Commit | Line | Data |
---|---|---|
f5fdc54d | 1 | #!/bin/sh |
6f4e8693 RW |
2 | # GNU Guix --- Functional package management for GNU |
3 | # Copyright © 2017 sharlatan <sharlatanus@gmail.com> | |
4 | # Copyright © 2018 Ricardo Wurmus <rekado@elephly.net> | |
ea6b1bae | 5 | # Copyright © 2018 Efraim Flashner <efraim@flashner.co.il> |
54c0b5c4 | 6 | # Copyright © 2019–2020, 2022 Tobias Geerinckx-Rice <me@tobias.gr> |
cabac732 | 7 | # Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com> |
b3fba5ef | 8 | # Copyright © 2020 Simon Tournier <zimon.toutoune@gmail.com> |
8311e4e1 | 9 | # Copyright © 2020 Daniel Brooks <db48x@db48x.net> |
9d34b04f | 10 | # Copyright © 2021 Jakub Kądziołka <kuba@kadziolka.net> |
a16eb6c5 | 11 | # Copyright © 2021 Chris Marusich <cmmarusich@gmail.com> |
6a2e303d | 12 | # Copyright © 2021, 2022 Maxim Cournoyer <maxim.cournoyer@gmail.com> |
6f4e8693 RW |
13 | # |
14 | # This file is part of GNU Guix. | |
15 | # | |
16 | # GNU Guix is free software; you can redistribute it and/or modify it | |
17 | # under the terms of the GNU General Public License as published by | |
18 | # the Free Software Foundation; either version 3 of the License, or (at | |
19 | # your option) any later version. | |
20 | # | |
21 | # GNU Guix is distributed in the hope that it will be useful, but | |
22 | # WITHOUT ANY WARRANTY; without even the implied warranty of | |
23 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
24 | # GNU General Public License for more details. | |
25 | # | |
26 | # You should have received a copy of the GNU General Public License | |
27 | # along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
28 | ||
f5fdc54d LC |
29 | # We require Bash but for portability we'd rather not use /bin/bash or |
30 | # /usr/bin/env in the shebang, hence this hack. | |
31 | if [ "x$BASH_VERSION" = "x" ] | |
32 | then | |
33 | exec bash "$0" "$@" | |
34 | fi | |
35 | ||
1e8e84b2 | 36 | set -eo pipefail |
6f4e8693 RW |
37 | |
38 | [ "$UID" -eq 0 ] || { echo "This script must be run as root."; exit 1; } | |
39 | ||
40 | REQUIRE=( | |
41 | "dirname" | |
42 | "readlink" | |
43 | "wget" | |
44 | "gpg" | |
45 | "grep" | |
46 | "which" | |
47 | "sed" | |
48 | "sort" | |
49 | "getent" | |
50 | "mktemp" | |
51 | "rm" | |
52 | "chmod" | |
53 | "uname" | |
54 | "groupadd" | |
55 | "tail" | |
56 | "tr" | |
39939e30 | 57 | "xz" |
6f4e8693 RW |
58 | ) |
59 | ||
60 | PAS=$'[ \033[32;1mPASS\033[0m ] ' | |
61 | ERR=$'[ \033[31;1mFAIL\033[0m ] ' | |
b2683a2b | 62 | WAR=$'[ \033[33;1mWARN\033[0m ] ' |
6f4e8693 RW |
63 | INF="[ INFO ] " |
64 | ||
65 | DEBUG=0 | |
3a3e9f2b | 66 | GNU_URL="https://ftp.gnu.org/gnu/guix/" |
8311e4e1 | 67 | #GNU_URL="https://alpha.gnu.org/gnu/guix/" |
18570922 MC |
68 | |
69 | # The following associative array holds set of GPG keys used to sign the | |
70 | # releases, keyed by their corresponding Savannah user ID. | |
71 | declare -A GPG_SIGNING_KEYS | |
72 | GPG_SIGNING_KEYS[15145]=3CE464558A84FDC69DB40CFB090B11993D9AEBB5 # ludo | |
73 | GPG_SIGNING_KEYS[127547]=27D586A4F8900854329FF09F1260E46482E63562 # maxim | |
6f4e8693 RW |
74 | |
75 | # ------------------------------------------------------------------------------ | |
76 | #+UTILITIES | |
77 | ||
78 | _err() | |
79 | { # All errors go to stderr. | |
80 | printf "[%s]: %s\n" "$(date +%s.%3N)" "$1" | |
81 | } | |
82 | ||
83 | _msg() | |
84 | { # Default message to stdout. | |
85 | printf "[%s]: %s\n" "$(date +%s.%3N)" "$1" | |
86 | } | |
87 | ||
88 | _debug() | |
89 | { | |
90 | if [ "${DEBUG}" = '1' ]; then | |
91 | printf "[%s]: %s\n" "$(date +%s.%3N)" "$1" | |
92 | fi | |
93 | } | |
94 | ||
231e5f29 MC |
95 | die() |
96 | { | |
97 | _err "${ERR}$*" | |
98 | exit 1 | |
99 | } | |
100 | ||
e46bb5fd MC |
101 | # Return true if user answered yes, false otherwise. The prompt is |
102 | # yes-biased, that is, when the user simply enter newline, it is equivalent to | |
103 | # answering "yes". | |
5b0ce339 MC |
104 | # $1: The prompt question. |
105 | prompt_yes_no() { | |
e46bb5fd MC |
106 | local -l yn |
107 | read -rp "$1 [Y/n]" yn | |
108 | [[ ! $yn || $yn = y || $yn = yes ]] || return 1 | |
5b0ce339 | 109 | } |
6f4e8693 RW |
110 | |
111 | chk_require() | |
112 | { # Check that every required command is available. | |
6f4e8693 | 113 | declare -a warn |
7a2e0c52 | 114 | local c |
6f4e8693 | 115 | |
e61fe664 | 116 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 | 117 | |
6c77d79a | 118 | for c in "$@"; do |
593fe736 | 119 | command -v "$c" &>/dev/null || warn+=("$c") |
6f4e8693 RW |
120 | done |
121 | ||
122 | [ "${#warn}" -ne 0 ] && | |
123 | { _err "${ERR}Missing commands: ${warn[*]}."; | |
124 | return 1; } | |
125 | ||
126 | _msg "${PAS}verification of required commands completed" | |
5d8e505c TGR |
127 | } |
128 | ||
129 | chk_gpg_keyring() | |
130 | { # Check whether the Guix release signing public key is present. | |
e61fe664 | 131 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
18570922 MC |
132 | local user_id |
133 | local gpg_key_id | |
134 | local exit_flag | |
135 | ||
136 | for user_id in "${!GPG_SIGNING_KEYS[@]}"; do | |
137 | gpg_key_id=${GPG_SIGNING_KEYS[$user_id]} | |
138 | # Without --dry-run this command will create a ~/.gnupg owned by root on | |
139 | # systems where gpg has never been used, causing errors and confusion. | |
54c0b5c4 TGR |
140 | if gpg --dry-run --list-keys "$gpg_key_id" >/dev/null 2>&1; then |
141 | continue | |
142 | fi | |
143 | if prompt_yes_no "${INF}The following OpenPGP public key is \ | |
5b0ce339 | 144 | required to verify the Guix binary signature: $gpg_key_id. |
6a2e303d | 145 | Would you like me to fetch it for you?"; then |
54c0b5c4 TGR |
146 | # Use a reasonable time-out here so users don't report silent |
147 | # ‘freezes’ when Savannah goes out to lunch, as has happened. | |
148 | if wget "https://sv.gnu.org/people/viewgpg.php?user_id=$user_id" \ | |
149 | --timeout=30 --no-verbose -O- | gpg --import -; then | |
150 | continue | |
151 | fi | |
152 | fi | |
153 | # If we reach this point, the key is (still) missing. Report further | |
154 | # missing keys, if any, but then abort the installation. | |
155 | _err "${ERR}Missing OpenPGP public key ($gpg_key_id). | |
5b0ce339 MC |
156 | Fetch it with this command: |
157 | ||
e4ed0b39 | 158 | wget \"https://sv.gnu.org/people/viewgpg.php?user_id=$user_id\" -O - | \ |
5b0ce339 | 159 | sudo -i gpg --import -" |
54c0b5c4 | 160 | exit_flag=yes |
18570922 | 161 | done |
e61fe664 MC |
162 | if [ "$exit_flag" = yes ]; then |
163 | exit 1 | |
164 | fi | |
6f4e8693 RW |
165 | } |
166 | ||
167 | chk_term() | |
168 | { # Check for ANSI terminal for color printing. | |
6f4e8693 RW |
169 | if [ -t 2 ]; then |
170 | if [ "${TERM+set}" = 'set' ]; then | |
171 | case "$TERM" in | |
172 | xterm*|rxvt*|urxvt*|linux*|vt*|eterm*|screen*) | |
6f4e8693 RW |
173 | ;; |
174 | *) | |
6f4e8693 RW |
175 | ERR="[ FAIL ] " |
176 | PAS="[ PASS ] " | |
177 | ;; | |
178 | esac | |
179 | fi | |
180 | fi | |
181 | } | |
182 | ||
183 | chk_init_sys() | |
184 | { # Return init system type name. | |
185 | if [[ $(/sbin/init --version 2>/dev/null) =~ upstart ]]; then | |
186 | _msg "${INF}init system is: upstart" | |
187 | INIT_SYS="upstart" | |
188 | return 0 | |
dc1aede3 | 189 | elif [[ $(systemctl 2>/dev/null) =~ -\.mount ]]; then |
6f4e8693 RW |
190 | _msg "${INF}init system is: systemd" |
191 | INIT_SYS="systemd" | |
192 | return 0 | |
193 | elif [[ -f /etc/init.d/cron && ! -h /etc/init.d/cron ]]; then | |
194 | _msg "${INF}init system is: sysv-init" | |
195 | INIT_SYS="sysv-init" | |
196 | return 0 | |
cabac732 MS |
197 | elif [[ $(openrc --version 2>/dev/null) =~ \(OpenRC\) ]]; then |
198 | _msg "${INF}init system is: OpenRC" | |
199 | INIT_SYS="openrc" | |
200 | return 0 | |
6f4e8693 RW |
201 | else |
202 | INIT_SYS="NA" | |
203 | _err "${ERR}Init system could not be detected." | |
204 | fi | |
205 | } | |
206 | ||
207 | chk_sys_arch() | |
208 | { # Check for operating system and architecture type. | |
209 | local os | |
210 | local arch | |
211 | ||
212 | os="$(uname -s)" | |
213 | arch="$(uname -m)" | |
214 | ||
215 | case "$arch" in | |
216 | i386 | i486 | i686 | i786 | x86) | |
217 | local arch=i686 | |
218 | ;; | |
219 | x86_64 | x86-64 | x64 | amd64) | |
220 | local arch=x86_64 | |
221 | ;; | |
ea6b1bae EF |
222 | aarch64) |
223 | local arch=aarch64 | |
224 | ;; | |
7c164068 VL |
225 | armv7l) |
226 | local arch=armhf | |
227 | ;; | |
a16eb6c5 CM |
228 | ppc64le | powerpc64le) |
229 | local arch=powerpc64le | |
230 | ;; | |
6f4e8693 | 231 | *) |
231e5f29 | 232 | die "Unsupported CPU type: ${arch}" |
6f4e8693 RW |
233 | esac |
234 | ||
235 | case "$os" in | |
236 | Linux | linux) | |
237 | local os=linux | |
238 | ;; | |
239 | *) | |
231e5f29 | 240 | die "Your operation system (${os}) is not supported." |
6f4e8693 RW |
241 | esac |
242 | ||
243 | ARCH_OS="${arch}-${os}" | |
244 | } | |
245 | ||
b2683a2b | 246 | chk_sys_nscd() |
247 | { # Check if nscd is up and suggest to start it or install it | |
248 | if [ "$(type -P pidof)" ]; then | |
249 | if [ ! "$(pidof nscd)" ]; then | |
250 | _msg "${WAR}We recommend installing and/or starting your distribution 'nscd' service" | |
251 | _msg "${WAR}Please read 'info guix \"Application Setup\"' about \"Name Service Switch\"" | |
252 | fi | |
253 | else | |
254 | _msg "${INF}We cannot determine if your distribution 'nscd' service is running" | |
255 | _msg "${INF}Please read 'info guix \"Application Setup\"' about \"Name Service Switch\"" | |
256 | fi | |
257 | } | |
258 | ||
4cbe0127 MC |
259 | # Configure substitute discovery according to user's preferences. |
260 | # $1 is the installed service file to edit. | |
261 | configure_substitute_discovery() { | |
262 | if grep -q -- '--discover=no' "$1" && \ | |
263 | prompt_yes_no "Would you like the Guix daemon to automatically \ | |
6a2e303d | 264 | discover substitute servers on the local network?"; then |
4cbe0127 MC |
265 | sed -i 's/--discover=no/--discover=yes/' "$1" |
266 | fi | |
267 | } | |
268 | ||
6f4e8693 RW |
269 | # ------------------------------------------------------------------------------ |
270 | #+MAIN | |
271 | ||
272 | guix_get_bin_list() | |
273 | { # Scan GNU archive and save list of binaries | |
274 | local gnu_url="$1" | |
275 | local -a bin_ver_ls | |
276 | local latest_ver | |
277 | local default_ver | |
278 | ||
e61fe664 | 279 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 RW |
280 | |
281 | # Filter only version and architecture | |
e4ed0b39 | 282 | bin_ver_ls=("$(wget "$gnu_url" --no-verbose -O- \ |
8311e4e1 | 283 | | sed -n -e 's/.*guix-binary-\([0-9.]*[a-z0-9]*\)\..*.tar.xz.*/\1/p' \ |
6f4e8693 RW |
284 | | sort -Vu)") |
285 | ||
1f4e878f | 286 | latest_ver="$(echo "${bin_ver_ls[0]}" \ |
8311e4e1 | 287 | | grep -oE "([0-9]{1,2}\.){2}[0-9]{1,2}[a-z0-9]*" \ |
6f4e8693 RW |
288 | | tail -n1)" |
289 | ||
290 | default_ver="guix-binary-${latest_ver}.${ARCH_OS}" | |
291 | ||
292 | if [[ "${#bin_ver_ls}" -ne "0" ]]; then | |
293 | _msg "${PAS}Release for your system: ${default_ver}" | |
294 | else | |
231e5f29 | 295 | die "Could not obtain list of Guix releases." |
6f4e8693 RW |
296 | fi |
297 | ||
298 | # Use default to download according to the list and local ARCH_OS. | |
1f4e878f | 299 | BIN_VER="${default_ver}" |
6f4e8693 RW |
300 | } |
301 | ||
302 | guix_get_bin() | |
303 | { # Download and verify binary package. | |
304 | local url="$1" | |
305 | local bin_ver="$2" | |
306 | local dl_path="$3" | |
e61fe664 | 307 | local wget_args=() |
6f4e8693 | 308 | |
e61fe664 | 309 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 RW |
310 | |
311 | _msg "${INF}Downloading Guix release archive" | |
312 | ||
e61fe664 | 313 | wget --help | grep -q '\--show-progress' \ |
e4ed0b39 | 314 | && wget_args=("--no-verbose" "--show-progress") |
6f4e8693 | 315 | |
e61fe664 MC |
316 | if wget "${wget_args[@]}" -P "$dl_path" \ |
317 | "${url}/${bin_ver}.tar.xz" "${url}/${bin_ver}.tar.xz.sig"; then | |
318 | _msg "${PAS}download completed." | |
6f4e8693 | 319 | else |
231e5f29 | 320 | die "could not download ${url}/${bin_ver}.tar.xz." |
6f4e8693 RW |
321 | fi |
322 | ||
d2532317 | 323 | pushd "${dl_path}" >/dev/null |
e61fe664 | 324 | if gpg --verify "${bin_ver}.tar.xz.sig" >/dev/null 2>&1; then |
6f4e8693 RW |
325 | _msg "${PAS}Signature is valid." |
326 | popd >/dev/null | |
327 | else | |
231e5f29 | 328 | die "could not verify the signature." |
6f4e8693 RW |
329 | fi |
330 | } | |
331 | ||
332 | sys_create_store() | |
333 | { # Unpack and install /gnu/store and /var/guix | |
334 | local pkg="$1" | |
335 | local tmp_path="$2" | |
336 | ||
e61fe664 | 337 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 | 338 | |
6f4e8693 | 339 | if [[ -e "/var/guix" || -e "/gnu" ]]; then |
231e5f29 | 340 | die "A previous Guix installation was found. Refusing to overwrite." |
6f4e8693 RW |
341 | fi |
342 | ||
74009c4c MC |
343 | cd "$tmp_path" |
344 | tar --extract --file "$pkg" && _msg "${PAS}unpacked archive" | |
345 | ||
346 | _msg "${INF}Installing /var/guix and /gnu..." | |
347 | mv "${tmp_path}/var/guix" /var/ | |
348 | mv "${tmp_path}/gnu" / | |
349 | ||
6f4e8693 | 350 | _msg "${INF}Linking the root user's profile" |
071f4e3d | 351 | mkdir -p ~root/.config/guix |
e9926f80 | 352 | ln -sf /var/guix/profiles/per-user/root/current-guix \ |
071f4e3d | 353 | ~root/.config/guix/current |
6f4e8693 | 354 | |
071f4e3d | 355 | GUIX_PROFILE=~root/.config/guix/current |
e61fe664 | 356 | # shellcheck disable=SC1090 |
6f4e8693 | 357 | source "${GUIX_PROFILE}/etc/profile" |
e61fe664 | 358 | _msg "${PAS}activated root profile at ${GUIX_PROFILE}" |
6f4e8693 RW |
359 | } |
360 | ||
361 | sys_create_build_user() | |
362 | { # Create the group and user accounts for build users. | |
363 | ||
e61fe664 | 364 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 | 365 | |
e61fe664 | 366 | if getent group guixbuild > /dev/null; then |
6f4e8693 RW |
367 | _msg "${INF}group guixbuild exists" |
368 | else | |
369 | groupadd --system guixbuild | |
370 | _msg "${PAS}group <guixbuild> created" | |
371 | fi | |
372 | ||
e61fe664 | 373 | if getent group kvm > /dev/null; then |
8e214c53 | 374 | _msg "${INF}group kvm exists and build users will be added to it" |
073904c5 | 375 | local KVMGROUP=,kvm |
8e214c53 LF |
376 | fi |
377 | ||
6f4e8693 RW |
378 | for i in $(seq -w 1 10); do |
379 | if id "guixbuilder${i}" &>/dev/null; then | |
380 | _msg "${INF}user is already in the system, reset" | |
8e214c53 | 381 | usermod -g guixbuild -G guixbuild${KVMGROUP} \ |
6f4e8693 RW |
382 | -d /var/empty -s "$(which nologin)" \ |
383 | -c "Guix build user $i" \ | |
384 | "guixbuilder${i}"; | |
385 | else | |
8e214c53 | 386 | useradd -g guixbuild -G guixbuild${KVMGROUP} \ |
6f4e8693 RW |
387 | -d /var/empty -s "$(which nologin)" \ |
388 | -c "Guix build user $i" --system \ | |
389 | "guixbuilder${i}"; | |
390 | _msg "${PAS}user added <guixbuilder${i}>" | |
391 | fi | |
392 | done | |
393 | } | |
394 | ||
395 | sys_enable_guix_daemon() | |
396 | { # Run the daemon, and set it to automatically start on boot. | |
397 | ||
398 | local info_path | |
399 | local local_bin | |
400 | local var_guix | |
401 | ||
e61fe664 | 402 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 RW |
403 | |
404 | info_path="/usr/local/share/info" | |
405 | local_bin="/usr/local/bin" | |
e9926f80 | 406 | var_guix="/var/guix/profiles/per-user/root/current-guix" |
6f4e8693 RW |
407 | |
408 | case "$INIT_SYS" in | |
409 | upstart) | |
410 | { initctl reload-configuration; | |
071f4e3d | 411 | cp ~root/.config/guix/current/lib/upstart/system/guix-daemon.conf \ |
6f4e8693 | 412 | /etc/init/ && |
4cbe0127 | 413 | configure_substitute_discovery /etc/init/guix-daemon.conf && |
6f4e8693 RW |
414 | start guix-daemon; } && |
415 | _msg "${PAS}enabled Guix daemon via upstart" | |
416 | ;; | |
417 | systemd) | |
1a1faa78 TGR |
418 | { # systemd .mount units must be named after the target directory. |
419 | # Here we assume a hard-coded name of /gnu/store. | |
ebbf9154 | 420 | # XXX Work around <https://issues.guix.gnu.org/41356> until next release. |
071f4e3d TGR |
421 | if [ -f ~root/.config/guix/current/lib/systemd/system/gnu-store.mount ]; then |
422 | cp ~root/.config/guix/current/lib/systemd/system/gnu-store.mount \ | |
ebbf9154 TGR |
423 | /etc/systemd/system/; |
424 | chmod 664 /etc/systemd/system/gnu-store.mount; | |
d6f303d4 TGR |
425 | systemctl daemon-reload && |
426 | systemctl enable gnu-store.mount; | |
ebbf9154 | 427 | fi |
1a1faa78 | 428 | |
071f4e3d | 429 | cp ~root/.config/guix/current/lib/systemd/system/guix-daemon.service \ |
6f4e8693 RW |
430 | /etc/systemd/system/; |
431 | chmod 664 /etc/systemd/system/guix-daemon.service; | |
e1e3fe08 | 432 | |
7c164068 VL |
433 | # Work around <https://bugs.gnu.org/36074>, present in 1.0.1. |
434 | sed -i /etc/systemd/system/guix-daemon.service \ | |
435 | -e "s/GUIX_LOCPATH='/'GUIX_LOCPATH=/"; | |
e1e3fe08 | 436 | |
7c164068 VL |
437 | # Work around <https://bugs.gnu.org/35671>, present in 1.0.1. |
438 | if ! grep en_US /etc/systemd/system/guix-daemon.service >/dev/null; | |
439 | then sed -i /etc/systemd/system/guix-daemon.service \ | |
440 | -e 's/^Environment=\(.*\)$/Environment=\1 LC_ALL=en_US.UTF-8'; | |
441 | fi; | |
e1e3fe08 | 442 | |
4cbe0127 MC |
443 | configure_substitute_discovery \ |
444 | /etc/systemd/system/guix-daemon.service | |
445 | ||
6f4e8693 | 446 | systemctl daemon-reload && |
d6f303d4 TGR |
447 | systemctl enable guix-daemon && |
448 | systemctl start guix-daemon; } && | |
6f4e8693 RW |
449 | _msg "${PAS}enabled Guix daemon via systemd" |
450 | ;; | |
fe60ef99 DM |
451 | sysv-init) |
452 | { mkdir -p /etc/init.d; | |
071f4e3d | 453 | cp ~root/.config/guix/current/etc/init.d/guix-daemon \ |
fe60ef99 DM |
454 | /etc/init.d/guix-daemon; |
455 | chmod 775 /etc/init.d/guix-daemon; | |
456 | ||
4cbe0127 MC |
457 | configure_substitute_discovery /etc/init.d/guix-daemon |
458 | ||
fe60ef99 DM |
459 | update-rc.d guix-daemon defaults && |
460 | update-rc.d guix-daemon enable && | |
461 | service guix-daemon start; } && | |
462 | _msg "${PAS}enabled Guix daemon via sysv" | |
463 | ;; | |
cabac732 MS |
464 | openrc) |
465 | { mkdir -p /etc/init.d; | |
071f4e3d | 466 | cp ~root/.config/guix/current/etc/openrc/guix-daemon \ |
cabac732 MS |
467 | /etc/init.d/guix-daemon; |
468 | chmod 775 /etc/init.d/guix-daemon; | |
469 | ||
4cbe0127 MC |
470 | configure_substitute_discovery /etc/init.d/guix-daemon |
471 | ||
cabac732 MS |
472 | rc-update add guix-daemon default && |
473 | rc-service guix-daemon start; } && | |
474 | _msg "${PAS}enabled Guix daemon via OpenRC" | |
475 | ;; | |
6f4e8693 RW |
476 | NA|*) |
477 | _msg "${ERR}unsupported init system; run the daemon manually:" | |
e61fe664 | 478 | echo " ~root/.config/guix/current/bin/guix-daemon --build-users-group=guixbuild" |
6f4e8693 RW |
479 | ;; |
480 | esac | |
481 | ||
482 | _msg "${INF}making the guix command available to other users" | |
483 | ||
484 | [ -e "$local_bin" ] || mkdir -p "$local_bin" | |
485 | ln -sf "${var_guix}/bin/guix" "$local_bin" | |
486 | ||
487 | [ -e "$info_path" ] || mkdir -p "$info_path" | |
b4a1252b | 488 | for i in "${var_guix}"/share/info/*; do |
6f4e8693 RW |
489 | ln -sf "$i" "$info_path" |
490 | done | |
491 | } | |
492 | ||
493 | sys_authorize_build_farms() | |
414c4de1 | 494 | { # authorize the public key of the build farm |
5b0ce339 | 495 | if prompt_yes_no "Permit downloading pre-built package binaries from the \ |
6a2e303d | 496 | project's build farm?"; then |
5b0ce339 | 497 | guix archive --authorize \ |
071f4e3d | 498 | < ~root/.config/guix/current/share/guix/ci.guix.gnu.org.pub \ |
5b0ce339 MC |
499 | && _msg "${PAS}Authorized public key for ci.guix.gnu.org" |
500 | else | |
501 | _msg "${INF}Skipped authorizing build farm public keys" | |
502 | fi | |
6f4e8693 RW |
503 | } |
504 | ||
30810aff | 505 | sys_create_init_profile() |
e61fe664 | 506 | { # Define for better desktop integration |
2ffd1314 | 507 | # This will not take effect until the next shell or desktop session! |
29ba58c0 | 508 | [ -d "/etc/profile.d" ] || mkdir /etc/profile.d # Just in case |
30810aff | 509 | cat <<"EOF" > /etc/profile.d/guix.sh |
23aafc80 PM |
510 | # Explicitly initialize XDG base directory variables to ease compatibility |
511 | # with Guix System: see <https://issues.guix.gnu.org/56050#3>. | |
512 | export XDG_DATA_HOME="${XDG_DATA_HOME:-$HOME/.local/share}" | |
513 | export XDG_CONFIG_HOME="${XDG_CONFIG_HOME:-$HOME/.config}" | |
514 | export XDG_STATE_HOME="${XDG_STATE_HOME:-$HOME/.local/state}" | |
515 | export XDG_DATA_DIRS="${XDG_DATA_DIRS:-/usr/local/share/:/usr/share/}" | |
516 | export XDG_CONFIG_DIRS="${XDG_CONFIG_DIRS:-/etc/xdg}" | |
517 | export XDG_CACHE_HOME="${XDG_CACHE_HOME:-$HOME/.cache}" | |
518 | # no default for XDG_RUNTIME_DIR (depends on foreign distro for semantics) | |
519 | ||
30810aff PG |
520 | # _GUIX_PROFILE: `guix pull` profile |
521 | _GUIX_PROFILE="$HOME/.config/guix/current" | |
9d34b04f JK |
522 | export PATH="$_GUIX_PROFILE/bin${PATH:+:}$PATH" |
523 | # Export INFOPATH so that the updated info pages can be found | |
524 | # and read by both /usr/bin/info and/or $GUIX_PROFILE/bin/info | |
525 | # When INFOPATH is unset, add a trailing colon so that Emacs | |
526 | # searches 'Info-default-directory-list'. | |
527 | export INFOPATH="$_GUIX_PROFILE/share/info:$INFOPATH" | |
30810aff PG |
528 | |
529 | # GUIX_PROFILE: User's default profile | |
3348e485 PM |
530 | # Prefer the one from 'guix home' if it exists. |
531 | GUIX_PROFILE="$HOME/.guix-home/profile" | |
532 | [ -L $GUIX_PROFILE ] || GUIX_PROFILE="$HOME/.guix-profile" | |
30810aff PG |
533 | [ -L $GUIX_PROFILE ] || return |
534 | GUIX_LOCPATH="$GUIX_PROFILE/lib/locale" | |
7f06567b | 535 | export GUIX_LOCPATH |
30810aff | 536 | |
e69b8bba | 537 | [ -f "$GUIX_PROFILE/etc/profile" ] && . "$GUIX_PROFILE/etc/profile" |
30810aff PG |
538 | |
539 | # set XDG_DATA_DIRS to include Guix installations | |
23aafc80 | 540 | export XDG_DATA_DIRS="$GUIX_PROFILE/share:$XDG_DATA_DIRS" |
30810aff PG |
541 | EOF |
542 | } | |
543 | ||
b3fba5ef | 544 | sys_create_shell_completion() |
545 | { # Symlink supported shell completions system-wide | |
546 | ||
547 | var_guix=/var/guix/profiles/per-user/root/current-guix | |
548 | bash_completion=/etc/bash_completion.d | |
549 | zsh_completion=/usr/share/zsh/site-functions | |
550 | fish_completion=/usr/share/fish/vendor_completions.d | |
551 | ||
552 | { # Just in case | |
553 | for dir_shell in $bash_completion $zsh_completion $fish_completion; do | |
554 | [ -d "$dir_shell" ] || mkdir -p $dir_shell | |
555 | done; | |
556 | ||
557 | ln -sf ${var_guix}/etc/bash_completion.d/* "$bash_completion"; | |
558 | ln -sf ${var_guix}/share/zsh/site-functions/* "$zsh_completion"; | |
559 | ln -sf ${var_guix}/share/fish/vendor_completions.d/* "$fish_completion"; } && | |
560 | _msg "${PAS}installed shell completion" | |
561 | } | |
562 | ||
9ca0f9e5 MC |
563 | sys_customize_bashrc() |
564 | { | |
565 | prompt_yes_no "Customize users Bash shell prompt for Guix?" || return | |
566 | for bashrc in /home/*/.bashrc /root/.bashrc; do | |
567 | test -f "$bashrc" || continue | |
568 | grep -Fq '$GUIX_ENVIRONMENT' "$bashrc" && continue | |
569 | cp "${bashrc}" "${bashrc}.bak" | |
570 | echo ' | |
571 | # Automatically added by the Guix install script. | |
572 | if [ -n "$GUIX_ENVIRONMENT" ]; then | |
573 | if [[ $PS1 =~ (.*)"\\$" ]]; then | |
574 | PS1="${BASH_REMATCH[1]} [env]\\\$ " | |
575 | fi | |
576 | fi | |
577 | ' >> "$bashrc" | |
578 | done | |
579 | _msg "${PAS}Bash shell prompt successfully customized for Guix" | |
580 | } | |
b3fba5ef | 581 | |
6f4e8693 RW |
582 | welcome() |
583 | { | |
a326e308 | 584 | local char |
6f4e8693 RW |
585 | cat<<"EOF" |
586 | ░░░ ░░░ | |
587 | ░░▒▒░░░░░░░░░ ░░░░░░░░░▒▒░░ | |
588 | ░░▒▒▒▒▒░░░░░░░ ░░░░░░░▒▒▒▒▒░ | |
589 | ░▒▒▒░░▒▒▒▒▒ ░░░░░░░▒▒░ | |
590 | ░▒▒▒▒░ ░░░░░░ | |
591 | ▒▒▒▒▒ ░░░░░░ | |
592 | ▒▒▒▒▒ ░░░░░ | |
593 | ░▒▒▒▒▒ ░░░░░ | |
594 | ▒▒▒▒▒ ░░░░░ | |
595 | ▒▒▒▒▒ ░░░░░ | |
596 | ░▒▒▒▒▒░░░░░ | |
597 | ▒▒▒▒▒▒░░░ | |
598 | ▒▒▒▒▒▒░ | |
599 | _____ _ _ _ _ _____ _ | |
600 | / ____| \ | | | | | / ____| (_) | |
601 | | | __| \| | | | | | | __ _ _ ___ __ | |
602 | | | |_ | . ' | | | | | | |_ | | | | \ \/ / | |
603 | | |__| | |\ | |__| | | |__| | |_| | |> < | |
604 | \_____|_| \_|\____/ \_____|\__,_|_/_/\_\ | |
605 | ||
606 | This script installs GNU Guix on your system | |
607 | ||
608 | https://www.gnu.org/software/guix/ | |
609 | EOF | |
0d2ad16c TGR |
610 | # Don't use ‘read -p’ here! It won't display when run non-interactively. |
611 | echo -n "Press return to continue..."$'\r' | |
a326e308 TGR |
612 | read -r char |
613 | if [ "$char" ]; then | |
614 | echo | |
615 | echo "...that ($char) was not a return!" | |
616 | _msg "${WAR}Use newlines to automate installation, e.g.: yes '' | ${0##*/}" | |
617 | _msg "${WAR}Any other method is unsupported and likely to break in future." | |
618 | fi | |
6f4e8693 RW |
619 | } |
620 | ||
621 | main() | |
622 | { | |
623 | local tmp_path | |
624 | welcome | |
625 | ||
626 | _msg "Starting installation ($(date))" | |
627 | ||
628 | chk_term | |
6c77d79a | 629 | chk_require "${REQUIRE[@]}" |
5d8e505c | 630 | chk_gpg_keyring |
6f4e8693 RW |
631 | chk_init_sys |
632 | chk_sys_arch | |
b2683a2b | 633 | chk_sys_nscd |
6f4e8693 RW |
634 | |
635 | _msg "${INF}system is ${ARCH_OS}" | |
636 | ||
32c06aff | 637 | umask 0022 |
6f4e8693 RW |
638 | tmp_path="$(mktemp -t -d guix.XXX)" |
639 | ||
51f95d4e MC |
640 | if [ -z "${GUIX_BINARY_FILE_NAME}" ]; then |
641 | guix_get_bin_list "${GNU_URL}" | |
642 | guix_get_bin "${GNU_URL}" "${BIN_VER}" "$tmp_path" | |
643 | GUIX_BINARY_FILE_NAME=${BIN_VER}.tar.xz | |
644 | else | |
645 | if ! [[ $GUIX_BINARY_FILE_NAME =~ $ARCH_OS ]]; then | |
646 | _err "$ARCH_OS not in ${GUIX_BINARY_FILE_NAME}; aborting" | |
647 | fi | |
e61fe664 | 648 | _msg "${INF}Using manually provided binary ${GUIX_BINARY_FILE_NAME}" |
18570922 | 649 | GUIX_BINARY_FILE_NAME=$(realpath "$GUIX_BINARY_FILE_NAME") |
51f95d4e | 650 | fi |
6f4e8693 | 651 | |
51f95d4e | 652 | sys_create_store "${GUIX_BINARY_FILE_NAME}" "${tmp_path}" |
6f4e8693 RW |
653 | sys_create_build_user |
654 | sys_enable_guix_daemon | |
655 | sys_authorize_build_farms | |
30810aff | 656 | sys_create_init_profile |
b3fba5ef | 657 | sys_create_shell_completion |
9ca0f9e5 | 658 | sys_customize_bashrc |
6f4e8693 RW |
659 | |
660 | _msg "${INF}cleaning up ${tmp_path}" | |
661 | rm -r "${tmp_path}" | |
662 | ||
663 | _msg "${PAS}Guix has successfully been installed!" | |
664 | _msg "${INF}Run 'info guix' to read the manual." | |
2ffd1314 TGR |
665 | |
666 | # Required to source /etc/profile in desktop environments. | |
667 | _msg "${INF}Please log out and back in to complete the installation." | |
6f4e8693 RW |
668 | } |
669 | ||
670 | main "$@" |