HCoop / jackhill / guix / guix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
gnu: Add emacs-next.
[jackhill/guix/guix.git] / etc / guix-install.sh
1 #!/bin/sh
2 # GNU Guix --- Functional package management for GNU
3 # Copyright © 2017 sharlatan <sharlatanus@gmail.com>
4 # Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
5 # Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
6 # Copyright © 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
7 #
8 # This file is part of GNU Guix.
9 #
10 # GNU Guix is free software; you can redistribute it and/or modify it
11 # under the terms of the GNU General Public License as published by
12 # the Free Software Foundation; either version 3 of the License, or (at
13 # your option) any later version.
14 #
15 # GNU Guix is distributed in the hope that it will be useful, but
16 # WITHOUT ANY WARRANTY; without even the implied warranty of
17 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 # GNU General Public License for more details.
19 #
20 # You should have received a copy of the GNU General Public License
21 # along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
22
23 # We require Bash but for portability we'd rather not use /bin/bash or
24 # /usr/bin/env in the shebang, hence this hack.
25 if [ "x$BASH_VERSION" = "x" ]
26 then
27 exec bash "$0" "$@"
28 fi
29
30 set -e
31
32 [ "$UID" -eq 0 ] || { echo "This script must be run as root."; exit 1; }
33
34 REQUIRE=(
35 "dirname"
36 "readlink"
37 "wget"
38 "gpg"
39 "grep"
40 "which"
41 "sed"
42 "sort"
43 "getent"
44 "mktemp"
45 "rm"
46 "chmod"
47 "uname"
48 "groupadd"
49 "tail"
50 "tr"
51 "xz"
52 )
53
54 PAS=$'[ \033[32;1mPASS\033[0m ] '
55 ERR=$'[ \033[31;1mFAIL\033[0m ] '
56 INF="[ INFO ] "
57
58 DEBUG=0
59 GNU_URL="https://ftp.gnu.org/gnu/guix/"
60 OPENPGP_SIGNING_KEY_ID="3CE464558A84FDC69DB40CFB090B11993D9AEBB5"
61
62 # This script needs to know where root's home directory is. However, we
63 # cannot simply use the HOME environment variable, since there is no guarantee
64 # that it points to root's home directory.
65 ROOT_HOME="$(echo ~root)"
66
67 # ------------------------------------------------------------------------------
68 #+UTILITIES
69
70 _err()
71 { # All errors go to stderr.
72 printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
73 }
74
75 _msg()
76 { # Default message to stdout.
77 printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
78 }
79
80 _debug()
81 {
82 if [ "${DEBUG}" = '1' ]; then
83 printf "[%s]: %s\n" "$(date +%s.%3N)" "$1"
84 fi
85 }
86
87
88 chk_require()
89 { # Check that every required command is available.
90 declare -a warn
91 local c
92
93 _debug "--- [ $FUNCNAME ] ---"
94
95 for c in "$@"; do
96 command -v "$c" &>/dev/null || warn+=("$c")
97 done
98
99 [ "${#warn}" -ne 0 ] &&
100 { _err "${ERR}Missing commands: ${warn[*]}.";
101 return 1; }
102
103 _msg "${PAS}verification of required commands completed"
104 }
105
106 chk_gpg_keyring()
107 { # Check whether the Guix release signing public key is present.
108 _debug "--- [ $FUNCNAME ] ---"
109
110 # Without --dry-run this command will create a ~/.gnupg owned by root on
111 # systems where gpg has never been used, causing errors and confusion.
112 gpg --dry-run --list-keys ${OPENPGP_SIGNING_KEY_ID} >/dev/null 2>&1 || (
113 _err "${ERR}Missing OpenPGP public key. Fetch it with this command:"
114 echo " wget https://sv.gnu.org/people/viewgpg.php?user_id=15145 -qO - | sudo -i gpg --import -"
115 exit 1
116 )
117 }
118
119 chk_term()
120 { # Check for ANSI terminal for color printing.
