Re: Ruby without RVM - what to do if the version I want is missing?

[Remco van 't Veer]

Hi Daniel,

2024/06/17, Daniel Littlewood:

> The file guix.scm contains (by the way, why is the use-modules syntax
> different here?)
> (use-modules (guix packages)
>(guix download)
>(guix utils)
>(guix build-system ruby)
>(ruby))
> (package
>   (name "my-project")
>   (version "1.0.0")
>   (license #f)
>   (source #f)
>   (build-system ruby-build-system) ; "no build system" was not an option
>   (propagated-inputs (list ruby-3.3))
>   (synopsis "")
>   (description "")
>   (homepage ""))
>
> Now I become confused:
> guix shell -L ~/my-channel -D -f guix.scm # works, as expected
> ruby --version
> ruby 3.1.4p223 (2023-03-30 revision 957bb7cb81) [x86_64-linux]
> # this is *not* the host ruby:
> exit
> ruby --version
> ruby 2.7.8p225 (2023-03-30 revision 1fd455848) [x86_64-linux]
>
> I don't know where it is getting 3.1.4 from! I have not written it
> anywhere. I do recognise it - I think I have previously installed it
> at some point. But I don't know where it's being pulled from - some
> cache? It looks like Remco's approach using manifests should work, but
> I wonder: does anyone know what's wrong with my guix.scm?

I think you're getting the build dependency of ruby-3.3 because you're
using -D to get the development dependencies of the defined package.  It
should probably work when you use "inputs" instead of
"propagated-inputs" here when using -D.

I've never used "propagated-inputs" but I think this is not the way to
use them. A typical use, I think, would be some package which enhances
some other package.  So say you have a package "foo" which you could
install to do it's thing but there's also "foo-with-superpowers" which
depends on "foo" being installed but add superpowers to that command and
function through the original package.

Cheers,
Remco

Re: Ruby without RVM - what to do if the version I want is missing?

[Remco van 't Veer]

Hi Daniel,

I replaced rvm on guix with direnv and guix manifests.  Most for the
projects I work on are on different versions of ruby and some which are
not packaged for guix.  The way I do this is as follows.

First I create a .guix.scm file in the root of my project as follows:

  (use-modules (gnu packages)
   (gnu packages ruby)
   (guix packages)
   (guix utils))

  (let* ((ruby-version "3.3.0")
 (ruby (package
 (inherit ruby-3.2)
 (version ruby-version)
 (source
  (origin
(inherit (package-source ruby-3.2))
(uri (string-append "http://cache.ruby-lang.org/pub/ruby/;
(version-major+minor ruby-version)
"/ruby-" ruby-version ".tar.xz"))
(sha256
 (base32
  
"0nwpgf27i43yd8ccsk838n86n9xki68hayxmhbwr0zk3dsinasv7")))

 (concatenate-manifests
  (list
   (packages->manifest (list ruby))

   ;; base for building extensions
   (package->development-manifest ruby

And run:

  guix package -p .guix -m .guix.scm

This creates a profile containing ruby-3.3.0 in the .guix directory
(with is actually a link the a version of that profile) which includes
enough to build basic gems with native code (the development manifest
for ruby itself) kinda like installing debians build-essentials.  If you
need any libraries to compile some gem add them here too.

Now create a .envrc file as follows:

  GUIX_PROFILE="$(expand_path .guix)"
  [ -f "$GUIX_PROFILE/etc/profile" ] ||
  guix package -p "$GUIX_PROFILE" -m .guix.scm
  source "$GUIX_PROFILE/etc/profile"

  export GEM_HOME="$(expand_path .gems)"
  export GEM_PATH="$GEM_HOME"
  PATH_add $GEM_HOME/bin

This makes sure the profile gets automatically loaded when you "enter"
the project and sets up GEM_HOME so all gems installed for this project
are kept in the local .gems.  Read the direnv documentation to figure
out how to set that up to make "entering" the project work for your dev
environment.  I use the envrc emacs package which work very well for me.

I use the about method for other kinds of projects too.

Cheers,
Remco

SOLVED Re: system hangs at boot - LUKS /home/ problem(?)

[Remco van 't Veer]

This issue has been fixed (see also: https://issues.guix.gnu.org/70266)
It's safe to be do a guix pull and guix system reconfigure again.

Re: system hangs at boot - LUKS /home/ problem(?)

[Remco van 't Veer]

2024/04/02, Benjamin Slade:

> I can't roll back to the earlier commit mentioned by Remco because
> other things/channels depend on me being roughly up-to-date on the
> main guix channel.

Reverting the commit on a local checkout of guix worked for me but isn't
workable of course.  I tested the patch provided by aurtzy
(https://issues.guix.gnu.org/70051#5) and that worked worked too.

For now I won't reconfigure my system until this issue is fixed or try
out "guix pull --switch-generation" to go back to some earlier situation
when I really need to deploy some configuration change.

Remco

Re: system hangs at boot - LUKS /home/ problem(?)

[Remco van 't Veer]

Hi,

Confirmed on a couple of my installs.  I too have an unencrypted root
and encrypted home filesystems.  The passphrase prompt never appears and
the system seems to be waiting for something or is halted.

I've git bisected it down to:

  commit 6f9d844d2ece7b369d17bbe678978462425f869c (HEAD)
  Author: Ludovic Courtès 
  Date:   Wed Mar 20 18:48:38 2024 +0100

services: shepherd: Load each service file in a fresh module.

Fixes .

* gnu/home/services/shepherd.scm (home-shepherd-configuration-file)[config]:
Define ‘make-user-module’.  Call ‘load’ in ‘save-module-excursion’.
* gnu/services/shepherd.scm (shepherd-configuration-file): Likewise.

Commit 2b052fe3c0fa85e9faa8873a581568ad4c78e151 still works.

Cheers,
Remco

Re: Guix system on AQEMU HD fills

[Owen T. Heisler]

On 3/18/24 15:56, Brian O'Keefe wrote:
I've been installing and 
reinstalling the latest GUIX OS in AQEMU.


yesterday I got a warning from 
my Ubuntu host that my HD was dangerously low.


I saw that 
my ~/.aqemu folder was packed and the culprit was the virtual GUIX 
machine which had far exceeded its 25GB capacity.


If you created a 25 GB hard drive with AQEMU (that's a QEMU front-end, 
right?), then the `guix.qcow2` hard drive image shouldn't get much 
bigger than 25 GB. However if AQEMU is using qcow2 snapshots, then the 
image will grow as much as necessary to keep all the snapshot data.


It also seems that with each "guix pull" or "guix refresh" or 
"guix upgrade" more and more data is being stored.
Run `guix gc -d` to delete all old generations. You will not be able to 
roll-back the Guix system to a previous generation once you have deleted it.



Why that affects my host OS, I don't know
Yeah, that seems odd. The only thing that comes to my mind is qcow2 
snapshots as I mentioned above.

Re: add shepherd requirement to an existing service?

[Remco van 't Veer]

That's exactly what I need!  Thanks!

Re: add shepherd requirement to an existing service?

[Remco van 't Veer]

Hi Oleg,

2024/03/11, Oleg Pykhalov:

>> I'd like to add a shepherd requirement to an existing service, as
>> provided by guix, to prevent it from starting before some other service
>> starts.
>>
>> For exampple: I have NAS which is very slow to start after a power
>> failure so I created a simple service to keep trying to mount an NFS
>> share until it succeeds.  This share contains files shared through
>> syncthing, so I want syncthing to start after the NFS service is
>> started.
>
> How do you mount the NFS share? From my understanding, system services
> typically wait for all mounts listed in 'file-systems' to be mounted
> unless 'mount?' is specifically set to false.

