IRC channel logs


back to list of logs

<buenouanq>oh, and the module needs to be just `bootloader' while you have `bootloaders'
<buenouanq>maybe not
<buenouanq>i'm confusing myself
<atw>Hello! I'd like to use mcron to automate backups. is what I've got. How can I run a gexp like (backup-home "me")? I think I want to use gexp->derivation, but after that, I've been unsuccessful with run-with-store and similar.
<civodul>hello atw`
<civodul>you don't need to use gexp->derivation and all that
<civodul>what you have posted is almost there
<civodul>you need to change (backup-home #$user) to #$(backup-home user)
<civodul>apart from that, it looks good at first sight
<civodul>see also the examples at
<atw>civodul: thanks! what about taking the gexp that (backup-home "me") evaluates to and causing it to run via the REPL? I'd like to test the command, and sometimes I may want to cause a backup manually.
<civodul>atw: at the REPL you could do:
<civodul>,run-in-store (gexp->derivation "foo" (backup-user "bar"))
<civodul>well hmm, not quite
<civodul>at worst you can type the gexp at a REPL, just without the #~ and #$
<civodul>ACTION -> zZz
<civodul>feel free to email to discuss further!
<OriansJ>Though you might find this interesting: as alsa has fewer dependencies than pulseaudio
<str1ngs> buenouanq you can use plain-file to insert a config file into config.scm
<buenouanq>str1ngs: just as a string or what?
<buenouanq>are there any examples?
<quiliro>buenouanq: so you created the file 10-evdev.conf
<quiliro>with text between Section and EndSection in it?
<quiliro>or you put the text you gave the link to in config.scm?
<quiliro>buenouanq: how did you do it?
<quiliro>,tel buenouanq the paste you sent it supposed to be in config.scm or in 10-evdev.conf?
<quiliro> ,tell buenouanq: the paste you sent it supposed to be in config.scm or in 10-evdev.conf?
<quiliro>is there a bot in this roomZ
<atw`>quiliro: I believe it's "sneek: later tell so-and-so ..."
<quiliro>atw`: thanks
<quiliro>sneek: latter tell buenouanq the paste you sent it supposed to be in config.scm or in 10-evdev.conf?
<sneek>buenouanq, quiliro says: the paste you sent it supposed to be in config.scm or in 10-evdev.conf?
<quiliro>sneek: help
<bavier1>quiliro: they're here, but must be afk
<quiliro>sneek: later ask the paste you sent it supposed to be in config.scm or in 10-evdev.conf?
<sneek>Will do.
<quiliro>sneek: thank you
<quiliro>sneek: wheres is Quito
<quiliro>sneek: where is Quito
<quiliro>sneek: what is guile
<sneek>Guile is a friendly, quiet, and somewhat despised Scheme implementation.
<quiliro>sneek: what is elisp
<quiliro>sneek: what is lisp
<sneek>Someone once said Lisp is a powerful, highly expressive, classical, and somewhat despised family of programming languages.
<quiliro>sneek: botsnack
<quiliro>sneek: botsnack Quito is city in Ecuador
<quiliro>sneek: what is botsnack
<quiliro>guile help
<quiliro>sneek: guile help
<sneek>guile help <something>
<quiliro>sneek: guile help something !
<sneek>Did not find any object named `#{something !}#'
<quiliro>sneek: where is botsnack
<quiliro>sneek: where is boot
<quiliro>sneek: where is filesystem
<quiliro>sneek: where is lisp
<quiliro>sneek: what do you know
<quiliro>sneek: what is knowledge
<quiliro>sneek: knowledge is power
<sneek>So noted.
<quiliro>what is knowledge
<quiliro>sneek: what is knowledge
<sneek>Last time I checked knowledge is power
<quiliro>sneek: knowledge is freedom
<quiliro>sneek: what is knowledge
<sneek>Last time I checked knowledge is freedom
<quiliro>sneek: who is bavier1
<quiliro>sneek: who is quiliro
<quiliro>sneek: who is buenouanq
<quiliro>sneek: what is freedom
<quiliro>sneek: freedom is not the right to slavery
<sneek>I'll keep that in mind.
<quiliro>sneek: what is freedom
<sneek>Last time I checked freedom is not the right to slavery
<quiliro>what is freedom
<quiliro>sneek: what is freedom
<sneek>I've heard freedom is not the right to slavery
<quiliro>sneek: freedom is not the choice of slavery
<quiliro>sneek: slavery is imposition
<sneek>So noted.
<quiliro>what is slavery and freedom
<shiranaihito>freedom can also be defined as "the absence of intervention"
<quiliro>what is slavery
<quiliro>sneek: what is slavery and freedom
<quiliro>shiranaihito: tell sneek
<quiliro>sneek: what is slavery
<sneek>Someone once said slavery is imposition
<shiranaihito>nevermind, something weird is going on here
<quiliro>sneek: freedom is +the absense of intervention
<quiliro>sneek: what is freedom
<sneek>I've heard freedom is not the right to slavery
<quiliro>shiranaihito: i'm just playing with sneek !
<shiranaihito>ok, can someone tell me if system configs can be applied "incrementally"? like, if i first "guix system init" with a "minimal" config, and then do a "guix system reconfigure" with another config file that defines services.. is that ok?
<shiranaihito>i mean, will guix just add the stuff from the second file, while keeping everything defined in the first file?
<shiranaihito>or should one system config contain everything
<quiliro>shiranaihito: no
<quiliro>option 2
<shiranaihito>so you mean the system config has to contain everything?
<quiliro>that is why i am afraid to use some config i made
<shiranaihito>only one config
<quiliro>everything for the whole system....common to all users...not the config that users do not share
<quiliro>that must be installed by the users, not by reconfigure
<quiliro>i guess i should have kept track of the last file i used
<shiranaihito>ok, but i imagined the second system config file would also contain stuff that's common to all users
<str1ngs>shiranaihito: re configures are not partial. they are still efficient using symlinks from what I have seen
<sneek>Got it.
<shiranaihito>so i guess the question remains: does guix install stuff incrementally?
<quiliro>or guixsd should keep a copy of the last file i used
<str1ngs>shiranaihito: it is not incremental. it does however reuse resources from the store
<str1ngs>shiranaihito: in the context of reconfigured, based on your original question anyways
<quiliro>shiranaihito: what is your worry?
