Commit | Line | Data |
---|---|---|
f5fdc54d | 1 | #!/bin/sh |
6f4e8693 RW |
2 | # GNU Guix --- Functional package management for GNU |
3 | # Copyright © 2017 sharlatan <sharlatanus@gmail.com> | |
4 | # Copyright © 2018 Ricardo Wurmus <rekado@elephly.net> | |
ea6b1bae | 5 | # Copyright © 2018 Efraim Flashner <efraim@flashner.co.il> |
ebbf9154 | 6 | # Copyright © 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr> |
cabac732 | 7 | # Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com> |
b3fba5ef | 8 | # Copyright © 2020 Simon Tournier <zimon.toutoune@gmail.com> |
8311e4e1 | 9 | # Copyright © 2020 Daniel Brooks <db48x@db48x.net> |
9d34b04f | 10 | # Copyright © 2021 Jakub Kądziołka <kuba@kadziolka.net> |
a16eb6c5 | 11 | # Copyright © 2021 Chris Marusich <cmmarusich@gmail.com> |
e61fe664 | 12 | # Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com> |
6f4e8693 RW |
13 | # |
14 | # This file is part of GNU Guix. | |
15 | # | |
16 | # GNU Guix is free software; you can redistribute it and/or modify it | |
17 | # under the terms of the GNU General Public License as published by | |
18 | # the Free Software Foundation; either version 3 of the License, or (at | |
19 | # your option) any later version. | |
20 | # | |
21 | # GNU Guix is distributed in the hope that it will be useful, but | |
22 | # WITHOUT ANY WARRANTY; without even the implied warranty of | |
23 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
24 | # GNU General Public License for more details. | |
25 | # | |
26 | # You should have received a copy of the GNU General Public License | |
27 | # along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
28 | ||
f5fdc54d LC |
29 | # We require Bash but for portability we'd rather not use /bin/bash or |
30 | # /usr/bin/env in the shebang, hence this hack. | |
31 | if [ "x$BASH_VERSION" = "x" ] | |
32 | then | |
33 | exec bash "$0" "$@" | |
34 | fi | |
35 | ||
6f4e8693 RW |
36 | set -e |
37 | ||
38 | [ "$UID" -eq 0 ] || { echo "This script must be run as root."; exit 1; } | |
39 | ||
40 | REQUIRE=( | |
41 | "dirname" | |
42 | "readlink" | |
43 | "wget" | |
44 | "gpg" | |
45 | "grep" | |
46 | "which" | |
47 | "sed" | |
48 | "sort" | |
49 | "getent" | |
50 | "mktemp" | |
51 | "rm" | |
52 | "chmod" | |
53 | "uname" | |
54 | "groupadd" | |
55 | "tail" | |
56 | "tr" | |
39939e30 | 57 | "xz" |
6f4e8693 RW |
58 | ) |
59 | ||
60 | PAS=$'[ \033[32;1mPASS\033[0m ] ' | |
61 | ERR=$'[ \033[31;1mFAIL\033[0m ] ' | |
b2683a2b | 62 | WAR=$'[ \033[33;1mWARN\033[0m ] ' |
6f4e8693 RW |
63 | INF="[ INFO ] " |
64 | ||
65 | DEBUG=0 | |
3a3e9f2b | 66 | GNU_URL="https://ftp.gnu.org/gnu/guix/" |
8311e4e1 | 67 | #GNU_URL="https://alpha.gnu.org/gnu/guix/" |
18570922 MC |
68 | |
69 | # The following associative array holds set of GPG keys used to sign the | |
70 | # releases, keyed by their corresponding Savannah user ID. | |
71 | declare -A GPG_SIGNING_KEYS | |
72 | GPG_SIGNING_KEYS[15145]=3CE464558A84FDC69DB40CFB090B11993D9AEBB5 # ludo | |
73 | GPG_SIGNING_KEYS[127547]=27D586A4F8900854329FF09F1260E46482E63562 # maxim | |
