From unknown Fri Aug 15 15:33:45 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#62716 <62716@debbugs.gnu.org> To: bug#62716 <62716@debbugs.gnu.org> Subject: Status: [PATCH] gnu: Add a section to the cookbook. Reply-To: bug#62716 <62716@debbugs.gnu.org> Date: Fri, 15 Aug 2025 22:33:45 +0000 retitle 62716 [PATCH] gnu: Add a section to the cookbook. reassign 62716 guix-patches submitter 62716 Thomas Ieong severity 62716 normal tag 62716 patch thanks From debbugs-submit-bounces@debbugs.gnu.org Fri Apr 07 13:48:50 2023 Received: (at submit) by debbugs.gnu.org; 7 Apr 2023 17:48:50 +0000 Received: from localhost ([127.0.0.1]:57205 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pkqCf-0002R7-U2 for submit@debbugs.gnu.org; Fri, 07 Apr 2023 13:48:50 -0400 Received: from lists.gnu.org ([209.51.188.17]:44410) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pkqCd-0002Qy-U3 for submit@debbugs.gnu.org; Fri, 07 Apr 2023 13:48:48 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pkqCd-0004qd-Lt for guix-patches@gnu.org; Fri, 07 Apr 2023 13:48:47 -0400 Received: from smtp6-g21.free.fr ([212.27.42.6]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pkqCZ-0007qC-SS for guix-patches@gnu.org; Fri, 07 Apr 2023 13:48:47 -0400 Received: from localhost.localdomain (unknown [91.169.131.141]) (Authenticated sender: th.ieong@free.fr) by smtp6-g21.free.fr (Postfix) with ESMTPSA id BD2B278034E; Fri, 7 Apr 2023 19:48:29 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=free.fr; s=smtp-20201208; t=1680889710; bh=na+YTxavGhI9VorMBGMSk/iYCDQPvzsFoYhsDk7WuOc=; h=From:To:Cc:Subject:Date:From; b=fgH5bhkMt7MN4e1Q1Fi+Htt3DuODXCEJZvjGhC4JO1VMLqwooysbfe2PMoWE2nbFL Z9SH3J0CSZE1Lp5JJRx2GdX+fgsndyNuYsPySTqfeJ3tbnBqzSr9ccHKpkykhYTm37 InyE95U18r94Y0sHiuU8BC9eoOOP93RndSe1ZtHh26vHlU60mpf99IBK2WGIbuQ81o i+dkeKJkp80+lfwrjKRFE+YVXfogYkcLK0UZF26/MW/NVmuuDZReVsoq95rdPeHbP8 Za7NimDnKDTgfBRsfJLY0BU0J9GtZW3xTBk2uwWaSpzumNJ4ArDsV6lB1M8Mzczg1u NKS89b/9CAQVg== From: Thomas Ieong To: guix-patches@gnu.org Subject: [PATCH] gnu: Add a section to the cookbook. Date: Fri, 7 Apr 2023 19:45:41 +0200 Message-Id: <875ae7b62e9ea09191b7e36b8a82b2f5efc6daa6.1680889526.git.th.ieong@free.fr> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=212.27.42.6; envelope-from=th.ieong@free.fr; helo=smtp6-g21.free.fr X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.6 (-) X-Debbugs-Envelope-To: submit Cc: Thomas Ieong X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.6 (--) * doc/guix-cookbook.texi (Running Guix on a Kimsufi Server): New chapter. --- doc/guix-cookbook.texi | 241 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 241 insertions(+) diff --git a/doc/guix-cookbook.texi b/doc/guix-cookbook.texi index b9fb916f4a..f28b3c8932 100644 --- a/doc/guix-cookbook.texi +++ b/doc/guix-cookbook.texi @@ -23,6 +23,7 @@ Copyright @copyright{} 2021 Joshua Branson@* Copyright @copyright{} 2022 Maxim Cournoyer@* Copyright @copyright{} 2023 Ludovic Courtès +Copyright @copyright{} 2023 Thomas Ieong Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -98,6 +99,7 @@ Top * Connecting to Wireguard VPN:: Connecting to a Wireguard VPN. * Customizing a Window