GNU bug report logs - #62716
[PATCH] gnu: Add a section to the cookbook.

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 62716 in the body.
You can then email your comments to 62716 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Thomas Ieong <th.ieong <at> free.fr>
To: guix-patches <at> gnu.org
Cc: Thomas Ieong <th.ieong <at> free.fr>
Subject: [PATCH] gnu: Add a section to the cookbook.
Date: Fri,  7 Apr 2023 19:45:41 +0200

* doc/guix-cookbook.texi (Running Guix on a Kimsufi Server): New chapter.
---
 doc/guix-cookbook.texi | 241 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 241 insertions(+)

diff --git a/doc/guix-cookbook.texi b/doc/guix-cookbook.texi
index b9fb916f4a..f28b3c8932 100644
--- a/doc/guix-cookbook.texi
+++ b/doc/guix-cookbook.texi
@@ -23,6 +23,7 @@
 Copyright @copyright{} 2021 Joshua Branson@*
 Copyright @copyright{} 2022 Maxim Cournoyer@*
 Copyright @copyright{} 2023 Ludovic Courtès
+Copyright @copyright{} 2023 Thomas Ieong
 
 Permission is granted to copy, distribute and/or modify this document
 under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -98,6 +99,7 @@ Top
 * Connecting to Wireguard VPN::  Connecting to a Wireguard VPN.
 * Customizing a Window Manager:: Handle customization of a Window manager on Guix System.
 * Running Guix on a Linode Server:: Running Guix on a Linode Server
+* Running Guix on a Kimsufi Server:: Running Guix on a Kimsufi Server
 * Setting up a bind mount:: Setting up a bind mount in the file-systems definition.
 * Getting substitutes from Tor:: Configuring Guix daemon to get substitutes through Tor.
 * Setting up NGINX with Lua:: Configuring NGINX web-server to load Lua modules.
@@ -1403,6 +1405,7 @@ System Configuration
 * Connecting to Wireguard VPN::  Connecting to a Wireguard VPN.
 * Customizing a Window Manager:: Handle customization of a Window manager on Guix System.
 * Running Guix on a Linode Server:: Running Guix on a Linode Server
+* Running Guix on a Kimsufi Server:: Running Guix on a Kimsufi Server
 * Setting up a bind mount:: Setting up a bind mount in the file-systems definition.
 * Getting substitutes from Tor:: Configuring Guix daemon to get substitutes through Tor.
 * Setting up NGINX with Lua:: Configuring NGINX web-server to load Lua modules.
@@ -2373,6 +2376,244 @@ Running Guix on a Linode Server
 down-size the Guix image to 6144MB, to save it as an image.  Then you
 can resize it again to the max size.
 
