IRC channel logs


back to list of logs

<attila_lendvai>guix home reconfigure is stuck after "Finished updating symlinks.", but in a way that i can't even C-c it.
<fnurkla>Is there a way to disable paging when calling guix subcommands such as "guix search"?
<nckhexen>fnurkla: guix respects PAGER and GUIX_PAGER.
<nckhexen>If it's set but empty, that disables paging.
<fnurkla>Ah, thanks.
<florhizome[m]>Also, can one track the path to 1.4.0?
<lechner>vivien: is pamtester setuid root?
<nckhexen>florhizome[m]: ? See also bug #53214, but that's just a small part.
*nckhexen → 😴💤, good night Guix.
<attila_lendvai>a simple package update patch open since may:
<attila_lendvai>this is a sign that the project grew beyond what can be managed by the current number of maintainers and/or infrastructure
<lechner>attila_lendvai: it might be worse with more bugs!
<lechner>but i have also been sitting on some patches
<lechner>so no argument there
<attila_lendvai>maybe this package should be in a different channel, managed by a different set of committers, e.g. the maintainers of perl stuff
<attila_lendvai>lechner, i don't need it, i don't even remember what i needed it for... but it should either be rejected or applied by now.
<lechner>attila_lendvai: you need it to update ddclient
<attila_lendvai>lechner, heh, right! :) i abandoned my pursuit of the ddclient update.
<lechner>attila_lendvai: maybe, echo "i abandoned my pursuit of the ddclient update." | mail ?
<lechner>just kidding. you are right
<attila_lendvai>and gpaste sigsegv's, which is a key element of my workflow, and i failed to fix it... :/
<Kabouik>Anyone successfully using org-latex and the PDF export on Guix?
<Kabouik>My tex files are created but pdflatex fails to create the pdf. It's missing ecrm1095 apparently, which seems to be in the texlive module, not packaged for Guix. But I find it weird that I'd be the first to hit this issue, I expect many Guix users to use org-latex
<Kabouik>In the ec texlive module*
<gabber>Kabouik: are you using the giant all-included latex or your own mix?
<gabber>unmatched-paren: (require 'foo) doesn't work in your version either?
<lechner>Hi, gocryptfs asks maintainers to build the executable via a Bash script, so that certain version numbers appear in the help output. (the build date can be overridden for reproducibility.) the binary also builds with the standard golang build system in Guix, but the help output is a bit uglier. what is the best way to handle this for Guix, please?
<lechner>in guix the exact provenance is never in doubt. should i just patch out the line of output?
<apteryx>for writing good wrappers, we'd need to have the list of native vs regular inputs, but unfortunately they all get joined as 'inputs' unless cross-compiling. Perhaps we should revise that?
<abhicherath[m]>on running `guix import crate -r zellij` I see this error here:
<abhicherath[m]>I guess the issue is that `cranelift-codegen` is memoized with (mproc "cranelift-codegen" #:version "0.68.0" #:repo #f …) , where repo is false
<abhicherath[m]>but it seems to have a repo on the page?
<Lumine>Good morning #guix
<unmatched-paren>Lumine: Morning!
<AwesomeAdam54321>Lumine: Good morning
<ennoausberlin>Good morning. I have a basic emacs-meow config now (shamelessly stolen from some gist). I wonder if I can define sequences (chords) with meow, e.g. <Space f f> to find-file.
<civodul>Hello Guix!
<ennoausberlin>Hello civodul
<civodul>fixing syscalls.scm caused quite a few rebuilds:
***Dynom_ is now known as Guest6513
<unmatched-paren>did matrix just die again?
<unmatched-paren>apparently, yes.
<nckhexen>unmatched-paren: — so, whilst not exactly a fix, they are trying.
<civodul>hey, Matrix!
<jonsger>meh, Thunderbird in older versions could hide those join/leave messages. Sadly that feature is gone...
<sneek>Welcome back jonsger, you have 1 message!
<sneek>jonsger, nckhexen says: (file-name (string-append "thunderbird-" version "-checkout")) ; <-- here
<hapst3r[m]>hej fellows!
<hapst3r[m]>I am trying to install the guix package manager on top of my distro, but when trying to download the openPGP signature for the binary, it hangs eternally. Manually trying to fetch via `gpg --keyserver --recv-keys 27D586A4F8900854329FF09F1260E46482E63562` returns `unknown server error`
<nckhexen>The SKS keyservers have been dead for (what feels like) years now. Which installation instructions are you following, hapst3r[m]?
<nckhexen>Or distro package?
<nckhexen>The freeze seems to be on Savannah's side.'s not loading for me…
<nckhexen>There was maintenance yesterday. Perhaps this is related.
***TopExpert is now known as phonymontana
<nckhexen>hapst3r[m]: Try <>
<jonsger>nckhexen: a thanks, you would be a good addition to Guile's error messaging :)
<nckhexen>Hah! Thanks :)
<hapst3r[m]>nckhexen: Thanks for the link. However, since it contains no user id (as per gpg message), it is skipped.
<hapst3r[m]>I receive the same error message regardless whether I import manually or via `gpg --keyserver ...`
<jonsger>is mail delivery a bit slow ATM? Didn't get Mathieu's mail from yesterday neither Ludos reply from an hour ago :(
<nckhexen>hapst3r[m]: Ah, right, forgot about that server's feature.
<nckhexen>hapst3r[m]: You can use if you like, or (unfortunately, AFAIK) you'll just have to wait.
<nckhexen>jonsger: Yes, has been particularly so for a few days no. They are aware of the problem.
<nckhexen>They've tried a few things but can't see to find the root problem.
<nckhexen>Oh, it's -public:
<nckhexen>hapst3r[m]: ‘Eternally’ aside, I noticed that savannah will eventually serve the request, it just took over 6 minutes here.
<hapst3r[m]>nckhexen: That's awesome to know, thanks! But which one have you used? the one I initially tried, the one you supplied, or the one by
<nckhexen>( is me.)
<nckhexen>I left wget running, and it eventually returned after 6 minutes. wget is also what the installation script uses. There are 2 keys to fetch, so maybe it would have worked for you after ~12 minutes, or maybe I just got ‘lucky’.
<nckhexen>The default wget time-out is 15 minutes. I've got a patched staged to reduce that just a bit, because to users this just looks like ‘freezing’, as you observed :)
<hapst3r[m]>nckhexen: Oof, that's very long. Well then, I just fetched from your page (thanks for that "service", btw), hoping the rest of the installer works fine :)
<nckhexen>The rest doesn't rely on Savannah, at least, so good luck!
<hapst3r[m]>well, but `guix pull` (my first command after installation) works via savannah, no :D?
<nckhexen>Damn, you saw through my ruse.
<nckhexen>You can pull from <> in the interim. It's unofficial, but in practice only 2 extremely trustworthy and attractive Guix people have access to it.
<nckhexen>I've reported the issue to the Savannah folks, not much more we can do on that side.
<hapst3r[m]>I appreciate how you subliminally added "attractive" to the mix ;)
<nckhexen>It was odd to refer to myself as ‘trustworthy’, so I might as well make the most of it.
<ennoausberlin>Maybe the slowdown is related to an attack on the fiber cable in Marseille yesterday, too. German news reported that
<nckhexen>Oh wow.
<nckhexen> is entirely US-based AFAIK (they lease from HE, or they have their own ASN, or both, I'm not sure), but still wow.
<unmatched-paren>Wow indeed. I only knew about the *other* cable severage in Shetland; seems like the UK Guardian didn't report the severage in France...?
<nckhexen>Oh, nice, great. My reasoning above was ‘doesn't WE connect to the US through the UK, not France?’ so there goes that reasoning.
<unmatched-paren>nckhexen: to be clear, the outage is confined to Shetland, there's no problem elsewhere
<nckhexen>Saying ‘oh good’ now would be exceedingly mean.
<unmatched-paren>ennoausberlin: so, are they saying the incident in France was probably sabotage?
<unmatched-paren>given that you said "attack"
<jonsger>nckhexen: what does HE mean in this contect?
<ennoausberlin>unmatched-paren: Maybe the news exaggerate a bit, but they call it an "Anschlag", what I translate to attack
<nckhexen>And they speak of a Täter (although I didn't read the rest, yet).
<unmatched-paren>the Shetland incident looked to be accidental, though
<nckhexen>This doesn't.
<unmatched-paren>apparently a trawler damaged it
<ennoausberlin>unmatched-paren: As I live now in Strasbourg, I at least can tell you, that I am affected somewhat, but for IRC my connection is fast enough :)
<pkill9>I wanna work on more guix stuff
<civodul>note that doesn't have to be "trustworthy" at all since 'guix pull' is going to authenticate it
<nckhexen>I was thinking of downgrade attacks, but I'm not paranoid enough to care.
<mirai>any idea on how I can improve this service manifest snippet? (
<civodul>nckhexen: that would be detected as well
<nckhexen>From a fresh 1.3.0 installation?
<mirai>doubt it looks acceptable to include in guix in this state
<civodul>nckhexen: yes
<unmatched-paren>mirai: i don't think /var/run is the right config-directory
<nckhexen>Cool. How?
<unmatched-paren>maybe /var/mympd
<nckhexen>(NB, I don't mean downgrading from 1.3.0.)
<nckhexen>(That would obviously be detectable 😛)
<mirai>unmatched-paren: missed it, I think I meant to put it under /var/lib
<nckhexen>I guess ‘partial upgrade attack’ would be a better term here.
<unmatched-paren>mirai: why use a hash table? an alist would be simpler and fast enough
<unmatched-paren>you should probably construct the config file as a file-like and then put it in /var/lib/mympd/config, instead of writing it with an activation service
<mirai>unmatched-paren: it looked easier to iterate over the alist via a hash-table
<unmatched-paren>using special-files-service-type, i think
<unmatched-paren>mirai: you could do ``(for-each (match-lambda ((field . path) ...)))''
<unmatched-paren>match-lambda is in ``(ice-9 match)'' of course
<unmatched-paren>but that doesn't matter anyway imo, as you should probably implement this with mixed-text-file anyway
<mirai>unmatched-paren: by constructing instead of using an activation service do you mean using the shepherd service to do it?
<unmatched-paren>mirai: by using special-files-service-type and a mixed-text-fil
<mirai>What's the difference between mixed-text-file and text-file*? When should I pick one over the other?
<unmatched-paren>mirai: i'm not sure exactly, but the manual says "[mixed-text-file] is the declarative counterpart of text-file*."
<mirai>I'm looking at special-files-service-type, so its a service that creates symlinks, is that right?
<unmatched-paren>mirai: symlinks to files in the store, yes
<unmatched-paren>and mixed-text-file et al create said files and return objects that become their paths inside a gexp
<unmatched-paren>all file-likes do that; such as ``origin'', ``local-file'', ``package'', ``plain-file'', ``computed-file'', etc
<mirai>So I am to use mixed-files, etc. within the activation service to create and place the config files in the store
<unmatched-paren>no, not within the activation service
<unmatched-paren>with special-files-service-type
<mirai>a "gexp" within special-service? as in `(("/var/lib/..." ,(mixed-text-file ....)) ?
<unmatched-paren>mirai: yes
<unmatched-paren>special-files-service-type uses an "alist of (path . file-like)
<unmatched-paren>mirai: activation-service-type is more for *mutable* state that needs to be set up before running the service
<unmatched-paren>but if you have something immutable like a config, it's best to use special-files
<mirai>(define my-service-type (service-type ... (extensions (list (service-extension special-files-service-type ALIST-OF-CONFIG-FILES
<unmatched-paren>mirai: yeah!
<unmatched-paren>actually, it would be (lambda (config) ALIST-OF-CONFIG-FILES)
<unmatched-paren>and of course the procedure would be extracted into a separate define...
<mirai>ah right, service-extension is a one argument procedure
<unmatched-paren>two-argument higher-order procedure :)
<mirai>that is fed with either the default-value or the configuration record
<unmatched-paren>well, the procedure that service-extension accepts is fed with that, yes
<unmatched-paren>but service-extension itself isn't
<mirai>**the procedure that is passed for service-extension
<mirai>yea, my bad
<mirai>One more thing, how can I patch and test existing services already in guix?
<unmatched-paren>mirai: use ./pre-inst-env like this:
<mirai>(/part of guix upstream that is)
<unmatched-paren>sudo guix shell -D guix -- ./pre-inst-env guix system reconfigure CONFIG-FILE
<mirai>say, extending nginx
<unmatched-paren>if you want to use nginx modules, i believe you just extend nginx-service-type...
<unmatched-paren>if you want to actually add a new feature to the service itself, use that command
<mirai>add new record-type fields
<unmatched-paren>if you try to use sudo ./pre-inst-env or ./pre-inst-env sudo, you'll get "module not found" errors
<mirai>thanks for the help
<unmatched-paren>no problem! :)
<gabber>is it possible `guix home container ...` mode of operation is different from that in my home environment? i'm having issues figuring out whether my home-emacs-service can't (require) emerges from the guix or the emacs side of the issue
<unmatched-paren>gabber: oh, yours can't either/
<gabber>should i just reconfigure home to test my luck?
<gabber>unmatched-paren: yes, it seems. have you tested yours only in a container?
<unmatched-paren>hmm, could you try removing the init file and adding --eval "(print load-path #'external-debugging-output)''
<unmatched-paren>gabber: nope
<unmatched-paren>it doesn't work outside a container either
<unmatched-paren>even though the load-path variable is correct
<gabber>i checked the load-path variable (which apparently automatically inherits from EMACSLOADPATH) -- it seems correct. maybe emacs has issues resolving chained-together symlinks?
<unmatched-paren>well, my load-path contains the absolute /gnu/store paths
<unmatched-paren>because i modify it to contain them
<unmatched-paren>and it still doesn't work
<unmatched-paren>hmm, wait.
<unmatched-paren>you know how when you build a profile, it says something like "Building Emacs subdirectories..."?
<unmatched-paren>sorry, it's actually "listing Emacs sub-directories"
<unmatched-paren>gabber: try this: ``guix install emacs-magit emacs-evil''
<unmatched-paren>and then ``cat ~/.guix-profile/share/emacs/site-lisp/subdirs.el''
<unmatched-paren>when a profile is built, this file is created automatically!
<unmatched-paren>so, we don't use the share/emacs/site-lisp directories
<unmatched-paren>we have to use the share/emacs/site-lisp/NAME-VERSION directories
<lxsameer>hey folks, does guix supports binary packages now?
<unmatched-paren>lxsameer: what do you mean?
<lxsameer>unmatched-paren: a package that the source is not available, e.g linux firmwares
<unmatched-paren>do you mean packaging binaries? the guix channel won't accept those, but you can write them yourself, though you'll have to do some patching of the binaries
<gabber>unmatched-paren: i'm somewhat confused. in my solution the packages are added to the home-profile. subdirs.el is generated and seems to contain everything necessary. so i doubt this is the reason why (require) won't work. i've also tried (require) with the optional path -- but i still get a "No such file or directory"
<nckhexen>lxsameer: Guix has always supported packaging arbitrary files, but it will never ‘support’ non-free software.
<unmatched-paren>gabber: hmm, yes. true.
<unmatched-paren>what's going on here? /gnu/store/9g8cvairk2x055nqsj0a6vv24pi0ljv2-shepherd-emacs.scm:1:1860: definition in expression context, where definitions are not allowed, in form (define (directory? directory) (and (file-exists? directory) (eq? (stat:type (stat directory)) (quote directory))))
<unmatched-paren>this is inside a #~(begin ...)
<lxsameer>nckhexen: thank you
<morganw>lxsameer: you can get some compatibility for existing binaries with the --emulate-fhs option. I've not used it but I think you can try in a shell with `guix shell --container --emulate-fhs $program`.
<nckhexen>I've used it and it's just as wonderfully as you describe, in the common case.
<nckhexen>*wonderfully simple
<nckhexen>I got so excited I a word.
<nckhexen>It's … PACKAGES -- PROGRAM [OPTIONS].
<zimoun>rekado_: since I know you use some “slow” computer and an Emacs user, have you switched to Emacs 28 with native-compilation? If yes, are you compiling AOT all your Emacs pacckages?
<Kabouik>gabber last night I was using my own mix (or, actually the example manifest provided in the Guix manual), but I also tried the whole 4GB package about 10 days ago and got the same issue. At the time I thought it was just me mis-using it so I didn't ask any questions, but since then I read somewhere in a guide (which I can't find anymore) that converting tex to pdf in Guix was not as straightforward as in other distros (and hence was not detailed in
<Kabouik>that guide), so maybe it's not just me
<unmatched-paren>Or guix shell -CF, for short :)
<gabber>unmatched-paren: was that directed at me (the shepherd-emacs in the store thing)?
<gabber>Kabouik: i have had issues converting tex to pdf with a minimal LaTeX installation but i'm fine with the full LaTeX suite. but i think i've had a similar issue when trying to go from org to pdf via tex
<gabber>unmatched-paren: have you tried the (require) with the optional path too?
<unmatched-paren>gabber: nope and nope
<ae_chep>`guix shell` calculates some env vars, and then drops into a shell in which those are present. I only want to be given what the config is, I don't want to be dropped into a new bash prompt. Can this be done? (reason: I normally use a non-posix shell and want to add a native support for it)
<nckhexen>-- true?
<nckhexen>-- env?
<unmatched-paren>ae_chep: maybe --export-manifest...?
<nckhexen>(To be added after the ‘guix shell’ invocation, sans ‘?’.)
<rekado_>zimoun: I use Emacs 28 and I noticed a lot of compliation messages when I first used certain features (like entering some mode).
<ae_chep>But `guix shell pkg1 pkg2 --export-manifest > manifest.scm` still needs to be followed by a `guix shell -m manifest.scm`. So it is not there yet
<efraim>does anyone have an easy way to compare the staging vs master branches for build failures?
<unmatched-paren>ae_chep: why is it not there yet? you said "I only want to be given what the config is"; the manifest is the config
<ae_chep>I need to know how the `env` is changed too
<unmatched-paren>i believe the env is simply calculated from the search-paths of the packages in the manifest
<unmatched-paren>as well as the implicit search-paths, PATH and GUIX_EXTENSIONS_PATH
<zimoun>rekado_: thanks. I am asking because I have not been annoyed on my desktop machine but then on my poor laptop, the first time experience is not great. Not because of Guix but because upstream design, IIUC. Anyway, thanks. :-)
<nckhexen><still needs to be followed by> Eh? IDGI.
<ae_chep>yes, so would a PR that allows `guix shell --export-env` be welcome?
<nckhexen>I don't see the use case.
<unmatched-paren>ae_chep: now, if you want the /etc/profile, you can do ``guix shell PKG PKG ... -- sh -c 'cat $GUIX_ENVIRONMENT/etc/profile'''
<civodul>or "guix shell --search-paths"
<unmatched-paren>oh, that's a thing? nice
<nckhexen>ae_chep: How does it differ from ‘-- env’?
<ae_chep>nckhexen: I have not thought of that
<nckhexen>Then you missed my message above and I am now unconfused :)
<nckhexen>*slightly less, let's not go overboard.
<ae_chep>I saw the thing about "<" needing to be followed by a ">"
<ae_chep>to which I thought "hm. o-kay"
<unmatched-paren>...and now I'm confused again :)
<nckhexen>ae_chep: I meant ‘-- env? (To be added after the ‘guix shell’ invocation, sans ‘?’.)’ earlier.
<ae_chep>I wondered what "IDGI" may stand for
<unmatched-paren>ae_chep: "I don't get it"...
<nckhexen><foo said blah> is just my (but a common) way of quoting folks on IRC.
<nckhexen>So much confusion.
<ae_chep>the `-- true?` `-- env?` followed by a `sans ?`. I noticed those but couldn't compose them together in my mind :/
<nckhexen>Well, we all got there in the end, and the true friend was the total confusion along the way.
*gabber is happy to not having missed it
<ae_chep>I quote people using double-quotes but can only go 2 levels deep. I similarly struggle when adding smileys inside paranthesis
<ae_chep>with that out of the way, I'll use `guix shell -- env` to put something together
<ae_chep>thank you both
<reyman>Hi guix guy,
<reyman>i have some problem to compile mutter-42.4, i'm alone in this case ?
<reyman>In log i have : 78/107 mutter:core+mutter/wayland / wayland-unit FAIL 2.50s exit status 1
<apteryx>so... I've experimented with baking Class-Path in Java .jar, and it works, but has the following drawback: we don't fully control the CLASSPATH ourselves. Java starts the search for its classes using the environment CLASSPATH, and visits each Jar and expands their own Class-Path attribute in a deep first search way, as far as I can see.
<apteryx>this means we can no longer easily "abuse" mixing java component versions that could sometimes work if the libraries mixed were backward compatible (as not controlling the CLASSPATH anymore an older version may be loaded first)
<apteryx>it also currently bakes too many references, as there's no way to differentiate between inputs and native inputs when compiling natively, on the build side
<apteryx>it breaks a few packages, either because of incompatible libraries loaded first, or by introducing cycles due to capturing the native inputs
<nckhexen>ae_chep: I'm in the ‘:-) closes a parenthesis camp’ but I still struggle with ‘:-( )’. Even with the space it looks like a monkey. Please advise.
<nckhexen>reyman: Can you share the full output (or as much as allows, starting from the bottom)? That message alone isn't enough info.
*nckhexen is building it though.
<ae_chep>nckhexen: I resort to square brackets
<ae_chep>(or I resort to ^.^ style of expressions, which make me seem more enthusiastic than I try to be)
<gnucode>unmatched-paren: I am officially using seatd. Thanks!
<unmatched-paren>gnucode: woot!
<unmatched-paren>are you using greetd with agreety?
<gnucode>unmatched-paren maybe...I don't actually know. I'll send you my config
<pkill9>so what exactly does seatd do? and what does it replace?
<unmatched-paren>pkill9: seatd replaces elogind
<unmatched-paren>which itself seems to be a grotesque hackjob carefully extracted from systemd so that we could have logind on Guix
<pkill9>does gnome work with seatd?
<pkill9>iassume not
<unmatched-paren>i don't think it will
<Kabouik>sneek: later tell gabber: Yes, I have only tried org-latex, i.e., going from org to latex to pdf. I am ashamed to admit I never really used LaTeX before, despite being in an academic field and knowing about it since my young student years, because unfortunately in my field almost no one uses LaTeX (and therefore I cannot collaborate with colleagues if I use it). Moving to emacs recently however led me to play with org-mode, finally, and it was an
<Kabouik>opportunity to play with org-latex and exporting my first org documents to PDF.
<sneek>Got it.
<unmatched-paren>pkill9: for it to work, it and its dependencies would all need to change from using elogind directly to using libseat, which is provided by seatd and abstracts over the differences between the two.
