<ryanprior>jlicht: esbuild package should land upstream soon it sounds like
<ryanprior>gocloud.dev is a big big package, it's going to hold up hugo for a while. it'll be a nice thing to have done though.
<sys2>are docker/singularity basically the two options to run images from hub.docker.com? are there any settings I can change (e.g. swap dockerd for something or remove setuid) to protect against container breakouts to root?
<seepel>Guix System is a full Gnu/Linux distribution, and Guix Binary is a package manager that you can install in an existing Gnu/Linux installation.
<vits-test>nckx: re: "Sounds legit. Who was that (if you can say)?" Hello; sorry, i not understood.
<goku12>Hi guix! I am exploring guix from an Arch system. I wanted to access guix from emacs, but have failed so far. Emacs is from Arch repo and emacs-guix from MELPA. I get the error message 'No Geiser REPL for this buffer (try M-x run-geiser)' when I try M-x guix. Further attempts give me message: 'No prompt found'. Tried solutions from emacs-guix and others to no avail. Can anyone help me with where I
<ryanprior>Does building with `--rounds` actually work? It completes so fast that I can't believe it's actually doing anything.
<ryanprior>goku12: emacs-guix is only designed to work on Guix System, unfortunately.
<ryanprior>I also use Guix on a foreign distro & emacs-guix has never worked for me.
<goku12>ryanprior: Thanks for the info. README on emacs-guix repo does mention some problems that can happen when using foreign distros, and suggests some solutions. It didn't work for me and I thought it may be a configuration issue specific to me
<goku12>There is one another issue with plain guix. My store is 2.3 GB after a guix pull, without anything in user profile. A guix gc removes nearly 700 MB of it and another guix pull brings it back. Is this expected?
<raingloom>hello Guix geeks, my chicken-build-system code kind of works now! :D
<raingloom>jsoo: thanks. honestly i barely had any idea what i was doing. did the recent GCC fixes make it work?
<apteryx>ryanprior: it only works when a build result was never cached (the first time you build something)
<apteryx>--rounds=n --check should force a rebuild but the daemon was ignoring --check with --rounds until commit 0fa0e8df60b0b005a8d9499562464c5a66218a5b. The 'guix' package hasn't been updated since so nobody has this change effective so far.
<ryanprior>Seems like a bug. If it's intentional, what's the design rationale?
<apteryx>dunno, seemed like a bug to me as well (it's an annoying and useless behavior)
<apteryx>after stopping your regular daemon with 'sudo herd stop guix-daemon', you run it in the built git tree with something like: sudo -E ./pre-inst-env guix-daemon --build-users-group guixbuild --max-silent-time 0 --timeout 0 --log-compression bzip2 --substitute-urls='https://ci.guix.gnu.org'
<efraim>having built both linux-libre and linux-libre-arm64-generic, linux-libre takes about twice as long to build on my pine64
<efraim>not having recieved substitutes for either of them, and seeing that linux-libre-arm64-generic is fine, it might be worthwhile to make my own linux-libre-arm64-generic based kernel with zram enabled
<joshuaBPMan>efraim: morning. Though, it's really really early for me. :)
<ani_>why does it take a lot of time to install something from guix? I installed emacs and its taking a while to install it, unlike other package managers.
<ani_>or is it because I am supposed to run "guix pull" before installing something. Like as we do "apt update" and "apt install"?
<allana>Hi Guix. I am reading through guix-devel and trying to ascertain the status of Ocaml support in guix. It seems a bit incomplete, does anyone have a summary of the story of Ocaml in guix? It seems that the default version is 4.09 but many packages have 4.07 in the name. Does this mean that if I install ocaml4.07-merlin and ocaml that I will get ocaml 4.09 with merlin that is paired with Ocaml 4.07?
<allana>ani_: From what I understand you may pretty much always want to do a pull first. Are you building emacs from source? That would take a little while.
