diff options
Diffstat (limited to '')
| -rw-r--r-- | site/posts/2018-07-15-running-guix-on-nixos.org | 52 | ||||
| -rw-r--r-- | site/posts/2018-07-17-running-guix-on-nixos.org | 149 |
2 files changed, 149 insertions, 52 deletions
diff --git a/site/posts/2018-07-15-running-guix-on-nixos.org b/site/posts/2018-07-15-running-guix-on-nixos.org deleted file mode 100644 index ebf5400..0000000 --- a/site/posts/2018-07-15-running-guix-on-nixos.org +++ /dev/null @@ -1,52 +0,0 @@ ---- -title: Running Guix on NixOS -date: 2018-07-15 ---- -https://riot.im/app/#/room/#freenode_#guix:matrix.org/$1531510045400627zjGbq:matrix.org -* h1 -** h2 -#+BEGIN_SRC nix -n - # FIXME: add line number - { config, pkgs, ...}: - - { - - # NixOS usual config - - users = { - mutableUsers = false; - - extraUsers = - let - andrehUser = { - andreh = { - # my custom user config - }; - }; - # From the Guix manual: - # https://www.gnu.org/software/guix/manual/en/html_node/Build-Environment-Setup.html#Build-Environment-Setup - buildUser = (i: - { - "guixbuilder${i}" = { # guixbuilder$i - group = "guixbuild"; # -g guixbuild - extraGroups = ["guixbuild"]; # -G guixbuild - home = "/var/empty"; # -d /var/empty - shell = pkgs.nologin; # -s `which nologin` - description = "Guix build user ${i}"; # -c "Guix buid user $i" - isSystemUser = true; # --system - }; - } - ); - in - # merge all users - pkgs.lib.fold (str: acc: acc // buildUser str) - andrehUser - # for i in `seq -w 1 10` - (map (pkgs.lib.fixedWidthNumber 2) (builtins.genList (n: n+1) 10)); - - extraGroups.guixbuild = { - name = "guixbuild"; - }; - }; - } -#+END_SRC diff --git a/site/posts/2018-07-17-running-guix-on-nixos.org b/site/posts/2018-07-17-running-guix-on-nixos.org new file mode 100644 index 0000000..535b271 --- /dev/null +++ b/site/posts/2018-07-17-running-guix-on-nixos.org @@ -0,0 +1,149 @@ +--- +title: Running Guix on NixOS +date: 2018-07-17 +--- +I wanted to run Guix on a NixOS machine. Even though the Guix manual explains how to do it [[https://www.gnu.org/software/guix/manual/en/html_node/Binary-Installation.html#Binary-Installation][step by step]], I needed a few extra steps to make it work properly. + +I couldn't just install GuixSD because the wireless network card doesn't have any free/libre drivers (yet). +** Creating =guixbuilder= users +Guix requires you to create non-root users that will be used to perform the builds in the isolated environments. + +The [[https://www.gnu.org/software/guix/manual/en/html_node/Build-Environment-Setup.html#Build-Environment-Setup][manual]] already provides you with a ready to run (as root) command for creating the build users: +#+BEGIN_SRC bash -n +groupadd --system guixbuild +for i in `seq -w 1 10`; +do + useradd -g guixbuild -G guixbuild \ + -d /var/empty -s `which nologin` \ + -c "Guix build user $i" --system \ + guixbuilder$i; +done +#+END_SRC +However, In my personal NixOS I have disabled =users.mutableUsers=, which means that even if I run the above command it means that they'll be removed once I rebuild my OS: +#+BEGIN_SRC +removing user ‘guixbuilder7’ +removing user ‘guixbuilder3’ +removing user ‘guixbuilder10’ +removing user ‘guixbuilder1’ +removing user ‘guixbuilder6’ +removing user ‘guixbuilder9’ +removing user ‘guixbuilder4’ +removing user ‘guixbuilder2’ +removing user ‘guixbuilder8’ +removing user ‘guixbuilder5’ +#+END_SRC +Instead of enabling =users.mutableUsers= I could add the Guix users by adding them to my system configuration: +#+BEGIN_SRC nix -n +{ config, pkgs, ...