121 local ansi_term
122
123 if [ -t 2 ]; then
124 if [ "${TERM+set}" = 'set' ]; then
125 case "$TERM" in
126 xterm*|rxvt*|urxvt*|linux*|vt*|eterm*|screen*)
127 ansi_term=true
128 ;;
129 *)
130 ansi_term=false
131 ERR="[ FAIL ] "
132 PAS="[ PASS ] "
133 ;;
134 esac
135 fi
136 fi
137 }
138
139 chk_init_sys()
140 { # Return init system type name.
141 if [[ $(/sbin/init --version 2>/dev/null) =~ upstart ]]; then
142 _msg "${INF}init system is: upstart"
143 INIT_SYS="upstart"
144 return 0
145 elif [[ $(systemctl 2>/dev/null) =~ -\.mount ]]; then
146 _msg "${INF}init system is: systemd"
147 INIT_SYS="systemd"
148 return 0
149 elif [[ -f /etc/init.d/cron && ! -h /etc/init.d/cron ]]; then
150 _msg "${INF}init system is: sysv-init"
151 INIT_SYS="sysv-init"
152 return 0
153 else
154 INIT_SYS="NA"
155 _err "${ERR}Init system could not be detected."
156 fi
157 }
158
159 chk_sys_arch()
160 { # Check for operating system and architecture type.
161 local os
162 local arch
163
164 os="$(uname -s)"
165 arch="$(uname -m)"
166
167 case "$arch" in
168 i386 | i486 | i686 | i786 | x86)
169 local arch=i686
170 ;;
171 x86_64 | x86-64 | x64 | amd64)
172 local arch=x86_64
173 ;;
174 aarch64)
175 local arch=aarch64
176 ;;
177 armv7l)
178 local arch=armhf
179 ;;
180 *)
181 _err "${ERR}Unsupported CPU type: ${arch}"
182 exit 1
183 esac
184
185 case "$os" in
186 Linux | linux)
187 local os=linux
188 ;;
189 *)
190 _err "${ERR}Your operation system (${os}) is not supported."
191 exit 1
192 esac
193
194 ARCH_OS="${arch}-${os}"
195 }
196
197 # ------------------------------------------------------------------------------
198 #+MAIN
199
200 guix_get_bin_list()
201 { # Scan GNU archive and save list of binaries
202 local gnu_url="$1"
203 local -a bin_ver_ls
204 local latest_ver
205 local default_ver
206
207 _debug "--- [ $FUNCNAME ] ---"
208
209 # Filter only version and architecture
210 bin_ver_ls=("$(wget -qO- "$gnu_url" \
211 | sed -n -e 's/.*guix-binary-\([0-9.]*\)\..*.tar.xz.*/\1/p' \
212 | sort -Vu)")
213
214 latest_ver="$(echo "$bin_ver_ls" \
215 | grep -oP "([0-9]{1,2}\.){2}[0-9]{1,2}" \
216 | tail -n1)"
217
218 default_ver="guix-binary-${latest_ver}.${ARCH_OS}"
219
220 if [[ "${#bin_ver_ls}" -ne "0" ]]; then
221 _msg "${PAS}Release for your system: ${default_ver}"
222 else
223 _err "${ERR}Could not obtain list of Guix releases."
224 exit 1
225 fi
226
227 # Use default to download according to the list and local ARCH_OS.
228 BIN_VER="$default_ver"
229 }
230
231 guix_get_bin()
232 { # Download and verify binary package.
233 local url="$1"
234 local bin_ver="$2"
235 local dl_path="$3"
236
237 _debug "--- [ $FUNCNAME ] ---"
238
239 _msg "${INF}Downloading Guix release archive"
240
241 wget --help | grep -q '\--show-progress' && \
242 _PROGRESS_OPT="-q --show-progress" || _PROGRESS_OPT=""
243 wget $_PROGRESS_OPT -P "$dl_path" "${url}/${bin_ver}.tar.xz" "${url}/${bin_ver}.tar.xz.sig"
244
245 if [[ "$?" -eq 0 ]]; then
246 _msg "${PAS}download completed."