<Kabouik>sneek: later tell gabber: Maybe org-latex requires some fonts or whatnot that is not packaged in Guix yet, even the full suite, and maybe just doing Tex to PDF without the org-latex requirements would work.
<sneek>Will do.
<pkill9>libseat abstracts over the differences between seatd and elogind?
<unmatched-paren>pkill9: yeah
<unmatched-paren>it's provided by the seatd package
<unmatched-paren>oh, wait, it's not
<unmatched-paren>it's in the same source repo though
<gnucode>unmatched-paren: I couldn't get the sway greetd thing to work. as far as I can tell, I am still logging into a console...
<unmatched-paren>gnucode: did you copy my config?
<unmatched-paren>and add the supplementary-groups field?
<gnucode>pretty much
<unmatched-paren>mhat was the issue?
<gnucode>I didn't copy the supplementary-groups field though..
<gnucode>I just added "seat" to my user's group
<unmatched-paren>ah, you have greeter-supplementary-groups already
<gnucode>well, (greetd-wlgreet-sway-session (sway sway-latest) that seemed to try to start sway, but fails.
<gnucode>i would only see a black screen with a cursor.
<gnucode>but just got rid of the greetd-wlgreet-sway-session, and it seems to work.
<gnucode>I am also running a wayland only sway session.
<gnucode>I was surprized to discover that lxterminal runs fine in sway
<gnucode>wayland only that is
<unmatched-paren>doesn't it use gtk3+
<gnucode>unmatched-paren apparently.
<gnucode>I thoguht it was on gtk2
<unmatched-paren>gabber: I got (require) working! \o/
<unmatched-paren>(by using the share/emacs/site-lisp/... directories)
<AwesomeAdam54321>Is there a way to include the sources of all the packages in a Guix System image, in the system image itself?
<unmatched-paren>Next problem: the environment doesn't seem to be inherited by the emacs process.
<unmatched-paren>So I guess I'll need to add a (environment-variables ...) field.
<gabber>yay! what did you do? which part of the env?
<sneek>Welcome back gabber, you have 2 messages!
<sneek>gabber, Kabouik says: Yes, I have only tried org-latex, i.e., going from org to latex to pdf. I am ashamed to admit I never really used LaTeX before, despite being in an academic field and knowing about it since my young student years, because unfortunately in my field almost no one uses LaTeX (and therefore I cannot collaborate with colleagues if I use it). Moving to emacs recently however led me to play with org-mode, finally, and it was an
<sneek>gabber, Kabouik says: Maybe org-latex requires some fonts or whatnot that is not packaged in Guix yet, even the full suite, and maybe just doing Tex to PDF without the org-latex requirements would work.
<unmatched-paren>gabber: The problem I have here is that my init.el moves the backups, auto-saves, and lock-files into $XDG_CACHE_HOME
<unmatched-paren>to be precise, (concat (getenv "XDG_CACHE_HOME") "/emacs")
<unmatched-paren>but that getenv seems to return "" here...
<podiki[m]>hi guix!
<AwesomeAdam54321>hi podiki[m]
<nckhexen>unmatched-paren: Weird! So it's not unset. I'd check the environment of each process in the tree to see where it gets reset. Inheriting variables is not optional or opt-in.
<podiki[m]>hooray, matrix bridge seems to be properly bridge-y again
<nckhexen>They tried turning it off & on again.
<unmatched-paren>nckhexen: How would I do that? :)
<podiki[m]>insert IT Crowd gif :-)
<Lumine>"Did you see that ludicrous display last night"
<nckhexen>unmatched-paren: I think the most user-friendly way is (sudo) htop, with tree-view (‘t’) enabled, then hit ‘e’.
*nckhexen AFK.
<unmatched-paren>nckhexen: Ah, wait, so you're saying that the variable is set, but empty?
<unmatched-paren>That's even more bizarre.
<nckhexen>I think so? getenv returns #f if unset, no?
*nckhexen really AFK, sorry.
<unmatched-paren>I'm not sure about Emacs getenv.
<unmatched-paren>Scheme getenv, yes.
<gabber>unmatched-paren: "Value is nil if VARIABLE is undefined" says C-h f getenv
<unmatched-paren>gabber: Okay.
<unmatched-paren>So that's odd.
<unmatched-paren>(Thanks :))
<reyman>@nckhexen finally that works after retry... strange ...
<csepp>could someone restart the upower build or something? i see it got canceled which made tracker_miners not build which made a bunch of end-user applications not build.
<nckhexen>csepp: I don't see any cancelled builds but I restarted a ‘failed’ one. It's always helpful to include an exact link.
<csepp>nckhexen: thanks! will do next time. cuirass is a bit confusing for me, haven't used it enough yet.
<csepp>unrelated but does anyone have a *working* config for using Fish on Guix? i tried it but can't for the life of me figure out how to source the sh scripts of profiles.
<csepp>didn't find any tips in the info pages or the mailing list.
<unmatched-paren>csepp: I use Fish with Guix, but i've not chshed to it
<unmatched-paren>you shouldn't chsh on guix
<singpolyma>unmatched-paren: sounds ominous. Guix breaks chsh?
<csepp>i didn't i did a proper reconfigure. it's set up the same way i set up zsh on this machine i'm typing from.
<unmatched-paren>singpolyma: chsh breaks Guix, more like :)
<singpolyma>unmatched-paren: chsh came first so I think it can't be the fault of chsh
<csepp>i even created a fresh account instead of modifying my existing one.
<abhicherath[m]>How long does it take roughly before a bug report to gets a number?
<unmatched-paren>csepp: no, you just shouldn't use an alternative shell with your user unless it's POSIX
<unmatched-paren>rather POSIX-like
<civodul>abhicherath[m]: hi! if it's your first message, it can take several hours; after that it's fast
<abhicherath[m]>Thanks :)
<abhicherath[m]>Just wasn't sure if I messed something up or something
<singpolyma>unmatched-paren: do you know what guix bug causes this issue?
<csepp>unmatched-paren: ah. well that sucks. i'd count that as a bug tbh, bash is rather limited and Guix doesn't even ship a nice config for zsh.
<csepp>i had to install the GRML one manually.
<unmatched-paren>csepp: I just use Fish by setting foot's shell in the config to it
<csepp>i guess that could work. i have to manually exec to Fish on postmarketOS as well.
<unmatched-paren>singpolyma: the problem is the scripts guix runs on startup won't work with a non-bourney shell
<nckhexen>abhicherath[m]: In normal circumstances, not long, but the mailing lists have been experiencing longer than usual delays.
<nckhexen>There is no first-time delay for the bug or patch trackers.
<csepp>welp i'm writing a bug report anyway because forcing bash is not great. at the very least zsh+grml should be supported and documented.
<nckhexen>We don't ‘force bash’.
<unmatched-paren>csepp: i'd think guix's scripts would work with zsh?
<csepp>not literally, it's just that when i had to configure zsh i had to do a lot of trial and error because it was completely undocumented. (as opposed to, say, Arch.)
<csepp>unmatched-paren: they do work, but setting it up as a login shell was not trivial.
<unmatched-paren>right, okay.
<unmatched-paren>you could submit a patch for the manual.
<csepp>yup, this is a good reminder that i should.
<nckhexen>It will have a much better effect than a ‘bug’ report. :)
<singpolyma>unmatched-paren: why are the scripts run with the user's default shell instead of being shebangend into the store?
<csepp>it does fix the zsh case, but clearing up the status of all the shells in gnu/packages/shells.scm should be a documented TODO item.
<csepp>singpolyma: they are sourced, not run. they have to set environment vars.
<csepp>virtualenv solves this by having a bunch of activations scripts for all kinds of shells from bash to windows batch files.
