1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
This repository houses Guix configuration for GeneNetwork machines and
containers.
* GeneNetwork development container
The GeneNetwork development container is run on /penguin2/. It runs
continuous integration and continuous deployment services for
genenetwork2, genenetwork3 and several other associated projects.
To build and install the container, you will need the
[[https://gitlab.com/genenetwork/guix-bioinformatics][guix-bioinformatics]] and [[https://git.systemreboot.net/guix-forge/][guix-forge]] channels. Once these channels are
pulled and available, on /penguin2/, run
#+BEGIN_SRC shell
$ ./genenetwork-development-deploy.sh
#+END_SRC
/penguin2/ is configured with a systemd service to run this
container. Restart it.
#+BEGIN_SRC shell
$ sudo systemctl restart genenetwork-development-container
#+END_SRC
* Virtuoso container for tux01 production
The virtuoso container is run on /tux01/ production. It runs virtuoso
alone.
To build and install the container, you will need the
guix-bioinformatics channel. Once guix-bioinformatics is pulled and
available, on /tux01/, run
#+begin_src shell
$ ./virtuoso-deploy.sh
#+end_src
/tux01/ is configured with a systemd service to run this
container. Restart it.
#+begin_src shell
$ sudo systemctl restart virtuoso-container
#+end_src
* Secure virtuoso authentication
In containers containing virtuoso instances, it is important to secure
authentication by changing default user passwords and disabling
unnecessary users. See [[https://issues.genenetwork.org/topics/systems/virtuoso][virtuoso gemtext documentation]] on passwords for
more details.
* Getting a Shell into the Container
When you start the container, you can get a shell into the container using the
~nsenter~ command. You will need the process ID of the container, which your
can get with something like:
#+BEGIN_SRC sh
ps -e | grep shepherd
#+END_SRC
That will give you output of the form:
#+BEGIN_EXAMPLE
11869 pts/3 00:00:00 shepherd
#+END_EXAMPLE
From the guix [/operating-system/ Reference](https://guix.gnu.org/manual/en/html_node/operating_002dsystem-Reference.html)
under the *packages* option, the list of packages installed under the global
profile are found in */run/current-system/profile*, for example:
#+BEGIN_SRC sh
/run/current-system/profile/ls /gnu/store
#+END_SRC
to list the files under */gnu/store*
With that knowledge, we can now get a shell using ~nsenter~ as follows:
#+BEGIN_SRC sh
sudo nsenter -a -t 11869 /run/current-system/profile/bin/bash \
--init-file /run/current-system/profile/etc/profile
#+END_SRC
which will give you a bash shell with the ~PATH~ environment variable setup
correctly to give you access to all packages in the global profile.
|