Installing NixOS remotely on a bare-metal machine or a cloud server often means juggling boot media, manual disk partitioning, and network configuration — all of which are tedious to do without physical access. nixos-anywhere attacks this problem by automating the entire provisioning process over SSH, even when the target machine starts without any operating system installed.
what nixos-anywhere does and its architecture
nixos-anywhere is a shell-based command-line tool designed for unattended remote installation of NixOS. It works by connecting to a target machine via SSH and automating steps like disk partitioning, formatting, and applying a declarative NixOS configuration to complete the install.
A distinctive feature is its use of kexec, a Linux kernel feature that loads and boots a new kernel without a full hardware reboot. If the target machine is running a Linux kernel with kexec support, nixos-anywhere can remotely boot into a NixOS installer environment by loading a kernel/initrd image directly. This bypasses the need for physical boot media or BIOS/UEFI interaction.
The tool supports a variety of environments, from cloud servers and local network machines to bare-metal hardware with no OS at all. When no OS is present, users can provide a custom installer image to kexec, enabling provisioning from scratch.
Under the hood, nixos-anywhere relies on the external disko utility to handle disk partitioning and formatting in a reproducible manner. It expects the target machine to be reachable over SSH, with a compatible Linux kernel (x86-64 architecture) that supports kexec.
The codebase is implemented in shell scripts, emphasizing minimal dependencies beyond standard Unix tools and the Nix ecosystem.
why nixos-anywhere’s approach matters and its technical tradeoffs
The standout aspect is nixos-anywhere’s use of kexec to sidestep traditional boot media workflows. This is a clever pattern for remote bare-metal provisioning or recovery, as it eliminates the need to physically insert a USB or CD to start an installer.
This method reduces the friction of managing multiple machines remotely, enabling consistent, repeatable server deployments driven entirely by code.
However, the approach has some tradeoffs and limitations:
Kernel and architecture support: The target must run x86-64 Linux with kexec enabled. While most modern kernels do, this excludes machines without Linux or with unsupported architectures unless the user provides their own compatible kexec image.
Network requirements: The target must be reachable via SSH over a public network or local network. nixos-anywhere does not support Wi-Fi setups directly, which may limit use in some environments.
Memory constraints: When using kexec boot into the installer, the machine must have at least 1GB of RAM excluding swap, which might be excessive for very low-end hardware.
Dependency on disko: Disk management is delegated to the disko tool, which means users must understand or trust that external utility for partitioning and formatting.
The shell-script implementation means the tool stays lightweight and easy to inspect or modify, but it also means it might be less performant or less feature-rich compared to more complex provisioning systems written in compiled languages.
how to get started with nixos-anywhere
The README provides clear prerequisites and usage guidance:
prerequisites
Source machine: Any machine with Nix installed can be used to run nixos-anywhere, such as a NixOS machine.
Target machine: Must be running x86-64 Linux with kexec support unless you provide a custom kexec image or boot from a NixOS installer image.
The machine must be accessible through SSH over a public or local network.
Wi-Fi networks are not supported directly. VPN setups require custom installer images configured via the
--kexecflag.When using kexec, the target requires at least 1GB of RAM (excluding swap).
usage summary
The tool connects to the target over SSH, optionally boots the installer via kexec, partitions and formats disks using disko, and applies your declarative NixOS configuration for a fully unattended installation.
For detailed instructions and options, the README points users to a Quickstart Guide and a How To Guide to tailor the process for specific environments or needs.
verdict: who should consider nixos-anywhere
nixos-anywhere is a practical tool for anyone frequently provisioning NixOS machines remotely—especially in scenarios where physical access is limited or impossible.
Its use of kexec for remote booting into the installer is a neat technique that streamlines bare-metal installs without boot media. This is valuable for infrastructure automation and disaster recovery workflows.
That said, it’s not a universal solution: it requires compatible Linux kernels with kexec support, network accessibility, and a minimum memory footprint. The dependency on the disko tool means you should be comfortable with its configuration and behavior.
If you manage fleets of NixOS servers, want reproducible and consistent installs, and don’t mind the constraints around kexec and SSH, nixos-anywhere is worth exploring. It’s lightweight, transparent, and built to integrate with the Nix ecosystem, making it a solid choice for Nix-centric infrastructure automation.
→ GitHub Repo: nix-community/nixos-anywhere ⭐ 3,065 · Shell