From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id AHDsGyvYbGSEDQAASxT56A (envelope-from ) for ; Tue, 23 May 2023 17:13:47 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id 2GToGyvYbGT8rwAA9RJhRA (envelope-from ) for ; Tue, 23 May 2023 17:13:47 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 31FCA6A27 for ; Tue, 23 May 2023 17:13:47 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1q1ThP-00088h-Ea; Tue, 23 May 2023 11:13:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q1ThM-0007xy-Dr for help-guix@gnu.org; Tue, 23 May 2023 11:13:17 -0400 Received: from knopi.disroot.org ([178.21.23.139]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q1ThJ-0005xz-Gu for help-guix@gnu.org; Tue, 23 May 2023 11:13:16 -0400 Received: from localhost (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id 396A540603; Tue, 23 May 2023 17:13:07 +0200 (CEST) X-Virus-Scanned: SPAM Filter at disroot.org Received: from knopi.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zGvyHRPB9H-y; Tue, 23 May 2023 17:13:05 +0200 (CEST) References: <0-dr078dRoXCGW1hkTyntgIJyaTDPzHNTerL6GhtNcFbod02B-RhzZuChgCyuzaJ0jPHhbTK6mW6k0vryZdd37C1Ex4BrxKeyA1pfIq1qEo=@protonmail.com> <87jzx6s60d.fsf@disroot.org> <5dVQf1-KvHUWuYLP15clr9s1BSmqmLZX0sPseYqnbYUdgw-Wid7MbFKaMY2pE0KRWbgdb-i-JUCWxTFUPwyJVL2cqoQ36xBh2PQn1EuQ2j8=@protonmail.com> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1684854785; bh=m431fR49oLS14514qXincq0Ty4sv8MGKTpojUqWODf0=; h=References:Date:From:To:Cc:Subject:In-reply-to; b=APCyGEio0Xbx/dN/1UUdv2DfOlpd6M/BZHdN3nEVcchlf8PCdAqE+ioR01EJDC8bJ WmyjMU3uBYDyDvzHMAXxwSn9zOhOgMTNiAmgO9rHAyB4Q/6agd9T0jDbJ1vlLjqfVW XLadtfnt9NutODH8Ybc3Kdbe55fpRRk2FQ/1eqGjZq0pEDUNuZAo7AbK4HbdH4n2d7 c2v8/9Fc9S4X/Wn/xeXvkaAcgevrU5GD2aY46rM0f/d5Q4jxgHX0fKKngQXbIHujRF 921vha8alSYpbjg4kEDHJjiHwKZQKBtITq4liGyCfK/2UBzJfkcdohi0iGrO4ZEFS6 H6LgYHgnBHEDg== Date: Tue, 23 May 2023 10:40:44 -0400 From: Gary Johnson To: Marek =?utf-8?Q?Pa=C5=9Bnikowski?= Cc: help-guix@gnu.org Subject: Re: How to declare symlinks in the configuration? In-reply-to: <5dVQf1-KvHUWuYLP15clr9s1BSmqmLZX0sPseYqnbYUdgw-Wid7MbFKaMY2pE0KRWbgdb-i-JUCWxTFUPwyJVL2cqoQ36xBh2PQn1EuQ2j8=@protonmail.com> Message-ID: <87wn0zxerk.fsf@disroot.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=178.21.23.139; envelope-from=lambdatronic@disroot.org; helo=knopi.disroot.org X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: help-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Seal: i=1; s=key1; d=yhetil.org; t=1684854827; a=rsa-sha256; cv=none; b=lnyHDGrtyy7Zl8saz+u2fYz0WFs74hrZZ+E0Turo86pur6vxWfUWPrX2VdKIP5d/nwvu3I LW2c/ISsP1BQZVQ4anyaKbw3lsXFTtnum+YeEl/aQCF6Q/eRZ+2wbCDR83NmwyNVZkSoVk ZvcZ0smw9NJlK+FLzdTx29//R1/fldq5sV/m9G20n4YXSPwJXNrGt1yrB6R8U+q9VfK052 6m65kh9c0iLl3nMaV+e3HfdvtneyrjNnXUre9ykSU8muHHlGKOME3jIsK9Ri3LElbZFiaV p5x/1mLIZPSq4umlfZftRaOQ+C3qKxWkzvpRReEpQY8EkNlE4f+CtvM177dZ+Q== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=disroot.org header.s=mail header.b=APCyGEio; dmarc=pass (policy=reject) header.from=disroot.org; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1684854827; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=TTpAsEaODRJHcl3Q1vmqVjK3I6GxaIQG4WKhYc+Khr8=; b=MfYN8bNyxVOwxX4g3JPxdYthtOHtxMDc2egaZkinF5jUaeFbcYFj9TCbHYuWzXoGLPLViY EFLeRskgG271fK1Ph2nl2vM0eQrGz1LeXY95lT2KyhteKHV/c7Ve5fgnzTvrnr6Mm5fPfM pEiX36FEBOPWHmJDiJYfiv56Nci7KZnfi4x87b+CnGA/yKY4sBRzv9FDowuw8aA01ZM1AV doy+HAMCfZvV7i9vE8vIn5Lh6ZLO/YZyiYp3nkVGyvObaQTeOcd55/RrNV+MwYxPAjwxdE sN6qZeamcF6qnbdaRuYCKgJdwWQlli3CZkPq+SiuP4rqGUEoEtqgdUPaTXkE8g== X-Migadu-Spam-Score: -7.59 X-Spam-Score: -7.59 X-Migadu-Queue-Id: 31FCA6A27 X-Migadu-Scanner: scn0.migadu.com Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=disroot.org