aboutsummaryrefslogtreecommitdiff
-*- mode: org -*-

This is [[https://koszko.org/koszko.html][Wojtek]]'s Guix fork.  It serves as a home for personal modifications
and additions that for some reason aren't in upstream Guix.  These may include
package and service definitions, as well as changes to Guix itself.  You're
free to clone this repository and use it for your own needs.  But if you
choose to do so, please be ready to deal with some peculiarities.

- The tip this repository is intended to be frequently rebased on top of
  upstream Guix so expect ~git pull~ to complain.
- As a result of the rebasing approach, the ~--allow-downgrades~ flag has to
  be used when running ~guix pull~ or ~guix (system|home) reconfigure~.
- As another result of the rebasing approach, there's no PGP authorization (it
  would not be possible to provide it reliably).  The =.guix-authorizations=
  file is removed by one of the tip commits to remove the warning from ~guix
  pull~.
- If you don't know what all this means, this is probably not for you.  Try
  [[https://guix.gnu.org/][upstream Guix]] instead :)

Feel free to look into the ~koszko-scripts~ branch to see the scripts I am
using to maintain this thing.  Note they might prove pretty useless to you.

Wojtek's copyright to his changes to Guix is waived using [[https://creativecommons.org/publicdomain/zero/1.0/legalcode.en][CC0-1.0]].


* The original README introduction

[[https://www.gnu.org/software/guix/][GNU Guix]] (IPA: /ɡiːks/) is a purely functional package manager, and
associated free software distribution, for the [[https://www.gnu.org/gnu/gnu.html][GNU system]].  In addition
to standard package management features, Guix supports transactional
upgrades and roll-backs, unprivileged package management, per-user
profiles, and garbage collection.

It provides [[https://www.gnu.org/software/guile/][Guile]] Scheme APIs, including a high-level embedded
domain-specific languages (EDSLs) to describe how packages are to be
built and composed.

GNU Guix can be used on top of an already-installed GNU/Linux distribution, or
it can be used standalone (we call that “Guix System”).

Guix is based on the [[https://nixos.org/nix/][Nix]] package manager.


* Requirements

If you are building Guix from source, please see the manual for build
instructions and requirements, either by running:

  info -f doc/guix.info "Requirements"

or by checking the [[https://guix.gnu.org/manual/en/html_node/Requirements.html][web copy of the manual]].

* Installation

See the manual for the installation instructions, either by running

  info -f doc/guix.info "Installation"

or by checking the [[https://guix.gnu.org/manual/en/html_node/Installation.html][web copy of the manual]].

* Building from Git

For information on building Guix from a Git checkout, please see the relevant
section in the manual, either by running

  info -f doc/guix.info "Building from Git"

or by checking the [[https://guix.gnu.org/manual/en/html_node/Building-from-Git.html][web_copy of the manual]].

* How It Works

Guix does the high-level preparation of a /derivation/.  A derivation is
the promise of a build; it is stored as a text file under
=/gnu/store/xxx.drv=.  The (guix derivations) module provides the
`derivation' primitive, as well as higher-level wrappers such as
`build-expression->derivation'.

Guix does remote procedure calls (RPCs) to the build daemon (the =guix-daemon=
command), which in turn performs builds and accesses to the store on its
behalf.  The RPCs are implemented in the (guix store) module.

* Contact

GNU Guix is hosted at https://savannah.gnu.org/projects/guix/.

Please email <help-guix@gnu.org> for questions and <bug-guix@gnu.org> for bug
reports; email <gnu-system-discuss@gnu.org> for general issues regarding the
GNU system.

Join #guix on irc.libera.chat.

* Guix & Nix

GNU Guix is based on [[https://nixos.org/nix/][the Nix package manager]].  It implements the same
package deployment paradigm, and in fact it reuses some of its code.
Yet, different engineering decisions were made for Guix, as described
below.

Nix is really two things: a package build tool, implemented by a library
and daemon, and a special-purpose programming language.  GNU Guix relies
on the former, but uses Scheme as a replacement for the latter.

