Compare commits
10 Commits
main
...
untested/g
Author | SHA1 | Date |
---|---|---|
Denis 'GNUtoo' Carikli | 922515f120 | |
Denis 'GNUtoo' Carikli | f858429ad4 | |
Denis 'GNUtoo' Carikli | 65f67ada92 | |
Denis 'GNUtoo' Carikli | 19c44f265e | |
Denis 'GNUtoo' Carikli | 67e13b860c | |
Denis 'GNUtoo' Carikli | 3bf48fb977 | |
Denis 'GNUtoo' Carikli | f8e4064d6f | |
Denis 'GNUtoo' Carikli | 4dc5a46cbb | |
Denis 'GNUtoo' Carikli | f3af1623b8 | |
Denis 'GNUtoo' Carikli | aef0935acd |
29
Makefile.am
29
Makefile.am
|
@ -34,7 +34,7 @@ guix-commit.txt: Makefile
|
|||
%.html: %.html.tmpl guix-commit.txt Makefile
|
||||
sed 's#DOMAIN#$(DOMAIN)#g' $< > $@
|
||||
|
||||
%.scm: %.scm.tmpl guix-commit.txt Makefile
|
||||
%.scm: %.scm.tmpl guix-commit.txt id_ed25519.pub Makefile signing-key.pub
|
||||
sed \
|
||||
"s#DOMAIN#$(DOMAIN)#g ; \
|
||||
s#ENABLE_WIREGUARD#$(ENABLE_WIREGUARD)#g ; \
|
||||
|
@ -55,7 +55,20 @@ guix-commit.txt: Makefile
|
|||
s#VM_SSH_ADDRESS#$(VM_SSH_ADDRESS)#g" $< > $@
|
||||
chmod +x $@
|
||||
|
||||
IMAGE_SOURCE = \
|
||||
# Generate default key. Can be changed by replacing id_ed25519.pub.
|
||||
id_ed25519.pub:
|
||||
printf "ssh-ed25519 %s %s" \
|
||||
'AAAAC3NzaC1lZDI1NTE5AAAAIH2feuEj4asx0ImCG+cuiPv2WdKF6vMI+cJtZyG9cwUQ' \
|
||||
'gnutoo@primary_laptop'
|
||||
> $@
|
||||
|
||||
# Generate default key. Can be changed by replacing signing-key.pub.
|
||||
signing-key.pub:
|
||||
printf '(public-key (ecc (curve Ed25519) (q #%s#)))\n' \
|
||||
'3A7E1F41E2D5784CFCABB39CB73F99E727D4A5C1ECA79D873587D63D093CC4B5' \
|
||||
>$@
|
||||
|
||||
TARBALL_SOURCE = \
|
||||
first-boot.sh \
|
||||
guix-commit.txt \
|
||||
index.html \
|
||||
|
@ -66,12 +79,22 @@ IMAGE_SOURCE = \
|
|||
signing-key.pub \
|
||||
wireguard-post-up.sh
|
||||
|
||||
IMAGE_SOURCE = \
|
||||
$(TARBALL_SOURCE) \
|
||||
mumble-vm.tar.xz
|
||||
|
||||
mumble-vm.img: $(IMAGE_SOURCE)
|
||||
sudo install \
|
||||
install \
|
||||
`guix system image \
|
||||
--image-type=mbr-raw \
|
||||
--image-size=6G mumble-vm-system.scm` \
|
||||
$@
|
||||
|
||||
mumble-vm.tar: $(TARBALL_SOURCE)
|
||||
tar --exclude "id_ed25519" -cf $@ $(TARBALL_SOURCE)
|
||||
|
||||
mumble-vm.tar.xz: mumble-vm.tar
|
||||
xz -f -9e --verbose $<
|
||||
|
||||
deploy: $(IMAGE_SOURCE)
|
||||
guix deploy -L . mumble-vm-machine.scm
|
||||
|
|
39
README
39
README
|
@ -40,6 +40,45 @@ Once the image is booted:
|
|||
# first-boot.sh
|
||||
- You then need to set the root password.
|
||||
|
||||
The mumble-vm-install.sh installation script
|
||||
============================================
|
||||
This script is supposed to only run inside a VM on the Guix installer
|
||||
and checks that it's the case through various ways. The specification
|
||||
of the VM it runs on is provided in guix-vm-installer.xml for
|
||||
reference. It is very specific to the Libre en communs infrastructure,
|
||||
so you might need to modify it to use it on your infrastructure.
|
||||
|
||||
The Libre en Communs infrastructure on which this VM is being deployed
|
||||
has libvirt but it doesn't have Guix on the host. So the option
|
||||
provided by Libre en Communs was to do the installation from a
|
||||
VM.
|
||||
|
||||
This is also common for many infrastructure providers due to security
|
||||
concerns with access outside the VM.
|
||||
|
||||
Since the Guix installer is trusted and is now provided by Libre en
|
||||
communs, and that we also have access to the vm management interfaces
|
||||
we simply use a script to do all the installation work.
|
||||
|
||||
If instead you have a VM with only SSH access you will also need to
|
||||
modify the script to fit that use case.
