[PATCH] gnu: Add a section to the cookbook.

  • Done
  • quality assurance status badge
Details
2 participants
  • Maxim Cournoyer
  • Thomas Ieong
Owner
unassigned
Submitted by
Thomas Ieong
Severity
normal
T
T
Thomas Ieong wrote on 7 Apr 2023 19:45
(address . guix-patches@gnu.org)(name . Thomas Ieong)(address . th.ieong@free.fr)
875ae7b62e9ea09191b7e36b8a82b2f5efc6daa6.1680889526.git.th.ieong@free.fr
* doc/guix-cookbook.texi (Running Guix on a Kimsufi Server): New chapter.
---
doc/guix-cookbook.texi | 241 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 241 insertions(+)

Toggle diff (277 lines)
diff --git a/doc/guix-cookbook.texi b/doc/guix-cookbook.texi
index b9fb916f4a..f28b3c8932 100644
--- a/doc/guix-cookbook.texi
+++ b/doc/guix-cookbook.texi
@@ -23,6 +23,7 @@
Copyright @copyright{} 2021 Joshua Branson@*
Copyright @copyright{} 2022 Maxim Cournoyer@*
Copyright @copyright{} 2023 Ludovic Courtès
+Copyright @copyright{} 2023 Thomas Ieong
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -98,6 +99,7 @@ Top
* Connecting to Wireguard VPN:: Connecting to a Wireguard VPN.
* Customizing a Window Manager:: Handle customization of a Window manager on Guix System.
* Running Guix on a Linode Server:: Running Guix on a Linode Server
+* Running Guix on a Kimsufi Server:: Running Guix on a Kimsufi Server
* Setting up a bind mount:: Setting up a bind mount in the file-systems definition.
* Getting substitutes from Tor:: Configuring Guix daemon to get substitutes through Tor.
* Setting up NGINX with Lua:: Configuring NGINX web-server to load Lua modules.
@@ -1403,6 +1405,7 @@ System Configuration
* Connecting to Wireguard VPN:: Connecting to a Wireguard VPN.
* Customizing a Window Manager:: Handle customization of a Window manager on Guix System.
* Running Guix on a Linode Server:: Running Guix on a Linode Server
+* Running Guix on a Kimsufi Server:: Running Guix on a Kimsufi Server
* Setting up a bind mount:: Setting up a bind mount in the file-systems definition.
* Getting substitutes from Tor:: Configuring Guix daemon to get substitutes through Tor.
* Setting up NGINX with Lua:: Configuring NGINX web-server to load Lua modules.
@@ -2373,6 +2376,244 @@ Running Guix on a Linode Server
down-size the Guix image to 6144MB, to save it as an image. Then you
can resize it again to the max size.
+@node Running Guix on a Kimsufi Server
+@section Running Guix on a Kimsufi Server
+@cindex kimsufi, Kimsufi, OVH
+
+To run Guix on a server hosted by @uref{https://www.kimsufi.com/, Kimsufi},
+click on the netboot tab then select rescue64-pro and restart.
+
+OVH will email you the credentials required to ssh into a Debian system.
+
+Now you can run the "install guix from @pxref{Binary Installation,,, guix, GNU Guix}" steps:
+
+@example
+wget https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh
+chmod +x guix-install.sh
+./guix-install.sh
+guix pull
+@end example
+
+Partition the drives and format them, first stop the raid array:
+
+@example
+mdadm --stop /dev/md127
+mdadm --zero-superblock /dev/sda2 /dev/sdb2
+@end example
+
+Then wipe the disks and set up the partitions, we will create
+a RAID 1 array.
+
+@example
+wipefs -a /dev/sda
+wipefs -a /dev/sdb
+
+parted /dev/sda --align=opt -s -m -- mklabel gpt
+parted /dev/sda --align=opt -s -m -- \
+ mkpart bios_grub 1049kb 512MiB \
+ set 1 bios_grub on
+parted /dev/sda --align=opt -s -m -- \
+ mkpart primary 512MiB -512MiB
+ set 2 raid on
+parted /dev/sda --align=opt -s -m -- mkpart primary linux-swap 512MiB 100% # Swap
+
+parted /dev/sdb --align=opt -s -m -- mklabel gpt
+parted /dev/sdb --align=opt -s -m -- \
+ mkpart bios_grub 1049kb 512MiB \
+ set 1 bios_grub on
+parted /dev/sdb --align=opt -s -m -- \
+ mkpart primary 512MiB -512MiB \
+ set 2 raid on
+parted /dev/sdb --align=opt -s -m -- mkpart primary linux-swap 512MiB 100% # Swap
+@end example
+
+Create the array:
+
+@example
+mdadm --create /dev/md127 --level=1 --raid-disks=2 --metadata=0.90 /dev/sda2 /dev/sdb2
+@end example
+
+Now create file systems on the relevant partitions, first the boot partitions:
+
+@example
+mkfs.ext4 /dev/sda1
+mkfs.ext4 /dev/sdb1
+@end example
+
+Then the root partition:
+
+@example
+mkfs.ext4 /dev/md127
+@end example
+
+Initialize the swap partitions:
+
+@example
+mkswap /dev/sda3
+swapon /dev/sda3
+mkswap /dev/sdb3
+swapon /dev/sdb3
+@end example
+
+Mount the guix drive:
+
+@example
+mkdir /mnt/guix
+mount /dev/md127 /mnt/guix
+@end example
+
+Now is time to write an os.scm, here is a sample:
+
+@lisp
+(use-modules (gnu) (guix))
+(use-service-modules networking ssh vpn virtualization sysctl admin mcron)
+(use-package-modules ssh certs tls tmux vpn virtualization)
+
+(operating-system
+ (host-name "kimsufi")
+ (timezone "Etc/UTC")
+
+ (bootloader (bootloader-configuration
