Next: , Previous: , Up: System Configuration   [Contents][Index]


3.9 Running Guix on a Kimsufi Server

To run Guix on a server hosted by Kimsufi, click on the netboot tab then select rescue64-pro and restart.

OVH will email you the credentials required to ssh into a Debian system.

Now you can run the "install guix from see Binary Installation in GNU Guix" steps:

wget https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh
chmod +x guix-install.sh
./guix-install.sh
guix pull

Partition the drives and format them, first stop the raid array:

mdadm --stop /dev/md127
mdadm --zero-superblock /dev/sda2 /dev/sdb2

Then wipe the disks and set up the partitions, we will create a RAID 1 array.

wipefs -a /dev/sda
wipefs -a /dev/sdb

parted /dev/sda --align=opt -s -m -- mklabel gpt
parted /dev/sda --align=opt -s -m -- \
 mkpart bios_grub 1049kb 512MiB \
 set 1 bios_grub on
parted /dev/sda --align=opt -s -m -- \
 mkpart primary 512MiB -512MiB
 set 2 raid on
parted /dev/sda --align=opt -s -m -- mkpart primary linux-swap 512MiB 100%

parted /dev/sdb --align=opt -s -m -- mklabel gpt
parted /dev/sdb --align=opt -s -m -- \
     mkpart bios_grub 1049kb 512MiB \
     set 1 bios_grub on
parted /dev/sdb --align=opt -s -m -- \
     mkpart primary 512MiB -512MiB \
     set 2 raid on
parted /dev/sdb --align=opt -s -m -- mkpart primary linux-swap 512MiB 100%

Create the array:

mdadm --create /dev/md127 --level=1 --raid-disks=2 \
  --metadata=0.90 /dev/sda2 /dev/sdb2

Now create file systems on the relevant partitions, first the boot partitions:

mkfs.ext4  /dev/sda1
mkfs.ext4  /dev/sdb1

Then the root partition:

mkfs.ext4 /dev/md127

Initialize the swap partitions:

mkswap /dev/sda3
swapon /dev/sda3
mkswap /dev/sdb3
swapon /dev/sdb3

Mount the guix drive:

mkdir /mnt/guix
mount /dev/md127 /mnt/guix

Now is time to write an operating system declaration os.scm file; here is a sample:

(use-modules (gnu) (guix))
(use-service-modules networking ssh vpn virtualization sysctl admin mcron)
(use-package-modules ssh tls tmux vpn virtualization)

(operating-system
  (host-name "kimsufi")

  (bootloader (bootloader-configuration
	       (bootloader grub-bootloader)
	       (targets (list "/dev/sda" "/dev/sdb"))
	       (terminal-outputs '(console))))

  ;; Add a kernel module for RAID-1 (aka. "mirror").
  (initrd-modules (cons* "raid1"  %base-initrd-modules))

  (mapped-devices
   (list (mapped-device
          (source (list "/dev/sda2" "/dev/sdb2"))
          (target "/dev/md127")
          (type raid-device-mapping))))

  (swap-devices
   (list (swap-space
          (target "/dev/sda3"))
         (swap-space
          (target "/dev/sdb3"))))

  (issue
   ;; Default contents for /etc/issue.
   "\
This is the GNU system at Kimsufi.  Welcome.\n")

  (file-systems (cons* (file-system
		         (mount-point "/")
		         (device "/dev/md127")
		         (type "ext4")
		         (dependencies mapped-devices))
		       %base-file-systems))

  (users (cons (user-account
	        (name "guix")
	        (comment "guix")
	        (group "users")
	        (supplementary-groups '("wheel"))
	        (home-directory "/home/guix"))
	       %base-user-accounts))

  (sudoers-file
   (plain-file "sudoers" "\
root ALL=(ALL) ALL
%wheel ALL=(ALL) ALL
guix ALL=(ALL) NOPASSWD:ALL\n"))

  ;; Globally-installed packages.
  (packages (cons* tmux gnutls wireguard-tools %base-packages))
  (services
   (cons*
    (service static-networking-service-type
	     (list (static-networking
		    (addresses (list (network-address
				      (device "enp3s0")
				      (value "server-ip-address/24"))))
		    (routes (list (network-route
				   (destination "default")
				   (gateway "server-gateway"))))
		    (name-servers '("213.186.33.99")))))

    (service unattended-upgrade-service-type)

    (service openssh-service-type
	     (openssh-configuration
	      (openssh openssh-sans-x)
	      (permit-root-login #f)
	      (authorized-keys
	       `(("guix" ,(plain-file "ssh-key-name.pub"
                                      "ssh-public-key-content"))))))
    (modify-services %base-services
      (sysctl-service-type
       config =>
       (sysctl-configuration
	(settings (append '(("net.ipv6.conf.all.autoconf" . "0")
			    ("net.ipv6.conf.all.accept_ra" . "0"))
			  %default-sysctl-settings))))))))

Don’t forget to substitute the server-ip-address, server-gateway, ssh-key-name and ssh-public-key-content variables with your own values.

The gateway is the last usable IP in your block so if you have a server with an IP of ‘37.187.79.10’ then its gateway will be ‘37.187.79.254’.

Transfer your operating system declaration os.scm file on the server via the scp or sftp commands.

Now all that is left is to install Guix with a guix system init and restart.

However we first need to set up a chroot, because the root partition of the rescue system is mounted on an aufs partition and if you try to install Guix it will fail at the GRUB install step complaining about the canonical path of "aufs".

Install packages that will be used in the chroot:

guix install bash-static parted util-linux-with-udev coreutils guix

Then run the following to create directories needed for the chroot:

cd /mnt && \
mkdir -p bin etc gnu/store root/.guix-profile/ root/.config/guix/current \
  var/guix proc sys dev

Copy the host resolv.conf in the chroot:

cp /etc/resolv.conf etc/

Mount block devices, the store and its database and the current guix config:

mount --rbind /proc /mnt/proc
mount --rbind /sys /mnt/sys
mount --rbind /dev /mnt/dev
mount --rbind /var/guix/ var/guix/
mount --rbind /gnu/store gnu/store/
mount --rbind /root/.config/ root/.config/
mount --rbind /root/.guix-profile/bin/ bin
mount --rbind /root/.guix-profile root/.guix-profile/

Chroot in /mnt and install the system:

chroot /mnt/ /bin/bash

guix system init /root/os.scm /guix

Finally, from the web user interface (UI), change ‘netboot’ to ‘boot to disk’ and restart (also from the web UI).

Wait a few minutes and try to ssh with ssh guix@server-ip-address> -i path-to-your-ssh-key

You should have a Guix system up and running on Kimsufi; congratulations!


Next: Setting up a bind mount, Previous: Running Guix on a Linode Server, Up: System Configuration   [Contents][Index]