> Thanks Wojtek for your kind help (my comments below). > > Status update: I got it running! Great to hear that :) > [...] > > and that's it: the setup that works. > > However, The error `guix pull` ssh error only goes away after I > ssh to a remote computer: `$ ssh root@repo.local`; this command > somehow triggers something that makes `git pull` work. Odd. Hmm. Since the SSH agent remembers SSH key password, it'd make sense that one has to first "unlock" a key in an interactive CLI session before Guix can use it non-interactively. If this also happens with passwordless keys, then it's indeed odd. Nevertheless, I guess a hypothetical solution would be to allow Guix to — when desired — call SSH with access to its TTY/PTY :) Best Wojtek -- (sig_start) website: https://koszko.org/koszko.html fingerprint: E972 7060 E3C5 637C 8A4F 4B42 4BC5 221C 5A79 FD1A follow me on Fediverse: https://friendica.me/profile/koszko/profile ♥ R29kIGlzIHRoZXJlIGFuZCBsb3ZlcyBtZQ== | ÷ c2luIHNlcGFyYXRlZCBtZSBmcm9tIEhpbQ== ✝ YnV0IEplc3VzIGRpZWQgdG8gc2F2ZSBtZQ== | ? U2hhbGwgSSBiZWNvbWUgSGlzIGZyaWVuZD8= -- (sig_end) On Tue, 05 Dec 2023 11:44:57 -0600 Mauritz Stenek wrote: > Thanks Wojtek for your kind help (my comments below). > > Status update: I got it running! > > Perhaps I should clarify that I'm running a very light setup -- > Desktop services with dwm (I tried to go even leaner, but I > couldn't get the xorg server to work w/o a login manager); I'm > unsure if this is affecting the ssh setup. > > This is what I did (the superflouos commented lines show my tweaks > to the doc's suggestion[1]): > > (1) I created an ssh agent -- as per the shepherd docs[1] with > some tweaks. I added the `&` to the recommended bash setup to send > the job to the background: > > ``` > if [[ ! -S ${XDG_RUNTIME_DIR-$HOME/.cache}/shepherd/socket ]]; > then > shepherd & > fi > ``` > > (2) I commented out `(shepherd service)` import and the > `(perform-service-action 'shepherd 'daemonize)` expression in the > `init.scm` file: > > ``` > (use-modules ;; (shepherd service) > ((ice-9 ftw) #:select (scandir))) > > ;; Send shepherd into the background > ;; (perform-service-action 'shepherd 'daemonize) > > ;; Load all the files in the directory 'init.d' with a suffix > '.scm'. > (for-each > (lambda (file) > (load (string-append "init.d/" file))) > (scandir (string-append (dirname (current-filename)) "/init.d") > (lambda (file) > (string-suffix? ".scm" file)))) > ``` > > (3): I removed the conditional export of the auth sock varible in > the `.bash_profile` file: > > ``` > #if [[ ! -n ${SSH_CONNECTION} ]]; then > SSH_AUTH_SOCK=${XDG_RUNTIME_DIR-$HOME/.cache}/ssh-agent/socket > export SSH_AUTH_SOCK > #fi > ``` > > and that's it: the setup that works. > > However, The error `guix pull` ssh error only goes away after I > ssh to a remote computer: `$ ssh root@repo.local`; this command > somehow triggers something that makes `git pull` work. Odd. > > > [1]: > https://www.gnu.org/software/shepherd/manual/html_node/Managing-User-Services.html > > On 2023-12-01 at 14:07, Wojtek Kosior wrote: > > > [[PGP Signed Part:Undecided]] > >> Starting service root... > >> Service root started. > >> Service root running with value #t. > >> Service root has been started. > >> Uncaught exception while loading configuration file > >> '/home/mst/.config/shepherd/init.scm': (goops-error #f "No > >> applicable method for ~S in call ~S" (#< > >> service-actions > >> (1)> (service-actions shepherd)) ()) > >> ``` > >> > >> which I don't know how to fix. > > > > I see… I've never been using shepherd alone, in separation from > > Guix > > but I see that my Guix-generated user shepherd config has this > > > > --8<---------------cut > > here---------------start------------->8--- > > (action 'root 'daemonize) > > --8<---------------cut > > here---------------end--------------->8--- > > > > > > while the example you linked to uses > > > > --8<---------------cut > > here---------------end--------------->8--- > > (perform-service-action 'shepherd 'daemonize) > > --8<---------------cut > > here---------------start------------->8--- > > > > > > Anyway, if there's no strong reason for