This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
manuals:distributions:guix [2023/12/19 21:04] – Add an example of an alternative configuration tomas.volf | manuals:distributions:guix [2023/12/20 12:18] (current) – tomas.volf | ||
---|---|---|---|
Line 32: | Line 32: | ||
* /gnu/store is not mounted with noatime flag. This could lead to reproducibility issues. | * /gnu/store is not mounted with noatime flag. This could lead to reproducibility issues. | ||
- | ===== Alternative configuration ===== | + | ===== Alternative configuration |
Slightly adjusted, single file, alternative configuration can be found below to be used as a starting point for your '' | Slightly adjusted, single file, alternative configuration can be found below to be used as a starting point for your '' | ||
Line 39: | Line 39: | ||
* No password authentication is allowed for ssh. | * No password authentication is allowed for ssh. | ||
* In a single file. | * In a single file. | ||
+ | * Added parts for guix deploy | ||
<code scheme> | <code scheme> | ||
(use-modules (gnu) | (use-modules (gnu) | ||
+ | (gnu machine) | ||
+ | (gnu machine ssh) | ||
(gnu packages bash) | (gnu packages bash) | ||
(gnu packages certs) | (gnu packages certs) | ||
Line 151: | Line 154: | ||
| | ||
+ | (define %signing-key | ||
+ | ;; Fill this with your local signing key (/ | ||
+ | " | ||
+ | (define %system | ||
+ | (operating-system | ||
+ | (host-name " | ||
+ | ;; Servers usually use UTC regardless of the location. | ||
+ | (timezone " | ||
+ | (locale " | ||
- | (operating-system | + | |
- | (host-name " | + | (bootloader %ct-bootloader) |
- | ;; Servers usually use UTC regardless of the location. | + | |
- | | + | |
- | (locale " | + | |
- | | + | (firmware '()) |
- | (bootloader %ct-bootloader) | + | (initrd-modules '()) |
- | | + | |
- | | + | %base-packages)) |
- | | + | |
- | | + | (modify-services |
+ | (operating-system-default-essential-services this-operating-system) | ||
+ | | ||
+ | | ||
- | (essential-services | + | (file-systems |
- | | + | |
- | (delete firmware-service-type) | + | |
- | | + | |
- | | + | |
+ | | ||
+ | | ||
+ | (openssh openssh-sans-x) | ||
+ | (permit-root-login #t) | ||
+ | ;; Only keys are allowed. | ||
+ | (password-authentication? | ||
+ | (simple-service ' | ||
+ | (guix-extension | ||
+ | | ||
+ | (list (plain-file " | ||
+ | | ||
+ | |||
+ | ;;; Set this to the SSH key of the machine. | ||
+ | (define %host-key | ||
+ | " | ||
+ | |||
+ | (define %machine | ||
+ | (machine | ||
+ | | ||
+ | | ||
+ | | ||
+ | ;; Put the IP or host name here. | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | (list %machine) | ||
- | (services (cons* (service openssh-service-type | ||
- | (openssh-configuration | ||
- | | ||
- | | ||
- | ;; Only keys are allowed. | ||
- | | ||
- | | ||
</ | </ | ||
+ | |||
+ | If you will go via the guix deploy route, you should likely delete the /etc/config directory to prevent any confusion. |