Commit Graph

75 Commits

Author SHA1 Message Date
Denis 'GNUtoo' Carikli 15314378aa
preseed: switch to Guix
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-11-20 22:11:14 +01:00
Denis 'GNUtoo' Carikli 8447264004
preseed: Add tests
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-11-20 22:03:20 +01:00
Denis 'GNUtoo' Carikli c8f625973d
README: clarify software heritage backups
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-16 19:11:34 +02:00
Denis 'GNUtoo' Carikli f6ee3b7d2b
Add preseed image
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-10 01:22:46 +02:00
Denis 'GNUtoo' Carikli 0a02454402
trisquel-netinstall: move scripts inside the Makefile
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-10 01:21:30 +02:00
Denis 'GNUtoo' Carikli af2419d575
rename gnutoo-trisquel-netinstall to experimental-trisquel-netinstall
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-10 01:07:11 +02:00
Denis 'GNUtoo' Carikli 980a27d5ff
gnutoo-trisquel-netinstall: Remove unused Trisquel iso
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-10 01:04:46 +02:00
Denis 'GNUtoo' Carikli 9cb75f6744
netinstall: Document use-serial-port.sh script
Where to find the values is probably not evident for everybody.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-09 23:41:51 +02:00
Denis 'GNUtoo' Carikli e57977a323
trisquel-guix-installer.experimental.a-lec.org: Add VM definition
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-08 01:04:03 +02:00
Denis 'GNUtoo' Carikli 9b6bb264d0
trisquel-guix-installer.experimental.a-lec.org: Add hostname
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-08 01:03:47 +02:00
Denis 'GNUtoo' Carikli 59dba6efc2
Rename Trisquel Guix installer
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-08 00:37:59 +02:00
Denis 'GNUtoo' Carikli 241505c33b
gnutoo-trisquel-installer: Add screen
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-07 06:52:32 +02:00
Denis 'GNUtoo' Carikli 952f043c1e
Add top level README
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-07 06:51:45 +02:00
Denis 'GNUtoo' Carikli 3d35226410
gnutoo-trisquel-installer: Add dependencies for installing Guix and the FAI tarball
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-07 06:48:11 +02:00
Denis 'GNUtoo' Carikli b2fe6d551d
Add gnutoo-trisquel-netinstall VM
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-07 06:14:32 +02:00
Denis 'GNUtoo' Carikli bc0b5e1dad
gnutoo-trisquel-installer: Use guix installer.
In Trisquel 11, we have Guix 1.3.0, and with that, guix pull fails.

I used the guix-install.sh script from Guix 1.4.0 and verified its
integrity through the Parabola PCR package for it.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-07 05:20:54 +02:00
Denis 'GNUtoo' Carikli dcb3a7cb72
gnutoo-trisquel-installer: Add SSH configuration
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-07 05:10:56 +02:00
Denis 'GNUtoo' Carikli 9d3aad54fa
gnutoo-trisquel-installer: Add network settings
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-07 05:02:10 +02:00
Denis 'GNUtoo' Carikli 6ff145857d
gnutoo-trisquel-installer: Add Makefile
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-07 04:58:20 +02:00
Denis 'GNUtoo' Carikli 791164c50a
guix-installer-vm: remove duplicated .gitignore
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-07 03:42:46 +02:00
Denis 'GNUtoo' Carikli 1afcc59c95
gnutoo-trisquel-installer: Add minimal FAI config
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-07 03:41:44 +02:00
Denis 'GNUtoo' Carikli 4937beac06
Bring in the guix-installer-vm.
Having several VM inside the same repository could help as some of the
fixes between the two repositories are extremely similar and could be
done in the same commit.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-07 01:42:12 +02:00
Denis 'GNUtoo' Carikli 2d58c051a7
Move VM into subdirectory
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-06 01:04:29 +02:00
Denis 'GNUtoo' Carikli 858c70fcd5
Automatic updates: restart basic daemons
By default only mcron is restarted. It was verified within the
guix-installer-vm that this change worked by looking at the pid of
guix-daemon, waiting for an automatic update to happen and looking at
the (new) pid of guix-daemon.

The mumble-server and nginx daemons were not added to the list because
we don't have the audio.experimental.a-lec.org domain setup yet in the
Libre en Communs DNS.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 16:04:04 +02:00
Denis 'GNUtoo' Carikli e18c55b064
Automatic updates: schedule it every hours.
This enables easier testing and updates typically takes less than one
hour.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 16:01:25 +02:00
Denis 'GNUtoo' Carikli a8e16c12d9
networking: Fix IPv6 gateway
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:17:44 +02:00
Denis 'GNUtoo' Carikli 0b1b9b15f5
networking: update the SSH VM public key
This uses the public key of the deployed VM.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:14:20 +02:00
Denis 'GNUtoo' Carikli 49c9a6f0ee
first-boot.sh: resize filesystem and add better status reporting.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:04 +02:00
Denis 'GNUtoo' Carikli bd5799967f
Add base64 tarball target
The tarball can be copied to the VM through the serial port with the
following command:
    # cat > mumble-vm.tar.xz.b64
the user then pastes the base64 content and types ctrl+d and this
results in the file being written.

