[PATCH] gnu: Add a section to the cookbook.

+++ b/doc/guix-cookbook.texi

+Copyright @copyright{} 2023 Thomas Ieong

+* Running Guix on a Kimsufi Server:: Running Guix on a Kimsufi Server

+* Running Guix on a Kimsufi Server:: Running Guix on a Kimsufi Server

+@node Running Guix on a Kimsufi Server

+@section Running Guix on a Kimsufi Server

+@cindex kimsufi, Kimsufi, OVH

+

+To run Guix on a server hosted by @uref{https://www.kimsufi.com/, Kimsufi},

+click on the netboot tab then select rescue64-pro and restart.

+

+OVH will email you the credentials required to ssh into a Debian system.

+

+Now you can run the "install guix from @pxref{Binary Installation,,, guix, GNU Guix}" steps:

+

+@example

+wget https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh

+chmod +x guix-install.sh

+./guix-install.sh

+guix pull

+@end example

+

+Partition the drives and format them, first stop the raid array:

+

+@example

+mdadm --stop /dev/md127

+mdadm --zero-superblock /dev/sda2 /dev/sdb2

+@end example

+

+Then wipe the disks and set up the partitions, we will create

+a RAID 1 array.

+

+@example

+wipefs -a /dev/sda

+wipefs -a /dev/sdb

+

+parted /dev/sda --align=opt -s -m -- mklabel gpt

+parted /dev/sda --align=opt -s -m -- \

+ mkpart bios_grub 1049kb 512MiB \

+ set 1 bios_grub on

+parted /dev/sda --align=opt -s -m -- \

+ mkpart primary 512MiB -512MiB

+ set 2 raid on

+parted /dev/sda --align=opt -s -m -- mkpart primary linux-swap 512MiB 100% # Swap

+

+parted /dev/sdb --align=opt -s -m -- mklabel gpt

+parted /dev/sdb --align=opt -s -m -- \

+ mkpart bios_grub 1049kb 512MiB \

+ set 1 bios_grub on

+parted /dev/sdb --align=opt -s -m -- \

+ mkpart primary 512MiB -512MiB \

+ set 2 raid on

+parted /dev/sdb --align=opt -s -m -- mkpart primary linux-swap 512MiB 100% # Swap

+@end example

+

+Create the array:

+

+@example

+mdadm --create /dev/md127 --level=1 --raid-disks=2 --metadata=0.90 /dev/sda2 /dev/sdb2

+@end example

+

+Now create file systems on the relevant partitions, first the boot partitions:

+

+@example

+mkfs.ext4 /dev/sda1

+mkfs.ext4 /dev/sdb1

+@end example

+

+Then the root partition:

+

+@example

+mkfs.ext4 /dev/md127

+@end example

+

+Initialize the swap partitions:

+

+@example

+mkswap /dev/sda3

+swapon /dev/sda3

+mkswap /dev/sdb3

+swapon /dev/sdb3

+@end example

+

+Mount the guix drive:

+

+@example

+mkdir /mnt/guix

+mount /dev/md127 /mnt/guix

+@end example

+

+Now is time to write an os.scm, here is a sample:

+

+@lisp

+(use-modules (gnu) (guix))

+(use-service-modules networking ssh vpn virtualization sysctl admin mcron)

+(use-package-modules ssh certs tls tmux vpn virtualization)

+

+(operating-system

+ (host-name "kimsufi")

+ (timezone "Etc/UTC")

+

+ (bootloader (bootloader-configuration

+ (bootloader grub-bootloader)

+ (targets (list "/dev/sda" "/dev/sdb"))

+ (terminal-outputs '(console))))

+

+ ;; Add a kernel module for RAID-1 (aka. "mirror").

+ (initrd-modules (cons* "raid1" %base-initrd-modules))

+

+ (mapped-devices

+ (list

+ (mapped-device

+ (source (list "/dev/sda2" "/dev/sdb2"))

+ (target "/dev/md127")

+ (type raid-device-mapping))))

+

+ (swap-devices

+ (list

+ (swap-space

+ (target "/dev/sda3"))

+ (swap-space

+ (target "/dev/sdb3"))))

+

+ (issue

+ ;; Default contents for /etc/issue.

