* What, where and how The system definition relies on some private Guix modifications you can find [[https://git.koszko.org/guix/][here]]. The VM preparation commands below expect some files to already exist in project's directory - =fullchain.pem= - certificate chain - =privkey.pem= - its private key - =owner.pub= - SSH public key to set up SSH root access to the VM #+begin_src shell-script # guix shell qemu-minimal parted qemu-img create -f qcow2 vm.qcow2 100G sudo modprobe nbd max_part=63 sudo qemu-nbd -n -c /dev/nbd0 vm.qcow2 sudo parted --script /dev/nbd0 mktable msdos sudo parted --script /dev/nbd0 mkpart primary 0% 100% sudo mkfs.ext4 -L ctftilde-root /dev/nbd0p1 sudo tune2fs -O ^metadata_csum_seed /dev/nbd0p1 sudo mount /dev/nbd0p1 /mnt sudo sh -c "CTFTILDE_DISK_DEV=/dev/nbd0 guix system init vm.scm /mnt/" sudo mkdir -p /mnt/etc/cert-ctftilde sudo cp fullchain.pem privkey.pem /mnt/etc/cert-ctftilde/ sudo umount /mnt sudo qemu-nbd -d /dev/nbd0 # Verification that `guix deploy` works, optional. HOSTFWD= for VM_PORT in 22 80 443 1965 20030; do HOSTFWD="$HOSTFWD,hostfwd=tcp::$VM_PORT-:$VM_PORT" done for VM_PORT in 20030; do HOSTFWD="$HOSTFWD,hostfwd=udp::$VM_PORT-:$VM_PORT" done sudo qemu-system-x86_64 -net nic,model=rtl8139 -net user"$HOSTFWD" \ -m 2G -hda vm.qcow2 -nographic -enable-kvm ssh-keygen -R localhost VM_SSH_HOST_KEY="$(ssh root@localhost 'awk "{print \$1 \" \" \$2}" /etc/ssh/ssh_host_ed25519_key.pub')" sed -i "s|ssh-ed25519 [^\"]\+|$VM_SSH_HOST_KEY|" vm-deploy.scm guix deploy vm-deploy.scm #+end_src Some work is then needed to manually create Abdul's user account and copy the relevant files (no automation, unfortunately). The HTML version of Abdul's blog has been generated from Gemtext version using a modifier variant of =convert_gemtext_file.py= from [[https://raw.githubusercontent.com/huntingb/gemtext-html-converter][here]]. The modified variant is unfortunately not included here (because GPL requires documenting what exactly got changed and I am too lazy). * Copying Unless specified otherwise, files were authored by Wojtek Kosior and are available under the terms of CC0-1.0.