[jackhill/guix/guix.git] / etc / guix-install.sh

#!/bin/bash
# GNU Guix --- Functional package management for GNU
# Copyright © 2017 sharlatan <sharlatanus@gmail.com>
# Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
# Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
#
# This file is part of GNU Guix.
#
# GNU Guix is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or (at
# your option) any later version.
#
# GNU Guix is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

set -e

[ "$UID" -eq 0 ] || { echo "This script must be run as root."; exit 1; }

REQUIRE=(
    "dirname"
    "readlink"
    "wget"
    "gpg"
    "grep"
    "which"
    "sed"
    "sort"
    "getent"
    "mktemp"
    "rm"
    "chmod"
    "uname"
    "groupadd"
    "tail"
    "tr"
)

PAS=$'[ \033[32;1mPASS\033[0m ] '
ERR=$'[ \033[31;1mFAIL\033[0m ] '
INF="[ INFO ] "

DEBUG=0
GNU_URL="https://alpha.gnu.org/gnu/guix/"
OPENPGP_SIGNING_KEY_ID="3CE464558A84FDC69DB40CFB090B11993D9AEBB5"

# This script needs to know where root's home directory is.  However, we
# cannot simply use the HOME environment variable, since there is no guarantee
# that it points to root's home directory.
ROOT_HOME="$(echo ~root)"

# ------------------------------------------------------------------------------
#+UTILITIES

_err()
{ # All errors go to stderr.
    printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
}

_msg()
{ # Default message to stdout.
    printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
}

_debug()
{
    if [ "${DEBUG}" = '1' ]; then
        printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
    fi
}


chk_require()
{ # Check that every required command is available.
    declare -a cmds
    declare -a warn

    cmds=(${1})

    _debug "--- [ $FUNCNAME ] ---"

    for c in ${cmds[@]}; do
        command -v "$c" &>/dev/null
        [ "$?" -eq "1" ] &&
            warn+=("$c")
    done

    [ "${#warn}" -ne 0 ] &&
        { _err "${ERR}Missing commands: ${warn[*]}.";
          return 1; }
    
    _msg "${PAS}verification of required commands completed"

    gpg --list-keys ${OPENPGP_SIGNING_KEY_ID} >/dev/null 2>&1 || (
        _err "${ERR}Missing OpenPGP public key.  Fetch it with this command:"
        echo "  gpg --keyserver pgp.mit.edu --recv-keys ${OPENPGP_SIGNING_KEY_ID}"
        exit 1
    )
}

chk_term()
{ # Check for ANSI terminal for color printing.
    local ansi_term

    if [ -t 2 ]; then
        if [ "${TERM+set}" = 'set' ]; then
            case "$TERM" in
                xterm*|rxvt*|urxvt*|linux*|vt*|eterm*|screen*)
                    ansi_term=true
                    ;;
                *)
                    ansi_term=false
                    ERR="[ FAIL ] "
                    PAS="[ PASS ] "
                    ;;
            esac
        fi
    fi
}

chk_init_sys()
{ # Return init system type name.
    if [[ $(/sbin/init --version 2>/dev/null) =~ upstart ]]; then
        _msg "${INF}init system is: upstart"
        INIT_SYS="upstart"
        return 0
    elif [[ $(systemctl) =~ -\.mount ]]; then
        _msg "${INF}init system is: systemd"
        INIT_SYS="systemd"
        return 0
    elif [[ -f /etc/init.d/cron && ! -h /etc/init.d/cron ]]; then
        _msg "${INF}init system is: sysv-init"
        INIT_SYS="sysv-init"
        return 0
    else
        INIT_SYS="NA"
        _err "${ERR}Init system could not be detected."
    fi
}

chk_sys_arch()
{ # Check for operating system and architecture type.
    local os
    local arch

    os="$(uname -s)"
    arch="$(uname -m)"

    case "$arch" in
        i386 | i486 | i686 | i786 | x86)
            local arch=i686
            ;;
        x86_64 | x86-64 | x64 | amd64)
            local arch=x86_64
            ;;
        aarch64)
            local arch=aarch64
            ;;
        *)
            _err "${ERR}Unsupported CPU type: ${arch}"
            exit 1
    esac

    case "$os" in
        Linux | linux)
            local os=linux
            ;;
        *)
            _err "${ERR}Your operation system (${os}) is not supported."
            exit 1
    esac

