From: ludo@gnu.org (Ludovic Courtès)
To: David Thompson <dthompson2@worcester.edu>
Cc: guix-devel@gnu.org
Subject: Re: [PATCH 2/2] scripts: Add 'publish' command.
Date: Mon, 30 Mar 2015 21:32:46 +0200 [thread overview]
Message-ID: <87y4me5li9.fsf@gnu.org> (raw)
In-Reply-To: <87lhifhfu1.fsf@fsf.org> (David Thompson's message of "Sun, 29 Mar 2015 13:29:58 -0400")
David Thompson <dthompson2@worcester.edu> skribis:
> Mark H Weaver <mhw@netris.org> writes:
>
>> ludo@gnu.org (Ludovic Courtès) writes:
>>
>>> David Thompson <dthompson2@worcester.edu> skribis:
>>>
>>>> +(define (render-nar request store-item)
>>>> + "Render archive of the store path corresponding to STORE-ITEM."
>>>> + (let ((store-path (string-append %store-directory "/" store-item)))
>>>> + ;; The ISO-8859-1 charset *must* be used otherwise HTTP clients will
>>>> + ;; interpret the byte stream as UTF-8 and arbitrarily change invalid byte
>>>> + ;; sequences.
>>>> + (if (file-exists? store-path)
>>>> + (values '((content-type . (application/x-nix-archive
>>>> + (charset . "ISO-8859-1"))))
>>>> + (lambda (port)
>>>> + (write-file store-path port)))
>>>> + (not-found request))))
>>>
>>> This is OK for now, but I just realized that this will be blocking the
>>> server for the duration of the whole transfer. Someone could DoS you by
>>> substituting TeX Live. ;-)
>>>
>>> We’ll need a solution but it seems that it’ll be hard to avoid threads.
>>>
>>> Thoughts?
>>
>> I haven't looked closely, but how about using subprocesses instead of
>> threads?
Sounds good.
> That's along the lines of what I was thinking. One could spawn a bunch
> of 'guix publish' processes on different ports and put a load balancer
> in front of them.
What about changing the ‘open’ method of the <server-impl> (as in
tests/lint.scm) so that it forks upon socket opening? (That could also
be the moment where we’d drop privileges.)
> I think that this problem, if it is to be solved with more Scheme code,
> is an issue to address in Guile core by changing the http server
> implementation.
Once we have a sufficiently different and valuable server
implementation, we could turn it into a (web server xxx) module. I
think there’s value in keeping the simple/simplistic (web server http)
too.
Ludo’.
next prev parent reply other threads:[~2015-03-30 19:32 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-17 14:57 [PATCH 0/2] Add 'guix publish' command David Thompson
2015-03-17 15:00 ` [PATCH 1/2] store: Add query-path-info operation David Thompson
2015-03-18 8:55 ` Ludovic Courtès
2015-03-27 16:56 ` David Thompson
2015-03-27 21:30 ` Ludovic Courtès
2015-03-17 15:01 ` [PATCH 2/2] scripts: Add 'publish' command David Thompson
2015-03-18 10:27 ` Ludovic Courtès
2015-03-27 16:58 ` David Thompson
2015-03-27 22:41 ` Ludovic Courtès
2015-03-29 17:02 ` Mark H Weaver
2015-03-29 17:29 ` David Thompson
2015-03-30 19:32 ` Ludovic Courtès [this message]
2015-04-04 18:30 ` David Thompson
2015-03-17 15:20 ` [PATCH 0/2] Add 'guix publish' command David Thompson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y4me5li9.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=dthompson2@worcester.edu \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).