Manager:: Handle customization of a Window manager on Guix System. * Running Guix on a Linode Server:: Running Guix on a Linode Server +* Running Guix on a Kimsufi Server:: Running Guix on a Kimsufi Server * Setting up a bind mount:: Setting up a bind mount in the file-systems definition. * Getting substitutes from Tor:: Configuring Guix daemon to get substitutes through Tor. * Setting up NGINX with Lua:: Configuring NGINX web-server to load Lua modules. @@ -1403,6 +1405,7 @@ System Configuration * Connecting to Wireguard VPN:: Connecting to a Wireguard VPN. * Customizing a Window Manager:: Handle customization of a Window manager on Guix System. * Running Guix on a Linode Server:: Running Guix on a Linode Server +* Running Guix on a Kimsufi Server:: Running Guix on a Kimsufi Server * Setting up a bind mount:: Setting up a bind mount in the file-systems definition. * Getting substitutes from Tor:: Configuring Guix daemon to get substitutes through Tor. * Setting up NGINX with Lua:: Configuring NGINX web-server to load Lua modules. @@ -2373,6 +2376,244 @@ Running Guix on a Linode Server down-size the Guix image to 6144MB, to save it as an image. Then you can resize it again to the max size. +@node Running Guix on a Kimsufi Server +@section Running Guix on a Kimsufi Server +@cindex kimsufi, Kimsufi, OVH + +To run Guix on a server hosted by @uref{https://www.kimsufi.com/, Kimsufi}, +click on the netboot tab then select rescue64-pro and restart. + +OVH will email you the credentials required to ssh into a Debian system. + +Now you can run the "install guix from @pxref{Binary Installation,,, guix, GNU Guix}" steps: + +@example +wget https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh +chmod +x guix-install.sh +./guix-install.sh +guix pull +@end example + +Partition the drives and format them, first stop the raid array: + +@example +mdadm --stop /dev/md127 +mdadm --zero-superblock /dev/sda2 /dev/sdb2 +@end example + +Then wipe the disks and set up the partitions, we will create +a RAID 1 array. + +@example +wipefs -a /dev/sda +wipefs -a /dev/sdb + +parted /dev/sda --align=opt -s -m -- mklabel gpt +parted /dev/sda --align=opt -s -m -- \ + mkpart bios_grub 1049kb 512MiB \ + set 1 bios_grub on +parted /dev/sda --align=opt -s -m -- \ + mkpart primary 512MiB -512MiB + set 2 raid on +parted /dev/sda --align=opt -s -m -- mkpart primary linux-swap 512MiB 100% # Swap + +parted /dev/sdb --align=opt -s -m -- mklabel gpt +parted /dev/sdb --align=opt -s -m -- \ + mkpart bios_grub 1049kb 512MiB \ + set 1 bios_grub on +parted /dev/sdb --align=opt -s -m -- \ + mkpart primary 512MiB -512MiB \ + set 2 raid on +parted /dev/sdb --align=opt -s -m -- mkpart primary linux-swap 512MiB 100% # Swap +@end example + +Create the array: + +@example +mdadm --create /dev/md127 --level=1 --raid-disks=2 --metadata=0.90 /dev/sda2 /dev/sdb2 +@end example + +Now create file systems on the relevant partitions, first the boot partitions: + +@example +mkfs.ext4 /dev/sda1 +mkfs.ext4 /dev/sdb1 +@end example + +Then the root partition: + +@example +mkfs.ext4 /dev/md127 +@end example + +Initialize the swap partitions: + +@example +mkswap /dev/sda3 +swapon /dev/sda3 +mkswap /dev/sdb3 +swapon /dev/sdb3 +@end example + +Mount the guix drive: + +@example +mkdir /mnt/guix +mount /dev/md127 /mnt/guix +@end example + +Now is time to write an os.scm, here is a sample: + +@lisp +(use-modules (gnu) (guix)) +(use-service-modules networking ssh vpn virtualization sysctl admin mcron) +(use-package-modules ssh certs tls tmux vpn virtualization) + +(operating-system + (host-name "kimsufi") + (timezone "Etc/UTC") + + (bootloader (bootloader-configuration + (bootloader grub-bootloader) + (targets (list "/dev/sda" "/dev/sdb")) + (terminal-outputs '(console)))) + + ;; Add a kernel module for RAID-1 (aka. "mirror"). + (initrd-modules (cons* "raid1" %base-initrd-modules)) + + (mapped-devices + (list + (mapped-device + (source (list "/dev/sda2" "/dev/sdb2")) + (target "/dev/md127") + (type raid-device-mapping)))) + + (swap-devices + (list + (swap-space + (target "/dev/sda3")) + (swap-space + (target "/dev/sdb3")))) + + (issue + ;; Default contents for /etc/issue. + "\ +This is the GNU system at Kimsufi. Welcome.\n") + + (file-systems (cons* (file-system + (mount-point "/") + (device "/dev/md127") + (type "ext4") + (dependencies mapped-devices)) + %base-file-systems)) + + (users (cons (user-account + (name "guix") + (comment "guix") + (group "users") + (supplementary-groups '("wheel")) + (home-directory "/home/guix")) + %base-user-accounts)) + + (sudoers-file + (plain-file "sudoers" "\ +root ALL=(ALL) ALL +%wheel ALL=(ALL) ALL +guix ALL=(ALL) NOPASSWD:ALL\n")) + + + ;; Globally-installed packages. + (packages (cons* tmux nss-certs gnutls wireguard-tools %base-packages)) + (services + (cons* + (service static-networking-service-type + (list (static-networking + (addresses (list (network-address + (device "enp3s0") + (value "REPLACE_ME/24")))) + (routes (list (network-route + (destination "default") + (gateway "REPLACE_ME")))) + (name-servers '("213.186.33.99"))))) + + (service unattended-upgrade-service-type) + + (service openssh-service-type + (openssh-configuration + (openssh openssh-sans-x) + (permit-root-login #f) + (authorized-keys + (quasiquote + (("guix" (unquote (plain-file "REPLACE_ME.pub" "REPLACE_ME")))))))) + (modify-services %base-services + (sysctl-service-type config => + (sysctl-configuration + (settings (append '(("net.ipv6.conf.all.autoconf" . "0") + ("net.ipv6.conf.all.accept_ra" . "0")) + %default-sysctl-settings)))))))) +@end lisp + +Don't forget to replace the "REPLACE_ME" fields, they correspond respectively to the ip +address of your server, the gateway, the name of your ssh key and the content of your ssh public key. + +The gateway is the last usable ip in your block so if you have a server with an ip +of 37.187.79.10 then its gateway will be 37.187.79.254. + +Transfer your os.scm on the server via scp/sftp. + +Now all that is left is to install guix with a @code{guix system init} and restart. + +However we first need to set up a chroot. Why is that? Well the root partition +of the rescue system is mounted on an aufs partition and if you try to install Guix +it will fail at the grub install step complaining about the canonical path