    ARCH_OS="${arch}-${os}"
}

# ------------------------------------------------------------------------------
#+MAIN

guix_get_bin_list()
{ # Scan GNU archive and save list of binaries
    local gnu_url="$1"
    local -a bin_ver_ls
    local latest_ver
    local default_ver

    _debug "--- [ $FUNCNAME ] ---"

    # Filter only version and architecture
    bin_ver_ls=("$(wget -qO- "$gnu_url" \
        | sed -n -e 's/.*guix-binary-\([0-9.]*\)\..*.tar.xz.*/\1/p' \
        | sort -Vu)")

    latest_ver="$(echo "$bin_ver_ls" \
                       | grep -oP "([0-9]{1,2}\.){2}[0-9]{1,2}" \
                       | tail -n1)"

    default_ver="guix-binary-${latest_ver}.${ARCH_OS}"

    if [[ "${#bin_ver_ls}" -ne "0" ]]; then
        _msg "${PAS}Release for your system: ${default_ver}"
    else
        _err "${ERR}Could not obtain list of Guix releases."
        exit 1
    fi

    # Use default to download according to the list and local ARCH_OS.
    BIN_VER="$default_ver"
}

guix_get_bin()
{ # Download and verify binary package.
    local url="$1"
    local bin_ver="$2"
    local dl_path="$3"

    _debug "--- [ $FUNCNAME ] ---"

    _msg "${INF}Downloading Guix release archive"

    wget --help | grep -q '\--show-progress' && \
        _PROGRESS_OPT="-q --show-progress" || _PROGRESS_OPT=""
    wget $_PROGRESS_OPT -P "$dl_path" "${url}/${bin_ver}.tar.xz" "${url}/${bin_ver}.tar.xz.sig"

    if [[ "$?" -eq 0 ]]; then
       _msg "${PAS}download completed."
    else
        _err "${ERR}could not download ${url}/${bin_ver}.tar.xz."
        exit 1
    fi

    pushd $dl_path >/dev/null
    gpg --verify "${bin_ver}.tar.xz.sig" >/dev/null 2>&1
    if [[ "$?" -eq 0 ]]; then
        _msg "${PAS}Signature is valid."
        popd >/dev/null
    else
        _err "${ERR}could not verify the signature."
        exit 1
    fi
}

sys_create_store()
{ # Unpack and install /gnu/store and /var/guix
    local pkg="$1"
    local tmp_path="$2"

    _debug "--- [ $FUNCNAME ] ---"

    cd "$tmp_path"
    tar --warning=no-timestamp \
        --extract \
        --file "$pkg" &&
    _msg "${PAS}unpacked archive"

    if [[ -e "/var/guix" || -e "/gnu" ]]; then
        _err "${ERR}A previous Guix installation was found.  Refusing to overwrite."
        exit 1
    else
        _msg "${INF}Installing /var/guix and /gnu..."
        mv "${tmp_path}/var/guix" /var/
        mv "${tmp_path}/gnu" /
    fi

    _msg "${INF}Linking the root user's profile"
    ln -sf /var/guix/profiles/per-user/root/guix-profile \
       "${ROOT_HOME}/.guix-profile"

    GUIX_PROFILE="${ROOT_HOME}/.guix-profile"
    source "${GUIX_PROFILE}/etc/profile"
    _msg "${PAS}activated root profile at /root/.guix-profile"
}

sys_create_build_user()
{ # Create the group and user accounts for build users.

    _debug "--- [ $FUNCNAME ] ---"

    if [ $(getent group guixbuild) ]; then
        _msg "${INF}group guixbuild exists"
    else
        groupadd --system guixbuild
        _msg "${PAS}group <guixbuild> created"
    fi

    for i in $(seq -w 1 10); do
        if id "guixbuilder${i}" &>/dev/null; then
            _msg "${INF}user is already in the system, reset"
            usermod -g guixbuild -G guixbuild           \
                    -d /var/empty -s "$(which nologin)" \
                    -c "Guix build user $i"             \
                    "guixbuilder${i}";
        else
            useradd -g guixbuild -G guixbuild           \
                    -d /var/empty -s "$(which nologin)" \
                    -c "Guix build user $i" --system    \
                    "guixbuilder${i}";
            _msg "${PAS}user added <guixbuilder${i}>"
        fi
    done
}

sys_enable_guix_daemon()
{ # Run the daemon, and set it to automatically start on boot.

