On Wed, Feb 22, 2017 at 10:51:47AM +0100, Mathieu Lirzin wrote:
> I don't know much about HTTP proxying but when reading
> 'in-band-download' in "guix/download.scm" I see a line like this:
>
> #:leaked-env-vars '("http_proxy" "https_proxy")
>
> which makes me think that maybe we should add an https_proxy toggle in
> 'guix-configuration' too?
>
> However I see that 'open-connection-for-uri' in "guix/download.scm"
> ignores "https_proxy" with a comment from 2015:
>
> ;; For HTTPS URIs, honor 'https_proxy', not 'http_proxy'.
> ;; FIXME: Proxying is not supported for https.
That's from 'guix/build/download.scm'.
> Do you have any idea if this could be easily fixed?
I don't know. I guess that it would be required to have a TLS client
(gnutls-guile) and a certificate store available, but I'm not sure how
to implement it, or what exactly is missing.
> I think it would be more readable like this:
>
> #$@(if http-proxy
> (list (string-append "http_proxy=" http-proxy))
> '())
I think this form of the conditional is a little easier to read than the
other one, so I've used it in my updated patch, which is attached.
>From ae8fd98c4a8f985ba835bfeab7f008c594508b2d Mon Sep 17 00:00:00 2001
From: Leo Famulari <l...@famulari.name>
Date: Tue, 21 Feb 2017 14:57:02 -0500
Subject: [PATCH] services: guix: Support using an HTTP proxy.
* gnu/services/base.scm (<guix-configuration>)[http-proxy]: New field.
(guix-shepherd-service): Use 'http-proxy' in #:environment-variables.
* doc/guix.texi (Base Services)[guix-configuration]: Document it.
---
doc/guix.texi | 4 ++++
gnu/services/base.scm | 13 +++++++++----
2 files changed, 13 insertions(+), 4 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 6cdb5e592..19a31c659 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -8611,6 +8611,10 @@ are written.
@item @code{lsof} (default: @var{lsof})
The lsof package to use.
+@item @code{http-proxy} (default: @code{#f})
+The HTTP proxy used for downloading fixed-output derivations and
+substitutes.
+
@end table
@end deftp
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 57601eab8..20eb19930 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -3,7 +3,7 @@
;;; Copyright © 2015, 2016 Alex Kost <alez...@gmail.com>
;;; Copyright © 2015, 2016 Mark H Weaver <m...@netris.org>
;;; Copyright © 2015 Sou Bunnbu <iyzs...@gmail.com>
-;;; Copyright © 2016 Leo Famulari <l...@famulari.name>
+;;; Copyright © 2016, 2017 Leo Famulari <l...@famulari.name>
;;; Copyright © 2016 David Craven <da...@craven.ch>
;;; Copyright © 2016 Ricardo Wurmus <rek...@elephly.net>
;;;
@@ -1114,7 +1114,9 @@ failed to register hydra.gnu.org public key: ~a~%"
status))))))))
(log-file guix-configuration-log-file ;string
(default "/var/log/guix-daemon.log"))
(lsof guix-configuration-lsof ;<package>
- (default lsof)))
+ (default lsof))
+ (http-proxy guix-http-proxy ;string | #f
+ (default #f)))
(define %default-guix-configuration
(guix-configuration))
@@ -1125,7 +1127,7 @@ failed to register hydra.gnu.org public key: ~a~%"
status))))))))
(($ <guix-configuration> guix build-group build-accounts
authorize-key? keys
use-substitutes? substitute-urls extra-options
- log-file lsof)
+ log-file lsof http-proxy)
(list (shepherd-service
(documentation "Run the Guix daemon.")
(provision '(guix-daemon))
@@ -1142,7 +1144,10 @@ failed to register hydra.gnu.org public key: ~a~%"
status))))))))
;; Add 'lsof' (for the GC) to the daemon's $PATH.
#:environment-variables
- (list (string-append "PATH=" #$lsof "/bin"))
+ (list (string-append "PATH=" #$lsof "/bin")
+ #$@(if http-proxy
+ (list (string-append "http_proxy=" http-proxy))
+ '()))
#:log-file #$log-file))
(stop #~(make-kill-destructor)))))))
--
2.11.1
