From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id +zlDGjbUBF/+QwAA0tVLHw (envelope-from ) for ; Tue, 07 Jul 2020 19:59:50 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id QGPEFTbUBF8lbQAAbx9fmQ (envelope-from ) for ; Tue, 07 Jul 2020 19:59:50 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 0C7B7940C62 for ; Tue, 7 Jul 2020 19:59:48 +0000 (UTC) Received: from localhost ([::1]:40568 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jstko-0002SR-CW for larch@yhetil.org; Tue, 07 Jul 2020 15:59:46 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:58388) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jstkg-0002S0-GY for help-guix@gnu.org; Tue, 07 Jul 2020 15:59:38 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:52254) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jstkg-0001eP-0s; Tue, 07 Jul 2020 15:59:38 -0400 Received: from [2001:980:1b4f:1:42d2:832d:bb59:862] (port=41350 helo=dundal.peder.onsbrabantnet.nl) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1jstke-0006Rw-Hm; Tue, 07 Jul 2020 15:59:37 -0400 From: Jan Nieuwenhuizen To: Christopher Lemmer Webber Subject: Re: Port forwarding and `guix system vm` Organization: AvatarAcademy.nl References: <87blkrgphk.fsf@dustycloud.org> X-Url: http://AvatarAcademy.nl Date: Tue, 07 Jul 2020 21:59:34 +0200 In-Reply-To: <87blkrgphk.fsf@dustycloud.org> (Christopher Lemmer Webber's message of "Tue, 07 Jul 2020 14:16:23 -0400") Message-ID: <87h7ujayft.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: help-guix@gnu.org Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Spam-Score: -1.01 X-TUID: i9kBVHXIGzsD Christopher Lemmer Webber writes: Hello! > Hello! > > I've been trying to figure out how to do port forwarding with > `guix system vm` and have not (alas) yet succeeded. > > Here's what I've tried so far: [..] > `guix system vm guix-config-dustycloud.scm --share=3D$HOME/tmp/guix-vm-= exchange=3D/exchange` -nic user,model=3Dvirtio-net-pci,hostfwd=3Dtcp::8088-= :80 It looks like I definately need the -nic user,model=3Dvirtio-net-pci bit, e.g. this for ssh /gnu/store/0gdyvca8czl2a62dyfmjjalxhibx53w9-run-vm.sh -nic user,model= =3Dvirtio-net-pci,hostfwd=3Dtcp::10022-:22 > ... same problem. (However, it looks like the script adds the > virtio-net-pci and stuff these days, so I'm not sure that stuff is > necessary...) > > Any ideas? After trying and looking at your config...yeah,=20 > config looks like: > > (operating-system [...] > (services (cons* (service openssh-service-type > (openssh-configuration > (password-authentication? #f) > (authorized-keys > `(("cwebber" ,(local-file "/home/cwebber/= .ssh/id_rsa.pub")))))) > (service mcron-service-type > (mcron-configuration (jobs (list %gc-job)))) > (service nginx-service-type > (nginx-configuration > (server-blocks > (list (nginx-server-configuration > (server-name '("www.dustycloud.org= " "dustycloud.org")) > (root "/srv/http/dustycloud.org") > (listen '("80"))))))) > %base-services))) You want to add something like (service dhcp-client-service-type) This config worked for me: --8<---------------cut here---------------start------------->8--- (use-modules (gnu)) (use-service-modules networking ssh web) (use-package-modules admin certs screen ssh tls) (operating-system (host-name "dustycloud") (timezone "America/") (locale "en_US.UTF-8") ;; TODO: this will need to switch out depending on if this is in a local = VM or not (bootloader (grub-configuration (target "/dev/sda"))) (file-systems (cons (file-system (device "/dev/sda1") (mount-point "/") (type "ext4")) %base-file-systems)) (users (cons (user-account (name "janneke") (group "users") ;; Adding the account to the "wheel" group ;; makes it a sudoer. (supplementary-groups '("wheel")) (home-directory "/home/janneke")) %base-user-accounts)) (packages (cons* nss-certs ;for HTTPS access openssh-sans-x %base-packages)) (services (cons*=20 (service dhcp-client-service-type) (service openssh-service-type (openssh-configuration (openssh openssh-sans-x) (password-authentication? #f) (authorized-keys `(("janneke" ,(local-file "/home/janneke/.ssh= /id_rsa.pub")))))) (service nginx-service-type (nginx-configuration (server-blocks (list (nginx-server-configuration (server-name '("www.dustycloud.org" "d= ustycloud.org")) (root "/srv/http") (listen '("80"))))))) %base-services))) --8<---------------cut here---------------end--------------->8--- In our chat on IRC I mentioned that adding this "-nic user,virtio-net-pci b= it", I mentioned that this gives me two eth devices: --8<---------------cut here---------------start------------->8--- eth0 Link encap:Ethernet HWaddr 52:54:00:12:34:56 inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3 errors:0 dropped:0 overruns:0 frame:0 TX packets:9 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1314 TX bytes:1286 eth1 Link encap:Ethernet HWaddr 52:54:00:12:34:57 inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:11 errors:0 dropped:0 overruns:0 frame:0 TX packets:17 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1784 TX bytes:1706 lo Link encap:Local Loopback inet addr:127.0.0.1 Bcast:0.0.0.0 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 TX bytes:0 --8<---------------cut here---------------end--------------->8--- I noticed this yesterday while struggled similarly, and found that removing this bit from run-sh; like so: --8<---------------cut here---------------start------------->8--- sed 's,-nic user[^ ]* ,,' /gnu/store/j8fqc160diq82da7913gpdlcjca45rhz-run-v= m.sh > run-vm.sh --8<---------------cut here---------------end--------------->8--- and running "run-vm.sh, will create only eth0. I blamed this second eth1 device for my ssh'ing troubles...but I cannot reproduce that today...dunno! Greetings, Janneke --=20 Jan Nieuwenhuizen | GNU LilyPond http://lilypond.org Freelance IT http://JoyofSource.com | Avatar=C2=AE http://AvatarAcademy.com