    local info_path
    local local_bin
    local var_guix

    _debug "--- [ $FUNCNAME ] ---"

    info_path="/usr/local/share/info"
    local_bin="/usr/local/bin"
    var_guix="/var/guix/profiles/per-user/root/guix-profile"

    case "$INIT_SYS" in
        upstart)
            { initctl reload-configuration;
              cp "${ROOT_HOME}/.guix-profile/lib/upstart/system/guix-daemon.conf" \
                 /etc/init/ &&
                  start guix-daemon; } &&
                _msg "${PAS}enabled Guix daemon via upstart"
            ;;
        systemd)
            { cp "${ROOT_HOME}/.guix-profile/lib/systemd/system/guix-daemon.service" \
                 /etc/systemd/system/;
              chmod 664 /etc/systemd/system/guix-daemon.service;
              systemctl daemon-reload &&
                  systemctl start guix-daemon &&
                  systemctl enable guix-daemon; } &&
                _msg "${PAS}enabled Guix daemon via systemd"
            ;;
        NA|*)
            _msg "${ERR}unsupported init system; run the daemon manually:"
            echo "  ${ROOT_HOME}/.guix-profile/bin/guix-daemon --build-users-group=guixbuild"
            ;;
    esac

    _msg "${INF}making the guix command available to other users"

    [ -e "$local_bin" ] || mkdir -p "$local_bin"
    ln -sf "${var_guix}/bin/guix"  "$local_bin"

    [ -e "$info_path" ] || mkdir -p "$info_path"
    for i in ${var_guix}/share/info/*; do
        ln -sf "$i" "$info_path"
    done
}

sys_authorize_build_farms()
{ # authorize the public keys of the two build farms
    while true; do
        read -p "Permit downloading pre-built package binaries from the project's build farms? (yes/no) " yn
        case $yn in
            [Yy]*) guix archive --authorize < "${ROOT_HOME}/.guix-profile/share/guix/hydra.gnu.org.pub" &&
                         _msg "${PAS}Authorized public key for hydra.gnu.org";
                   guix archive --authorize < "${ROOT_HOME}/.guix-profile/share/guix/berlin.guixsd.org.pub" &&
                       _msg "${PAS}Authorized public key for berlin.guixsd.org";
                   break;;
            [Nn]*) _msg "${INF}Skipped authorizing build farm public keys"
                   break;;
            *) _msg "Please answer yes or no.";
        esac
    done
}

welcome()
{
    cat<<"EOF"
    ░░░                                     ░░░
    ░░▒▒░░░░░░░░░               ░░░░░░░░░▒▒░░
     ░░▒▒▒▒▒░░░░░░░           ░░░░░░░▒▒▒▒▒░
         ░▒▒▒░░▒▒▒▒▒         ░░░░░░░▒▒░
               ░▒▒▒▒░       ░░░░░░
                ▒▒▒▒▒      ░░░░░░
                 ▒▒▒▒▒     ░░░░░
                 ░▒▒▒▒▒   ░░░░░
                  ▒▒▒▒▒   ░░░░░
                   ▒▒▒▒▒ ░░░░░
                   ░▒▒▒▒▒░░░░░
                    ▒▒▒▒▒▒░░░
                     ▒▒▒▒▒▒░
     _____ _   _ _    _    _____       _
    / ____| \ | | |  | |  / ____|     (_)
   | |  __|  \| | |  | | | |  __ _   _ ___  __
   | | |_ | . ' | |  | | | | |_ | | | | \ \/ /
   | |__| | |\  | |__| | | |__| | |_| | |>  <
    \_____|_| \_|\____/   \_____|\__,_|_/_/\_\

This script installs GNU Guix on your system

https://www.gnu.org/software/guix/
EOF
    echo -n "Press return to continue..."
    read -r  ANSWER
}

main()
{
    local tmp_path
    welcome

    _msg "Starting installation ($(date))"

    chk_term
    chk_require "${REQUIRE[*]}"
    chk_init_sys
    chk_sys_arch

    _msg "${INF}system is ${ARCH_OS}"

    tmp_path="$(mktemp -t -d guix.XXX)"

    guix_get_bin_list "${GNU_URL}"
    guix_get_bin "${GNU_URL}" "${BIN_VER}" "$tmp_path"

    sys_create_store "${BIN_VER}.tar.xz" "${tmp_path}"
    sys_create_build_user
    sys_enable_guix_daemon
    sys_authorize_build_farms