247 else
248 _err "${ERR}could not download ${url}/${bin_ver}.tar.xz."
249 exit 1
250 fi
251
252 pushd $dl_path >/dev/null
253 gpg --verify "${bin_ver}.tar.xz.sig" >/dev/null 2>&1
254 if [[ "$?" -eq 0 ]]; then
255 _msg "${PAS}Signature is valid."
256 popd >/dev/null
257 else
258 _err "${ERR}could not verify the signature."
259 exit 1
260 fi
261 }
262
263 sys_create_store()
264 { # Unpack and install /gnu/store and /var/guix
265 local pkg="$1"
266 local tmp_path="$2"
267
268 _debug "--- [ $FUNCNAME ] ---"
269
270 cd "$tmp_path"
271 tar --warning=no-timestamp \
272 --extract \
273 --file "$pkg" &&
274 _msg "${PAS}unpacked archive"
275
276 if [[ -e "/var/guix" || -e "/gnu" ]]; then
277 _err "${ERR}A previous Guix installation was found. Refusing to overwrite."
278 exit 1
279 else
280 _msg "${INF}Installing /var/guix and /gnu..."
281 mv "${tmp_path}/var/guix" /var/
282 mv "${tmp_path}/gnu" /
283 fi
284
285 _msg "${INF}Linking the root user's profile"
286 mkdir -p "${ROOT_HOME}/.config/guix"
287 ln -sf /var/guix/profiles/per-user/root/current-guix \
288 "${ROOT_HOME}/.config/guix/current"
289
290 GUIX_PROFILE="${ROOT_HOME}/.config/guix/current"
291 source "${GUIX_PROFILE}/etc/profile"
292 _msg "${PAS}activated root profile at ${ROOT_HOME}/.config/guix/current"
293 }
294
295 sys_create_build_user()
296 { # Create the group and user accounts for build users.
297
298 _debug "--- [ $FUNCNAME ] ---"
299
300 if [ $(getent group guixbuild) ]; then
301 _msg "${INF}group guixbuild exists"
302 else
303 groupadd --system guixbuild
304 _msg "${PAS}group <guixbuild> created"
305 fi
306
307 for i in $(seq -w 1 10); do
308 if id "guixbuilder${i}" &>/dev/null; then
309 _msg "${INF}user is already in the system, reset"
310 usermod -g guixbuild -G guixbuild \
311 -d /var/empty -s "$(which nologin)" \
312 -c "Guix build user $i" \
313 "guixbuilder${i}";
314 else
315 useradd -g guixbuild -G guixbuild \
316 -d /var/empty -s "$(which nologin)" \
317 -c "Guix build user $i" --system \
318 "guixbuilder${i}";
319 _msg "${PAS}user added <guixbuilder${i}>"
320 fi
321 done
322 }
323
324 sys_enable_guix_daemon()
325 { # Run the daemon, and set it to automatically start on boot.
326
327 local info_path
328 local local_bin
329 local var_guix
330
331 _debug "--- [ $FUNCNAME ] ---"
332
333 info_path="/usr/local/share/info"
334 local_bin="/usr/local/bin"
335 var_guix="/var/guix/profiles/per-user/root/current-guix"
336
337 case "$INIT_SYS" in
338 upstart)
339 { initctl reload-configuration;
340 cp "${ROOT_HOME}/.config/guix/current/lib/upstart/system/guix-daemon.conf" \
341 /etc/init/ &&
342 start guix-daemon; } &&
343 _msg "${PAS}enabled Guix daemon via upstart"
344 ;;
345 systemd)
346 { # systemd .mount units must be named after the target directory.