<quiliro>what is the end objective you search for in this incremental intention?
<quiliro>if it would be incremental, you would have to specify what to remove
<quiliro>since it is not, you must detail everything you want for the common system
<quiliro>i would like to help you but i do not understand why you need it to be incremental
<shiranaihito>quiliro the idea was to install postgresql and nginx separately, so that i wouldn't have to see their error messages about missing files and stuff when booting into a newly installed systen
<quiliro>all right... 'guix system build config.scm' is done can i know if it did the right thing?
<quiliro>shiranaihito: install them as different users
<str1ngs>shiranaihito: you can do that, it would reuses packages. you need to make sure the guix versions match with init and reconfigure though
<str1ngs>quiliro: is this a new system or existing system?
<quiliro>i suggest not to use 'guix system reconfigure config.scm'
<shiranaihito>str1ngs well, it's a new system basically
<shiranaihito>i'm just reinstalling everything several times while preparing my configs etc
<str1ngs>shiranaihito: yes I gather you want post install either nginx or postgresql?
<shiranaihito>str1ngs yeah, but basically just to avoid the error messages about missing certificates / config files / data directory etc
<shiranaihito>i suspect guix could be modified to make everything alright in that respect :)
<quiliro>shiranaihito: but to put only the basic things in config.scm and run 'guix package -i postgresql' on one user and 'guix package -i nginx' on another user
<str1ngs>yes, I would use config.scm to configure all that where possible
<str1ngs>quiliro: that won't help if he wants to use services
<quiliro>str1ngs: true
<shiranaihito>str1ngs and you're talking about only having one system config(.scm) with everything?
<str1ngs>shiranaihito: if possible. it might not easy to do post install stuff though
<str1ngs>like generate certs etc
<str1ngs>like for guix-publish service I do guix archive --generate-key on first boot
<shiranaihito>well, i need to upload my application (and its certs) into an actual installed GuixSD, so.. :)
<str1ngs>there are ways to do that.
<str1ngs>shiranaihito: you can use gexpression like local-file to add a file to the store
<str1ngs>then you can configure the service to use that cert path
<shiranaihito>str1ngs alright, so something like "(ssl-certificate (local-file <something>))" would be enough?
<str1ngs>shiranaihito: I'm not sure if that takes a gexpression object
<str1ngs>but you could in theory translate it somehow
<str1ngs>if it does not
<shiranaihito>but how would i use a local-file for that then?
<str1ngs>shiranaihito: you would convert local-file to string paths if ssl-cert does not take a gexpression object
<str1ngs>still learning about gexpression so not sure how to do this off hand
<str1ngs>ssl-certificate takes either a string or #f it seems
<shiranaihito>well, i guess i'll just muddle through with error messages for now
<str1ngs>shiranaihito: I don't know the precise syntax to do this maybe someone else does
<str1ngs>could try the ML for more input
<shiranaihito>str1ngs no problem :)
<str1ngs>shiranaihito: but in in theory adding the file to the store would be the best approach
<shiranaihito>why? :)
<str1ngs>if you need to rollback with a previous cert it wills till work. since the cert is in the store
<str1ngs>will still*
<str1ngs>also it avoid have to post install . as per your request
<str1ngs>or post configure anyways
<str1ngs> shiranaihito also for configs. plain-file is nice, in that you can embedded your config in config.scm. and it will produced the store item for you
<quiliro>after 'guix system vm config.scm' is can i test it?
<str1ngs>quasisane: does vm output a script link?
<str1ngs>quiliro: ^ you can just call the script that is shown after running guix system vm
<quiliro>str1ngs: the manual says that it returns a script to run that virtual machine
<quiliro>do i need to install qemu?
<str1ngs>correct, no it will install everything you need to run the script
<quiliro>str1ngs: excellent...thank you
<quiliro>it takes a long time in this core 2 duo
<quiliro>i think i should start studying how to offload in order to take less time
<str1ngs>quiliro: you can also pass qemu arguments to the script
<str1ngs>are you using substitutes?
<quiliro>str1ngs: probably
<quiliro>did not use any --fallback
<str1ngs>ahh the what I do is build on my high powered server. then I use the server as a publish server
<quiliro>i could do that too
<str1ngs>offloading does not work for me. need to look into it more
<str1ngs>also sometimes if no substitute exists and it builds. it only needs to do it once
<str1ngs>just sucks if that happens to be the kernel. which would be rare anyways
<quiliro>but grafting take a long time too
<str1ngs>I don't grok crafting
<str1ngs>err grafting
<str1ngs>something are still IO bound ya.
<quiliro>without grafting it takes even longer
<str1ngs>quiliro: but ya generally I do all my building on a high workstation. then do final configure etc on my say notebook
<str1ngs>even works with guix pull if your commit hashes match
<quiliro>how do you do it?
<str1ngs>I use the high end workstation as a guix publish services. so it distributes substitutes to the notbook
<str1ngs>I just make sure my guix hashes match, and I use the same config.scm that I built with
<str1ngs>generally I use hostname.scm
<quiliro>would you give more detail please
<str1ngs>my high workstation runs a the guix-publish service
<quiliro>i get that
<str1ngs>and I configure my notebook and other machines to use it as a substitute-url
<quiliro>i would like to know the exact commands or files that need to be used in order for that to happen
<str1ngs>quiliro: I modify my notbook desktop services
<str1ngs>quiliro: on orion I add guix-publish service to services .
<str1ngs>quiliro: you also need to generate key and authorize
<str1ngs>guix archive does that
<str1ngs> explains hot to generate and import
<str1ngs>quiliro: seems more complex then it is. not easy for me to do a step by step
<quiliro>str1ngs: that is good enough...thank you very much
<str1ngs>quiliro: also when you do guix pull on the server. make sure you do guix pull --commit=<server guix commit hash> on other machines
<str1ngs>guix version will give hash if you have pulled encase you need to check it
<quiliro>i will re read your instructions and test it when i get access to a powerful workstation
<str1ngs>also /var/guix/substitutes/cache/<server hash> might need purging if TTL gets messed up
<quiliro>build failed
<str1ngs>I'm not sure how to invalidate the cache
<quiliro>perhaps it failed because i am low on disk...only 3.2 GB free
<str1ngs>did you get an error?
<quiliro>or RAM ....only 685 MB free
<quiliro>yes. an error
<str1ngs>also is it building something? or using substitutes?
<quiliro>build failed after 1107 seconds
<quiliro>phase build failed after 1107 seconds
<quiliro>i do not know...but there are a bunch of CC lines
<quiliro>i suppose it is building
<str1ngs>CC line implies building. did you authorize hydra?
<quiliro>but i do not understand why it builds if my guix is 7 days old
<quiliro>i do think so
<quiliro>i do not think so
<str1ngs>assuming this foreign distro?
<quiliro>i did not use --fallback
<str1ngs>ah guixsd should authorize hydra by default
<str1ngs>quasisane: what does guix version have?
<str1ngs>err guix --version
<quiliro>str1ngs: you meant me?
<quiliro>guix (GNU Guix) 1ee750ba4c76d9eff248b0f0657e0d8f119607ff
<str1ngs>that is not too old.
<str1ngs>dunno if guix pull will help this. what is the build error?
<quiliro>builder for /gnu/store/...-qemu-2.10.2.drv failed with exit code 1
<str1ngs>guix will build if not substitute exists. in the case of qemu I suspect it doing the right thing and building
<quiliro>str1ngs: i am running it now with guix in emacs
<quiliro>(guix-command "system" "vm" "/home/quiliro/guix/lightweight-desktop2.scm")
<buenouanq>quiliro: I just lurk here.
<buenouanq>guix system error: failed to install bootloader
<quiliro>i had a kernel panic
<quiliro>buenouanq: how did you get that?
<quiliro>buenouanq: and how did you define dvorak?
<quiliro>on slim
<buenouanq>I posted how earlier for you.
<buenouanq>you define something that reads a file, then you modify the desktop service to read it
<buenouanq>so you create the file /etc/config.d/10-evdev.conf (but it could be a different name or in a different location if you wanted)
<quiliro>buenouanq: that is exactly what i am put the contents of the 10-evdev.conf inside config.scm?
<buenouanq>file contains the stuff there behind the ;;
<quiliro>so 10-evdev.conf should be in the local directory with those contents and the rest should be in config.scm?
<quiliro>buenouanq: ^
<buenouanq> config.scm
<buenouanq> 10-evdev.conf
<buenouanq>it should be wherever the definition that reads it thinks it is
<buenouanq>in these files for me that is /etc/config.d/10-evdev.conf
<buenouanq>I'm really looking for a better way to do this though.
<buenouanq>but this does work
<quiliro>buenouanq: thank you...very...very much!
<buenouanq>do you understand it now?
<buenouanq>it's all in those two files
<buenouanq>you'll need that ice9 module too
<buenouanq>is there any way to install just the bootloader?
<buenouanq>i've gone through an install with a friend and it completed but failed to install grub
<buenouanq>they don't really want to wait through the whole install if it actually succeeded like it appears to if all we have to do is add the bootloader somehow
<buenouanq>I've just don't know how.
<DamienCassou>first time here
<DamienCassou>I'm evaluating the possibility to use Guix as my main OS to replace Fedora. I have used NixOS for 2 years and loved it. I eventually gave up because many small things were not working good enough. I plan to change my WM to something much simpler than Gnome and I see that as an opportunity to go back to NixOS. But I could also try Guix. What do you think?
<buenouanq>Guix is Nix improved and made humane.
<DamienCassou>buenouanq: can you tell me more about the differences
<buenouanq>I recommend installing GuixSD and deciding for yourself.
<buenouanq>not any more than what you can read
<buenouanq>guix uses guile is the biggest and most important
<buenouanq>everything is just normal beautiful lisp declarations
<buenouanq>nixos uses systemd while guixsd uses shepherd
<quiliro>DamienCassou: bonjour!
<quiliro>DamienCassou: please remember GuixSD is beta
<DamienCassou>"than what you can read" where?
<quiliro>buenouanq: i have an error on the line that mentions 10-evdev.conf
<quiliro>DamienCassou: read in the manual
<buenouanq>DamienCassou: on the about pages on either"s wobsites
<quiliro>i don't know about the nixos website
<quiliro>but check the guix ws
<buenouanq>quiliro: did you add the ice-9 thing to the modules?
<quiliro>buenouanq: no...i will do
<DamienCassou>is it ok to run guix on a server or is it still too "beta" to be trustworthy?
<DamienCassou>the server is taking care of a few personal services that are not vital but that I would like to be working (such as my email and gitlab)
<quiliro>DamienCassou: i would not put my job on it....but for personal use it is great...unless you know how to hack!
<quiliro>buenouanq: $ sudo guix system reconfigure guix/lightweight-desktop2.scm
<quiliro>guix system: error: failed to load 'guix/lightweight-desktop2.scm':
<quiliro>/home/quiliro/guix/lightweight-desktop2.scm:59:13: /home/quiliro/guix/lightweight-desktop2.scm:59:13: In procedure module-lookup: Unbound variable: slim-service-type
<quiliro>was that a flood?
<quiliro>why do i get that error?
<buenouanq>I'm sure it's just a missing module
<buenouanq>maybe (gnu services xorg)
<buenouanq>I wish I understood the module look up thing better - Mine's become a mess...
<buenouanq>DamienCassou: I've used GuixSD on all my computers for the last year or so - It's perfectly `trustworthy'.
<quiliro>buenouanq: it worked!
<quiliro>it was that module
<quiliro>buenouanq: it is trustworthy for you because you know how to hack guixsd
<quiliro>it is like a hotrod!
<buenouanq>no, I really don't
<buenouanq>I help people here when I can, but I'm as lost as you I promise
<quiliro>it would be great to have a repo of config.scm
<buenouanq>lost in guixsd together~
<buenouanq>I totally agree - I would love more examples.
<quiliro>do you think it is good to have a version of freedombone for guixsd?
<quiliro>i would love a configuration for my father which has visual disabilties and hearing disabilities and bad memory
<quiliro>it should be something simple and very intuitive
<quiliro>with magnification 10x
<quiliro>and very low functionality
<quiliro>only email, non formated text, graphical web browsing and very automatical with wifi and no passwords except for administration (which is done by me)
<quiliro>oh! and sound recording and listening to music
<quiliro>i think that would serve many older people
<buenouanq>I've never heard of it.
<quiliro>of what?
<buenouanq>oh, these are different things
<buenouanq>I've never heard of freedombone - This is a BeagleBone thing?
<quiliro>it is a server which comes with defaults for several services
<buenouanq>that's cool
<buenouanq>I'm currently building GuixSD for me BBB.
<quiliro>mail and others
<buenouanq>and I just discovered last night that we now have official services that do most of those things.
<buenouanq>BeagleBone Black
<Tsutsukakushi>quiliro: beaglebone black
<quiliro>oh...freedombone is for BBB
<quiliro>but it is for debian and parabola only
<quiliro>would be nice for guixsd
<buenouanq>we have our own services that do these things already though is what I'm saying
<buenouanq>setting up a webserver and database on guixsd is super easy
<buenouanq>i'm soon going to start playing with our mpd, email, and git services.
<quiliro>freedombone is not only for is a unified server...where passwords are random and there is only one user controlled password
<buenouanq>I should read more about it.
<quiliro>because usually no one uses good passwords for all services anyway
<quiliro>buenouanq: you would like it
<buenouanq>I'm actually surprized I haven't heard of it before.
<quiliro>there is even a mesh version for disasters
<buenouanq>I hope when 0.11 is finally released, ng0 also drops a beautiful gnunet service on us.
<quiliro>sneek: what is infotropique
<amz3>it's the plan
<buenouanq>discovered yesterday that the whole manual is under tty2 on the install image
<civodul>buenouanq: it's advertised quite prominently, no? :-)
<buenouanq>somehow, I've missed it
<efraim>sneek: later tell quiliro I have my GuixSD configs here
<efraim>sneek: botsnack
<civodul>uh, is it me or debbugs is down?
<efraim>civodul: worth trying to parse this to see if packages are out of date?
<civodul>efraim: why use SaaSS when we have 'guix refresh'? :-)
<civodul>also, prolly reads our packages.json, which is currently not getting updated daily
<civodul>(which is a problem)
<snape>civodul: debbugs works for me
<snape>(https at least)
<civodul>yeah it was apparently a DNS issue here
<buenouanq>what are common reasons the bootloader would fail to install?
<buenouanq>gave it a 100M bios boot partition
<buenouanq>pointed the target to the right place
<amz3>can someone take care of guile-bytestructures please?
<civodul>amz3: i'm taking care of it, sorry for the delay!
<snape>buenouanq: 1MiB should be enough
<snape>assuming it's GPT
<buenouanq>go big or go home
<buenouanq>if failed to install though
<snape>I've always had more luck with MBR, maybe you should consider trying MBR?
<buenouanq>instead of GPT?
<buenouanq>it's something to try
<buenouanq>I'd would still like to know why it failed.
<buenouanq>the error is not helpful
<buenouanq>"guix system: error: failed to install bootloader"
<snape>is your partition encrypted?
<snape>buenouanq: (your boot partition)
<amz3>no worries, actually just want to know whether it will be in guix shortly or not
<amz3>civodul: ^
<buenouanq>snape: no
<snape>buenouanq: your partition also needs to be a BIOS boot partition. With parted, you need to do "set bios_grub on" for example.
<civodul>amz3: it will
<civodul>everyone does their best to review things quickly
<amz3>sorry, I can wait anyway
<buenouanq>you know what
<buenouanq>that's exactly it
<buenouanq>it's a bios boot partition, but I didn't flag it as bootable
<buenouanq>thank you snape
<buenouanq>I feel silly.
<snape>buenouanq: you're welcome. Does it work now?
<buenouanq>I don't know - It's a friend"s computer and I am not there right now.
<buenouanq>Having gone through the whol install, is there any way to just install the bootloader now?
<buenouanq>or do we have to go through it all again?
<snape>guix system reconfigure config.scm should do it I reckon
<snape>also, I don't think GRUB cares about things being bootable or not.
<buenouanq>from the install usb?
<buenouanq>ok, so maybe that wasn't it
<snape>being a BIOS boot partition and being bootable are two different things
<snape>and the meaning of the boot flag is different whether it's GPT or MBR... pretty complicated stuff
<snape>but really, I find MBR way much easier to deal with
<civodul>yeah, same for me
<buenouanq>I guess my bias towards GPT comes from my stack of giant harddrives which MBR can't do.
<buenouanq>would trying to do grub-efi help or just cause more headaches?
<castilma>or maybe use gpt with bios?
<snape>the MBR limit is 2TB. Make sure you need them :-)
<snape>yeah EFI === headaches actually
<shiranaihito>ok, so.. it seems that a "system init" won't go through without a certificate configured for nginx already being in place, on an installation that doesn't exist yet.. but the last time i tried, a "system reconfigure" wen't through without it
<shiranaihito>i wish whatever installs nginx weren't so strict about this when it doesn't really make sense (yet, at least)
<shiranaihito>.. and i'm supposed to have everything in one system config, but it can't be installed now, it seems
<shiranaihito>what do people typically do when they use nginx in a system config and want to set up SSL too?
<shiranaihito>.. or am i boldly going where no man has gone before? :p
<shiranaihito>and i don't get it.. it seems to me like guix's behaviour changes over time, even though i'm using the exact same installation image
<shiranaihito>can i "read" guile source from another file, into a system config in a specific place? so maybe i could have the nginx stuff in a separate file and read it in to make a "full" system config, after doing "system init" without nginx
<shiranaihito>then i could avoid some unsavoury duplication :p
<wigust>shiranaihito: Are you saing that 'system init' and 'system reconfigure' give you different results?
<shiranaihito>wigust afaik, a reconfigure would go through without the certificate files in place, at least i think it did last time
<shiranaihito>ok, i'll just use two separate files - one with nginx and one without
<shiranaihito>it's dirty, but i don't know what else to do
<wigust>shiranaihito: You could use Guile modules to separate stuff. If you have ssl certificates already, then pass them to nginx (example
<shiranaihito>that seems to depend on Let's Encrypt
<shiranaihito>(which i'm not using :))
<wigust>shiranaihito: Why? Certificates are same what ever distributor, are they not?
<shiranaihito>all in all, i think the nginx installation should not error out if the cert files are not present - let nginx worry about that when it's starting up
<shiranaihito>wigust not sure what you mean, but Let's gives you some kind of "live service" and lots of automation, right?
<shiranaihito>i just have files that i want to place in a directory.. after i actually have a Linux server running
<shiranaihito>the cert file config setting for nginx is meant to tell *nginx* where to find a cert file, right? it's not guix's problem
<shiranaihito>(and now guix has presented me with a ~problem that doesn't need to exist)
<wigust>shiranaihito: You have a key and certificate, right?
<shiranaihito>wigust yes
<wigust>shiranaihito: Then you could pass them as in example I gave you.
<shiranaihito>wigust using the Let's Encrypt -specific "certbot" stuff?
<shiranaihito>i'm not using LE at all
<shiranaihito>again, this is not something guix should concern itself with - nginx is told where to find a cert file, and it's either there, or *nginx* will exit with an error or something
<str1ngs>shiranaihito: you could do #f for cert then use reconfigure after
<shiranaihito>str1ngs i'd still have two files with almost identical contents?
<shiranaihito>two system cfg files, that is
<str1ngs>init is generally only run once
<str1ngs>after that you can proceed with reconfigure
<shiranaihito>yep :) but now i'm running it several times when cobbling up a system config for my server
<str1ngs>running init? or reconfigure?
<shiranaihito>still, guix should not concern itself with something that's essentially a runtime thing for nginx
<str1ngs>I hear ya, just that guix is functional so the inputs effect the end output. in that context guix starts to make sense
<str1ngs>partly why I explained using gexpression make this move viable
<shiranaihito>str1ngs yes, but in the nginx config case, everything can be all functional and stuff, while still letting nginx figure out if the configured cert file exists when it's needed
<shiranaihito>and yeah, the local-file stuff.. i didn't feel like trying to learn more about that when i just want to get stuff running
<shiranaihito>i have a habit of wasting time anyway
<str1ngs>shiranaihito: it does take time to learn the scheme side yes.
<shiranaihito>and whenever i look at a Guile file, i keep longing for Clojure :P
<str1ngs>also I hear ya about nginx, but guixsd is not your average linux system. if you are use to editing server config files like you would another distro
<catonano>shiranaihito: is it thhat different ?
<catonano>I felt lost wit the nix langage, but scheme is ok for me
<str1ngs>shiranaihito: guixsd is about being able to reproduce things in a deterministic manner. once that starts to click it's very powerfull
<shiranaihito>besides, i'm still kind of uncomfortable about using "local-files".. i don't know how they work, and i want to keep certs in a different location than where my guix config files are, etc
<str1ngs>I agree local-flile is the weakest expression to use there.
<shiranaihito>str1ngs i still don't see the problem with letting nginx worry about the cert file's existence, in terms of guix being "functional"
<shiranaihito>the nginx config itself is functional even if you don't error out on the files not existing yet (on a system that's not yet installed!)
<str1ngs>because /etc/ does not work like a regular linux distro
<str1ngs>you have to keep in mind guix is atomic and statefull. meaning rolling back breaks when you hard code things in /etc
<shiranaihito>str1ngs i'm not sure what would be hardcoded here, and how
<str1ngs>if you use gexpression the config can be in the store. in which case it probably won't error out.
<shiranaihito>the cert location is just a string
<str1ngs>I just don't know how to convert the gexpression file object to a string
<shiranaihito>ok, but i don't want to learn about that, and i don't see the cert files as "part of my guix system config"
<shiranaihito>yeah, that too :)
<shiranaihito>i don't know either and i don't want to find out, especially because it would probably require learning about X Y Z in the process :P
<str1ngs>mean while, use init and pass #f for certs. then reconfigure after boot?
<shiranaihito>str1ngs yeah, right now the plan is to use two sys config files, one with nginx and one without
<shiranaihito>it's almost the same, but with like.. a bit less duplication, i guess :P
<str1ngs>that works, but like I said you really only need to do init once
<shiranaihito>str1ngs in general, yes
<shiranaihito>but this problem shouldn't be inflicted on users even that one time :P
<str1ngs>I was annoyed in regards server configs at first. after I started to grok guix and guixsd. I now rather like it
<shiranaihito>str1ngs well, that's rather fortunate :)
<str1ngs>and I had previous guile experience before that.
<shiranaihito>of course even i like guix overall, as a thing :) it's just rough around the edges still
<str1ngs>what I'm saying is that from the context of a power user from another linux distro. guixsd can be annoying . but only at first
<str1ngs>the features you gain via this process. out weight the tradition editing copying a file in place.
<shiranaihito>str1ngs sure, but if X is a problem, then it's a problem as long as it exists, even if someone overcomes it and proceeds to have a great time with Guix(SD) :)
<str1ngs>it's more like. the problem is solve X way vs Y
<shiranaihito>not sure what you mean
<str1ngs>what I mean, is the problem is solved in a way that you are not expecting
<shiranaihito>str1ngs and how is that?
<shiranaihito>ok but i don't want to do that
<shiranaihito>and it's basically a workaround to a problem that shouldn't exist
<shiranaihito>as for "being functional", the nginx config can be perfectly functional without erroring out on a missing certificate - maybe you roll back to a previous version and then the location where nginx will look for a cert changes!! --> still functional!
<str1ngs>if the cert does not exist. then no it does not function :P
<str1ngs>also rollbacks break when you hardcode config paths . I wont get into that now though
<shiranaihito>str1ngs now you're talking about nginx functioning :P
<shiranaihito>good thing you added the smiley :p
<shiranaihito>suppose there's a great bar with a glorious selection of single malt scotch whiskey and hot girls, but when you enter for the first time, the bouncer punches you in the face :P
<str1ngs>guixsd looks at the sum of parts
<str1ngs>I not trying to piss you off. just trying to explain the guix way of doing things
<str1ngs>and failing I thing :(
<shiranaihito>sure, and i'm not trying to piss you off either :) so i guess we're even :p
<shiranaihito>and ofc, it's possible that i just don't see The Light yet (but will) :)
<str1ngs>it does not help, I don't know the syntax to give you
<shiranaihito>but for now, i see a problem that shouldn't exist
<str1ngs>why it would no hurt to try the ML list. so more knowledgeable people can explain how to do this the right way.
<shiranaihito>btw, what does it mean when a "known host" is listed in square brackets? (.ssh/known_hosts)
<str1ngs>what context?
<shiranaihito>i mean, in the known_hosts file, an IP address is surrounded with brackets
<shiranaihito>just wondering what it means
<str1ngs>an you mean ~/.ssh/known_hosts
<shiranaihito>it seems the same address is listed twice, but once without brackets and once with them
<str1ngs>() threw me off. I was thing scheme
<shiranaihito>right, but i meant like []
<str1ngs>dunno offhand
<shiranaihito>np :)
<str1ngs>is it only aka localhost?
<str1ngs>shiranaihito: when in doubt delete it from known_hosts
<roptat>shiranaihito: is it that you give a file in the configuration for nginx, but it doesn't exist on the system yet, and that gives an error from guix, right?
<shiranaihito>str1ngs oh nono that was just an example, i didn't want to say the actual ip here
<shiranaihito>roptat yeah, pretty much. as i see it, i'm telling nginx where to find a cert file, but since i'm just installing the system, it's not in place yet
<str1ngs>shiranaihito: that fine I was wondering if it was related to being special due to loopback. still if you are in doubt delete the offending line
<shiranaihito>str1ngs yeah, i've deleted it several times - it's the IP that VMWare gives my VM
<shiranaihito>or i guess DHCP gives it, to be more accurate :)
<roptat>ok, I think I understand the issue. The test for file presence was added to ensure nginx would actually run (because if it's not, nginx won't start at all)
<shiranaihito>so it's not a scary potentially haxxorous IP, i'm just wondering what the brackets mean :)
<snape>shiranaihito: what you described about nginx certificates seems like a bug, but I think it has been solved already. When is the last time you updated Guix?
<roptat>but of course the test is incorrect when the system gets installed
<str1ngs>shiranaihito: ah brackets denote hosts with non standard ports I think
<shiranaihito>roptat yes, but now there's a problem with the installation, just because users are being protected from themselves
<shiranaihito>str1ngs ohhh, right that might be it
<str1ngs>shiranaihito: my guess is that machine has a port that is not 22
<shiranaihito>i've set a non-standard ssh port
<shiranaihito>snape i'm running guix pull now on my VM, but again, i'm just trying stuff out while scraping together a system config for running a SaaS app
<snape>I don't think you will have the issue after a git pull
<str1ngs>shiranaihito: "Non-standard ports can be indicated by enclosing the host name with square brackets and following with a colon and the port number. Here are three examples referring to hosts listening for SSH on non-standard ports:"
<str1ngs>shiranaihito: source
<shiranaihito>roptat it's alright for nginx not to start when the cert file is missing, especially when the user is basically in the process of making nginx happy along with everything else
<roptat>actually it'll be all right after your guix pull
<shiranaihito>configuring an incorrect location for a cert file is the user's problem, not guix's, especially when making it "guix's problem" results in a problem for the user :P
<snape>shiranaihito: I believe this commit solved it:
<shiranaihito>str1ngs cool, thanks :)
<snape>commited on December 11
<shiranaihito>snape oh? so the next installation image won't have this problem?
<snape>when was the last image released?
<snape>before December 11?
<shiranaihito>not sure, but i'm using 0.14
<str1ngs>snape: can you not convert a gexpression to as string to get around this ? say with local-file?
<shiranaihito>probably before 11. yeah
<snape>so I think it should be solved now
<shiranaihito>great :)
<snape>thus, with a guix pull, you'll get it fixed
<shiranaihito>"If nginx is configured with a ssl-certificate file, and ssl-certificate-key, it will fail to start unless these exist. To avoid this happening, change the default to #f." <-- but does setting "the default" to #f actually change anything? the default doesn't apply when you've got cert files configured, right?
<snape>there is this commit too:
<snape>where does your quote come from?
<str1ngs>shiranaihito: default is "/etc/nginx/key.pem" which is not the same as cert
<str1ngs>shiranaihito: basically it's saying if the file dos not exist and you want it to start. set cert or key to #f
<snape>but again, this should not happen if Guix is up to date. Building a system based on a config should be deterministic, and thus it should not depend of whether or not you have a certificate.
<snape>depend *on
<str1ngs>well the config is not deterministic if the file does not exists since the service will fail. the issue is more that the config is overly strict at checking at build time
<snape>yes, because your Guix is not up to date. An up to date Guix shouldn't fail at build time.
<apteryx__>the error returned for an invalid base32 is terrifying
<str1ngs>sounds like a good thing :)
<snape>str1ngs: I don't think it's a good idea to use local-file for certificates, because certificates are usually generated on the target machine
<snape>and, at least with letsencrypt, are automatically updated
<str1ngs>them more I thought about it, I think you are right. you don't want to put your key in store
<shiranaihito>! :)
<shiranaihito>well, i didn't understand how the error is avoided with the new code, but that's alright. It seems there's a consensus it won't be happening anymore :P
<snape>shiranaihito: the second commit removes the error so...
<shiranaihito>snape sure, but i meant i didn't understand the description of what about the new code avoids the error.. but nevermind, i'm just a user :)
<str1ngs>shiranaihito: in this case get why you were more adamant
<shiranaihito>str1ngs well, i wasn't thinking "because certificates are usually generated on the target machine".. i just felt like it wasn't guix's business to handle certs :)
<str1ngs>I get*
<shiranaihito>but Let's Encrypt updating the certs seems like a good reason too
<shiranaihito>.. though LE itself isn't some kind of holy standard to adapt to
<str1ngs>that and you don't want the key in store. which local-file would do
<str1ngs>IIRC store readable by world?
<str1ngs>you can add extend permissions but it is not default
<snape>yeah you definitely don't want keys in the store :-)
<str1ngs>shiranaihito: I apologize, I didn't understand the scope the problem. I'm still newish to guixsd myself
<shiranaihito>str1ngs no worries, i wasn't thinking about it from a security perspective either :)
<str1ngs>generally using the store is a good thing. in this case it's not
<str1ngs>which might explain why it takes a string and not a file object to begin with.
<shiranaihito>str1ngs i'm sure using the store is a good idea in many cases, but i still don't know what those are. Maybe it's related to stuff being "bit reproducible" or something, but would for example this nginx config thing get in the way of achieving that anyway?
<shiranaihito>maybe the docs could talk more about the reasoning behind having Guix "manage" files, and how it works etc
<shiranaihito>(or maybe i've just not seen it yet)
<str1ngs>shiranaihito: I'll give an example. you have a config /etc/foo/config which is managed using store and config.scm . if the config does not change ever then the "system profile" will simply reuse that hash in the store. if it does change then guix updates the link in to store. which mean if the service config change is broken. you can rollback to good config because its in the store still
<shiranaihito>str1ngs yeah, but i'm wondering about what kind of stuff it makes sense for Guix to manage, like in this case, it turns out the cert location isn't one of them
<shiranaihito>there could be other "over-reaches" too :) i've got a similar vibe from the postgresql config's data directory setting, for example :)
<snape>you can't manage things that are "data"
<snape>because they change all the time, and are undeterministic
<str1ngs>yes, cert is not the best example . which is my fault
<shiranaihito>snape i'm not sure what you mean with that
<civodul>ACTION pushed the qemu-binfmt service
<shiranaihito>and how you'd define "manage" :)
<str1ngs>ACTION tests binfmt with notepad.exe :P
<str1ngs>I guess that won't with with qemu though haha
<str1ngs>won't work*
<snape>shiranaihito: you were the first using the word "manage" :-) I meant you can't have your config.scm depend on stuff that moves on its own, like data, certs, etc.
<shiranaihito>snape ok, but a lot of stuff is "data", right? :)
<str1ngs>think he means variable data
<shiranaihito>and i'm just saying "manage" because it seems Guix somehow "takes over" a file, and swallows it into The Store, and then i don't know what happens after that :)
<snape>yeah, a lot of stuff. emails of a mail server, passwords of your users, etc
<shiranaihito>a lot of config files could be "data" too, and the settings in them
<snape>Yeah I probably meant "variable data"
<shiranaihito>for example the location of postgres' data directory is like "data about this particular postgres installation"
<str1ngs>shiranaihito: it does not take over. the config.scm handles the file. you could even just use plain-file. which allows you to embed the into config.scm
<shiranaihito>str1ngs ok, and what does "handle" mean? :P
<snape>well, variable data then. Config files are static, and thus it makes sense to have your config.scm "swallows" a config file (e.g. with local-file) and thus the file will get in the store.
<str1ngs>shiranaihito: in the case of local-file if the hash changes it will create a new store item. if not it will add or reuse the same store item
<shiranaihito>snape but the point of having them in the store would be to be able to switch between configurations in a neat way, right? .. but that implies something has changed about a config file, i.e. it wasn't "static"?
<str1ngs>the problem is if you hard code the change. your previous system profiles break aswell
<shiranaihito>suppose i want to change the max number of connections my psql server will accept - is the postgresql config "static"?
<snape>well, if you want to change the static config file, you change it and then you reconfigure
<shiranaihito>and what does "hard-coding" mean? -not trying to be difficult here, just curious :)
<str1ngs>edit config path and data by hand
<snape>and you can rollback to the previous one when you want
<quiliro>i have a problem with sudo guix pull
<sneek>Welcome back quiliro, you have 1 message.
<sneek>quiliro, efraim says: I have my GuixSD configs here
<quiliro>thank you efraim
<shiranaihito>str1ngs but config files are always *edited* by hand? :P:P -Guix handles switching between configs with different contents
<shiranaihito>.. but does it need to?
<str1ngs>yes, its a feature that I very well like
<str1ngs>right now my current system works. but if I need to make a change. I like that I know for sure my previous system profile wills still work
<shiranaihito>str1ngs well, that does make sense, but on the other hand, you could also make a change in a config file, find out it results in trouble, and undo the change
<shiranaihito>or for example, if i'm running stuff in production, and i find out that for whatever reason, my psql server needs to accept more connections than it does now, does that mean i should perform a full system reconfiguration, or just change one specific value in one specific file?
<quiliro>after exporting GUILE paths i get the same error
<str1ngs>quigonjinn: what error?
<str1ngs>quiliro: ^
<quiliro>guix pull: error: Guile-Git is missing but it is now required by 'guix pull'.
<str1ngs>only as sudo?
<quiliro>str1ngs: let me checko
<str1ngs>also is this foreign distro? is so how did you install guix
<str1ngs>what does guix --version output?
<quiliro>installing Guile-Git
<quiliro>as user
<str1ngs>that was where I was heading aswell
<snape>shiranaihito: you can try your change by editing the psql config file by hand on the server, but if you want it to remain later, you need to change the config file pointed to by config.scm, and reconfigure
<shiranaihito>snape yeah :) i still think Guix's "responsibilities" could use some clarification with regard to config files etc
<shiranaihito>(but again, maybe i just don't see the magic yet)
<shiranaihito>(or! maybe guix does do a bit too much :P)
<snape>shiranaihito: feel free to update the docs :-)
<shiranaihito>snape i doubt i'm qualified to do that :p
<snape>I doubt you arn't
<shiranaihito>i doubt it makes sense to debate that :P
<snape>And you can still propose a change :-)
<shiranaihito>yeah :)
<snape>The magic is that you can have config files for 50 machines in one directory, without code repetition (because they are ordered in a logical way), with a Version Control System, and with one reconfigure (per machine) you update all your machines. You have (almost) no maintenance to do on your 50 machines. Adding a new machine is very easy too.
<snape>and you have full control on them, you don't need to remember which apt-get command you did on this one, etc
<snape>it's 10000 times more powerful than, say, Ansible (I find)
<ng0>you don't even need 50 individual config files, you can have one file and changes just inherit the most basic one and overwrite what they need.
<snape>Yes, that's what I meant when I said they should be ordered in a logical way.
<quiliro>i want to help
<quiliro>snape: what do you suggest for a newbie
<quiliro>maybe i could make a tutorial
<quiliro>to include in the manual or externally
<snape>quiliro: you can try to package a package you need but that isn't packaged by Guix
<snape>there are many, many packages missing :-)
<snape>I think it would be more useful than a tutorial, because the doc is already pretty good in my opinion. And if it has to be improved, you can still propose patches for the doc.
<quiliro>snape: I am trying to do that with openmolar. But I still have to learn a lot.
<snape>me too :-)
<snape>the great thing with Guix, is that it's very broad. You don't need to know everything, you can focus on a small part (i.e. the kernel, Ocaml, services, bootloader, etc) and improve it.
<quiliro>snape: i have a lot of dificulty. but i am persistent. i have to learn to read more....i know!!
