From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id WDjkML1TF19kFwAA0tVLHw (envelope-from ) for ; Tue, 21 Jul 2020 20:44:45 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id KGmNLL1TF19CegAAbx9fmQ (envelope-from ) for ; Tue, 21 Jul 2020 20:44:45 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 4A09594050A for ; Tue, 21 Jul 2020 20:44:45 +0000 (UTC) Received: from localhost ([::1]:56194 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jxz80-0007iv-98 for larch@yhetil.org; Tue, 21 Jul 2020 16:44:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:44454) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxz7s-0007il-Rs for help-guix@gnu.org; Tue, 21 Jul 2020 16:44:36 -0400 Received: from dustycloud.org ([50.116.34.160]:38052) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jxz7q-0000ys-Ne for help-guix@gnu.org; Tue, 21 Jul 2020 16:44:36 -0400 Received: from twig (localhost [127.0.0.1]) by dustycloud.org (Postfix) with ESMTPS id 91E79266AA; Tue, 21 Jul 2020 16:44:33 -0400 (EDT) References: <322811df4e5685c75bf592938027bed3@dismail.de> <8736617e85.fsf@disroot.org> <87y2ntbogr.fsf@dustycloud.org> <7c32ae519b2f431e353b2a3f4495601b@dismail.de> User-agent: mu4e 1.4.9; emacs 26.3 From: Christopher Lemmer Webber To: jbranso@dismail.de Subject: Re: Installing Guix on Linode: a how-to In-reply-to: <7c32ae519b2f431e353b2a3f4495601b@dismail.de> Date: Tue, 21 Jul 2020 16:44:33 -0400 Message-ID: <87pn8oy4we.fsf@dustycloud.org> MIME-Version: 1.0 Content-Type: text/plain Received-SPF: pass client-ip=50.116.34.160; envelope-from=cwebber@dustycloud.org; helo=dustycloud.org X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/21 16:44:33 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: help-guix@gnu.org Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Spam-Score: -1.01 X-TUID: iP46b5idZ14q Oh horray.. I didn't see this before my last reply ;) jbranso@dismail.de writes: > Ok I sent it to guix-patches. > > https://lists.gnu.org/archive/html/guix-patches/2020-07/msg00294.html > > July 10, 2020 6:17 PM, jbranso@dismail.de wrote: > >> I will volunteer to add this to the guix cookbook. If I don't send a patch in a week or so, then >> that means I got lazy and decided not to do it. >> >> July 8, 2020 7:57 PM, "Gary Johnson" wrote: >> >>> Can someone add this tutorial to the Guix Cookbook? I've been wondering >>> about how to do this for some time now, and it would be great to have it >>> saved somewhere obvious like that for future reference. >>> >>> Thanks, >>> Gary >>> >>> Christopher Lemmer Webber writes: >>> >>>> Hi! I finally got Guix running on Linode! I'm excited about it! >>>> Here's the process (thanks to jackhill on freenode for helping me figure >>>> out all the stuff involving the bootloader!). It's very bullet-point'y, >>>> but here's the steps I took: >>>> >>>> - Start with a Debian (or whatever) server. Be sure to add your ssh >>>> key for easy login. We'll be using the default distro as a way to >>>> bootstrap Guix. >>>> - Power it down. >>>> - In the Disks/Configurations tab, resize the Debian disk to be >>>> smaller, maybe 30GB or something. >>>> - "Add a disk", with the following: >>>> - Label: "Guix" >>>> - Filesystem: ext4 >>>> - Set it to the remaining size >>>> - Next to the "configuration" that comes with the default image, >>>> press "..." and select "Edit", then on that menu add to >>>> /dev/sdc the "Guix" label >>>> - Now "Add a Configuration", with the following: >>>> - Label: Guix >>>> - VM Mode: Paravirtualization (the default?? don't know if this matters) >>>> - Kernel: Grub 2 (it's at the bottom! This step is *IMPORTANT*) >>>> - Block device assignment: >>>> - /dev/sda: Guix >>>> - /dev/sdb: swap >>>> - Root device: /dev/sda >>>> - Turn off all the filesystem/boot helpers >>>> - Now power it back up, picking the Debian configuration >>>> - Once it's booted up, ssh root@ >>>> - Run the "install guix form binary installer" steps: >>>> - $ sudo apt-get install gpg >>>> - $ wget https://sv.gnu.org/people/viewgpg.php?user_id=15145 -qO - | gpg --import - >>>> - $ wget