|
||||
|
||||
It is also possible to convert an existing VM to Guix but that
|
||||
requires significantly more work (see gnu/machine/digital-ocean.scm
|
||||
inside the Guix source code for more detail on how to do that).
|
||||
|
||||
To use this script, the admin with privileged access to the vm
|
||||
management interface needs to boot the installer and copy the script
|
||||
inside. This can be done by running the following command (the script
|
||||
can be named like you want):
|
||||
# cat /dev/ttyS0 > i.sh
|
||||
and then by pasting the script through the first serial port, and
|
||||
typing ctrl+d at the end, so that the file is closed and written.
|
||||
|
||||
The script can then run like that:
|
||||
# chmod +x i.sh
|
||||
# ./i.sh
|
||||
|
||||
License
|
||||
=======
|
||||
This project is free software: you can redistribute it and/or modify
|
||||
|
|
|
@ -21,7 +21,12 @@ AC_PROG_MKDIR_P
|
|||
AM_INIT_AUTOMAKE([foreign])
|
||||
|
||||
AC_CHECK_PROG([GUIX], [guix], [guix])
|
||||
AS_IF([test x"$GUIX" = x""],
|
||||
[AC_MSG_ERROR([guix was not found in PATH ($PATH)])])
|
||||
|
||||
AC_CHECK_PROG([SED], [sed], [sed])
|
||||
AS_IF([test x"$SED" = x""],
|
||||
[AC_MSG_ERROR([sed was not found in PATH ($PATH)])])
|
||||
|
||||
AC_SUBST([DOMAIN], [])
|
||||
AC_SUBST([ENABLE_WIREGUARD], [])
|
||||
|
|
|
@ -0,0 +1,111 @@
|
|||
<domain type="kvm">
|
||||
<name>guix-vm-installer</name>
|
||||
<memory unit="KiB">16777216</memory>
|
||||
<currentMemory unit="KiB">16777216</currentMemory>
|
||||
<resource>
|
||||
<partition>/machine</partition>
|
||||
</resource>
|
||||
<os>
|
||||
<type arch="x86_64" machine="pc-i440fx-5.1">hvm</type>
|
||||
<boot dev="hd"/>
|
||||
</os>
|
||||
<features>
|
||||
<acpi/>
|
||||
<apic/>
|
||||
<vmport state="off"/>
|
||||
</features>
|
||||
<cpu mode="host-passthrough" check="none" migratable="on"/>
|
||||
<clock offset="utc">
|
||||
<timer name="rtc" tickpolicy="catchup"/>
|
||||
<timer name="pit" tickpolicy="delay"/>
|
||||
<timer name="hpet" present="no"/>
|
||||
</clock>
|
||||
<on_poweroff>destroy</on_poweroff>
|
||||
<on_reboot>restart</on_reboot>
|
||||
<on_crash>destroy</on_crash>
|
||||
<pm>
|
||||
<suspend-to-mem enabled="no"/>
|
||||
<suspend-to-disk enabled="no"/>
|
||||
</pm>
|
||||
<devices>
|
||||
<emulator>/usr/bin/qemu-system-x86_64</emulator>
|
||||
<disk type="file" device="disk">
|
||||
<driver name="qemu" type="raw"/>
|
||||
<source file="/srv/vmverse/installation/guix-system-install-1.4.0.x86_64-linux.iso"/>
|
||||
<target dev="sda" bus="usb" removable="on"/>
|
||||
<readonly/>
|
||||
<address type="usb" bus="0" port="1"/>
|
||||
</disk>
|
||||
<disk type="file" device="disk">
|
||||
<driver name="qemu" type="raw"/>
|
||||
<source file="/srv/vmverse/noyau/audio.experimental.a-lec.org.raw"/>
|
||||
<target dev="vda" bus="virtio"/>
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x05" function="0x0"/>
|
||||
</disk>
|
||||
<controller type="usb" index="0" model="ich9-ehci1">
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x04" function="0x7"/>
|
||||
</controller>
|
||||
<controller type="usb" index="0" model="ich9-uhci1">
|
||||
<master startport="0"/>
