From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id ELj8DalTF19kFwAA0tVLHw (envelope-from ) for ; Tue, 21 Jul 2020 20:44:25 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id 4C3ZCalTF1+wBwAA1q6Kng (envelope-from ) for ; Tue, 21 Jul 2020 20:44:25 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 748D094050A for ; Tue, 21 Jul 2020 20:44:24 +0000 (UTC) Received: from localhost ([::1]:55676 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxz7f-0007U4-FO for larch@yhetil.org; Tue, 21 Jul 2020 16:44:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:44336) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxz7W-0007Tu-T2 for help-guix@gnu.org; Tue, 21 Jul 2020 16:44:14 -0400 Received: from dustycloud.org ([2600:3c02::f03c:91ff:feae:cb51]:54712) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxz7V-0000vf-15 for help-guix@gnu.org; Tue, 21 Jul 2020 16:44:14 -0400 Received: from twig (localhost [127.0.0.1]) by dustycloud.org (Postfix) with ESMTPS id E4F8F26679; Tue, 21 Jul 2020 16:44:10 -0400 (EDT) References: <87y2ntbogr.fsf@dustycloud.org> <8736617e85.fsf@disroot.org> User-agent: mu4e 1.4.9; emacs 26.3 From: Christopher Lemmer Webber To: Gary Johnson Subject: Re: Installing Guix on Linode: a how-to In-reply-to: <8736617e85.fsf@disroot.org> Date: Tue, 21 Jul 2020 16:44:10 -0400 Message-ID: <87sgdky4x1.fsf@dustycloud.org> MIME-Version: 1.0 Content-Type: text/plain Received-SPF: pass client-ip=2600:3c02::f03c:91ff:feae:cb51; envelope-from=cwebber@dustycloud.org; helo=dustycloud.org X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: 14 X-Spam_score: 1.4 X-Spam_bar: + X-Spam_report: (1.4 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_SBL_CSS=3.335, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: help-guix@gnu.org Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Spam-Score: 0.29 X-TUID: a1CJOPUUzw9U I'd be totally supportive of it being put in the cookbook... I don't have time to do it myself right now, though... Gary Johnson writes: > Can someone add this tutorial to the Guix Cookbook? I've been wondering > about how to do this for some time now, and it would be great to have it > saved somewhere obvious like that for future reference. > > Thanks, > Gary > > Christopher Lemmer Webber writes: > >> Hi! I finally got Guix running on Linode! I'm excited about it! >> Here's the process (thanks to jackhill on freenode for helping me figure >> out all the stuff involving the bootloader!). It's very bullet-point'y, >> but here's the steps I took: >> >> - Start with a Debian (or whatever) server. Be sure to add your ssh >> key for easy login. We'll be using the default distro as a way to >> bootstrap Guix. >> - Power it down. >> - In the Disks/Configurations tab, resize the Debian disk to be >> smaller, maybe 30GB or something. >> - "Add a disk", with the following: >> - Label: "Guix" >> - Filesystem: ext4 >> - Set it to the remaining size >> - Next to the "configuration" that comes with the default image, >> press "..." and select "Edit", then on that menu add to >> /dev/sdc the "Guix" label >> - Now "Add a Configuration", with the following: >> - Label: Guix >> - VM Mode: Paravirtualization (the default?? don't know if this matters) >> - Kernel: Grub 2 (it's at the bottom! This step is *IMPORTANT*) >> - Block device assignment: >> - /dev/sda: Guix >> - /dev/sdb: swap >> - Root device: /dev/sda >> - Turn off all the filesystem/boot helpers >> - Now power it back up, picking the Debian configuration >> - Once it's booted up, ssh root@ >> - Run the "install guix form binary installer" steps: >> - $ sudo apt-get install gpg >> - $ wget https://sv.gnu.org/people/viewgpg.php?user_id=15145 -qO - | gpg --import - >> - $ wget https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh >> - $ chmod +x guix-install.sh >> - $ ./guix-install.sh >> - $ guix pull >> >> - Now it's time to write out a config for the server. The key stuff is >> below, save as guix-config.scm: >> >> #+BEGIN_SRC scheme >> (use-modules (gnu) >> (guix modules)) >> (use-service-modules networking >> ssh) >> (use-package-modules admin >> certs >> package-management >> ssh >> tls) >> >> (operating-system >> (host-name "my-server") >> (timezone "America/New_York") >> (locale "en_US.UTF-8") >> ;; This goofy code will generate the grub.cfg >> ;; without installing the grub bootloader on disk. >> (bootloader (bootloader-configuration >> (bootloader >> (bootloader >> (inherit grub-bootloader) >> (installer #~(const #t)))))) >> (file-systems (cons (file-system >> (device "/dev/sda") >> (mount-point "/") >> (type "ext4")) >> %base-file-systems)) >> >> (initrd-modules (cons "virtio_scsi" ; Needed to find the disk >> %base-initrd-modules)) >> >> (users (cons (user-account >> (name "janedoe") >> (group "users") >> ;; Adding the account to the "wheel" group >> ;; makes it a sudoer. >> (supplementary-groups '("wheel")) >> (home-directory "/home/janedoe")) >> %base-user-accounts)) >> >> (packages (cons* nss-certs ;for HTTPS access >> openssh-sans-x >> %base-packages)) >> >> (services (cons* >> (service dhcp-client-service-type) >> (service openssh-service-type >> (openssh-configuration >> (openssh openssh-sans-x) >> (password-authentication? #f) >> (authorized-keys >> `(("janedoe" ,(local-file "janedoe_rsa.pub")) >> ;; Is this a good idea? Well if you don't add it >> ;; you have to manually set your user's password >> ;; via the glish console... >> ("root" ,(local-file "janedoe_rsa.pub")))))) >> %base-services))) >> #+END_SRC >> >> - Replace the following fields in the above configuration: >> - (host-name "my-server") ; replace with your server name >> - (name "janedoe") ; replace with your username >> - ("janedoe" ,(local-file "janedoe_rsa.pub")) ; here too >> - Note the same above for root, which I don't feel great about, but >> otherwise you'll need to log in via the linode "glish" console to >> log in as root and set the user's initial password before you can >> start using sudo (is there another way around this?) >> >> - Save your ssh public key (~/.ssh/id_rsa.pub) as >> _rsa.pub or whatever in the same directory >> >> - Mount the guix drive: >> $ mkdir /mnt/guix >> $ mount /dev/sdc /mnt/guix >> >> - Due to the way we set things up above, we don't install Grub >> completely, just our grub configuration file. So we need to copy >> over some of the other Grub stuff that's already there: >> $ mkdir -p /mnt/guix/boot/grub >> $ cp -r /boot/grub/* /mnt/guix/boot/grub/ >> >> - Now initialize the Guix installation: >> $ guix system init guix-config.scm /mnt/guix >> >> - Ok, power it down! >> - Now from the linode console, select boot and select "Guix" >> >> - Once it boots, you should be able to log in via ssh! (The server >> config will have changed though.) >> >> - Be sure to set your password and root's password. >> >> - Horray! At this point you can shut down the server, delete the >> Debian disk, and resize the Guix to the rest of the size. >> Congratulations! >> >> BTW, if you save it as a disk image right at this point, you'll have an >> easy time spinning up new Guix images! >> >> Let me know if this guide helps you!