<singpolyma>Couldn't it set the vars before executing the shell?
<unmatched-paren>the scripts are generated when the system is reconfigured
<unmatched-paren>to set up a profile with the right env vars
<nckhexen>singpolyma: Yes.
<nckhexen>That's how I recommend people fix this, by making some kind of bash ‘boot loader’ stage before executing an optional more exotic shell.
<gnucode>how many people use guix system on power9 ? I'm guessing less than 5 people.
<gnucode>actually is guix system ported to power9 ?
<gnucode>is guix9p a raptor machine?
<nckhexen>I don't remember. It's an OSUOSL VM.
<nckhexen>I vaguely remember somebody offering access to their own machine which might have been a Raptor?
<nckhexen>Emphasis on vaguely.
<gnucode>I just saw the guix devel email about potentially disable power9 support....
<gnucode>I'm tempted to donate $1000 towards buying a physical raptor machine.
<nckhexen>There should be another POWER9 node in the workers list (‘jade’), I don't know why it's not.
<nckhexen>gnucode: I haven't seen that mail yet.
<nckhexen>…so I hadn't seen the suggestion to remove powerpc64le support for the release.
<podiki[m]>should we have maybe a "guix survey"? to get a feel of what people are running and use?
<podiki[m]>though maybe server logs would tell us how much various substitutes are used for different architectures
<gnucode>podiki[m]: I think yes.
<podiki[m]>there are often some guesses around "well this package was broken forever and no one said anything, so maybe no one is using it on that architecture"
<podiki[m]>I think it would also be interesting in of itself to know what the guix user base is like
<gnucode>podiki[m]: I have noticed that gnome-clocks is no longer working for me on sway...
<nckhexen>I don't think gnucode's estimate was far off. Chickens, also eggs.
<gnucode>I should probably make a bug report
<podiki[m]>true, chickens/eggs
<podiki[m]>build it and they will come, etc
<cbaines>gnucode, I have a Power9 machine that's used for Guix things (a Talos 2 system)
<cbaines>so I don't think there more of a need for hardware for that specific architecture, but the hardware available needs putting to better use
*nckhexen reboots guixp9 to get a kernel update in.
<gnucode>cbaines: do you have guix system on it? How is the experience on it ?
<civodul>nckhexen: guixp9's back! thanks! :-)
<cbaines>gnucode, no guix system yet, the Guix grub package doesn't build for powerpc64le-linux
<cbaines>gnucode, so yeah, it's running Debian, but that single machine is easily able to keep up with building everything for powerpc64le, and I don't even leave it on all the time
<cbaines>practically the biggest issue is that it gets stuck having built 1000's of things, and then is slow to upload them
<nckhexen>Yeah, lack of hardware isn't the issue here, it's (if I summarise the mail fairly) the current requirement that the single machine has 100% uptime or Cuirass freaks out.
<zeta_reticuli>Hi Guix. When I install GuixSD manually after "guix system init /mnt/etc/config.scm /mnt" some packages reports errors like this "guix system: error: corrupt input while restoring archive from #<closed: file 7f5781b11bd0>". Does anyone know how to fix it?
<nckhexen>Extra hardware would be *nice* to deal with backlogs (such as we have now, but it shouldn't be bad) or extra development branches, but I really don't think it's the blocker some people might (justifiably) think it is from following along here.
<AwesomeAdam54321>zeta_reticuli: I think this might be caused by an network connection interruption
<gnucode>nckhexen: thanks for clarifying
<gnucode>cbaines that's a bit of a bummer. It would be cool to get Guix system on power...
<gnucode>but at least guix runs on it.
<cbaines>gnucode, here's the issue
<cbaines>I think efraim mentioned some approach to me about how Guix builds grub, but I forget what it is
<nckhexen>civodul: The reboot was just opportunistic, BTW, the real issue (in 2 senses of the word) was that the SSH tunnel needs to be run in a screen session, or at least that's what I did.
<nckhexen>So now I have 2 screen windows running 2 vital services :)
<cbaines>that scared him off...
<cbaines>nckhexen, is the VM on the berlin wireguard VPN thing?
<zeta_reticuli>AwesomeAdam54321: ok, thank you. I'll try enter "guix system" again
<gnucode>cbaines thanks for the link
<nckhexen>cbaines: It *should* be, but it wasn't reachable. I'm looking at that now.
<nckhexen>cbaines: I don't understand why guixp9 would be particularly problematic, to the point that it justifies disabling the guix jobset. Do you have an idea?
<nckhexen>Do the (also off-site) aarch64 machines drop out just as frequently, and one just always happens to be reachable in practice?
<nckhexen>Throwing hardware at *that* seems suboptimal.
<nckhexen>cannot build missing derivation ‘/gnu/store/daii3asls4h4z7cnq8abk4s29cbnzx44-emacs-auctex-13.1.5.drv’ 🤔
<cbaines>nckhexen, I think it's that just trying to compute the derivations to build for the guix jobset requires building derivations for all the supported systems
<cbaines>(because of grafts)
<cbaines>so when those builds can't happen, the Cuirass evaluation fails
<nckhexen>I've copied that .drv from berlin to guixp9 and restarted the emacs-auctex build, just to see what happens.
<nckhexen>cbaines: Right.
<unmatched-paren>ooh, i've got the environment variables working now
<unmatched-paren>the issue was i didn't use (default-environment-variables)
<unmatched-paren>next issue is that dependencies of the emacs packages aren't being found
<unmatched-paren>so i'll need to add each package's transitive propagated inputs to the list of packages
<unmatched-paren>shouldn't be too hard :)
<lechner>nckhexen: You probably don't use the equipment but, if you ever do, Hurricane Electric is five miles from my house!
<nckhexen>Oh nice. I've used their (free) services in the past. And they sent me a T-shirt.
<lechner>nckhexen: hello, fellow sage
<unmatched-paren>IT WORKS!!!!
<nckhexen>unmatched-paren: \o/
<unmatched-paren>Hitting Super+E under home-emacs-service-type finally pops up an emacsclient window with my entire configuration loaded! :)
<unmatched-paren>I'll send the service into the mailing list in a wee moment...
<unmatched-paren>Before I do that, should I try adding AOT compilation of early-init.el and init.el?
<nckhexen>lechner: If they're not as likable as their image on the Internet suggests, I don't want to know.
<unmatched-paren>I think it could be possible...
<nckhexen>unmatched-paren: It's up to you, but that's just as welcome as a separate improvement. Whatever gives you the most energy.
<unmatched-paren>Compile it into .eln if native-compile? is #t, and .elc if it's #f.
<gnou_lib`>Hello, I recently installed the Guix system with i3 on my PC, what happened is that I had a problem when I wanted to change the i3status configuration, I could not find the configuration file anywhere, could someone help me?
<unmatched-paren>gabber: ^^^ it works! :D
<lechner>nckhexen: they are great in my community! i obtained three radio licenses on their premises, and they host many good free software companies and organizations, such as and, although they do charge
<lechner>plus, their tunnelbroker service was invaluable for me for years
<unmatched-paren>Very interesting: If I prepend the EMACSLOADPATH and EMACSNATIVELOADPATH to the default environment, it doesn't workp
<nckhexen>sneek later tell gnou_lib`: At first glance, I don't see any Guix code to generate an i3status/config. Is it possible you've just been using i3status's built-in defaults? If so, creating ~/.config/i3status/config would suffice.
<unmatched-paren>But if I do (append (list ...) (default-environment-variables)), it works.
<nckhexen>lechner: Oh good, that's a relief (and of course they'd charge). And same, they were my only gateway to the IPv6 Internet for years. I filled in their T-shirt form on a lark, expecting never to hear from them again (or a polite ‘uhm, dude, you live in Europe’ e-mail), but nope. Still got mine.