+ (bootloader grub-bootloader)
+ (targets (list "/dev/sda" "/dev/sdb"))
+ (terminal-outputs '(console))))
+
+ ;; Add a kernel module for RAID-1 (aka. "mirror").
+ (initrd-modules (cons* "raid1" %base-initrd-modules))
+
+ (mapped-devices
+ (list
+ (mapped-device
+ (source (list "/dev/sda2" "/dev/sdb2"))
+ (target "/dev/md127")
+ (type raid-device-mapping))))
+
+ (swap-devices
+ (list
+ (swap-space
+ (target "/dev/sda3"))
+ (swap-space
+ (target "/dev/sdb3"))))
+
+ (issue
+ ;; Default contents for /etc/issue.
+ "\
+This is the GNU system at Kimsufi. Welcome.\n")
+
+ (file-systems (cons* (file-system
+ (mount-point "/")
+ (device "/dev/md127")
+ (type "ext4")
+ (dependencies mapped-devices))
+ %base-file-systems))
+
+ (users (cons (user-account
+ (name "guix")
+ (comment "guix")
+ (group "users")
+ (supplementary-groups '("wheel"))
+ (home-directory "/home/guix"))
+ %base-user-accounts))
+
+ (sudoers-file
+ (plain-file "sudoers" "\
+root ALL=(ALL) ALL
+%wheel ALL=(ALL) ALL
+guix ALL=(ALL) NOPASSWD:ALL\n"))
+
+
+ ;; Globally-installed packages.
+ (packages (cons* tmux nss-certs gnutls wireguard-tools %base-packages))
+ (services
+ (cons*
+ (service static-networking-service-type
+ (list (static-networking
+ (addresses (list (network-address
+ (device "enp3s0")
+ (value "REPLACE_ME/24"))))
+ (routes (list (network-route
+ (destination "default")
+ (gateway "REPLACE_ME"))))
+ (name-servers '("213.186.33.99")))))
+
+ (service unattended-upgrade-service-type)
+
+ (service openssh-service-type
+ (openssh-configuration
+ (openssh openssh-sans-x)
+ (permit-root-login #f)
+ (authorized-keys
+ (quasiquote
+ (("guix" (unquote (plain-file "REPLACE_ME.pub" "REPLACE_ME"))))))))
+ (modify-services %base-services
+ (sysctl-service-type config =>
+ (sysctl-configuration
+ (settings (append '(("net.ipv6.conf.all.autoconf" . "0")
+ ("net.ipv6.conf.all.accept_ra" . "0"))
+ %default-sysctl-settings))))))))
+@end lisp
+
+Don't forget to replace the "REPLACE_ME" fields, they correspond respectively to the ip
+address of your server, the gateway, the name of your ssh key and the content of your ssh public key.
+
+The gateway is the last usable ip in your block so if you have a server with an ip
+of 37.187.79.10 then its gateway will be 37.187.79.254.
+
+Transfer your os.scm on the server via scp/sftp.
+
+Now all that is left is to install guix with a @code{guix system init} and restart.
+
+However we first need to set up a chroot. Why is that? Well the root partition
+of the rescue system is mounted on an aufs partition and if you try to install Guix
+it will fail at the grub install step complaining about the canonical path of "aufs".
+
+Install packages that will be used in the chroot:
+
+@example
+guix install bash-static parted util-linux-with-udev coreutils guix
+@end example
+
+Then run the following to create directories needed for the chroot:
+
+@example
+cd /mnt || exit 1
+mkdir -p bin etc gnu/store root/.guix-profile/ root/.config/guix/current var/guix proc sys dev
+@end example
+
+Copy our resolv.conf in our chroot:
+
+@example
+cp /etc/resolv.conf etc/
+@end example
+
+Mount block devices, the store and its database and the current guix config:
+
+@example
+mount --rbind /proc /mnt/proc
+mount --rbind /sys /mnt/sys
+mount --rbind /dev /mnt/dev
+mount --rbind /var/guix/ var/guix/
+mount --rbind /gnu/store gnu/store/
+mount --rbind /root/.config/ root/.config/
+mount --rbind /root/.guix-profile/bin/ bin
+mount --rbind /root/.guix-profile root/.guix-profile/
+@end example
+
+Chroot in /mnt and install the system:
+
+@example
+chroot /mnt/ /bin/bash
+
+guix system init /root/os.scm /guix
+@end example
+
+Finally from the web ui change netboot to boot to disk and restart (also from the web ui).
+
+Wait a couple of minutes and try to ssh with @code{ssh
+guix@@@var{<your-server-IP-here>} -i @var{<path-to-your-ssh-key>}}
+
+Congratulations you should have a Guix system up and running on Kimsufi!
+
@node Setting up a bind mount
@section Setting up a bind mount

base-commit: 110dc3fde90de3b8f2c8dfe8d531c46d6f074145
--
2.39.2
T
T
Thomas Ieong wrote on 13 Apr 2023 21:18
(address . 62716@debbugs.gnu.org)
87ttxj8ubt.fsf@free.fr
retitle 62716 [PATCH] gnu: Add "Running Guix on a Kimsufi server" to the cookbook.

thanks

--
Thomas Ieong
M
M
Maxim Cournoyer wrote on 2 Sep 2023 05:13
Re: bug#62716: [PATCH] gnu: Add a section to the cookbook.
(name . Thomas Ieong)(address . th.ieong@free.fr)(address . 62716-done@debbugs.gnu.org)
87wmx9z2rk.fsf_-_@gmail.com
Hi!

I've finally apply this series, applying some Texinfo polish here and
there.

Thanks for the recipe!

--
Maxim
Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 62716@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 62716
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch