From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms13.migadu.com with LMTPS id oOOOGvJB02bSDAEAe85BDQ:P1 (envelope-from ) for ; Sat, 31 Aug 2024 16:16:50 +0000 Received: from aspmx1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id oOOOGvJB02bSDAEAe85BDQ (envelope-from ) for ; Sat, 31 Aug 2024 18:16:50 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=rdklein.fr header.s=zoho header.b="H5ntK/xt"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"; arc=pass ("zohomail.eu:s=zohoarc:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1725121010; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=yq1hf/ELghsCfmNJWXJ/jQIHIGiqdbERIXxh4SZJHHw=; b=gnH6VFlxMh5L9AMejtIAIs/IFKKtW8VjRt8mSrOhZDvEb0UjGvGSYLrRB1sSmYk7eS/DzQ lNjZxRNyuuKzVm8ACvGmyCOLjUkDJcDDm2+pYG8kQMQxLrSwE8V50A4YAWsx+S8jPz/yWX YBwv+to3756cssD/9Ui1huYGuggEXtlKozSPNf05QnE0bjR7rAQqcXBlysr/10jLtALycf quy//u/b6GDW2Dxfjt0yIVp3QtZnHmbh1oIn2rMkUYa1SuGy1kf0rtI1DDagyiCkgl6lBF 00k/jQ2hn3HvkmWUiP1mPNBgPd/Yq7sfQySqFOg6TR4aZkut/k0xY4z+bmKfew== ARC-Seal: i=2; s=key1; d=yhetil.org; t=1725121010; a=rsa-sha256; cv=pass; b=TWWaUBxFlvl9xfbRcglx2GfF6yRZ9dXYEpz4g1s7gHhY9v5m9gJrn+Yey369pfG9dHVM6R RPLoJBfP3flDSkH5M32KMZOONIlSe8LG3jh9PgkiBvHSv6L6I/hCk4JLL1MJKaNpezNFfT Nu/wNJnCe6v+VNtGjepthtYE6E0n+38CAL5lZv6bpdk8cqc+FUb9idWa9tiJTFvseiukv1 RhgTinM9atZRSgrx8jzkG4QiLpEkjSXVccHNY3n5pTKjUyhXcvqoxxdqwYPxPLmGLo4Edq jLPxT7E4frZ0I90oLbR4Xwhit8dssvXMq9n6FsptMXS3XgcuvBtP8ycGtkO+Og== ARC-Authentication-Results: i=2; aspmx1.migadu.com; dkim=pass header.d=rdklein.fr header.s=zoho header.b="H5ntK/xt"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"; arc=pass ("zohomail.eu:s=zohoarc:i=1") Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 179B1186D1 for ; Sat, 31 Aug 2024 18:16:50 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1skQm0-0004u4-QW; Sat, 31 Aug 2024 12:16:24 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1skQlz-0004tg-9K for help-guix@gnu.org; Sat, 31 Aug 2024 12:16:23 -0400 Received: from sender-op-o11.zoho.eu ([136.143.169.11]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1skQlx-0003dV-2T for help-guix@gnu.org; Sat, 31 Aug 2024 12:16:23 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1725120975; cv=none; d=zohomail.eu; s=zohoarc; b=by6Ut49D3mR65HI1iRTSBIug07KPAJjqppu77BRHfxKXgj9BL9xRDG1iQnupmvN7hfA+ATBB4jIbFOYuHvp+vHTcb+Vxn1Y7quCHy4mCHWBlwhvWTqero2OX8L+i8NQS1Ger2Q6BQXHLUeBhTCiuvoMJuI9NLiSbkM9MJ4ZImNA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.eu; s=zohoarc; t=1725120975; h=Content-Type:Cc:Cc:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To; bh=yq1hf/ELghsCfmNJWXJ/jQIHIGiqdbERIXxh4SZJHHw=; b=P6fwrg8FiGC7ZsfcpTUEneamoJue7H6CIxkmBa6j2OBnqPwTeWlmPD4oDXfSVD5tiC23X+EOnUtTPNsbbSuJuaJxi1LICo5PCBH+berX65mD4m4aWXHBfYGFlWeRt1xZjL3ocibAe6cXzVWhEvldevBSQMLVNDNKa0wrH8t7lyk= ARC-Authentication-Results: i=1; mx.zohomail.eu; dkim=pass header.i=rdklein.fr; spf=pass smtp.mailfrom=edou@rdklein.fr; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1725120975; s=zoho; d=rdklein.fr; i=edou@rdklein.fr; h=References:From:From:To:To:Cc:Cc:Subject:Subject:Date:Date:In-reply-to:Message-ID:MIME-Version:Content-Type:Message-Id:Reply-To; bh=yq1hf/ELghsCfmNJWXJ/jQIHIGiqdbERIXxh4SZJHHw=; b=H5ntK/xtGFXnsSCmcOGIPgMH+VZ7Fo7Vuo7s8FIZKD1wbUD9ItBJL27CXQAySAXa OvKu2NUGzgxcjiL2FROubFIAqT1ALaNK+jPkJRMF0SfgeN1/3jdmASMlv5lNVK5UQDh gcCh32a4zJ46g1SbHhg3cTQ3sOM/XWF2E1aPneRaBGHOJF0h8X/AffyGFiBVj3i4dCk bgmWhfU7LlQZWc4JvVsTLTnQ7MzHFMCn2/DGXgQmnKPxMdLZZfQz/7EUMZwfhsWOKLu Mj/lCwFsIKkSSwJ5+u29oUFYw9fwiBq2Rm2abWOY8ebkosRQCiKROttG2jX6I96XLkY 0v71rz/onA== Received: by mx.zoho.eu with SMTPS id 1725120974023772.4635816176046; Sat, 31 Aug 2024 18:16:14 +0200 (CEST) References: <87ttf0amrx.fsf@gmail.com> <877cbwn066.fsf@rdklein.fr> User-agent: mu4e 1.10.2; emacs 28.2 From: Edouard Klein To: Edouard Klein Cc: Maxim Cournoyer , help-guix@gnu.org Subject: Re: Installing Guix System on an OVH VPS (Virtual Private Server) Date: Sat, 31 Aug 2024 18:11:42 +0200 In-reply-to: <877cbwn066.fsf@rdklein.fr> Message-ID: <8734mkmzw2.fsf@rdklein.fr> MIME-Version: 1.0 Content-Type: text/plain X-ZohoMailClient: External Received-SPF: pass client-ip=136.143.169.11; envelope-from=edou@rdklein.fr; helo=sender-op-o11.zoho.eu X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: help-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Queue-Id: 179B1186D1 X-Migadu-Scanner: mx12.migadu.com X-Migadu-Spam-Score: -10.54 X-Spam-Score: -10.54 X-TUID: WHMvwdjntEOo Also, here goes my "moat" for guix-hosting.com, but as RMS once sang: "Hoarders can get piles of money, That is true, hackers, that is true. But they cannot help their neighbors; That's not good, hackers, that's not good." https://www.gnu.org/music/free-software-song.en.html Edouard Klein writes: > Hi Maxim, > > Good job ! It must not have been easy to come up with a series of steps > that actually work... > > The method I use for https://guix-hosting.com/ is somewhat different and > does not require partitionning the disk but has the disadvantage of > ending up with an ext4 drive instead of btrfs, which now that I have > space problems with the store (mitigated by some aggressive gc-ing see > https://the-dam.org/docs/explanations/GarbageCollection.html), may be > nice to have. > > A single pass of btrfs-convert may solve that later problem however. > > Here is the method, jottled down quickly, please forgive me if I did not > take the time to publish it properly and sooner. > > On your main machine, create an image of the system you want on your > VPS, or use the base install image from the GNU Guix website: > > guix system image /tmp/baseGS.scm > > Reboot your VPS in rescue mode, then in the rescue system, run: > > : apt update > : apt install qemu-utils # Do it first otherwise no space left to do it after > : rm /var/cache/apt/archives/* > : wget $TOTO # The image created earlier, you can also scp it from your > main machine to the rescue. > : qemu-img dd if=gs.qcow2 bs=4M of=/dev/sdb -O raw > > > Resize the partition > : fdisk /dev/sdb > then d, n, p, w to recreate the partition till the end of the disk > Resize the FS > : resize2fs /dev/sdb2 > > # I guesse here is where btrfs-convert would be appropriate > > From there you can reboot into Guix and it should work. > > As for the system I use (minimal-ovh) from my channel as a base: > > > https://gitlab.com/edouardklein/guix/-/blob/beaverlabs/beaver/system.scm?ref_type=heads#L171 > > which looks mostly like yours. > > > Again I apologize for not publishing it sooner, I guess it would have > saved