[jackhill/guix/guix.git] / gnu / system / install.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu system install)
  #:use-module (gnu)
  #:use-module (guix gexp)
  #:use-module (guix store)
  #:use-module (guix monads)
  #:use-module ((guix store) #:select (%store-prefix))
  #:use-module (guix profiles)
  #:use-module (gnu services shepherd)
  #:use-module (gnu packages admin)
  #:use-module (gnu packages bash)
  #:use-module (gnu packages linux)
  #:use-module (gnu packages cryptsetup)
  #:use-module (gnu packages package-management)
  #:use-module (gnu packages disk)
  #:use-module (gnu packages grub)
  #:use-module (gnu packages texinfo)
  #:use-module (gnu packages compression)
  #:use-module (ice-9 match)
  #:use-module (srfi srfi-26)
  #:export (self-contained-tarball
            installation-os))

;;; Commentary:
;;;
;;; This module provides an 'operating-system' definition for use on images
;;; for USB sticks etc., for the installation of the GNU system.
;;;
;;; Code:

\f
(define* (self-contained-tarball #:key (guix guix))
  "Return a self-contained tarball containing a store initialized with the
closure of GUIX.  The tarball contains /gnu/store, /var/guix, and a profile
under /root/.guix-profile where GUIX is installed."
  (mlet %store-monad ((profile (profile-derivation
                                (manifest
                                 (list (package->manifest-entry guix))))))
    (define build
      #~(begin
          (use-modules (guix build utils)
                       (gnu build install))

          (define %root "root")

          (setenv "PATH"
                  (string-append #$guix "/sbin:" #$tar "/bin:" #$xz "/bin"))

          ;; Note: there is not much to gain here with deduplication and there
          ;; is the overhead of the '.links' directory, so turn it off.
          (populate-single-profile-directory %root
                                             #:profile #$profile
                                             #:closure "profile"
                                             #:deduplicate? #f)

          ;; Create the tarball.  Use GNU format so there's no file name
          ;; length limitation.
          (with-directory-excursion %root
            (zero? (system* "tar" "--xz" "--format=gnu"

                            ;; Avoid non-determinism in the archive.  Use
                            ;; mtime = 1, not zero, because that is what the
                            ;; daemon does for files in the store (see the
                            ;; 'mtimeStore' constant in local-store.cc.)
                            "--sort=name"
                            "--mtime=@1"          ;for files in /var/guix
                            "--owner=root:0"
                            "--group=root:0"

                            "--check-links"
                            "-cvf" #$output
                            ;; Avoid adding / and /var to the tarball,
                            ;; so that the ownership and permissions of those
                            ;; directories will not be overwritten when
                            ;; extracting the archive.  Do not include /root
                            ;; because the root account might have a different
                            ;; home directory.
                            "./var/guix"
                            (string-append "." (%store-directory)))))))

    (gexp->derivation "guix-tarball.tar.xz" build
                      #:references-graphs `(("profile" ,profile))
                      #:modules '((guix build utils)
                                  (guix build store-copy)
                                  (gnu build install)))))

\f
(define (log-to-info)
  "Return a script that spawns the Info reader on the right section of the
manual."
  (program-file "log-to-info"
                #~(begin
                    ;; 'gunzip' is needed to decompress the doc.
                    (setenv "PATH" (string-append #$gzip "/bin"))

                    (execl (string-append #$texinfo-4 "/bin/info") "info"
                           "-d" "/run/current-system/profile/share/info"
                           "-f" (string-append #$guix "/share/info/guix.info")
                           "-n" "System Installation"))))

(define %backing-directory
  ;; Sub-directory used as the backing store for copy-on-write.
  "/tmp/guix-inst")

(define (make-cow-store target)
  "Return a gexp that makes the store copy-on-write, using TARGET as the
backing store.  This is useful when TARGET is on a hard disk, whereas the
current store is on a RAM disk."
  (define (unionfs read-only read-write mount-point)
    ;; Make MOUNT-POINT the union of READ-ONLY and READ-WRITE.