    _msg "${INF}cleaning up ${tmp_path}"
    rm -r "${tmp_path}"

    _msg "${PAS}Guix has successfully been installed!"
    _msg "${INF}Run 'info guix' to read the manual."
 }

main "$@"
Commit	Line	Data
6f4e8693 RW	1	#!/bin/bash
	2	# GNU Guix --- Functional package management for GNU
	3	# Copyright © 2017 sharlatan <sharlatanus@gmail.com>
	4	# Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
ea6b1bae	5	# Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
6f4e8693 RW	6	#
	7	# This file is part of GNU Guix.
	8	#
	9	# GNU Guix is free software; you can redistribute it and/or modify it
	10	# under the terms of the GNU General Public License as published by
	11	# the Free Software Foundation; either version 3 of the License, or (at
	12	# your option) any later version.
	13	#
	14	# GNU Guix is distributed in the hope that it will be useful, but
	15	# WITHOUT ANY WARRANTY; without even the implied warranty of
	16	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	17	# GNU General Public License for more details.
	18	#
	19	# You should have received a copy of the GNU General Public License
	20	# along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
	21
	22	set -e
	23
	24	[ "$UID" -eq 0 ] \|\| { echo "This script must be run as root."; exit 1; }
	25
	26	REQUIRE=(
	27	"dirname"
	28	"readlink"
	29	"wget"
	30	"gpg"
	31	"grep"
	32	"which"
	33	"sed"
	34	"sort"
	35	"getent"
	36	"mktemp"
	37	"rm"
	38	"chmod"
	39	"uname"
	40	"groupadd"
	41	"tail"
	42	"tr"
	43	)
	44
	45	PAS=$'[ \033[32;1mPASS\033[0m ] '
	46	ERR=$'[ \033[31;1mFAIL\033[0m ] '
	47	INF="[ INFO ] "
	48
	49	DEBUG=0
	50	GNU_URL="https://alpha.gnu.org/gnu/guix/"
	51	OPENPGP_SIGNING_KEY_ID="3CE464558A84FDC69DB40CFB090B11993D9AEBB5"
	52
3cd4447f CM	53	# This script needs to know where root's home directory is. However, we
	54	# cannot simply use the HOME environment variable, since there is no guarantee
	55	# that it points to root's home directory.
	56	ROOT_HOME="$(echo ~root)"
	57
6f4e8693 RW	58	# ------------------------------------------------------------------------------
	59	#+UTILITIES
	60
	61	_err()
	62	{ # All errors go to stderr.
	63	printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
	64	}
	65
	66	_msg()
	67	{ # Default message to stdout.
	68	printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
	69	}
	70
	71	_debug()
	72	{
	73	if [ "${DEBUG}" = '1' ]; then
	74	printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
	75	fi
	76	}
	77
	78
	79	chk_require()
	80	{ # Check that every required command is available.
	81	declare -a cmds
	82	declare -a warn
	83
	84	cmds=(${1})
	85
	86	_debug "--- [ $FUNCNAME ] ---"
	87
	88	for c in ${cmds[@]}; do
	89	command -v "$c" &>/dev/null
	90	[ "$?" -eq "1" ] &&
	91	warn+=("$c")
	92	done
	93
	94	[ "${#warn}" -ne 0 ] &&
	95	{ _err "${ERR}Missing commands: ${warn[*]}.";
	96	return 1; }
	97
	98	_msg "${PAS}verification of required commands completed"
	99
	100	gpg --list-keys ${OPENPGP_SIGNING_KEY_ID} >/dev/null 2>&1 \|\| (
	101	_err "${ERR}Missing OpenPGP public key. Fetch it with this command:"