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x04" function="0x0" multifunction="on"/>
|
||||
</controller>
|
||||
<controller type="usb" index="0" model="ich9-uhci2">
|
||||
<master startport="2"/>
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x04" function="0x1"/>
|
||||
</controller>
|
||||
<controller type="usb" index="0" model="ich9-uhci3">
|
||||
<master startport="4"/>
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x04" function="0x2"/>
|
||||
</controller>
|
||||
<controller type="pci" index="0" model="pci-root"/>
|
||||
<interface type="bridge">
|
||||
<source bridge="br0"/>
|
||||
<model type="virtio"/>
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x03" function="0x0"/>
|
||||
</interface>
|
||||
<serial type="pty">
|
||||
<target type="isa-serial" port="0">
|
||||
<model name="isa-serial"/>
|
||||
</target>
|
||||
</serial>
|
||||
<serial type="pty">
|
||||
<target type="isa-serial" port="1">
|
||||
<model name="isa-serial"/>
|
||||
</target>
|
||||
</serial>
|
||||
<serial type="pty">
|
||||
<target type="isa-serial" port="2">
|
||||
<model name="isa-serial"/>
|
||||
</target>
|
||||
</serial>
|
||||
<serial type="pty">
|
||||
<target type="isa-serial" port="3">
|
||||
<model name="isa-serial"/>
|
||||
</target>
|
||||
</serial>
|
||||
<console type="pty">
|
||||
<target type="serial" port="0"/>
|
||||
</console>
|
||||
<input type="keyboard" bus="ps2"/>
|
||||
<input type="mouse" bus="ps2"/>
|
||||
<graphics type="spice" autoport="yes" listen="127.0.0.1">
|
||||
<listen type="address" address="127.0.0.1"/>
|
||||
<gl enable="no"/>
|
||||
</graphics>
|
||||
<audio id="1" type="spice"/>
|
||||
<video>
|
||||
<model type="virtio" heads="1" primary="yes">
|
||||
<acceleration accel3d="no"/>
|
||||
</model>
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x0"/>
|
||||
</video>
|
||||
<memballoon model="virtio">
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x06" function="0x0"/>
|
||||
</memballoon>
|
||||
<rng model="virtio">
|
||||
<backend model="random">/dev/urandom</backend>
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x08" function="0x0"/>
|
||||
</rng>
|
||||
</devices>
|
||||
<seclabel type="dynamic" model="dac" relabel="yes"/>
|
||||
</domain>
|
|
@ -1,4 +1,4 @@
|
|||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<!doctype html>
|
||||
<!--
|
||||
-- Copyright (C) 2023 Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
||||
--
|
||||
|
@ -10,11 +10,10 @@
|
|||
-- You should have received a copy of the GNU General Public License
|
||||
-- along with this file. If not, see <http://www.gnu.org/licenses/>.
|
||||
-->
|
||||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<html lang="fr-FR">
|
||||
<head>
|
||||
<title>DOMAIN</title>
|
||||
<meta name="keywords" content="a-lec, Libre en communs, logiciel libre" />
|
||||
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
|
||||
<meta charset="utf-8" />
|
||||
</head>
|
||||
<body>
|
||||
<h2>Experimental</h2>
|
||||
|
@ -100,9 +99,20 @@
|
|||
laquelle il tourne, etc.
|
||||
</p>
|
||||
|
||||
<!-- TODO:
|
||||
-- * Fournir un lien vers le code source qui est déployé
|
||||
