all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
* Build machine sysadmin support
@ 2016-08-19  7:50 Ludovic Courtès
  2016-08-21 12:42 ` David Craven
  0 siblings, 1 reply; 16+ messages in thread
From: Ludovic Courtès @ 2016-08-19  7:50 UTC (permalink / raw)
  To: guix-sysadmin; +Cc: guix-devel, Nacho Gonzalez

[-- Attachment #1: Type: text/plain, Size: 1829 bytes --]

Hello!

After my talk yesterday at the GHM, Nacho and I talked a bit and Nacho
kindly offered to help make chapters.gnu.org the first build machine
that would use GuixSD.

So I quickly hacked up together, in guix-maintenance.git, a couple of
modules that allow us to give the high-level view of a build machine,
such that the GuixSD configuration of one machine is just:

--8<---------------cut here---------------start------------->8---
(use-modules (sysadmin people)
             (sysadmin build-machines)
             (guix))

(define %sysadmins
  ;; The fine folks!
  (list (sysadmin (name "ludo")
                  (full-name "Ludovic Courtès")
                  (lsh-public-key (local-file "keys/lsh/ludo.pub")))
        (sysadmin (name "hydra")                  ;fake sysadmin
                  (full-name "Hydra User")
                  (restricted? #t)
                  (lsh-public-key
                   (local-file "keys/lsh/hydra.gnu.org.pub")))))

(define %authorized-guix-keys
  ;; List of authorized 'guix archive' keys.
  (list (local-file "keys/guix/hydra.gnu.org-export.pub")))

;; The actual machine.
(build-machine-os "chapters" %sysadmins
                  #:authorized-guix-keys %authorized-guix-keys)
--8<---------------cut here---------------end--------------->8---

… and we get a GuixSD config with the relevant accounts created, and
with the right lsh and Guix keys authorized.

I’ll see with Nacho if we can deploy it on chapters.gnu.org, and from
there we can incrementally migrate our build machines to GuixSD!  \o/

Also, all the sysadmin work will happen in a bunch of Scheme files,
which means that everyone can now contribute to sysadmin, without
necessarily having shell access to the machines.  No excuses!  :-)

Ludo’, live from the GHM.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 818 bytes --]

^ permalink raw reply	[flat|nested] 16+ messages in thread

end of thread, other threads:[~2016-09-05 20:50 UTC | newest]

Thread overview: 16+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-08-19  7:50 Build machine sysadmin support Ludovic Courtès
2016-08-21 12:42 ` David Craven
2016-08-21 14:34   ` David Craven
2016-08-21 17:38     ` David Craven
2016-08-27 10:31       ` David Craven
2016-08-28 14:30         ` Offloading to a VM Ludovic Courtès
2016-08-28 14:38           ` David Craven
2016-08-29 12:54             ` Ludovic Courtès
2016-08-29 12:56               ` David Craven
2016-09-03 14:27                 ` David Craven
2016-09-03 14:32                   ` David Craven
2016-09-05 20:30                     ` Ludovic Courtès
2016-09-05 20:50                       ` David Craven
2016-09-05 20:28                   ` Ludovic Courtès
2016-08-28 14:22       ` ‘guix system vm’ and shared store Ludovic Courtès
2016-08-28 14:33   ` Build machine sysadmin support Ludovic Courtès

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.