https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh >>>> - $ chmod +x guix-install.sh >>>> - $ ./guix-install.sh >>>> - $ guix pull >>>> >>>> - Now it's time to write out a config for the server. The key stuff is >>>> below, save as guix-config.scm: >>>> >>>> #+BEGIN_SRC scheme >>>> (use-modules (gnu) >>>> (guix modules)) >>>> (use-service-modules networking >>>> ssh) >>>> (use-package-modules admin >>>> certs >>>> package-management >>>> ssh >>>> tls) >>>> >>>> (operating-system >>>> (host-name "my-server") >>>> (timezone "America/New_York") >>>> (locale "en_US.UTF-8") >>>> ;; This goofy code will generate the grub.cfg >>>> ;; without installing the grub bootloader on disk. >>>> (bootloader (bootloader-configuration >>>> (bootloader >>>> (bootloader >>>> (inherit grub-bootloader) >>>> (installer #~(const #t)))))) >>>> (file-systems (cons (file-system >>>> (device "/dev/sda") >>>> (mount-point "/") >>>> (type "ext4")) >>>> %base-file-systems)) >>>> >>>> (initrd-modules (cons "virtio_scsi" ; Needed to find the disk >>>> %base-initrd-modules)) >>>> >>>> (users (cons (user-account >>>> (name "janedoe") >>>> (group "users") >>>> ;; Adding the account to the "wheel" group >>>> ;; makes it a sudoer. >>>> (supplementary-groups '("wheel")) >>>> (home-directory "/home/janedoe")) >>>> %base-user-accounts)) >>>> >>>> (packages (cons* nss-certs ;for HTTPS access >>>> openssh-sans-x >>>> %base-packages)) >>>> >>>> (services (cons* >>>> (service dhcp-client-service-type) >>>> (service openssh-service-type >>>> (openssh-configuration >>>> (openssh openssh-sans-x) >>>> (password-authentication? #f) >>>> (authorized-keys >>>> `(("janedoe" ,(local-file "janedoe_rsa.pub")) >>>> ;; Is this a good idea? Well if you don't add it >>>> ;; you have to manually set your user's password >>>> ;; via the glish console... >>>> ("root" ,(local-file "janedoe_rsa.pub")))))) >>>> %base-services))) >>>> #+END_SRC >>>> >>>> - Replace the following fields in the above configuration: >>>> - (host-name "my-server") ; replace with your server name >>>> - (name "janedoe") ; replace with your username >>>> - ("janedoe" ,(local-file "janedoe_rsa.pub")) ; here too >>>> - Note the same above for root, which I don't feel great about, but >>>> otherwise you'll need to log in via the linode "glish" console to >>>> log in as root and set the user's initial password before you can >>>> start using sudo (is there another way around this?) >>>> >>>> - Save your ssh public key (~/.ssh/id_rsa.pub) as >>>> _rsa.pub or whatever in the same directory >>>> >>>> - Mount the guix drive: >>>> $ mkdir /mnt/guix >>>> $ mount /dev/sdc /mnt/guix >>>> >>>> - Due to the way we set things up above, we don't install Grub >>>> completely, just our grub configuration file. So we need to copy >>>> over some of the other Grub stuff that's already there: >>>> $ mkdir -p /mnt/guix/boot/grub >>>> $ cp -r /boot/grub/* /mnt/guix/boot/grub/ >>>> >>>> - Now initialize the Guix installation: >>>> $ guix system init guix-config.scm /mnt/guix >>>> >>>> - Ok, power it down! >>>> - Now from the linode console, select boot and select "Guix" >>>> >>>> - Once it boots, you should be able to log in via ssh! (The server >>>> config will have changed though.) >>>> >>>> - Be sure to set your password and root's password. >>>> >>>> - Horray! At this point you can shut down the server, delete the >>>> Debian disk, and resize the Guix to the rest of the size. >>>> Congratulations! >>>> >>>> BTW, if you save it as a disk image right at this point, you'll have an >>>> easy time spinning up new Guix images! >>>> >>>> Let me know if this guide helps you! >>> >>> -- >>> GPG Key ID: 7BC158ED >>> Use `gpg --search-keys lambdatronic' to find me >>> Protect yourself from surveillance: https://emailselfdefense.fsf.org >>> ======================================================================= >>> () ascii ribbon campaign - against html e-mail >>> /\ www.asciiribbon.org - against proprietary attachments >>> >>> Please avoid sending me MS-Office attachments. >>> See http://www.gnu.org/philosophy/no-word-attachments.html