347 # Here we assume a hard-coded name of /gnu/store.
348 # XXX Work around <https://issues.guix.gnu.org/41356> until next release.
349 if [ -f "${ROOT_HOME}/.config/guix/current/lib/systemd/system/gnu-store.mount" ]; then
350 cp "${ROOT_HOME}/.config/guix/current/lib/systemd/system/gnu-store.mount" \
351 /etc/systemd/system/;
352 chmod 664 /etc/systemd/system/gnu-store.mount;
353 systemctl daemon-reload &&
354 systemctl enable gnu-store.mount;
355 fi
356
357 cp "${ROOT_HOME}/.config/guix/current/lib/systemd/system/guix-daemon.service" \
358 /etc/systemd/system/;
359 chmod 664 /etc/systemd/system/guix-daemon.service;
360
361 # Work around <https://bugs.gnu.org/36074>, present in 1.0.1.
362 sed -i /etc/systemd/system/guix-daemon.service \
363 -e "s/GUIX_LOCPATH='/'GUIX_LOCPATH=/";
364
365 # Work around <https://bugs.gnu.org/35671>, present in 1.0.1.
366 if ! grep en_US /etc/systemd/system/guix-daemon.service >/dev/null;
367 then sed -i /etc/systemd/system/guix-daemon.service \
368 -e 's/^Environment=\(.*\)$/Environment=\1 LC_ALL=en_US.UTF-8';
369 fi;
370
371 systemctl daemon-reload &&
372 systemctl enable guix-daemon &&
373 systemctl start guix-daemon; } &&
374 _msg "${PAS}enabled Guix daemon via systemd"
375 ;;
376 sysv-init)
377 { mkdir -p /etc/init.d;
378 cp "${ROOT_HOME}/.config/guix/current/etc/init.d/guix-daemon" \
379 /etc/init.d/guix-daemon;
380 chmod 775 /etc/init.d/guix-daemon;
381
382 update-rc.d guix-daemon defaults &&
383 update-rc.d guix-daemon enable &&
384 service guix-daemon start; } &&
385 _msg "${PAS}enabled Guix daemon via sysv"
386 ;;
387 NA|*)
388 _msg "${ERR}unsupported init system; run the daemon manually:"
389 echo " ${ROOT_HOME}/.config/guix/current/bin/guix-daemon --build-users-group=guixbuild"
390 ;;
391 esac
392
393 _msg "${INF}making the guix command available to other users"
394
395 [ -e "$local_bin" ] || mkdir -p "$local_bin"
396 ln -sf "${var_guix}/bin/guix" "$local_bin"
397
398 [ -e "$info_path" ] || mkdir -p "$info_path"
399 for i in ${var_guix}/share/info/*; do
400 ln -sf "$i" "$info_path"
401 done
402 }
403
404 sys_authorize_build_farms()
405 { # authorize the public key of the build farm
406 while true; do
407 read -p "Permit downloading pre-built package binaries from the project's build farm? (yes/no) " yn
408 case $yn in
409 [Yy]*) guix archive --authorize < "${ROOT_HOME}/.config/guix/current/share/guix/ci.guix.gnu.org.pub" &&
410 _msg "${PAS}Authorized public key for ci.guix.gnu.org";
411 break;;
412 [Nn]*) _msg "${INF}Skipped authorizing build farm public keys"
413 break;;
414 *) _msg "Please answer yes or no.";
415 esac
416 done
417 }
418
419 sys_create_init_profile()
420 { # Create /etc/profile.d/guix.sh for better desktop integration
421 # This will not take effect until the next shell or desktop session!