6f4e8693 RW |
74 | |
75 | # ------------------------------------------------------------------------------ | |
76 | #+UTILITIES | |
77 | ||
78 | _err() | |
79 | { # All errors go to stderr. | |
80 | printf "[%s]: %s\n" "$(date +%s.%3N)" "$1" | |
81 | } | |
82 | ||
83 | _msg() | |
84 | { # Default message to stdout. | |
85 | printf "[%s]: %s\n" "$(date +%s.%3N)" "$1" | |
86 | } | |
87 | ||
88 | _debug() | |
89 | { | |
90 | if [ "${DEBUG}" = '1' ]; then | |
91 | printf "[%s]: %s\n" "$(date +%s.%3N)" "$1" | |
92 | fi | |
93 | } | |
94 | ||
5b0ce339 MC |
95 | # Return true if user answered yes, false otherwise. |
96 | # $1: The prompt question. | |
97 | prompt_yes_no() { | |
98 | while true; do | |
4cbe0127 | 99 | read -rp "$1 " yn |
5b0ce339 MC |
100 | case $yn in |
101 | [Yy]*) return 0;; | |
102 | [Nn]*) return 1;; | |
103 | *) _msg "Please answer yes or no." | |
104 | esac | |
105 | done | |
106 | } | |
6f4e8693 RW |
107 | |
108 | chk_require() | |
109 | { # Check that every required command is available. | |
6f4e8693 | 110 | declare -a warn |
7a2e0c52 | 111 | local c |
6f4e8693 | 112 | |
e61fe664 | 113 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 | 114 | |
6c77d79a | 115 | for c in "$@"; do |
593fe736 | 116 | command -v "$c" &>/dev/null || warn+=("$c") |
6f4e8693 RW |
117 | done |
118 | ||
119 | [ "${#warn}" -ne 0 ] && | |
120 | { _err "${ERR}Missing commands: ${warn[*]}."; | |
121 | return 1; } | |
122 | ||
123 | _msg "${PAS}verification of required commands completed" | |
5d8e505c TGR |
124 | } |
125 | ||
126 | chk_gpg_keyring() | |
127 | { # Check whether the Guix release signing public key is present. | |
e61fe664 | 128 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
18570922 MC |
129 | local user_id |
130 | local gpg_key_id | |
131 | local exit_flag | |
132 | ||
133 | for user_id in "${!GPG_SIGNING_KEYS[@]}"; do | |
134 | gpg_key_id=${GPG_SIGNING_KEYS[$user_id]} | |
135 | # Without --dry-run this command will create a ~/.gnupg owned by root on | |
136 | # systems where gpg has never been used, causing errors and confusion. | |
137 | if ! gpg --dry-run --list-keys "$gpg_key_id" >/dev/null 2>&1; then | |
5b0ce339 MC |
138 | if prompt_yes_no "${INF}The following OpenPGP public key is \ |
139 | required to verify the Guix binary signature: $gpg_key_id. | |
140 | Would you like me to fetch it for you? (yes/no)"; then | |
141 | wget "https://sv.gnu.org/people/viewgpg.php?user_id=$user_id" \ | |
e4ed0b39 | 142 | --no-verbose -O- | gpg --import - |
5b0ce339 MC |
143 | else |
144 | _err "${ERR}Missing OpenPGP public key ($gpg_key_id). | |
145 | Fetch it with this command: | |
146 | ||
e4ed0b39 | 147 | wget \"https://sv.gnu.org/people/viewgpg.php?user_id=$user_id\" -O - | \ |
5b0ce339 MC |
148 | sudo -i gpg --import -" |
149 | exit_flag=yes | |
150 | fi | |
18570922 MC |
151 | fi |
152 | done | |
e61fe664 MC |
153 | if [ "$exit_flag" = yes ]; then |
154 | exit 1 | |
155 | fi | |
6f4e8693 RW |
156 | } |
157 | ||
158 | chk_term() | |
159 | { # Check for ANSI terminal for color printing. | |