<lechner>nckhexen: okay, i thought you had to pass all their ipv6 certification levels for the shirt. you got lucky!
<nckhexen>Uhm, I did.
<nckhexen>I just didn't expect a reward.
<nckhexen>Apart from unlocking some advanced settings in the tunnelbroker IIRC.
<jackhill>nckhexen, rekado_: looking through my old system generations, my certificate problem seems to have occured between 582b1f626f351d0c519c973ba3c49d1c270200bf and ec7ba6ae5308faba68181f3fffc7d115d37cd1d4
*unmatched-paren opens guix/build/emacs-build-system.scm to see how this whole AOT thing works
<nckhexen>jackhill: Could you share the problematic URL again?
<nckhexen>If someone catches gnou_lib when they reconnect, could you quickly send them a link? They might not be aware.
<nckhexen>jackhill: Thanks.
<jackhill>yw. I mean, it's my site, I could have done something wrong there too, but I don't see it, and ssl labs is happy with it.
<nckhexen>jackhill: You mean a particular commit within that range, right, not any commit within that range? (That would be too easy…)
<lechner>jackhill: it says " This page intentionally left blank."
<unmatched-paren>jackhill: if it means anything (i didn't see your original problem) the site loads for me
<nckhexen>jackhill: IIRC several Guix System users connected just fine at the same time, including me, so it's not your server (unless you're running behind some CDN joint).
<nckhexen>OK, make that *all* Guix System users, probably.
<jackhill>nckhexen: I mean it works with 58… and doesn't with ec… I haven't biscected yet.
<nckhexen>gnou_liber: Since you seem to be having connection problems:
<nckhexen>jackhill: Ah, OK.
<jackhill>lechner: yeah, I'm have cert validatation problems
<jackhill>on two different Guix System installs!
<jackhill>clearly I have offended the computer gods
*nckhexen builds the 582b1f6 VM of fail.
<gnou_liber>nckhexen: Thank you.
<lechner>jackhill: with wget (from scrollback)?
<jackhill>lechner: yes. I first noticed with epiphany, but have been using wget for testing
<lechner>jackhill: me, too
<nckhexen>lechner: As in, you also see failure?
<lechner>nckhexen: ERROR: The certificate of ‘’ doesn't have a known issuer.
<jackhill>lechner: yep, that's what I see too. Thanks for checking
<nckhexen>openssl s_client -port 443 -host
<gnou_liber>nckhexen: Yes, I am using i3status's built-in defaults.
<jackhill>The cert I'm using was generated with with let's encrypt and provided to Debian apache with the cert, key, and fullchain concatinated together.
<nckhexen>That's on a good commit.
<gnou_liber>I disconnected from the channel because I was having problems connecting to the channel on ERC (Emacs).
<nckhexen>gnou_liber: OK, then you'll have to create & populate the configuration file yourself.
<pkill9>apparently the internet contributes to the greenhouse effect as much as the aviation industry
<jackhill>nckhexen: openssl likes it:
<jackhill>I assume wget and epiphany are gnutls
<pkill9>well, current infrastructure used by and/or for the internet
<pkill9>or something idk
<nckhexen>jackhill: I'm not familiar with Apache. Is that the recommended method? I've only ever done that for ZNC, which gives you an indication of how ‘hmm’ it is IMO.
<gnou_liber>nckhexen: I have two other questions: 1. How do I uninstall the Network Manager applet? 2. How do I change the sound server from pulseaudio to pipewire? All this in the Guix system.
<jackhill>lol. I'm not sure about recommended, but it should work fine.
<lechner>certbot is the reference, i think, but the certificate is fine
<nckhexen>pkill9 might be able to help with Pipewire. Be aware that it is not fully supported in Guix yet; there is absolutely no (use-pipewire? #t) setting that will magically make it work.
<pkill9>gnou_liber: i had pipewire working, n3ed to set it up again
<pkill9>since i switched to new laptop
<jackhill>I use pipewire manually. What I do is start pipewire, start wireplubmer, and then start pipewire-pulse. If your desktop environment starts pulseaudio automatically by connecting to its socket, then you can race killing pulseaudio and starting pipewire-pulse
<apteryx>cwebber: that job posting reads excellent, good luck!
<cwebber>apteryx: yay, thanks!
<cwebber>guix contributors in general are exactly the kinds of people we're interested in. If uncertain, send in an application :)
<cwebber>and yeah we use guix for all our stuff at the spritely institute too
<unmatched-paren>i'm going to try doing a system pipewire-service-type, i think
<unmatched-paren>after this emacs home service :)
<gnou_liber>pkill9: How do you manage to get it working?
<unmatched-paren>gnou_liber: i did this for pipewire:
<gnou_liber>unmatched-paren: Thank you.
<lechner>jackhill: on an affected system, curl reports curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
<nckhexen>gnou_liber: For the applet, you can't ‘uninstall’ it, it's provided as part of %desktop-services. I don't know how to remove it using modify-services.
<unmatched-paren>Hmm. Seems as if emacs doesn't provide a way to express (byte-compile-file INPUT OUTPUT), only (byte-compile-file INPUT).
<gnou_liber>nckhexen: I understand, thank you for your help.
<unmatched-paren>I won't do AOT compilation for init.el, I guess.
<nckhexen>gnou_liber: You could ask on
<pkill9>gnou_liber: basically just by stopping pulseaudio,then running pipewire,then pipewire-pulse and wireplumber
<pkill9>i did have pipewire running in a home service
<pkill9>try doing pkill pulseaudio && pipewire
<pkill9>then pipewire should run before pulseaudio restarts
<pkill9>what i need is to make a guix system service that starts my user shepherd
<pkill9>so it runs before i login
<nckhexen>lechner: Do you have an /etc/ssl? I don't, on --commit=582b1f6.
<nckhexen>It's a dead link. I assume that's not a bug in my VM, but checking just in case.
<gnucode>unmatched-paren: are you helping the guy make that emacs home service ?
<unmatched-paren>gnucode: Which guy? :)
<gabber>unmatched-paren: it does? would you mind to share?
<gabber>i'd love to have a look and try!
<unmatched-paren>Gah, just when it was all going so well, I tried logging out, logging in on tty3, and ``emacsclient -nw''... the socket refused the connection D:
<unmatched-paren>And now it refuses whenever I try it on (graphical) tty1...
<lechner>nckhexen: yes, i do. i am on commit e0b414fc599c2d9092dfa57455f035cbedb7810e, i think, but also have the other non* repo activated
<gabber>does your home service stop on each logout?
<unmatched-paren>gnucode: Oh, that one.
<nckhexen>I'll virtualmachinalise that commit.
<nckhexen>No point in debugging this if my VMs aren't being built right.
<lechner>nckhexen jackhill: curl also reported using gnutls * GnuTLS ciphers: NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509:-VERS-SSL3.0
<unmatched-paren>I looked at their patch, and (I don't intend to be rude or patronising; I'm aware that it's their first patch, and it's a pretty good first patch) I wasn't too impressed (it doesn't handle launching emacs --daemon at all, for example)
<nckhexen>Yes, cURL should use GNUTLS.
<jackhill>lechner nckhexen interesting. I'm working on a bisect currently
<nckhexen>Oh, thanks!
<gnucode>unmatched-paren gotcha. How do you manage to launch emacsclient in sway? Do you have a keybinding for it?
<unmatched-paren>gabber: It should stop at logout, given that it's a home service and thus, afaics, tied to a session?
<unmatched-paren>gnucode: I do.
<gabber>do many people use emacs in a non-daemon way? if so we should consider that as an option to the home-service
<gnucode>ahhh. gabber I guess I use emacs in a non-daemon way. hahaha
<nckhexen>Ey, that's my keybinding.