<rekado>ani_: what exactly takes a lot of time? And what is ‘a lot’?
<rekado>as allana says if you’re building everything from source it’s going to take hours.
<ani_>rekado, allana: I run the command guix install emacs according to getting started section from manual. Now it has been 5 minutes its still installing emacs, am I doing somethign wrong?
<zimoun`>allana: ping roptat for OCaml history. What do you mean by installing ocaml4.07-merlin and ocaml? You should do something as “guix install ocaml4.07-merlin firstname.lastname@example.org” I guess.
<numerobis>Hi #guix! To those using #guix on a personal server, do you use anything (and if you do, what) to protect your system? I used to use fail2ban on nix, but I think it isn't available on guix yet. Any recommendations?
<kab-5678>how do you edit a package definition of a package that is failing to build?
<guix-vits>ani_: also note `guix` working on profiles. Every time one installs a new package, the new profile generation being built. So overally `guix` is slower.
<ani_>guix-vits: I am new to guix and just going through the manual, got to know about substitutes today only. Will look into that.
<guix-vits>ani_: the install-script for foreign-distros asks if U want to use them. It is enabled by default on Guix System.
<ani_>guix-vits: aha, so you mean the question "Permit downloading pre-built package binaries from the project's build farms? (yes/no)" is the one to enable substitutes while installing, isn't it? I typed yes, that means substitute is enabled I guess.
<vits-test>Sometimes there is no substitutes available.
<numerobis>kab-5678: I think you can obtain the definition of the package (guix edit THE_PACKAGE), copy it in say ~/my_module/test.scm and change the package name, then `export GUIX_PACKAGE_PATH=~/my_module`, and then `guix build MODIFIED_PACKAGE_NAME`.
<civodul>cbaines: i think we need a whole series of blog posts about the Data Service now :-)
<terpri>(there's also 'guix build --dry-run emacs' which will tell you what would be built vs. downloaded on your particular system, which might matter if you were building a package and had a lot of the inputs installed already)
<terpri>i get similar output, not sure what the last line indicates
<civodul>the last line indicates that it failed to get info from the continuous integration service
<civodul>it's harmless, just a sign that Cuirass at ci.guix.gnu.org might be overloaded
<zimoun`>civodul, cbaines: I agree! The Data Services is really cool with really practical features and still under known/used.
<terpri>numerobis, i don't do anything special with ssh except enable x11 forwarding and disable password login. i might change the sshd port number if the system were exposed to the open internet
<numerobis>terpri: thanks! I have the password login disabled too but nothing else at the moment. I might change the sshd port, that sounds like a good idea.
<taylan>heya Guixers. we're planning to create a kubernetes cluster at work. I'm thinking I could bring Nix or Guix into the picture. it seems like the most straightforward way to do so would be to use one of them to create the docker images to be deployed on the cluster, as a better alternative to using Dockerfiles. are there other good ways to
<taylan>integrate Nix or Guix into such a setup, to reap their benefits?
<efraim>guix system: warning: Your Guix installation is 34752 days old.
<numerobis>terpri: thanks for the tip, I wasn't aware that there was a wishlist :)
<numerobis>rekado: this looks interesting thanks. So, if I understand correctly, this service is defined only for the build farms, not in guix itself? And I'd have pretty much copy paste the lines in my config?
<sneek>I think I remember zimoun` in #guix 39 minutes and 16 seconds ago, saying: civodul, cbaines: I agree! The Data Services is really cool with really practical features and still under known/used..
<rekado>numerobis: I wouldn’t put too much faith in the wishlist. It’s not something that many of us regularly look at or work on.
<rekado>…because there’s always something else that needs doing.
