From mboxrd@z Thu Jan 1 00:00:00 1970 From: Chris Marusich Subject: Re: Advice about GuixSD on Serveraptor? Date: Thu, 23 Mar 2017 21:35:10 -0700 Message-ID: <87k27fcmwx.fsf@gmail.com> References: <20170209183609.5rztohnqhsleifll@wasp> <20170213214717.GA11352@jasmine> <20170313003252.GA12094@jasmine> <20170321180638.GA3027@jasmine> <87mvcenzvw.fsf@dustycloud.org> <20170321204620.GA30143@jasmine> <20170321210609.rmugh5l26eqicrhd@abyayala> <20170322171538.GA6011@jasmine> <20170322192023.ij2mzykimne7lfii@abyayala> <20170322210106.f6z7vwavsna3qfg4@abyayala> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:49126) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1crGwa-0007yM-RQ for guix-devel@gnu.org; Fri, 24 Mar 2017 00:35:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1crGwX-0003Te-OS for guix-devel@gnu.org; Fri, 24 Mar 2017 00:35:20 -0400 Received: from mail-pf0-x229.google.com ([2607:f8b0:400e:c00::229]:34850) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1crGwX-0003TY-Ic for guix-devel@gnu.org; Fri, 24 Mar 2017 00:35:17 -0400 Received: by mail-pf0-x229.google.com with SMTP id 20so2180353pfk.2 for ; Thu, 23 Mar 2017 21:35:17 -0700 (PDT) In-Reply-To: <20170322210106.f6z7vwavsna3qfg4@abyayala> (ng0's message of "Wed, 22 Mar 2017 21:01:06 +0000") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Leo Famulari Cc: guix-devel@gnu.org --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable ng0 writes: > If IN-Berlin uses (or needs) nothing special for the consoleserver to > make use of the virtual servers within IN-Berlin infrastructure, I think > it would be best if we (as Guix) could provide an extended bare image > for servers which would include ssh-daemon on default port with password > login enabled, where the password is not empty. That's a workaround I > can imagine to be generic enough for all use cases. > For the one of IN-Berlin and maybe similar hosters who use ssh pubkeys, > it would be great to document for them how to recreate this image in > easy steps and insert the clients ssh pubkey for the root account (or an > named user) on the system. > > What do you think about this? Instead of providing a pre-built image of a specific system with pre-built credentials, wouldn't it be better to add a feature that, in the spirit of a command like 'guix disk-image', builds an entire system that can then be imported as-is into IN-Berlin? In general, such a feature would be useful. One can imagine leveraging a feature like this to import custom GuixSD systems into various hosting services - Amazon EC2, Rackspace, wherever. Instead of starting with a pre-built image that might be hard to reproduce or verify, and then mutating that system to suit your needs, you could just import the exact system that you want to deploy. Wouldn't that be better? =2D-=20 Chris --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEy/WXVcvn5+/vGD+x3UCaFdgiRp0FAljUof4ACgkQ3UCaFdgi Rp0P7g//fd+zf7LLKDiHvx3riIvMq/UzlAJNvN7fy8gm1xltGOKFaL9bNdWYqrqd hErpGGOmuORP05ZC44o8hpVV/tlYI8pT2EqNbw1tST4kRUzLqM19gfF3eRBSn8eF 8BXBAg0708wJg+J1X/iIJlWt9Cm8Io+703fksx6JpyOUUHEOnyu4f4ptOXJpnZjX vNWM/O2SbFEf/IV1zPcuG0GoHVhwD7cae18o1DZgudVmavyAS4HYRJqBXAsUSl4m q59vG2tYGYbT8OTaGVvlRfAI8wy9szDgYdbZwep9qwoVF6JUf1+zzHM0I3j+YI9P PQDjdBTWN7al+30+C3zBxXlZKB+XeV2ENZ8TsJxyQZ1bdVekU/zFykpYCrC8T62d YiJLMEv3TgFmiXdALOsJfHoqu/G4i1UrM+k2k2cDyhya9ZgpVqtqljW2AZTW79Ln g8m1YXVjjRn8uKrYp9Q4igFmCcZsmMniW6DmsSavBMnslUrVpX8sGKjhLJbaKWNL Sj6HJ744sxee3I2BenoFOsi/S3vrgp7HMEg9Hdi4C2XxbzRe9CSLyjVAsgdOp1PS kiOUHgMk+S2bgu6mDU4ncO/CFTZ9rIkn3SxMWHgjQNagfaXA2WMIDrfEvoPH+JmE bC/jWhTKSq3wX472an/jABWRdHXvYRyVg8BsqY+6uuCp2y4tXEM= =+nXj -----END PGP SIGNATURE----- --=-=-=--