not using Guix home, I'd > > suggest > > using it. I mean the `guix home` command and its subcommands. > > It > > handles — among others — shepherd configuration. The link I > > gave > > earlier was about using SSH through Guix home. > > Yes, I still need to explore Guix Home -- baby steps. > > >> > Btw, there's perhaps another solution — pull from local git > >> > checkout. > >> > You can pass a filesystem path instead of a url when running > >> > `guix > >> > pull`. This might later cause some issues if you try to `sudo > >> > guix > >> > system reconfigure` but that's another topic… > >> > >> I was able to install a package like this but it's not ideal. > > > > You can also set serve a cloneable git repo over HTTP on > > localhost… > > Here's a sample script for this that I happen to have written > > for my own > > purposes just today ;) > > > > --8<---------------cut > > here---------------start------------->8--- > > #!/usr/bin/env -S guix repl -- > > !# > > > > ;; SPDX-License-Identifier: CC0-1.0 > > > > ;; Copyright (C) 2023 Wojtek Kosior > > ;; > > ;; Available under the terms of Creative Commons Zero v1.0 > > Universal. > > > > (use-modules ((guix gexp) #:select > > (gexp file-append mixed-text-file program-file > > lower-object)) > > ((gnu packages version-control) #:select (git)) > > ((gnu packages web) #:select (lighttpd)) > > ((guix store) #:select (run-with-store with-store > > %store-monad)) > > ((guix monads) #:select (mlet mbegin return)) > > ((guix derivations) #:select > > (built-derivations derivation-output-path > > derivation-outputs))) > > > > (define here > > (dirname (current-filename))) > > > > (define git-http-backend > > (file-append git "/libexec/git-core/git-http-backend")) > > > > (define lighttpd-config > > (mixed-text-file "lighttpd.conf" > > "\ > > server.document-root = \"/dev/null\" > > server.modules = ( \"mod_alias\", \"mod_cgi\", \"mod_setenv\") > > server.port = 8098 > > > > alias.url = ( \"/guix\" => \"" git-http-backend "\" ) > > cgi.assign = (\"\" => \"\") > > > > setenv.add-environment = ( > > \"GIT_PROJECT_ROOT\" => \"" here "\" + \"/.git\", > > \"GIT_HTTP_EXPORT_ALL\" => \"\" > > ) > > ")) > > > > (define run-lighttpd-guix-repo-server > > (program-file "run-lighttpd-guix-repo-server" > > #~(system* #$(file-append lighttpd > > "/sbin/lighttpd") "-D" > > "-f" #$lighttpd-config))) > > > > (system* > > (with-store store > > (run-with-store store > > (mlet %store-monad ((script-drv (lower-object > > run-lighttpd-guix-repo-server))) > > (mbegin %current-monad > > (built-derivations (list script-drv)) > > (return (derivation-output-path > > (assoc-ref (derivation-outputs script-drv) > > "out")))))))) > > --8<---------------cut > > here---------------end--------------->8--- > > > > > > One can write it as, say, "serve-git-repo.scm" in a git project > > checkout (possibly also listing it in `.git/info/exclude` to > > have git > > ignore it). Then `chmod +x` it and run — if all goes OK, it > > should > > serve the repo at: http://localhost:8098/guix > > > > It's then possible to do e.g. > > > > --8<---------------cut > > here---------------start------------->8--- > > guix pull --url=http://localhost:8098/guix > > --8<---------------cut > > here---------------end--------------->8--- > > > > The benefit is that the aforementioned `guix system reconfigure` > > seems > > to work afterwards (although the local git repo server needs to > > be > > running during this time). > > > > Voila! We no longer need to rely on remote git servers > > availability :) > > It'd make sense to also spawn this HTTP server through > > shepherd. > > And to generalize it to be able to serve multiple repos at once > > — for > > example a custom Guix tree, a channel other than "guix" and some > > software projects > > Cool! I will definitely give this a try! > > > > > > Best > > Wojtek > > > > > > -- (sig_start) > > website: https://koszko.org/koszko.html > > fingerprint: E972 7060 E3C5 637C 8A4F 4B42 4BC5 221C 5A79 FD1A > > follow me on Fediverse: > > https://friendica.me/profile/koszko/profile > > > > ♥ R29kIGlzIHRoZXJlIGFuZCBsb3ZlcyBtZQ== | ÷ > > c2luIHNlcGFyYXRlZCBtZSBmcm9tIEhpbQ== > > ✝ YnV0IEplc3VzIGRpZWQgdG8gc2F2ZSBtZQ== | ? > > U2hhbGwgSSBiZWNvbWUgSGlzIGZyaWVuZD8= > > -- (sig_end) > > > > > > On Fri, 01 Dec 2023 12:37:58 -0600 Mauritz Stenek > > wrote: > > > >> On 2023-12-01 at 07:12, Wojtek Kosior > >> wrote: > >> > >> > [[PGP Signed Part:Undecided]] > >> > Hi > >> > > >> >> However, on a full Guix system I keep getting this error: > >> >> > >> >> ``` > >> >> guix pull: error: Git error: error authenticating: no auth > >> >> sock > >> >> variable > >> >> ``` > >> >> > >> >> and, for the life of me, I just can't get it to work. > >> > > >> > Maybe you're not running ssh user agent daemon under your > >> > user? > >> > You > >> > need it for this to work. > >> > > >> > You can probably spawn it in a number of ways. One of them > >> > would be > >> > through Guix home. See this[1] Guix manual node for info > >> > about > >> > ssh-agent's home service :) > >> > > >> > Also, you're not running `guix pull` with sudo, are you? It > >> > wouldn't > >> > work this way because sudo erases environment variables, > >> > including > >> > "SSH_AUTH_SOCK". > >> > > >> > Btw, on my fully Guixified laptop I am using Guix home > >> > without > >> > ssh-agent configured and yet I do have ssh-agent running > >> > under > >> > my user. > >> > I'm not sure what started it… > >> > >> Seems like that is the situation. I actually tried to run the > >> ssh-agent user service example in the shepherd manual > >> (https://www.gnu.org/software/shepherd/manual/html_node/Managing-User-Services.html) > >> -- verbatim -- and I get this error: > >> > >> ``` > >> Starting service root... > >> Service root started. > >> Service root running with value #t. > >> Service root has been started. > >> Uncaught exception while loading configuration file > >> '/home/mst/.config/shepherd/init.scm': (goops-error #f "No > >> applicable method for ~S in call ~S" (#< > >> service-actions > >> (1)> (service-actions shepherd)) ()) > >> ``` > >> > >> which I don't know how to fix. > >> > >> Other than that example, I'm at a loss with ssh. > >> > >> > > >> >> (disclaimer: I'm a total scheme/guile neophyte -- and am > >> >> learning > >> >> as I go) > >> > > >> > As all of us, haha :D > >> > >> :D > >> > >> > > >> > Btw, there's perhaps another solution — pull from local git > >> > checkout. > >> > You can pass a filesystem path instead of a url when running > >> > `guix > >> > pull`. This might later cause some issues if you try to `sudo > >> > guix > >> > system reconfigure` but that's another topic… > >> > >> I was able to install a package like this but it's not ideal. > >> > >> > Good luck and happy hacking! > >> > >> Thanks! I can tell you, it is a journey. > >> > >> > Wojtek > >> > > >> > [1] > >> > https://guix.gnu.org/manual/devel/en/html_node/Secure-Shell.html > >> > > >> > > >> > -- (sig_start) > >> > website: https://koszko.org/koszko.html > >> > fingerprint: E972 7060 E3C5 637C 8A4F 4B42 4BC5 221C 5A79 > >> > FD1A > >> > follow me on Fediverse: > >> > https://friendica.me/profile/koszko/profile > >> > > >> > ♥ R29kIGlzIHRoZXJlIGFuZCBsb3ZlcyBtZQ== | ÷ > >> > c2luIHNlcGFyYXRlZCBtZSBmcm9tIEhpbQ== > >> > ✝ YnV0IEplc3VzIGRpZWQgdG8gc2F2ZSBtZQ== | ? > >> > U2hhbGwgSSBiZWNvbWUgSGlzIGZyaWVuZD8= > >> > -- (sig_end) > >> > > >> > > >> > On Thu, 30 Nov 2023 19:47:43 -0600 Mauritz Stenek > >> > wrote: > >> > > >> >> I'm trying out Guix and created a personal (private) channel > >> >> with > >> >> some custom packages. I access my git repo with ssh. > >> >> > >> >> Using Guix on a foreign distro, pulling from my git repo > >> >> works > >> >> fine after applying this strategy: > >> >> https://issues.guix.gnu.org/31285. > >> >> > >> >> However, on a full Guix system I keep getting this error: > >> >> > >> >> ``` > >> >> guix pull: error: Git error: error authenticating: no auth > >> >> sock > >> >> variable > >> >> ``` > >> >> > >> >> and, for the life of me, I just can't get it to work. > >> >> > >> >> (disclaimer: I'm a total scheme/guile neophyte -- and am > >> >> learning > >> >> as I go) > >> >> > >> >> Please help. > >> >> > >> > > >> > [[End of PGP Signed Part]] > >> > >> > > > > [[End of PGP Signed Part]] > >