Re: How to store secrets when using guix deploy?

Hello, Guix itself does not handle any secrets yet -- at best you could consider the password field of the user-account structure to be one, and that is not particularly kept a secret either (it shows up as plaintext). Depending on your use-case, there might also be services like the

Re: Guix Day: Notes from the CI session

On Sun, Feb 14, 2021 at 09:42:46AM +0100, Mathieu Othacehe wrote: > > Hey Leo, > > > I would have guessed that a single slot is appropriate for the machine, > > but I'm curious what you saw that led to the change? > > This is most likely due to a worker crash. Workers are removed from the >

Re: TOCTTOU race (was: Potential security weakness in Guix services)

Hi, On +2021-02-14 13:29:29 +0100, Maxime Devos wrote: > On Sat, 2021-02-06 at 22:26 +0100, Ludovic Courtès wrote: > > > > [...] > > I understand the TOCTTOU race. However, activation code runs in two > > situations: when booting the system (before shepherd takes over), and > > upon ‘guix

Re: How to store secrets when using guix deploy?

Lee Fallat writes: > Hey! > > As the title says, I was wondering how people are storing secrets when > using guix deploy? I would love to know how to do that too! Also Lee, this kind of question is best asked in help-g...@gnu.org. Thanks! Joshua -- Joshua Branson (joshuaBPMan in #guix) Sent

How to store secrets when using guix deploy?

Hey! As the title says, I was wondering how people are storing secrets when using guix deploy? Thanks! -- Lee

TOCTTOU race (was: Potential security weakness in Guix services)

On Sat, 2021-02-06 at 22:26 +0100, Ludovic Courtès wrote: > > [...] > I understand the TOCTTOU race. However, activation code runs in two > situations: when booting the system (before shepherd takes over), and > upon ‘guix system reconfigure’ completion. > > When booting the system, there’s

Getting the Guix Build Coordinator agent working on the Hurd

Hey, This has been on my todo list ever since the childhurd service came in to existence. I spent some more time looking at it yesterday, and did manage to get the agent working in a childhurd VM, at least somewhat. Firstly, guile-lib needed tweaking so that it actually cross compiles, I've sent

Re: Guix Day: Notes from the CI session

Hey Leo, > I would have guessed that a single slot is appropriate for the machine, > but I'm curious what you saw that led to the change? This is most likely due to a worker crash. Workers are removed from the database when there are no signs from them since 120 seconds. I'll try to