+@node Running Guix on a Kimsufi Server
+@section Running Guix on a Kimsufi Server
+@cindex kimsufi, Kimsufi, OVH
+
+To run Guix on a server hosted by @uref{https://www.kimsufi.com/, Kimsufi},
+click on the netboot tab then select rescue64-pro and restart.
+
+OVH will email you the credentials required to ssh into a Debian system.
+
+Now you can run the "install guix from @pxref{Binary Installation,,, guix, GNU Guix}" steps:
+
+@example
+wget https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh
+chmod +x guix-install.sh
+./guix-install.sh
+guix pull
+@end example
+
+Partition the drives and format them, first stop the raid array:
+
+@example
+mdadm --stop /dev/md127
+mdadm --zero-superblock /dev/sda2 /dev/sdb2
+@end example
+
+Then wipe the disks and set up the partitions, we will create
+a RAID 1 array.
+
+@example
+wipefs -a /dev/sda
+wipefs -a /dev/sdb
+
+parted /dev/sda --align=opt -s -m -- mklabel gpt
+parted /dev/sda --align=opt -s -m -- \
+ mkpart bios_grub 1049kb 512MiB \
+ set 1 bios_grub on
+parted /dev/sda --align=opt -s -m -- \
+ mkpart primary 512MiB -512MiB
+ set 2 raid on
+parted /dev/sda --align=opt -s -m -- mkpart primary linux-swap 512MiB 100% # Swap
+
+parted /dev/sdb --align=opt -s -m -- mklabel gpt
+parted /dev/sdb --align=opt -s -m -- \
+     mkpart bios_grub 1049kb 512MiB \
+     set 1 bios_grub on
+parted /dev/sdb --align=opt -s -m -- \
+     mkpart primary 512MiB -512MiB \
+     set 2 raid on
+parted /dev/sdb --align=opt -s -m -- mkpart primary linux-swap 512MiB 100% # Swap
+@end example
+
+Create the array:
+
+@example
+mdadm --create /dev/md127 --level=1 --raid-disks=2 --metadata=0.90 /dev/sda2 /dev/sdb2
+@end example
+
+Now create file systems on the relevant partitions, first the boot partitions:
+
+@example
+mkfs.ext4  /dev/sda1
+mkfs.ext4  /dev/sdb1
+@end example
+
+Then the root partition:
+
+@example
+mkfs.ext4 /dev/md127
+@end example
+
+Initialize the swap partitions:
+
+@example
+mkswap /dev/sda3
+swapon /dev/sda3
+mkswap /dev/sdb3
+swapon /dev/sdb3
+@end example
+
+Mount the guix drive:
+
+@example
+mkdir /mnt/guix
+mount /dev/md127 /mnt/guix
+@end example
+
+Now is time to write an os.scm, here is a sample:
+
+@lisp
+(use-modules (gnu) (guix))
+(use-service-modules networking ssh vpn virtualization sysctl admin mcron)
+(use-package-modules ssh certs tls tmux vpn virtualization)
+
+(operating-system
+ (host-name "kimsufi")
+ (timezone "Etc/UTC")
+
+ (bootloader (bootloader-configuration
+	      (bootloader grub-bootloader)
+	      (targets (list "/dev/sda" "/dev/sdb"))
+	      (terminal-outputs '(console))))
+
+ ;; Add a kernel module for RAID-1 (aka. "mirror").
+ (initrd-modules (cons* "raid1"  %base-initrd-modules))
+
+ (mapped-devices
+  (list
+   (mapped-device
+    (source (list "/dev/sda2" "/dev/sdb2"))
+    (target "/dev/md127")
+    (type raid-device-mapping))))
+
+ (swap-devices
+  (list
+   (swap-space
+    (target "/dev/sda3"))
+   (swap-space
+    (target "/dev/sdb3"))))
+
+ (issue
+  ;; Default contents for /etc/issue.
+  "\
+This is the GNU system at Kimsufi.  Welcome.\n")
+
+ (file-systems (cons* (file-system
+		       (mount-point "/")
+		       (device "/dev/md127")
+		       (type "ext4")
+		       (dependencies mapped-devices))
+		      %base-file-systems))
+
+ (users (cons (user-account
+	       (name "guix")
+	       (comment "guix")
+	       (group "users")
+	       (supplementary-groups '("wheel"))
+	       (home-directory "/home/guix"))
+	      %base-user-accounts))
+
+ (sudoers-file
+  (plain-file "sudoers" "\
+root ALL=(ALL) ALL
+%wheel ALL=(ALL) ALL
+guix ALL=(ALL) NOPASSWD:ALL\n"))
+
+
+ ;; Globally-installed packages.
+ (packages (cons* tmux nss-certs gnutls wireguard-tools %base-packages))
+ (services
+  (cons*
+   (service static-networking-service-type
+	    (list (static-networking