The content can then be extracted with the following commands:
    # base64 -d mumble-vm.tar.xz.b64 > mumble-vm.tar.xz
    # tar xf mumble-vm.tar.xz

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:04 +02:00
Denis 'GNUtoo' Carikli aa3f17d69c
configure.ac: vm-ipv6-gateway: Fix copy-paste error in help
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:04 +02:00
Denis 'GNUtoo' Carikli 8c09af074b
Fix IPv4 netmask
Running dhclient on eth0 gives a /16, and this is necessary anyway to
reach the gateway.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:04 +02:00
Denis 'GNUtoo' Carikli 0bee712a15
Add nss-certs
We at least need nss-certs for running guix system reconfigure
manually, so it's a good idea to have it.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:04 +02:00
Denis 'GNUtoo' Carikli 7b663f9813
Fix automatic updates
According to the operating-system-file fileld of
unattended-upgrade-configuration in the manual, automatic updates
don't work when "/run/current-system/configuration.scm [...] refers to
extra files (SSH public keys, extra configuration files, etc.) via
local-file and similar constructs.".

So we need these files in the store and to point to them to make the
automatic updates work.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:03 +02:00
Denis 'GNUtoo' Carikli 61c1a2da98
Provide the service source code on the web page
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:03 +02:00
Denis 'GNUtoo' Carikli 026cbbd453
Add default id_ed25519.pub and signing-key.pub
This makes it easier to deploy the VM to the Libre En Communs
infrastructure as it doesn't require to also copy these files to the
VM producing the image.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:02 +02:00
Denis 'GNUtoo' Carikli 848d381d50
first-boot.sh: fix typo
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 14:38:56 +02:00
Denis 'GNUtoo' Carikli cd0e98f67e
Automatic updates: restart more daemons
By default only mcron is restarted. It was verified that it worked by
looking at the pid of guix-daemon, waiting for an automatic update to
happen and looking at the (new) pid of guix-daemon.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 13:15:38 +02:00
Denis 'GNUtoo' Carikli 97fa63d96a
Automatic updates: schedule it every hours.
This enables easier testing and updates typically takes less than one
hour.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 12:25:36 +02:00
Denis 'GNUtoo' Carikli f4e08a8408
gitignore: Add copyright header
While the README already has the license for everything, this
simplifies things when copying this file to another repository.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 12:04:13 +02:00
Denis 'GNUtoo' Carikli 631d72f9eb
Makefile: Add copyright header
While the README already has the license for everything, this
simplifies things when copying this file to another repository.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 12:04:12 +02:00
Denis 'GNUtoo' Carikli 2ca0de59c0
Add deploy target
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 12:04:12 +02:00
Denis 'GNUtoo' Carikli e470ac6490
packages: Add screen
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 12:04:12 +02:00
Denis 'GNUtoo' Carikli 7668a92fa4
network: fix default IPv6 route
Without that fix the network didn't completely start, and because of
that the network was partially configured.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 12:04:12 +02:00
Denis 'GNUtoo' Carikli 5f9a421a4a
Add base64 tarball target
The tarball can be copied to the VM through the serial port with the
following command:
    # cat > guix-installer-vm.tar.xz.b64
the user then pastes the base64 content and types ctrl+d and this
results in the file being written.

The content can then be extracted with the following commands:
    # base64 -d guix-installer-vm.tar.xz.b64 > guix-installer-vm.tar.xz
    # tar xf guix-installer-vm.tar.xz

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 12:04:12 +02:00
Denis 'GNUtoo' Carikli 58d1164cf3
Fix IPv4 netmask
Running dhclient on eth0 gives a /16, and this is necessary anyway to
reach the gateway.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 12:04:12 +02:00
Denis 'GNUtoo' Carikli f5dca5c072
Fix automatic updates
According to the operating-system-file fileld of
unattended-upgrade-configuration in the manual, automatic updates
don't work when "/run/current-system/configuration.scm [...] refers to
extra files (SSH public keys, extra configuration files, etc.) via
local-file and similar constructs.".

So we need these files in the store and to point to them to make the
automatic updates work.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 12:04:06 +02:00
Denis 'GNUtoo' Carikli 368c4f55e2
packages: add parted
Without that fix, running first-boot.sh ends up with the following error:
    /run/current-system/profile/bin/first-boot.sh: line 28:
    partprobe: command not found

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 07:02:39 +02:00
Denis 'GNUtoo' Carikli 1bd04c1404
Add nss-certs
We at least need nss-certs for running guix system reconfigure
manually, so it's a good idea to have it.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 07:02:39 +02:00
Denis 'GNUtoo' Carikli 13090302b5
Fix tabs
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 07:02:39 +02:00
Denis 'GNUtoo' Carikli 20205a1a8e
Makefile: fix id_ed25519.pub file generation
Without that fix the id_ed25519.pub file is empty.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 07:02:39 +02:00