header.s=mail header.b=APCyGEio; dmarc=pass (policy=reject) header.from=disroot.org; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org" X-TUID: DkWAlxMavME0 Marek Pa=C5=9Bnikowski writes: > Thank you Gary. > > This is the kind of answer I was hoping for. Could you also share with > me the corresponding service-type for the system configuration? Hi Marek, In the system configuration, most of the files that you would edit by hand on another distro (e.g., config files under /etc) are not managed directly by a single service in Guix System. Instead, you typically add services (e.g., `postgresql-service-type`, `cups-service-type`, `strongswan-service-type`) to your `operating-system` definition and declare their configurations within each service's scheme code. For example, here is how you might edit the config files for a Postgresql server: ```scheme (use-modules ((gnu packages databases) #:select (postgresql)) ((gnu packages geo) #:select (postgis)) ((gnu services) #:select (service)) ((gnu services databases) #:select (postgresql-service-type postgresql-con= figuration postgresql-config-file)) ((gnu services desktop) #:select (%desktop-services)) ((gnu system) #:select (operating-system)) ((guix gexp) #:select (local-file))) (operating-system ;; ...Eliding all the fields except `services`... (services (cons (service postgresql-service-type (postgresql-configuration (postgresql postgresql) (extension-packages (list postgis)) (config-file (postgresql-config-file (hba-file (local-file "etcfiles/pg_hba.conf")) (extra-config '(("max_worker_processes" "12") ("max_parallel_workers" "40") ("max_parallel_maintenance_wor= kers" "8") ("max_parallel_workers_per_gat= her" "4") ("parallel_leader_participatio= n" "on"))))))) %desktop-services))) ``` In this example, I showed two ways of specifying the contents of a config file for this service: 1. Using `local-file` to pull in the contents of a text file somewhere on disk. In this case, I keep my system-wide service config files under a directory called "etcfiles" (in my home directory). For config files referenced in my `guix home` configuration, I use a directory called "dotfiles". 2. Including the contents of these files directly in the `operating-system` declaration. In this case, you see me specifying key-value pairs for the main Postgresql config file in a nested list under the `extra-config` record parameter. =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Now...having provided the above explanation as the typical usage pattern for configuring services on Guix System, I will add that there is an escape hatch that you can use (as a last resort if there isn't an existing service that controls the files you want to edit). This is the service called `etc-service-type`. You can use it to declare any arbitrary files that would like added immutably under the top level "/etc" directory. You can use it like so: ```scheme (use-modules ((gnu services) #:select (service etc-service-type)) ((gnu services desktop) #:select (%desktop-services)) ((gnu system) #:select (operating-system)) ((guix gexp) #:select (local-file))) (operating-system ;; ...Eliding all the fields except `services`... (services (cons (service etc-service-type `(("resolv.conf" ,(local-file "etcfiles/resolv.co= nf")))) %desktop-services))) ``` Now you know, and knowing is half the battle. ;) Have fun and happy hacking on Guix! ~Gary --=20 Protect yourself from surveillance: https://emailselfdefense.fsf.org =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments Why is HTML email a security nightmare? See https://useplaintext.email/ Please avoid sending me MS-Office attachments. See http://www.gnu.org/philosophy/no-word-attachments.html