Using Scheme instead of a specific language allows us to get all the
features and tooling that come with Guile (compiler, debugger, REPL,
Unicode, libraries, etc.)  And it means that we have a general-purpose
language, on top of which we can have embedded domain-specific languages
(EDSLs), such as the one used to define packages.  This broadens what
can be done in package recipes themselves, and what can be done around them.

Technically, Guix makes remote procedure calls to the ‘nix-worker’
daemon to perform operations on the store.  At the lowest level, Nix
“derivations” represent promises of a build, stored in ‘.drv’ files in
the store.  Guix produces such derivations, which are then interpreted
by the daemon to perform the build.  Thus, Guix derivations can use
derivations produced by Nix (and vice versa).

With Nix and the [[https://nixos.org/nixpkgs][Nixpkgs]] distribution, package composition happens at
the Nix language level, but builders are usually written in Bash.
Conversely, Guix encourages the use of Scheme for both package
composition and builders.  Likewise, the core functionality of Nix is
written in C++ and Perl; Guix relies on some of the original C++ code,
but exposes all the API as Scheme.

* Related software

  - [[https://nixos.org][Nix, Nixpkgs, and NixOS]], functional package manager and associated
    software distribution, are the inspiration of Guix
  - [[https://www.gnu.org/software/stow/][GNU Stow]] builds around the idea of one directory per prefix, and a
    symlink tree to create user environments
  - [[https://www.pvv.ntnu.no/~arnej/store/storedoc_6.html][STORE]] shares the same idea
  - [[https://live.gnome.org/OSTree/][GNOME's OSTree]] allows bootable system images to be built from a
    specified set of packages
  - The [[https://www.gnu.org/s/gsrc/][GNU Source Release Collection]] (GSRC) is a user-land software
    distribution; unlike Guix, it relies on core tools available on the
    host system
generated by cgit
achine/ssh.scm (not-config?): New procedure. (machine-boot-parameters): Use it as an argument to 'source-module-closure'. Ludovic Courtès 2020-12-21system: Allow separated /boot and encrypted root....* gnu/bootloader/grub.scm (grub-configuration-file): New parameter store-crypto-devices. [crypto-devices]: New helper function. [builder]: Use crypto-devices. * gnu/machine/ssh.scm (roll-back-managed-host): Use boot-parameters-store-crypto-devices to provide its contents to the bootloader configuration generation process. * gnu/tests/install.scm (%encrypted-root-not-boot-os, %encrypted-root-not-boot-os): New os declaration. (%encrypted-root-not-boot-installation-script): New script, whose contents were initially taken from %encrypted-root-installation-script. (%test-encrypted-root-not-boot-os): New test. * gnu/system.scm (define-module): Export operating-system-bootoader-crypto-devices and boot-parameters-store-crypto-devices. (<boot-parameters>): Add field store-crypto-devices. (read-boot-parameters): Parse store-crypto-devices field. [uuid-sexp->uuid]: New helper function extracted from device-sexp->device. (operating-system-bootloader-crypto-devices): New function. (operating-system-bootcfg): Use operating-system-bootloader-crypto-devices to provide its contents to the bootloader configuration generation process. (operating-system-boot-parameters): Add store-crypto-devices to the generated boot-parameters. (operating-system-boot-parameters-file): Likewise to the file with the serialized structure. * guix/scripts/system.scm (reinstall-bootloader): Use boot-parameters-store-crypto-devices to provide its contents to the bootloader configuration generation process. * tests/boot-parameters.scm (%default-store-crypto-devices): New variable. (%grub-boot-parameters, test-read-boot-parameters): Use %default-store-crypto-devices. (tests store-crypto-devices): New tests. Miguel Ángel Arruga Vivas 2020-11-09machine: ssh: Do not import the host (guix config)....