IRC channel logs


back to list of logs

<RavenJoad>juliana[m]: I did add "-nic user,model=virtio-net-pci", but my host still cannot access the VM's nginx server.
<RavenJoad>I do have (service dhcp-client-service-type) in the services list, and I can traceroute out of my network. But my host does not see the VM as up at all. My host also does not have an interface on the same subnet.
<graywolf>RavenJoad: I think you need to add the hostfwd=tcp::10022-:22 from the Running Guix in a VM page.
<graywolf>-nic user is unprivileged, so afaict it cannot really create new devices on the host, so you need to forward specific ports you are interested in
<xelxebar>rekado: Interesting. So far I've just been willy nilly nuking ~/.config/ibus when reconfiguring. The ibus command is good to know.
<xelxebar>So ibus read-cache shows an Anthy component with reasonable paths. ~/.config/ibus-anthy/engines.xml is referenced, however, which doesn't exist on my system.
<xelxebar>ibus list-engine shows no Anthy, though.
<xelxebar>Nuking ~/.cache/ibus and running ibus read-cache complains that it can't read the cache, which is indeed expected.
<xelxebar>ibus list-engine output doesn't seem to change, however. Is that expected?
<michal_atlas>Hello, is there a way to add additional dependencies to a service, while instantiating it?
<xelxebar>Thank you for helping, BTW. Not being able to input Japanese has been making work 20% more painful for the last few weeks.
<xelxebar>michal_atlas: You're wanting to control the startup order of services?
<michal_atlas>Yes, one of the services I run (ipfs) only depends on loopback and starts before a mount it needs does.
<michal_atlas>Or rather a mount I want it to need.
<xelxebar>As far as I'm aware, there's no general facility to add ad hoc deps between services like that. However, patching ipfs with a configuration option to do what you want might make sense.
<xelxebar>The service dep is under ~/gnu/services/networking.scm and is pretty darn straightforward.
<xelxebar>Does /var/lib/ipfs sit under a separate mount point or something?
<xelxebar>If so, it definitely makes sense to patch the service to wait for the %ipfs-home path to become available.
<michal_atlas>Yes, that's the idea.
<michal_atlas>oh, that makes sense
<michal_atlas>not sure how that would be done though...
<michal_atlas>in a general sense
<xelxebar>You ever written a service def before?
<michal_atlas>true that I could inherit my own service def and just explicitly list the filesystem-/var/lib/.. as a requirement
<michal_atlas>Thanks, that'll probably work
<mirai>michal_atlas: some services have a 'shepherd-requirement' field
<mirai>you can take inspiration from that and add to your service
<xelxebar>Interesting. Probably want that available for *all* services by default.
<michal_atlas>Snatched the words out of my mouth,
<xelxebar>michal_atlas: I'm not 100% sure what you're envisioning. I was thinking you could patch the upstream def with an added service-extension to wait on whatever filesystem contains %ipfs-home.
<xelxebar>The thing I'm unsure of is exactly how to map filesystem paths to services in this context, but there's gotta be a pre-packaged proc for that.
<mirai>marginally related, it's a motivation for <>
<xelxebar>Ooo. Extensible record types. That *does* seem like something obvious one would want.
<michal_atlas>I could do that, I'm not sure how one could determine what filesystem it is in though. Unless the user would have to make that explicit, which seems ugly.
<trevdev>I've been watching and re-watching a lot of Andrew Tropin's work and he seems pretty comfortable with direnv for creating arbitrary guix shells that have custom envs.
<trevdev>I think I'm gonna give it a try.
<hab25[m]>Why does guix do releases (e.g. 1.4); how are they useful? Context: I just installed 1.4 and am deciding whether to guix pull
<xelxebar>hab25[m]: Just useful for the live distros, AFAIU.
<xelxebar>One thing that arguably makes Guix harder to rely on in prod envs is the lack of LTS-like channels. Things mostly just work, but sometimes upgrades end up doing lager-than-patch-level upgrades which break some inter-package assumptions.
<xelxebar>That said, on my personal machines (laptop, VPS, etc) I just stop worrying and guix pull / guix system reconfigure all the time.