<rekado>it’s not like we’re desperately in need of ideas for things to package or fix :)
<efraim>rekado: apparently. it comes out to about 95 years, so no idea where that number came from
<terpri>hey taylan, nice to see you here. using guix system to build docker images sounds like a reasonable approach (might run into minor obstacles if k8s expects to build docker images automatically or something...but i haven't used k8s so i'm just guessing)
<efraim>also it looks like the pine64 does need linux-libre-arm64-generic, not linux-libre
*terpri wants to figure out how to use guix with puppet someday, for hcoop.net
<g_bor[m]>zimoun`: I have seen your message, can we talk now?
<rekado>at work we have puppet as well, but it’s so … “dynamic” and stateful that I don’t see how Guix would fit into any of it.
<terpri>rekado, for making a "virtual" hcoop system so that volunteers can easily experiment with sysadmin tasks without having root on the actual servers. tbh i don't know exactly how puppet is being used as the relevant repos aren't public yet
<efraim>Well I hit something magical, system generation 3 is in 2115
<terpri>it might not end up being relevant if there's a big mismatch with the guix model though
<efraim>I might take a look at debian's fake-hwclock and re-create it in guix. Currently I've been running `sudo herd restart ntpd` on board bootup
<jlicht>taylan: have a look at the recently updated skopeo if you want to easily upload your guix-built docker images to a registry
<cbaines>civodul, zimoun` what reminded you about the lack of blog posts about the Guix Data Service? :)
<cbaines>I'm up for writing one/some, although if the emails I sent out are any indication, making the posts concise will be a challenge
<ani_>rekado, zimoun`, roptat: as a newcomer and intern my initial goals are to be familiar with guix, reading application setup, getting started and then setting up environment for contribution, what else would you advice me to do?, apart from these things
<nly>why are there several lines saying the same thing?
<PotentialUser-29>Hello, I'm messing around with Guix Environment containers and the --user argument. I don't see in the manual of a way to set the uid to 0. Default sets it to 1000 but I am unable to sudo in the container. Anyone here have any experience with this?
<PotentialUser-29>or how to have guix-daemon modify the sudo store entry to modify permissions.
<PotentialUser-29>My particular error is: "sudo: /gnu/store/z9qvzjs5mxwkwzdd3k0mmr349g75mfxc-profile/bin/sudo must be owned by uid 0 and have the setuid bit set"
<civodul>PotentialUser-29: indeed, UID 1000 is hardcoded
<nckx>zimoun`: I saw it first in civodul's old GPG key, then found it in a few Guile-related documents but assume it was civodul's doing too. Didn't know that ‘brol’ was typically Belgian though; thanks!
<PotentialUser-29>civodul: "guix environment --ad-hoc --container --no-cwd --network --user=dreamer" I am trying to get this to work with a "fake" user and not run as any of my local users, including root
<civodul>PotentialUser-29: i'm not sure what you mean by "fake user", but what this does here is create a separate user namespace (+ PID namespace, etc.)
<zimoun`>ah “brol” is kind of happy mess, in French from France: “joyeux bordel”.
<roptat>guix gc seems to count bytes in a weird way, after "guix gc -F50G" I have only 17G free (and gc said "invalidated more than 5-something bytes, so it didn't stop because there was no garbage left)
<civodul>roptat: the mismatch is due to deduplication
<civodul>it cannot really know in advance how much will actually be freed
<civodul>though maybe we could improve the estimate
<jonsger>civodul: your webserver also uses TLS 1.0 plus some weak algorithms which generates a warning in firefox
<civodul>jonsger: uh, not great (it's not actually "mine" but that of a non-profit)
<lemes>so concerning the arduino IDE package, I was able to make guix download the avr part and place it in the right place, but turns out the IDE needs to download a total of 27 other files from the internet. I believe I should individually specify them in the inputs section? that'll take longer than expected haha. if there's an easier approach, pls let
<mbakke>speaking of toolchains, anyone tried creating a clang+libcxx toolchain? I might need it for ungoogled-chromium, as newer versions are nearly impossible to build with libstdc++ (unless you are a C++ expert I suppose).