I tried the file-systems declaration about a year ago but found it
didn't work all the time when automatically booting after a power
failure.  There's also routers and stuff booting at the same time so
the order of things may have been an issue.  Anyway, a simple service
trying to mount until it succeeds works pretty reliably.

>> Is there any way to do this apart from defining my own
>> syncthing-shepherd-service which includes the extra shepherd
>> requirement?
>
> To my knowledge, unless the service definition explicitly allows for it,
> there may not be an alternative approach aside from creating a custom
> syncthing-shepherd service that incorporates the additional shepherd
> requirement.

I was afraid so.  There may be other situations where I'd like some
home grown service to startup before another pre-existing one, so maybe
this should be a feature request, if others are also running into this.

add shepherd requirement to an existing service?

[Remco van 't Veer]

Hi,

I'd like to add a shepherd requirement to an existing service, as
provided by guix, to prevent it from starting before some other service
starts.

For exampple: I have NAS which is very slow to start after a power
failure so I created a simple service to keep trying to mount an NFS
share until it succeeds.  This share contains files shared through
syncthing, so I want syncthing to start after the NFS service is
started.

Is there any way to do this apart from defining my own
syncthing-shepherd-service which includes the extra shepherd
requirement?

Kind regards,
Remco

Re: Staging Scheme code to run as one-shot service

[Owen T. Heisler]

On 3/5/24 19:32, Owen T. Heisler wrote:

I have a minimal example now that does work,
including with the G-expression defined separately.


And thanks, Felix, for your help!

Owen

Re: Staging Scheme code to run as one-shot service

[Owen T. Heisler]

On 3/4/24 21:07, Owen T. Heisler wrote:
> On 3/4/24 10:08, Felix Lechner wrote:
>> try something like this:
>>
>>  (start #~(let ((port (open-pipe* OPEN_WRITE "logger" 
>> "-plocal0.alert")))
>>     (display "say-hello\n" port)
>>     (close-pipe port)))
> 
>> [1] 
>> https://codeberg.org/lechner/juix/src/commit/fe8cac5165bfbe290413cedd36a492109e29e38b/juix/deploy/cachefilesd.scm#L158
> 
> Thanks for the suggestion. I tried that, but it doesn't work either.

Apparently I failed to follow your example properly and had an extra 
`#~(begin` in there. I have a minimal example now that does work, 
including with the G-expression defined separately.

As I wrote in another message, I also got a boot script 
(non-Shepherd) service working (with the help of a hint from Florian) 
but I need to use a regular Shepherd service so I can declare a 
dependency on another service (in this case, syslogd).

Here is the working example:

```scm
;; $(guix system vm input.scm --no-graphic)
(use-modules (gnu)
 (gnu services shepherd)
 (ice-9 popen))
(use-service-modules networking)
(use-package-modules admin bootloaders)
(define say-hello-gexp
  #~(begin
  (let ((port (open-pipe* OPEN_WRITE
  #$(file-append inetutils "/bin/logger")
  "-plocal0.alert"))
;; Use random string to counter syslog deduplication
(rand_str (number->string (random 100
(display (string-append "say-hello" rand_str "\n") port)
(close-pipe port
(define say-hello-service
  (simple-service 'say-hello-service shepherd-root-service-type
  (list (shepherd-service (auto-start? #t)
  (documentation "Say hello.")
  (one-shot? #t)
  (provision '(say-hello-service))
  (requirement '(syslogd))
  (respawn? #f)
  (start #~(lambda _
 #$say-hello-gexp))
(operating-system
  (bootloader (bootloader-configuration
(bootloader grub-bootloader)
(targets '("/dev/vda"))
(terminal-inputs '(console serial))
(terminal-outputs '(console serial))
(timeout 1)))
  (file-systems (cons (file-system
(mount-point "/")
(device "/dev/vda1")
(type "ext4")) %base-file-systems))
  (host-name "test-guix-vm")
  (kernel-arguments (cons "console=ttyS0" %default-kernel-arguments))
  (services
   (append (list say-hello-service) %base-services)))
;; # herd start say-hello-service
```

Thanks,
Owen

Re: Staging Scheme code to run as one-shot service

[Owen T. Heisler]

Hi Florian,

On 3/4/24 02:31, pelzflorian (Florian Pelz) wrote:

P.S. There also is the code for

https://issues.guix.gnu.org/62584#0

which is not using a Shepherd service.


At first I was confused by the link to an April-1 joke. :-) But that did 
work, thanks!


Here is a working example (I'm not sure why default-value is required):

```scm
;; $(guix system vm input.scm --no-graphic)
(use-modules (gnu bootloader)
 (gnu bootloader grub)
 (gnu services base)
 (gnu system file-systems)
 (guix gexp))
(define (say-hello-gexp _)
  #~(begin
  (display "say-hello\n"
   (current-error-port
(define say-hello-service-type
  (service-type (name 'say-hello)
(extensions (list (service-extension boot-service-type
 say-hello-gexp)))
;; without default-value, error:
;; no value specified for service of type 'say-hello'
(default-value 0)
(description "Print say-hello during boot.")))
(operating-system
  (bootloader (bootloader-configuration
(bootloader grub-bootloader)
(targets '("/dev/vda"))
(terminal-inputs '(console serial))
(terminal-outputs '(console serial))
(timeout 1)))
  (file-systems (cons (file-system
(mount-point "/")
(device "/dev/vda1")
(type "ext4")) %base-file-systems))
  (host-name "test-guix-vm")
  (kernel-arguments (cons "console=ttyS0" %default-kernel-arguments))
  (services
   (append (list (service say-hello-service-type)) %base-services)))
```

Thanks,
Owen

Re: Staging Scheme code to run as one-shot service

[Owen T. Heisler]

Hi Felix,

On 3/4/24 10:08, Felix Lechner wrote:

On Sat, Mar 02 2024, Owen T. Heisler wrote:


(start #~(lambda ()
   #$(say-hello)))


My code works when I place it directly into the 'start' G-exp. [1]

By comparison, I think you have two lambdas (with quoting and
unquoting). I would try something like this:

 (start #~(let ((port (open-pipe* OPEN_WRITE "logger" "-plocal0.alert")))
(display "say-hello\n" port)
(close-pipe port)))



[1] 
https://codeberg.org/lechner/juix/src/commit/fe8cac5165bfbe290413cedd36a492109e29e38b/juix/deploy/cachefilesd.scm#L158


Thanks for the suggestion. I tried that, but it doesn't work either. 
Instead I now get this error during boot before the login prompt (note, 
auto-start is false):


/run/current-system/profile/bin/logger: cannot connect: No such file or 
directory


It appears to me that the code isn't adequately staged. I assume the 
code in #~(begin) is being executed (rather than staged) when Shepherd 
starts. That's why I added the other lambda. (Perhaps the linked service 
declaration your link [1] above would create the cache directory even if 
auto-start was set to false; that's just a guess though.)