<trevdev>"lack of LTS-like channels" I get that having a "stable" release system is reassuring, but we can pin and time machine. This feels predictable and stable to me
<the_tubular>There's a bit more to it to LTS
<the_tubular>Like back porting security patches and stuff
<the_tubular>Also being supported
<trevdev>Yeah that makes sense
<hab25[m]>Thanks for the information
<trevdev>I feel like Nix is commercially viable. I hope we can get there.
<the_tubular>Talking about nix, what's happening to their build machines ? I heard there was a problem storing binaries because they take up too much space.
<trevdev>TL:DR; their AWS sponsor got sold and the new owner doesn't want to carry the cost
<trevdev>Guess it's time to leave AWS! Easier said than done at this point
<Caesar>(And AWS keeps people hostage with huge extraction costs.)
<trevdev>On the bright side it's just the cached builds (their 'substitute' servers). Nix will not die because of this
<trevdev>It will be painful downstream if there's a lapse in cached goods though heh. Like that time I didn't know I could add substitutes at all, and spent over an hour building Firefox twice.
<Caesar>Gentoo users don't understand.
<juliana[m]>i don't think commercial viability is a positive for a project like guix. academic viability? absolutely. communal viability? sure. but corporations like to own or at least control, and they also destroy everything they touch. no thanks
<trevdev>Am I close to right if I say Arch is to Gentoo as Nix is to Guix?
<trevdev>Thankfully Guix is licensed to deter most evil corporations. Getting money in a world we live in that needs money is never a bad thing.
<juliana[m]>this is true
<mirai>its missing the A of AGPL tho :-)
<Caesar>Apropos waiting for long build times. I just configured my first Guix a few days ago. As a first action, I tried to package a small rust project I wrote. Which predictably failed, because it requires Rust 1.70, and my own attempts at bootstrapping from the currently available 1.67 to 1.70 were... unfruitful. I read, and I have a few questions based on that.
<Caesar>It says "this patch would rebuild 25834 packages" - Why? Aren't most of those download-only crate dependencies? Why do they depend on rust?
<trevdev>Caesar: Hats off for fully engaging. I never cared to build anythng until I wanted to contribute. Still learning.
<Caesar>Also, even if those patches land, I assume they'll be in some branch, right? Can I somehow use that branch as an extra channel for my own builds?
<juliana[m]>hab25: to answer your unasked question, you want to pull
<juliana[m]>ˈt͡sɛːzaɐ̯: that's... a difficult question to explain. the short version is that rust (well, cargo really) and guix overlap a lot in terms of role and objective, and they disgree radically on some things (static vs. dynamic linking) while agreeing on some other things (reproducibility) and both assuming absolute authority and thus discretion over those issues
<juliana[m]>also that patch was written by a member of my community and i'm extremely proud of fær. I didn't think fæ would be able to do it tbh
<juliana[m]>patch series*
<the_tubular>Thansk for the TL:DR trevdev, so what are their course of action now ?
<the_tubular>Just Nix without substitutes ?
<juliana[m]>ˈt͡sɛːzaɐ̯: also, wrt using that code, you have two options. you can download the patches and apply them to a local checkout of guix, then install them using pre-inst-env; or you can try to copy the patches into a separate, local package definition file and use it with the -f flag available in severel guix subcommands
<Caesar>The latter is still a bit hard for me, too little experience with Guix. Guess I'll go with the former, ty.
<hab25[m]><the_tubular> "Just Nix without substitutes ?" <- AWS itself is sponsoring their cache and will continue for at least another year; they're figuring out their next move. There are very well explained announcement posts regarding what transpired
<the_tubular> Nice, I'll go read those, only heard about this cause I follow guix closely
<trevdev>juliana[m]: From as much as I could stand to read they are accepting donations and organizing a task force to deal with the root issue.
<the_tubular>Also doesn't AWS manage a distro ...?
<Caesar>Amazon Linux? Sure (but not sure if it's not just a rebranding of RHEL or something). But how does that relate?
<the_tubular>I just found it curious they also sponsored another distro
<the_tubular>But I've never used it and if it's just RHEL then that makes more sense
<Caesar>From what I understand, the point of it is that it has a kernel with some settings tuned to their virtualization. It's not a general-purpose for-any-machine distro by intention. I do wonder if they wouldn't have gotten better results by just providing kernel package source channels+servers for a few common distros.
