IRC channel logs
2025-11-11.log
back to list of logs
<pomel0>hi everyone, quick question, how do I get nerd fonts on guix? Searching font-nerd-fonts yields no results <ekaitz>pomel0: you might need to package them if they are not packaged <JodiJodington>im fairly sure some of nerd fonts is non-foss so it can't be included in the main repo (without a lot of work at least). You should be able to install it per-user by putting it into ~/.local/share/fonts though <ieure>Yeah, was just looking at the license, I think it's incompatible. <JodiJodington>or at least ~/.local/share/fonts is where it'd go on a regular FHS system, not sure what the default font-config search path is on guix. either way, should be possible <ieure>JodiJodington, XDG is the relevant standard there, FHS doesn't apply to the contents of a home directory. <ieure>JodiJodington, It should Just Work. <pomel0>it's weird, because there are packages like texlive-inconsolata-nerd-font that are available <ekaitz>it does work, I've done it in the past <pomel0>but I tried installing that package, which says that it includes the Inconsolata Nerd font in TTF format, but then `fc-list | grep inconsolata` shows nothing <ekaitz>pomel0: probably because it's just there for texlive <pomel0>well, thanks for all of your answers :] <mange>Just to help me understand: what's the potential licensing issue to including nerd-fonts itself in Guix? <pomel0>JodiJodington: btw, thank you for mentioning this, I was still using $HOME/.fonts but I like .local/share/fonts better <JodiJodington>mange: looks like the last time someone submitted a patch, it was blocked due to licensing https://issues.guix.gnu.org/57149. But yeah it's not super clear to me if it's a hard-block or if it would just take some more work to package it correctly. Theoratically, you could just only ship the fonts licensed under FSF-approved licensing worst case scenario <eikcaz>mange: I think for non-code, we might actually allow ND (I'd vote otherwise), but NC is definitely not allowed. <mange>Right. Looking at their audit they have a few licenses where they say "no selling" is a condition, but we've already packaged things under those licenses. Reading the license text it's "no selling the font itself", but they permit selling things including the font. <JodiJodington>is them using an automated font patcher an issue? would that make the resulting file a blob? or is that a stretch lol <JodiJodington>actually what if the fonts were packaged seperately and you could do `(make-nerdfont my-font-package)` that creates a new font package for you that's patched with the nerdfonts font patcher. Now you only need to worry about the license of the patcher itself which is just MIT <eikcaz>mange: wait, you're saying there are NC things packaged in Guix? Do you happen to know any specific examples? <mange>SIL Open Font License 1.1. I linked to the GNU page explaining it, rather than the license itself, given the context of this conversation. <mange>We have that in our licenses.scm as solofl1.1, so you can find packages using it pretty easily. <eikcaz>Guess for guix specifically, we don't count that as NC. <apteryx>icedove is preventing addons installation; is this because of signature requirement? <apteryx>ha, workaround: download the xpi from another browser, then drag it into icedove; then it'll prompt to ask if the permissions needed are OK <apteryx>Icedove regressions are fixed, for interested users <apteryx>Thanks to Deltafire for the solution. <Rutherther>ieure: I cannot really experiment now, but I am wondering how mount gets this extension. Does it maybe load it out of PATH? And then it would be fine to just wrap autofs with PATH having mount.nfs <flurando>how to tweak existing pam services ? I didn't find any documented way to do this other than forking existing definitions and everything depending on that <flurando>also, the pamtester on guix is broken (along with the pamtester distribution itself ...), so there is no way for me to test a pam service. <flurando>I plan to add yubikey authentication method to sudo, gdm-password or login, anything that could let me touch the key instead of typing password to enter a locked screen. <flurando>So is there any way to overlap or tweak them besides manually hard-fork the (gnu system pam) and (gnus services xorg)? <flurando>Or is it possible to tell gdm to try my pam service as well when I try to login? <Rutherther>Yes, that is what the transformer field is for. No need to fork anything <flurando>Good, I would go check this, "transformer"... <flurando>Honestly speaking, this part is really poor documented. I have to grep -r the source tree to find example <fmarl>Not sure if I can help, I'm really new to guix. But is "10.1.2 Package Transformation Options" what you search? Hello btw. <flurando>fmarl: Thanks, but I am stuck with extending the /etc/pam.d/gdm-password stuff, about pam services in (gnu system pam). Not packages. <flurando>reconfiguring, tweaked and copied the elogind code about pam <flurando>hooray it works! now the only problem is not about guix, but about myself set fido2 password to 50 char long random string, much more complex than password :( <flurando>I am wondering how to send a patch or so <flurando>And what would happen if two different service tries to transform one pam-service? since the transform logic is using map, I am afraid the order in which you specify services matters. <Rutherther>flurando: yes the order can indeed matter, depending on the changes <flurando>oh, good, then some day we might see something like "put this service before ... service in your configuration", amuzing:) <flurando>this is important to know as in pam, required line after sufficient line would be ignored, according my web searching. <apteryx>seen the CI: guix offload: error: failed to connect to 'localhost': Timeout connecting to localhost <pomel0>hello everyone, I saw that a package I use in guix is outdated and want to try contributing to guix by updating the package version. Is this guide I found online still useful in 2025? (changing all the savannah links for codeberg, of course) <pomel0>untrusem: pure data. it's on version 0.55-2 when the newest version is 0.56-1 which came out in 23/08/25 <untrusem>the page you shared is ok, it is still useful in 2025 <untrusem>you should also check "contributing" heading in the manual <sharlatan>I guess this one "define-public pd" pomel0:? <nckx>Is there a contemporary replacement for the Savannah keyring? <efraim>I've been meaning to put together something to grab the uploaded keys for all the committers from their codeberg profiles but I haven't done anything like that yet <efraim>my script to download the guix committers keyring from savannah and import it into my keyring became very useless once we switched over <pomel0>sharlatan: yeah `pd` is pure data <efraim>looks like I need to work on the rust-team branch a bit more. ruff won't cross compile, libzstd is the cross library but the gcc is native <efraim>that's supposed to work magically, i'll try out another package <nckx>efraim: If there's no way to get ‘all keys’ built into Codeberg that script will be welcome indeed. <cdegroot>am I missing something? I thought the keyring was on the keyring branch... Is that info obsolete? <nckx>cdegroot: No, not at all, that's the ‘keyring’ used by guix authenticate and it's very much alive and important. But by design it's not updated when a (sub)key signature expires. Savannah used to have (or we used to have, when using Savannah) a simple way to download all committer's *current* GPG keys. <nckx>It was an easy way to keep ones local GPG ring up-to-date. <efraim>nckx: there's an api endpoint to list the members of an organization, but it needs an API key <efraim>hmm, 28 public members vs 50 members <efraim>ok, don't need the '-n1' for xargs <efraim>it doesn't check if they don't have a key uploaded <yelninei>i did not expect it to be this difficult updating coreutils. I have found atleast 3 issues so far. Missing functionality in gash, an avx2 problem in an early gcc, a missing linux header in the bootstrap headers, ... <civodul>yelninei: woow, fairly tricky indeed <yelninei>civodul: I am currently building with a local gash tarball and disabling avx2 and removing the header include. Currently waiting on gcc-final (had to revert the gawk update as well) but i am unsure if this the way to go <cdegroot>nckx: "commies" is easiest to type ;-). But thanks for the explanation <nckx>I always forget that Guix is all commies. <Rutherther>Oh, nckx didnt disappear from face of the earth I see <ieure>untrusem, I have it set up (for a previous job), but don't really have a use for it in my personal stuff. <ieure>untrusem, I have Emacs direnv-mode, it makes opening anything in /gnu/store very, very slow, as it walks all the way up to / any time you open something. <untrusem>I am also using emacs-direnv, but when I try to load the library as `library(tidyverse)` it doesn't find it <ieure>Having a denylist of locations that won't have direnv files; or an allowlist of places which may. <SirNeon>I use it for all of my projects in NixOS. <ieure>SirNeon, I don't think it has any special support. <SirNeon>ieure: Is that because it's not needed? <untrusem>ieure I will find a faster way when It actually includes the packagaes I want <ieure>SirNeon, I've never attempted to use it with Guix, so I have no idea. <identity>SirNeon: iirc direnv has the «use guix» like the «use nix»/«use flake» shorthand <ieure>Note that `guix environment' has been superseded by `guix shell'. <SirNeon>ieure: How come that isn't integrated with upstream? <ieure>SirNeon, Not sure why you're asking, as I've already said I don't use this stuff and have no idea about it. <Rutherther>SirNeon: It is integrated with upstream as was said already, there is use guix <SirNeon>Rutherther: So you don't need to set up that cookbook example yourself? <attila_lendvai>when i git pull my guix repo i get: guix git: error: unknown introductory commit and signer; am i doing something wrong? this is on the master branch. <attila_lendvai>Rutherther, i don't know, but that could easily be the case. my .git is 575MB. <attila_lendvai>divya, hi, you're the one who worked on the lean4 package, right? do you have a binary release package somewhere in some channel? if not, then i have the experience to package binary releases. <attila_lendvai>the official lean4 package is broken. the build script fails, but returns with success, and the resulting outputs are practically empty. <FuncProgLinux>attila_lendvai: It also happens to me when I contribute but AFAIK it's harmless if you are not using that checkout as the main guix channel source <attila_lendvai>FuncProgLinux, yeah, my worry is not so much about the actual message, but more about not understanding what's going on. <Rutherther>the post-merge hook is running guix authenticate and it can't find the introductory commit to check signatures from <FuncProgLinux>Rutherther: because the commit is too old or due to a missing branch? <Rutherther>well I do not know, my only guess would be shallow clone <FuncProgLinux>Rutherther: I also experience that, but I cloned like one would normally do on such forges. No extra args or depth specifications <Rutherther>oh, I went over it and it's just because there is no introductory commit and signer selected by default, they have to be configured <Rutherther>for example " guix git authenticate 79dcb79e1f36a87550d6f00a66343dd024d14ef3 "27D5 86A4 F890 0854 329F F09F 1260 E464 82E6 3562"" will save that commit and signing key as introductory ones. Then subsequent calls do not need an introductory commit <Rutherther>that's quite a recent commit. You can also choose for example the ones that are in the default channels.scm definitions <nckx>google.com finally blocks links (the browser, not the abstract concept, much as they'd love to). That's new. <nckx>Is/was there a known issue with ‘guix substitute’ daemon subprocesses hanging forever? Apparently my substitute server has been idle for weeks. <JodiJodington>nckx: is it blocking it maliciously or is it just redoing the site and it happens to not work? either way that sucks to hear <ieure>simendsjo, I've been using collectd, influxdb, and grafana. I wouldn't recommend influx at this point. People seem to be settling on Prometheus as the most popular way to collect metrics. <ieure>simendsjo, I personally don't like that Prometheus relies on a central machine scraping metrics from the monitored nodes. collect will buffer locally in the case of network partitions (like: your laptop is off your home net) and send everything once it can talk again. <ieure>I'm sure there's some thing that'll let Prometheus work similarly, but I like that collectd works that way out of the box. <ieure>There is no collectd service for Guix, though I've been meaning to work on one. Have a couple other things I really need to get pushed before I take on another. <jonsger>simendsjo: zabbix is already in the guix repo including a service AFAIK, but to be honest I never got it up and running on Guix System <simendsjo>ieure: Thanks, I'll look into these. Grafana and Prometheus is used at work to (probably together with everything else under the sun), so that increase their score a bit. <simendsjo>jonsger: Thanks, looks quite nice. Probably way more than I need for my computers, but my "lab" might expand in time too. <attila_lendvai>FTR, after running `guix git authentivate ...` once manually, it now works fine after a git pull. <Rutherther>yeah, it saves the introductory commit and signe <attila_lendvai>and the trouble is that now that it's "fixed" locally, usually no one takes initiative to fix it for the newcomers <nckx>JodiJodington: It does not look accidental or temporary. ‘Update your browser. Your browser isn't supported any more [sic]. To continue your search, upgrade to a recent version. Learn more’. I'll leave opinions of Google's malice to the reader. <nckx>It works with -http.fake-user-agent 'Mozilla/5.0 (X11; Linux x86_64; rv:142.0) Gecko/20100101 Firefox/142.0' so update said opinions. <PotentialUser-85>Hey I'm having trouble packaging with cmake: it complains that a source_group not being a prefix of a file, which shouldn't matter, since I'm only interested in building. I could patch the cmake files to not have source_groups, but that seems a bit dirty. <PotentialUser-85>(if logs, source code, etc. are needed I can supply them, but I'm hoping someone had this problem before) <benjaminwil>i believe i have my first packaging patch ready to send to guix :'D but i am wondering where i can read more about the format y'all use for commit messages. i haven't found a definitive guide to how to format either the first line or the commit message body in the reference manual yet. <benjaminwil>for now i will manually write one but it seems to me that they are automated <mange>There's some yasnippet config in the repo for some simple things (adding a package, updating a package version), but I don't know of any automation beyond that. <eikcaz>denjaminwil: I believe the link mange sent is the best authoritative source of truth. Beyond that, you can just browse the git history to fill in other gaps <vhns>Does anyone have an example of separating Wireguard into namespaces/containers programatically? Both server and client.