This is what I tried:

```scm
;; Run with `$(guix system vm input.scm --no-graphic)`
(use-modules (gnu)
 (gnu services shepherd)
 (ice-9 popen))
(use-service-modules networking)
(use-package-modules bootloaders)
(define say-hello-service
  (simple-service 'say-hello-service shepherd-root-service-type
  (list (shepherd-service (auto-start? #f)
(documentation "Say hello.")
    (one-shot? #t)
(provision '(say-hello-service))
(respawn? #f)
(start
   #~(begin
   (let ((port (open-pipe*
OPEN_WRITE
"/run/current-system/profile/bin/logger"
"-plocal0.alert")))
 (display "say-hello\n" port)
 (close-pipe port
(operating-system
  (bootloader (bootloader-configuration
(bootloader grub-bootloader)
(targets '("/dev/vda"))
(terminal-inputs '(console serial))
(terminal-outputs '(console serial))
(timeout 1)))
  (file-systems (cons (file-system
(mount-point "/")
(device "/dev/vda1")
(type "ext4")) %base-file-systems))
  (host-name "test-guix-vm")
  (kernel-arguments (cons "console=ttyS0" %default-kernel-arguments))
  (services
   (append (list say-hello-service) %base-services)))
```

Thanks,
Owen

Staging Scheme code to run as one-shot service

[Owen T. Heisler]

service where the entire service functionality is in a procedure. =
Hi! I am trying to declare a simple one-shot operating-system service
where the entire service functionality is in a procedure. Following is
a minimal reproducible example. The error is `In procedure fport_write:
Broken pipe` (see end of message). What is wrong here? I'm new to
Scheme and Guix, and it's not very clear to me yet how code staging and
g-expressions work, so it's probably something quite obvious. Thanks
for looking!

```scm
;; operating-system declaration
(use-modules (gnu)
 (gnu services shepherd)
 (ice-9 popen))
(use-service-modules networking)
(use-package-modules bootloaders)
(define (say-hello)
  #~(let ((port (open-pipe* OPEN_WRITE "logger" "-plocal0.alert")))
  (display "say-hello\n" port)
  (close-pipe port)))
(define say-hello-service
  (simple-service 'say-hello-service shepherd-root-service-type
  (list (shepherd-service (auto-start? #f)
  (documentation "Say hello.")
      (one-shot? #t)
  (provision '(say-hello-service))
  (respawn? #f)
  (start #~(lambda ()
 #$(say-hello)))
(operating-system
  (bootloader (bootloader-configuration
(bootloader grub-bootloader)
(targets '("/dev/vda"))
(terminal-inputs '(console serial))
(terminal-outputs '(console serial))
(timeout 1)))
  (file-systems (cons (file-system
(mount-point "/")
(device "/dev/vda1")
(type "ext4")) %base-file-systems))
  (host-name "test-guix-vm")
  (kernel-arguments (cons "console=ttyS0" %default-kernel-arguments))
  (services
   (append (list say-hello-service) %base-services)))
```

```sh
# Build system image and run with qemu
cp $(guix system image --image-type=qcow2 in.scm) image.qcow2
chmod u+w image.qcow2
qemu-system-x86_64 -enable-kvm -m 2048 -device virtio-blk,drive=myhd \
-nographic -drive if=none,file=image.qcow2,id=myhd
```

```console
## Log in as root and attempt to start service
# herd start say-hello-service
Starting service say-hello-service...
Service say-hello-service failed to start.
herd: error: exception caught while executing 'start' on service 
'say-hello-service':
In procedure fport_write: Broken pipe
```

Re: local and remove mail delivery

[Remco van 't Veer]

Hi Felix,

2024/01/02, Felix Lechner:

> Perhaps my config helps you for a simple nullmailer here [1] or for a
> fully-featured mail server here. [2]

Thank you!  That's very helpful!

Cheers,
Remco

> [1] 
> https://codeberg.org/lechner/system-config/src/commit/ac36a057f2486b262a5c37593b437fc221c632e1/host/lechner-desktop/operating-system.scm#L224-L237
> [2] 
> https://codeberg.org/lechner/system-config/src/commit/ac36a057f2486b262a5c37593b437fc221c632e1/host/wallace-server/operating-system.scm#L1260-L1322

Re: local and remove mail delivery

[Remco van 't Veer]

Hi Felix,

Thanks for your reply.

2024/01/02, Felix Lechner:

> On Tue, Jan 02 2024, Remco van 't Veer wrote:
>
>>   set sendmail=sendmail:/run/current-system/profile/sbin/sendmail
>
> Is the set-gid bit set on that particular sendmail executable? I might
> instead try
>
>set sendmail=/run/setuid-programs/sendmail

Good call, I'm a bit embarrassed I missed that.  Unfortunately it does
not help, I'm still seeing the same behaviour.

I did notice that smtpd does pick up a .forward file and tries to
forward mails outbound.  I'll need to setup smtpd to use authentication
for my mail provider to do that which seems relatively easy to do.  Will
need to figure out how to properly do secrets in config.scm files (just
use a local-file and keep that out of my git repo?) and chmod/chgrp
stuff generated by etc-service (using activation-service?).

Cheers,
Remco

local and remove mail delivery

[Remco van 't Veer]

Hi,

I am trying to get local (and remote through .forward and aliases, using
fastmail as relay) mail delivery to work on a server for (rottlog etc)
but I am stuck and hoping somebody can share some config.scm snippets to
get it to work.

My journey so far: The found rottlog service expects mailutils to be in
a working state which it isn't out of the box.  When sending mail it
tries to launch /usr/sbin/sendmail which obviously does not exist.  So I
added the opensmtp service:

  (service opensmtpd-service-type
(opensmtpd-configuration))

and setup a mailrc file with:

  set sendmail=sendmail:/run/current-system/profile/sbin/sendmail

Now using mailutils "mail" command mail gets accepted but never
delivered.

  date | mail -s test me

In maillog I see messages like:

  Jan  2 13:48:26 localhost smtpd[665]: 16e9792116d40b8b mda delivery 
evpid=8bd03460af848da7 from= to= 
rcpt= user=me delay=5m result=TempFail stat=Error (terminated; 
timeout)

And after a while:

  Jan  2 14:59:25 localhost lockspool: /var/mail/me.lock: Permission denied

So I looked at the opensmtpd service definitions and found out
executables are setgid to the smtpq group to gain some privileges so I
chgrp-ed the /var/mail directory to smtpq and did chmod g+rwx on it but
without effect.  Maybe lockspool (which is in libexec) also needs to be
setgid but I have not clue on how to do that since it's in libexec.

I also tried exim briefly, it did not work with the default
configuration and writing exim config is rather off putting.

Anybody solve the above or got mailutils to work (and receive rottlog
mails) via a different route?

Cheers,
Remco

Re: swaylock does not accept my correct password and fails to unlock

[Remco van 't Veer]

Op vr 22 dec 2023, om 15:20 schreef Oleander:
> What module provides screen-locker-service-type?

You'll need the "wm" packages module (for swaylock) and "xorg" services (see 
https://guix.gnu.org/en/manual/devel/en/html_node/X-Window.html).

Re: swaylock does not accept my correct password and fails to unlock

[Remco van 't Veer]

Hi Emmanuel,

2023/12/22, Emmanuel Beffara:

> De Remco van 't Veer le 22/12/2023 à 08:56:
>> This works for me but I am not sure it's still needed.  I am pretty sure
>> swaylock does not like to be setuid anymore.
>
> I faced the same issue some time ago, not sure when. Indeed the issue was with
> swaylock complaining about setuid. My system configuration contains the
> following simpler entry, which uses screen-locker-configuration:

Oh, that's much better!  Thanks.

Re: swaylock does not accept my correct password and fails to unlock

[Remco van 't Veer]

Hi,

This looks like a problem I had in June of this year.  Something to do
with swaylock needing pam stuff instead of setuid.  I fixed it by
removing the setuid on swaylock and adding the following service:

  (define swaylock-service-type
(service-type
 (name 'swaylock)
 (description "Swaylock needs /etc/pam.d/swaylock configuration.")
 (extensions
  (list
   (service-extension pam-root-service-type
  (lambda (_)
(list
 (pam-service
  (name "swaylock")
  (auth
   (list
(pam-entry (control "include")
   (module "login"))
 (default-value #f)))

This works for me but I am not sure it's still needed.  I am pretty sure
swaylock does not like to be setuid anymore.