<takev[m]>I am writing a patch to resolve a todo that I saw, which required a couple of tweaks to the input and a flag in the build step of a package. How do I write the commit message for that case?
<juliana[m]>what do you mean? like how do you indicate inputs within a package?
<juliana[m]>if you need to indicate a field within a package you'd do that like...
<juliana[m]>* gnu/packages/<file>.scm (<package-symbol>) [<field>]: <description of changes>
<juliana[m]>if you have more than one field within a file you would just put a linebreak between their brackets and changes. same with symbols. unless they share changes in which case you'd list them, separated by commas, within whatever delimiter
<juliana[m]>so like "[<some-field>, <some-other-field>]: <related changes>\n[<another-field>]: different changes"
<juliana[m]>hey matrix? that's absolutely not what i wanted you to do
<juliana[m]>`[<some-field>, <other-field>]: <related changes>\n[<another-field>]: <different changes>`
<juliana[m]>I ran into a weird issue with a g-expression where I was trying to use cut, but if I used #:modules to import srfi-26 it suddenly claimed to be unable to find gnu-build?? anyone know what's up with that
<lilyp>juliana[m]: #:modules needs to completely capture all modules you want to have, including gnu build modules
<lilyp>see existing declarations on how to use it
<juliana[m]>when i add (guix build-system gnu) i still get the error :/
<lilyp>(guix build gnu-build-system) and (guix build utils) are the modules you're looking for
<cnx>may i have some eyes on senpai (irc client)?
<iyzsong>cnx: re ibus-table, does set IBUS_TABLE_LOCATION to ~/.guix-profile/share/ibus-table (which should contains tables/*.db files) works? it seems ibus-table already use that environment variable.
<cnx>(it's the system one because it can't get ibus to work when declared in guix home) hmmm it's already set but to multiple ones
<cnx>ibus-table doesn't seem to handle that
<cnx>ah yes i can wrap ibus table with explicit value (what is the alias for /run/current-system/profile?) instead of putting that in search path
<iyzsong>no, you can instead declare the search-path being 'single' with #f as seperator
<cnx>IBUS_TABLE_LOCATION is now /run/current-system/profile/share/ibus-table and no table shows up
<iyzsong>do you have /run/current-system/profile/share/ibus-table/tables/*.db files?
<iyzsong>um, seems need more debug, have to follow its code... maybe i can do some tonight (5 hours later)
<cnx>thanks (i've been delaying this for 5 months now so 5h is nothing lol)
<iyzsong>that's glad to hear lol 🥹
<cnx>hmmm what could possibly make guile wanna apply foo in (package (argument (list #configure-flags '(foo))))
<cnx>alright i shouldof rtfm and used #~(list
<cnx>is it possible to specify nested origin?
<cnx>context: a package would otherwise download and unpack a tarball in a subdirectory
<iyzsong>cnx: i guess 'snippet' can do that
<iyzsong>use a gexp snippet, and do a (unpack #$other-tarball) in it
<cnx>how do i download the other tarball?
<iyzsong>you don't, define it as another origin, and when referenced in the gexp, it get downloaded by guix
<cnx>as in let some name be an origin? what would that be, a string?
<fries><juliana[m]> "also that patch was written by a..." <- thats me!
<fries>Cat Disruptor 6000
<iyzsong>cnx: i don't understand your question.. you can pass (origin ..) as inputs too, or embded in source origin's snippet.
<cnx>ah, i found an example at libigl, thanks
<lissobone>Hi, guyz.
<lissobone>I am compiling ffmpeg with the --with-configure-flag=ffmpeg=--enable-librubberband option. However, it seems to require a corresponding input. How do I specify such an input on the command line, if possible?
<xelxebar>What I find mildly annoying about origin-in-inputs is the fact that they're invisible to `guix build -S`.
<jpoiret>lissobone: i don't think you can specifiy an additional input on the CLI, you'll have to write a package for that
<jpoiret>nothing too hard though, esp. if you have some experience with it
<jpoiret>you'll want to use substitute-keyword-arguments to add the configure flag, there are examples all over guix packgaes
<cnx>is there a build util to write a file
<next4th>cnx: re: ibus-table, it need wrap ibus-daemon with python/gi envs,
<jpoiret>cnx: you can use (call-with-output-file (lambda (f) (display f "hello")))
<jpoiret>janneke: do you have the test output of the gc-roots?
