* Ad-hoc offloading to a server
@ 2021-09-20 18:25 Christine Lemmer-Webber
2021-09-20 19:38 ` 'edk@beaver-labs.com'
0 siblings, 1 reply; 2+ messages in thread
From: Christine Lemmer-Webber @ 2021-09-20 18:25 UTC (permalink / raw)
To: help-guix
Sometimes I've wanted to offload builds ad-hoc to another server, like
so:
guix build mypackage --offload-to=cwebber@beefybuilder.org
This would offload by ssh'ing into that server and doing the offloading
there, but it's a more explicit user specified location.
Thoughts? Would this be a worthwhile feature?
- Christine
PS: I suppose despite being a more explicit operation, I suppose the
/etc/guix/acl file can't be avoided under our current security model,
because we're still trusting that the remote location is trustworthy
enough to put this build result in our store as the result associated
with this input. One user could, otherwise, screw over all others.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Ad-hoc offloading to a server
2021-09-20 18:25 Ad-hoc offloading to a server Christine Lemmer-Webber
@ 2021-09-20 19:38 ` 'edk@beaver-labs.com'
0 siblings, 0 replies; 2+ messages in thread
From: 'edk@beaver-labs.com' @ 2021-09-20 19:38 UTC (permalink / raw)
To: Christine Lemmer-Webber; +Cc: help-guix
The way I'd do it for now would be:
ssh cwebber@beefybuilder.org guix build mypackage
ssh cwebber@beefybuilder.org guix publish
ssh -N -R 8081:localhost:8080 cwebber@beefybuilder.org&
guix build --substitute-urls=http://localhost:8081 mypackage
First, and only once, you need to authorize your machine to use
substitute packages from the beefy server
ssh cwebber@beefybuilder.org guix archive --authorize
scp cwebber@beefybuilder.org:/etc/guix/signing-key.pub /tmp/whatever
guix archive --authorize < /tmp/whatever
Let me know if that works for you.
Cheers,
Edouard.
Christine Lemmer-Webber <cwebber@dustycloud.org> writes:
> Sometimes I've wanted to offload builds ad-hoc to another server, like
> so:
>
> guix build mypackage --offload-to=cwebber@beefybuilder.org
>
> This would offload by ssh'ing into that server and doing the offloading
> there, but it's a more explicit user specified location.
>
> Thoughts? Would this be a worthwhile feature?
>
> - Christine
>
> PS: I suppose despite being a more explicit operation, I suppose the
> /etc/guix/acl file can't be avoided under our current security model,
> because we're still trusting that the remote location is trustworthy
> enough to put this build result in our store as the result associated
> with this input. One user could, otherwise, screw over all others.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-09-20 19:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-20 18:25 Ad-hoc offloading to a server Christine Lemmer-Webber
2021-09-20 19:38 ` 'edk@beaver-labs.com'
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).