6f4e8693 RW |
160 | if [ -t 2 ]; then |
161 | if [ "${TERM+set}" = 'set' ]; then | |
162 | case "$TERM" in | |
163 | xterm*|rxvt*|urxvt*|linux*|vt*|eterm*|screen*) | |
6f4e8693 RW |
164 | ;; |
165 | *) | |
6f4e8693 RW |
166 | ERR="[ FAIL ] " |
167 | PAS="[ PASS ] " | |
168 | ;; | |
169 | esac | |
170 | fi | |
171 | fi | |
172 | } | |
173 | ||
174 | chk_init_sys() | |
175 | { # Return init system type name. | |
176 | if [[ $(/sbin/init --version 2>/dev/null) =~ upstart ]]; then | |
177 | _msg "${INF}init system is: upstart" | |
178 | INIT_SYS="upstart" | |
179 | return 0 | |
dc1aede3 | 180 | elif [[ $(systemctl 2>/dev/null) =~ -\.mount ]]; then |
6f4e8693 RW |
181 | _msg "${INF}init system is: systemd" |
182 | INIT_SYS="systemd" | |
183 | return 0 | |
184 | elif [[ -f /etc/init.d/cron && ! -h /etc/init.d/cron ]]; then | |
185 | _msg "${INF}init system is: sysv-init" | |
186 | INIT_SYS="sysv-init" | |
187 | return 0 | |
cabac732 MS |
188 | elif [[ $(openrc --version 2>/dev/null) =~ \(OpenRC\) ]]; then |
189 | _msg "${INF}init system is: OpenRC" | |
190 | INIT_SYS="openrc" | |
191 | return 0 | |
6f4e8693 RW |
192 | else |
193 | INIT_SYS="NA" | |
194 | _err "${ERR}Init system could not be detected." | |
195 | fi | |
196 | } | |
197 | ||
198 | chk_sys_arch() | |
199 | { # Check for operating system and architecture type. | |
200 | local os | |
201 | local arch | |
202 | ||
203 | os="$(uname -s)" | |
204 | arch="$(uname -m)" | |
205 | ||
206 | case "$arch" in | |
207 | i386 | i486 | i686 | i786 | x86) | |
208 | local arch=i686 | |
209 | ;; | |
210 | x86_64 | x86-64 | x64 | amd64) | |
211 | local arch=x86_64 | |
212 | ;; | |
ea6b1bae EF |
213 | aarch64) |
214 | local arch=aarch64 | |
215 | ;; | |
7c164068 VL |
216 | armv7l) |
217 | local arch=armhf | |
218 | ;; | |
a16eb6c5 CM |
219 | ppc64le | powerpc64le) |
220 | local arch=powerpc64le | |
221 | ;; | |
6f4e8693 RW |
222 | *) |
223 | _err "${ERR}Unsupported CPU type: ${arch}" | |
224 | exit 1 | |
225 | esac | |
226 | ||
227 | case "$os" in | |
228 | Linux | linux) | |
229 | local os=linux | |
230 | ;; | |
231 | *) | |
232 | _err "${ERR}Your operation system (${os}) is not supported." | |
233 | exit 1 | |
234 | esac | |
235 | ||
236 | ARCH_OS="${arch}-${os}" | |
237 | } | |
238 | ||
b2683a2b | 239 | chk_sys_nscd() |
240 | { # Check if nscd is up and suggest to start it or install it | |
241 | if [ "$(type -P pidof)" ]; then | |
242 | if [ ! "$(pidof nscd)" ]; then | |
243 | _msg "${WAR}We recommend installing and/or starting your distribution 'nscd' service" | |
244 | _msg "${WAR}Please read 'info guix \"Application Setup\"' about \"Name Service Switch\"" | |
245 | fi | |
246 | else | |
247 | _msg "${INF}We cannot determine if your distribution 'nscd' service is running" | |
248 | _msg "${INF}Please read 'info guix \"Application Setup\"' about \"Name Service Switch\"" | |
249 | fi | |
250 | } | |
251 | ||
4cbe0127 MC |
252 | # Configure substitute discovery according to user's preferences. |
253 | # $1 is the installed service file to edit. | |