    ;; Note: in the command below, READ-WRITE appears before READ-ONLY so that
    ;; it is considered a "higher-level branch", as per unionfs-fuse(8),
    ;; thereby allowing files existing on READ-ONLY to be copied over to
    ;; READ-WRITE.
    #~(fork+exec-command
       (list (string-append #$unionfs-fuse "/bin/unionfs")
             "-o"
             "cow,allow_other,use_ino,max_files=65536,nonempty"
             (string-append #$read-write "=RW:" #$read-only "=RO")
             #$mount-point)))

  (define (set-store-permissions directory)
    ;; Set the right perms on DIRECTORY to use it as the store.
    #~(begin
        (chown #$directory 0 30000)             ;use the fixed 'guixbuild' GID
        (chmod #$directory #o1775)))

  #~(begin
      (unless (file-exists? "/.ro-store")
        (mkdir "/.ro-store")
        (mount #$(%store-prefix) "/.ro-store" "none"
               (logior MS_BIND MS_RDONLY)))

      (let ((rw-dir (string-append target #$%backing-directory)))
        (mkdir-p rw-dir)
        (mkdir-p "/.rw-store")
        #$(set-store-permissions #~rw-dir)
        #$(set-store-permissions "/.rw-store")

        ;; Mount the union, then atomically make it the store.
        (and #$(unionfs "/.ro-store" #~rw-dir "/.rw-store")
             (begin
               (sleep 1) ;XXX: wait for unionfs to be ready
               (mount "/.rw-store" #$(%store-prefix) "" MS_MOVE)
               (rmdir "/.rw-store"))))))

(define cow-store-service-type
  (shepherd-service-type
   'cow-store
   (lambda _
     (shepherd-service
      (requirement '(root-file-system user-processes))
      (provision '(cow-store))
      (documentation
       "Make the store copy-on-write, with writes going to \
the given target.")

      ;; This is meant to be explicitly started by the user.
      (auto-start? #f)

      (start #~(case-lambda
                 ((target)
                  #$(make-cow-store #~target)
                  target)
                 (else
                  ;; Do nothing, and mark the service as stopped.
                  #f)))
      (stop #~(lambda (target)
                ;; Delete the temporary directory, but leave everything
                ;; mounted as there may still be processes using it since
                ;; 'user-processes' doesn't depend on us.  The 'user-unmount'
                ;; service will unmount TARGET eventually.
                (delete-file-recursively
                 (string-append target #$%backing-directory))))))))

(define (cow-store-service)
  "Return a service that makes the store copy-on-write, such that writes go to
the user's target storage device rather than on the RAM disk."
  ;; See <http://bugs.gnu.org/18061> for the initial report.
  (service cow-store-service-type 'mooooh!))


(define (/etc/configuration-files _)
  "Return a list of tuples representing configuration templates to add to
/etc."
  (define (file f)
    (local-file (search-path %load-path
                             (string-append "gnu/system/examples/" f))))

  (define directory
    (computed-file "configuration-templates"
                   #~(begin
                       (mkdir #$output)
                       (for-each (lambda (file target)
                                   (copy-file file
                                              (string-append #$output "/"
                                                             target)))
                                 '(#$(file "bare-bones.tmpl")
                                   #$(file "desktop.tmpl"))
                                 '("bare-bones.scm"
                                   "desktop.scm"))
                       #t)
                   #:modules '((guix build utils))))

  `(("configuration" ,directory)))

(define configuration-template-service-type
  (service-type (name 'configuration-template)
                (extensions
                 (list (service-extension etc-service-type
                                          /etc/configuration-files)))))

(define %configuration-template-service
  (service configuration-template-service-type #t))


(define %nscd-minimal-caches
  ;; Minimal in-memory caching policy for nscd.
  (list (nscd-cache (database 'hosts)
                    (positive-time-to-live (* 3600 12))
                    (negative-time-to-live 20)
                    (persistent? #f)
                    (max-database-size (* 5 (expt 2 20)))))) ;5 MiB

(define (installation-services)
  "Return the list services for the installation image."
  (let ((motd (plain-file "motd" "
Welcome to the installation of the Guix System Distribution!

There is NO WARRANTY, to the extent permitted by law.  In particular, you may
LOSE ALL YOUR DATA as a side effect of the installation process.  Furthermore,
it is alpha software, so it may BREAK IN UNEXPECTED WAYS.

You have been warned.  Thanks for being so brave.
")))
    (define (normal-tty tty)
      (mingetty-service (mingetty-configuration (tty tty)
                                                (motd motd)
                                                (auto-login "root")
                                                (login-pause? #t))))

    (list (mingetty-service (mingetty-configuration
                             (tty "tty1")
                             (motd motd)
                             (auto-login "root")))

          ;; Documentation.  The manual is in UTF-8, but
          ;; 'console-font-service' sets up Unicode support and loads a font
          ;; with all the useful glyphs like em dash and quotation marks.
          (mingetty-service (mingetty-configuration
                             (tty "tty2")
                             (motd motd)
                             (auto-login "guest")
                             (login-program (log-to-info))))

          ;; Documentation add-on.
          %configuration-template-service

          ;; A bunch of 'root' ttys.
          (normal-tty "tty3")
          (normal-tty "tty4")
          (normal-tty "tty5")
          (normal-tty "tty6")

          ;; The usual services.
          (syslog-service)

          ;; The build daemon.  Register the hydra.gnu.org key as trusted.
          ;; This allows the installation process to use substitutes by
          ;; default.
          (guix-service (guix-configuration (authorize-key? #t)))

          ;; Start udev so that useful device nodes are available.
          ;; Use device-mapper rules for cryptsetup & co; enable the CRDA for
          ;; regulations-compliant WiFi access.
          (udev-service #:rules (list lvm2 crda))

          ;; Add the 'cow-store' service, which users have to start manually
          ;; since it takes the installation directory as an argument.
          (cow-store-service)

          ;; Install Unicode support and a suitable font.
          (console-font-service "tty1")
          (console-font-service "tty2")
          (console-font-service "tty3")
          (console-font-service "tty4")
          (console-font-service "tty5")
          (console-font-service "tty6")

          ;; To facilitate copy/paste.
          (gpm-service)

          ;; Since this is running on a USB stick with a unionfs as the root
          ;; file system, use an appropriate cache configuration.
          (nscd-service (nscd-configuration
                         (caches %nscd-minimal-caches))))))

(define %issue
  ;; Greeting.
  "
This is an installation image of the GNU system.  Welcome.

Use Alt-F2 for documentation.
")

(define installation-os
  ;; The operating system used on installation images for USB sticks etc.
  (operating-system
    (host-name "gnu")
    (timezone "Europe/Paris")
    (locale "en_US.utf8")
    (bootloader (grub-configuration
                 (device "/dev/sda")))
    (file-systems
     ;; Note: the disk image build code overrides this root file system with
     ;; the appropriate one.
     (cons (file-system
             (mount-point "/")
             (device "gnu-disk-image")
             (type "ext4"))
           %base-file-systems))

    (users (list (user-account
                  (name "guest")
                  (group "users")
                  (supplementary-groups '("wheel"))  ; allow use of sudo
                  (password "")
                  (comment "Guest of GNU")
                  (home-directory "/home/guest"))))

    (issue %issue)

    (services (installation-services))

    ;; We don't need setuid programs so pass the empty list so we don't pull
    ;; additional programs here.
    (setuid-programs '())

    (pam-services
     ;; Explicitly allow for empty passwords.
     (base-pam-services #:allow-empty-passwords? #t))

    (packages (cons* texinfo-4                 ;for the standalone Info reader
                     parted ddrescue
                     grub                  ;mostly so xrefs to its manual work
                     cryptsetup
                     wireless-tools iw wpa-supplicant-minimal iproute
                     ;; XXX: We used to have GNU fdisk here, but as of version
                     ;; 2.0.0a, that pulls Guile 1.8, which takes unreasonable
                     ;; space; furthermore util-linux's fdisk is already
                     ;; available here, so we keep that.
                     bash-completion
                     %base-packages))))

