From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id sJ+uKWZdBl9CFwAA0tVLHw (envelope-from ) for ; Wed, 08 Jul 2020 23:57:26 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id sMdsJWZdBl8lWQAAbx9fmQ (envelope-from ) for ; Wed, 08 Jul 2020 23:57:26 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 9BC86940A3F for ; Wed, 8 Jul 2020 23:57:25 +0000 (UTC) Received: from localhost ([::1]:43260 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jtJwI-0006z2-Q5 for larch@yhetil.org; Wed, 08 Jul 2020 19:57:22 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40168) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jtJw3-0006yo-M4 for help-guix@gnu.org; Wed, 08 Jul 2020 19:57:07 -0400 Received: from knopi.disroot.org ([178.21.23.139]:56706) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jtJw0-0004aN-S9 for help-guix@gnu.org; Wed, 08 Jul 2020 19:57:07 -0400 Received: from localhost (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id 354995525C; Thu, 9 Jul 2020 01:57:01 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at disroot.org Received: from knopi.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7ZNVNmsO4IRw; Thu, 9 Jul 2020 01:56:59 +0200 (CEST) References: <87y2ntbogr.fsf@dustycloud.org> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1594252619; bh=XlQx+Xdt4+J6Q+cOODf8/bxYHckWSCwL6AR62/yLIjI=; h=References:From:To:Cc:Subject:In-reply-to:Date; b=ZfXryeTrTZrPsrkCHLFdky5ChYNozsBWg+2Mo6cV5LXAh9/jJXrTbL+7GU0YSLkzA kbkCkSj+/PJ2ouSFIZRN3wMOLF0+iqfVUaiIelAn2i0gE8DyKfyJr1Hm6zOi/CIYV8 s5BZBJ8KeY/GwJ79fcSbG4qauODCA19yGw/uIUCQ4NMqe+YZwRXTd/OJ5EbtLwGWZc VRc4HRPwCeOkC2lF3Fgv7cxdKQo0EIq9DWj3kk79BOFafC4jQR1n3zmMeEM1xGxzgU 9LPB7rHQX9RLwtESGxywri6xfCEfgvk2nbtCu5PdEMdjnPW4oooNM4mA0Njvnj3M2s 0UiJjvlyJw4Vg== From: Gary Johnson To: Christopher Lemmer Webber Subject: Re: Installing Guix on Linode: a how-to In-reply-to: <87y2ntbogr.fsf@dustycloud.org> Date: Wed, 08 Jul 2020 19:56:42 -0400 Message-ID: <8736617e85.fsf@disroot.org> Mime-Version: 1.0 Content-Type: text/plain Received-SPF: pass client-ip=178.21.23.139; envelope-from=lambdatronic@disroot.org; helo=knopi.disroot.org X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/08 19:57:01 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: help-guix@gnu.org Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=disroot.org header.s=mail header.b=ZfXryeTr; dmarc=pass (policy=none) header.from=disroot.org; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Spam-Score: -1.21 X-TUID: RscQiolX1RDu Can someone add this tutorial to the Guix Cookbook? I've been wondering about how to do this for some time now, and it would be great to have it saved somewhere obvious like that for future reference. Thanks, Gary Christopher Lemmer Webber writes: > Hi! I finally got Guix running on Linode! I'm excited about it! > Here's the process (thanks to jackhill on freenode for helping me figure > out all the stuff involving the bootloader!). It's very bullet-point'y, > but here's the steps I took: > > - Start with a Debian (or whatever) server. Be sure to add your ssh > key for easy login. We'll be using the default distro as a way to > bootstrap Guix. > - Power it down. > - In the Disks/Configurations tab, resize the Debian disk to be > smaller, maybe 30GB or something. > - "Add a disk", with the following: > - Label: "Guix" > - Filesystem: ext4 > - Set it to the remaining size > - Next to the "configuration" that comes with the default image, > press "..." and select "Edit", then on that menu add to > /dev/sdc the "Guix" label > - Now "Add a Configuration", with the following: > - Label: Guix > - VM Mode: Paravirtualization (the default?? don't know if this matters) > - Kernel: Grub 2 (it's at the bottom! This step is *IMPORTANT*) > - Block device assignment: > - /dev/sda: Guix > - /dev/sdb: swap > - Root device: /dev/sda > - Turn off all the filesystem/boot helpers > - Now power it back up, picking the