{"id":19442980,"url":"https://github.com/syncom/custom_nixos_iso","last_synced_at":"2025-07-30T21:19:35.435Z","repository":{"id":43215977,"uuid":"356978143","full_name":"syncom/custom_nixos_iso","owner":"syncom","description":"Build custom nixOS ISO","archived":false,"fork":false,"pushed_at":"2024-03-07T07:20:44.000Z","size":29,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-30T16:11:44.795Z","etag":null,"topics":["deterministic-build","nix","nixos","nixpkgs","one-click-builder","reproducible-builds","reproducible-iso"],"latest_commit_sha":null,"homepage":"","language":"Nix","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/syncom.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-04-11T20:59:06.000Z","updated_at":"2024-11-15T04:01:38.000Z","dependencies_parsed_at":"2024-03-07T08:45:39.217Z","dependency_job_id":null,"html_url":"https://github.com/syncom/custom_nixos_iso","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syncom%2Fcustom_nixos_iso","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syncom%2Fcustom_nixos_iso/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syncom%2Fcustom_nixos_iso/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/syncom%2Fcustom_nixos_iso/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/syncom","download_url":"https://codeload.github.com/syncom/custom_nixos_iso/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251701963,"owners_count":21629925,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["deterministic-build","nix","nixos","nixpkgs","one-click-builder","reproducible-builds","reproducible-iso"],"created_at":"2024-11-10T15:41:37.061Z","updated_at":"2025-04-30T12:40:53.031Z","avatar_url":"https://github.com/syncom.png","language":"Nix","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Recipe for deterministic custom nixOS ISO builds\n\nBuild custom nixOS ISO (the ISO is \"custom\" in that it contains a custom package\nnamed \"hello_syncom\")\n\n```bash\ncurl -L https://nixos.org/nix/install | sh\ngit clone https://github.com/NixOS/nixpkgs.git\npushd nixpkgs\n# This commit is tagged as 21.11 in nixpkgs, which includes the determinism\n# improvement https://github.com/NixOS/nixpkgs/pull/119657\ngit checkout a7ecde854aee5c4c7cd6177f54a99d2c1ff28a31\npopd\nexport NIX_PATH=nixpkgs=$(pwd)/nixpkgs\ngit clone https://github.com/syncom/custom_nixos_iso.git\ncd custom_nixos_iso/\ngit checkout 817946610fd188a57c19e1983680cdaad3c35fa3\nnix-build iso.nix\n```\n\nOn three distinct Ubuntu (`x86_64-linux`) machines, and one NixOS VM\n(corresponding to [this SHA256\ndigest](https://releases.nixos.org/nixos/20.09/nixos-20.09.4154.33824cdf8e4/nixos-20.09.4154.33824cdf8e4-x86_64-linux.ova.sha256))\nthe above procedures produced the same ISO for me.\n\n```bash\n# On one of the Ubuntu machines\n$ uname -a\nLinux syncom-xps13 5.4.0-126-generic #142~18.04.1-Ubuntu SMP Thu Sep 1 16:25:16 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux\n$ sha256sum $(readlink -f result)/iso/*.iso\n5443e41acee9664e3b8dcc46e72bf54aec323457ec703aa7948d0c20f975ff5b  /nix/store/k4fa432jpfjs0wivi736dacs59jra466-nixos-21.11pre-git-x86_64-linux.iso/iso/nixos-21.11pre-git-x86_64-linux.iso\n```\n\n## Build ISO in Docker\n\nThe above deterministic ISO creation process can be automated using Docker.\nRun the following command in the repository root directory.\n\n```bash\nmake iso\n```\n\nWhen we make the ISO at revision\n`817946610fd188a57c19e1983680cdaad3c35fa3`, text like that shown below\nis expected in command output. The value for `IMAGE sha256sum` is\ncritical to check for reproducibility.\n\n```text\n============ CUSTOM NIXOS ISO INFO ============\nISO image created in /tmp/custom_nixos_iso/out/custom_nixos_iso-817946610fd188a57c19e1983680cdaad3c35fa3.iso\nIMAGE sha256sum: 5443e41acee9664e3b8dcc46e72bf54aec323457ec703aa7948d0c20f975ff5b\n```\n\n## Clean up\n\nClean up built ISO\n\n```bash\nmake clean\n```\n\nPrune Docker resources (to save disk space, for example)\n\n```bash\nmake dockerclean\n```\n\n## References\n\nI've learned from the following resources:\n\n1. [Nix Pills](https://nixos.org/guides/nix-pills/), by Luca Bruno (aka\nLethalman).\n2. [Managing private Nix packages outside the Nixpkgs\ntree](http://sandervanderburg.blogspot.com/2014/07/managing-private-nix-packages-outside.html?m=1),\nby Sander van der Burg.\n3. [Creating a NixOS live\nCD](https://nixos.wiki/wiki/Creating_a_NixOS_live_CD), on nixos.wiki.\n4. Github project: [mbp-nixos](https://github.com/cstrahan/mbp-nixos), by\nCharles Strahan (cstrahan).\n5. [nixpkgs](https://github.com/NixOS/nixpkgs), nixpkgs source code.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsyncom%2Fcustom_nixos_iso","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsyncom%2Fcustom_nixos_iso","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsyncom%2Fcustom_nixos_iso/lists"}