-- * Expliquer comment contribuer
|
||||
-->
|
||||
<h2>Code source</h2>
|
||||
<ul>
|
||||
<li>Code source du service qui tourne:
|
||||
<a href="mumble-vm.tar.xz">mumble-vm.tar.xz</a>
|
||||
</li>
|
||||
<li> git:
|
||||
<a href="https://git.a-lec.org/GNUtoo/guix-mumble-vm.git">
|
||||
https://git.a-lec.org/GNUtoo/guix-mumble-vm.git
|
||||
</a>
|
||||
</li>
|
||||
<li> Comment contribuer: envoyer un patch par mail à l'auteur
|
||||
principal en attendant qu'on mette en place un meilleur système
|
||||
pour les contributions.
|
||||
</li>
|
||||
</ul>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
@ -0,0 +1,236 @@
|
|||
#!/bin/sh
|
||||
# Copyright (C) 2023 Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
||||
#
|
||||
# This file is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 3 of the License, or (at
|
||||
# your option) any later version.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this file. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
report()
|
||||
{
|
||||
ret=$?
|
||||
message="$@"
|
||||
|
||||
if [ ${ret} -eq 0 ] ; then
|
||||
echo "[ OK ] ${message}"
|
||||
else
|
||||
echo "[ !! ] ${message}"
|
||||
exit ${ret}
|
||||
fi
|
||||
}
|
||||
|
||||
environment_checks()
|
||||
{
|
||||
[ "$(id -u)" = "0" ] ; report "Running as root"
|
||||
|
||||
# Try to detect the installer
|
||||
_mount="none / overlay"
|
||||
_mount="${_mount} rw,relatime"
|
||||
_mount="${_mount},lowerdir=/real-root"
|
||||
_mount="${_mount},upperdir=/rw-root/upper"
|
||||
_mount="${_mount},workdir=/rw-root/work"
|
||||
_mount="${_mount} 0 0"
|
||||
|
||||
grep "${_mount}" "/proc/mounts" 2>&1 > /dev/null ; report "Mount check"
|
||||
|
||||
[ "${HOSTNAME}" = "gnu" ] ; report "Hostname check"
|
||||
}
|
||||
|
||||
|
||||
# FB31DBA3AB8DB76A4157329F7651568F80374459:
|
||||
# uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>
|
||||
# uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@riseup.net>
|
||||
# uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@makefreedom.org>
|
||||
# uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
||||
import_gpg_key()
|
||||
{
|
||||
cat <<EOF > FB31DBA3AB8DB76A4157329F7651568F80374459.asc
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQINBFksJcEBEADYjwYOrJmv5TX7NPItWRT7W+XNMe53NXoSZa9bEiHnTv8PoQaw
|
||||
ldPpHn3TTtN1Iq4QgvNVzr0uoxPAdxFUkcvF3bFH7u/aQoXoBXxl/HH3DAoR+HIa
|
||||
0XE1vPGEzUTybR2CmH3vMkfWsErEJuPxRPSTV0qouRGUU21FTuBy8x/HLyoO9L2M
|
||||
YZX98Y3hWHP4V6P/tSsGaNg73l4oIbVv1SLJdASPRG7FF/UyWZzf1mZjmjbEuju1
|
||||
z8Fcu/urGxiSQO2DPiCpPOIQwUjeaRQbvZQz7d7q6QLZ+lT8YhuFsIjVXDqOiuZ3
|
||||
t2c3Dgg+++RIW1w9KW2xOJHg7rDRA2RqSwf8t51xE/CVLXcWDGqiMG7hjVAO1iW4
|
||||
G31QvUWxDxvyzOTvGDuPb+5eHaGj1uM/ncLfxlPyc4LPRucxNDO426grMdUL9P1S
|
||||
MMUNWOt7Yg3Y4aKFA+/ukBdyoExgC3iubh4QoGuX+SKP46DXTlqQTPj3Fyp3tRWi
|
||||
VhFdMNCRTIDinN3S//KToZ7OxIkgsRG9sw2lGc4JzJxMpv6N++nZJuTFhc3cA3QE
|
||||
E0YGjAmPc2cgwoeGiWrxugWm6B0BWOzHlxzwwtEsK8TsDg4ifyp5erHPDGQ3rV3x
|
||||
gR5Jbf1p6VZE8IdTYoqP1gv+x5/0dK+2Nl2IHfgJ5FX0mKg9BD4+/JbtSwARAQAB
|
||||
tCpEZW5pcyAnR05VdG9vJyBDYXJpa2xpIDxHTlV0b29Abm8tbG9nLm9yZz6JAlQE
|
||||
EwEIAD4CGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AWIQT7Mdujq423akFXMp92