;; Return it here so 'guix system' can consume it directly.
installation-os

;;; install.scm ends here
Commit	Line	Data
fc91c17a	1	;;; GNU Guix --- Functional package management for GNU
e87f0591	2	;;; Copyright © 2014, 2015 Ludovic Courtès <ludo@gnu.org>
b2a5fa59	3	;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
fc91c17a LC	4	;;;
	5	;;; This file is part of GNU Guix.
	6	;;;
	7	;;; GNU Guix is free software; you can redistribute it and/or modify it
	8	;;; under the terms of the GNU General Public License as published by
	9	;;; the Free Software Foundation; either version 3 of the License, or (at
	10	;;; your option) any later version.
	11	;;;
	12	;;; GNU Guix is distributed in the hope that it will be useful, but
	13	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
	14	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	15	;;; GNU General Public License for more details.
	16	;;;
	17	;;; You should have received a copy of the GNU General Public License
	18	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
	19
	20	(define-module (gnu system install)
	21	#:use-module (gnu)
	22	#:use-module (guix gexp)
e87f0591	23	#:use-module (guix store)
fc91c17a	24	#:use-module (guix monads)
83a17b62	25	#:use-module ((guix store) #:select (%store-prefix))
9d3fb6c7	26	#:use-module (guix profiles)
0190c1c0	27	#:use-module (gnu services shepherd)
db84467a	28	#:use-module (gnu packages admin)
f4bdfe73	29	#:use-module (gnu packages bash)
fc91c17a	30	#:use-module (gnu packages linux)
b419c7f5	31	#:use-module (gnu packages cryptsetup)
fc91c17a	32	#:use-module (gnu packages package-management)
cc4a2aeb	33	#:use-module (gnu packages disk)
7eda0c56	34	#:use-module (gnu packages grub)
fc91c17a	35	#:use-module (gnu packages texinfo)
dd6b28d1	36	#:use-module (gnu packages compression)
e1fbc32a LC	37	#:use-module (ice-9 match)
e1fbc32a LC	38	#:use-module (srfi srfi-26)
9d3fb6c7 LC	39	#:export (self-contained-tarball
9d3fb6c7 LC	40	installation-os))
fc91c17a LC	41
	42	;;; Commentary:
	43	;;;
	44	;;; This module provides an 'operating-system' definition for use on images
	45	;;; for USB sticks etc., for the installation of the GNU system.
	46	;;;
	47	;;; Code:
	48
9d3fb6c7 LC	49	\f
	50	(define* (self-contained-tarball #:key (guix guix))
	51	"Return a self-contained tarball containing a store initialized with the
	52	closure of GUIX. The tarball contains /gnu/store, /var/guix, and a profile
	53	under /root/.guix-profile where GUIX is installed."
	54	(mlet %store-monad ((profile (profile-derivation
	55	(manifest
	56	(list (package->manifest-entry guix))))))
	57	(define build
	58	#~(begin
	59	(use-modules (guix build utils)
	60	(gnu build install))
	61
	62	(define %root "root")
	63
	64	(setenv "PATH"
	65	(string-append #$guix "/sbin:" #$tar "/bin:" #$xz "/bin"))
	66
08fa7613 LC	67	;; Note: there is not much to gain here with deduplication and there
08fa7613 LC	68	;; is the overhead of the '.links' directory, so turn it off.
9d3fb6c7 LC	69	(populate-single-profile-directory %root
9d3fb6c7 LC	70	#:profile #$profile
08fa7613 LC	71	#:closure "profile"
08fa7613 LC	72	#:deduplicate? #f)
9d3fb6c7 LC	73
9d3fb6c7 LC	74	;; Create the tarball. Use GNU format so there's no file name
01dbc7e0	75	;; length limitation.
9d3fb6c7 LC	76	(with-directory-excursion %root
9d3fb6c7 LC	77	(zero? (system* "tar" "--xz" "--format=gnu"
92226a47	78
34a7bfb0 LC	79	;; Avoid non-determinism in the archive. Use
	80	;; mtime = 1, not zero, because that is what the
	81	;; daemon does for files in the store (see the