+		   (addresses (list (network-address
+				     (device "enp3s0")
+				     (value "REPLACE_ME/24"))))
+		   (routes (list (network-route
+				  (destination "default")
+				  (gateway "REPLACE_ME"))))
+		   (name-servers '("213.186.33.99")))))
+
+   (service unattended-upgrade-service-type)
+
+   (service openssh-service-type
+	    (openssh-configuration
+	     (openssh openssh-sans-x)
+	     (permit-root-login #f)
+	     (authorized-keys
+	      (quasiquote
+	       (("guix" (unquote (plain-file "REPLACE_ME.pub" "REPLACE_ME"))))))))
+   (modify-services %base-services
+		    (sysctl-service-type config =>
+					 (sysctl-configuration
+					  (settings (append '(("net.ipv6.conf.all.autoconf" . "0")
+							      ("net.ipv6.conf.all.accept_ra" . "0"))
+							    %default-sysctl-settings))))))))
+@end lisp
+
+Don't forget to replace the "REPLACE_ME" fields, they correspond respectively to the ip
+address of your server, the gateway, the name of your ssh key and the content of your ssh public key.
+
+The gateway is the last usable ip in your block so if you have a server with an ip
+of 37.187.79.10 then its gateway will be 37.187.79.254.
+
+Transfer your os.scm on the server via scp/sftp.
+
+Now all that is left is to install guix with a @code{guix system init} and restart.
+
+However we first need to set up a chroot. Why is that? Well the root partition
+of the rescue system is mounted on an aufs partition and if you try to install Guix
+it will fail at the grub install step complaining about the canonical path of "aufs".
+
+Install packages that will be used in the chroot:
+
+@example
+guix install bash-static parted util-linux-with-udev coreutils guix
+@end example
+
+Then run the following to create directories needed for the chroot:
+
+@example
+cd /mnt || exit 1
+mkdir -p bin etc gnu/store root/.guix-profile/ root/.config/guix/current var/guix proc sys dev
+@end example
+
+Copy our resolv.conf in our chroot:
+
+@example
+cp /etc/resolv.conf etc/
+@end example
+
+Mount block devices, the store and its database and the current guix config:
+
+@example
+mount --rbind /proc /mnt/proc
+mount --rbind /sys /mnt/sys
+mount --rbind /dev /mnt/dev
+mount --rbind /var/guix/ var/guix/
+mount --rbind /gnu/store gnu/store/
+mount --rbind /root/.config/ root/.config/
+mount --rbind /root/.guix-profile/bin/ bin
+mount --rbind /root/.guix-profile root/.guix-profile/
+@end example
+
+Chroot in /mnt and install the system:
+
+@example
+chroot /mnt/ /bin/bash
+
+guix system init /root/os.scm /guix
+@end example
+
+Finally from the web ui change netboot to boot to disk and restart (also from the web ui).
+
+Wait a couple of minutes and try to ssh with @code{ssh
+guix@@@var{<your-server-IP-here>} -i @var{<path-to-your-ssh-key>}}
+
+Congratulations you should have a Guix system up and running on Kimsufi!
+
 @node Setting up a bind mount
 @section Setting up a bind mount
 

base-commit: 110dc3fde90de3b8f2c8dfe8d531c46d6f074145
-- 
2.39.2

Message #8 received at 62716 <at> debbugs.gnu.org (full text, mbox):

From: Thomas Ieong <th.ieong <at> free.fr>
To: 62716 <at> debbugs.gnu.org
Subject: [bug#62716] [PATCH] gnu: Add a section to the cookbook.
Date: Thu, 13 Apr 2023 21:18:14 +0200

retitle 62716 [PATCH] gnu: Add "Running Guix on a Kimsufi server" to the cookbook.

thanks

-- 
Thomas Ieong

Message #13 received at 62716-done <at> debbugs.gnu.org (full text, mbox):

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: Thomas Ieong <th.ieong <at> free.fr>
Cc: 62716-done <at> debbugs.gnu.org
Subject: Re: bug#62716: [PATCH] gnu: Add a section to the cookbook.
Date: Fri, 01 Sep 2023 23:13:03 -0400

Hi!

I've finally apply this series, applying some Texinfo polish here and
there.

Thanks for the recipe!

-- 
Maxim

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.