of "aufs". + +Install packages that will be used in the chroot: + +@example +guix install bash-static parted util-linux-with-udev coreutils guix +@end example + +Then run the following to create directories needed for the chroot: + +@example +cd /mnt || exit 1 +mkdir -p bin etc gnu/store root/.guix-profile/ root/.config/guix/current var/guix proc sys dev +@end example + +Copy our resolv.conf in our chroot: + +@example +cp /etc/resolv.conf etc/ +@end example + +Mount block devices, the store and its database and the current guix config: + +@example +mount --rbind /proc /mnt/proc +mount --rbind /sys /mnt/sys +mount --rbind /dev /mnt/dev +mount --rbind /var/guix/ var/guix/ +mount --rbind /gnu/store gnu/store/ +mount --rbind /root/.config/ root/.config/ +mount --rbind /root/.guix-profile/bin/ bin +mount --rbind /root/.guix-profile root/.guix-profile/ +@end example + +Chroot in /mnt and install the system: + +@example +chroot /mnt/ /bin/bash + +guix system init /root/os.scm /guix +@end example + +Finally from the web ui change netboot to boot to disk and restart (also from the web ui). + +Wait a couple of minutes and try to ssh with @code{ssh +guix@@@var{} -i @var{}} + +Congratulations you should have a Guix system up and running on Kimsufi! + @node Setting up a bind mount @section Setting up a bind mount base-commit: 110dc3fde90de3b8f2c8dfe8d531c46d6f074145 -- 2.39.2 From debbugs-submit-bounces@debbugs.gnu.org Thu Apr 13 15:20:49 2023 Received: (at 62716) by debbugs.gnu.org; 13 Apr 2023 19:20:49 +0000 Received: from localhost ([127.0.0.1]:44800 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pn2Uz-0008Vy-Jg for submit@debbugs.gnu.org; Thu, 13 Apr 2023 15:20:49 -0400 Received: from smtp5-g21.free.fr ([212.27.42.5]:37818) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pn2Ux-0008Vo-BN for 62716@debbugs.gnu.org; Thu, 13 Apr 2023 15:20:48 -0400 Received: from linux (unknown [86.238.172.197]) (Authenticated sender: th.ieong@free.fr) by smtp5-g21.free.fr (Postfix) with ESMTPSA id 177EA5FF9A for <62716@debbugs.gnu.org>; Thu, 13 Apr 2023 21:20:46 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=free.fr; s=smtp-20201208; t=1681413646; bh=g5fe1bUO/0BfJGw7UWy8/VVJwYhnPEnILlg4m2o0jBk=; h=From:To:Subject:Date:From; b=tu6L0G55196/7AIonH3nhTQScj5gDUS6YwVRWzEV+ByRm+vrKT9eKMICWQMoywttv EWoymiaex4cMZ5cMDTbfhUU/EIfMDqCLRdWiUCpo5cRPGkFLn+kYb10Sb6X0BhovsY G1w6U8M12AWvdVseFwRdcAgeOQ314lsVLivA0RDOABSj17/sUQf7qmfKKkoZOwPWUu K/L7tZWSls79lcptqXA5awOm0oyEKRuW96SYhT4R+bxM6dYixJOM/gkK2IbGbLyne1 beYWggy0AauAdultkLd/Xb2wdRmTUjFuyFfFfC8KZx9/62aDB0pzpEKVeVdj5iLhHi NpOlcPxTAP/vA== From: Thomas Ieong To: 62716@debbugs.gnu.org Subject: [bug#62716] [PATCH] gnu: Add a section to the cookbook. Date: Thu, 13 Apr 2023 21:18:14 +0200 Message-ID: <87ttxj8ubt.fsf@free.fr> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 62716 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) retitle 62716 [PATCH] gnu: Add "Running Guix on a Kimsufi server" to the cookbook. thanks -- Thomas Ieong From debbugs-submit-bounces@debbugs.gnu.org Fri Sep 01 23:13:22 2023 Received: (at 62716-done) by debbugs.gnu.org; 2 Sep 2023 03:13:22 +0000 Received: from localhost ([127.0.0.1]:34671 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qcH4c-00069A-Ct for submit@debbugs.gnu.org; Fri, 01 Sep 2023 23:13:22 -0400 Received: from mail-qt1-x836.google.com ([2607:f8b0:4864:20::836]:45241) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qcH4b-00068v-2a for 62716-done@debbugs.gnu.org; Fri, 01 Sep 2023 23:13:21 -0400 Received: by mail-qt1-x836.google.com with SMTP id d75a77b69052e-4121f006c30so15396431cf.2 for <62716-done@debbugs.gnu.org>; Fri, 01 Sep 2023 20:13:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1693624385; x=1694229185; darn=debbugs.gnu.org; h=mime-version:user-agent:message-id:in-reply-to:date:references :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=b+EbT15OQfPZq6FXdJIxmEa3JGpJaJCuyF4xSb15vrs=; b=kzsRz4djNe3x875g+Itl7MrUUsN+v4En60WakRo3wf2McYywWUYHJ7MgZDad8YLjkc YqzJnY6e6t/QdZuGzk8LnyQtKeRBt3lI8SgLvT7SnML6iL8NJ8LZ9bj1n2qG49F+5VEM o7v3IP8mGPdge+qmL2exq1iqa8xYzHULZDsNFl3yGntrGZWWA+LFBC4ewHcua36snMKz w5E/lq8klCcmDsYfiOwhl1+CcD74bAi/g1Kl1ruyWlLDmmil1gaMhodPXd9hPCpgDG+2 qFqyOeAJjGZCu0Sm3QGml/B04egW7aCxlRPt/7KWbe2byOzSSDckBDrxdb8RbWpi5E2T JICA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1693624385; x=1694229185; h=mime-version:user-agent:message-id:in-reply-to:date:references :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=b+EbT15OQfPZq6FXdJIxmEa3JGpJaJCuyF4xSb15vrs=; b=mGDnghgJk//ReK8l++5qHiPaUilZaYUchV+scuq0iJ4WE2iWxCpUeGfvFn0XMkTpWt I2R2gHWKE+i1ghtywtokqZ0FDvK3Qi7AeqWjs3yz+6tITvodZXDQHWcOVTj7Nb9fRnQf 8XRkpnEUfLDIz+cEmRB1CGZQaER+9hW7of3dM+LcSZHGXBSdqCqJ3JE3O3GIlvK9oKj/ KIQsqlgOV6iUKTPbhpllKUmnw9ODhtPkw7GcoZlA60GbbNG8nollC7VSvRbmvKEhSrTk FSUSsvC47YGCWyMCenII7sSlKHjOrgeClFFEjPrbfM+fHYYs3oMn02YZKGwMzfT8VmY8 Xzkw== X-Gm-Message-State: AOJu0YzsJqQqz1CAHUHtnvnlx1fqSOF/fmZll3xa1DrD2iIXw5fJbAnf vzgIHDUe6LEZI5XDMXopLdlSkbkWZZHUkA== X-Google-Smtp-Source: AGHT+IGDQ4cqe4yLgF7pPwAdmbHxNA+B/u5snddNpE4GsbYD6FtYweE1HUjEOfmnh7Etq9quoZMSVQ== X-Received: by 2002:ac8:5788:0:b0:404:a649:879c with SMTP id v8-20020ac85788000000b00404a649879cmr5641702qta.49.1693624385732; Fri, 01 Sep 2023 20:13:05 -0700 (PDT) Received: from hurd (dsl-154-228.b2b2c.ca. [66.158.154.228]) by smtp.gmail.com with ESMTPSA id l14-20020ac848ce000000b004109086e54bsm1908694qtr.38.2023.09.01.20.13.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Sep 2023 20:13:05 -0700 (PDT) From: Maxim Cournoyer To: Thomas Ieong Subject: Re: bug#62716: [PATCH] gnu: Add a section to the cookbook. References: <875ae7b62e9ea09191b7e36b8a82b2f5efc6daa6.1680889526.git.th.ieong@free.fr> <87ttxj8ubt.fsf@free.fr> Date: Fri, 01 Sep 2023 23:13:03 -0400 In-Reply-To: <87ttxj8ubt.fsf@free.fr> (Thomas Ieong's message of "Thu, 13 Apr 2023 21:18:14 +0200") Message-ID: <87wmx9z2rk.fsf_-_@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 62716-done Cc: 62716-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi! I've finally apply this series, applying some Texinfo polish here and there. Thanks for the recipe! -- Maxim From unknown Fri Aug 15 15:33:45 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Sat, 30 Sep 2023 11:24:09 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator