System configuration on non-GuixSD systems (Debian)

unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / code / Atom feed

* System configuration on non-GuixSD systems (Debian)
@ 2017-08-22  9:23 Pjotr Prins
  2017-08-22  9:47 ` Christopher Baines
  0 siblings, 1 reply; 4+ messages in thread
From: Pjotr Prins @ 2017-08-22  9:23 UTC (permalink / raw)
  To: guix-devel

Hi,

I need to reinstall a Debian server (again) and I am looking at how I
can use 'guix system' to configure stuff. I remember there was someone
who wrote a about configuring on non-GuixSD, but can't find the
material (I need Debian because it has CUDA).

Let's say I want sshd. It would make sense to me to create a package
for openssh-with-config-for-machine, i.e., a modified sshd_config. The
config file can sit in the store somewhere and I can symlink to a
profile from /etc/sshd on this box so it gets picked up.

I have two questions:

1. Is there a smarter way to go about this? I can see for GuixSD is
   handled differently
2. How do I best parametrize the configuration file - for different
   machines? I suppose the package could write the config file.

systemd I'll do separately - though I suppose you could mix systemd
and shepherd?

Doing it in a Guixy way would help me migrate to GuixSD later. Any
ideas?

Pj.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: System configuration on non-GuixSD systems (Debian)
  2017-08-22  9:23 System configuration on non-GuixSD systems (Debian) Pjotr Prins
@ 2017-08-22  9:47 ` Christopher Baines
  2017-08-25  7:56   ` Ricardo Wurmus
  0 siblings, 1 reply; 4+ messages in thread
From: Christopher Baines @ 2017-08-22  9:47 UTC (permalink / raw)
  To: Pjotr Prins; +Cc: guix-devel

[-- Attachment #1: Type: text/plain, Size: 2066 bytes --]

On Tue, 22 Aug 2017 11:23:25 +0200
Pjotr Prins <pjotr.public12@thebird.nl> wrote:

> I need to reinstall a Debian server (again) and I am looking at how I
> can use 'guix system' to configure stuff. I remember there was someone
> who wrote a about configuring on non-GuixSD, but can't find the
> material (I need Debian because it has CUDA).
> 
> Let's say I want sshd. It would make sense to me to create a package
> for openssh-with-config-for-machine, i.e., a modified sshd_config. The
> config file can sit in the store somewhere and I can symlink to a
> profile from /etc/sshd on this box so it gets picked up.
> 
> I have two questions:
> 
> 1. Is there a smarter way to go about this? I can see for GuixSD is
>    handled differently
> 2. How do I best parametrize the configuration file - for different
>    machines? I suppose the package could write the config file.
> 
> systemd I'll do separately - though I suppose you could mix systemd
> and shepherd?
> 
> Doing it in a Guixy way would help me migrate to GuixSD later. Any
> ideas?

One maybe bizare suggestion that comes to mind is to use a container
created through the `guix system container` command.

This would allow you to create a set of processes, that you could give
access to specific parts of the host filesystem (using the --share and
--expose options), and expose the host network to if you want to
use services which access the network (only with this patch [1]).

The more things you do through the container, the closer you are to
having something work just on GuixSD. You might get to the point where
you can even replace what you are using from Debian with Guix packages
that just unpack some Debian packages to the store.

Where this approach might fall down is usability, e.g. reconfiguring a
container isn't possible yet, so you might have to restart it when you
want to make changes, which might be problomatic if you are doing this
through the ssh service in the container...

1: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28128

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 963 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: System configuration on non-GuixSD systems (Debian)
  2017-08-22  9:47 ` Christopher Baines
@ 2017-08-25  7:56   ` Ricardo Wurmus
  2017-08-25 13:46     ` Pjotr Prins
  0 siblings, 1 reply; 4+ messages in thread
From: Ricardo Wurmus @ 2017-08-25  7:56 UTC (permalink / raw)
  To: Christopher Baines; +Cc: guix-devel


Christopher Baines <mail@cbaines.net> writes:

> On Tue, 22 Aug 2017 11:23:25 +0200
> Pjotr Prins <pjotr.public12@thebird.nl> wrote:
>
>> I need to reinstall a Debian server (again) and I am looking at how I
>> can use 'guix system' to configure stuff. I remember there was someone
>> who wrote a about configuring on non-GuixSD, but can't find the
>> material (I need Debian because it has CUDA).
>>
>> Let's say I want sshd. It would make sense to me to create a package
>> for openssh-with-config-for-machine, i.e., a modified sshd_config. The
>> config file can sit in the store somewhere and I can symlink to a
>> profile from /etc/sshd on this box so it gets picked up.
[…]
>
> One maybe bizare suggestion that comes to mind is to use a container
> created through the `guix system container` command.
>
> This would allow you to create a set of processes, that you could give
> access to specific parts of the host filesystem (using the --share and
> --expose options), and expose the host network to if you want to
> use services which access the network (only with this patch [1]).

This is an interesting idea.  We can already run some services in
containers, so maybe we can extend this some more and “build” the
closure of a service and then spin it up with a non-PID-1 instance of
shepherd.

I think it would be very useful to have self-contained service blobs
that are backed by a shared store.

--
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: System configuration on non-GuixSD systems (Debian)
  2017-08-25  7:56   ` Ricardo Wurmus
@ 2017-08-25 13:46     ` Pjotr Prins
  0 siblings, 0 replies; 4+ messages in thread
From: Pjotr Prins @ 2017-08-25 13:46 UTC (permalink / raw)
  To: Ricardo Wurmus; +Cc: guix-devel

On Fri, Aug 25, 2017 at 09:56:50AM +0200, Ricardo Wurmus wrote:
> > One maybe bizare suggestion that comes to mind is to use a container
> > created through the `guix system container` command.
> >
> > This would allow you to create a set of processes, that you could give
> > access to specific parts of the host filesystem (using the --share and
> > --expose options), and expose the host network to if you want to
> > use services which access the network (only with this patch [1]).
> 
> This is an interesting idea.  We can already run some services in
> containers, so maybe we can extend this some more and “build” the
> closure of a service and then spin it up with a non-PID-1 instance of
> shepherd.

Yes. Not for sshd, but for many other things yes :)

> I think it would be very useful to have self-contained service blobs
> that are backed by a shared store.

I am planning to host a number of services on Pi3, including mail and
http(s). It looks like we are pretty close to achieving this with
containers. Do containers actually run on Arm? Docker has it

  http://blog.hypriot.com/getting-started-with-docker-on-your-arm-device/

so it should be possible.

Pj.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2017-08-25 13:47 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-08-22  9:23 System configuration on non-GuixSD systems (Debian) Pjotr Prins
2017-08-22  9:47 ` Christopher Baines
2017-08-25  7:56   ` Ricardo Wurmus
2017-08-25 13:46     ` Pjotr Prins

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).