	82	;; 'mtimeStore' constant in local-store.cc.)
92226a47	83	"--sort=name"
34a7bfb0	84	"--mtime=@1" ;for files in /var/guix
92226a47 MW	85	"--owner=root:0"
	86	"--group=root:0"
	87
08fa7613	88	"--check-links"
b2a5fa59	89	"-cvf" #$output
7acd3439	90	;; Avoid adding / and /var to the tarball,
b2a5fa59 MW	91	;; so that the ownership and permissions of those
b2a5fa59 MW	92	;; directories will not be overwritten when
7acd3439 LC	93	;; extracting the archive. Do not include /root
	94	;; because the root account might have a different
	95	;; home directory.
b2a5fa59	96	"./var/guix"
781d0a2c	97	(string-append "." (%store-directory)))))))
9d3fb6c7 LC	98
	99	(gexp->derivation "guix-tarball.tar.xz" build
	100	#:references-graphs `(("profile" ,profile))
	101	#:modules '((guix build utils)
	102	(guix build store-copy)
	103	(gnu build install)))))
	104
	105	\f
fc91c17a LC	106	(define (log-to-info)
	107	"Return a script that spawns the Info reader on the right section of the
	108	manual."
ce8a6dfc	109	(program-file "log-to-info"
dd6b28d1 LC	110	#~(begin
	111	;; 'gunzip' is needed to decompress the doc.
	112	(setenv "PATH" (string-append #$gzip "/bin"))
	113
	114	(execl (string-append #$texinfo-4 "/bin/info") "info"
	115	"-d" "/run/current-system/profile/share/info"
	116	"-f" (string-append #$guix "/share/info/guix.info")
	117	"-n" "System Installation"))))
fc91c17a	118
83a17b62 LC	119	(define %backing-directory
	120	;; Sub-directory used as the backing store for copy-on-write.
	121	"/tmp/guix-inst")
	122
	123	(define (make-cow-store target)
	124	"Return a gexp that makes the store copy-on-write, using TARGET as the
	125	backing store. This is useful when TARGET is on a hard disk, whereas the
	126	current store is on a RAM disk."
	127	(define (unionfs read-only read-write mount-point)
	128	;; Make MOUNT-POINT the union of READ-ONLY and READ-WRITE.
	129
	130	;; Note: in the command below, READ-WRITE appears before READ-ONLY so that
	131	;; it is considered a "higher-level branch", as per unionfs-fuse(8),
	132	;; thereby allowing files existing on READ-ONLY to be copied over to
	133	;; READ-WRITE.
	134	#~(fork+exec-command
	135	(list (string-append #$unionfs-fuse "/bin/unionfs")
	136	"-o"
	137	"cow,allow_other,use_ino,max_files=65536,nonempty"
	138	(string-append #$read-write "=RW:" #$read-only "=RO")
	139	#$mount-point)))
	140
	141	(define (set-store-permissions directory)
	142	;; Set the right perms on DIRECTORY to use it as the store.
	143	#~(begin
	144	(chown #$directory 0 30000) ;use the fixed 'guixbuild' GID
	145	(chmod #$directory #o1775)))
	146
	147	#~(begin
	148	(unless (file-exists? "/.ro-store")
	149	(mkdir "/.ro-store")
	150	(mount #$(%store-prefix) "/.ro-store" "none"
	151	(logior MS_BIND MS_RDONLY)))
	152
	153	(let ((rw-dir (string-append target #$%backing-directory)))
	154	(mkdir-p rw-dir)
	155	(mkdir-p "/.rw-store")
	156	#$(set-store-permissions #~rw-dir)
	157	#$(set-store-permissions "/.rw-store")
	158
	159	;; Mount the union, then atomically make it the store.
	160	(and #$(unionfs "/.ro-store" #~rw-dir "/.rw-store")
	161	(begin
	162	(sleep 1) ;XXX: wait for unionfs to be ready
	163	(mount "/.rw-store" #$(%store-prefix) "" MS_MOVE)
	164	(rmdir "/.rw-store"))))))
	165
0adfe95a	166	(define cow-store-service-type
d4053c71	167	(shepherd-service-type
00184239	168	'cow-store
0adfe95a	169	(lambda _
d4053c71	170	(shepherd-service
0adfe95a LC	171	(requirement '(root-file-system user-processes))
	172	(provision '(cow-store))
	173	(documentation
	174	"Make the store copy-on-write, with writes going to \
	175	the given target.")
