From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id QCiOMQTnx2L4fwEAbAwnHQ (envelope-from ) for ; Fri, 08 Jul 2022 10:12:52 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id 2NOWMATnx2IpJwEAG6o9tA (envelope-from ) for ; Fri, 08 Jul 2022 10:12:52 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 744A42D99C for ; Fri, 8 Jul 2022 10:12:52 +0200 (CEST) Received: from localhost ([::1]:40922 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1o9j6Z-0008Vs-Do for larch@yhetil.org; Fri, 08 Jul 2022 04:12:51 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:47142) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1o9j5z-0008UU-Oc for guix-devel@gnu.org; Fri, 08 Jul 2022 04:12:15 -0400 Received: from relay1-d.mail.gandi.net ([2001:4b98:dc4:8::221]:57057) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1o9j5w-0006wD-Is for guix-devel@gnu.org; Fri, 08 Jul 2022 04:12:15 -0400 Received: (Authenticated sender: andrew@trop.in) by mail.gandi.net (Postfix) with ESMTPSA id 0EE1524000B; Fri, 8 Jul 2022 08:12:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=trop.in; s=gm1; t=1657267928; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=k6UGU6N02hfye1OKVHJ/NTfxwL6uwc6jsb53LblrV4o=; b=YFeTln2FQEjlrZv1dNEbdwkK+i21Vowk5iD2he1kIOOE4NZN5xA+yRLvOTtUrkt3RQP9C0 TuJfnWGOSeNvaBGNbHOsKSMhCQ9uj2J0O5TtT+vs6LPyCdaT/MDYJF+8jIyRqszu2S1rN1 syJsv6fyNHrZBW3SoChSzHUyfL7/3mY+JGSQgxcfrNxYOwqLlIWdJIOwk6wMpilMmt1fau tWJ8iuGnqTWYWfvtG/9+B/ru1KAJDablV6wgHQXLcX+ivCpGFTY0MmvEmjxjDexERL0AVO MhjmAzgDe7IUUJSWbf6K8un0ihh4x37ac9Yq4azsp1H6Le1P0TXfeH/uOgC+pA== From: Andrew Tropin To: Tissevert , guix-devel@gnu.org Subject: Re: Guix home and operating-system In-Reply-To: <20220706112011.77c71a94@marvid.fr> References: <20220706112011.77c71a94@marvid.fr> Date: Fri, 08 Jul 2022 11:12:02 +0300 Message-ID: <87tu7s6n1p.fsf@trop.in> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: pass client-ip=2001:4b98:dc4:8::221; envelope-from=andrew@trop.in; helo=relay1-d.mail.gandi.net X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1657267972; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=k6UGU6N02hfye1OKVHJ/NTfxwL6uwc6jsb53LblrV4o=; b=TyMO/A64/BWZG3iq7hx34hPiGLKrwuVPICs4HMQcOTPhJBZSiNcrW3ANQMAXuOa+YVZsVC u/KGbgnAfRR4pozjLhEImFahyh4mw9UpuRqhtmXnVdfMToeMGKIO/3u/KniqQdWzHMbWGX emExbpXofkrZdyVHW91uz5yMK27OG4L7VOQy4i1f4VD9e4Zfb8InkXe5749tjKuoEQx1YJ FNANjmVFygnTe6sX4wdinpcLTeZAemDUul2x0UcxSYStpEqSC8TG+ePtGMamJNRwN7tVnl SiVtEKnE11ZhBHTMxcrKynNb5jCJshrCxmHAOWmrr6+iYYEh75pBNQJE4SySXg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1657267972; a=rsa-sha256; cv=none; b=cB2aN8GyPJXh27DrvW8wjGx/VV78alqEWTyK32vIaPjNiKYfhfuVXwakkVef5nK+ms5iG3 rNafyBRX7t8kIGLdOHgNSYwuB564TfCOwIehRsVrbgICKz3E1GPUWTfuU4d5hxrpQa/1I/ M0qo/92cKIz/4nT2cr1qz9thiPkb+x4dXZWb8zglQvjAeuuHcsWEEZ8ofkVxU4gmaSmJcE c52asIq7OMmBnAW0wQ/rwo8W9tLUAHjp/Ju2PgkoIQFG4rCVbdhB4mQzb+iyeVokv6vFJG s3Oo3AM8dwaVzwdcA7o8krIq1Ucu35Mx1LQLMrUgFWx8S22jLuif3Gpo/r4Bsw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=trop.in header.s=gm1 header.b=YFeTln2F; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -5.64 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=trop.in header.s=gm1 header.b=YFeTln2F; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 744A42D99C X-Spam-Score: -5.64 X-Migadu-Scanner: scn0.migadu.com X-TUID: XDgA10EFIOVS --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain On 2022-07-06 11:20, Tissevert wrote: > Hi Guix, > > I'm finally having some time to try and put guix on the older machines at home > and thought I'd start by generating a live CD to show the rest of the family > what that would look like without having to make any irreversible changes yet. > > Meanwhile, as this is a time to clean and rationalize system declarations to > ease maintaining the various machines, I thought it would be an appropriate > time to try and start learning about guix home (I came to guix for the > reproducibility, I'm not going to spend hours on each machine reproducing the > same user config !). > > To my greatest astonishment, I found no way to make guix home configurations > interact with operating-system declarations. I expected something along the > lines of a "configuration" or "home" field in the user-account data type, which > could contain directly a valid guix home configuration or maybe the path to a > file containing one. At least, I expected to find a "packages" field to allow > specifying the packages set for a particular user. This is of course necessary > when building a read-only live image which won't be able to receive > modification at a later time. More generally, this raised a question in me: why > go to such length to have a whole declarative system which you can generate in > advance on each aspect, and then require to launch (stateful !) command lines > at a later time to alter the configuration of users. > > I was discussing that the other night with @unmatched-paren on IRC and was told > this could be an interesting idea so what do you think ? Is there a good reason > why this hasn't been implemented ? Would it be very complicated to run the > equivalent of a guix home at the end of the system generation ? I'd be > personally interested to work on such a feature but I have absolutely no idea > where to start and would be glad to receive some pointers if it was deemed > useful enough that I should spend my time on it. > > Now I can think of several ways to do that differently: I suppose the live CD > could have a system service performing the call to guix home to setup the > user's environment during the boot. Also, this would not cover user services > but regarding file configurations, I can think of a way because I'm prone to > config vertigo these days: there are so many levels where we can alter the > config, why always delay it ? Packages often contain a default configuration, > and upon start the program checks half a dozen places for a custom user config: > in other words why have a bash profile in my home when I could generate a bash > package which has directly my dream profile in its "default" version in /etc ? > I could still use ~/.bash_profile for a temporary tweak. Is that something > people in guix do frequently ? Why ? > > Cheers, > > Tissevert > Hi Alice! This topic was discussed a few times already, but still not yet implemented. Probably the last one was "Guix system with home-environment" in help-guix mailing list. I played around with it, did some changes to Guix Home (maybe some small patches not yet upstreamed, but they are not critical IIRC), but didn't finish the implementation and postpone it again, still think it's really valuable feature. I don't remember all the details and where I stopped, but the highlevel idea is following: - Define a system services, which contains (user . home-environment) pairs. - Build home environments on system reconfigure. - Activate home environments on boot. Here are some WIP half an year old code for guix-home-service-type: --=-=-= Content-Type: application/octet-stream Content-Disposition: attachment; filename=home.scm Content-Transfer-Encoding: base64 KGRlZmluZS1tb2R1bGUgKGdudSBzZXJ2aWNlcyBob21lKQogICM6dXNlLW1vZHVsZSAoZ251IHNl cnZpY2VzKQogICM6dXNlLW1vZHVsZSAoZ251IHNlcnZpY2VzIHNoZXBoZXJkKQoKICAjOnVzZS1t b2R1bGUgKGd1aXggZ2V4cCkKICAjOnVzZS1tb2R1bGUgKGd1aXggcGFja2FnZXMpCiAgIzp1c2Ut bW9kdWxlIChndWl4IHJlY29yZHMpCgogICM6ZXhwb3J0IChndWl4LWhvbWUtc2VydmljZS10eXBl KSkKCihkZWZpbmUgKGd1aXgtaG9tZS1hY3RpdmF0aW9uLWdleHAgY29uZmlnKQogICN+KGJlZ2lu CiAgICAgIChtYXAKICAgICAgIChsYW1iZGEgKHggeSkKICAgICAgICAgKGxldCogKCh1c2VyIChn ZXRwdyB4KSkKICAgICAgICAgICAgICAgICh1aWQgKHBhc3N3ZDp1aWQgdXNlcikpCiAgICAgICAg ICAgICAgICAoZ2lkIChwYXNzd2Q6Z2lkIHVzZXIpKQogICAgICAgICAgICAgICAgKGRpciAocGFz c3dkOmRpciB1c2VyKSkpCiAgICAgICAgICAgKGZvcm1hdCAjdCAiUnVubmluZyBhY3RpdmF0aW9u IHNjcmlwdCBmb3IgfmEsXG4gdGhlIHBhdGggaXMgfmEuIiB4IHkpCgogICAgICAgICAgIChta2Rp ci1wIGRpcikKICAgICAgICAgICAoY2hvd24gZGlyIHVpZCBnaWQpCgogICAgICAgICAgIChzZXR1 aWQgdWlkKQogICAgICAgICAgIChzZXRlbnYgIkhPTUUiIGRpcikKICAgICAgICAgICA7OyBUT0RP OiBtYXliZSBub3QgbmVlZGVkPwogICAgICAgICAgIDs7IChzZXRnaWQgZ2lkKQogICAgICAgICAg