Previously I wrote about how using GNU Guix in an HPC environment enables easy software deployment for multiple users with different needs when it comes to application and library versions. Although Guix comes with an excellent manual which is also available online, some people may want to have just some simple installation instructions in one place and some pointers to get started. I’m attempting to provide just that with this article.
While Guix can be built from source it is much more convenient to use the self-contained tarball which provides pre-built binaries for Guix and all its dependencies. You need to have GNU tar and xz installed to unpack the tarball. Note that the tarball will only work on GNU/Linux systems; it will not work on MacOS.
Guix needs a little bit of setting up, which can be done in just a couple of steps.
For your own sake you really should also download the matching
cryptographic signature file (they all have the same name as the
archive you downloaded, but end on
.sig) to ensure that
the tarballs are signed by release managers. Releases up to now
were signed by Ludovic Courtès. I suggest you fetch both Ludo's and my own
PGP key from PGP key servers, for example by doing this:
# gpg2 --recv-keys 090b11993d9aebb5 197a5888235facac
You only need to do this once. With these keys you can now check that the file you downloaded is in fact legit. To verify that the file is indeed signed by the release manager and the signature is valid following command in the same directory that holds the tarball and the signature file:
# gpg2 --verify guix-binary-0.9.0.x86_64-linux.tar.xz.sig
If you see something like “Good signature from "Ludovic Courtès <email@example.com>” you’re safe (according to your trust in the keys you downloaded).
Second, unpack the archive as root in the root directory:
# cd / # tar xf guix-binary-0.9.0.SYSTEM.tar.xz
This creates a pre-populated store at
(containing the “guix” package and the complete dependency graph),
the local state directory
/var/guix, and a Guix
profile for the root user at
contains the guix command line tools and the daemon.
Third, create a build user pool, as root:
# groupadd --system guix-builder # for i in `seq 1 10`; do useradd -g guix-builder -G guix-builder -d /var/empty -s `which nologin` -c "Guix build user $i" --system guix-builder$i; done
These are the restricted user accounts which are used by the daemon to build software in a controlled environment. You may not need ten, but it’s a good default.
Fourth, run the daemon and tell it about the
# /root/.guix-profile/bin/guix-daemon --build-users-group=guix-builder
Note that this is a server process, so it will never return. I
suggest turning this into a system service and keep it running in
the background at all times. The archive unpacks a Systemd
service file to
which you can just copy to
the following commands to start and enable the service:
# systemctl daemon-reload # systemctl enable guix-daemon # systemctl start guix-daemon
The daemon is responsible to handle build requests from users, so it is essential that it keeps running.
Since building all software locally can take a very long time, the GNU Guix build farm hydra.gnu.org is by default authorised as a source for so-called binary substitutes.
Note that hydra.gnu.org isn’t at all special. Packages are built there continuously from source. Guix is flexible and can pull binary substitutes from other locations as long as you authorise them. Check the Guix Info manual for more information about substitutes.
Fifth, make the
guix command available to other users
on the machine by linking it to a location everyone can access,
# mkdir -p /usr/local/bin # cd /usr/local/bin # ln -s /root/.guix-profile/bin/guix
Now any user—not just the almighty root—can install software by
guix package -i whatever. Yay!
Congratulations! You now have a fully functional installation of the Guix package manager.
To get the latest package recipes for Guix just run
pull, which will download and compile the most recent
development version for the current user. This allows users
(including root) to all have a different version of Guix.
I recommend reading the excellent Guix reference manual, which is
available on the web and, of course, included as an Info
document in your Guix installation. If you don’t have Emacs—the
best Info reader, which also happens to be an excellent text
editor—I encourage you to install it from Guix; it is just a
guix package -i emacs away!
If you have questions that are not covered by the manual feel free to chat with members of the Guix community on IRC in the #guix channel on Freenode. For matters relating to using Guix in a bioinformatics environment you are welcome to subscribe and write to the mailing list firstname.lastname@example.org.