|
||||
UVaPgDdEWQUCY0g+1gUJC/1MigAKCRB2UVaPgDdEWV8mD/4icDedQRUNdOlBNroP
|
||||
p161qyYgMeQCOqpeUBVqQOZjXD75PyRWO5HZUjmzZb2+gAOBfRa2dlJGMEc2YzGz
|
||||
916WHq9sjcV6aZG1kTzgKVFo8PeStbvvhGCEIZ3jnfsfbZYvF6GvBzNWeTGoK+w3
|
||||
6wtzdfqI8ySjpy1Ul+V2TtJQAegCWee1qlLmRc49Zzi/s3ohw10FH5PnzcfPfxcB
|
||||
XaFSWV9dj4T9C89Ij2jpPMIVp2zZzWRZUHkw8e12xzdkDukLgDhmdLsOCFcIGw1a
|
||||
dgQNoZdRgTpxacNxrZssGTdaKNjXUSDTIb55SyCZzJNJli7Ict52RVXexUDwHTBn
|
||||
XQbL4MQNwR+gH7WqCMGnNjn/0j6jsnjXn+a+oLiSUHkfz6g+OZh9mNqV7TQfrRDv
|
||||
bj39GqAQVwt31rr1CcAkPLe99R6JPVCdli5ZhuJF00+D8hcwdNtWkZQheOHQM/k4
|
||||
0Lxn+VJKyoAhW/akI6iuNl+twS2vay3Y2G+dSIkCdwioYfe9buI1x7gAyP513kcC
|
||||
HFxHwCFEyfG9cmIaLEiIyO+4YJLgI4S22t9A20nZUawae4lDfunWtCj88hqPRAUB
|
||||
tgSLFkcKXmFQI0UoQXrLqdQAMKhOmXLHrOA03ZR+NCzf/FczP7jGTKdcNXUApvUZ
|
||||
iF37I1gkuZUMxMNDDjSVHQq1rLQqRGVuaXMgJ0dOVXRvbycgQ2FyaWtsaSA8R05V
|
||||
dG9vQHJpc2V1cC5uZXQ+iQJUBBMBCAA+AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4B
|
||||
AheAFiEE+zHbo6uNt2pBVzKfdlFWj4A3RFkFAmNIPtUFCQv9TIoACgkQdlFWj4A3
|
||||
RFmypg//XGUDW+m5nJMYbmYCyMQf3RPks4h7ncV8KBJg9zZZT/FKG1FVyUgQzMPe
|
||||
pjysvirmRMDrjPzcQRl2Io48eLQvExZALtGUONsPtuY409JW+nIqt5MeuKlcCiY6
|
||||
11c6fDEkt5/Bxa4640VAFNmUOXTWy/pl/ELH7W/RCsuOPDGmeRhBkkMm3EUGnZef
|
||||
7y6AZko3b02IvB35K1nt+eTZ+E2oYmNaiEI/Tfih5R5P31QCrrC9VCuJBmkoqanZ
|
||||
pvxUBgFbfgfv3QFLlXrXTWma/+kxQKoWsdunkXWOoFjJcgWl8eJ4bB1+JmMB1/S1
|
||||
AjQB4jqKjxGaka/cxJG4A1Sd9ad09m+IUW0k9ZlGYGm4ZiRwE26NNlMK0O/3czQX
|
||||
nKC0qmTUTpDey6A9H1w4cybQAX1PIYJZDR+5ipz+UWHrWhYsXzK71BbbxlXo0zgd
|
||||
uc8hSKhYm7tewUKticqrPAeuyEcBZkY1sGcuK+Up5rF3dQYaHGXgIxec9AoZpE2W
|
||||
PMRE4M7jEPU5XFI9g6Jx1YOxht7PXoqyyabjKQgIV9lyWHU2BQ+SyJ4QtRLeMN/v
|
||||
uI7dEvqyWXuX0JBdIU9DLpFfMlC7CY3ysPHN7M6FHWnEj+S2+qyBApUhOWFB5FHW
|
||||
QteCSXXf/OiaUDwTwqvV4vwYHU/tYHZbgnPNK1dBZ5+3IYbupm60L0RlbmlzICdH
|
||||
TlV0b28nIENhcmlrbGkgPEdOVXRvb0BtYWtlZnJlZWRvbS5vcmc+iQJUBBMBCAA+
|
||||
AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEE+zHbo6uNt2pBVzKfdlFWj4A3
|
||||
RFkFAmNIPssFCQv9TIoACgkQdlFWj4A3RFl25xAAw586zSEpR674/CZpT+vXf4RL
|
||||
phSxTWHFdBej3uy21coo5zMpJKFwe9IFKGK/tG2JhV/pGwmdPH3LKW4Hwuo77L5z
|
||||
p4iK5vdrQdhNKybICdAt58FtV2Pkv7GWZHCQpVwQFujp/f37CgCxSeobve2Rkfg4
|
||||
ZNABP3EHsXn0kDpBkavBVuCADn7EGbHVcCDExl0sXar4hyPMG/tOi9Q63LmNhdxx
|
||||
KsLI/BFmiPjePUekyYEh4mYjo+ZVOW+1r9dPXdR8vusBx486TcsfldcAMccUZWvo
|
||||
8UYOiebLSXnU1pDnUTQvOKr52rLInt2rAWpnpOsBt8RLPS6youqN1qakvgV+iMdA
|
||||
ujQAAAuV8SCF/FazHgoH2drtNNMVESeQHkJz0cR60ONWVhiHL/9HcZC0ot81Sypp
|
||||
Xwzddigz97c3O3V/GSxz2OjuKh5rbyPffD1eHR2/PVa55OL3wKAVlx228VFP2SUC
|
||||
XL3Pc+s/NTg365npwQh3Lw8FtSdnMt+EMCzu89alUu5Ei+w+oRCRC9v34eYNtzNN
|
||||
4CntgVnPvXLJV1gMImIlKkRzmrQn1x1VR0nEhY7928fwETutZcxJQmVCYug0rT4g
|
||||
crVuDnsqR1p0R+uNKcvMUkdFt9JWezSPjpS/tBSD2RsXeX55z+fS/HrvU0YfaRRH
|
||||
7EVrUJHRQPY7EC8xinK0MkRlbmlzICdHTlV0b28nIENhcmlrbGkgPEdOVXRvb0Bj
|
||||
eWJlcmRpbWVuc2lvbi5vcmc+iQJUBBMBCAA+AhsDBQsJCAcCBhUKCQgLAgQWAgMB
|
||||
Ah4BAheAFiEE+zHbo6uNt2pBVzKfdlFWj4A3RFkFAmNIPtUFCQv9TIoACgkQdlFW
|
||||
j4A3RFnhhw//QMHYtFMbR3XI7oXw82RiyjnHrStSsFckW2kbocK+7KV1Yli2u2SN
|
||||
3SGWBAP5LlqwLL1OoJ03nRDY81z193WrO0Kr3vFZAZXfMnD4t+bY6O1aFSoADb79
|
||||