	102	echo " gpg --keyserver pgp.mit.edu --recv-keys ${OPENPGP_SIGNING_KEY_ID}"
	103	exit 1
	104	)
	105	}
	106
	107	chk_term()
	108	{ # Check for ANSI terminal for color printing.
	109	local ansi_term
	110
	111	if [ -t 2 ]; then
	112	if [ "${TERM+set}" = 'set' ]; then
	113	case "$TERM" in
	114	xterm\|rxvt\|urxvt\|linux\|vt\|eterm\|screen*)
	115	ansi_term=true
	116	;;
	117	*)
	118	ansi_term=false
	119	ERR="[ FAIL ] "
	120	PAS="[ PASS ] "
	121	;;
122	esac
123	fi
124	fi
125	}
126
127	chk_init_sys()
128	{ # Return init system type name.
129	if [[ $(/sbin/init --version 2>/dev/null) =~ upstart ]]; then
130	_msg "${INF}init system is: upstart"
131	INIT_SYS="upstart"
132	return 0
133	elif [[ $(systemctl) =~ -\.mount ]]; then
134	_msg "${INF}init system is: systemd"
135	INIT_SYS="systemd"
136	return 0
137	elif [[ -f /etc/init.d/cron && ! -h /etc/init.d/cron ]]; then
138	_msg "${INF}init system is: sysv-init"
139	INIT_SYS="sysv-init"
140	return 0
141	else
142	INIT_SYS="NA"
143	_err "${ERR}Init system could not be detected."
144	fi
145	}
146
147	chk_sys_arch()
148	{ # Check for operating system and architecture type.
149	local os
150	local arch
151
152	os="$(uname -s)"
153	arch="$(uname -m)"
154
155	case "$arch" in
156	i386 \| i486 \| i686 \| i786 \| x86)
157	local arch=i686
158	;;
159	x86_64 \| x86-64 \| x64 \| amd64)
160	local arch=x86_64
161	;;
ea6b1bae EF	162	aarch64)
	163	local arch=aarch64
	164	;;
6f4e8693 RW	165	*)
	166	_err "${ERR}Unsupported CPU type: ${arch}"
	167	exit 1
	168	esac
	169
	170	case "$os" in
	171	Linux \| linux)
	172	local os=linux
	173	;;
	174	*)
	175	_err "${ERR}Your operation system (${os}) is not supported."
	176	exit 1
	177	esac
	178
	179	ARCH_OS="${arch}-${os}"
	180	}
	181
	182	# ------------------------------------------------------------------------------
	183	#+MAIN
	184
	185	guix_get_bin_list()
	186	{ # Scan GNU archive and save list of binaries
	187	local gnu_url="$1"
	188	local -a bin_ver_ls
	189	local latest_ver
	190	local default_ver
	191
	192	_debug "--- [ $FUNCNAME ] ---"
	193
	194	# Filter only version and architecture
	195	bin_ver_ls=("$(wget -qO- "$gnu_url" \
	196	\| sed -n -e 's/.guix-binary-\([0-9.]\)\...tar.xz./\1/p' \
	197	\| sort -Vu)")
	198
	199	latest_ver="$(echo "$bin_ver_ls" \
	200	\| grep -oP "([0-9]{1,2}\.){2}[0-9]{1,2}" \
	201	\| tail -n1)"
	202
	203	default_ver="guix-binary-${latest_ver}.${ARCH_OS}"
	204
	205	if [[ "${#bin_ver_ls}" -ne "0" ]]; then
	206	_msg "${PAS}Release for your system: ${default_ver}"
	207	else
	208	_err "${ERR}Could not obtain list of Guix releases."
	209	exit 1
	210	fi
	211
	212	# Use default to download according to the list and local ARCH_OS.
	213	BIN_VER="$default_ver"
	214	}
	215
	216	guix_get_bin()
	217	{ # Download and verify binary package.
	218	local url="$1"
	219	local bin_ver="$2"
	220	local dl_path="$3"
	221
	222	_debug "--- [ $FUNCNAME ] ---"
	223
	224	_msg "${INF}Downloading Guix release archive"
	225
	226	wget --help \| grep -q '\--show-progress' && \