IChzeXN0ZW0geSkpKQogICAgICAgJyMkKG1hcCBjYXIgY29uZmlnKQogICAgICAgJyMkKG1hcCAo bGFtYmRhICh4KSAoZmlsZS1hcHBlbmQgKGNkciB4KSAiL2FjdGl2YXRlIikpIGNvbmZpZykpKSkK CihkZWZpbmUgKGd1aXgtaG9tZS1zaGVwaGVyZC1zZXJ2aWNlIGNvbmZpZykKICAobWFwCiAgIChs YW1iZGEgKHgpCiAgICAgKGxldCAoKHVzZXIgKGNhciB4KSkKICAgICAgICAgICAoaGUgKGNkciB4 KSkpCiAgICAgICAoc2hlcGhlcmQtc2VydmljZQogICAgICAgIChkb2N1bWVudGF0aW9uICJBY3Rp dmF0ZSBHdWl4IEhvbWUuIikKICAgICAgICAocmVxdWlyZW1lbnQgJyh1c2VyLWhvbWVzKSkKICAg ICAgICAocHJvdmlzaW9uIChsaXN0IChzeW1ib2wtYXBwZW5kICdndWl4LWhvbWUtIChzdHJpbmct PnN5bWJvbCB1c2VyKSkpKQogICAgICAgIChvbmUtc2hvdD8gI3QpCiAgICAgICAgKGF1dG8tc3Rh cnQ/ICNmKQogICAgICAgIChzdGFydCAjfihtYWtlLWZvcmtleGVjLWNvbnN0cnVjdG9yCiAgICAg ICAgICAgICAgICAgICcoIyQoZmlsZS1hcHBlbmQgaGUgIi9hY3RpdmF0ZSIpKQogICAgICAgICAg ICAgICAgICAjOnVzZXIgIyR1c2VyCiAgICAgICAgICAgICAgICAgICM6ZW52aXJvbm1lbnQtdmFy aWFibGVzCiAgICAgICAgICAgICAgICAgIChsaXN0IChzdHJpbmctYXBwZW5kICJIT01FPSIgKHBh c3N3ZDpkaXIgKGdldHB3ICMkdXNlcikpKSkKICAgICAgICAgICAgICAgICAgIzpncm91cCAidXNl cnMiKSkKICAgICAgICAoc3RvcCAjfihtYWtlLWtpbGwtZGVzdHJ1Y3RvcikpKSkpCiAgICAgY29u ZmlnKSkKCihkZWZpbmUgKGd1aXgtaG9tZS1nYy1yb290cyBjb25maWcpCiAgKG1hcCBjZHIgY29u ZmlnKSkKCihkZWZpbmUgZ3VpeC1ob21lLXNlcnZpY2UtdHlwZQogIChzZXJ2aWNlLXR5cGUKICAg KG5hbWUgJ2d1aXgtaG9tZSkKICAgKGRlc2NyaXB0aW9uICJTZXR1cHMgaG9tZS1lbnZpcm9ubWVu dHMgc3BlY2lmaWVkIGluIHRoZSB2YWx1ZS4iKQogICAoZXh0ZW5zaW9ucyAobGlzdCAoc2Vydmlj ZS1leHRlbnNpb24KICAgICAgICAgICAgICAgICAgICAgIHNoZXBoZXJkLXJvb3Qtc2VydmljZS10 eXBlCiAgICAgICAgICAgICAgICAgICAgICBndWl4LWhvbWUtc2hlcGhlcmQtc2VydmljZSkKICAg ICAgICAgICAgICAgICAgICAgKHNlcnZpY2UtZXh0ZW5zaW9uCiAgICAgICAgICAgICAgICAgICAg ICBnYy1yb290LXNlcnZpY2UtdHlwZQogICAgICAgICAgICAgICAgICAgICAgZ3VpeC1ob21lLWdj LXJvb3RzKSkpCiAgIDs7IChjb21wb3NlIGFwcGVuZCkKICAgOzsgKGV4dGVuZCBhcHBlbmQpCiAg IChkZWZhdWx0LXZhbHVlICcoKSkpKQo= --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable =2D-=20 Best regards, Andrew Tropin --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEKEGaxlA4dEDH6S/6IgjSCVjB3rAFAmLH5tIACgkQIgjSCVjB 3rBgQg//aISKGJ3DJZUJhZorG6wqMGrOPVJhqvbrko/AdWz0/0dviYyA7/CXkXCA XWyil199qF2cFNuZuUuhH/tg+Pysjk9MON9wfZYeSMZ893uYLwMel2Vovj0sBmFL jiYsMz0UCPN9enlBEu74xiP1ikZ7NdCTWMhXlD6bmKjJeyb8aLCAyMJ3urK1hNa7 vTHAxpa0iZ4jeWcFn932w+k5S194Qrt2VmLjfydldGFlVfesi4LhmPIgzso5jLWL jUUGb/9A+tx0VCncC0X4BWxO8TNi8ZmDSAnfJc7J9MnGPrvztvGz0FnayhCzNa/W VosYMffQFQHfP94thK8tN+u3ulGwbhSqSckr9JeerLy7rcn5htqXrYHxiWiNfvA3 T0+DpH/YgZmAX7uD+coyW2qsS1sMpK2C+r3dJrDXscze7JlMZbI7RoLeKT/gjt2G MLAnhdlKOIK69P8pCanxuaFItkSvmuomnQ1TT1WWnN1mN8Zy/IFhZ9oMb5apCkIX cA9HeHGm1I728Nlb3x/zdrkRhdEVcODSuRV2jPv0m0egdAlOxsQa5zvPoAYB5hF4 98d52Z9W8IkQ877sUJopodNfGmMlMtT6NYJhxR0R2422jOLey9WK/zpKxDiGEVCw gzPukX4iOgbTfyL/ygT5WLQE+3eph+TPc5ZQlmP0i4bQLPrC22s= =kJH5 -----END PGP SIGNATURE----- --==-=-=--