
│ │Multicast DNS: nixos-installer.local                                             │ │
│ └─────────────────────────────────────────────────────────────────────────────────┘ │
│ Press 'Ctrl-C' for console access                                                   │ 
│                                                                                     │
└─────────────────────────────────────────────────────────────────────────────────────┘

This is not an actual QR code, because it is displayed rather poorly on text sites. This would be the actual content of this specific QR code prettified:

{
    "pass": "cheesy-capital-unwell",
    "tor": "6evxy5yhzytwpnhc2vpscrbti3iktxdhpnf6yim6bbs25p4v6beemzyd.onion",
    "addrs": [
    "2001:9e8:347:ca00:21e:6ff:fe45:3c92"
    ]
}

To generate the actual QR code, that would be displayed use:

echo '{"pass":"cheesy-capital-unwell","tor":"6evxy5yhzytwpnhc2vpscrbti3iktxdhpnf6yim6bbs25p4v6beemzyd.onion","addrs":["2001:9e8:347:ca00:21e:6ff:fe45:3c92"]}' | nix run nixpkgs#qrencode -- -s 2 -m 2 -t utf8

2. The root password for the installer medium. This password is autogenerated and meant to be easily typeable. 3. See how to connect the installer medium to wlan here.

Tip

For easy sharing of deployment information via QR code, we highly recommend using KDE Connect.

There are two ways to deploy your machine:

PasswordQR Code

Generating a Hardware Report

The following command will generate a hardware report with nixos-facter and writes it back into your machine folder. The --phases kexec flag makes sure we are not yet formatting anything, instead if the target system is not a NixOS machine it will use kexec to switch to a NixOS kernel.

clan machines install [MACHINE] \
    --update-hardware-config nixos-facter \
    --phases kexec \
    --target-host root@192.168.178.169

Generating a Hardware Report

The following command will generate a hardware report with nixos-facter and writes it back into your machine folder. The --phases kexec flag makes sure we are not yet formatting anything, instead if the target system is not a NixOS machine it will use kexec to switch to a NixOS kernel.

Using a JSON String or File Path

Copy the JSON string contained in the QR Code and provide its path or paste it directly:

clan machines install [MACHINE] --json [JSON] \
    --update-hardware-config nixos-facter \
    --phases kexec

Using an Image Containing the QR Code

Provide the path to an image file containing the QR code displayed by the installer:

clan machines install [MACHINE] --png [PATH] \
    --update-hardware-config nixos-facter \
    --phases kexec

If you are using our template [MACHINE] would be jon