<nckx>But indeed, the better way to ask for updates is to send a simple patch to guix-patches at gnu dot org ☺
<viivien>I’ve set up a jami rendez-vous service! The pitfalls to avoid: don’t forget to activate your account before you save it for the service, disable upnp, and don’t keep duplicate accounts on your machine otherwise you will DDOS yourself.
<bdju>thanks, nckx, I will try to learn one of these days
<roptat>also, how do I check a detached signature (.sig file)?
<viivien>There are 2 problems that are somehow mixed up: I don’t know whether it was upnp or the duplicate accounts, but my bandwidth usage went up to the point that I would not be able to connect to anything else on the internet (you might see me getting disconnected by timeout from libera.chat), and for my personal situation, I have a libreCMC router that does not provide software for upnp or natpmp, so dring would not be able to use it.
<apteryx>roptat: I think at least some updaters try to validate them
<apteryx>roptat: you do something like 'gpg --check sig file', IIRC
<apteryx>avp: I think I was testing it wrong yesterday, I'll do some more testing of the patched guile-ssh
<robin>"Adam: Debian was this great thing for you and this great community, what’s out there now. If you’re pointing somebody towards a community to grow in?"
<robin>"Joey:I honestly have been mulling over that exact question for a year and I haven’t come up with the answers. So I would like to know, I know people who are involved in developing guix, which is nix like distribution, they’re clearly involved in that kind of thing. They have that same kind of feeling that I had back working on Debian."
<apteryx>dragestil: OK; if you are simply building guix packages, you could setup offloading, but I guess you're trying something different?
<vagrantc>ansible might have gotten smarter with the python -> python3 transitions all over ... but at one point the python paths were somewhat hardcoded
<dragestil>apteryx: what do you mean by setup offloading
<vagrantc>depending on what you're trying to do ... you could just install guix on a foreign distro, and then you can offload builds to another machine that then can get installed on your local install
<jgart>vagrantc, what happens when guix falls behind on devuan? Is it not possible to update the daemon?
<jgart>update to guix-daemon to the latest version if installed via apt, I meant
<dragestil>vagrantc: what do you mean by offload builds?
<jgart>or how does a user deal with that when it happens and they want the latest guix
<vagrantc>jgart: you can either manually build and install guix-daemon, or just rely on the packaged version of guix-daemon
<vagrantc>jgart: as i understand it, the guix-daemon doesn't typically *need* to be updated for most builds
<jgart>oh ok, so that's one of the cons of installing with apt versus manually with the install script?
<apteryx>dragestil: see info '(guix) Daemon Offload Setup'
<jgart>I understand your last point, but in those rare cases when a user will need the latest then they'll have to just wait. Is that correct?
<vagrantc>dragestil: you run "guix build FOO" on computerA, and it "offloads" the build to computerB which performs most of the build work, and then hands the results back to computerA
<jgart>not familiar with that phrase if it's a technical one
<vagrantc>dragestil: how will you use the packages built on guix on the remote machine?
<jgart>vagrantc, where can i find the sources for the guix package definition in debian?
<dragestil>vagrantc: by running it? make && make install, then scp / rsync the artefacts to my local machine
<jgart>I find it difficult at times to find things on the debian websites. It seems a bit confusing at times
<vagrantc>jgart: e.g. you trust your host distro and packages in your host distro to generally be ok, but you don't know how to validate the binary installation of guix ... so it provides a path from "i trust debian, install guix from debian, guix installed from debian knows how to 'guix pull' up to current guix"
<dragestil>i'm guessing the guix daemon offload setup only works for some guix specific building
<vagrantc>dragestil: but those artifacts will depend on paths in /gnu/store
<jgart>The latest version is Libreboot 20210522, released on 22 May 2021.
<jgart>and with patience and soldering skills (or money) you can have it
<M6piz7wk[m]>i have patience and superior soldering and reflowing skills.. don't look at my public issue tracker but you said mostly free which is not acceptable.. i need full freedom with ECAD files freely accesible
<jgart>you might have to wait for guix on riscv then
<M6piz7wk[m]><jgart> "you might have to wait for..." <- Like my pinecil running Guix? 🌟_🌟
<nckx>parnikkapore: I can't help you with WPA2E itself (doesn't it require external certs &c.?), but do you understand what wpa_supplicant is & isn't? I.e., you also ran a DHCP client afterwards or otherwise (manually) configured the interface?