7iFDwTjsyJvQ1Rw1siJQb1PQWrxHkNAfd0iU7x6GLhdU5s1nq4kvTP4SwhOmZ9AN
|
||||
tGrtHpnGUVZv705D2Xu7mnntiApsvxMzrwx2Fo9zNXTWX65nOyOXFufgYwtMPPOZ
|
||||
4jMitV+RFC/mChHwn6U0xn/exSSq/Xwi9DabH24kb466OLkTCew5DBEH+GSyY7+F
|
||||
BYO46lAFVLeAq3TnnkrfAZn/ildAKYTpv2VFZRjO2poG2Pax/0tA/8eO86ih+IxU
|
||||
mU10ddMyRHICA2OH56QFwFLgi4mktDiO11HeMF569VbNADnIls/1HDTTAqsZk9uf
|
||||
I/ZMyjNF8FoZa8AXwrLd1M+KAKNhZqvN1vVp2CF792z4VNMxfD/gzvsW/fq+lpgR
|
||||
n6Qn9BqDe6NoeRsI7u/lfJvDwciMZ2OvcQf+XkaBkMxeYXJXoG+zHqmW5Io+7xdX
|
||||
Ay619mKBm411exJTDMipoJU5djiEdNGrHFqvjKNAz/LGHmgL0m+saWc71a9fcAG8
|
||||
0i75TUpQOleBh/tkSYPHa+Gv7dF0ZQE657lWK3VZmdmSGXgSAtBt3ua5Ag0EWXPU
|
||||
7wEQALjMcmaRsGR1wFgR3RyIoCFNvmCBxDGaPb/X4TG10N5GXZFE1X7I9cZha+QF
|
||||
zF9hFAmN4FnKoWCWaobEhXG5ufoqvj2J3UBDW2s3Enwrhyva3kszMUBzv1dXwwrF
|
||||
qxp6Er73W7Semh64GRLjJo/tPA/mPnu/9qjumfOfydIFVnqYM7ZBx0aAhxzUyBjb
|
||||
okryIct3BEjPmRf+e8SfvFaqFJCNcvmvOVGOCVoz7N3cgLUTK12njj/Qak3nLabv
|
||||
9oQbNtngOYDAIWNPhDM+AUml5mw5Auab92aZyDJ4hmTPhov9OWoWeJFD5xR0R7RX
|
||||
Ol4PvRpA5O5qUa05PoLbp7pBOFmh52aUlaXc37QsgewJpDcCkzw4oZaQiVXwimjy
|
||||
hNAsv6lEYoSDNqPCIbUNmnrFljCMcRtfqtYKLCXNvUOG7+MjfYQ/nEVrPCPgUoQM
|
||||
5nbILxcHHWbECqYIQ4MLgBMEOEzEcp1mXdp+BJBbZiOSuofpMGDF4mbkzjgQOop4
|
||||
aBxzDLd+MjKPuD2uhhloLbf5kUGGBQXc9MNYbWno4c11AR3XLrgoLt2lAYTNX0lI
|
||||
zAjR08gulZlGHcuhoY5brFTtKEy92lUfwSAScvp8NAp6lEsroNqbPw0DdMe2Thpd
|
||||
Vmu9ztHoq0Z7nz0aRt3lQss9zLzphXGKh3Rv81R+QNOd988zABEBAAGJAjwEGAEI
|
||||
ACYCGwwWIQT7Mdujq423akFXMp92UVaPgDdEWQUCY0g/XAUJC7Wd7QAKCRB2UVaP
|
||||
gDdEWXu1D/931OK7RgkP0Nq9gDn6/IwXX+Dtl0JF3Ip3Oy2q6uHxu3YHK1Ezx9kV
|
||||
6T3sOb2MdtGL08qWfQlKRLU3dC7k85z6IAdhTrDOMTBeUssnY5Xgxl3cfJqBfQTW
|
||||
MZG3vqMlsJfUVOAueShUelzpOtYV/s3wm4UYR0zPP2+QDZgIDX8LHhdd3Ela1kgZ
|
||||
cz5OKbeBa30fHWIUQDybJmKFi8y+5629X7TeyFqsQ8CPXW317/eBpY3Q6mkp6pyZ
|
||||
iEEjeca/FQb9q9DsAIdkovfBSNnTZQAFePwIp1nR67LHuxMclxRPoAPtkym3rIWA
|
||||
y6w3n68fKUOIj92OhCBE/FE/nLl+BoFYOuYRoN3C7a7t3U4cAPW+9jl89w4zzvfg
|
||||
QvnAVKKba7szYcjSdyWbeMsIdq8Fe9T/6bdzs5ugR1yu0V618Foa6rPhDEiYjriG
|
||||
KoynZA4hZ9l83hT/kktu2jNYeIeXUqgWUFLZ3EeXynVDzqgN9buWzEZO8wZG2tNS
|
||||
sqTW9ZHZUuR6L9wUCjgPpRz4kREYdYmm5dm1uqXkQTwjo7vA1HRtGSun1FNYOl+w
|
||||
22tKNcU4erBZcKYUfyUP6gTQ4ojZN0rVb5AzT9wQoLcrljllDP9qQ45ndlov+0DD
|
||||
ccixs3PPK1ClY3puCyxX8QT7zROYhck9n0+YmuS/9TUnu19Az//aCbkCDQRZc9Sk
|
||||
ARAAsCIq2++gqtU8Z/lMDDAwVbNoq++FCA2apR4Lxj0G+jEog++8uJYawWDLpJ14
|
||||
Lvlm+OygM3s70RHyLKWiDWkdwDLbZ4b8MlHATBanEHeGsxQK9Td7VB0O3MQ/ICVs
|
||||
OjgTG8PJSv02HmNoGp/Zj3rbNSfXhomIq44aXRrw2ZxoNckj0xuHFSV85QlVy93f
|
||||
BgQiIozEPDJK8xGGn7a2gXwj6+hAaKTF1tOAWKHqInJpNduOZfVzpY5dHSUU4qjU
|
||||
TyvTEJhROA2QEo3qE5VZL2o/2rCapzqC+7pRzxEPDwcDGr2g/RFNLFSf3PvkH48M
|
||||
J66bid6aeI2uPdL9geWk6MJUCj03X2ylfFCKG0Bo0vWbv2wcJrZBCfHm256LTKHO
|
||||
lkBbvBrauzu1cTtivt8wtjm2wOiTII7nyyVvdhYuAirpYJfIFGV3iY8MJ7cdO7rI
|
||||
VRO1wkLiuE606zNJ3WCGJNwlhyFt+z8aYjB6UQwMhs1JztLFrghW+JsjzfgEXWvs
|
||||
d089woZR45PiF2Krm42E6tNBhhcJOmNFXHs5KN6oz8vAOrJ+Obw9HvBWTh5kMhdT
|
||||
ZdbGt3BZmtLfIFsEmvS+RCe5fGSiuPxudbfFzih04aXPG1wM8O4F0SFhzkwTrxGp
|
||||
46VyXZTH5xT1R56xbu44qvtYS2O8IhNKzLPROIOVqD9ey0kAEQEAAYkEcgQYAQgA
|
||||
JgIbAhYhBPsx26OrjbdqQVcyn3ZRVo+AN0RZBQJjSD9cBQkLtZ44AkDBdCAEGQEI
|
