From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id KLB5HPju2F4sEwAA0tVLHw (envelope-from ) for ; Thu, 04 Jun 2020 12:54:16 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id 8PFQGPju2F4NegAAB5/wlQ (envelope-from ) for ; Thu, 04 Jun 2020 12:54:16 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id D7CC9940276 for ; Thu, 4 Jun 2020 12:54:15 +0000 (UTC) Received: from localhost ([::1]:56598 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jgpNu-00032R-Rp for larch@yhetil.org; Thu, 04 Jun 2020 08:54:14 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:54984) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jgpNl-00030M-Db for guix-devel@gnu.org; Thu, 04 Jun 2020 08:54:05 -0400 Received: from relay5-d.mail.gandi.net ([217.70.183.197]:54845) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jgpNk-0004iB-Ci; Thu, 04 Jun 2020 08:54:05 -0400 Received: from webmail.gandi.net (webmail18.sd4.0x35.net [10.200.201.18]) (Authenticated sender: brice@waegenei.re) by relay5-d.mail.gandi.net (Postfix) with ESMTPA id 5CCEA1C0002; Thu, 4 Jun 2020 12:54:00 +0000 (UTC) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Date: Thu, 04 Jun 2020 12:54:00 +0000 From: Brice Waegeneire To: =?UTF-8?Q?Ludovic_Court=C3=A8s?= Subject: Re: [bug#41694] [PATCH] doc: cookbook: Add entry about getting substitutes through Tor. In-Reply-To: <87367baua7.fsf@gnu.org> References: <87blmmkx87.fsf@gnu.org> <20200603191249.29382-1-brice@waegenei.re> <87367baua7.fsf@gnu.org> Message-ID: <5b7e576318d73e89ba5a9cafb6861061@waegenei.re> X-Sender: brice@waegenei.re User-Agent: Roundcube Webmail/1.3.8 Received-SPF: pass client-ip=217.70.183.197; envelope-from=brice@waegenei.re; helo=relay5-d.mail.gandi.net X-detected-operating-system: by eggs.gnu.org: First seen = 2020/06/04 08:54:01 X-ACL-Warn: Detected OS = Linux 3.11 and newer X-Spam_score_int: -25 X-Spam_score: -2.6 X-Spam_bar: -- X-Spam_report: (-2.6 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=_AUTOLEARN X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: guix-devel@gnu.org, 41694-done@debbugs.gnu.org Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Spam-Score: -0.91 X-TUID: Q1qr8LZREGaG Hello, On 2020-06-04 12:29, Ludovic Courtès wrote: > Hi, > > Brice Waegeneire skribis: > >> * doc/guix-cookbook.texi (Getting substitutes from Tor): New section. > > Yay! > >> +@node Getting substitutes from Tor >> +@section Getting substitutes from Tor >> + >> +@quotation Warning >> +@emph{Not all} Guix daemon's traffic will go through Tor! Only >> +HTTP/HTTPS will get proxied; FTP, Git protocol, SSH, etc connections >> +will still go through the clearnet. Again, this configuration isn't >> +foolproof some of your traffic won't get routed by Tor at all. Use >> it >> +at your own risk. >> +@end quotation > > I would suggest adding a line of intro before the warning, otherwise we > see the warning before even knowing what the section is about. :-) > >> +Guix's substitute server is available as a hidden service, if you >> want > > I think official terminology these days is “Onion service”. > >> +to use it to get your substitutes from Tor configure your system as >> +follow: >> + >> +@lisp >> +(use-modules (gnu)) >> +(use-service-module base networking) >> + >> +(operating-system >> + … >> + (services >> + (cons >> + (service tor-service-type >> + (tor-configuration >> + (config-file (plain-file "tor-config" >> + "HTTPTunnelPort >> 127.0.0.1:9250")))) >> + (modify-services %base-services >> + (guix-service-type > ^^^^^^^^^^^^^ > Too many spaces here. > >> +@example >> +# herd set-http-proxy guix-daemon http://localhost:9250 >> +$ guix build --substitute-urls=https://bp7o7ckwlewr4slm.onion hello >> +@end example > > To make it copy/pastable, you can remove the prompt and write it as: > > sudo herd set-http-proxy … > guix build … > > Something along these lines LGTM. > > Thank you! > > Ludo’. Thank you for the review Ludovic. Pushed as c987b72382e739bf887849b02c533eda317ea52b with the 3 modifications you were requesting. - Brice