From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id CF7gBBPpCF95KQAA0tVLHw (envelope-from ) for ; Fri, 10 Jul 2020 22:17:55 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id cCXOABPpCF+/MwAA1q6Kng (envelope-from ) for ; Fri, 10 Jul 2020 22:17:55 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 33FEA94071A for ; Fri, 10 Jul 2020 22:17:54 +0000 (UTC) Received: from localhost ([::1]:59926 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ju1L7-000651-07 for larch@yhetil.org; Fri, 10 Jul 2020 18:17:53 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36824) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ju1KH-0005aF-Nf for help-guix@gnu.org; Fri, 10 Jul 2020 18:17:01 -0400 Received: from mx1.dismail.de ([78.46.223.134]:40439) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ju1KE-0000jL-Sv for help-guix@gnu.org; Fri, 10 Jul 2020 18:17:01 -0400 Received: from mx1.dismail.de (localhost [127.0.0.1]) by mx1.dismail.de (OpenSMTPD) with ESMTP id 9142b0e6 for ; Sat, 11 Jul 2020 00:16:54 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=dismail.de; h= mime-version:date:content-type:content-transfer-encoding:from :message-id:subject:to:in-reply-to:references; s=20190914; bh=Yd IRfbsqiUZroxzkpVntwwgv8nDTZXH9qDj/FCxfqv0=; b=J/xYmpuCKiUa6rcMu2 FE7+XFTmIIqvYPvDGrSUPJILJzvP347ObptutqC6naHMncPPGs2H7+eiAhetZYf1 23qtRoxS7tnuosy4QMvnFRaShbsfV8nkc6+z1vK+3Lv+hcZWzGI3eOxOwRGSact1 Y+iDw3DgUA/Dm97nBSQ4bQNWDs980l4R5q3skD6XWZT+mjwjt/hYYC6LNJvmlYVn OZsHGADOIl2F8PHs/SRb5a7tILKQinPro9HAj+rlPxSk/cxIlR/Ddx8UubovywRR d9u3k/4jZnuennLuFFA2CJFsvhjwLvhH9VUf6jNURmySsvl2ay7mBtBUSYlEGYgH OBFg== Received: from smtp1.dismail.de ( [10.240.26.11]) by mx1.dismail.de (OpenSMTPD) with ESMTP id 9cd6d220 for ; Sat, 11 Jul 2020 00:16:54 +0200 (CEST) Received: from smtp1.dismail.de (localhost [127.0.0.1]) by smtp1.dismail.de (OpenSMTPD) with ESMTP id d3c0cf77 for ; Sat, 11 Jul 2020 00:16:54 +0200 (CEST) Received: by dismail.de (OpenSMTPD) with ESMTPSA id d7fe9508 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO) for ; Sat, 11 Jul 2020 00:16:53 +0200 (CEST) MIME-Version: 1.0 Date: Fri, 10 Jul 2020 22:16:53 +0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Mailer: RainLoop/1.14.0a From: jbranso@dismail.de Message-ID: <322811df4e5685c75bf592938027bed3@dismail.de> Subject: Re: Installing Guix on Linode: a how-to To: help-guix@gnu.org In-Reply-To: <8736617e85.fsf@disroot.org> References: <8736617e85.fsf@disroot.org> <87y2ntbogr.fsf@dustycloud.org> Received-SPF: pass client-ip=78.46.223.134; envelope-from=jbranso@dismail.de; helo=mx1.dismail.de X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/10 18:16:55 X-ACL-Warn: Detected OS = ??? X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=dismail.de header.s=20190914 header.b=J/xYmpuC; dmarc=pass (policy=reject) header.from=dismail.de; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Spam-Score: -1.71 X-TUID: DI0Odq5A1LHX I will volunteer to add this to the guix cookbook. If I don't send a patc= h in a week or so, then=0Athat means I got lazy and decided not to do it.= =0A=0AJuly 8, 2020 7:57 PM, "Gary Johnson" wro= te:=0A=0A> Can someone add this tutorial to the Guix Cookbook? I've been = wondering=0A> about how to do this for some time now, and it would be gre= at to have it=0A> saved somewhere obvious like that for future reference.= =0A> =0A> Thanks,=0A> Gary=0A> =0A> Christopher Lemmer Webber writes:=0A> =0A>> Hi! I finally got Guix running on Linode!= I'm excited about it!=0A>> Here's the process (thanks to jackhill on fre= enode for helping me figure=0A>> out all the stuff involving the bootload= er!). It's very bullet-point'y,=0A>> but here's the steps I took:=0A>> = =0A>> - Start with a Debian (or whatever) server. Be sure to add your ssh= =0A>> key for easy login. We'll be using the default distro as a way to= =0A>> bootstrap Guix.=0A>> - Power it down.=0A>> - In the Disks/Configura= tions tab, resize the Debian disk to be=0A>> smaller, maybe 30GB or somet= hing.