	227	_PROGRESS_OPT="-q --show-progress" \|\| _PROGRESS_OPT=""
	228	wget $_PROGRESS_OPT -P "$dl_path" "${url}/${bin_ver}.tar.xz" "${url}/${bin_ver}.tar.xz.sig"
229
230	if [[ "$?" -eq 0 ]]; then
231	_msg "${PAS}download completed."
232	else
233	_err "${ERR}could not download ${url}/${bin_ver}.tar.xz."
234	exit 1
235	fi
236
237	pushd $dl_path >/dev/null
238	gpg --verify "${bin_ver}.tar.xz.sig" >/dev/null 2>&1
239	if [[ "$?" -eq 0 ]]; then
240	_msg "${PAS}Signature is valid."
241	popd >/dev/null
242	else
243	_err "${ERR}could not verify the signature."
244	exit 1
245	fi
246	}
247
248	sys_create_store()
249	{ # Unpack and install /gnu/store and /var/guix
250	local pkg="$1"
251	local tmp_path="$2"
252
253	_debug "--- [ $FUNCNAME ] ---"
254
255	cd "$tmp_path"
256	tar --warning=no-timestamp \
257	--extract \
258	--file "$pkg" &&
259	_msg "${PAS}unpacked archive"
260
261	if [[ -e "/var/guix" \|\| -e "/gnu" ]]; then
262	_err "${ERR}A previous Guix installation was found. Refusing to overwrite."
263	exit 1
264	else
265	_msg "${INF}Installing /var/guix and /gnu..."
266	mv "${tmp_path}/var/guix" /var/
267	mv "${tmp_path}/gnu" /
268	fi
269
270	_msg "${INF}Linking the root user's profile"
271	ln -sf /var/guix/profiles/per-user/root/guix-profile \
3cd4447f	272	"${ROOT_HOME}/.guix-profile"
6f4e8693	273
3cd4447f	274	GUIX_PROFILE="${ROOT_HOME}/.guix-profile"
6f4e8693 RW	275	source "${GUIX_PROFILE}/etc/profile"
	276	_msg "${PAS}activated root profile at /root/.guix-profile"
	277	}
	278
	279	sys_create_build_user()
	280	{ # Create the group and user accounts for build users.
	281
	282	_debug "--- [ $FUNCNAME ] ---"
	283
	284	if [ $(getent group guixbuild) ]; then
	285	_msg "${INF}group guixbuild exists"
	286	else
	287	groupadd --system guixbuild
	288	_msg "${PAS}group <guixbuild> created"
	289	fi
	290
	291	for i in $(seq -w 1 10); do
	292	if id "guixbuilder${i}" &>/dev/null; then
	293	_msg "${INF}user is already in the system, reset"
	294	usermod -g guixbuild -G guixbuild \
	295	-d /var/empty -s "$(which nologin)" \
	296	-c "Guix build user $i" \
	297	"guixbuilder${i}";
	298	else
	299	useradd -g guixbuild -G guixbuild \
	300	-d /var/empty -s "$(which nologin)" \
	301	-c "Guix build user $i" --system \
	302	"guixbuilder${i}";
	303	_msg "${PAS}user added <guixbuilder${i}>"
	304	fi
	305	done
	306	}
	307
	308	sys_enable_guix_daemon()
	309	{ # Run the daemon, and set it to automatically start on boot.
	310
	311	local info_path
	312	local local_bin
	313	local var_guix
	314
	315	_debug "--- [ $FUNCNAME ] ---"
	316
	317	info_path="/usr/local/share/info"
	318	local_bin="/usr/local/bin"
	319	var_guix="/var/guix/profiles/per-user/root/guix-profile"
	320
	321	case "$INIT_SYS" in
	322	upstart)
	323	{ initctl reload-configuration;
3cd4447f	324	cp "${ROOT_HOME}/.guix-profile/lib/upstart/system/guix-daemon.conf" \
6f4e8693 RW	325	/etc/init/ &&
	326	start guix-daemon; } &&
	327	_msg "${PAS}enabled Guix daemon via upstart"
	328	;;
	329	systemd)
3cd4447f	330	{ cp "${ROOT_HOME}/.guix-profile/lib/systemd/system/guix-daemon.service" \
