Try Guix System in QEMU Within Emacs

2024-10-24
Forward links: related:Emacs related:Guix under:Blog Backward links:

Prepare the host system

First makes sure KVM is turned on in BIOS. And check the kernel.

See the info page guix#Installing Guix in a VM. 

qemu-img create -o nocow=on -f qcow2 guix.cow 50G

To use UEFI, on my host (Arch) I have to install edk2-ovmf and copy /usr/share/edk2/x64/OVMF_VARS.4m.fd to the local directory. 

qemu-system-x86_64 -m 4096 -smp 1 -enable-kvm \
                   -nic user,model=virtio-net-pci,hostfwd=tcp::2222-:22 -boot menu=on,order=d \
                   -drive file=guix.cow \
                   -drive media=cdrom,readonly=on,file=guix-system-install-latest.x86_64-linux.iso \
                   -drive if=pflash,format=raw,readonly=on,file=/usr/share/edk2/x64/OVMF_CODE.4m.fd \
                   -drive if=pflash,format=raw,file=OVMF_VARS.4m.fd \
                   -vga virtio

Fix the screen

If you notice that the screen is either too small or containing unreadable garbage, -vga virtio is needed for UEFI in QEMU. See (ju2wheels 2023)

Manual installation

See the info page guix#Manual Installation.

In the client 

herd start ssh-daemon

Remember to set root's password first, with passwd.

We can then ssh into it with 

ssh root@127.0.0.1 -p 2222

In the client, we can look up the host address by 

ip --color neighbor

Then if the host is running a proxy, we can for example 

herd set-http-proxy guix-daemon http://10.0.2.2:6666

Partitions and Formatting

I just use cfdisk. After that

Btrfs on LUKS set up

mkfs.fat -F32 /dev/sda1
cryptsetup luksFormat --type luks2 --pbkdf pbkdf2 /dev/sda2
cryptsetup open /dev/sda2 crypt
mkfs.btrfs -L cryptbtrfs --csum xxhash /dev/mapper/crypt

Now create the btrfs subvolumes. 

mount LABEL=cryptbtrfs -o noatime,compress=zstd /mnt
btrfs subvolume create /mnt/@
btrfs subvolume create /mnt/@log
btrfs subvolume create /mnt/@cache
btrfs subvolume create /mnt/@tmp
btrfs subvolume create /mnt/@swap
btrfs subvolume create /mnt/@home
btrfs subvolume create /mnt/@documents
btrfs subvolume create /mnt/@videos
btrfs subvolume create /mnt/@music
umount /mnt

After that, we can do the actual mount: 

mount LABEL=cryptbtrfs -o noatime,compress=zstd,subvol=@ /mnt
mkdir /mnt/swap
mount LABEL=cryptbtrfs -o noatime,compress=zstd,subvol=@swap /mnt/swap
mkdir /mnt/home
mount LABEL=cryptbtrfs -o noatime,compress=zstd,subvol=@home /mnt/home
mkdir -p /mnt/var/log
mount LABEL=cryptbtrfs -o noatime,compress=zstd,subvol=@log /mnt/var/log
mkdir -p /mnt/var/cache
mount LABEL=cryptbtrfs -o noatime,compress=zstd,subvol=@cache /mnt/var/cache
mkdir -p /mnt/var/tmp
mount LABEL=cryptbtrfs -o noatime,compress=zstd,subvol=@tmp /mnt/var/tmp
mkdir /mnt/tmp
mount -t tmpfs -o remount,nosuid,nodev,size=80% tmpfs /mnt/tmp
mkdir /mnt/efi
mount /dev/sda1 /mnt/efi

To get the crypto device UUID and FAT32 UUID, run 

lsblk -fs

As a side note, note that noatime (and other generic options i.e. not file-system-specific) cannot be used in rootflags, see (Grodriguez 2014).

Also note that if you want to use --csum xxhash too, remember to put 

(initrd-modules (append
                 (list "xxhash" "xxhash_generic")
                 %base-initrd-modules))

In your config.scm. This is very important as the kernel used by initramfs needs that to mount a root Btrfs partition with xxhash as the check sum. See (Reddit 2023).

The benchmark and pros and cons of the check sum algorithms can be found at (BTRFSDocumentation 2024).

Installation

herd start cow-store /mnt
mkdir /mnt/etc
cp /etc/configuration/lightweight-desktop.scm /mnt/etc/config.scm
chmod +w /mnt/etc/config.scm

We can edit it with find-file, /ssh:root@127.0.0.1#2222:/mnt/etc/config.scm

Finally, probably run with a --substitute-urls 

guix system init /mnt/etc/config.scm /mnt

Then reboot.

Running

qemu-system-x86_64 \
    -enable-kvm -m 4096 -smp 1 \
    -nic user,model=virtio-net-pci,hostfwd=tcp::2222-:22 \
    -device virtio-blk,drive=myhd \
    -drive if=none,file=guix.cow,id=myhd \
    -drive if=pflash,format=raw,readonly=on,file=/usr/share/edk2/x64/OVMF_CODE.4m.fd \
    -drive if=pflash,format=raw,file=OVMF_VARS.4m.fd \
    -vga virtio

After the system is boot and sshd is working, we can view edit the system config at /ssh:user@127.0.0.1#2222|sudo:root@127.0.0.1#2222:/etc/config.scm

Note that Emacs 27's sudo:: shortcut does not work with 127.0.0.1#2222, as the port number is dropped. I might send an issue addressing this later.

Reference

BTRFSDocumentation. 2024. “Btrfs Features: Checksumming.” 2024. https://btrfs.readthedocs.io/en/latest/Checksumming.html.
Grodriguez. 2014. “Kernel Panic When Passing Noatime in Bootargs.” May 19, 2014. https://unix.stackexchange.com/questions/130966/kernel-panic-when-passing-noatime-in-bootargs.
ju2wheels. 2023. “Server Install Screen Is Garbled When Using Qemu.” April 13, 2023. https://ubuntuforums.org/showthread.php?t=2485910.
Reddit. 2023. “Installing Debian with Xxhash.” October 31, 2023. https://old.reddit.com/r/btrfs/comments/17ksj0w/installing_debian_with_xxhash/.