<nckx>That's a bit weird. I can only think of something like jitterentropy that would drain your CPU for entropy, and even that isn't supposed to happen.
<moshy>Morning, Guix. I made an attempt to get the easyrpg 0.7.x branch building locally, but currently stuck on ALSA stuff. A patch was made upstream but unsure how to integrate it with the source i'm building against.
<nckx>vivien: So I know there's a babby's first service extension in Guix that does yucky things with nginx/certbot (I am, you might surmise, not a fan) but berlin doesn't use that anyway.
<vivien>Certbot needs to hack the configuration on port 80 anyway to handle the handshake, so letting it do a redirection is not that orthogonal
<nckx>I see. We disagree on certbot's need to touch nginx's private parts but that's OK. berlin doesn't use the certbot-configuration-thingy anyway. I'm not sure if the current configuration could easily be ported to that if we wanted (mainly because, AFAICT, it's a copy-cargo-pasted mess.)
<nckx>Renewal is just certbot renew --webroot --webroot-path /var/www in a cronjob :)
<abrenon>"vim, for example, defaults to showing Bidi overrides as numerical code points rather than applying the Bidi algorithm" : I'm safe (I would've been very surprised to learn that vim rendered special stuff like joiners in a graphical way)
<vivien>With a comment explaining the fix for guile-gi, I notice that the web interface for the issue puts the combining character on the next character, not the correct one: https://issues.guix.gnu.org/51447
<abrenon>the first one I see would be that you and dstolfa would be the same person, but I'd need of course them to say the same
*M6piz7wk[m] got depressed trying to implement his system management in guile and is now watching rando videos
<nckx>I think it also sets sane units compared to en_GB. None of this nautical toodlepips business.
<nckx>M6piz7wk[m]: ☹ From what I saw yesterday, I think you simply tried to jump over the learning curve on a flaming motorbike, without understanding some key concepts. Taking a break is probably a good idea, but no need to be depressed. Onwards & upwards.
<M6piz7wk[m]>it would be done and deployed already if it was simple as just jumping on a flaming motorbike i was quite good at that as a kiddo
*M6piz7wk[m] goes to find some video course on GNU Guile
<nckx>The mention here was ‘gratuitous’ in that it was just given as an example of a database (‘SQLAlchemy, MongoDB, …’) where many better ones exist. I don't know if the others are problematic. They might well be. I thought it was never acceptable to refer to non-free software by name, but I didn't go to FSDG University.
<nckx>Stupid of me, because the one I did attend sure's hell wasn't free.
<apteryx>was clang needed to fix the webkitgtk build?
<apteryx>I'm tempted to revert that bit on c-u-f-b-c as it wasn't needed with libsoup3
<roptat>tricon, what does "ip r" tell you with this config?
<roptat>(also, which architecture? maybe there's an issue in guile-netlink, I haven't tested it outside of an x86-64 system)
<efraim>roptat: I've queued guile-netlink to build on powerpc-linux, have to build a few packages to get there first though
<nckx>Nothing yet (or it's already been approved).
<attila_lendvai>not much is happening with the patches i have sent. is this a special time currently for guix? (e.g. core-updates is almost merged and it occupies every comitter?) or is this the usual pace i should calculate with?
<roptat>attila_lendvai, sometimes patches are forgotten :/
<roptat>don't hesitate to ping if you don't get answers after a week
<attila_lendvai>i'm doing my best to learn debbugs, but honestly, it takes almost as much effort to send the patches as it is to learn how make them, and actually make them. i know it'll get better, but still...
<roptat>yeah, just sending a patch is easy, but other than that I'm also lost :p
<roptat>tricon, I get "network is unavailable" errors with guile-netlink, something must be wrong, or I'm already not using it properly ^^'
<nckx>attila_lendvai: Then you're doing it wrong. For single patches, it's as easy as ‘git send-email -1 [--to=guix-patches@, but that can be set as repository default]’. Compare that to the convoluted flow of, e.g., GitHub.
<tricon>roptat: I get some "RTNETLINK answers: File exists" and "RTNETLINK answers: Network is unreachable" outputs when restarting networking. Unless I first: "sudo ip addr flush dev <interface>", then I don't get the "File exists" outputs.
