2023-09-12 18:55:46 +02:00
|
|
|
Deployment
|
|
|
|
==========
|
|
|
|
To build the virtual machine image you can use the following command:
|
|
|
|
$ ./autogen.sh && ./configure && make
|
|
|
|
|
|
|
|
You can also check the configure option for configuring it for testing
|
|
|
|
on another infrastructure (for instance by using another domain).
|
|
|
|
|
2023-09-19 22:43:49 +02:00
|
|
|
To build an image you will also need at least id_ed25519.pub and
|
|
|
|
signing-key.pub:
|
|
|
|
|
|
|
|
- id_ed25519.pub can be genreated with the ssh-keygen -t ed25519
|
|
|
|
command. See the ssh-keygen manual ('man 1 ssh-keygen') for more
|
|
|
|
details. If you're not confortable with that, backup your ~/.ssh
|
|
|
|
folder first.
|
|
|
|
|
|
|
|
- signing-key.pub can be generated with the 'guix archive
|
|
|
|
--generate-key' command. See the "Invoking guix archive" in the
|
|
|
|
Guix manual for more details[1].
|
|
|
|
https://guix.gnu.org/en/manual/en/guix.html#Invoking-guix-archive
|
|
|
|
|
|
|
|
Other files are optional:
|
|
|
|
|
|
|
|
- id_ed25519: It is used for guix deploy. It is also generated by
|
|
|
|
ssh-keygen. A good idea is to have a symlink to it in order not to
|
|
|
|
have scp copy it to the target machine by mistake as it is the SSH
|
|
|
|
private key. Using separate SSH keys for separate machines also help
|
|
|
|
limiting the damage when such accident happen.
|
|
|
|
|
|
|
|
- id_wireguard: This is the wireguard private key. It can be generated
|
|
|
|
with the 'wg genkey > id_wireguard' command. See the wg manual ('man
|
|
|
|
8 wg') for more detail.
|
|
|
|
|
|
|
|
|
2023-09-12 18:55:46 +02:00
|
|
|
Note that letsencrypt has a limit of about 5 certificates per week, so
|
|
|
|
it's a good idea to use test domains before deployments.
|
|
|
|
|
|
|
|
Once the image is booted:
|
|
|
|
- You will need to login inside and run the following command:
|
2023-09-12 21:53:10 +02:00
|
|
|
# first-boot.sh
|
2023-09-12 18:55:46 +02:00
|
|
|
- You then need to set the root password.
|
|
|
|
|
2023-09-12 17:33:43 +02:00
|
|
|
License
|
|
|
|
=======
|
|
|
|
This project is free software: you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
This project is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with this project. If not, see <http://www.gnu.org/licenses/>.
|