From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id cJuiC4D3pGIkiAAAbAwnHQ (envelope-from ) for ; Sat, 11 Jun 2022 22:13:52 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id NoqpC4D3pGL9PQAA9RJhRA (envelope-from ) for ; Sat, 11 Jun 2022 22:13:52 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id CC52F2E00D for ; Sat, 11 Jun 2022 22:13:51 +0200 (CEST) Received: from localhost ([::1]:46372 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1o07UV-0001R3-1b for larch@yhetil.org; Sat, 11 Jun 2022 16:13:51 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34400) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1o07UJ-0001PV-GO for guix-devel@gnu.org; Sat, 11 Jun 2022 16:13:39 -0400 Received: from mx1.dismail.de ([78.46.223.134]:8081) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1o07UH-0006bi-2a for guix-devel@gnu.org; Sat, 11 Jun 2022 16:13:39 -0400 Received: from mx1.dismail.de (localhost [127.0.0.1]) by mx1.dismail.de (OpenSMTPD) with ESMTP id 5714775d; Sat, 11 Jun 2022 22:13:33 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=dismail.de; h= mime-version:date:content-type:content-transfer-encoding:from :message-id:subject:to:in-reply-to:references; s=20190914; bh=+0 IR91TCYwupx7VIcTWCUd+LoqHThVrw5YlVCBvN4EM=; b=ESx2jmqwXkv5MC9tMG 1pmkVNV4FQCLeCc1keMuF3UOc2dXnEntAebMbsy3l7sHYUH4wySKlucVpOLUS1te R/nDAHEnWBuJBFgI+O4kClWUfQbmCS83kAA6/BW1OGDhsI5LJW8GNXBh2M70Ly+l e8v2pTZ+NyMZINIjlhuHpxYmaTafTLX8lgDlGtzxek8UovoKKRx/Df+PRrw+3eOa rB/10tHDnK4PU61NLnPDVEvWNVhdpxeboMBlWxS+1SwUp4lGoq9nj3ZOXPwnEMfx YQYRbmEA5UBox2UqKJkUsdD7ESrY1dsLFKmDWDscGM2uoffvUQKexUax4FlNbn+4 BanA== Received: from smtp2.dismail.de ( [10.240.26.12]) by mx1.dismail.de (OpenSMTPD) with ESMTP id 26778822; Sat, 11 Jun 2022 22:13:33 +0200 (CEST) Received: from smtp2.dismail.de (localhost [127.0.0.1]) by smtp2.dismail.de (OpenSMTPD) with ESMTP id a4cc9ab1; Sat, 11 Jun 2022 22:13:32 +0200 (CEST) Received: by dismail.de (OpenSMTPD) with ESMTPSA id d54fcb32 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO); Sat, 11 Jun 2022 22:13:31 +0200 (CEST) MIME-Version: 1.0 Date: Sat, 11 Jun 2022 20:13:30 +0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Mailer: RainLoop/1.16.0a From: jbranso@dismail.de Message-ID: <19713f46b29fe34dd5c4f86d9634dec2@dismail.de> Subject: Re: U.S. Midwest based build farm To: "Maxime Devos" , guix-devel@gnu.org In-Reply-To: <1c9065963fe7fed97613bc641e40d5f082c60e9b.camel@telenet.be> References: <1c9065963fe7fed97613bc641e40d5f082c60e9b.camel@telenet.be> <6ed41abd5d3bfa35c699ee65f009dbb8@dismail.de> Received-SPF: pass client-ip=78.46.223.134; envelope-from=jbranso@dismail.de; helo=mx1.dismail.de X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1654978431; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=dribLpddH7nI6CTJsWfnbxf/5RzZf81Hv+KhH0ct9U8=; b=RMsA2g1GqzH2AWeWqbGo5K+Onu4QO1rEbIUrAi7HvTuGBRLXb1B4yBlDF8f3NGwiomUbcu YOXn3KnVeQrC6JyIK7sttoROgEhuehSxm1rj2X+BvCsrpXAd/lSFRAjxdUOOYA9EU2ZVHp 28xsoTgqOg+nSZBzWLVybLgJlNnW7SihQKSJDlfgP7jnQGB3snfGEBNPMlUhHt5Ym6tTef 5R9zAzp7NEUqWmbSFbTjrIDUoOvL4fsf8SEQnBnrjKa1r8YEXbcPuOxomRR4EcIJvVKeUX 9DFoV1hQNCosflOH8dx6NKcghZ1FnAbP/lmpJNI2qBZZ56ajzx1zNvlCy+EbDg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1654978431; a=rsa-sha256; cv=none; b=ltT/bN77dcoRR5Mvu4rjc/+xmMJ5ZHRYhQEasltGmcTuYb6cA94duQKmJo/xj5njPvsH47 l+0+nciC/EcTemwjbYc4sJPR8E74aKcDvzWSRBBI76SDV3f1WgiAMmA0nctLhYTHM+LlHR 8CeUr/aEH03XMLz0suacmb0TLHFeYHz1QuSmClCi1CYF//NwVaDsyCL8nyeIUrAzpqIQBV uJwsODW1RTXAp5rpKPCc8OjAS4iDI/4NdAmFdCKm248FNFwEm8TArQFHV7KR4B7wCzinCq OC32auqAMa++taubXlxMGNtQ/kqcJ+Qgt2nflPldXx9tZhmKEQaJZVPNOJRv1w== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=dismail.de header.s=20190914 header.b=ESx2jmqw; dmarc=pass (policy=reject) header.from=dismail.de; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -3.58 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=dismail.de header.s=20190914 header.b=ESx2jmqw; dmarc=pass (policy=reject) header.from=dismail.de; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: CC52F2E00D X-Spam-Score: -3.58 X-Migadu-Scanner: scn1.migadu.com X-TUID: WPt24+lnLgog June 11, 2022 4:00 PM, "Maxime Devos" wrote: > jbranso@dismail.de schreef op za 11-06-2022 om 16:06 [+0000]: >=20 >>=20What's good and/or bad about this idea? >=20 >=20A positive point: extra resources, could be useful for reproducibilit= y > testing, ...? That's actually a good idea. I could give limited ssh access to a few guix developers. Those guix developers could use my old and hopefully=20 more=20powerful machines to quickly compile software. Rust takes ages to compile... >=20 >=20A negative point: extra points through with malware can be introduced > (->compromises). Can be solved by reproducible builds and variation of > "guix challenge". Unfortunately, "guix challenge" is inherently racy. > "guix substitute" currently only checks that the narinfo has a _single_ > authorised signature, maybe it can be adjusted to allow the user to > ask: =E2=80=98only consider a substitute to be authorised if the same h= ash is > signed by N different authorised keys=E2=80=99? >=20 Thanks=20for the feedback. We could also use the machines as a mirror or an additional substitute server.=20=20 >=20Other points: ...? >=20 >=20Greetings, > Maxime.