On Wed, Feb 22, 2017 at 10:51:47AM +0100, Mathieu Lirzin wrote: > I don't know much about HTTP proxying but when reading > 'in-band-download' in "guix/download.scm" I see a line like this: > > #:leaked-env-vars '("http_proxy" "https_proxy") > > which makes me think that maybe we should add an https_proxy toggle in > 'guix-configuration' too? > > However I see that 'open-connection-for-uri' in "guix/download.scm" > ignores "https_proxy" with a comment from 2015: > > ;; For HTTPS URIs, honor 'https_proxy', not 'http_proxy'. > ;; FIXME: Proxying is not supported for https.
That's from 'guix/build/download.scm'. > Do you have any idea if this could be easily fixed? I don't know. I guess that it would be required to have a TLS client (gnutls-guile) and a certificate store available, but I'm not sure how to implement it, or what exactly is missing. > I think it would be more readable like this: > > #$@(if http-proxy > (list (string-append "http_proxy=" http-proxy)) > '()) I think this form of the conditional is a little easier to read than the other one, so I've used it in my updated patch, which is attached.
>From ae8fd98c4a8f985ba835bfeab7f008c594508b2d Mon Sep 17 00:00:00 2001 From: Leo Famulari <l...@famulari.name> Date: Tue, 21 Feb 2017 14:57:02 -0500 Subject: [PATCH] services: guix: Support using an HTTP proxy. * gnu/services/base.scm (<guix-configuration>)[http-proxy]: New field. (guix-shepherd-service): Use 'http-proxy' in #:environment-variables. * doc/guix.texi (Base Services)[guix-configuration]: Document it. --- doc/guix.texi | 4 ++++ gnu/services/base.scm | 13 +++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 6cdb5e592..19a31c659 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -8611,6 +8611,10 @@ are written. @item @code{lsof} (default: @var{lsof}) The lsof package to use. +@item @code{http-proxy} (default: @code{#f}) +The HTTP proxy used for downloading fixed-output derivations and +substitutes. + @end table @end deftp diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 57601eab8..20eb19930 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -3,7 +3,7 @@ ;;; Copyright © 2015, 2016 Alex Kost <alez...@gmail.com> ;;; Copyright © 2015, 2016 Mark H Weaver <m...@netris.org> ;;; Copyright © 2015 Sou Bunnbu <iyzs...@gmail.com> -;;; Copyright © 2016 Leo Famulari <l...@famulari.name> +;;; Copyright © 2016, 2017 Leo Famulari <l...@famulari.name> ;;; Copyright © 2016 David Craven <da...@craven.ch> ;;; Copyright © 2016 Ricardo Wurmus <rek...@elephly.net> ;;; @@ -1114,7 +1114,9 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) (log-file guix-configuration-log-file ;string (default "/var/log/guix-daemon.log")) (lsof guix-configuration-lsof ;<package> - (default lsof))) + (default lsof)) + (http-proxy guix-http-proxy ;string | #f + (default #f))) (define %default-guix-configuration (guix-configuration)) @@ -1125,7 +1127,7 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) (($ <guix-configuration> guix build-group build-accounts authorize-key? keys use-substitutes? substitute-urls extra-options - log-file lsof) + log-file lsof http-proxy) (list (shepherd-service (documentation "Run the Guix daemon.") (provision '(guix-daemon)) @@ -1142,7 +1144,10 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) ;; Add 'lsof' (for the GC) to the daemon's $PATH. #:environment-variables - (list (string-append "PATH=" #$lsof "/bin")) + (list (string-append "PATH=" #$lsof "/bin") + #$@(if http-proxy + (list (string-append "http_proxy=" http-proxy)) + '())) #:log-file #$log-file)) (stop #~(make-kill-destructor))))))) -- 2.11.1