<attila_lendvai>nckx, it's not only the sending itself, but the entire process of keeping track of them, tagging them, etc. there's much to simplify/criticize about the github workflow, but it was less effort to learn it. but thanks for mentioning the default, i'll set that at least
<roptat>tricon, I think there's an issue with guile-netlink. I can "ip r add 192.168.2.5/32 via 192.168.2.1" for instance, but I can't call (route-add "192.168.2.5/32" #:via "192.168.2.1") which is supposed to be identical
<dstolfa>abrenon: it kind of is the standard today on various GNU/Linux systems today, so it's not technically wrong, but systemd comes with its own share of annoying problems (which tend to be implied by linux absolutely not being designed for such programs)
<tricon>Re: GitHub vs. Email, I nearly always prefer long-term "simplicity". In other words, something is "simple" in that it requires more effort upfront but includes transparency, ease, and predictability long-term.
<vivien>To be honest, I barely understand the problem, because I click the shutdown button in the graphical user interface, and 90% of the time what I want is reboot anyway.
<vivien>On the pull request vs send patches issue, I’m more on the side of the pull request, because I can fix errors more easily without polluting the discussion.
<abrenon>dstolfa: I know it has become pervasive in so many distributions, and I understand this is the reason behind the way the question was asked, but I cannot help finding it sad
<nckx>From systemd's inception to when I stopped following a few years ago I've not seen marketing have much if anything to do with it. systemd met a need, a sore need, and it met it well. Just not in a way some people like (part of its allure to distro maintainers was: you no longer have to be init system maintainers too). It annoys the same people annoyed at Al's Pizza not wanting to run their own e-mail server.
<nckx>It's marketing as in ‘having a product that people want’, not ‘an DIY system that nerds find elegant’.
<dstolfa>nckx: i mostly find systemd annoying because they didn't push for more invasive approaches into the kernel that would prevent a ton of stability issues in the long run. instead, they tried to shove a lot of things into userspace that breaks in very creative ways
<jgart>It contains two cargo.toml files atleast with deps
<jgart>how are those handled by the build system in guix
<apteryx>our docker service seems to be triggering lots of spurrious networkmanager activity such as: Nov 3 12:39:17 localhost NetworkManager: <info> [1635957557.1543] device (vethdceb10a): state change: unmanaged -> unavailable (reason 'managed', sys-iface-state: 'external')
<apteryx>may be the reason my ssh connection keeps getting reset to that machine
<apteryx>also, our docker is too old, which creates problems with recent glibc (fedora 35 for example)
<apteryx>by the way, w.r.t. to my claims that a trailing newline was required for authorized SSH keys yesterday, that turned untrue; it was a silly copy-pasting error on my part somewhere else in the key.
<nckx>Master is not intended to break, but when it does, it is supposed to be fixed quickly. Sorry M6piz7wk[m] we simply do not have anything near the staffing to maintain a stable branch. It's an order of maginute more work than people think.
<apteryx>you can use an older commit for a little while
<drakonis>pinning packages on guix is also pretty easy
<nckx><do you know how much effort that takes!> Yes. Yes we do ☺
<M6piz7wk[m]>nckx: So if you get more people then the stable channel would be a thing? and how much more of my students do i have to teach guile to
<nckx>As many as it takes to maintain a stable channel? So your minions can show the project, look, here's a stable channel, it doesn't utterly suck, bless it, and then Guix might. It's really not an answerable question posed like that.
<nckx>Not sure who you expected to do the work but seems it was not-you. Sorry about that.
*nckx totally wants an army of elves^Wstudents too.
<M6piz7wk[m]>No i happy to work just want to focus on maintaining the servers instead of stable channel as there is only so much i can do myself x.x
<M6piz7wk[m]>well at least not fully focusing on the stable channel
<vivien>As a total amateur, I don’t exactly know what you mean by stable
<nckx>(vivien brings up the elephant in the room, nckx quietly leaves)
<apteryx>anyone knonws how to fix this? ../../../texlive-20210325-source/texk/web2c/mplibdir/svgout.w:64:10: fatal error: mplibps.h: No such file or directory
<M6piz7wk[m]>meaning no random vulnerabilities from a software release that focuses it's security on a specific release e.g. Linux using LTS instead of experimenting and having a laxed QA in comparison to non-LTS
<apteryx>M6piz7wk[m]: do you know where CVEs are typically fixed first? yes, the main dev tree.
<vivien>Isn’t that the role of the upstream developers to provide releases with only security patches?
<M6piz7wk[m]>no first they are fixed in LTS with Sh@%^ hit the fan priority and then main dev tree last time i checked O.o
<vivien>If they make "stable" releases, they can get included in guix, like linux-libre LTS
<jab>I'm just re-thinking the "syntax" of the service.