	176
	177	;; This is meant to be explicitly started by the user.
	178	(auto-start? #f)
	179
	180	(start #~(case-lambda
	181	((target)
	182	#$(make-cow-store #~target)
	183	target)
	184	(else
	185	;; Do nothing, and mark the service as stopped.
	186	#f)))
	187	(stop #~(lambda (target)
	188	;; Delete the temporary directory, but leave everything
	189	;; mounted as there may still be processes using it since
	190	;; 'user-processes' doesn't depend on us. The 'user-unmount'
	191	;; service will unmount TARGET eventually.
	192	(delete-file-recursively
	193	(string-append target #$%backing-directory))))))))
	194
83a17b62 LC	195	(define (cow-store-service)
	196	"Return a service that makes the store copy-on-write, such that writes go to
	197	the user's target storage device rather than on the RAM disk."
	198	;; See <http://bugs.gnu.org/18061> for the initial report.
0adfe95a LC	199	(service cow-store-service-type 'mooooh!))
	200
	201
	202	(define (/etc/configuration-files _)
	203	"Return a list of tuples representing configuration templates to add to
	204	/etc."
	205	(define (file f)
	206	(local-file (search-path %load-path
	207	(string-append "gnu/system/examples/" f))))
	208
	209	(define directory
	210	(computed-file "configuration-templates"
	211	#~(begin
	212	(mkdir #$output)
	213	(for-each (lambda (file target)
	214	(copy-file file
	215	(string-append #$output "/"
	216	target)))
	217	'(#$(file "bare-bones.tmpl")
	218	#$(file "desktop.tmpl"))
	219	'("bare-bones.scm"
	220	"desktop.scm"))
	221	#t)
	222	#:modules '((guix build utils))))
	223
	224	`(("configuration" ,directory)))
	225
	226	(define configuration-template-service-type
	227	(service-type (name 'configuration-template)
	228	(extensions
	229	(list (service-extension etc-service-type
	230	/etc/configuration-files)))))
	231
	232	(define %configuration-template-service
	233	(service configuration-template-service-type #t))
be1c2c54	234
1dac8566	235
61ff0a3a LC	236	(define %nscd-minimal-caches
	237	;; Minimal in-memory caching policy for nscd.
	238	(list (nscd-cache (database 'hosts)
	239	(positive-time-to-live (* 3600 12))
	240	(negative-time-to-live 20)
	241	(persistent? #f)
	242	(max-database-size (* 5 (expt 2 20)))))) ;5 MiB
	243
fc91c17a LC	244	(define (installation-services)
fc91c17a LC	245	"Return the list services for the installation image."
ce8a6dfc	246	(let ((motd (plain-file "motd" "
c73adb09	247	Welcome to the installation of the Guix System Distribution!
fc91c17a LC	248
	249	There is NO WARRANTY, to the extent permitted by law. In particular, you may
	250	LOSE ALL YOUR DATA as a side effect of the installation process. Furthermore,
	251	it is alpha software, so it may BREAK IN UNEXPECTED WAYS.
	252
	253	You have been warned. Thanks for being so brave.
	254	")))
	255	(define (normal-tty tty)
66e4f01c LC	256	(mingetty-service (mingetty-configuration (tty tty)
	257	(motd motd)
	258	(auto-login "root")
	259	(login-pause? #t))))
fc91c17a	260
66e4f01c LC	261	(list (mingetty-service (mingetty-configuration
	262	(tty "tty1")
	263	(motd motd)
	264	(auto-login "root")))
fc91c17a	265
62ca0fdf LC	266	;; Documentation. The manual is in UTF-8, but
	267	;; 'console-font-service' sets up Unicode support and loads a font
	268	;; with all the useful glyphs like em dash and quotation marks.
66e4f01c LC	269	(mingetty-service (mingetty-configuration
	270	(tty "tty2")
	271	(motd motd)
	272	(auto-login "guest")
	273	(login-program (log-to-info))))
fc91c17a	274
1dac8566	275	;; Documentation add-on.
0adfe95a	276	%configuration-template-service