||||
AB0WIQR4L53b42un89TeSQZfXfzBQXfiYwUCWXPUpAAKCRBfXfzBQXfiY/ObD/4i
|
||||
x5aFvTz4OMAkhvOugcDekpVHC9gQU92j2boyZO4zi2RhB0JpGWWNU90WgUxorla3
|
||||
p31L44DYfg/ZoDG5zL7liykgAItt+Mwnf+hkNJZnm+dfj2lFAkBEXqpesZ8vyO6m
|
||||
BUOLhXSXd2N8+3XLwStAhC1OWE7ZcuCWmBtnbJad1HNujPhbW7tiddXhdSLbj/kG
|
||||
bjWTUdpH1TS9RNrp2tBqTCvLeXOr7NV+0FAuulO/6+m2OkRuuoj+5nVUmhmPqg4z
|
||||
z2hARiocg1nFca50uO5zbvYkbcggmN1hXrgEkKpThKnTEHaa/tFnfPSU5olPBpVX
|
||||
KP4u+e5ksMKvcLesLpFmqxz02ie1SQk17lZqMw35tHUBP+ZLlO5msdABUfmDpQ4j
|
||||
exTAFN0vfXkMc6MinFtO3WQtZ6Gf9r2oqlR+1siCAtX9l/zL2out4OTwFN7ekEE6
|
||||
7/pFhjDnQEUnY4MdcbAmOR5s3qs6YP+CUabGhkkyH8h4ffpZlNGLlJAz82oxK64A
|
||||
/Wbq5jFMn46nPM/m39+0QvcJD05gmF5PZJ7SXjf2z9Obt1RHPQJJ7+wvYHsQVZAI
|
||||
e8kT/PB74/jPzHYppF3EIFidf1fnRdguZZmG0DTXOUtTAdOAAdqt0MrtkjFzM2eD
|
||||
/3hy110zWKjd4tk7LQAeqYWPM5lzDrQ3ObdPT1+ysQkQdlFWj4A3RFnslw//QbwB
|
||||
PMuaPG9LlcoR8qSQtyXcn5TflVVH1wYa7iL9WSG5NPpx5/FFZKScWMJjjhHUDtc6
|
||||
jnICjLw+83gDOxeFIVyMg/9yT0DS7UPxc904c6G9WRyIdQqA5sRq7Iuk45S30LEZ
|
||||
v2c0+RYk8m0zSlD7vqiRY9myZKrRiWkfylAq/VL/HR6S5eKrPRgEbcQDXsoqyhnM
|
||||
n9cDc+81eOPpKW9S2+xqmo+x3WCISdi2Nr6R3WkyabWkikvlTcd7can/4amKPmIN
|
||||
i2vUVSfhsWaFGvgb8nv0Ebd6yjeDLZ8FI32KCeAYGh6FiJPC5DiFvMlbLXi4SJwu
|
||||
5p0j36xa+jJrylK/4XEJqQn6MrQ9+zdROT6bc3YlxkRXflEnE2uJshT8nSLE/j3v
|
||||
ydSHxgxAbdQ14oocvr7CltS7t0xup/YiOUtcHhprCB02PYdpT/XhZjW0pi/vyhdX
|
||||
6sGFRuCueLRf1cJiCJhISYbR4VyoMLcnvdcoKUa+/ikC6CkyZGxwAH1JGcEVjzD+
|
||||
4xG8l8/ubA3DSguKNpI1dGzVxpWgJnJzMCXBcwxp5c+kKH94QbKAUVt+16dUaY9k
|
||||
0hhucHQnbTHS3w9jY7rZ6sAZHufb9LQMMWunerecL6WvAR+XUydMd1rJS93j4y1W
|
||||
fNHj/507Jk+Ogk89eojQYjZNHCF+Zhyk6IRyI84=
|
||||
=4ncY
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
EOF
|
||||
|
||||
guix shell gnupg -- \
|
||||
gpg --import FB31DBA3AB8DB76A4157329F7651568F80374459.asc && \
|
||||
rm -f FB31DBA3AB8DB76A4157329F7651568F80374459.asc
|
||||
}
|
||||
|
||||
environment_checks
|
||||
|
||||
tmpdir="$(mktemp -d)"
|
||||
cd "${tmpdir}"
|
||||
|
||||
guix pull ; report "Guix pull"
|
||||
hash guix ; report "hash guix"
|
||||
|
||||
import_gpg_key ; report "Import GPG key"
|
||||
|
||||
guix shell -C --network git nss-certs -- \
|
||||
git clone https://git.a-lec.org/GNUtoo/guix-mumble-vm.git -b guix-installer ; \
|
||||
report "Cloning machine configuration git"
|
||||
|
||||
cd "guix-mumble-vm" ; report "cd guix-mumble-vm"
|
||||
|
||||
guix shell git gnupg -- \
|
||||
git verify-commit HEAD ; report "check git signature"
|
||||
|
||||
guix shell -C --nesting autoconf automake bash coreutils grep sed -- \
|
||||
./autogen.sh ; report "./autogen.sh"
|
||||
|
||||
guix shell -C --nesting bash coreutils gawk grep sed -- \
|
||||
./configure ; report "./configure"
|
||||
|
||||
guix shell -C --nesting automake coreutils gawk grep make sed tar xz -- \
|
||||
make mumble-vm.tar.xz ; report "Generating VM definition"
|
||||
|
||||
cp mumble-vm.tar.xz ../ && \
|
||||
cd ../ && \
|
||||
rm -rf mumble-vm && \
|
||||
guix shell -C tar xz -- tar xf mumble-vm.tar.xz && \
|
||||
rm -f mumble-vm.tar.xz ; report "Removing git repository"
|
||||
|
||||
guix gc ; report "guix gc"
|
||||
|
||||