+ "\

+This is the GNU system at Kimsufi. Welcome.\n")

+

+ (file-systems (cons* (file-system

+ (mount-point "/")

+ (device "/dev/md127")

+ (type "ext4")

+ (dependencies mapped-devices))

+ %base-file-systems))

+

+ (users (cons (user-account

+ (name "guix")

+ (comment "guix")

+ (group "users")

+ (supplementary-groups '("wheel"))

+ (home-directory "/home/guix"))

+ %base-user-accounts))

+

+ (sudoers-file

+ (plain-file "sudoers" "\

+root ALL=(ALL) ALL

+%wheel ALL=(ALL) ALL

+guix ALL=(ALL) NOPASSWD:ALL\n"))

+

+

+ ;; Globally-installed packages.

+ (packages (cons* tmux nss-certs gnutls wireguard-tools %base-packages))

+ (services

+ (cons*

+ (service static-networking-service-type

+ (list (static-networking

+ (addresses (list (network-address

+ (device "enp3s0")

+ (value "REPLACE_ME/24"))))

+ (routes (list (network-route

+ (destination "default")

+ (gateway "REPLACE_ME"))))

+ (name-servers '("213.186.33.99")))))

+

+ (service unattended-upgrade-service-type)

+

+ (service openssh-service-type

+ (openssh-configuration

+ (openssh openssh-sans-x)

+ (permit-root-login #f)

+ (authorized-keys

+ (quasiquote

+ (("guix" (unquote (plain-file "REPLACE_ME.pub" "REPLACE_ME"))))))))

+ (modify-services %base-services

+ (sysctl-service-type config =>

+ (sysctl-configuration

+ (settings (append '(("net.ipv6.conf.all.autoconf" . "0")

+ ("net.ipv6.conf.all.accept_ra" . "0"))

+ %default-sysctl-settings))))))))

+@end lisp

+

+Don't forget to replace the "REPLACE_ME" fields, they correspond respectively to the ip

+address of your server, the gateway, the name of your ssh key and the content of your ssh public key.

+

+The gateway is the last usable ip in your block so if you have a server with an ip

+of 37.187.79.10 then its gateway will be 37.187.79.254.

+

+Transfer your os.scm on the server via scp/sftp.

+

+Now all that is left is to install guix with a @code{guix system init} and restart.

+

+However we first need to set up a chroot. Why is that? Well the root partition

+of the rescue system is mounted on an aufs partition and if you try to install Guix

+it will fail at the grub install step complaining about the canonical path of "aufs".

+

+Install packages that will be used in the chroot:

+

+@example

+guix install bash-static parted util-linux-with-udev coreutils guix

+@end example

+

+Then run the following to create directories needed for the chroot:

+

+@example

+cd /mnt || exit 1

+mkdir -p bin etc gnu/store root/.guix-profile/ root/.config/guix/current var/guix proc sys dev

+@end example

+

+Copy our resolv.conf in our chroot:

+

+@example

+cp /etc/resolv.conf etc/

+@end example

+

+Mount block devices, the store and its database and the current guix config:

+

+@example

+mount --rbind /proc /mnt/proc

+mount --rbind /sys /mnt/sys

+mount --rbind /dev /mnt/dev

+mount --rbind /var/guix/ var/guix/

+mount --rbind /gnu/store gnu/store/

+mount --rbind /root/.config/ root/.config/

+mount --rbind /root/.guix-profile/bin/ bin

+mount --rbind /root/.guix-profile root/.guix-profile/

+@end example

+

+Chroot in /mnt and install the system:

+

+@example

+chroot /mnt/ /bin/bash

+

+guix system init /root/os.scm /guix

+@end example

+

+Finally from the web ui change netboot to boot to disk and restart (also from the web ui).

+

+Wait a couple of minutes and try to ssh with @code{ssh

+guix@@@var{<your-server-IP-here>} -i @var{<path-to-your-ssh-key>}}

+

+Congratulations you should have a Guix system up and running on Kimsufi!

+