<quiliro>finally finished guix pull
<quiliro>1 hour
<quiliro>sido guix pull says that guile-git is needed
<quiliro>but it is already installed
<quiliro>and echo $GUILE_LOAD_PATH
<quiliro>and echo $GUILE_LOAD_COMPILED_PATH
<quiliro>are correct (without sudo)
<quiliro>sudo export gives error
<quiliro>will run guix package -u for user now to test
<quiliro>looks like it is late in a
<quiliro>woops....that would output:
<quiliro>looks like it is lte in
<quiliro>but I meant looks like it is late in Asia
<quiliro>and too early in America
<quiliro>by America, I mean North, South and Central
<bavier>I'm working on packaging guile-cv, in case anyone else is interested in that
<atw>civodul: I'm mystified by what you said Why can't one do ,run-in-store? And what did you mean for me to run instead? I will also email help-guix
<apteryx__>Hello! Reading about Spectre, it seems that you either have to 1) install new microcodes AND patch kernel with IBRS and IBPB patches or 2) Patch GCC and rebuild the world. Is linux-libre going to receive those microcodes updatesÉ
<apteryx__>Windows has been surprisingly quick this time around:
<snape>apteryx__: the microcode update is non-free software, thus it won't be shipped with Guix.
<quiliro>i have a problem with sudo guix pull since about 16 hours ago
<quiliro>it is asking me to install guile-git and export some variables
<quiliro>i have done that as user and with sudo
<quiliro>but i cannot still 'sudo guix pull' yet
<quiliro>i have to run an old entry of GrI
<quiliro>with linux-Libre 4.11.6
<rekado>do ‘sudo -E guix …’, not ‘sudo guix’, because the latter will use root’s guix, whereas the former will use your own user’s guix.
<quiliro>on an installation which is 138 days old
<quiliro>thank you. will try
<quiliro>oh! finally
<apteryx__>snape: True. I hope it can get properly worked around in free software :)
<apteryx__>Has anyone experienced hostname resolutions woes when using Guix's openssh on a foreign distro?
<mynameisnew>i got problem during boot, it gets stuck on "tsc clocksource" or at "sde attached" but sometimes it boots fine, sometimes pluging or unpluging drives help.
<efraim>I was just gifted a 2010 macbookpro7,1 with a dead battery
<efraim>After ruling out buying a new battery I think it might make an OK guixsd desktop, even with only 4GB of ram
<bavier>efraim: nice gift
<efraim>Same family that gave me the iPad1 and one of the PPC macs
<apteryx__>nevermind, the host resolution problem was somewhere else.
<buenouanq>efraim: I just reinstall GuixSD on a Macbook last night.
<buenouanq>a 2008 5,1 I think
<buenouanq>There are some strangenesses with the process I don't understand that maybe you can help figure out if you do that.
<buenouanq>in other news, guix pull on my BBB has come to a hault twice now at compiling 77.8%
<ng0>what would I need to feed to Guile repl to get a gexp I have to really build or return the result in some human readable form? (define build-exp #~(begin (mkdir #$output) (chdir #$output) (symlink (string-append #$rxvt-unicode "/bin/urxvtc") "urxvtc"))) followed by (gexp->derivation "the-thing" build-exp) just returns $2 = #<procedure 353af00 at guix/gexp.scm:630:2 (state)>
<buenouanq>it takes 2 full days to get here and I've no idea what the problem is
<ng0>buenouanq: resource limits.
<buenouanq>it's refusing connections so I can't just messages and stuff
<bavier>buenouanq: do you have swap set up?
<buenouanq>ng0: which ones though? I've given it 8GB each /gnu/, /tmp/, and swap partitions.
<ng0>the ones you can't change. like RAM etc
<ng0>try to look into offloading somewhere or build the system in advance
<buenouanq>the post said something about cross compiling wasn't possible yet, that's why I'm even taking the time to do it on it in the first place
<buenouanq>I don't have any other arm machines.
<ng0>I read somewhere that you can set up qemu to cross compile native ARM. I don't have the link ready atm, but you could look into that
<bavier>buenouanq: Ludovic posted a patch series recently to support building for any system via qemu; I wonder how that could help building a BBB system on a more powerful workstation
<vagrantc>ACTION wonders what the minimal reasonable specs would be to build natively
<vagrantc>i haven't noticed "guix pull" making much use of multiple CPUs
<ng0>for instance.. and many more links I had somewhere
<ng0>so it's possible, it's just a matter of going there and trying
<ng0>crosstool-ng is also a thing
<amz3>ng0: I think you need to run a special repl to get the human readble output
<civodul>vagrantc: it does (the "GUILEC" phase does, specifically)
<civodul>it also eats your RAM ;-)
<amz3>ng0: the gexp, is not executed in normal repl if you don't wrap it in some other form
<ng0>amz3: well basically I want to check (and play around) if this would give me a usable form for my template
<amz3>it's normal repl you just need to use (guix monad-repl) to extend the repl with the ,run-in-store meta command
<ng0>oh. cool :)
***thekyriarchy is now known as thekyriarchy_
<ng0>didn't get it from the repl now, but from the drv file and the builder file. looks alright
***thekyriarchy_ is now known as thekyriarchy
<buenouanq>the problem with offloading the build for something like the beagleboneblack means I wouldn't ever be able to update it on it"s own
<civodul>that's indeed impossible ATM
<buenouanq>what missing/limited resources are we talking about though
<buenouanq>it has huge swap, /gnu/, and /tmp/ partitions... what more does it need? and is it really something that can't be added/changed like these?
<civodul>buenouanq: currently the main limitation is RAM usage for 'guix pull'
<civodul>other operations work fine
<civodul>i have an Olimex with 1G of RAM, and everything works except 'guix pull'
<bavier>any way to get more "width" in the backtraces printed by the builder?
<bavier>I'm getting an error from "open-fdes" in reset-gzip-timestamps, but the backtrace cuts off the name of the file
<amz3>bavier: look if you can work with debug-set!
<bavier>amz3: thanks, doesn't seem to work...
<amz3>I'll keep that in mind, because I tried to make it work too, but couldn't maybe a bug report on guile will be nice
<amz3>bavier: what you can do if you work with git repository, is to add 'pk' to print the interesting part
<bavier>yup, trying that now
<bavier>aha, found it, tarball used for testing with no write permissions, so reset-gzip-timestamp fails
<bavier>makes sense