<unmatched-paren>gabber: Emacs without daemon mode is excruciatingly slow, IME.
<unmatched-paren>Even on a modern laptop such as this.
*nckhexen nods.
<unmatched-paren>Slow to launch, I mean.
<gabber>unmatched-paren: so my guess is it doesn't nicely stop or not start after login
<unmatched-paren>Okay that's weird.
<unmatched-paren>herd restart emacs produces:
<gnucode>unmatched-paren: I gave up rolling my own config...I'm on doom emacs now.
<unmatched-paren>gabber: Here's the service so far:
<gabber>omg what did you do!?
<gabber>nice, thanks!
<unmatched-paren>i don't know /o\
<unmatched-paren>but it works after a restart
<unmatched-paren>i'm pretty sure it stops cleanly, since i don't just kill it to stop the service, i do ``emacsclient --eval (kill-emacs)'' like you do
<gabber>and the bug doesn't reproduce anymore?
*unmatched-paren gonna log out again to test
<unmatched-paren>Can confirm logging out breaks it.
<unmatched-paren>But this time, restarting doesn't yield a system-error message.
<unmatched-paren>The plot thickens :)
*unmatched-paren going to restart, to see if it works ootb after that
<kaelyn>Has anyone else encountered this error building file@5.42 for i686 on core-updates: "/tmp/guix-build-file-5.42.drv-0/file-5.42/src/.libs/file: symbol lookup error: /gnu/store/5vac93xqlc3zq6jhdg097k0jvw0g1y22-glibc-mesboot-2.16.0/lib/ undefined symbol: h_errno, version GLIBC_PRIVATE"?
<unmatched-paren>So, it works fine after a clean reboot.
<lechner>nckhexen: maybe cURL should use wolfSSL
<unmatched-paren>gabber: I think this confirms your hypothesis about it not cleaning up something when logging out...
<unmatched-paren>So, logging out, and jumping to tty3, then doing emacsclient -nw, now prints ``*ERROR*: cannot open file: /dev/tty3''...
<unmatched-paren>And after that I get the system-error when restarting the emacs service.
<unmatched-paren>And then all is fine.
<unmatched-paren>I don't see anything special in make-kill-destructor that would make this work...
<gabber>ah, you mean using emacsclient among different consoles? aren't there login-specific XDG envvars?
<unmatched-paren>Yeah, I do.
<unmatched-paren>So, should this not work anyway and it's nothing to worry about?
<gabber>does that actually work when you're using emacs without your home-service?
<unmatched-paren>I dunno; I'll check.
<unmatched-paren>it doesn't \o/
<gabber>aha! i guess that's a fd.o feature
<gabber>so it just werks™ now?
<unmatched-paren>Without even installing any emacs packages into the profile, except for emacs itself :D
*unmatched-paren git format-patch \o/
<gnucode>unmatched-paren: should I go ahead and tell the other guy working on the emacs home service... to work on something else?
<unmatched-paren>gnucode: It seems like they've been working on that for a while, I don't really want to make them feel as if all their work was for nothing...
<gnucode>yeah fair... I'd rather know if someone else completed my opensmtpd-records though....
<gnucode>that's the only thing I've been working on. :(
<gnucode>I honestly have no idea how you have the dedication to create as many patches as you do. :)
<unmatched-paren>thanks :)
<unmatched-paren>i want to start working on some of my own projects, but actually getting things started is a chore, and it's much easier to contribute to an existing project like Guix
<nckhexen>jackhill lechner: You're missing /etc/ssl/certs/DST_Root_CA_X3.pem , right?
*nckhexen got called away, sorreh.
<jackhill>nckhexen: correct
<unmatched-paren>besides, scheme is fun to write, and guix is fun to contribute to
<gnucode>unmatched-paren what sort of projects do you want to work on ?
<gnucode>guile-steel ?
<gabber>unmatched-paren: word
<unmatched-paren>gabber: ?
<jackhill>that file seems to be in mjmpb4k2g21p7hyx9zq57p9xymbl16ac-nss-certs-3.71
<unmatched-paren>gnucode: working on guile-steel would be well beyond my ability :)
<jackhill>but maybe not in 1klwvqm3njp070h982ydcix1gzf2zmdl-nss-certs-3.81/
<gnucode>unmatched-paren somehow I doubt that. I hear tell that you have GC code that will trash unused objects at exactly the right time. :)
<tribals>Hi, folks!
<tricon>tribals: howdy.
<gabber>unmatched-paren: to your statement before mine. it's fun!
<tribals>Is there a way co get os configuration from runnig OS made from unknown source file?
<jackhill>Presumably nss-certs removed it for a reason, but why does Let's Encrypt still use it? I guess that isn't a Guix problem
<jackhill>or maybe it's something is doing wrong that certbot doesn't do. Either way, not guix's problem…
<nckhexen>Oh, that was little more than a guess. There was 0 time between my last peek at this earlier and now. No thought took place.
<nckhexen>And I'd confused X3 with R3 (not for the first time!)
<nckhexen>And the bad commit has ISRG_Root_X1.pem so that ain't it.
<nckhexen>(And it's not missing from ca-certificates.crt)
<nckhexen>‘dynamic linker name not known for this system "x86_64-linux"’
*nckhexen sighs.
<tricon>the running config is at: /run/current-system/configuration.scm. what are you hoping to do?
<tricon>tribals: ^
<jackhill>nckhexen: somehow I have the memory that openssl looks at one and gnutls looks at the other. Not sure though.
<nckhexen>Yes, the above error is what I got when trying to install curl to check that (I don't know my way out of a wget paper bag).
<tribals>tricon: thanks
<tribals>tricon: it worked
<tribals>tricon: I'm trying to use it as base point for my own configuration, but I don't know much how to write configurations
<lechner>nckhexen jackhill: my affected system also lacks the DST certificate, and a working system has it but i am not sure how that is related
<tricon>tribals: happy to help where i can. it can feel daunting at first, but i recommend initially looking at it as a "configuration language (DSL). as your understanding of Scheme/Guile increases, you'll see the programming underneath it and understand how you can accomplish various tasks.
<unmatched-paren>Oh, awesome, I got an ack really quickly there..
<lechner>nckhexen jackhill: my affected system also ships ISRG_Root_X2.pem in addition to the X1 available on both, although i am not sure how that is related, right now either
<unmatched-paren>IT HAS BEEN DONE.
<tricon>unmatched-paren: your avatar on that site gives me anxiety.
<gnucode>unmatched-paren: would your emacs home service work with say doom emacs ?
<unmatched-paren>gnucode: i don't know how doom works
<unmatched-paren>tricon: Ah, :)
<gnucode>I guess I'll just have to test it... but I haven't actually migrated to guix home yet....
<tricon>unmatched-paren: hah! i hadn't seen that one. perfect.
<tribals>tricon: the most challenging part for me is how to write configuration and do not loose access to remote machine
<tricon>tribals: understandable. i've had to remote to the console of a VM before for that reason.
<lechner>Hi, how can I invoke 'build.bash' instead of 'go install', please? this does not find the build.bash
***daviid` is now known as daviid
<lechner>build.bash is located in the root of the source repo
<unmatched-paren>lechner: you'll need to do something like
<unmatched-paren>(lambda* (#:key import-path #:allow-other-keys) (invoke "sh" (string-append import-path "/build.bash")))
<unmatched-paren>(the ``inputs outputs'' is unnecessary)
<unmatched-paren>also, try using gexps instead of '(...)