* gnu/machine/ssh.scm (machine-boot-parameters): Use 'make-config.scm' for (guix config). Ludovic Courtès 2020-11-01system: Add store-directory-prefix to boot-parameters....Fixes <http://issues.guix.gnu.org/44196> * gnu/machine/ssh.scm (roll-back-managed-host): Use boot-parameters-store-directory-prefix. * gnu/system.scm (define-module): Export boot-parameters-store-directory-prefix. (<boot-parameters>)[store-directory-prefix]: New field. It is used to generate the correct paths when /gnu/store is installed on a btrfs subvolume whose name doesn't match the final runtime path, as the bootloader doesn't have knowledge about the final mounting points. [boot-parameters-store-directory-prefix]: New accessor. (read-boot-parameters): Read directory-prefix from store field. (operating-system-boot-parameters-file): Add directory-prefix to store field. * guix/scripts/system.scm (reinstall-bootloader): Use boot-parameters-store-directory-prefix. * test/boot-parameters.scm (%default-btrfs-subvolume, %default-store-directory-prefix): New variables. (%grub-boot-parameters): Use %default-store-directory-prefix. (%default-operating-system): Use %default-btrfs-subvolume. (test-boot-parameters): Add directory-prefix. (test optional fields): Add test for directory-prefix. (test os store-directory-prefix): New test. Miguel Ángel Arruga Vivas 2020-10-18system: Provide locale information to the bootloader....* gnu/machine/ssh.scm (roll-back-managed-host): Use locale information from boot-parameters. * gnu/system.scm (operating-system-bootcfg): Provide locale information to the bootloader. * guix/system/script.scm (reinstall-bootloader): Use locale information from boot-parameters. Miguel Ángel Arruga Vivas 2020-09-07linux-boot: Handle nfs-root device strings....* gnu/build/linux-boot.scm (device-string->file-system-device): Support nfs-root "device" strings. * gnu/build/file-systems.scm (canonicalize-device-spec): Support nfs-root "device" strings. * gnu/machine/ssh.scm (machine-check-file-system-availability): Avoid checking of NFS file systems. * gnu/system.scm (read-boot-parameters, device-sexp->device): Support nfs-root "device" strings. Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org> Stefan 2020-08-25Remove "guile-zlib" extension when unused....This is a follow-up of 755f365b02b42a5d1e8ef3000dadef069553a478. As (zlib) is autoloaded in (gnu build linux-modules), "guile-zlib" is needed as an extension only when it is effectively used. * gnu/installer.scm (installer-program): Remove "guile-zlib" from the extensions. * gnu/machine/ssh.scm (machine-check-initrd-modules): Ditto. * gnu/services.scm (activation-script): Ditto. * gnu/services/base.scm (default-serial-port): Ditto, (agetty-shepherd-service): ditto, (udev-service-type): ditto. * gnu/system/image.scm (gcrypt-sqlite3&co): Ditto. * gnu/system/shadow.scm (account-shepherd-service): Ditto. Mathieu Othacehe 2020-08-25linux-libre: Support module compression....This commit adds support for GZIP compression for linux-libre kernel modules. The initrd modules are kept uncompressed as the initrd is already compressed as a whole. The linux-libre kernel also supports XZ compression, but as Guix does not have any available bindings for now, and the compression time is far more significant, GZIP seems to be a better option. * gnu/build/linux-modules.scm (modinfo-section-contents): Use 'call-with-gzip-input-port' to read from a module file using '.gz' extension, (strip-extension): new procedure, (dot-ko): adapt to support compression, (ensure-dot-ko): ditto, (file-name->module-name): ditto, (find-module-file): ditto, (load-linux-module*): ditto, (module-name->file-name/guess): ditto, (module-name-lookup): ditto, (write-module-name-database): ditto, (write-module-alias-database): ditto, (write-module-device-database): ditto. * gnu/installer.scm (installer-program): Add "guile-zlib" to the extensions. * gnu/machine/ssh.scm (machine-check-initrd-modules): Ditto. * gnu/services.scm (activation-script): Ditto. * gnu/services/base.scm (default-serial-port): Ditto, (agetty-shepherd-service): ditto, (udev-service-type): ditto. * gnu/system/image.scm (gcrypt-sqlite3&co): Ditto. * gnu/system/linux-initrd.scm (flat-linux-module-directory): Add "guile-zlib" to the extensions and make sure that the initrd only contains uncompressed module files. * gnu/system/shadow.scm (account-shepherd-service): Add "guile-zlib" to the extensions. * guix/profiles.scm (linux-module-database): Ditto. Mathieu Othacehe 2020-07-27machine: ssh: Check for potential system downgrades....This is a followup to 8e31736b0a60919cc1bfc5dc22c395b09243484a. * guix/scripts/system/reconfigure.scm (check-forward-update): Add #:current-channels. Use it instead of OLD. * gnu/services.scm (sexp->system-provenance): New procedure. (system-provenance): Use it. * gnu/machine/ssh.scm (<machine-ssh-configuration>)[allow-downgrades?]: New field. (machine-check-forward-update): New procedure. (check-deployment-sanity)[assertions]: Call it. * doc/guix.texi (Invoking guix deploy): Document 'allow-downgrades?' field. Ludovic Courtès 2020-07-25Use 'formatted-message' instead of '&message' where appropriate....* gnu.scm (%try-use-modules): Use 'formatted-message' instead of '&message'. * gnu/machine/digital-ocean.scm (maybe-raise-unsupported-configuration-error): Likewise. * gnu/machine/ssh.scm (machine-check-file-system-availability): Likewise. (machine-check-building-for-appropriate-system): Likewise. (deploy-managed-host): Likewise. (maybe-raise-unsupported-configuration-error): Likewise. * gnu/packages.scm (search-patch): Likewise. * gnu/services.scm (%service-with-default-value): Likewise. (files->etc-directory): Likewise. (fold-services): Likewise. * gnu/system.scm (locale-name->definition*): Likewise. * gnu/system/mapped-devices.scm (check-device-initrd-modules): Likewise. (check-luks-device): Likewise. * guix/channels.scm (latest-channel-instance): Likewise. * guix/cve.scm (json->cve-items): Likewise. * guix/git-authenticate.scm (commit-signing-key): Likewise. (commit-authorized-keys): Likewise. (authenticate-commit): Likewise. (verify-introductory-commit): Likewise. * guix/remote.scm (remote-pipe-for-gexp): Likewise. * guix/scripts/graph.scm (assert-package): Likewise. * guix/scripts/offload.scm (private-key-from-file*): Likewise. * guix/ssh.scm (authenticate-server*): Likewise. (open-ssh-session): Likewise. (remote-inferior): Likewise. * guix/ui.scm (matching-generations): Likewise. * guix/upstream.scm (package-update): Likewise. * tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"): Catch 'formatted-message?'. ("authenticate-channel, wrong first commit signer"): Likewise. * tests/lint.scm ("patches: not found"): Adjust message string. * tests/packages.scm ("patch not found yields a run-time error"): Catch 'formatted-message?'. * guix/lint.scm (check-patch-file-names): Handle 'formatted-message?'. (check-derivation): Ditto. Ludovic Courtès 2020-06-28Add more missing (ice-9 format) imports....* gnu/machine/ssh.scm: Import (ice-9 format). * guix/scripts/graph.scm: Likewise. * guix/scripts/system/search.scm: Likewise. * guix/remote.scm: Likewise. Marius Bakke 2020-06-18machine: ssh: Fix guix deploy hang when using non-DCE UUIDs....Fixes <https://issues.guix.gnu.org/issue/41237>. The UUID type information was lost when passing to the lower gexp code strata, which led to not being able to recreate the UUID in the generated script. This occurred for non-DCE type UUIDs such as that of a FAT file system. A following commit will prevent the find-partition-by-uuid procedure from entering a loop when its UUID argument is invalid. Reported-by: Brice Waegeneire <brice@waegenei.re> * gnu/machine/ssh.scm (machine-check-file-system-availability): Replace the STRING->UUID procedure by the UUID macro, and provide the UUID type as its second argument. Maxim Cournoyer 2020-03-23machine: ssh: Better report missing initrd modules....* gnu/machine/ssh.scm (machine-check-initrd-modules): Improve message upon module mismatch. Ludovic Courtès 2020-03-23machine: ssh: Make sanity checks in a single round trip....* gnu/machine/ssh.scm (<remote-assertion>): New record type. (remote-let): New macro. (machine-check-file-system-availability): Rewrite to use 'remote-let' instead of 'mlet' and 'machine-remote-eval'. (machine-check-initrd-modules): Likewise. (machine-check-building-for-appropriate-system): Make non-monadic. (check-deployment-sanity): Rewrite to gather all the assertions as a single gexp and pass it to 'machine-remote-eval'. Ludovic Courtès