}: + +{ + + # ... NixOS usual config ellided ... + + users = { + mutableUsers = false; + + extraUsers = + let + andrehUser = { + andreh = { + # my custom user config + }; + }; + buildUser = (i: + { + "guixbuilder${i}" = { # guixbuilder$i + group = "guixbuild"; # -g guixbuild + extraGroups = ["guixbuild"]; # -G guixbuild + home = "/var/empty"; # -d /var/empty + shell = pkgs.nologin; # -s `which nologin` + description = "Guix build user ${i}"; # -c "Guix buid user $i" + isSystemUser = true; # --system + }; + } + ); + in + # merge all users + pkgs.lib.fold (str: acc: acc // buildUser str) + andrehUser + # for i in `seq -w 1 10` + (map (pkgs.lib.fixedWidthNumber 2) (builtins.genList (n: n+1) 10)); + + extraGroups.guixbuild = { + name = "guixbuild"; + }; + }; +} +#+END_SRC +Here I used =fold= and the =//= operator to merge all of the configuration sets into a single =extraUsers= value. +** Creating the =systemd= service +One other thing missing was the =systemd= service. + +First I couldn't just copy the =.service= file to =/etc= since in NixOS that folder isn't writable. But also I wanted the service to be better integrated with the OS. + +That was a little easier than creating the users, all I had to do was translate the provided =guix-daemon.service= configuration to an equivalent Nix expression +#+BEGIN_SRC ini -n +# This is a "service unit file" for the systemd init system to launch +# 'guix-daemon'. Drop it in /etc/systemd/system or similar to have +# 'guix-daemon' automatically started. + +[Unit] +Description=Build daemon for GNU Guix + +[Service] +ExecStart=/var/guix/profiles/per-user/root/guix-profile/bin/guix-daemon --build-users-group=guixbuild +Environment=GUIX_LOCPATH=/root/.guix-profile/lib/locale +RemainAfterExit=yes +StandardOutput=syslog +StandardError=syslog + +# See <https://lists.gnu.org/archive/html/guix-devel/2016-04/msg00608.html>. +# Some package builds (for example, go@1.8.1) may require even more than +# 1024 tasks. +TasksMax=8192 + +[Install] +WantedBy=multi-user.target +#+END_SRC +This sample =systemd= configuration file became: +#+BEGIN_SRC nix -n +# Derived from Guix guix-daemon.service.in +# https://git.savannah.gnu.org/cgit/guix.git/tree/etc/guix-daemon.service.in?id=00c86a888488b16ce30634d3a3a9d871ed6734a2 +guix-daemon = { + enable = true; + description = "Build daemon for GNU Guix"; + serviceConfig = { + ExecStart = "/var/guix/profiles/per-user/root/guix-profile/bin/guix-daemon --build-users-group=guixbuild"; + Environment="GUIX_LOCPATH=/root/.guix-profile/lib/locale"; + RemainAfterExit="yes"; + StandardOutput="syslog"; + StandardError="syslog"; + TaskMax= "8192"; + }; + wantedBy = [ "multi-user.target" ]; +}; +#+END_SRC +There you go! After running =sudo nixos-rebuild switch= I could get Guix up and running: +#+BEGIN_SRC bash -n +$ guix package -i hello +The following package will be installed: + hello 2.10 /gnu/store/bihfrh609gkxb9dp7n96wlpigiv3krfy-hello-2.10 + +substitute: updating substitutes from 'https://mirror.hydra.gnu.org'... 100.0% +The following derivations will be built: + /gnu/store/nznmdn6inpwxnlkrasydmda4s2vsp9hg-profile.drv + /gnu/store/vibqrvw4c8lacxjrkqyzqsdrmckv77kq-fonts-dir.drv + /gnu/store/hi8alg7wi0wgfdi3rn8cpp37zhx8ykf3-info-dir.drv + /gnu/store/cvkbp378cvfjikz7mjymhrimv7j12p0i-ca-certificate-bundle.drv + /gnu/store/d62fvxymnp95rzahhmhf456bsf0xg1c6-manual-database.drv +Creating manual page database... +1 entries processed in 0.0 s +2 packages in profile +$ hello +Hello, world! +#+END_SRC +Some improvements to this approach are: +1. looking into [[https://nixos.org/nixos/manual/index.html#sec-writing-modules][NixOS modules]] and trying to bundle everything together into a single logical unit; +2. [[https://www.gnu.org/software/guix/manual/en/html_node/Requirements.html#Requirements][build Guix from source]] and share the Nix store and daemon with Guix. + +Happy Guix/Nix hacking! |