422 [ -d "/etc/profile.d" ] || mkdir /etc/profile.d # Just in case
423 cat <<"EOF" > /etc/profile.d/guix.sh
424 # _GUIX_PROFILE: `guix pull` profile
425 _GUIX_PROFILE="$HOME/.config/guix/current"
426 if [ -L $_GUIX_PROFILE ]; then
427 export PATH="$_GUIX_PROFILE/bin${PATH:+:}$PATH"
428 # Export INFOPATH so that the updated info pages can be found
429 # and read by both /usr/bin/info and/or $GUIX_PROFILE/bin/info
430 # When INFOPATH is unset, add a trailing colon so that Emacs
431 # searches 'Info-default-directory-list'.
432 export INFOPATH="$_GUIX_PROFILE/share/info:$INFOPATH"
433 fi
434
435 # GUIX_PROFILE: User's default profile
436 GUIX_PROFILE="$HOME/.guix-profile"
437 [ -L $GUIX_PROFILE ] || return
438 GUIX_LOCPATH="$GUIX_PROFILE/lib/locale"
439 export GUIX_PROFILE GUIX_LOCPATH
440
441 [ -f "$GUIX_PROFILE/etc/profile" ] && . "$GUIX_PROFILE/etc/profile"
442
443 # set XDG_DATA_DIRS to include Guix installations
444 export XDG_DATA_DIRS="$GUIX_PROFILE/share:${XDG_DATA_DIRS:-/usr/local/share/:/usr/share/}"
445 EOF
446 }
447
448 welcome()
449 {
450 cat<<"EOF"
451 ░░░ ░░░
452 ░░▒▒░░░░░░░░░ ░░░░░░░░░▒▒░░
453 ░░▒▒▒▒▒░░░░░░░ ░░░░░░░▒▒▒▒▒░
454 ░▒▒▒░░▒▒▒▒▒ ░░░░░░░▒▒░
455 ░▒▒▒▒░ ░░░░░░
456 ▒▒▒▒▒ ░░░░░░
457 ▒▒▒▒▒ ░░░░░
458 ░▒▒▒▒▒ ░░░░░
459 ▒▒▒▒▒ ░░░░░
460 ▒▒▒▒▒ ░░░░░
461 ░▒▒▒▒▒░░░░░
462 ▒▒▒▒▒▒░░░
463 ▒▒▒▒▒▒░
464 _____ _ _ _ _ _____ _
465 / ____| \ | | | | | / ____| (_)
466 | | __| \| | | | | | | __ _ _ ___ __
467 | | |_ | . ' | | | | | | |_ | | | | \ \/ /
468 | |__| | |\ | |__| | | |__| | |_| | |> <
469 \_____|_| \_|\____/ \_____|\__,_|_/_/\_\
470
471 This script installs GNU Guix on your system
472
473 https://www.gnu.org/software/guix/
474 EOF
475 echo -n "Press return to continue..."
476 read -r ANSWER
477 }
478
479 main()
480 {
481 local tmp_path
482 welcome
483
484 _msg "Starting installation ($(date))"
485
486 chk_term
487 chk_require "${REQUIRE[@]}"
488 chk_gpg_keyring
489 chk_init_sys
490 chk_sys_arch
491
492 _msg "${INF}system is ${ARCH_OS}"
493
494 umask 0022
495 tmp_path="$(mktemp -t -d guix.XXX)"
496
497 guix_get_bin_list "${GNU_URL}"
498 guix_get_bin "${GNU_URL}" "${BIN_VER}" "$tmp_path"
499
500 sys_create_store "${BIN_VER}.tar.xz" "${tmp_path}"
501 sys_create_build_user
502 sys_enable_guix_daemon
503 sys_authorize_build_farms
504 sys_create_init_profile
505
506 _msg "${INF}cleaning up ${tmp_path}"
507 rm -r "${tmp_path}"
508
509 _msg "${PAS}Guix has successfully been installed!"
510 _msg "${INF}Run 'info guix' to read the manual."
511
512 # Required to source /etc/profile in desktop environments.
513 _msg "${INF}Please log out and back in to complete the installation."
514 }
515
516 main "$@"
jackhill's copy of GNU Guix: https://guix.gnu.org/