=0A>> - "Add a disk", with the following:=0A>> - Label: "Guix"=0A>> = - Filesystem: ext4=0A>> - Set it to the remaining size=0A>> - Next to the= "configuration" that comes with the default image,=0A>> press "..." and = select "Edit", then on that menu add to=0A>> /dev/sdc the "Guix" label=0A= >> - Now "Add a Configuration", with the following:=0A>> - Label: Guix=0A= >> - VM Mode: Paravirtualization (the default?? don't know if this matter= s)=0A>> - Kernel: Grub 2 (it's at the bottom! This step is *IMPORTANT*)= =0A>> - Block device assignment:=0A>> - /dev/sda: Guix=0A>> - /dev/sdb: s= wap=0A>> - Root device: /dev/sda=0A>> - Turn off all the filesystem/boot = helpers=0A>> - Now power it back up, picking the Debian configuration=0A>= > - Once it's booted up, ssh root@=0A>> - Run the "i= nstall guix form binary installer" steps:=0A>> - $ sudo apt-get install g= pg=0A>> - $ wget https://sv.gnu.org/people/viewgpg.php?user_id=3D15145 -q= O - | gpg --import -=0A>> - $ wget https://git.savannah.gnu.org/cgit/guix= .git/plain/etc/guix-install.sh=0A>> - $ chmod +x guix-install.sh=0A>> - $= ./guix-install.sh=0A>> - $ guix pull=0A>> =0A>> - Now it's time to write= out a config for the server. The key stuff is=0A>> below, save as guix-c= onfig.scm:=0A>> =0A>> #+BEGIN_SRC scheme=0A>> (use-modules (gnu)=0A>> (gu= ix modules))=0A>> (use-service-modules networking=0A>> ssh)=0A>> (use-pac= kage-modules admin=0A>> certs=0A>> package-management=0A>> ssh=0A>> tls)= =0A>> =0A>> (operating-system=0A>> (host-name "my-server")=0A>> (timezone= "America/New_York")=0A>> (locale "en_US.UTF-8")=0A>> ;; This goofy code = will generate the grub.cfg=0A>> ;; without installing the grub bootloader= on disk.=0A>> (bootloader (bootloader-configuration=0A>> (bootloader=0A>= > (bootloader=0A>> (inherit grub-bootloader)=0A>> (installer #~(const #t)= )))))=0A>> (file-systems (cons (file-system=0A>> (device "/dev/sda")=0A>>= (mount-point "/")=0A>> (type "ext4"))=0A>> %base-file-systems))=0A>> =0A= >> (initrd-modules (cons "virtio_scsi" ; Needed to find the disk=0A>> %ba= se-initrd-modules))=0A>> =0A>> (users (cons (user-account=0A>> (name "jan= edoe")=0A>> (group "users")=0A>> ;; Adding the account to the "wheel" gro= up=0A>> ;; makes it a sudoer.=0A>> (supplementary-groups '("wheel"))=0A>>= (home-directory "/home/janedoe"))=0A>> %base-user-accounts))=0A>> =0A>> = (packages (cons* nss-certs ;for HTTPS access=0A>> openssh-sans-x=0A>> %ba= se-packages))=0A>> =0A>> (services (cons*=0A>> (service dhcp-client-servi= ce-type)=0A>> (service openssh-service-type=0A>> (openssh-configuration= =0A>> (openssh openssh-sans-x)=0A>> (password-authentication? #f)=0A>> (a= uthorized-keys=0A>> `(("janedoe" ,(local-file "janedoe_rsa.pub"))=0A>> ;;= Is this a good idea? Well if you don't add it=0A>> ;; you have to manual= ly set your user's password=0A>> ;; via the glish console...=0A>> ("root"= ,(local-file "janedoe_rsa.pub"))))))=0A>> %base-services)))=0A>> #+END_S= RC=0A>> =0A>> - Replace the following fields in the above configuration:= =0A>> - (host-name "my-server") ; replace with your server name=0A>> - (n= ame "janedoe") ; replace with your username=0A>> - ("janedoe" ,(local-fil= e "janedoe_rsa.pub")) ; here too=0A>> - Note the same above for root, whi= ch I don't feel great about, but=0A>> otherwise you'll need to log in via= the linode "glish" console to=0A>> log in as root and set the user's ini= tial password before you can=0A>> start using sudo (is there another way = around this?)=0A>> =0A>> - Save your ssh public key (~/.ssh/id_rsa.pub) a= s=0A>> _rsa.pub or whatever in the same directory=0A>= > =0A>> - Mount the guix drive:=0A>> $ mkdir /mnt/guix=0A>> $ mount /dev/= sdc /mnt/guix=0A>> =0A>> - Due to the way we set things up above, we don'= t install Grub=0A>> completely, just our grub configuration file. So we n= eed to copy=0A>> over some of the other Grub stuff that's already there:= =0A>> $ mkdir -p /mnt/guix/boot/grub=0A>> $ cp -r /boot/grub/* /mnt/guix/= boot/grub/=0A>> =0A>> - Now initialize the Guix installation:=0A>> $ guix= system init guix-config.scm /mnt/guix=0A>> =0A>> - Ok, power it down!=0A= >> - Now from the linode console, select boot and select "Guix"=0A>> =0A>= > - Once it boots, you should be able to log in via ssh! (The server=0A>>= config will have changed though.)=0A>> =0A>> - Be sure to set your passw= ord and root's password.=0A>> =0A>> - Horray! At this point you can shut = down the server, delete the=0A>> Debian disk, and resize the Guix to the = rest of the size.=0A>> Congratulations!=0A>> =0A>> BTW, if you save it as= a disk image right at this point, you'll have an=0A>> easy time spinning= up new Guix images!=0A>> =0A>> Let me know if this guide helps you!=0A> = =0A> --=0A> GPG Key ID: 7BC158ED=0A> Use `gpg --search-keys lambdatronic'= to find me=0A> Protect yourself from surveillance: https://emailselfdefe= nse.fsf.org=0A> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=0A> () ascii ribbon campaign - against html e-mail=0A> /\ ww= w.asciiribbon.org - against proprietary attachments=0A> =0A> Please avoid= sending me MS-Office attachments.=0A> See http://www.gnu.org/philosophy/= no-word-attachments.html