you some troubles. > > Cheers, > > Edouard. > > Maxim Cournoyer writes: > >> Hi, >> >> I've recently experimented with installing Guix System on a cheap OVH >> VPS server, and here are my findings in case it helps someone else: >> >> 1. The base images do not include Guix System, so start with something >> like Debian 12 or newer. >> >> 2. From their web interface, reboot into their rescue mode. >> >> 3. Make enough space on the rescue root to have about 500 MiB free, >> enough for 'apt install guix' to succeed. I found one unused kernel >> image which freed a lot of space, along with 'gcc'. >> >> 4. Recreate /dev/sdb1 from 20 GB to 15 GB, and create a new 5 GB >> partition after that, as /dev/sdb2. Mount /dev/sdb2 as /gnu in the >> rescue. This is because the rescue file system is too small to run >> 'guix system init'. >> >> I've also opted for Btrfs file system, and made sure to mount the >> partitions with 'mount -o compress=zstd ...' to shrink space usage as >> much as I could. >> >> 5. Run 'guix system init /mnt your-config.scm', where /mnt is the mount >> point for /dev/sdb1. For the config, start with the bare-bones.tmpl >> config. Use plain GRUB (BIOS, not UEFI), and add the virtio_scsi module >> to the initrd: >> >> (initrd-modules (cons "virtio_scsi" ; Needed to find the disk >> %base-initrd-modules)) >> >> >> The other important bit to see the kernel messages at boot is this: >> >> (kernel-arguments (list "console=ttyS0 console=tty0")) >> >> >> >> Here's what my actual config file looks like, with some parts redacted: >> >> (use-modules (gnu)) >> (use-service-modules networking ssh) >> (use-package-modules ssh) >> >> (operating-system >> (host-name "vps-xxx") >> (locale "en_US.utf8") >> >> (bootloader (bootloader-configuration >> (bootloader grub-bootloader) >> (targets '("/dev/sdb")))) >> >> (kernel-arguments (list "console=ttyS0 console=tty0")) >> >> (file-systems (cons* (file-system >> (device (uuid "bbf61fb4-b6ce-44af-ac57-1850cd708965")) >> (mount-point "/") >> (type "btrfs") >> (options "compress=zstd")) >> %base-file-systems)) >> >> (initrd-modules (cons "virtio_scsi" ; Needed to find the disk >> %base-initrd-modules)) >> >> ;; This is where user accounts are specified. The "root" >> ;; account is implicit, and is initially created with the >> ;; empty password. >> (users (cons (user-account >> (name "some-user") >> (group "users") >> ;; Adding the account to the "wheel" group >> ;; makes it a sudoer. Adding it to "audio" >> ;; and "video" allows the user to play sound >> ;; and access the webcam. >> (supplementary-groups '("wheel"))) >> %base-user-accounts)) >> >> ;; Add services to the baseline: a DHCP client and an SSH >> ;; server. You may wish to add an NTP service here. >> (services >> (append >> (list (service dhcp-client-service-type) >> (service openssh-service-type >> (openssh-configuration >> (openssh openssh-sans-x) >> (port-number 2222) >> (authorized-keys >> `(("some-user" ,(plain-file "maxim-ssh.pub" >> "ssh-XXX XXXXXXXX"))))))) >> %base-services)) >> >> (sudoers-file >> (plain-file "sudoers" >> (string-append (plain-file-content %sudoers-specification) >> "some-user ALL = NOPASSWD: ALL\n")))) >> >> The sudoers-file part is so that I can 'guix deploy' to it. >> >> Happy hacking!