amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

guix-install.sh: Please the shellcheck linter.

Browse source 
* etc/guix-install.sh <FUNCNAME>: Explicitly refer to the first item of the
FUNCNAME array.
(ROOT_HOME): Replace variable by ~root directly; manually expanding it via
echo was not necessary.
(chk_gpg_keyring): Use an if branch for the exit to avoid a warning about
expression precedence.
(chk_term) <ansi_term>: Remove unused variable.
(guix_get_bin) <wget, gpg>: Test the commands directly.  Use an array for the
wget arguments, which can then be properly expanded.
(sys_create_store): Disable SC1090 for the source command, as we don't care
about following the sourced script.
<_msg>: Reuse the GUIX_PROFILE variable in the message.
(sys_create_build_user) <getent>: Test the command directly.
This commit is contained in:
Maxim Cournoyer 2021-05-04 17:05:43 -04:00
parent af66a9510f
commit e61fe664a4
No known key found for this signature in database
GPG key ID: 1260E46482E63562
1 changed files with 37 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

79
etc/guix-install.sh
View file

@ -9,6 +9,7 @@
# Copyright © 2020 Daniel Brooks <db48x@db48x.net> # Copyright © 2020 Daniel Brooks <db48x@db48x.net>
# Copyright © 2021 Jakub Kądziołka <kuba@kadziolka.net> # Copyright © 2021 Jakub Kądziołka <kuba@kadziolka.net>
# Copyright © 2021 Chris Marusich <cmmarusich@gmail.com> # Copyright © 2021 Chris Marusich <cmmarusich@gmail.com>
# Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
# #
# This file is part of GNU Guix. # This file is part of GNU Guix.
# #
@ -71,11 +72,6 @@ declare -A GPG_SIGNING_KEYS
GPG_SIGNING_KEYS[15145]=3CE464558A84FDC69DB40CFB090B11993D9AEBB5 # ludo GPG_SIGNING_KEYS[15145]=3CE464558A84FDC69DB40CFB090B11993D9AEBB5 # ludo
GPG_SIGNING_KEYS[127547]=27D586A4F8900854329FF09F1260E46482E63562 # maxim GPG_SIGNING_KEYS[127547]=27D586A4F8900854329FF09F1260E46482E63562 # maxim
# This script needs to know where root's home directory is. However, we
# cannot simply use the HOME environment variable, since there is no guarantee
# that it points to root's home directory.
ROOT_HOME="$(echo ~root)"
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
#+UTILITIES #+UTILITIES
@ -102,7 +98,7 @@ chk_require()
declare -a warn declare -a warn
local c local c
_debug "--- [ $FUNCNAME ] ---" _debug "--- [ ${FUNCNAME[0]} ] ---"
for c in "$@"; do for c in "$@"; do
command -v "$c" &>/dev/null || warn+=("$c") command -v "$c" &>/dev/null || warn+=("$c")
@ -117,7 +113,7 @@ chk_require()
chk_gpg_keyring() chk_gpg_keyring()
{ # Check whether the Guix release signing public key is present. { # Check whether the Guix release signing public key is present.
_debug "--- [ $FUNCNAME ] ---" _debug "--- [ ${FUNCNAME[0]} ] ---"
local user_id local user_id
local gpg_key_id local gpg_key_id
local exit_flag local exit_flag
@ -132,21 +128,19 @@ chk_gpg_keyring()
exit_flag=yes exit_flag=yes
fi fi
done done
test "$exit_flag" = yes && exit 1 || true if [ "$exit_flag" = yes ]; then
exit 1
fi
} }
chk_term() chk_term()
{ # Check for ANSI terminal for color printing. { # Check for ANSI terminal for color printing.
local ansi_term
if [ -t 2 ]; then if [ -t 2 ]; then
if [ "${TERM+set}" = 'set' ]; then if [ "${TERM+set}" = 'set' ]; then
case "$TERM" in case "$TERM" in
xterm*|rxvt*|urxvt*|linux*|vt*|eterm*|screen*) xterm*|rxvt*|urxvt*|linux*|vt*|eterm*|screen*)
ansi_term=true
;; ;;
*) *)
ansi_term=false
ERR="[ FAIL ] " ERR="[ FAIL ] "
PAS="[ PASS ] " PAS="[ PASS ] "
;; ;;
@ -243,7 +237,7 @@ guix_get_bin_list()
local latest_ver local latest_ver
local default_ver local default_ver
_debug "--- [ $FUNCNAME ] ---" _debug "--- [ ${FUNCNAME[0]} ] ---"
# Filter only version and architecture # Filter only version and architecture
bin_ver_ls=("$(wget -qO- "$gnu_url" \ bin_ver_ls=("$(wget -qO- "$gnu_url" \
@ -272,25 +266,25 @@ guix_get_bin()
local url="$1" local url="$1"
local bin_ver="$2" local bin_ver="$2"
local dl_path="$3" local dl_path="$3"
local wget_args=()
_debug "--- [ $FUNCNAME ] ---" _debug "--- [ ${FUNCNAME[0]} ] ---"
_msg "${INF}Downloading Guix release archive" _msg "${INF}Downloading Guix release archive"
wget --help | grep -q '\--show-progress' && \ wget --help | grep -q '\--show-progress' \
_PROGRESS_OPT="-q --show-progress" || _PROGRESS_OPT="" && wget_args=("-q" "--show-progress")
wget $_PROGRESS_OPT -P "$dl_path" "${url}/${bin_ver}.tar.xz" "${url}/${bin_ver}.tar.xz.sig"
if [[ "$?" -eq 0 ]]; then if wget "${wget_args[@]}" -P "$dl_path" \
_msg "${PAS}download completed." "${url}/${bin_ver}.tar.xz" "${url}/${bin_ver}.tar.xz.sig"; then
_msg "${PAS}download completed."
else else
_err "${ERR}could not download ${url}/${bin_ver}.tar.xz." _err "${ERR}could not download ${url}/${bin_ver}.tar.xz."
exit 1 exit 1
fi fi
pushd "${dl_path}" >/dev/null pushd "${dl_path}" >/dev/null
gpg --verify "${bin_ver}.tar.xz.sig" >/dev/null 2>&1 if gpg --verify "${bin_ver}.tar.xz.sig" >/dev/null 2>&1; then
if [[ "$?" -eq 0 ]]; then
_msg "${PAS}Signature is valid." _msg "${PAS}Signature is valid."
popd >/dev/null popd >/dev/null
else else
@ -304,7 +298,7 @@ sys_create_store()
local pkg="$1" local pkg="$1"
local tmp_path="$2" local tmp_path="$2"
_debug "--- [ $FUNCNAME ] ---" _debug "--- [ ${FUNCNAME[0]} ] ---"
cd "$tmp_path" cd "$tmp_path"
tar --extract \ tar --extract \
@ -321,28 +315,29 @@ sys_create_store()
fi fi
_msg "${INF}Linking the root user's profile" _msg "${INF}Linking the root user's profile"
mkdir -p "${ROOT_HOME}/.config/guix" mkdir -p "~root/.config/guix"
ln -sf /var/guix/profiles/per-user/root/current-guix \ ln -sf /var/guix/profiles/per-user/root/current-guix \
"${ROOT_HOME}/.config/guix/current" "~root/.config/guix/current"
GUIX_PROFILE="${ROOT_HOME}/.config/guix/current" GUIX_PROFILE="~root/.config/guix/current"
# shellcheck disable=SC1090
source "${GUIX_PROFILE}/etc/profile" source "${GUIX_PROFILE}/etc/profile"
_msg "${PAS}activated root profile at ${ROOT_HOME}/.config/guix/current" _msg "${PAS}activated root profile at ${GUIX_PROFILE}"
} }
sys_create_build_user() sys_create_build_user()
{ # Create the group and user accounts for build users. { # Create the group and user accounts for build users.
_debug "--- [ $FUNCNAME ] ---" _debug "--- [ ${FUNCNAME[0]} ] ---"
if [ $(getent group guixbuild) ]; then if getent group guixbuild > /dev/null; then
_msg "${INF}group guixbuild exists" _msg "${INF}group guixbuild exists"
else else
groupadd --system guixbuild groupadd --system guixbuild
_msg "${PAS}group <guixbuild> created" _msg "${PAS}group <guixbuild> created"
fi fi
if [ $(getent group kvm) ]; then if getent group kvm > /dev/null; then
_msg "${INF}group kvm exists and build users will be added to it" _msg "${INF}group kvm exists and build users will be added to it"
local KVMGROUP=,kvm local KVMGROUP=,kvm
fi fi
@ -371,7 +366,7 @@ sys_enable_guix_daemon()
local local_bin local local_bin
local var_guix local var_guix
_debug "--- [ $FUNCNAME ] ---" _debug "--- [ ${FUNCNAME[0]} ] ---"
info_path="/usr/local/share/info" info_path="/usr/local/share/info"
local_bin="/usr/local/bin" local_bin="/usr/local/bin"
@ -380,7 +375,7 @@ sys_enable_guix_daemon()
case "$INIT_SYS" in case "$INIT_SYS" in
upstart) upstart)
{ initctl reload-configuration; { initctl reload-configuration;
cp "${ROOT_HOME}/.config/guix/current/lib/upstart/system/guix-daemon.conf" \ cp "~root/.config/guix/current/lib/upstart/system/guix-daemon.conf" \
/etc/init/ && /etc/init/ &&
start guix-daemon; } && start guix-daemon; } &&
_msg "${PAS}enabled Guix daemon via upstart" _msg "${PAS}enabled Guix daemon via upstart"
@ -389,15 +384,15 @@ sys_enable_guix_daemon()
{ # systemd .mount units must be named after the target directory. { # systemd .mount units must be named after the target directory.
# Here we assume a hard-coded name of /gnu/store. # Here we assume a hard-coded name of /gnu/store.
# XXX Work around <https://issues.guix.gnu.org/41356> until next release. # XXX Work around <https://issues.guix.gnu.org/41356> until next release.
if [ -f "${ROOT_HOME}/.config/guix/current/lib/systemd/system/gnu-store.mount" ]; then if [ -f "~root/.config/guix/current/lib/systemd/system/gnu-store.mount" ]; then
cp "${ROOT_HOME}/.config/guix/current/lib/systemd/system/gnu-store.mount" \ cp "~root/.config/guix/current/lib/systemd/system/gnu-store.mount" \
/etc/systemd/system/; /etc/systemd/system/;
chmod 664 /etc/systemd/system/gnu-store.mount; chmod 664 /etc/systemd/system/gnu-store.mount;
systemctl daemon-reload && systemctl daemon-reload &&
systemctl enable gnu-store.mount; systemctl enable gnu-store.mount;
fi fi
cp "${ROOT_HOME}/.config/guix/current/lib/systemd/system/guix-daemon.service" \ cp "~root/.config/guix/current/lib/systemd/system/guix-daemon.service" \
/etc/systemd/system/; /etc/systemd/system/;
chmod 664 /etc/systemd/system/guix-daemon.service; chmod 664 /etc/systemd/system/guix-daemon.service;
@ -418,7 +413,7 @@ sys_enable_guix_daemon()
;; ;;
sysv-init) sysv-init)
{ mkdir -p /etc/init.d; { mkdir -p /etc/init.d;
cp "${ROOT_HOME}/.config/guix/current/etc/init.d/guix-daemon" \ cp "~root/.config/guix/current/etc/init.d/guix-daemon" \
/etc/init.d/guix-daemon; /etc/init.d/guix-daemon;
chmod 775 /etc/init.d/guix-daemon; chmod 775 /etc/init.d/guix-daemon;
@ -429,7 +424,7 @@ sys_enable_guix_daemon()
;; ;;
openrc) openrc)
{ mkdir -p /etc/init.d; { mkdir -p /etc/init.d;
cp "${ROOT_HOME}/.config/guix/current/etc/openrc/guix-daemon" \ cp "~root/.config/guix/current/etc/openrc/guix-daemon" \
/etc/init.d/guix-daemon; /etc/init.d/guix-daemon;
chmod 775 /etc/init.d/guix-daemon; chmod 775 /etc/init.d/guix-daemon;
@ -439,7 +434,7 @@ sys_enable_guix_daemon()
;; ;;
NA|*) NA|*)
_msg "${ERR}unsupported init system; run the daemon manually:" _msg "${ERR}unsupported init system; run the daemon manually:"
echo " ${ROOT_HOME}/.config/guix/current/bin/guix-daemon --build-users-group=guixbuild" echo " ~root/.config/guix/current/bin/guix-daemon --build-users-group=guixbuild"
;; ;;
esac esac
@ -457,9 +452,9 @@ sys_enable_guix_daemon()
sys_authorize_build_farms() sys_authorize_build_farms()
{ # authorize the public key of the build farm { # authorize the public key of the build farm
while true; do while true; do
read -p "Permit downloading pre-built package binaries from the project's build farm? (yes/no) " yn read -rp "Permit downloading pre-built package binaries from the project's build farm? (yes/no) " yn
case $yn in case $yn in
[Yy]*) guix archive --authorize < "${ROOT_HOME}/.config/guix/current/share/guix/ci.guix.gnu.org.pub" && [Yy]*) guix archive --authorize < "~root/.config/guix/current/share/guix/ci.guix.gnu.org.pub" &&
_msg "${PAS}Authorized public key for ci.guix.gnu.org"; _msg "${PAS}Authorized public key for ci.guix.gnu.org";
break;; break;;
[Nn]*) _msg "${INF}Skipped authorizing build farm public keys" [Nn]*) _msg "${INF}Skipped authorizing build farm public keys"
@ -470,7 +465,7 @@ sys_authorize_build_farms()
} }
sys_create_init_profile() sys_create_init_profile()
{ # Create /etc/profile.d/guix.sh for better desktop integration { # Define for better desktop integration
# This will not take effect until the next shell or desktop session! # This will not take effect until the next shell or desktop session!
[ -d "/etc/profile.d" ] || mkdir /etc/profile.d # Just in case [ -d "/etc/profile.d" ] || mkdir /etc/profile.d # Just in case
cat <<"EOF" > /etc/profile.d/guix.sh cat <<"EOF" > /etc/profile.d/guix.sh
@ -544,7 +539,7 @@ This script installs GNU Guix on your system
https://www.gnu.org/software/guix/ https://www.gnu.org/software/guix/
EOF EOF
echo -n "Press return to continue..." echo -n "Press return to continue..."
read -r ANSWER read -r
} }
main() main()
@ -574,7 +569,7 @@ main()
if ! [[ $GUIX_BINARY_FILE_NAME =~ $ARCH_OS ]]; then if ! [[ $GUIX_BINARY_FILE_NAME =~ $ARCH_OS ]]; then
_err "$ARCH_OS not in ${GUIX_BINARY_FILE_NAME}; aborting" _err "$ARCH_OS not in ${GUIX_BINARY_FILE_NAME}; aborting"
fi fi
_msg "Using manually provided binary ${GUIX_BINARY_FILE_NAME}" _msg "${INF}Using manually provided binary ${GUIX_BINARY_FILE_NAME}"
GUIX_BINARY_FILE_NAME=$(realpath "$GUIX_BINARY_FILE_NAME") GUIX_BINARY_FILE_NAME=$(realpath "$GUIX_BINARY_FILE_NAME")
fi fi