echo 'label: gpt' | sfdisk /dev/vda ; report "GPT creation on /dev/vda" ; \
|
||||
report "GPT formating"
|
||||
|
||||
echo ';;L;*' | sfdisk /dev/vda ; report "/dev/vda1 creation" ; \
|
||||
report "Adding partition"
|
||||
|
||||
mkfs.ext4 -F -L Guix_image /dev/vda1 ; report "EXT4 formating"
|
||||
|
||||
mount /dev/vda1 /mnt ; report "mount /dev/vda1 /mnt" ; report "mounting rootfs"
|
||||
|
||||
herd start cow-store /mnt ; report "Using /mnt for storing guix system init packages"
|
||||
guix system init mumble-vm-system.scm /mnt ; report "guix system init"
|
||||
umount /mnt ; report "umount rootfs"
|
||||
|
||||
printf "Installation done: %s\n" \
|
||||
"you can remove the install media and reboot to the new VM"
|
|
@ -34,12 +34,14 @@
|
|||
(package
|
||||
(name "website")
|
||||
(version "0.1")
|
||||
(source (local-file "index.html" ))
|
||||
;; TODO: Make that tarball reproducible
|
||||
(source (local-file "mumble-vm.tar.xz"))
|
||||
(build-system copy-build-system)
|
||||
(arguments
|
||||
(list
|
||||
#:install-plan
|
||||
#~(list '("index.html" "var/www/DOMAIN/"))))
|
||||
#~(list '("index.html" "var/www/DOMAIN/")
|
||||
'(#$source "var/www/DOMAIN/"))))
|
||||
(synopsis "The DOMAIN website.")
|
||||
(description
|
||||
"The website contains how to use the service, and how to
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
<domain type="kvm">
|
||||
<name>mumble-vm</name>
|
||||
<name>audio.experimental.a-lec.org</name>
|
||||
<memory unit="KiB">4194304</memory>
|
||||
<currentMemory unit="KiB">4194304</currentMemory>
|
||||
<vcpu placement="static">1</vcpu>
|
||||
<resource>
|
||||
<partition>/machine</partition>
|
||||
</resource>
|
||||
|
@ -31,7 +32,7 @@
|
|||
<emulator>/usr/bin/qemu-system-x86_64</emulator>
|
||||
<disk type="file" device="disk">
|
||||
<driver name="qemu" type="raw"/>
|
||||
<source file="/var/lib/libvirt/images/distros/mumble-vm.img"/>
|
||||
<source file="/srv/vmverse/noyau/audio.experimental.a-lec.org"/>
|
||||
<target dev="vda" bus="virtio"/>
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x05" function="0x0"/>
|
||||
</disk>
|
||||
|
@ -52,7 +53,7 @@
|
|||
</controller>
|
||||
<controller type="pci" index="0" model="pci-root"/>
|
||||
<interface type="bridge">
|
||||
<source bridge="lan0"/>
|
||||
<source bridge="br0"/>
|
||||
<model type="virtio"/>
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x03" function="0x0"/>
|
||||
</interface>
|
||||
|
@ -81,16 +82,13 @@
|
|||
</console>
|
||||
<input type="keyboard" bus="ps2"/>
|
||||
<input type="mouse" bus="ps2"/>
|
||||
<graphics type="spice" autoport="yes" listen="127.0.0.1">
|
||||
<listen type="address" address="127.0.0.1"/>
|
||||
<graphics type="spice">
|
||||
<listen type="none"/>
|
||||
<gl enable="no"/>
|
||||
</graphics>
|
||||
<audio id="1" type="spice"/>
|
||||
<video>
|
||||
<model type="virtio" heads="1" primary="yes">
|
||||
<acceleration accel3d="no"/>
|
||||
</model>
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x0"/>
|
||||
<model type="none"/>
|
||||
</video>
|
||||
<memballoon model="virtio">
|
||||
<address type="pci" domain="0x0000" bus="0x00" slot="0x06" function="0x0"/>
|
||||
|
|
Loading…
Reference in New Issue