From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: bug#25831: Expose http_proxy setting on GuixSD Date: Wed, 22 Feb 2017 14:22:23 -0500 Message-ID: <20170222192223.GA26356@jasmine> References: <20170221171912.GB1656@jasmine> <87efyrwgrk.fsf@gnu.org> <20170221202654.GA16281@jasmine> <87r32qv9ho.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="cNdxnHkX5QqsyA0e" Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:43088) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cgcVE-00047k-Vu for bug-guix@gnu.org; Wed, 22 Feb 2017 14:23:06 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cgcVB-0002vK-Rv for bug-guix@gnu.org; Wed, 22 Feb 2017 14:23:05 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:53345) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cgcVB-0002vG-O7 for bug-guix@gnu.org; Wed, 22 Feb 2017 14:23:01 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1cgcVB-0000pT-JB for bug-guix@gnu.org; Wed, 22 Feb 2017 14:23:01 -0500 Sender: "Debbugs-submit" Resent-Message-ID: Content-Disposition: inline In-Reply-To: <87r32qv9ho.fsf@gnu.org> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Mathieu Lirzin Cc: 25831@debbugs.gnu.org --cNdxnHkX5QqsyA0e Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Feb 22, 2017 at 10:51:47AM +0100, Mathieu Lirzin wrote: > I don't know much about HTTP proxying but when reading > 'in-band-download' in "guix/download.scm" I see a line like this: > > #:leaked-env-vars '("http_proxy" "https_proxy") > > which makes me think that maybe we should add an https_proxy toggle in > 'guix-configuration' too? > > However I see that 'open-connection-for-uri' in "guix/download.scm" > ignores "https_proxy" with a comment from 2015: > > ;; For HTTPS URIs, honor 'https_proxy', not 'http_proxy'. > ;; FIXME: Proxying is not supported for https. That's from 'guix/build/download.scm'. > Do you have any idea if this could be easily fixed? I don't know. I guess that it would be required to have a TLS client (gnutls-guile) and a certificate store available, but I'm not sure how to implement it, or what exactly is missing. > I think it would be more readable like this: > > #$@(if http-proxy > (list (string-append "http_proxy=" http-proxy)) > '()) I think this form of the conditional is a little easier to read than the other one, so I've used it in my updated patch, which is attached. --cNdxnHkX5QqsyA0e Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: attachment; filename="0001-services-guix-Support-using-an-HTTP-proxy.patch" Content-Transfer-Encoding: 8bit >From ae8fd98c4a8f985ba835bfeab7f008c594508b2d Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 21 Feb 2017 14:57:02 -0500 Subject: [PATCH] services: guix: Support using an HTTP proxy. * gnu/services/base.scm ()[http-proxy]: New field. (guix-shepherd-service): Use 'http-proxy' in #:environment-variables. * doc/guix.texi (Base Services)[guix-configuration]: Document it. --- doc/guix.texi | 4 ++++ gnu/services/base.scm | 13 +++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 6cdb5e592..19a31c659 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -8611,6 +8611,10 @@ are written. @item @code{lsof} (default: @var{lsof}) The lsof package to use. +@item @code{http-proxy} (default: @code{#f}) +The HTTP proxy used for downloading fixed-output derivations and +substitutes. + @end table @end deftp diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 57601eab8..20eb19930 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -3,7 +3,7 @@ ;;; Copyright © 2015, 2016 Alex Kost ;;; Copyright © 2015, 2016 Mark H Weaver ;;; Copyright © 2015 Sou Bunnbu -;;; Copyright © 2016 Leo Famulari +;;; Copyright © 2016, 2017 Leo Famulari ;;; Copyright © 2016 David Craven ;;; Copyright © 2016 Ricardo Wurmus ;;; @@ -1114,7 +1114,9 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) (log-file guix-configuration-log-file ;string (default "/var/log/guix-daemon.log")) (lsof guix-configuration-lsof ; - (default lsof))) + (default lsof)) + (http-proxy guix-http-proxy ;string | #f + (default #f))) (define %default-guix-configuration (guix-configuration)) @@ -1125,7 +1127,7 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) (($ guix build-group build-accounts authorize-key? keys use-substitutes? substitute-urls extra-options - log-file lsof) + log-file lsof http-proxy) (list (shepherd-service (documentation "Run the Guix daemon.") (provision '(guix-daemon)) @@ -1142,7 +1144,10 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) ;; Add 'lsof' (for the GC) to the daemon's $PATH. #:environment-variables - (list (string-append "PATH=" #$lsof "/bin")) + (list (string-append "PATH=" #$lsof "/bin") + #$@(if http-proxy + (list (string-append "http_proxy=" http-proxy)) + '())) #:log-file #$log-file)) (stop #~(make-kill-destructor))))))) -- 2.11.1 --cNdxnHkX5QqsyA0e--