1dac8566	277
fc91c17a LC	278	;; A bunch of 'root' ttys.
	279	(normal-tty "tty3")
	280	(normal-tty "tty4")
	281	(normal-tty "tty5")
	282	(normal-tty "tty6")
	283
	284	;; The usual services.
	285	(syslog-service)
2c5c696c LC	286
	287	;; The build daemon. Register the hydra.gnu.org key as trusted.
	288	;; This allows the installation process to use substitutes by
	289	;; default.
0adfe95a	290	(guix-service (guix-configuration (authorize-key? #t)))
2c5c696c	291
e11390df	292	;; Start udev so that useful device nodes are available.
68ac258b LC	293	;; Use device-mapper rules for cryptsetup & co; enable the CRDA for
	294	;; regulations-compliant WiFi access.
	295	(udev-service #:rules (list lvm2 crda))
e11390df	296
83a17b62 LC	297	;; Add the 'cow-store' service, which users have to start manually
	298	;; since it takes the installation directory as an argument.
	299	(cow-store-service)
	300
62ca0fdf LC	301	;; Install Unicode support and a suitable font.
	302	(console-font-service "tty1")
	303	(console-font-service "tty2")
	304	(console-font-service "tty3")
	305	(console-font-service "tty4")
	306	(console-font-service "tty5")
	307	(console-font-service "tty6")
	308
ae7ffa9e LC	309	;; To facilitate copy/paste.
	310	(gpm-service)
	311
61ff0a3a LC	312	;; Since this is running on a USB stick with a unionfs as the root
	313	;; file system, use an appropriate cache configuration.
	314	(nscd-service (nscd-configuration
	315	(caches %nscd-minimal-caches))))))
fc91c17a LC	316
	317	(define %issue
	318	;; Greeting.
	319	"
	320	This is an installation image of the GNU system. Welcome.
	321
	322	Use Alt-F2 for documentation.
	323	")
	324
	325	(define installation-os
	326	;; The operating system used on installation images for USB sticks etc.
	327	(operating-system
	328	(host-name "gnu")
	329	(timezone "Europe/Paris")
9cd0dfaa	330	(locale "en_US.utf8")
fc91c17a LC	331	(bootloader (grub-configuration
	332	(device "/dev/sda")))
	333	(file-systems
	334	;; Note: the disk image build code overrides this root file system with
	335	;; the appropriate one.
a69576ea	336	(cons (file-system
fc91c17a LC	337	(mount-point "/")
fc91c17a LC	338	(device "gnu-disk-image")
a69576ea LC	339	(type "ext4"))
a69576ea LC	340	%base-file-systems))
fc91c17a LC	341
	342	(users (list (user-account
	343	(name "guest")
72507e23 LC	344	(group "users")
72507e23 LC	345	(supplementary-groups '("wheel")) ; allow use of sudo
fc91c17a LC	346	(password "")
	347	(comment "Guest of GNU")
	348	(home-directory "/home/guest"))))
fc91c17a LC	349
	350	(issue %issue)
	351
	352	(services (installation-services))
	353
	354	;; We don't need setuid programs so pass the empty list so we don't pull
	355	;; additional programs here.
	356	(setuid-programs '())
	357
	358	(pam-services
	359	;; Explicitly allow for empty passwords.
	360	(base-pam-services #:allow-empty-passwords? #t))
	361
7eda0c56	362	(packages (cons* texinfo-4 ;for the standalone Info reader
8f297d42	363	parted ddrescue
7eda0c56	364	grub ;mostly so xrefs to its manual work
b419c7f5	365	cryptsetup
1ce6f43a	366	wireless-tools iw wpa-supplicant-minimal iproute
8f297d42 LC	367	;; XXX: We used to have GNU fdisk here, but as of version
	368	;; 2.0.0a, that pulls Guile 1.8, which takes unreasonable
	369	;; space; furthermore util-linux's fdisk is already
	370	;; available here, so we keep that.
f4bdfe73	371	bash-completion
6f436c54	372	%base-packages))))
fc91c17a LC	373
	374	;; Return it here so 'guix system' can consume it directly.
	375	installation-os
	376
	377	;;; install.scm ends here