From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mathieu Lirzin Subject: bug#25831: Expose http_proxy setting on GuixSD Date: Wed, 22 Feb 2017 21:15:12 +0100 Message-ID: <8737f60ypb.fsf@gnu.org> References: <20170221171912.GB1656@jasmine> <87efyrwgrk.fsf@gnu.org> <20170221202654.GA16281@jasmine> <87r32qv9ho.fsf@gnu.org> <20170222192223.GA26356@jasmine> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:56741) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cgdKV-0001IQ-Ob for bug-guix@gnu.org; Wed, 22 Feb 2017 15:16:04 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cgdKU-0008D8-HO for bug-guix@gnu.org; Wed, 22 Feb 2017 15:16:03 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:53409) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cgdKU-0008D4-DL for bug-guix@gnu.org; Wed, 22 Feb 2017 15:16:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1cgdKU-00024X-7k for bug-guix@gnu.org; Wed, 22 Feb 2017 15:16:02 -0500 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <20170222192223.GA26356@jasmine> (Leo Famulari's message of "Wed, 22 Feb 2017 14:22:23 -0500") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Leo Famulari Cc: 25831@debbugs.gnu.org Leo Famulari writes: > On Wed, Feb 22, 2017 at 10:51:47AM +0100, Mathieu Lirzin wrote: >> I don't know much about HTTP proxying but when reading >> 'in-band-download' in "guix/download.scm" I see a line like this: >>=20 >> #:leaked-env-vars '("http_proxy" "https_proxy") >>=20 >> which makes me think that maybe we should add an https_proxy toggle in >> 'guix-configuration' too? >>=20 >> However I see that 'open-connection-for-uri' in "guix/download.scm" >> ignores "https_proxy" with a comment from 2015: >>=20 >> ;; For HTTPS URIs, honor 'https_proxy', not 'http_proxy'. >> ;; FIXME: Proxying is not supported for https. > > That's from 'guix/build/download.scm'. Oops sorry about that. >> Do you have any idea if this could be easily fixed? > > I don't know. I guess that it would be required to have a TLS client > (gnutls-guile) and a certificate store available, but I'm not sure how > to implement it, or what exactly is missing. OK, hopefully Ludo will be able to bring more context about the code he wrote. >> I think it would be more readable like this: >>=20 >> #$@(if http-proxy >> (list (string-append "http_proxy=3D" http-proxy)) >> '()) > > I think this form of the conditional is a little easier to read than the > other one, so I've used it in my updated patch, which is attached. > > From ae8fd98c4a8f985ba835bfeab7f008c594508b2d Mon Sep 17 00:00:00 2001 > From: Leo Famulari > Date: Tue, 21 Feb 2017 14:57:02 -0500 > Subject: [PATCH] services: guix: Support using an HTTP proxy. > > * gnu/services/base.scm ()[http-proxy]: New field. > (guix-shepherd-service): Use 'http-proxy' in #:environment-variables. > * doc/guix.texi (Base Services)[guix-configuration]: Document it. > --- > doc/guix.texi | 4 ++++ > gnu/services/base.scm | 13 +++++++++---- > 2 files changed, 13 insertions(+), 4 deletions(-) > > diff --git a/doc/guix.texi b/doc/guix.texi > index 6cdb5e592..19a31c659 100644 > --- a/doc/guix.texi > +++ b/doc/guix.texi > @@ -8611,6 +8611,10 @@ are written. > @item @code{lsof} (default: @var{lsof}) > The lsof package to use. >=20=20 > +@item @code{http-proxy} (default: @code{#f}) > +The HTTP proxy used for downloading fixed-output derivations and > +substitutes. > + > @end table > @end deftp >=20=20 > diff --git a/gnu/services/base.scm b/gnu/services/base.scm > index 57601eab8..20eb19930 100644 > --- a/gnu/services/base.scm > +++ b/gnu/services/base.scm > @@ -3,7 +3,7 @@ > ;;; Copyright =C2=A9 2015, 2016 Alex Kost > ;;; Copyright =C2=A9 2015, 2016 Mark H Weaver > ;;; Copyright =C2=A9 2015 Sou Bunnbu > -;;; Copyright =C2=A9 2016 Leo Famulari > +;;; Copyright =C2=A9 2016, 2017 Leo Famulari > ;;; Copyright =C2=A9 2016 David Craven > ;;; Copyright =C2=A9 2016 Ricardo Wurmus > ;;; > @@ -1114,7 +1114,9 @@ failed to register hydra.gnu.org public key: ~a~%" = status)))))))) > (log-file guix-configuration-log-file ;string > (default "/var/log/guix-daemon.log")) > (lsof guix-configuration-lsof ; > - (default lsof))) > + (default lsof)) > + (http-proxy guix-http-proxy ;string | #f > + (default #f))) >=20=20 > (define %default-guix-configuration > (guix-configuration)) > @@ -1125,7 +1127,7 @@ failed to register hydra.gnu.org public key: ~a~%" = status)))))))) > (($ guix build-group build-accounts > authorize-key? keys > use-substitutes? substitute-urls extra-opti= ons > - log-file lsof) > + log-file lsof http-proxy) > (list (shepherd-service > (documentation "Run the Guix daemon.") > (provision '(guix-daemon)) > @@ -1142,7 +1144,10 @@ failed to register hydra.gnu.org public key: ~a~%"= status)))))))) >=20=20 > ;; Add 'lsof' (for the GC) to the daemon's $PATH. > #:environment-variables > - (list (string-append "PATH=3D" #$lsof "/bin")) > + (list (string-append "PATH=3D" #$lsof "/bin") > + #$@(if http-proxy > + (list (string-append "http_proxy=3D" http-pro= xy)) > + '())) ^^ missin two spaces in THEN and ELSE part ;) > #:log-file #$log-file)) > (stop #~(make-kill-destructor))))))) Otherwise, LGTM. Thanks. --=20 Mathieu Lirzin GPG: F2A3 8D7E EB2B 6640 5761 070D 0ADE E100 9460 4D37