<civodul>mbakke: haven't tried, would be "interesting"
<Kimapr>Is there any text editor in GRUB 2? Even the most basic one will do.
<zimoun`>civodul: that’s fine. I am bit busy this week and I have already tried the v1. :-)
<bluekeys_>Hi guix. Does anyone have a config.scm using exwm that I can take a look at please?
<roptat>civodul, I'd like to finish the copyright changes in our po files. I'll contact the latest contributor to our po files to ask them to change the copyright statement on the TP, so we can download the files and make sure we won't accidentally re-introduce the wrong copyright statement
<roptat>I can also push a change to them, but we'll need to be careful next time we download from the TP
<zimoun`>roptat: AFAIK, only one translator is missing. If no news, let remove their contribution and go ahead
*vagrantc doesn't see any guix folks at the reproducible builds meeting :P
<bluekeys_>Hi guix. exwm is working of a fashion (I have no idea how to use it). I needed to add (exwm-enable) to the beginning of the config as well as the lines nly explained earlier. The fonts look much better for some reason.
<bonz060>:bluekeys_ do you mean the fonts of the gtk window, or the fonts of text in your emacs buffer? FYI EXWM is my daily driver ;)
<Zambonifofex>Hello, Guix! I decided to give up trying to run (with QEMU) the Hurd image I generated for Guix, and decided to try to run the one provided in the “download” page on the website. It gave me the exact same error as the one I had generated, though! I was about to give that up entirely, until I decided to try a simpler command: `qemu-system-i386 guix-hurd.qcow2` and that actually seems to have worked by default!
<Zambonifofex>Now, the problem I ran into is that it has shown me some kind of “login prompt”, but I don’t know the username to use. I tried `login guest`, but it gives me an error: `login: guest: unknown user`.
<Zambonifofex>Actually, to be more precise, what I tried was `ql guest`, after having read the `help` command, as it suggested me.
<kab-5645>Am trying to change my guix path from /usr/local/bin/guix to /home/$USER/.config/guix/current/bin/guix all effort leads to : error:bash: /home/$USER/.config/guix/current/etc/profile-no search file or directory.
<rekado>kab-5645: can you show us what you’ve tried?
<kab-5645>I tried to add this to my .profile:-source "$HOME/.guix-profile/etc/profile" and source "$HOME/.config/guix/current/etc/profile",didn't work
<Zambonifofex>I’m considering maybe trying to get it to run on actual hardware. Is there some information about what kind of hardware is supported?
<Zambonifofex>Although, maybe that question better fits #hurd, I suppose!
<joshuaBP`>Weird. I'm trying to define my first shepherd service that I can put in my config.scm...I'm getting an error that "service-type" is an unbound variable, but I have #:use-module (gnu services) ...I'm not certain what I'm doing wrong. Just venting. Thanks for listening. :)
<Zambonifofex>On the download page, the “Guix on Hurd” image’s description starts with “virtual machine image …” Is there really anything to it that makes it specific for virtual machines? Could I not use it to boot on actual hardware?
<roptat>apart from the fact that you need 20 years old hardware, I don't think so :)
<Zambonifofex>What I was thinking about doing is (1) using `qemu-img` to convert the image to raw format, (2) storing it as a regular file on a flash drive, (3) booting from a live drive (with GNU/Linux) on the computer I want to install Guix with Hurd, and (4) using `dd` to install Hurd on the hard drive of the computer.
<Zambonifofex>Is this a good approach to trying to install it, or are there any kind of fundamental flaws I’m missing?
<janneke>it seems that rumpdisk is coming along nicely, but i guess we especially need networking support
<janneke>debian has some user-space drivers patches/branches that we aren't using
<bluekeys_>bonz060, it could be dpi. Thanks for the link. I think it is fixed now, but was broken before. For example, icefox on some sites wasn't rendering some text, but everything is rendering ok now in an Async window.
<kab-5645>do you have to do to any configuration after installing guix via shell script?