<jpoiret>I wasn't sure about that test change, hence why I wanted Ludo's opinion on it
<janneke>jpoiret: ah sure
<janneke>expected-value: ()
<janneke>actual-value: ("/tmp/guix-tests/var/19337/profiles")
<janneke>ACTION will update the bug too
<janneke>jpoiret: this was from a plain `guix build guix' in a hurd-team childhurd, fwiw
<jpoiret>so the exact opposite of what happened before that change on Linux it seems
<jpoiret>I'll have to reread the gc-roots code more closely
<cnx>thanks, next4th, is it supposed to work after that patch (doesn't for me)?
<cnx>thanks, jpoiret
<cnx>ah false alarm, i needed to clear the cache
<cnx>many thanks, next4th
<next4th>cnx: yes, cool
<next4th>cnx: don't forget send patches to the list :^)
<cnx>how will i refer to you in the patch?
<cnx>i mean as coauthor
<next4th>Co-authored-by: 宋文武 <>
<next4th>leave it is fine, i can add myself lol
<janneke>jpoiret: on the hurd, builds are not containerized yet, of course
<jpoiret>I don't even understand for a single second how /profiles itself, a directory, could be in the gc roots
<jpoiret>gc-roots's implementation shouldn't let that happen at all.
<jpoiret>I even wonder how it previously used to work
<jpoiret>aha, right, that's because it's also registered under /var/guix/gcroots/profiles -> /var/guix/profiles
<jpoiret>so there's a gc roots implementation both in the daemon and in Guile
<jpoiret>can't wait to find out how the choice of language impacts the implementations :)
<unmatched-paren>seems like our gobject-introspection's .pc files specify a dependency on a version of glib newer than what we have
<unmatched-paren>they specify glib >= 3.73.1, but we only have 2.72.3
<unmatched-paren>a bit odd that that's never been caught; i'd imagine there to be some package somewhere whose build process uses pkg-config with GO
<apteryx>is someone using GnuPG subkeys to sign their Guix commits here?
<jpoiret>I think I am
<apteryx>do you keep the master key on cold storage for security purposes?
<apteryx>I'm trying to understand what the 'authenticate' usage means
<jpoiret>I just did that so that I could revoke my keys independently I guess, also to use an authentication key for ssh
<apteryx>I guess it means signing someone else's key
<jpoiret>no I think authenticate is for logins, that's what I use for ssh
<apteryx>OK. Since I renewed a forgetten subkey of mine, it's used instead of my master key to sign my commits, breaking 'make authenticate'
<jpoiret>janneke: do you know if Hurd tends to re-use PIDs?
<apteryx>I wonder if I should keep it and update the my keygrip on the keyring branch
<jpoiret>there might be some left-over state from previous tests that didn't get cached
<unmatched-paren>ah, we have a slightly older version of GO
<jpoiret>janneke: sent the notes of my investigation to the ML, nothing too conclusive
<podiki[m]>apteryx: i use subkeys yes
<graywolf>Is (gnu system):boot-parameters something that requires deprecation period on renaming a field? Or can I take the easy way out and just rename it? While the accessor is a public symbol, I am not sure if there is a reason for people to use it.
<apteryx>podiki[m]: do you use these in combination with a yubikey?
<podiki[m]>subkeys all via yubikey, master private key on separate storage
<apteryx>sounds safe
<podiki[m]>apteryx: is what I followed
<apteryx>one subkey per usage? e.g. one for signing, one for encrypting, etc?
<podiki[m]>so to renew keys I boot into an offline live system and do the key renewal
<podiki[m]>sign, encrypt, authentication I believe
<apteryx>OK. I'll look into it a bit later today, I'll probably have questions :-)
<podiki[m]>all through usual gpg-agent, and then pass for passwords (which is just gpg too)
<podiki[m]>sure, happy to help
<apteryx>and then in the .guix-authorizations file in Guix, you need to put the fingerprint of the signing subkey?
