From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id qGSdBT7p2F4AAwAA0tVLHw (envelope-from ) for ; Thu, 04 Jun 2020 12:29:50 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id YOR4AT7p2F4qEwAA1q6Kng (envelope-from ) for ; Thu, 04 Jun 2020 12:29:50 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 96AC394014C for ; Thu, 4 Jun 2020 12:29:49 +0000 (UTC) Received: from localhost ([::1]:49112 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jgp0G-0001b6-Iy for larch@yhetil.org; Thu, 04 Jun 2020 08:29:48 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51312) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jgp07-0001aW-WB for guix-devel@gnu.org; Thu, 04 Jun 2020 08:29:40 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:59805) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jgp07-0007CT-67; Thu, 04 Jun 2020 08:29:39 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=45546 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1jgp06-000754-15; Thu, 04 Jun 2020 08:29:38 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Brice Waegeneire Subject: Re: [bug#41694] [PATCH] doc: cookbook: Add entry about getting substitutes through Tor. References: <87blmmkx87.fsf@gnu.org> <20200603191249.29382-1-brice@waegenei.re> Date: Thu, 04 Jun 2020 14:29:36 +0200 In-Reply-To: <20200603191249.29382-1-brice@waegenei.re> (Brice Waegeneire's message of "Wed, 3 Jun 2020 21:12:49 +0200") Message-ID: <87367baua7.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: guix-devel@gnu.org, 41694@debbugs.gnu.org Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Spam-Score: -0.91 X-TUID: 0DUMDxPR6WwU Hi, Brice Waegeneire skribis: > * doc/guix-cookbook.texi (Getting substitutes from Tor): New section. Yay! > +@node Getting substitutes from Tor > +@section Getting substitutes from Tor > + > +@quotation Warning > +@emph{Not all} Guix daemon's traffic will go through Tor! Only > +HTTP/HTTPS will get proxied; FTP, Git protocol, SSH, etc connections > +will still go through the clearnet. Again, this configuration isn't > +foolproof some of your traffic won't get routed by Tor at all. Use it > +at your own risk. > +@end quotation I would suggest adding a line of intro before the warning, otherwise we see the warning before even knowing what the section is about. :-) > +Guix's substitute server is available as a hidden service, if you want I think official terminology these days is =E2=80=9COnion service=E2=80=9D. > +to use it to get your substitutes from Tor configure your system as > +follow: > + > +@lisp > +(use-modules (gnu)) > +(use-service-module base networking) > + > +(operating-system > + =E2=80=A6 > + (services > + (cons > + (service tor-service-type > + (tor-configuration > + (config-file (plain-file "tor-config" > + "HTTPTunnelPort 127.0.0.1:9250"= )))) > + (modify-services %base-services > + (guix-service-type ^^^^^^^^^^^^^ Too many spaces here. > +@example > +# herd set-http-proxy guix-daemon http://localhost:9250 > +$ guix build --substitute-urls=3Dhttps://bp7o7ckwlewr4slm.onion hello > +@end example To make it copy/pastable, you can remove the prompt and write it as: sudo herd set-http-proxy =E2=80=A6 guix build =E2=80=A6 Something along these lines LGTM. Thank you! Ludo=E2=80=99.