Re: Network with QEMU generated image (guix system vm)?

[Jan Nieuwenhuizen]

ng0 writes:

> For a considerable long time and countless tries, that's why I'm asking
> about any way to do this as it just does not work. Just about anything
> which would work on GuixSD from a git checkout of guix.git is welcome.

Find attached my ssh/lsh-seed hack to allow unattended entry into a vm
and a minimal vm description.

Here's what I did

    19:18:45 address@hidden:~/src/guix 
    $ guix system vm os.scm
    /gnu/store/4rqrzxz8amzq7j599sfr2vsbwy01fx04-run-vm.sh -net 
user,hostfwd=tcp::2223-:2222&
    19:19:37 address@hidden:~/src/guix 
    $ ssh-keygen -f "$HOME/.ssh/known_hosts" -R [localhost]:2223
    [wait]
    19:19:40 address@hidden:~/src/guix 
    $ ssh localhost -p 2223
    .. RET RET
    address@hidden ~$ GIT_SSL_NO_VERIFY=1 git clone 
https://gitlab.com/janneke/mes.git
    Cloning into 'mes'...
    remote: Counting objects: 969, done.        
    remote: Compressing objects: 100% (348/348), done.        
    remote: Total 969 (delta 654), reused 886 (delta 610)        
    Receiving objects: 100% (969/969), 316.35 KiB | 0 bytes/s, done.
    Resolving deltas: 100% (654/654), done.

What I don't understand: sometimes the clone works instantly, sometimes
I need to "wait a bit" until cloning or `ping gitlab.com' works.  It
seemed to be always immediately available when I added the mcron and
rottlog test services, which confuses me even more.  Might just be
coincidence.

Greetings,
Jan

>From 8c8687407057ca9caa123905f7ca2e3feeffa203 Mon Sep 17 00:00:00 2001
From: Jan Nieuwenhuizen <address@hidden>
Date: Thu, 8 Sep 2016 14:09:28 +0200
Subject: [PATCH] gnu: Add lsh-seed, lsh-service: use it.

---
 gnu/packages/ssh.scm | 26 ++++++++++++++++++++++++++
 gnu/services/ssh.scm |  7 +++++++
 2 files changed, 33 insertions(+)

diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index b2612a4..5255848 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -517,3 +517,29 @@ manipulating key files.")
 authentication with SSH's so-called @dfn{interactive keyboard password
 authentication}.")
     (license license:gpl2+)))
+
+(use-modules (guix build-system trivial))
+(define-public lsh-seed
+  (package
+    (name "lsh-seed")
+    (version "0")
+    (source #f)
+    (build-system trivial-build-system)
+    (arguments
+     '(#:modules ((guix build utils))
+       #:builder
+       (begin
+         (use-modules (guix build utils))
+         (let* ((source (assoc-ref %build-inputs "source"))
+                (out (assoc-ref %outputs "out"))
+                (etc (string-append out "/etc"))
+                (seed (string-append etc "/lsh-seed")))
+           (mkdir-p etc)
+           (with-output-to-file seed
+             (lambda () (display "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")))
+           (chmod seed #o400)
+           #t))))
+    (home-page "http://localhost";)
+    (synopsis "lsh-seed")
+    (description "lsh-seed")
+    (license license:gpl3+)))
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 462988c..96ba3d7 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -68,6 +68,13 @@
 (define (lsh-initialization lsh host-key)
   "Return the gexp to initialize the LSH service for HOST-KEY."
   #~(begin
+
+      (unless (file-exists? #$%yarrow-seed)
+        (when (file-exists? #$lsh-seed)
+          (mkdir-p (dirname #$%yarrow-seed))
+          (copy-file (string-append #$lsh-seed "/etc/lsh-seed") #$%yarrow-seed)
+          (chmod #$%yarrow-seed #o400)))
+
       (unless (file-exists? #$%yarrow-seed)
         (system* (string-append #$lsh "/bin/lsh-make-seed")
                  "--sloppy" "-o" #$%yarrow-seed))
-- 
2.9.3

os.scm
Description: Binary data

-- 
Jan Nieuwenhuizen <address@hidden> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar®  http://AvatarAcademy.nl