X-Git-Url: http://git.hcoop.net/jackhill/guix/guix.git/blobdiff_plain/bee7bb315cd0b4529a4117b6220c29ca297fc023..0758a70cc008171f31c848128deca9803536fe60:/etc/guix-install.sh diff --git a/etc/guix-install.sh b/etc/guix-install.sh index 75cff68d8b..bd3ab901ad 100755 --- a/etc/guix-install.sh +++ b/etc/guix-install.sh @@ -1,7 +1,9 @@ -#!/bin/bash +#!/bin/sh # GNU Guix --- Functional package management for GNU # Copyright © 2017 sharlatan # Copyright © 2018 Ricardo Wurmus +# Copyright © 2018 Efraim Flashner +# Copyright © 2019 Tobias Geerinckx-Rice # # This file is part of GNU Guix. # @@ -18,6 +20,13 @@ # You should have received a copy of the GNU General Public License # along with GNU Guix. If not, see . +# We require Bash but for portability we'd rather not use /bin/bash or +# /usr/bin/env in the shebang, hence this hack. +if [ "x$BASH_VERSION" = "x" ] +then + exec bash "$0" "$@" +fi + set -e [ "$UID" -eq 0 ] || { echo "This script must be run as root."; exit 1; } @@ -46,9 +55,14 @@ ERR=$'[ \033[31;1mFAIL\033[0m ] ' INF="[ INFO ] " DEBUG=0 -GNU_URL="https://alpha.gnu.org/gnu/guix/" +GNU_URL="https://ftp.gnu.org/gnu/guix/" OPENPGP_SIGNING_KEY_ID="3CE464558A84FDC69DB40CFB090B11993D9AEBB5" +# This script needs to know where root's home directory is. However, we +# cannot simply use the HOME environment variable, since there is no guarantee +# that it points to root's home directory. +ROOT_HOME="$(echo ~root)" + # ------------------------------------------------------------------------------ #+UTILITIES @@ -72,17 +86,13 @@ _debug() chk_require() { # Check that every required command is available. - declare -a cmds declare -a warn - - cmds=(${1}) + local c _debug "--- [ $FUNCNAME ] ---" - for c in ${cmds[@]}; do - command -v "$c" &>/dev/null - [ "$?" -eq "1" ] && - warn+=("$c") + for c in "$@"; do + command -v "$c" &>/dev/null || warn+=("$c") done [ "${#warn}" -ne 0 ] && @@ -90,10 +100,17 @@ chk_require() return 1; } _msg "${PAS}verification of required commands completed" +} + +chk_gpg_keyring() +{ # Check whether the Guix release signing public key is present. + _debug "--- [ $FUNCNAME ] ---" - gpg --list-keys ${OPENPGP_SIGNING_KEY_ID} >/dev/null 2>&1 || ( + # Without --dry-run this command will create a ~/.gnupg owned by root on + # systems where gpg has never been used, causing errors and confusion. + gpg --dry-run --list-keys ${OPENPGP_SIGNING_KEY_ID} >/dev/null 2>&1 || ( _err "${ERR}Missing OpenPGP public key. Fetch it with this command:" - echo " gpg --keyserver pgp.mit.edu --recv-keys ${OPENPGP_SIGNING_KEY_ID}" + echo " wget https://sv.gnu.org/people/viewgpg.php?user_id=15145 -qO - | gpg --import -" exit 1 ) } @@ -153,6 +170,12 @@ chk_sys_arch() x86_64 | x86-64 | x64 | amd64) local arch=x86_64 ;; + aarch64) + local arch=aarch64 + ;; + armv7l) + local arch=armhf + ;; *) _err "${ERR}Unsupported CPU type: ${arch}" exit 1 @@ -259,12 +282,13 @@ sys_create_store() fi _msg "${INF}Linking the root user's profile" - ln -sf /var/guix/profiles/per-user/root/guix-profile \ - ~root/.guix-profile + mkdir -p "${ROOT_HOME}/.config/guix" + ln -sf /var/guix/profiles/per-user/root/current-guix \ + "${ROOT_HOME}/.config/guix/current" - GUIX_PROFILE="${HOME}/.guix-profile" + GUIX_PROFILE="${ROOT_HOME}/.config/guix/current" source "${GUIX_PROFILE}/etc/profile" - _msg "${PAS}activated root profile at /root/.guix-profile" + _msg "${PAS}activated root profile at ${ROOT_HOME}/.config/guix/current" } sys_create_build_user() @@ -307,20 +331,31 @@ sys_enable_guix_daemon() info_path="/usr/local/share/info" local_bin="/usr/local/bin" - var_guix="/var/guix/profiles/per-user/root/guix-profile" + var_guix="/var/guix/profiles/per-user/root/current-guix" case "$INIT_SYS" in upstart) { initctl reload-configuration; - cp ~root/.guix-profile/lib/upstart/system/guix-daemon.conf \ + cp "${ROOT_HOME}/.config/guix/current/lib/upstart/system/guix-daemon.conf" \ /etc/init/ && start guix-daemon; } && _msg "${PAS}enabled Guix daemon via upstart" ;; systemd) - { cp ~root/.guix-profile/lib/systemd/system/guix-daemon.service \ + { cp "${ROOT_HOME}/.config/guix/current/lib/systemd/system/guix-daemon.service" \ /etc/systemd/system/; chmod 664 /etc/systemd/system/guix-daemon.service; + + # Work around , present in 1.0.1. + sed -i /etc/systemd/system/guix-daemon.service \ + -e "s/GUIX_LOCPATH='/'GUIX_LOCPATH=/"; + + # Work around , present in 1.0.1. + if ! grep en_US /etc/systemd/system/guix-daemon.service >/dev/null; + then sed -i /etc/systemd/system/guix-daemon.service \ + -e 's/^Environment=\(.*\)$/Environment=\1 LC_ALL=en_US.UTF-8'; + fi; + systemctl daemon-reload && systemctl start guix-daemon && systemctl enable guix-daemon; } && @@ -328,7 +363,7 @@ sys_enable_guix_daemon() ;; NA|*) _msg "${ERR}unsupported init system; run the daemon manually:" - echo " ~root/.guix-profile/bin/guix-daemon --build-users-group=guixbuild" + echo " ${ROOT_HOME}/.config/guix/current/bin/guix-daemon --build-users-group=guixbuild" ;; esac @@ -344,14 +379,12 @@ sys_enable_guix_daemon() } sys_authorize_build_farms() -{ # authorize the public keys of the two build farms +{ # authorize the public key of the build farm while true; do - read -p "Permit downloading pre-built package binaries from the project's build farms? (yes/no) " yn + read -p "Permit downloading pre-built package binaries from the project's build farm? (yes/no) " yn case $yn in - [Yy]*) guix archive --authorize < ~root/.guix-profile/share/guix/hydra.gnu.org.pub && - _msg "${PAS}Authorized public key for hydra.gnu.org"; - guix archive --authorize < ~root/.guix-profile/share/guix/berlin.guixsd.org.pub && - _msg "${PAS}Authorized public key for berlin.guixsd.org"; + [Yy]*) guix archive --authorize < "${ROOT_HOME}/.config/guix/current/share/guix/ci.guix.gnu.org.pub" && + _msg "${PAS}Authorized public key for ci.guix.gnu.org"; break;; [Nn]*) _msg "${INF}Skipped authorizing build farm public keys" break;; @@ -399,7 +432,8 @@ main() _msg "Starting installation ($(date))" chk_term - chk_require "${REQUIRE[*]}" + chk_require "${REQUIRE[@]}" + chk_gpg_keyring chk_init_sys chk_sys_arch