<nckx>What you currently have is what I would have written BTW, as I think Guix services ought to faithfully wrap the native syntax whenever possible (implement alternative simple APIs on top of that — fine).
<nckx>How were you thinking of labling these… content-addressed? thingies?
<nckx>Ah, damn, have to go :-/ Sorry! TTYL can't unfortunately say when byye
<jab>nckx: me too. Part of my goal, is to make this service dumb proof. eg: If you define a table with no values, you'll get an error message like, "<opensmtpd-table>"'s fieldname "values" cannot be left empty.
<vivien>roptat, if the machine where the .drv is an authorized substitute for the machine to build, if you do guix build <the>.drv and it does not exist on the build machine, it will be downloaded from the substitutes machine.
<roptat>yeah, but then built on te substitute machine, which is not what I want
<roptat>guix copy worked well, I'll stick with that
<M6piz7wk[m]>fwiw the motivation for the wiki is me telling people to use guix and them leaving it because they either missunderstand how it works, think it's unstable or see that as too much pain to learn so the wiki is perfect solution for it..
<M6piz7wk[m]>so manual and wiki are both great but each have different usecase
<drakonis>i've only found the source for the languages
<ytc>jgart: i love solving puzzles. and i had cs experience actually. i was a competitive programmer in highschool. in the first chapters i have felt like i make no progress. but i really admired the elegancy of lisp and perspective of procedures.
<jab>wow, my hard drive just went from 40% full to 27%.
<Cairn>jab: Right, that makes sense. I wouldn't be using it like a phone at all, so my only concern would be wifi. But if I load the drivers myself, I could get by with the rest of the Guix system, right?
<jab>vivien: may I disagree? Cairn is discussing the current "best" option for running only free software.
<jab>I think his motives happen to be super close to pursuing only running free software.
<vivien>That’s not an option to run only free software, and there are options to run only free software, so I must disagree.
<Cairn>Yeah, I really am trying to stick to only free software. But I find laptops a little clunky, so I was looking for something that didn't come built-in with a keyboard.
<Cairn>I'd love a recommendation for a device like that if possible. I'm pretty sure the Librem has worked pretty hard to get an RYF certification, but I'd have to look that up quickly to see if they got it or not.
<Cairn>Problem with the Librem is that the price is impossible for me.
<Cairn>Whereas the PinePhone is much cheaper. I would even consider trying to go without wireless connectivity if it meant I could stick to free software only.
<Cairn>Or, of course, an alternative device like that would be awesome too.
<jab>vivien: I respect your opinion. And I agree that we should encourage users to only use computers that can run only free software. but it may actually be possible to use the pinephone will only free software. They have a dongle that lets you use an ethernet cord. I think it should be possible to use a pinephone with no wifi and no modem. I have not tested this exactly...
<pinoaffe>jab: guix just has a policy against recommending proprietary software in official guix channels, I don't know whether that extends to describing how guix can easily be used to install a kernel with proprietary blobs enabled
<jab>pinoaffe: ok. I guess that's what I agree with. We should be able to discuss the pinephone and using it with guix system, but perhaps not talk about how to load the proprietary binary only files. I can get behind that.
<Cairn>pinoaffe: I appreciate you pointing out the policy. It wasn't my aim.
<jab>It is super annoying that very few RFY devices exist. We have power9 from raptor and some old thinkpads. :(
<jab>hardware vendors sure like to keep things secret.
<Cairn>jab: I didn't know about the ethernet dongle. If used the hardware switches to disable the proprietary parts of the system, that'd make it run with a completely free build of Guix ARM, right?
<pinoaffe>and that's a great first step in my opinion
<mekeor[m]>jab: i wrote some rust code locally. i want to build it locally. i installed cargo but "cargo build" results in rustc not being found.
<Cairn>jab: I'm a little confused about this OLinuXino thing. Has someone designed one of the boards to come with a display? I might just not be reading the link you sent close enough
<pinoaffe>and if I'm not mistaken, the only significant thing required to get libreboot on my laptop, would be to get around intel's pesky firmware signing
<ytc>is buying powerpc computers for high-performance-computing and libre bios sensible choice?
<lispmacs[work]>Cairn: jab: before buying anything from Olimex, check into the kernel software required. I was a bit disappointed with the Teres-I, to find out you have to use a custom kernel that has some binary blobs in it