<podiki[m]>as we all learned the hard way before :-P
<jpoiret>i might have to do that as well 🤔
<podiki[m]>the guide I linked is my go to and how i set up as well
<podiki[m]>so once yubikey is unlocked it is just a touch needed to do a git signing, etc., nothing stored locally
<apteryx>pretty neat
<jpoiret>do you use the 15 second touch time-out?
<podiki[m]>i'm not sure what my timeout is, probably whatever the default is? and I require touch for the authentication codes too (you can set per code)
<podiki[m]>i know gpg and all that is very confusing, but I also find it pretty fun to set up and use
<jpoiret>my setup is pretty similar except I don't have anything special for the master key
<podiki[m]>the key stays unlocked as long as it is still plugged in, but if I was using a laptop more I might set that to time out (so even if you leave it plugged in and unattended, it will need the passcode to unlock)
<podiki[m]>i don't have any particular threat models in mind, just what i read as reasonable and not too burdensome; plenty of spare usb keys around to encrypt one for the master key
<apteryx>podiki[m]: the passcode is a yubikey thing?
<apteryx>not a GPG passphrase on the key itself?
<podiki[m]>yubikey: you can set a pin (password) to unlock the key
<podiki[m]>i think it is just the same as a gpg smartcard pin? (i use my yubikey as a smartcard since it is my gpg keys)
<podiki[m]>ah it is set through gpg though, so it is a standard gpg thing but used on the hardware to unlock
<podiki[m]>(but yes, different than a passphrase on a key itself if I understand)
<apteryx>I have no experience with 'gpg smartcards', so it's foreign to me :-)
<mwette>gpg on yubikey:
<mwette>The private key file on your file system uses a pointer to the card.
<jlicht>hey guix!
<d00s>greetings :-)
<RavenJoad>Is there a problem building TeX Live font manps right now? I am on 3bb3fddb5.
<d00s>I had some issues with it about a week ago. Go check out the install logs (somewhere in '/var/log/guix/drvs') - the installed should have listed the specific location
<d00s>I believe it was a package conflict, and just uninstalling one permitted it to proceed
<RavenJoad>d00s: This is for a guix home reconfigure, so there shouldn't be a package conflict. The error is The following map file(s) couldn't be found: and; did you run mktexlsr?"
<michal_atlas>If it's what I think it is, there was a debate on the mailing list, also including `texlive-scheme-basic` in the profile fixed it for me, even though I'm not sure how that should work.
<RavenJoad>Ok. I have texlive (the big one) in the package list. I will try adding that to see if it works. Is it a requirement now though?
<RavenJoad>Yeah, that fixed it.
<RavenJoad>So my question now is, which scheme gets me everything? Including LuaLaTeX, XeLaTeX, ConTeXt, etc.
<RavenJoad>For a user-level install of texlive, I am comfortable having everything there, with individual projects getting the more minimal schemes on an as-needed basis.
<ekaitz>unmatched-paren: thanks for the review in the hare patch. I needed help to do it and decided to upload just in case and you gave me the feedback I needed. Thanks
<ekaitz>unmatched-paren: also if I can exploit you a little bit more, can you take a look to #60889 please, por favor, mesedez :)
<Hmmf>Hello. I wanted to know how do you guys handle secret in guix?
<the_tubular>Badly :(
<the_tubular>I think that's what guix needs the most IMO
<Hmmf>ok that's what I thought. Thanks a lot.
<trevdev[m]>I've been watching a fair bit of Tropin's vids and he uses gpg/direnv for secrets. It works.
<trevdev[m]>I agree, Guix could use a more complete shell utility
<the_tubular>Can you clarify the setup a bit ?
<the_tubular>it uses gpg to decrypt secrets stored in env variable ?
<Hmmf>yeah I am curious too. When i search for Tropin I only find a singer :D
<the_tubular>This guy
<the_tubular>Hmmf a lot is under Livestreams
<Hmmf>yes that looks really interesting. Plus I did not know about invidious. It's kinda life changing…
<the_tubular>Yeah, I override my DNS to redirect to that instance.
<nckx>With a local HTTP redirect?
<zacchae[m]>TIL packages sometimes put VERY useful things in ~/guix-profile/etc, like a working configuration file