254 | configure_substitute_discovery() { | |
255 | if grep -q -- '--discover=no' "$1" && \ | |
256 | prompt_yes_no "Would you like the Guix daemon to automatically \ | |
257 | discover substitute servers on the local network? (yes/no)"; then | |
258 | sed -i 's/--discover=no/--discover=yes/' "$1" | |
259 | fi | |
260 | } | |
261 | ||
6f4e8693 RW |
262 | # ------------------------------------------------------------------------------ |
263 | #+MAIN | |
264 | ||
265 | guix_get_bin_list() | |
266 | { # Scan GNU archive and save list of binaries | |
267 | local gnu_url="$1" | |
268 | local -a bin_ver_ls | |
269 | local latest_ver | |
270 | local default_ver | |
271 | ||
e61fe664 | 272 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 RW |
273 | |
274 | # Filter only version and architecture | |
e4ed0b39 | 275 | bin_ver_ls=("$(wget "$gnu_url" --no-verbose -O- \ |
8311e4e1 | 276 | | sed -n -e 's/.*guix-binary-\([0-9.]*[a-z0-9]*\)\..*.tar.xz.*/\1/p' \ |
6f4e8693 RW |
277 | | sort -Vu)") |
278 | ||
1f4e878f | 279 | latest_ver="$(echo "${bin_ver_ls[0]}" \ |
8311e4e1 | 280 | | grep -oE "([0-9]{1,2}\.){2}[0-9]{1,2}[a-z0-9]*" \ |
6f4e8693 RW |
281 | | tail -n1)" |
282 | ||
283 | default_ver="guix-binary-${latest_ver}.${ARCH_OS}" | |
284 | ||
285 | if [[ "${#bin_ver_ls}" -ne "0" ]]; then | |
286 | _msg "${PAS}Release for your system: ${default_ver}" | |
287 | else | |
288 | _err "${ERR}Could not obtain list of Guix releases." | |
289 | exit 1 | |
290 | fi | |
291 | ||
292 | # Use default to download according to the list and local ARCH_OS. | |
1f4e878f | 293 | BIN_VER="${default_ver}" |
6f4e8693 RW |
294 | } |
295 | ||
296 | guix_get_bin() | |
297 | { # Download and verify binary package. | |
298 | local url="$1" | |
299 | local bin_ver="$2" | |
300 | local dl_path="$3" | |
e61fe664 | 301 | local wget_args=() |
6f4e8693 | 302 | |
e61fe664 | 303 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 RW |
304 | |
305 | _msg "${INF}Downloading Guix release archive" | |
306 | ||
e61fe664 | 307 | wget --help | grep -q '\--show-progress' \ |
e4ed0b39 | 308 | && wget_args=("--no-verbose" "--show-progress") |
6f4e8693 | 309 | |
e61fe664 MC |
310 | if wget "${wget_args[@]}" -P "$dl_path" \ |
311 | "${url}/${bin_ver}.tar.xz" "${url}/${bin_ver}.tar.xz.sig"; then | |
312 | _msg "${PAS}download completed." | |
6f4e8693 RW |
313 | else |
314 | _err "${ERR}could not download ${url}/${bin_ver}.tar.xz." | |
315 | exit 1 | |
316 | fi | |
317 | ||
d2532317 | 318 | pushd "${dl_path}" >/dev/null |
e61fe664 | 319 | if gpg --verify "${bin_ver}.tar.xz.sig" >/dev/null 2>&1; then |
6f4e8693 RW |
320 | _msg "${PAS}Signature is valid." |
321 | popd >/dev/null | |
322 | else | |
323 | _err "${ERR}could not verify the signature." | |
324 | exit 1 | |
325 | fi | |
326 | } | |
327 | ||
328 | sys_create_store() | |
329 | { # Unpack and install /gnu/store and /var/guix | |
330 | local pkg="$1" | |
331 | local tmp_path="$2" | |
332 | ||
e61fe664 | 333 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 | 334 | |
