On 11/07/2025 09:57, Ant wrote:
Hi all,
as subject says, I'd like to know if it is possible to install Guix on
in a {Tool Distro}box container when using an immutable distro such as
Silverblue as host. My use case is to install Emacs along with its
related external CLI binaries in a reproducible and tightly coupled
environment.
Would it be feasible to do such thing? Do you have some suggestions in
this regard?
I have done this on Fedora Kinoite (the KDE flavour of their immutable
distro), which also uses toolbx. This was mostly a proof of concept and
there were some downsides so I haven't used it heavily, but the basics
were working.
I created a toolbox based on ubuntu 24.04:
toolbox create -d ubuntu -r 24.10 guix-test
Then in the toolbox, installed Guix manually (the Ubuntu guix package
didn't work for me in-container, but the manual installation did):
toolbox enter guix-test
wget
https://git.savannah.gnu.org/cgit/guix.git/plain/etc/guix-install.sh
/etc/guix-install.sh
chmod a+x guix-install.sh
sudo sh -c "yes '' | ./guix-install.sh"
The downside to this approach (one of them, at least) is that you have
to start the Guix daemon manually when you enter the container:
sudo /root/.config/guix/current/bin/guix-daemon
--build-users-group=guixbuild &
Now you can run guix commands in the toolbx as a normal user, e.g.
guix install emacs-no-x
One of the other downsides is that your Guix profile is stored in your
home directory (outside the toolbx container), so if you have more than
one guix toolbox you might see some strange behaviour (your profile could
point to things that don't exist in the store).
An idea I'd like to pursue if I had more time is to create a podman volume for
the
/gnu/store, mount this read/write in a container that runs the Guix daemon, and
mount
it read-only into the toolbox containers. One blocker for this was that I
couldn't see
how to get toolbx to mount the volume. I might revisit this if I get some time.
For a completely different approach, see
http://sam-d.com/blog//running-guix-package-manager-on-top-of-fedora-silverblue/
I didn't go down this route because it required switching SELinux to
non-enforcing mode.
I hope this helps!
Ray.
