Re: Using the Hetzner Cloud

[Alex Sassmannshausen <alex.sassmannshausen@gmail.com>]

[-- Attachment #1: Type: text/plain, Size: 1429 bytes --]

Heya,

Giovanni Biscuolo <g@xelera.eu> writes:

> Hello Alex,
>
> Alex Sassmannshausen <alex.sassmannshausen@gmail.com> writes:
>
> [...]
>
>> Now I use a different approach: deploy a debian server then use a
>> guix-infect style script (gleaned from the guix deploy code for digital
>> ocean).
>
> could you please share that "guix-infect" script?

Sure, please see attached.  This one here is a bash script that works
with a system config that is specified as part of a here-doc in the bash
script.

It's all a bit gaffer tape & macgyver — primarily to encourage myself to
keep automating further by integrating this in Guix deploy. Where does
all the time go!!!

Happy to help if you run into problems or have questions.

> I think this could/should become an entry in our cookbook, in a similar
> way NixOS does here:
> https://nixos.wiki/wiki/NixOS_friendly_hosters#Hoster-agnostic_means_of_installation

Agreed, a cookbook recipe that summarises the existing ways of deploying
would be cool.  I'd be happy to read over and give feedback on any
proposed articles.

Ellen Papsch <ellen.papsch@wine-logistix.de> writes:

> […]
> mv var/guix /var/ && mv gnu /
>
> there seems to be a complete takeover, even better than a FrankenDebian
> :-)

Agreed — it's testament to the versatility of Guix that it can literally
do this hostile take-over.  Very cool :-)

Cheers,

Alex

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: boostrap.sh --]
[-- Type: text/x-sh, Size: 3936 bytes --]

#!/bin/bash

e2label /dev/sda1 root
apt-get update
apt-get install xz-utils -y
wget https://ftp.gnu.org/gnu/guix/guix-binary-1.0.1.x86_64-linux.tar.xz
cd /tmp
tar --warning=no-timestamp -xf ~/guix-binary-1.0.1.x86_64-linux.tar.xz
mv var/guix /var/ && mv gnu /
mkdir -p ~root/.config/guix
ln -sf /var/guix/profiles/per-user/root/current-guix ~root/.config/guix/current
export GUIX_PROFILE="`echo ~root`/.config/guix/current" ;
source $GUIX_PROFILE/etc/profile
groupadd --system guixbuild
for i in `seq -w 1 10`; do
   useradd -g guixbuild -G guixbuild                    -d /var/empty -s `which nologin`             -c "Guix build user $i" --system             guixbuilder$i;
done;
cp ~root/.config/guix/current/lib/systemd/system/guix-daemon.service /etc/systemd/system/
systemctl start guix-daemon && systemctl enable guix-daemon
mkdir -p /usr/local/bin
cd /usr/local/bin
ln -s /var/guix/profiles/per-user/root/current-guix/bin/guix
mkdir -p /usr/local/share/info
cd /usr/local/share/info
for i in /var/guix/profiles/per-user/root/current-guix/share/info/*; do
    ln -s $i;
done
guix archive --authorize < ~root/.config/guix/current/share/guix/ci.guix.gnu.org.pub
# FIXME: I'm pulling a commit that fixes some issues.  When there is a new
# guix release this can be removed.
guix pull --commit=3a695c01d7ee18f30f22df53f3c44dfac04017f1
guix package -i openssl
# FIXME: Just loading the default example from the guix manual here.  This can
# be adapted to whatever base guix deployment you want.
cat > /etc/bootstrap-config.scm << EOF
     ;; This is an operating system configuration template
     ;; for a "bare bones" setup, with no X11 display server.

     (use-modules (gnu))
     (use-service-modules networking ssh)
     (use-package-modules screen)

     (operating-system
       (host-name "komputilo")
       (timezone "Europe/Berlin")
       (locale "en_US.utf8")

       ;; Boot in "legacy" BIOS mode, assuming /dev/sdX is the
       ;; target hard disk, and "my-root" is the label of the target
       ;; root file system.
       (bootloader (bootloader-configuration
                     (bootloader grub-bootloader)
                     (target "/dev/sdX")))
       (file-systems (cons (file-system
                             (device (file-system-label "my-root"))
                             (mount-point "/")
                             (type "ext4"))
                           %base-file-systems))

       ;; This is where user accounts are specified.  The "root"
       ;; account is implicit, and is initially created with the
       ;; empty password.
       (users (cons (user-account
                     (name "alice")
                     (comment "Bob's sister")
                     (group "users")

                     ;; Adding the account to the "wheel" group
                     ;; makes it a sudoer.  Adding it to "audio"
                     ;; and "video" allows the user to play sound
                     ;; and access the webcam.
                     (supplementary-groups '("wheel"
                                             "audio" "video")))
                    %base-user-accounts))

       ;; Globally-installed packages.
       (packages (cons screen %base-packages))

       ;; Add services to the baseline: a DHCP client and
       ;; an SSH server.
       (services (append (list (service dhcp-client-service-type)
                               (service openssh-service-type
                                        (openssh-configuration
                                         (port-number 2222))))
                         %base-services)))
EOF
guix system build /etc/bootstrap-config.scm
guix system reconfigure /etc/bootstrap-config.scm
mv /etc /old-etc
mkdir /etc
cp -r /old-etc/{passwd,group,shadow,gshadow,mtab,guix,bootstrap-config.scm} /etc/
guix system reconfigure /etc/bootstrap-config.scm
echo ". /etc/bashrc" >> /root/.bashrc
echo ". /etc/profile" >> /root/.bashrc