6f4e8693 RW	331	/etc/systemd/system/;
	332	chmod 664 /etc/systemd/system/guix-daemon.service;
	333	systemctl daemon-reload &&
	334	systemctl start guix-daemon &&
	335	systemctl enable guix-daemon; } &&
	336	_msg "${PAS}enabled Guix daemon via systemd"
	337	;;
	338	NA\|*)
	339	_msg "${ERR}unsupported init system; run the daemon manually:"
3cd4447f	340	echo " ${ROOT_HOME}/.guix-profile/bin/guix-daemon --build-users-group=guixbuild"
6f4e8693 RW	341	;;
	342	esac
	343
	344	_msg "${INF}making the guix command available to other users"
	345
	346	[ -e "$local_bin" ] \|\| mkdir -p "$local_bin"
	347	ln -sf "${var_guix}/bin/guix" "$local_bin"
	348
	349	[ -e "$info_path" ] \|\| mkdir -p "$info_path"
	350	for i in ${var_guix}/share/info/*; do
	351	ln -sf "$i" "$info_path"
	352	done
	353	}
	354
	355	sys_authorize_build_farms()
	356	{ # authorize the public keys of the two build farms
	357	while true; do
	358	read -p "Permit downloading pre-built package binaries from the project's build farms? (yes/no) " yn
	359	case $yn in
3cd4447f	360	[Yy]*) guix archive --authorize < "${ROOT_HOME}/.guix-profile/share/guix/hydra.gnu.org.pub" &&
6f4e8693	361	_msg "${PAS}Authorized public key for hydra.gnu.org";
3cd4447f	362	guix archive --authorize < "${ROOT_HOME}/.guix-profile/share/guix/berlin.guixsd.org.pub" &&
6f4e8693 RW	363	_msg "${PAS}Authorized public key for berlin.guixsd.org";
	364	break;;
	365	[Nn]*) _msg "${INF}Skipped authorizing build farm public keys"
	366	break;;
	367	*) _msg "Please answer yes or no.";
	368	esac
	369	done
	370	}
	371
	372	welcome()
	373	{
	374	cat<<"EOF"
	375	░░░ ░░░
	376	░░▒▒░░░░░░░░░ ░░░░░░░░░▒▒░░
	377	░░▒▒▒▒▒░░░░░░░ ░░░░░░░▒▒▒▒▒░
	378	░▒▒▒░░▒▒▒▒▒ ░░░░░░░▒▒░
	379	░▒▒▒▒░ ░░░░░░
	380	▒▒▒▒▒ ░░░░░░
	381	▒▒▒▒▒ ░░░░░
	382	░▒▒▒▒▒ ░░░░░
	383	▒▒▒▒▒ ░░░░░
	384	▒▒▒▒▒ ░░░░░
	385	░▒▒▒▒▒░░░░░
	386	▒▒▒▒▒▒░░░
	387	▒▒▒▒▒▒░
	388	_____ _ _ _ _ _____ _
	389	/ ____\| \ \| \| \| \| \| / ____\| (_)
	390	\| \| __\| \\| \| \| \| \| \| \| __ _ _ ___ __
	391	\| \| \|_ \| . ' \| \| \| \| \| \| \|_ \| \| \| \| \ \/ /
	392	\| \|__\| \| \|\ \| \|__\| \| \| \|__\| \| \|_\| \| \|> <
	393	\_____\|_\| \_\|\____/ \_____\|\__,_\|_/_/\_\
	394
	395	This script installs GNU Guix on your system
	396
	397	https://www.gnu.org/software/guix/
	398	EOF
	399	echo -n "Press return to continue..."
	400	read -r ANSWER
	401	}
	402
	403	main()
	404	{
	405	local tmp_path
	406	welcome
	407
	408	_msg "Starting installation ($(date))"
	409
	410	chk_term
	411	chk_require "${REQUIRE[*]}"
	412	chk_init_sys
	413	chk_sys_arch
	414
	415	_msg "${INF}system is ${ARCH_OS}"
	416
	417	tmp_path="$(mktemp -t -d guix.XXX)"
	418
	419	guix_get_bin_list "${GNU_URL}"
	420	guix_get_bin "${GNU_URL}" "${BIN_VER}" "$tmp_path"
	421
	422	sys_create_store "${BIN_VER}.tar.xz" "${tmp_path}"
	423	sys_create_build_user
	424	sys_enable_guix_daemon
	425	sys_authorize_build_farms
	426
427	_msg "${INF}cleaning up ${tmp_path}"
428	rm -r "${tmp_path}"
429
430	_msg "${PAS}Guix has successfully been installed!"
431	_msg "${INF}Run 'info guix' to read the manual."
432	}
433
434	main "$@"