A way to figure out what is wrong on your system would be to just run
swaylock from something like xterm and capture all output somewhere to
review later.  It will probably utter some complaints to stdout or
stderr.

Cheers,
Remco


2023/12/21, Oleander via:

> Hello,
> has anyone had any problem with swaylock/swaylock-effects recently?
> They don't accept my correct password when trying to unlock.
>
> I use the following lockscreen.sh and system.scm:
>
> @example
> #!/bin/sh
>
> # Times the screen off and puts it to background
> swayidle \
> timeout 60 'swaymsg "output * dpms off"' \
> resume 'swaymsg "output * dpms on"' &
>
> # Locks the screen immediately
> swaylock --clock --indicator --screenshots --effect-scale 0.4
> --effect-vignette 0.2:0.5 --effect-blur 4x2 --datestr "%a %e.%m.%Y"
> --timestr "%k:%M"
>
> # Kills last background task so idle timer doesn't keep running
> kill %%
> @end example
>
> @example
> ;; Guix config with swaywm, encrypted with LUKS
>
> (use-modules
> (gnu) (gnu system nss) (gnu system setuid))
> (use-service-modules
> dbus desktop networking sddm sound ssh)
> (use-package-modules
> certs
> compression
> disk
> emacs
> finance
> fonts
> fontutils
> freedesktop
> glib
> games
> gnome
> gnupg
> gnuzilla
> gtk
> haskell-xyz
> image
> linux
> package-management
> password-utils
> pulseaudio
> rsync
> ruby
> ssh
> terminals
> tex
> texinfo
> version-control
> wm)
>
> (operating-system
> (host-name "t420")
> (timezone "Europe/Rome")
> (locale "en_US.utf8")
>
> ;; Keyboard layout.
> (keyboard-layout (keyboard-layout "us"))
>
> ;; Bootloader
> (bootloader (bootloader-configuration
> (bootloader grub-bootloader)
> (terminal-outputs '(console))
> (targets (list "/dev/sda"))
> (keyboard-layout keyboard-layout)))
>
> ;; Specify a mapped device for the encrypted root partition.
> ;; The UUID is that returned by 'cryptsetup luksUUID'.
> (mapped-devices
> (list (mapped-device
> (source (uuid "8022876e-e0cc-4ec5-8363-0f07c590cdbc"))
> (targets (list "guix-root"))
> (type luks-device-mapping
>
> (file-systems
> (append
> (list (file-system
> (device (file-system-label "guix-root"))
> (mount-point "/")
> (type "ext4")
> (dependencies mapped-devices)))
> %base-file-systems))
>
> (swap-devices (list
> (swap-space (target "/swapfile"
>
> ;; Define users and groups.
> (users
> (cons (user-account
> (name "oleander")
> (comment "")
> (group "users")
> (home-directory "/home/oleander")
> (supplementary-groups '("wheel" "netdev"
> "audio" "video" "input")))
> %base-user-accounts))
>
> ;; Sudoers
> (sudoers-file
> (plain-file "sudoers" "\
> %root ALL=(ALL) ALL
> %wheel ALL=(ALL) ALL
> %wheel ALL=(ALL) NOPASSWD: /run/current-system/profile/sbin/reboot\n"))
>
> ;; This is where we specify system-wide packages.
> (packages
> (append
> (list
> adwaita-icon-theme
> alacritty
> at-spi2-core
> dbus
> emacs
> font-awesome
> fontconfig
> font-dejavu
> font-gnu-unifont
> fzf
> git
> gnupg
> grim
> gtypist
> icecat
> keepassxc
> ledger
> nss-certs
> openssh-sans-x
> pandoc
> parted
> pass-otp
> password-store
> pavucontrol
> pinentry
> pulseaudio
> rsync
> ruby-asciidoctor
> slurp
> stow
> sway
> swayidle
> swaylock-effects
> texinfo
> texlive-base
> unzip
> waybar
> xdg-utils
> zip)
> %base-packages))
>
> ;; Some

Re: guix package -u . --dry-run equivalent for guix home

[Remco van 't Veer]

2023/12/10, Tomas Volf:

> On 2023-12-09 18:55:22 +0100, Remco van 't Veer wrote:
>>
>> 2023/12/07, Tomas Volf:
>>
>> > On 2023-12-07 09:42:47 +0100, Remco van 't Veer wrote:
>> >> How are people (with update junky tendencies like me) using guix-home?
>> >> Run guix-home-reconfigure after every guix-pull?
>> >
>> > I in general just check the commit messages in the range that was pulled 
>> > to see
>> > if there is anything interesting.  And reconfigure only in that case.
>>
>> Yeah, I have guix master from savannah in a RSS reader but miss a lot
>> because it only returns the latest 10 commits.  Do your have a local
>> clone to get the logs from
>
> Right so the thing is I do not run stock Guix, but a fork with some (very) 
> light
> modifications.  So I need to merge updates from the Guix proper periodically.
> And those merge commits are configured to provide in the commit message the 
> very
> information I need:
>
> 
> https://git.sr.ht/~graywolf/guix/commit/96ffe69d09c7abd4a80b632eb53c064e97e62141
>
>> or is their some trick to get the logs from the commits guix-pull just
>> fetched?
>
> When `guix pull'-ing, it gives you a message like this:
>
> Authenticating channel 'guix', commits 028e445 to 32c6a3a (9 new 
> commits)...
>
> So I would just use `git log --oneline 028e445..32c6a3a' in the Guix 
> repository
> (which I do have local clone anyway) to get the same list I have in the commit
> message right now.

Thanks, that is very helpful.  I'll script something to compare the
commit delta between guix-describe and guix-home-describe on my local
clone or doing log range on savannah.

Cheers,
Remco
>
> Hope this helps,
> Tomas

Re: guix package -u . --dry-run equivalent for guix home

[Remco van 't Veer]

2023/12/07, Tomas Volf:

> [[PGP Signed Part:Undecided]]
> On 2023-12-07 09:42:47 +0100, Remco van 't Veer wrote:
>> How are people (with update junky tendencies like me) using guix-home?
>> Run guix-home-reconfigure after every guix-pull?
>
> I in general just check the commit messages in the range that was pulled to 
> see
> if there is anything interesting.  And reconfigure only in that case.

Yeah, I have guix master from savannah in a RSS reader but miss a lot
because it only returns the latest 10 commits.  Do your have a local
clone to get the logs from or is their some trick to get the logs from
the commits guix-pull just fetched?

Remco

Re: guix package -u . --dry-run equivalent for guix home

[Remco van 't Veer]

2023/12/07, Efraim Flashner:

> On Thu, Dec 07, 2023 at 09:42:47AM +0100, Remco van 't Veer wrote:
>> 2023/12/06, Efraim Flashner:
>>
>> >> Is it possible to get an package update dry-run like output for guix
>> >> home?
>> >
>> > I'll run 'guix home build  -n' to see what's going to be
>> > built.
>>
>> That's a bit more informative but currently it only tells me it's going
>> to download some new version of guix.  Running build without -n reveals
>> it will download and install a lot more..
>>
>> How are people (with update junky tendencies like me) using guix-home?
>> Run guix-home-reconfigure after every guix-pull?
>
> Ok, I admit that isn't the full command.
>
> guix home build  --no-grafts -n'
>
> The '--no-grafts' means it'll give an accurate response of what will be
> built/downloaded without taking into account any new grafts.

Yes, that's a lot closer to what I want to see.  Slightly better even!