6f4e8693 RW |
335 | if [[ -e "/var/guix" || -e "/gnu" ]]; then |
336 | _err "${ERR}A previous Guix installation was found. Refusing to overwrite." | |
337 | exit 1 | |
6f4e8693 RW |
338 | fi |
339 | ||
74009c4c MC |
340 | cd "$tmp_path" |
341 | tar --extract --file "$pkg" && _msg "${PAS}unpacked archive" | |
342 | ||
343 | _msg "${INF}Installing /var/guix and /gnu..." | |
344 | mv "${tmp_path}/var/guix" /var/ | |
345 | mv "${tmp_path}/gnu" / | |
346 | ||
6f4e8693 | 347 | _msg "${INF}Linking the root user's profile" |
e61fe664 | 348 | mkdir -p "~root/.config/guix" |
e9926f80 | 349 | ln -sf /var/guix/profiles/per-user/root/current-guix \ |
e61fe664 | 350 | "~root/.config/guix/current" |
6f4e8693 | 351 | |
e61fe664 MC |
352 | GUIX_PROFILE="~root/.config/guix/current" |
353 | # shellcheck disable=SC1090 | |
6f4e8693 | 354 | source "${GUIX_PROFILE}/etc/profile" |
e61fe664 | 355 | _msg "${PAS}activated root profile at ${GUIX_PROFILE}" |
6f4e8693 RW |
356 | } |
357 | ||
358 | sys_create_build_user() | |
359 | { # Create the group and user accounts for build users. | |
360 | ||
e61fe664 | 361 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 | 362 | |
e61fe664 | 363 | if getent group guixbuild > /dev/null; then |
6f4e8693 RW |
364 | _msg "${INF}group guixbuild exists" |
365 | else | |
366 | groupadd --system guixbuild | |
367 | _msg "${PAS}group <guixbuild> created" | |
368 | fi | |
369 | ||
e61fe664 | 370 | if getent group kvm > /dev/null; then |
8e214c53 | 371 | _msg "${INF}group kvm exists and build users will be added to it" |
073904c5 | 372 | local KVMGROUP=,kvm |
8e214c53 LF |
373 | fi |
374 | ||
6f4e8693 RW |
375 | for i in $(seq -w 1 10); do |
376 | if id "guixbuilder${i}" &>/dev/null; then | |
377 | _msg "${INF}user is already in the system, reset" | |
8e214c53 | 378 | usermod -g guixbuild -G guixbuild${KVMGROUP} \ |
6f4e8693 RW |
379 | -d /var/empty -s "$(which nologin)" \ |
380 | -c "Guix build user $i" \ | |
381 | "guixbuilder${i}"; | |
382 | else | |
8e214c53 | 383 | useradd -g guixbuild -G guixbuild${KVMGROUP} \ |
6f4e8693 RW |
384 | -d /var/empty -s "$(which nologin)" \ |
385 | -c "Guix build user $i" --system \ | |
386 | "guixbuilder${i}"; | |
387 | _msg "${PAS}user added <guixbuilder${i}>" | |
388 | fi | |
389 | done | |
390 | } | |
391 | ||
392 | sys_enable_guix_daemon() | |
393 | { # Run the daemon, and set it to automatically start on boot. | |
394 | ||
395 | local info_path | |
396 | local local_bin | |
397 | local var_guix | |
398 | ||
e61fe664 | 399 | _debug "--- [ ${FUNCNAME[0]} ] ---" |
6f4e8693 RW |
400 | |
401 | info_path="/usr/local/share/info" | |
402 | local_bin="/usr/local/bin" | |
e9926f80 | 403 | var_guix="/var/guix/profiles/per-user/root/current-guix" |
6f4e8693 RW |
404 | |
405 | case "$INIT_SYS" in | |
406 | upstart) | |
407 | { initctl reload-configuration; | |
e61fe664 | 408 | cp "~root/.config/guix/current/lib/upstart/system/guix-daemon.conf" \ |
6f4e8693 | 409 | /etc/init/ && |
4cbe0127 | 410 | configure_substitute_discovery /etc/init/guix-daemon.conf && |
6f4e8693 RW |
411 | start guix-daemon; } && |
412 | _msg "${PAS}enabled Guix daemon via upstart" | |
413 | ;; | |
414 | systemd) | |
1a1faa78 TGR |
415 | { # systemd .mount units must be named after the target directory. |
416 | # Here we assume a hard-coded name of /gnu/store. | |
ebbf9154 | 417 | # XXX Work around <https://issues.guix.gnu.org/41356> until next release. |
e61fe664 MC |
418 | if [ -f "~root/.config/guix/current/lib/systemd/system/gnu-store.mount" ]; then |
419 | cp "~root/.config/guix/current/lib/systemd/system/gnu-store.mount" \ | |
ebbf9154 TGR |
420 | /etc/systemd/system/; |
421 | chmod 664 /etc/systemd/system/gnu-store.mount; | |
d6f303d4 TGR |
422 | systemctl daemon-reload && |
423 | systemctl enable gnu-store.mount; | |
ebbf9154 | 424 | fi |
1a1faa78 | 425 | |
e61fe664 | 426 | cp "~root/.config/guix/current/lib/systemd/system/guix-daemon.service" \ |
6f4e8693 RW |
427 | /etc/systemd/system/; |
428 | chmod 664 /etc/systemd/system/guix-daemon.service; | |
e1e3fe08 | 429 | |
7c164068 VL |
430 | # Work around <https://bugs.gnu.org/36074>, present in 1.0.1. |
431 | sed -i /etc/systemd/system/guix-daemon.service \ | |
432 | -e "s/GUIX_LOCPATH='/'GUIX_LOCPATH=/"; | |
e1e3fe08 | 433 | |
7c164068 VL |
434 | # Work around <https://bugs.gnu.org/35671>, present in 1.0.1. |
435 | if ! grep en_US /etc/systemd/system/guix-daemon.service >/dev/null; | |
436 | then sed -i /etc/systemd/system/guix-daemon.service \ | |
437 | -e 's/^Environment=\(.*\)$/Environment=\1 LC_ALL=en_US.UTF-8'; | |
438 | fi; | |
e1e3fe08 | 439 | |
4cbe0127 MC |
440 | configure_substitute_discovery \ |
441 | /etc/systemd/system/guix-daemon.service | |
442 | ||
6f4e8693 | 443 | systemctl daemon-reload && |
d6f303d4 TGR |
444 | systemctl enable guix-daemon && |
445 | systemctl start guix-daemon; } && | |
6f4e8693 RW |
446 | _msg "${PAS}enabled Guix daemon via systemd" |
447 | ;; | |
fe60ef99 DM |
448 | sysv-init) |
449 | { mkdir -p /etc/init.d; | |
e61fe664 | 450 | cp "~root/.config/guix/current/etc/init.d/guix-daemon" \ |
fe60ef99 DM |
451 | /etc/init.d/guix-daemon; |
452 | chmod 775 /etc/init.d/guix-daemon; | |
453 | ||
4cbe0127 MC |
454 | configure_substitute_discovery /etc/init.d/guix-daemon |
455 | ||
fe60ef99 DM |
456 | update-rc.d guix-daemon defaults && |
457 | update-rc.d guix-daemon enable && | |
458 | service guix-daemon start; } && | |
459 | _msg "${PAS}enabled Guix daemon via sysv" | |
460 | ;; | |
cabac732 MS |
461 | openrc) |
462 | { mkdir -p /etc/init.d; | |
e61fe664 | 463 | cp "~root/.config/guix/current/etc/openrc/guix-daemon" \ |
cabac732 MS |
464 | /etc/init.d/guix-daemon; |
465 | chmod 775 /etc/init.d/guix-daemon; | |
466 | ||
4cbe0127 MC |
467 | configure_substitute_discovery /etc/init.d/guix-daemon |
468 | ||
cabac732 MS |
469 | rc-update add guix-daemon default && |
470 | rc-service guix-daemon start; } && | |
471 | _msg "${PAS}enabled Guix daemon via OpenRC" | |
472 | ;; | |
6f4e8693 RW |
473 | NA|*) |
474 | _msg "${ERR}unsupported init system; run the daemon manually:" | |