<unmatched-paren>they are generally preferred now
<unmatched-paren>and the description's texinfo is messed up a wee bit
<unmatched-paren>you should probably have something more like this:
<lechner>unmatched-paren: thanks! the import-path is not enough, though
<unmatched-paren>try adding (invoke "ls" import-path) (exit #f)
<unmatched-paren>and examine the output
<unmatched-paren>oh, sorry
<lechner>sh: No such file or directory
<unmatched-paren>i just realised
<unmatched-paren>you need to do (string-append "src/" import-path "/build.bash")
<unmatched-paren>i forgot the src/
<lechner>unmatched-paren: thanks, that worked! unfortunately, the script is unable to determine the gocryptfs and FUSE versions. can you tell why?
<unmatched-paren>lechner: git-fetch deletes .git
<unmatched-paren>because .git is deterministic
<unmatched-paren>so it would break the reproducibility of source outputs
<unmatched-paren>lechner: you might want to just write a src/(import-path)/VERSION file containing #$version i guess
<nckhexen>jackhill: lechner: Back again. The presence & absence of DST_Root_CA_X3.pem is definitely involved in this, whether or not it shouldn't be.
<unmatched-paren>and for the fuse version...
<nckhexen>jackhill: Uhm, you said SSL Labs was happy with your server (silly of me not to check): ‘Chain issues: Incorrect order, Extra certs’
<unmatched-paren>ah, i think ``go list'' uses ``go get'' installed packages
<nckhexen>Which again points to this weird concatenation you're doing. Are you sure that's legit?
<unmatched-paren>so it wouldn't pick up on guix go packages
<unmatched-paren>so, just patch that bit away i guess, and use GITVERSIONFUSE=#$(package-version go-...-fuse)''
<lechner>unmatched-paren: i could patch out this line, but the info is also used in filesystem creation, which may help with debugging later
<lechner>unmatched-paren: also, why is it building with go 1.17.11 instead of 19
<nckhexen>jackhill: Even so, can you try without it? Debugging an incorrectly configured server is not what I signed up for 😛
<unmatched-paren>lechner: the latest go available in guix is 1.19, but the ``go'' variable used in builds is 1.17
<unmatched-paren>because if we changed ``go'' it would trigger mass rebuilds of the go ecosystem
<unmatched-paren>so we need to wait before we do that
<nckhexen>jackhill: really…
<tribals>(system "i686-linux")
<nckhexen>jackhill: You're serving this bad certificate yourself, no wonder I couldn't find it in Guix :)
<tribals>What it needs to be for x64?
<tribals>from here
<nckhexen>(x64 is what Windows calls it.)
<tribals>nckhexen: underscore?
<unmatched-paren>x86-64 has three names; that, x64, and amd64.
<unmatched-paren>It's very weird.
<nckhexen>jackhill: Specifically, stop sending X1, and you should be good. That is Guix's (well, nss-certs') job, not Apache's.
<vivien>Why does self-contained-tarball in (guix scripts pack) use gexp->derivation and not computed-file? I wish I could use its output as a gexp input
<nckhexen>unmatched-paren: Not counting x86_64 just for fun!
<nckhexen>tribals: Yep.
<vivien>I’m trying to populate a flatpak repo with a pack of my application, and I need a self-contained-tarball for that
<vivien>Maybe I could find all transitive inputs and take a big directory-union of that
<nckhexen>jackhill: This is what it should look like (sorry to use my own as example of win, but hey):
<vivien>(no it would not work, I need a self-contained thing)
<vivien>Can I use a derivation as a gexp input? I think I could by running it, get the output file name in the store, and convert it to a local-file, but it feels very un-guixy
<jackhill>nckhexen: thanks, sorry about that, let's see if I can fix it
<vivien>The manual says I can do #$obj when obj is a derivation, but I get "invalid G-expression input"…
<nckhexen>jackhill: I'm not annoyed at you for saying ssl labs was ‘happy’, I'm annoyed at myself for not verifying that. I understand that the big green ‘A’ (or whatever it was) made you think so.
<nckhexen>‘Yey, your site is secure! …on old systems that happen to shadow the bogus root you ship, but who's counting.’
<jackhill>nckhexen: yes, also, I've fixed it to the non-expeired root now, but I still have "incorrect order, Extra certs". Works thought!
<lechner>unmatched-paren: hi, what does this mean, please? go list -m: not using modules
<lechner>jackhill: was this an issue with
<unmatched-paren>lechner: i'm not sure, i think it means we're using GOPATH instead of the new "go modules" system, so ``go list -m'' can't possibly work?
<jackhill>lechner: yes, at least since I had been using the installation for some time, it was defaulting to the expired chain. I fixed it with `./ --set-default-chain --preferred-chain "ISRG" --server letsencrypt`
<jackhill>thanks for playing along with me.
<lechner>jackhill: glad it worked out!
<lechner>unmatched-paren: thanks! i made all the changes you suggested. can i make test.bash work, too? I get
<jackhill>and thanks to guix for surfacing the issue before someone not-me complained :)
<unmatched-paren>lechner: i don't know there.
<unmatched-paren>does it need openssl to be in the inputs or something?
<lechner>jackhill: Your site says " This page intentionally left blank."
<unmatched-paren>(stab in the dark, it probably doesn't...)
<lechner>unmatched-paren: the network access seems more serious
<jackhill>lechner: on purpose. Maybe some day it will say something else.
<unmatched-paren>lechner: O.
<lechner>jackhill: no problem, but why would anyone complain about it not serving correctly?
<jackhill>lechner: oh, you mean because it's blank? I do have some non-crawlabe pastbin type stuff there, and other sites with the same configuration
<lechner>jackhill: sorry, just being facetious! good to see you here, btw. i think a read a bunch of your stuff in or around #haskell
<lechner>unmatched-paren: how can i do something like this with gexp, please?
<unmatched-paren>lechner: (cons* #:import-path directory arguments), i think?
<unmatched-paren>or if that fails (append (list #:import-path directory arguments))
<unmatched-paren>actually, you could really just do
<unmatched-paren>(apply (assoc-ref %standard-phases 'build) #:import-path directory arguments)
<vivien>So maybe I understand the problem: self-contained-tarball does not return a derivation, it "monadically"-returns a derivation, so I have to do #$(run-with-store (open-connection) (self-contained-tarball …)) instead. I’m not sure, because I don’t understand exactly how I should create the second argument ("profile") of self-contained-tarball.
<vivien>I tried "make-manifest" but it seems to fail
<unmatched-paren>Aerc v13 sent.
<unmatched-paren>I had to mess around a wee bit with substitute* to patch some executable invocations.
<unmatched-paren>It's now back up to 42 patches :(
<unmatched-paren>The 41st is for updating tcell-v2 to 2.5.3, the 42nd is for adding tcell-term.
<vivien>I DID IT!!!
<unmatched-paren>vivien: wonderful! :)
<vivien>It was: $(run-with-store (open-connection) (mlet* %store-monad ((profile (profile-derivation (packages->manifest (list package …)))) (tarball (self-contained-tarball "the-pack" profile))) (return tarball)))
<vivien>The pack is suspiciously large though
<vivien>319 store items, 2G
<vivien>That’s a bit much than what I expected for guile and gtk
<lunabee>are go cli tools also packaged under the go-domain-package convention or just libraries?
<nckhexen>Try to avoid it.
<nckhexen>(The go-read-this-very-long-package-name-ill-wait style names, I mean.
<lunabee>ah alright
<lunabee>any reason guix import uses that format then?
<nckhexen>…actually I can't really think of plausible exceptions so s/Try to //.)
<unmatched-paren>lunabee: it can't possibly tell between a tool and a library
<unmatched-paren>there's no difference in go
<nckhexen>lunabee: Because it can't know. Guix import should not be used without human supervision & loving correction.
<unmatched-paren>except a tool uses the ``main'' package...
<lunabee>wait, avoid go-package-name in general or for only tools?