Debian configuration > - Once it's booted up, ssh root@ > - Run the "install guix form binary installer" steps: > - $ sudo apt-get install gpg > - $ wget https://sv.gnu.org/people/viewgpg.php?user_id=15145 -qO - | gpg --import - > - $ wget https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh > - $ chmod +x guix-install.sh > - $ ./guix-install.sh > - $ guix pull > > - Now it's time to write out a config for the server. The key stuff is > below, save as guix-config.scm: > > #+BEGIN_SRC scheme > (use-modules (gnu) > (guix modules)) > (use-service-modules networking > ssh) > (use-package-modules admin > certs > package-management > ssh > tls) > > (operating-system > (host-name "my-server") > (timezone "America/New_York") > (locale "en_US.UTF-8") > ;; This goofy code will generate the grub.cfg > ;; without installing the grub bootloader on disk. > (bootloader (bootloader-configuration > (bootloader > (bootloader > (inherit grub-bootloader) > (installer #~(const #t)))))) > (file-systems (cons (file-system > (device "/dev/sda") > (mount-point "/") > (type "ext4")) > %base-file-systems)) > > (initrd-modules (cons "virtio_scsi" ; Needed to find the disk > %base-initrd-modules)) > > (users (cons (user-account > (name "janedoe") > (group "users") > ;; Adding the account to the "wheel" group > ;; makes it a sudoer. > (supplementary-groups '("wheel")) > (home-directory "/home/janedoe")) > %base-user-accounts)) > > (packages (cons* nss-certs ;for HTTPS access > openssh-sans-x > %base-packages)) > > (services (cons* > (service dhcp-client-service-type) > (service openssh-service-type > (openssh-configuration > (openssh openssh-sans-x) > (password-authentication? #f) > (authorized-keys > `(("janedoe" ,(local-file "janedoe_rsa.pub")) > ;; Is this a good idea? Well if you don't add it > ;; you have to manually set your user's password > ;; via the glish console... > ("root" ,(local-file "janedoe_rsa.pub")))))) > %base-services))) > #+END_SRC > > - Replace the following fields in the above configuration: > - (host-name "my-server") ; replace with your server name > - (name "janedoe") ; replace with your username > - ("janedoe" ,(local-file "janedoe_rsa.pub")) ; here too > - Note the same above for root, which I don't feel great about, but > otherwise you'll need to log in via the linode "glish" console to > log in as root and set the user's initial password before you can > start using sudo (is there another way around this?) > > - Save your ssh public key (~/.ssh/id_rsa.pub) as > _rsa.pub or whatever in the same directory > > - Mount the guix drive: > $ mkdir /mnt/guix > $ mount /dev/sdc /mnt/guix > > - Due to the way we set things up above, we don't install Grub > completely, just our grub configuration file. So we need to copy > over some of the other Grub stuff that's already there: > $ mkdir -p /mnt/guix/boot/grub > $ cp -r /boot/grub/* /mnt/guix/boot/grub/ > > - Now initialize the Guix installation: > $ guix system init guix-config.scm /mnt/guix > > - Ok, power it down! > - Now from the linode console, select boot and select "Guix" > > - Once it boots, you should be able to log in via ssh! (The server > config will have changed though.) > > - Be sure to set your password and root's password. > > - Horray! At this point you can shut down the server, delete the > Debian disk, and resize the Guix to the rest of the size. > Congratulations! > > BTW, if you save it as a disk image right at this point, you'll have an > easy time spinning up new Guix images! > > Let me know if this guide helps you! -- GPG Key ID: 7BC158ED Use `gpg --search-keys lambdatronic' to find me Protect yourself from surveillance: https://emailselfdefense.fsf.org ======================================================================= () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments Please avoid sending me MS-Office attachments. See http://www.gnu.org/philosophy/no-word-attachments.html