From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ricardo Wurmus <rekado@elephly.net>
Subject: Re: Managing user environments
Date: Mon, 29 Jul 2019 18:04:33 +0200
Message-ID: <87h8747rou.fsf@elephly.net>
References: <1D6F50BE-4430-4B1C-8F71-0AF1D6D84648@lepiller.eu>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:470:142:3::10]:54881)
 by lists.gnu.org with esmtp (Exim 4.86_2)
 (envelope-from <rekado@elephly.net>) id 1hs88g-00061X-Ic
 for guix-devel@gnu.org; Mon, 29 Jul 2019 12:04:43 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <rekado@elephly.net>) id 1hs88f-0007mn-Bh
 for guix-devel@gnu.org; Mon, 29 Jul 2019 12:04:42 -0400
Received: from sender4-of-o53.zoho.com ([136.143.188.53]:21338)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <rekado@elephly.net>) id 1hs88f-0007kJ-1A
 for guix-devel@gnu.org; Mon, 29 Jul 2019 12:04:41 -0400
In-reply-to: <1D6F50BE-4430-4B1C-8F71-0AF1D6D84648@lepiller.eu>
List-Id: "Development of GNU Guix and the GNU System distribution."
 <guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Julien Lepiller <julien@lepiller.eu>
Cc: guix-devel@gnu.org


Hi Julien,

> A few months ago, I created a new channel called the guix home manager
> whose purpose is to allow to manage user environments in a similar way
> to services.
>
> The channel is about managing dotfiles. I think configuration should
> be managed in a stateless fashion, and that's what guix is good at.

I think this is a very good idea and I=E2=80=99d love to see more integrati=
on
with Guix.

> You can find the current code here: https://framagit.org/tyreunom/guix-ho=
me-manager

I=E2=80=99m not convinced that a package definition is the most appropriate
abstraction to use here, because we only really care about the builder.
Using a profile is probably a good idea, though, because of roll-backs
etc.  Much like =E2=80=9Cguix pull=E2=80=9D builds a profile under the hood=
, the home
manager could do the same.

Other ideas I mentioned on IRC were:

- integration with =E2=80=9Cguix system=E2=80=9D and/or manifests; running =
=E2=80=9Cguix package
  --profile=E2=80=A6=E2=80=9D is probably not the most convenient interface.

- storage of secrets.  Can we (or: does it make sense to) encrypt the
  generated configuration files and use a PAM service to automatically
  unlock and relocate them upon login?

> I still have some doubts about it, whether it's in the scope for guix
> or not, whether it actually scales, and such. Any opinion is
> welcome. Again, would you like to see it, or a modified version of
> it,in guix itself or should it be kept in a separate channel?

I=E2=80=99d love to see a variant of this become part of Guix proper in the
future.  It shouldn=E2=80=99t be forced upon users, of course, but I think =
it
would be great to offer this as an opt-in feature, much like stricter
package management with manifests is opt-in.

Thank you for sharing this!

--
Ricardo