<vagrantcish>well, was able to successfully ssh to a remote machine using the gnuk token, encrypt and decrypt a message to myself ... signing was weird, but that maybe was because of the way i created a key
<IntoxicatedHippo>thanks, next question: Is there any significant security benefits from running my browser with `guix environment --container`?
<roelj>IntoxicatedHippo: Well, inside the container, only a small part of your file system is accessible, so a malicious website or plug-in would not be able to make an entire copy of your hard drive. Inside the container, the browser runs in an isolated process space, so it cannot see what else is running on your machine (other than things inside the container).
<thomassgn>divansantana: Hi, is this for something built with 'guix system vm/container' or similar? Containers need to be run as root, don't think vm's do. Haven't seen this myself, my user is in groups "kvm" and "netdev" maybe that's what you need
<mbakke>The manual should probably mention `loginctl` somewhere.
<civodul>so yeah, i guess it deserves a mention the manual :-)
<mbakke>Since we're on the topic, lid close does not work on my laptop since a few weeks(!). Perhaps it's my (custom) kernel 4.16 or eudev 3.2.5 (hopefully not!).
<sturm>Can anyone point me to an example of using `guix pack --format=docker` that will run on a system without guix? I've tried a few different examples but end up with errors running `docker load` referencing a non-existent dependency
<sturm>could the fact that my Docker is from Trisquel 7 (circa 2014) be the problem?
<mbakke>sturm: I don't know anything about it, but can you try `guix system docker-image`? I think those should be self-contained.
<vagrantc>it's also notably different from most distros other than nixos
<ng0>also note that you can use guix on top of archlinux
<vagrantc>bzp: one of the best features is package upgrades can be easily rolled back
<pkill9>also you can have multiple versions of multiple packages all installed
<vagrantc>to some degree, it's just a different way to thinking about an operating system
<vagrantc>users can install their own packages in a reasonably safe manner, different users have different sets of packages installed... even a single user may have different profiles with different sets of packages...
<bzp>Is it a production system that I can use in my home work station?
<drtan>Hi! Have you ever got: 'guix: offload: command not found' after 'guix pull'?
<nckx>davidl: Yah, openssl says ‘no peer certificate available’, so it seems like nginx is telling the truth. Is your nginx.conf machine-generated? Or why is there no ssl_certificate?
<davidl>nckx: machine-generated. I can show you the nginx.conf
<nckx>No need, since it's clear what's missing :-) Adding ‘ssl_certificate /etc/letsencrypt/live/$SEKRIT_DOMAIN/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/$SEKRIT_DOMAIN/privkey.pem;’ would do the trick if you're using certbot. I can't tell you how, since I write all my confs by hand...
<nckx>ACTION is not the much of the help in this case.
<davidl>I have it added and I have checked the permissions on the files and folders.
<davidl>buenoanq: thanks for that config. I'll do the same if I can't get it working the standard way.
<snape>mbakke: I tried to package 53, that comes with Rust, it was maybe one year ago, and I failed.
<mbakke>Is there a reason we can't include Firefox in Guix? ISTR the licensing issues were resoived.
<snape>anyway I just sent email to guix-devel to start a discussion about it.
<snape>well, that's basically the content of my email
<bzp>hat I must configure in 'zile /mnt/etc/config.scm'?
<vagrantc>so, i've read a few places that lvm in guixsd is unsupported ... but lvm packages are present, and can be used ... does that just mean there's no lvm service that enables lvm devices out-of-the-box?
<bzp>my partition is boot sda1, root sda2, swap sda3, home sda4
<mbakke>Tried creating an LVM service once, but gave up at some point :P
<vagrantc>ACTION wonders what all it would need to do
<vagrantc>e.g. "vgchange -ay" "vgchange -an" ... for the most basic usefulness
<davidl>buenoanq,snape, nckx: the solution is to add (gnu packages web) and nginx package in list of packages! :D
<nckx>bzp: Unfortunately that picture is missing the actual error, which has gone to that great scrollback buffer in the sky. Can you Shift+PgUp? Or even better: run guix system reconfigure again with ‘2>&1 | tee LOG’ appended.
<vagrantc>would also really want to add support to the initramfs... and guess that might get complicated
<davidl>you would think this should be taken care of when you add the nginx-service though.
<nckx>davidl: That sounds like a solution that shouldn't be a solution. It will allow you to run nginx from the command line (in fact, I do just that myself), but it should not affect the service in any way.
<davidl>nckx: right. So I guess that mean something is wrong with the nginx service definition in guix?
<nckx>davidl: As an avid non-user, I'm afraid I cannot say.
<davidl>just to be clear, current my nginx is started with herd, not the cli.
<nckx>Well, I use (nginx-service <my-own-artisanal.conf>), but that's it.
<snape>davidl: what did adding nginx as a user package change exactly?
<davidl>snape: when having added it as a system package I could start it with herd and the certificates would work properly.
<davidl>maybe that only the (gnu packages web) would have suficed.
<snape>davidl: weird. Can you remove it and try again?
<nckx>mbakke, davidl: I have noticed that the nginx service, especially when using a generated configuration, is much ‘stickier’ than it should be. It keeps loading old files longer than you expect. That's what happened here.