e61fe664 | 475 | echo " ~root/.config/guix/current/bin/guix-daemon --build-users-group=guixbuild" |
6f4e8693 RW |
476 | ;; |
477 | esac | |
478 | ||
479 | _msg "${INF}making the guix command available to other users" | |
480 | ||
481 | [ -e "$local_bin" ] || mkdir -p "$local_bin" | |
482 | ln -sf "${var_guix}/bin/guix" "$local_bin" | |
483 | ||
484 | [ -e "$info_path" ] || mkdir -p "$info_path" | |
b4a1252b | 485 | for i in "${var_guix}"/share/info/*; do |
6f4e8693 RW |
486 | ln -sf "$i" "$info_path" |
487 | done | |
488 | } | |
489 | ||
490 | sys_authorize_build_farms() | |
414c4de1 | 491 | { # authorize the public key of the build farm |
5b0ce339 | 492 | if prompt_yes_no "Permit downloading pre-built package binaries from the \ |
4cbe0127 | 493 | project's build farm? (yes/no)"; then |
5b0ce339 MC |
494 | guix archive --authorize \ |
495 | < "~root/.config/guix/current/share/guix/ci.guix.gnu.org.pub" \ | |
496 | && _msg "${PAS}Authorized public key for ci.guix.gnu.org" | |
497 | else | |
498 | _msg "${INF}Skipped authorizing build farm public keys" | |
499 | fi | |
6f4e8693 RW |
500 | } |
501 | ||
30810aff | 502 | sys_create_init_profile() |
e61fe664 | 503 | { # Define for better desktop integration |
2ffd1314 | 504 | # This will not take effect until the next shell or desktop session! |
29ba58c0 | 505 | [ -d "/etc/profile.d" ] || mkdir /etc/profile.d # Just in case |
30810aff PG |
506 | cat <<"EOF" > /etc/profile.d/guix.sh |
507 | # _GUIX_PROFILE: `guix pull` profile | |
508 | _GUIX_PROFILE="$HOME/.config/guix/current" | |
9d34b04f JK |
509 | export PATH="$_GUIX_PROFILE/bin${PATH:+:}$PATH" |
510 | # Export INFOPATH so that the updated info pages can be found | |
511 | # and read by both /usr/bin/info and/or $GUIX_PROFILE/bin/info | |
512 | # When INFOPATH is unset, add a trailing colon so that Emacs | |
513 | # searches 'Info-default-directory-list'. | |
514 | export INFOPATH="$_GUIX_PROFILE/share/info:$INFOPATH" | |
30810aff PG |
515 | |
516 | # GUIX_PROFILE: User's default profile | |
517 | GUIX_PROFILE="$HOME/.guix-profile" | |
518 | [ -L $GUIX_PROFILE ] || return | |
519 | GUIX_LOCPATH="$GUIX_PROFILE/lib/locale" | |
7f06567b | 520 | export GUIX_LOCPATH |
30810aff | 521 | |
e69b8bba | 522 | [ -f "$GUIX_PROFILE/etc/profile" ] && . "$GUIX_PROFILE/etc/profile" |
30810aff PG |
523 | |
524 | # set XDG_DATA_DIRS to include Guix installations | |
7ff169d0 | 525 | export XDG_DATA_DIRS="$GUIX_PROFILE/share:${XDG_DATA_DIRS:-/usr/local/share/:/usr/share/}" |
30810aff PG |
526 | EOF |
527 | } | |
528 | ||
b3fba5ef | 529 | sys_create_shell_completion() |
530 | { # Symlink supported shell completions system-wide | |
531 | ||
532 | var_guix=/var/guix/profiles/per-user/root/current-guix | |
533 | bash_completion=/etc/bash_completion.d | |
534 | zsh_completion=/usr/share/zsh/site-functions | |
535 | fish_completion=/usr/share/fish/vendor_completions.d | |
536 | ||
537 | { # Just in case | |
538 | for dir_shell in $bash_completion $zsh_completion $fish_completion; do | |
539 | [ -d "$dir_shell" ] || mkdir -p $dir_shell | |
540 | done; | |
541 | ||
542 | ln -sf ${var_guix}/etc/bash_completion.d/* "$bash_completion"; | |
543 | ln -sf ${var_guix}/share/zsh/site-functions/* "$zsh_completion"; | |
544 | ln -sf ${var_guix}/share/fish/vendor_completions.d/* "$fish_completion"; } && | |
545 | _msg "${PAS}installed shell completion" | |
546 | } | |
547 | ||
548 | ||
6f4e8693 RW |
549 | welcome() |
550 | { | |
551 | cat<<"EOF" | |
552 | ░░░ ░░░ | |
553 | ░░▒▒░░░░░░░░░ ░░░░░░░░░▒▒░░ | |
554 | ░░▒▒▒▒▒░░░░░░░ ░░░░░░░▒▒▒▒▒░ | |
555 | ░▒▒▒░░▒▒▒▒▒ ░░░░░░░▒▒░ | |
556 | ░▒▒▒▒░ ░░░░░░ | |
557 | ▒▒▒▒▒ ░░░░░░ | |
558 | ▒▒▒▒▒ ░░░░░ | |
559 | ░▒▒▒▒▒ ░░░░░ | |
560 | ▒▒▒▒▒ ░░░░░ | |
561 | ▒▒▒▒▒ ░░░░░ | |
562 | ░▒▒▒▒▒░░░░░ | |
563 | ▒▒▒▒▒▒░░░ | |
564 | ▒▒▒▒▒▒░ | |
565 | _____ _ _ _ _ _____ _ | |
566 | / ____| \ | | | | | / ____| (_) | |
567 | | | __| \| | | | | | | __ _ _ ___ __ | |
568 | | | |_ | . ' | | | | | | |_ | | | | \ \/ / | |
569 | | |__| | |\ | |__| | | |__| | |_| | |> < | |
570 | \_____|_| \_|\____/ \_____|\__,_|_/_/\_\ | |
571 | ||
572 | This script installs GNU Guix on your system | |
573 | ||
574 | https://www.gnu.org/software/guix/ | |
575 | EOF | |
576 | echo -n "Press return to continue..." | |
e61fe664 | 577 | read -r |
6f4e8693 RW |
578 | } |
579 | ||
580 | main() | |
581 | { | |
582 | local tmp_path | |
583 | welcome | |
584 | ||
585 | _msg "Starting installation ($(date))" | |
586 | ||
587 | chk_term | |
6c77d79a | 588 | chk_require "${REQUIRE[@]}" |
5d8e505c | 589 | chk_gpg_keyring |
6f4e8693 RW |
590 | chk_init_sys |
591 | chk_sys_arch | |
b2683a2b | 592 | chk_sys_nscd |
6f4e8693 RW |
593 | |
594 | _msg "${INF}system is ${ARCH_OS}" | |
595 | ||
32c06aff | 596 | umask 0022 |
6f4e8693 RW |
597 | tmp_path="$(mktemp -t -d guix.XXX)" |
598 | ||
51f95d4e MC |
599 | if [ -z "${GUIX_BINARY_FILE_NAME}" ]; then |
600 | guix_get_bin_list "${GNU_URL}" | |
601 | guix_get_bin "${GNU_URL}" "${BIN_VER}" "$tmp_path" | |
602 | GUIX_BINARY_FILE_NAME=${BIN_VER}.tar.xz | |
603 | else | |
604 | if ! [[ $GUIX_BINARY_FILE_NAME =~ $ARCH_OS ]]; then | |
605 | _err "$ARCH_OS not in ${GUIX_BINARY_FILE_NAME}; aborting" | |
606 | fi | |
e61fe664 | 607 | _msg "${INF}Using manually provided binary ${GUIX_BINARY_FILE_NAME}" |
18570922 | 608 | GUIX_BINARY_FILE_NAME=$(realpath "$GUIX_BINARY_FILE_NAME") |
51f95d4e | 609 | fi |
6f4e8693 | 610 | |
51f95d4e | 611 | sys_create_store "${GUIX_BINARY_FILE_NAME}" "${tmp_path}" |
6f4e8693 RW |
612 | sys_create_build_user |
613 | sys_enable_guix_daemon | |
614 | sys_authorize_build_farms | |
30810aff | 615 | sys_create_init_profile |
b3fba5ef | 616 | sys_create_shell_completion |
6f4e8693 RW |
617 | |
618 | _msg "${INF}cleaning up ${tmp_path}" | |
619 | rm -r "${tmp_path}" | |
620 | ||
621 | _msg "${PAS}Guix has successfully been installed!" | |
622 | _msg "${INF}Run 'info guix' to read the manual." | |
2ffd1314 TGR |
623 | |
624 | # Required to source /etc/profile in desktop environments. | |
625 | _msg "${INF}Please log out and back in to complete the installation." | |
6f4e8693 RW |
626 | } |
627 | ||
628 | main "$@" |