Thanks,
Remco

Re: guix package -u . --dry-run equivalent for guix home

[Remco van 't Veer]

2023/12/06, Efraim Flashner:

>> Is it possible to get an package update dry-run like output for guix
>> home?
>
> I'll run 'guix home build  -n' to see what's going to be
> built.

That's a bit more informative but currently it only tells me it's going
to download some new version of guix.  Running build without -n reveals
it will download and install a lot more..

How are people (with update junky tendencies like me) using guix-home?
Run guix-home-reconfigure after every guix-pull?

guix package -u . --dry-run equivalent for guix home

[Remco van 't Veer]

Hi,

Before using guix home, I had a manifest file for all my packages.
Whenever I did a "guix pull", I'd do "guix package -u . --dry-run" to
figure out if anything interesting got updated.  How do I do that when
my manifest is in my home configuration?  Using "--dry-run" on "guix
home reconfigure" only tells me how much will be downloaded.  I tried
tricking "guix package" into telling me with "guix package -p
.guix-home/profile -u . --dry-run" but that gets me an error.

Is it possible to get an package update dry-run like output for guix
home?

Cheers,
Remco

Re: Guix System and WIFI / WLAN

[W. T. Meyer]

Hi Gottfried,

Gottfried  writes:

> Does that work in Guix system as well?
>
> If not, what do I have to do?

There's a manual page on hardware considerations that talks about these
specific issues:

https://guix.gnu.org/manual/en/html_node/Hardware-Considerations.html

It also mentions h-node.org as a resource to check wether WiFi hardware
is compatible with linux-libre or not, which you may want to check out: 

https://www.h-node.org/wifi/catalogue/en

---
Wilko Meyer

luks home causes syncthing service to start too early?

[Remco van 't Veer]

Hi,

In my current setup syncthing fails to start on boot.  Here's /var/log/messages:

  Jul 17 09:51:52 localhost vmunix: [1.605917] shepherd[1]: Starting 
service syncthing-me...
  Jul 17 09:51:52 localhost vmunix: [1.606790] shepherd[1]: Service 
syncthing-me has been started.
  Jul 17 09:51:52 localhost vmunix: [1.611919] shepherd[1]: Service 
syncthing-me started.
  Jul 17 09:51:52 localhost vmunix: [1.613080] shepherd[1]: Service 
syncthing-me running with value 356.
  Jul 17 09:51:52 localhost vmunix: [1.654826] shepherd[1]:
  Jul 17 09:51:52 localhost vmunix: [1.654903] [
  Jul 17 09:51:52 localhost vmunix: [1.654963] syncthing
  Jul 17 09:51:52 localhost vmunix: [1.655011] ]
  Jul 17 09:51:52 localhost vmunix: [1.655069] WARNING: Failure on home 
directory: mkdir /home/me: permission denied
  Jul 17 09:51:52 localhost vmunix: [1.655741] shepherd[1]: Service 
syncthing-me (PID 356) exited with 1.
  Jul 17 09:51:52 localhost vmunix: [1.655973] shepherd[1]: Service 
syncthing-me has been disabled.

It's pretty obvious why this fails because the mounting of the home
happens later:

  Jul 17 09:51:52 localhost vmunix: [4.207897] shepherd[1]: Starting 
service device-mapping-home...
  Jul 17 09:51:52 localhost vmunix: [   12.502555] shepherd[1]: Service 
device-mapping-home has been started.
  Jul 17 09:51:52 localhost vmunix: [   12.503557] shepherd[1]: Service 
device-mapping-home started.
  Jul 17 09:51:52 localhost vmunix: [   12.514975] shepherd[1]: Service 
device-mapping-home running with value #t.
  Jul 17 09:51:52 localhost vmunix: [   12.538402] shepherd[1]: Starting 
service file-system-/home...
  Jul 17 09:51:52 localhost vmunix: [   12.573507] shepherd[1]: Service 
file-system-/home has been started.
  Jul 17 09:51:52 localhost vmunix: [   12.573775] shepherd[1]: Service 
file-system-/home started.
  Jul 17 09:51:52 localhost vmunix: [   12.573935] shepherd[1]: Service 
file-system-/home running with value #t.
  Jul 17 09:51:52 localhost vmunix: [   12.696235] shepherd[1]: Starting 
service user-homes...
  Jul 17 09:51:52 localhost vmunix: [   12.698117] shepherd[1]: Service 
user-homes has been started.
  Jul 17 09:51:52 localhost vmunix: [   12.698406] shepherd[1]: Service 
user-homes started.
  Jul 17 09:51:52 localhost vmunix: [   12.698756] shepherd[1]: Service 
user-homes running with value #t.

I have my home directory on a separate encrypted partition as follows:

  (mapped-devices
   (list (mapped-device
  (source (uuid ...))
  (target "home")
  (type luks-device-mapping

  (file-systems (cons* (file-system
(mount-point "/boot/eff") ..)
   (file-system
(mount-point "/")
(device (uuid ...))
(type "ext4"))
   (file-system
(mount-point "/home")
(device "/dev/mapper/home")
(type "ext4")
(dependencies mapped-devices))
   %base-file-systems))

And syncthing wedged into a big list of services:

  (define my-base-desktop-services
(cons* ...

   (service syncthing-service-type
(syncthing-configuration (user "me"))
   ...

   (modify-services
   (remove (lambda (service)
 (eq? (service-kind service) gdm-service-type))
   %desktop-services)
   ...

Looking at the syncthing-shepherd-service definition[1]:

  (define syncthing-shepherd-service
(match-lambda
  (($  syncthing arguments logflags user group 
home)
   (list
(shepherd-service
 (provision (list (string->symbol (string-append "syncthing-" user
 (documentation "Run syncthing.")
 (requirement '(loopback))
 (start #~(make-forkexec-constructor ...

this shepherd-service only requires "loopback".  How do make it require
"user-homes" too without copy-pasting it and defining my own syncthing
service?

Also why doesn't it at least require "file-systems" already (which is
available just before "user-homes")?  It seems obvious to me that
syncthing should not start before all file systems are up and running.

The workaround is to add (needed-for-boot? #t) to the (file-system ..)
definition for my homes partition but then I have to type LUKS password
twice which was a nice so about this setup..

Cheers,
Remco


[1] 
https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/services/syncthing.scm#n60

Re: lookup which file can be found in which package

[W. T. Meyer]

"W. T. Meyer"  writes:

> Is there a quick way in Guix to figure out which package provides which
> file similar to what other package managers provide with dnf
> provides/apt-file search/nix-locate etc.?

There's an open patch for a guix index command mention on the
guix-patches mailing list:
https://lists.gnu.org/archive/html/guix-patches/2023-03/msg01210.html

I guess this answers my question.

- Wilko

lookup which file can be found in which package

[W. T. Meyer]

Hi everyone,

Is there a quick way in Guix to figure out which package provides which
file similar to what other package managers provide with dnf
provides/apt-file search/nix-locate etc.?

So far I haven't found a command doing this reading documentation, but
maybe there's a way to query the substitute servers if a certain file
can be found? nix has nix-index/nix-locate to query if a binary cache
has a derivation containing a specific file; which would roughly be what
I'm looking for in Guix as well.

Regards,

Wilko Meyer

Re: Guix on mobile phones

[W. T. Meyer]

Caleb Herbert  writes:

> I hope there's a way to suppress compiling from source. I don't want
> to be compiling stuff on a mobile device.

I think offloading build processes to another machine defined in
/etc/guix/machines.scm would be a more useful solution than to suppress
building things from source.

For initially provisioning a system one could probably try to make use
of guix system image to create an initial base image of Guix for a
respective mobile device to keep the amount of work to be done at said
device to a minimum.

- Wilko

Guix on mobile phones

[W. T. Meyer]

Hi,

There were brief discussions on running Guix on mobile phones ~2y ago on
this mailing list. Even though it was mentioned that there may have been
efforts to run Guix on a pinephone (also being aware that there's an
image available for the pinebook pro which uses a similar SoC as the
pinephone pro), I haven't found a post of someone having a working Guix
set-up on mobile.

So I've been wondering if there have been any successful attempts on
either running Guix as a package manager on top of something like
postmarketOS or Guix System as a distribution?

I will probably try running Guix on my pinephone myself as soon as I
have a couple of hours to spare, but it'd be appreciated to hear if
anyone has been down this route before?

- Wilko

nudging patches

[Remco van 't Veer]

Hi,

What's the preferred / politest way to draw attention to patches (and /
or bugs) which seem to have been overlooked?

And while I have your attention and you're wondering which patches I'd
like to promote.. 

- #62557 [guix-patches]
  [PATCH] gnu: ruby-2.7-fixed: Upgrade to 2.7.8 [fixes CVE-2023-{28755, 28756}]
- #62558 [guix-patches]
  [PATCH] gnu: ruby-3.0: Upgrade to 3.0.6 [fixes CVE-2023-{28755, 28756}].
- #62559 [guix-patches]
  [PATCH] gnu: ruby-3.1: Upgrade to 3.1.4 [fixes CVE-2023-{28755, 28756}].
- #62561 [guix-patches]
  [PATCH] gnu: ruby-3.2: Upgrade to 3.2.2 [fixes CVE-2023-{28755, 28756}].

They still apply cleanly on master.

But seriously, what is the preferred way to do this?

Cheers,
Remco

Re: Examples of local-host-entries or hosts-service-type?

[Remco van 't Veer]

Bruno Victal wrote:

>Were that the case then blacklists such as 
>
>which employ the hosts file method would be broken.
>AFAIK this method has around for a long time, I don't see this behavior 
>changing anytime soon
>even if it turned out to be "against spec".

Makes sense. Thanks.

Cheers,
Remco

Re: Examples of local-host-entries or hosts-service-type?

[Remco van 't Veer]

Hi Bruno,

2023/03/02 02:41, Bruno Victal:

> On 2023-02-27 06:23, Remco van 't Veer wrote:
>>
>> Or when you want to provide extra aliases for localhost?
>>
>> Like this?
>>
>>   (essential-services
>>(modify-services
>>(operating-system-default-essential-services this-operating-system)
>>  (hosts-service-type config =>
>>  (list (host "127.0.0.1" "localhost" (list host-name 
>> "foo" "bar"))
>>(host "::1"   "localhost" (list host-name 
>> "foo" "bar"))
>
> Semantically you're right though I wouldn't outright do this unless it
> results in clearer code or if its really needed.
>
> Reason for this is that the format of /etc/hosts isn't consistently
> defined.
> For instance, there is a limit on the maximum number of
> aliases. (depending on the implementation)
>
> If I wanted to add extra aliases, I'd extend the service with new
> "standalone" host records instead though your snippet is just as
> valid, as long you don't go overboard with the number of aliases.

I not sure all applications will react well to having multiple entries
for the same IP-address.

>From the hosts(5) manpage:

> This file is a simple text file that associates IP addresses with
> hostnames, one line per IP address.

To workaround the alias limit, picking multiple loopback addresses (for
the example above) would be a better solution, it seems.

Cheers,
Remco

Re: Examples of local-host-entries or hosts-service-type?

[Remco van 't Veer]

Hi Bruno,

Thanks for the clarification!

2023/02/21 16:45, Bruno Victal:

> You only override the hosts-service-type value when you don't want to
> have 'localhost' as an alias of your _hostname_ or you don't want to
> set '127.0.0.1' / '::1' as IPs for localhost / _hostname_.

Or when you want to provide extra aliases for localhost?

Like this?

  (essential-services
   (modify-services
   (operating-system-default-essential-services this-operating-system)
 (hosts-service-type config =>
 (list (host "127.0.0.1" "localhost" (list host-name 
"foo" "bar"))
   (host "::1"   "localhost" (list host-name 
"foo" "bar"))

Cheers,
Remco

Re: Examples of local-host-entries or hosts-service-type?

[Remco van 't Veer]

Hi Sergiu,

2023/02/13 11:49, Sergiu Ivanov:

> Actually, where did you get local-host-entries from?  The documentation
> page you and Bruno cite doesn't seem to ever mention this function :O
> Unless I am looking at some old version of the docs.

To be honest, I did not know about local-host-entries before your email
and thought it would allow me to cleanup my own (operating-system
.. (hosts-file (plain-file .. (string-append ..) mess.  So I did some
digging in the guix source and found some references in gnu/system.scm.

>> Also, I agree the documentation needs some love here.
>
> I am willing to contribute.  What would be the best place to do changes
> to the documentation?

doc/guix.texi

> I would follow this mini-roadmap:
>
> 1. Add the explanation of local-host-entries to
>
> https://guix.gnu.org/en/manual/devel/en/html_node/Service-Reference.html#index-hosts_002dservice_002dtype
>
> 2. Say here
>
> https://guix.gnu.org/manual/en/html_node/operating_002dsystem-Reference.html
>that hosts-file is deprecated.
>
> 3. Update the examples here to use hosts-service-type instead of
>hosts-file: https://guix.gnu.org/manual/en/guix.html
>
> What do you think?

Sounds like a plan to me.  Note: all the above is part of doc/guix.texi,
I think.

> I've never submitted a patch to Guix docs before, so all suggestions and
> hints are welcome :-)

Me neither (apart from a typo I found in the Service Reference section
during grepping for examples).  I don't have a clue about how
translations are kept in sync.  Maybe just go for it and collect some
feedback with a patch.

Cheers,
Remco

Re: Examples of local-host-entries or hosts-service-type?

[Remco van 't Veer]

Hi Sergiu,

2023/02/10 23:40, Sergiu Ivanov:

> Hello Guix,
>
> I am reconfiguring my system right now, and guix system reconfigure
> /etc/config.scm tells me this:
>
> /etc/config.scm:126:27: warning: 'local-host-aliases' is deprecated, use 
> 'local-host-entries' instead
> /etc/config.scm:126:27: warning: 'local-host-aliases' is deprecated, use 
> 'local-host-entries' instead
> /etc/config.scm:124:14: warning: the 'hosts-file' field is deprecated, please 
> use 'hosts-service-type' instead
>
> For the record, here are the lines guix system reconfigure is
> complaining about:
>
> (hosts-file (plain-file "hosts"
>   (string-append
>(local-host-aliases host-name)
>"some.ip.address.1 machine1\n"
>"some.other.ip.address machine2\n")))
>
> I spent quite some time trying to find some examples of using
> local-host-entries or hosts-service-type, but I don't seem to find any
> mention of these.  Quite on the contrary, the Guix manual actually seems
> to advice declarations similar to those which I have in my
> /etc/config.scm.
>
> Could someone point me to an example of how I should update
> my configuration?

In the guix manual I found this:

  
https://guix.gnu.org/en/manual/devel/en/html_node/Service-Reference.html#index-hosts_002dservice_002dtype

So instead of using (hosts-file ..) you'll have to use
(hosts-service-type ..) instead, as you already mentioned.  You'll end
up with something like to following:

  (operating-system
;; ...

(essential-services
 (modify-services
 (operating-system-default-essential-services this-operating-system)
   (hosts-service-type config =>
   (cons* (host "some.ip.address.1" "machine1")
  (host "some.other.ip.address" "machine2")
  (local-host-entries host-name)

;; ...

I tried it and it seems to work for me.  Also, I agree the documentation
needs some love here.

Cheers,
Remco

Re: Disabling unprivileged BPF by default in our kernels

[Remco van 't Veer]

2023/02/01 20:43, Tobias Geerinckx-Rice:

>> What does Debian's kconfig list for CONFIG_BPF_UNPRIV_DEFAULT_OFF?
>
> I've always had this option set to Y in my own kernels, and it has
> never so much as inconvenienced me.  However, I'm not a BPF power
> user.
>
> Does anyone know any serious and concrete drawbacks to setting this
> option in all Guix kernels, to increase default security & better
> align with other major distros?

There is a linux-libre-bpf package so I'd expect BPF power users to use
that.  So I guess adding it to the default-extra-linux-options should be
fine.

R.

Re: docker containers stop when doing guix install

[Remco van 't Veer]

2022/05/09 15:39, zimoun:

> Hi,
>
> On Mon, 09 May 2022 at 12:04, Remco van 't Veer  wrote:
>
>> Outside in the guix installation which runs the docker service defined
>> using:
>>
>>   (service docker-service-type)
>
> [...]
>
>> The docker images are images like "postgres:10.10" taken from docker hub
>> so nothing special.  It seems the docker-services sends signals to
>> process running in managed containers and some of those process stop?
>
> It is not easy to connect the dots. :-)
>
> IIUC, you are running Guix System and using the ’docker-service-type’.
> Right?

Yes.

> You have several Docker images running.  This images are launched via
> the ’docker-service-type’, right?

Yes.

> Unrelated to Docker, when you run one Guix subcommand as “guix install”
> or “guix pull”, then the some Docker images are stopped as the ones
> containing mysql or postgres, whereas the other containing an
> elasticsearch still runs.  Right?

Guix install, shell or pull.  And yes, some are stopped but some (for
instance elasticsearch) still run.

> Could you be precise on which containers downloaded from where are
> working and which containers downloaded from where are stopped?
>
> Other said, how can I reproduce the bug?

As follows:

  $ docker ps
  CONTAINER ID  IMAGE   COMMAND  CREATED STATUS 
   PORTS NAMES
  $ docker run -d postgres:10.10
  ..
  2b52ee072b1f5584cae597afb033cdcc0e560bbe9145b17b41502c204034e60b
  $ docker ps
  CONTAINER ID  IMAGE   COMMAND  CREATED STATUS 
   PORTS NAMES
  2b52ee072b1f  postgres:10.10  "docker-entrypoint.s…"  2 seconds ago   Up 1 
seconds  5432/tcp  blah_blah
  $ guix shell xeyes -- xeyes
  substitute: updating substitutes from 'https://ci.guix.gnu.org'... 100.0%
  0.0 MB will be downloaded
   xeyes-1.1.2  11KiB   
613KiB/s 00:00 [##] 100.0%
  The following derivation will be built:
/gnu/store/xc002hxl4g8mskqmpm0grsk8s45m91gz-profile.drv

  applying 4 grafts for xeyes-1.1.2 ...
  building CA certificate bundle...
  listing Emacs sub-directories...
  building fonts directory...
  building directory of Info manuals...
  building profile with 1 package...
  $ docker ps
  CONTAINER ID  IMAGE   COMMAND  CREATED STATUS 
   PORTS NAMES
  $ exit

First we see no docker containers are running, then we start postgres-10
from docker hub, now we see its container is running, then we do
something using guix-shell on an application *not already available on
this system*, now the container died.  This does not work the second
time when the "derivation" is already "built".

Weird huh?

Cheers,
Remco

Re: docker containers stop when doing guix install

[Remco van 't Veer]

Hi,

2022/05/09 11:01, zimoun:

> On Thu, 28 Apr 2022 at 10:22, Remco van 't Veer  wrote:
>> Why are (some) running docker containers stopped when doing guix install
>> or other guix operations like pull?  I noticed this happing to mysql and
>> postgres containers but an elasticsearch container just keeps running.
>>
>> Is stopping containers on guix actions on purpose and, if so, why?  Why
>> aren't all containers stopped?
>
> Where is “guix pull”?  Outside or inside the container?  Is Guix
> managing the containers or other tools?

Outside in the guix installation which runs the docker service defined
using:

  (service docker-service-type)

> The issue seems to come from how the containers are managed so the
> answer of “why” would probably be somewhere in the configuration
> files. ;-)

The docker images are images like "postgres:10.10" taken from docker hub
so nothing special.  It seems the docker-services sends signals to
process running in managed containers and some of those process stop?

Cheers,
R.

docker containers stop when doing guix install

[Remco van 't Veer]

Why are (some) running docker containers stopped when doing guix install
or other guix operations like pull?  I noticed this happing to mysql and
postgres containers but an elasticsearch container just keeps running.

Is stopping containers on guix actions on purpose and, if so, why?  Why
aren't all containers stopped?

Thanks,
Remco

Re: Guix as remote dev machine

[t]

I guess one more thing that maybe worth investigating is Emacs + TRAMP. I've 
some experience with TRAMP and it mostly works. Trouble again is with this 2nd 
step:

> 2. `guix shell` or start a container, with entire system if I need to 

Essentially TRAMP amounts to SSHing to your machine. But we want to be in that 
`guix shell` maybe even `guix shell -c` container, hell maybe even `guix system 
-c`. I can't even wrap my head around how that might work. TRAMP is basically 
talking to our SSHD started by current-system. I dunno but welcome suggestions, 
cause it'd be interesting to figure how that might work with TRAMP. Could be 
worth asking Emacs TRAMP mailing list, too.

Just thought I'd throw that idea out there, too. I would expect there to be a 
fair number of Emacs users among you.

Re: Guix as remote dev machine

[t]

> tigervnc-server 1.12.0-0.b484c22 installed.
> xrandr 1.5.1

Dunno how I feel about VNC but this is certainly something to try. The one time 
I tried VNC in the past it felt extremely heavy and sluggish. This is something 
I'd probably use for Windows. I'll have to give it a go. Thank you for 
suggestion

Guix as remote dev machine

[t]

Hi Guix.

I'm trying to come up with a reasonable way to use my Guix machine sitting in 
the attic as my remote development server. This presents several challenges. 
Locally I would typically follow these steps:
1. Create a project dir with guix.scm describing (possibly empty) package
2. `guix shell` or start a container, with entire system if I need to e.g. run 
a db
3. start emacs from that shell or container forwarding to my main DISPLAY

When attempting to do something similar remotely, you very quickly run into 
issues. X forwarding to a Linux machine kinda works, but sadly on OSX, which I 
have to use as a client, XQuartz X server implementation can't deal with hi DPI 
and the end result is miserable. Then there're potential rendering issues when 
your remote server doesn't even have a graphics card. We're sadly left with ssh 
+ terminal Emacs. However, just ssh and then follow the above steps won't be 
enough. When your ssh session goes down, it'll take everything with it.

I hear you say `tmux`. I thought so too, but fresh `guix package -i tmux` gives 
me `Incorrect locale LC_all, LC_CTYPE or LANG` when I try to run it. Weird, 
seeing how this is attempted on Guix SD. No matter. Lets just go with `screen`, 
which seems to work. Then follow the above steps.

This sort of works and how I would imagine most people attempting this would 
end up with. It leaves me itchy though. I mean, do I even need that `screen` 
there when `emacs --daemon=name` exist? Latter will happily detach itself from 
your tty and persist across ssh sessions. Problem of course is the 2nd step 
above, which assumes we spawn a shell (possibly run a container, maybe even the 
entire system). I wonder if there's a way to avoid the intermediate `screen` or 
`tmux` completely. Way I understand it, `guix shell`, `guix shell -c` and `guix 
system --container` are Unix processes. Could they be detached or put under 
some group or smth? I mean, screen works ok, but I wonder.

Thanks

Re: Web development on Guix: nodejs, npm and all that

[t]

> I haven't encountered any npm package which doesn't work when not
> installed globally yet and it seems to me that would be a bug in said
> package.

this is certainly great to hear! Thank you

I've been trying to do all setup via `guix shell --container`. Is there an easy 
(obvious) way to extend environment inside the container? I can --preserve etc, 
but doesn't look like I can easily change e.g. PATH to ensure it includes local 
node_modules/bin. Maybe the better way would be to have the ability to set 
GUIX_ENVIRONMENT to a profile that you tweak which sets env vars apprpiately. I 
feel like maybe I'm already asking too much of the guix shell CLI front end and 
maybe I'm better of reversing what relevant .scm script does setting up 
container's environment and just drop my modified .scm script to a project dir. 
I hate mucking with BASH and such - never ends well and never goes smoothly.

Anyone has suggestions? Basically at this point we are trying to go slightly 
above what `guix shell --container` or even `guix shell` can do. Something that 
I feel amounts to (in non-guix world) to running a sort of .loginrc script when 
you enter the environment or container.

Should I just hack some .scm at this point?

Web development on Guix: nodejs, npm and all that

[t]

Hi Guix.

Do people do web-dev on Guix System? I need to dive back into the 
whole Node.js NPM ecosystem - something I've not touched for some 
years and I'm wondering how people go about e.g. installing NPM 
packages on Guix.


I started by reading (guix build node-build-system) as one does. I 
think I have a decent grasp on exactly how it goes about 
installing those NPM dependencies. Unsurprisingly you need to 
package all those dependencies as Guix packages, then supply them 
as inputs, whereupon the extra 'patch-dependencies phase will 
actually lookup those packages in your inputs and replace deps 
paths under "dependencies", "devDependencies", "peerDependencies" 
with store items as needed. Configure phase actually runs local 
install with --offline and --ignore-scripts which is 
understandable followed by build phase which does npm run build 
where the script is available. Followed by some tar and npm 
install from local package dance, which I don't fully understand, 
but I get the general idea and where we end up (I still haven't a 
clue what 'set-home phase does and why).


This is all very cute and reproducible, but ... JS web developers 
aren't exactly known for avoiding dependencies. Even just getting 
express-js to run would require me to package ungodly number of 
those dependencies.



If guix repo is indicative, looks like I'm not the only one to 
realise packaging those would be too much work unless the entire 
community somehow decides to come together and do an "NPM Summer 
of Hard Unpaid Labour".


So, how do people program for the Web, Node on Guix. Does =npm 
install= which defaults to local installation work well enough for 
most packages? An outline of what to expect and known problems and 
workarounds would be very useful.


Thank you

Re: Emacs inside container: preserved DISPLAY unavailable etc

[t]

> Authorization required, but no authorization protocol specified

Actually, mine only said "No protocol specified" making it vague, yours at 
least hint at something to investigate. Googling around shows people don't seem 
to know what they are doing and afraid to dig into X internals, so most posts 
are just cargo-culting and trying random stuff. Sadly, I'm in that group, so 
lets just randomly try stuff:

$ echo $XAUTHORITY
/run/user/1000/gdm/Xauthority

which stores some magic cookie, so lets add

--expose=$XAUTHORITY --preserve='^XAUTHORITY$'

standing ovation, everyone congratulates everyone, noone really understands 
what just happened

I guess manual needs to be updated, or maybe guix shell --container Scheme 
code. Dunno

Thank you very much for that STDERR hint

Emacs inside container: preserved DISPLAY unavailable etc

[t]

Hi guix.

Straigt out of manual:



$ guix shell --container --no-cwd --network emacs-next 
--expose=$HOME/.emacs.d --preserve='^DISPLAY$' -- emacs


No protocol specified
Display :1 unavailable, simulating -nw
Please set the environment variable TERM; see 'tset'.



Why? What's going on here? Am I supposed to expose some device or 
smth? This is almost verbatim from Guix manual.


Is there a way to find out which process' reporting that error?

Lets pretend it isn't XXI century and try terminal emacs:

$ guix shell --container --no-cwd --network emacs-next 
--expose=$HOME/.emacs.d --preserve='^TERM$' -- emacs


This starts emacs in the terminal, but fails to load any user 
installed libraries e.g. use-package. Looks like they reside 
inside ~/.guix-profile/share/emacs/site-lisp, so maybe all we need 
to do is again follow the manual and --link-profile


$ guix shell --container --no-cwd --network emacs-next 
--expose=$HOME/.emacs.d --preserve='^TERM$' --link-profile -- 
emacs


That doesn't help but load-path inside emacs has 
$HOME/.guix-profile/share/emacs/site-lisp as first entry, 
hm. However, if we look inside its almost empty. So, I'm not 
entirely sure exactly what --link-profile even achieves. Is there 
some magic in play that "trims" /gnu/store entries only to 
whatever was in manifest (or packages) passed to guix shell 
--container? That would make sense if we are indeed trying to 
isolate things. If so, solution would be to -m manifest.scm with 
all my emacs packages along with emacs-next.


I'd really like to solve the 'display unavailable' above. Could 
anyone help, please?


Thank you

Commit of currently installed package?

[t]

Hi guix.

Is there a way to find which commit the installed package came 
from. So that I could, for instance, `guix shell` this exact 
package. Specific case where I'm at a loss is this.


At one point I installed emacs-next --with-branch=master. Well, 
I've no clue what that master was pointing at at the time. I find 
myself in the situation where current upstream master appears 
subtly broken, but my local install is fine. But how do I get my 
currently installed emacs-next version run inside `guix shell` or 
`guix shell --container`?


--export-manifest is approximate and doesn't even give package 
 versions. Even if I start playing games with --export-channels 
 or Scheme %current-profile => manifest => lookup in inferior 
 that would still find whatever guix repo commit had for 
 emacs-next, not what I actually have installed.


Does guix track that sort of provenance for me to extract?

Thanks

Ctrl-g inside `guix shell --container emacs` broken

[t]

Hi Guix.

This one is both subtle and deadly given mussle memory we all 
develop with Emacs key bindings.


Tested with both Emacs 27 and 28:

$ guix shell --container --no-cwd --preserve='^TERM$' emacs -- 
emacs -nw -q -Q

or
$ guix shell --container --no-cwd --preserve='^TERM$' emacs-next 
-- emacs -nw -q -Q


Starts terminal Emacs fine. Now Ctrl-g or M-x followed by Ctrl-g 
which typically would send `keyboard-quit` and also 
abort-recursive-edit. You get kicked out of Emacs and shell ends 
up in a weird state, with Ctrl-D being the only way to kill 
it. Replicated in xterm and gnome-terminal.


This is specific to --container! The following works just fine:

$ guix shell --preserve='^TERM$' emacs -- emacs -nw -q -Q

For completness I also tried:

$ guix shell --container --no-cwd --preserve='^TERM$' emacs bash 
-- bash -c 'emacs -nw -q -Q'


Any idea where and why --container could be breaking things? Note 
that `abort-recursive-edit` works perfectly fine. How exactly 
--container starts those processes? Could it be running some weird 
"shell" version that treats C-g specially somehow? How do I make 
it stop?


$ guix describe
Generation 10   Dec 27 2021 15:36:01(current)
 guix 9e9489f
   repository URL: https://git.savannah.gnu.org/git/guix.git
   branch: master
   commit: 9e9489fb11ac73e51abe293235738d70365affa9

Thanks