From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1.migadu.com ([2001:41d0:1008:1e59::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id +AoRBd8Pl2WddAAAkFu2QA (envelope-from ) for ; Thu, 04 Jan 2024 21:06:55 +0100 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1.migadu.com with LMTPS id yLWdOd4Pl2URxwAA62LTzQ (envelope-from ) for ; Thu, 04 Jan 2024 21:06:55 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=none ("invalid DKIM record") header.d=freakingpenguin.com header.s=x header.b=epu3mKXN; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1704398814; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=8t4nFolpBwaKhHobkSNPuEBcCjmSNfJCWZLenLqM0bM=; b=BaQ/GutdbfIz9zeymDl6u68TozeXKOPY0X9TXlD/51b1laCZreiUvnz+cUeVcLl+AM51Sp lyxIN9t44VXEEnjw280U3fhlnpukxIs0U8zopzr5zzgjcqVIYKwhMi1xwCjMqjFkMVia0b n7Ys+Ej/hYvUPIulKWpMhjbXNabLa9tIqlgDIXOu9GHcq4ydhBphhFI/moevtAq3mRvC7A H58diUwN/JZBu0cBgPXrDFxpCvHLQuSAxSZHdozyDUZq1xaN1UfVjl8uiuT1qlArtT+IZa FZDkUV8aN7450mJZCUyjcSDVKHMDpmYlZS0z46Sps0G3MdgsOca1ZT8ja0gOhA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none ("invalid DKIM record") header.d=freakingpenguin.com header.s=x header.b=epu3mKXN; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Seal: i=1; s=key1; d=yhetil.org; t=1704398814; a=rsa-sha256; cv=none; b=CesY4OnSa9tzmoSBmvkgTAr9D1X+tLbs64cH9z848T/5zRyqRUN0In1pB3o8QGjN7YO+2G icCuTl+kp/Fs/pT9FPyaSBJIYDTT+ZLv4KPVQYeOX370SkWwn8ckWLvMmPsPR49LICpXlo OvwJD2GYWOusde4e9k1ozv3C5nl6ULOrJ7QEljCzX1rR9rDuARcHcaXgww3PAzsGP/RTuZ RJnDqAujF9s06gIDLqzxuzvxFqx0c1ZSZdTCYbusTAbTANhr8X7t7gkWpgLieDi5USd4qu advK7Pb8PTCIG4pJ9OPBJml76JMZqYiIbfHiNu5CAkl5LsOgbjhkyMFdOTSmVw== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id B2F62637DA for ; Thu, 4 Jan 2024 21:06:54 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rLTzA-0002Q8-6c; Thu, 04 Jan 2024 15:06:36 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rLRbE-0002Ez-3n for help-guix@gnu.org; Thu, 04 Jan 2024 12:33:44 -0500 Received: from mail-108-mta59.mxroute.com ([136.175.108.59]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rLRbB-0006W4-Jz for help-guix@gnu.org; Thu, 04 Jan 2024 12:33:43 -0500 Received: from filter006.mxroute.com ([136.175.111.2] filter006.mxroute.com) (Authenticated sender: mN4UYu2MZsgR) by mail-108-mta59.mxroute.com (ZoneMTA) with ESMTPSA id 18cd584fa340003727.001 for (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384); Thu, 04 Jan 2024 17:28:31 +0000 X-Zone-Loop: b179a4754d83c33af659afece5fca9f558bcdb4e4d6c X-Originating-IP: [136.175.111.2] DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=freakingpenguin.com; s=x; h=Content-Type:Message-ID:Subject:To:From:Date: MIME-Version:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=8t4nFolpBwaKhHobkSNPuEBcCjmSNfJCWZLenLqM0bM=; b=epu3mKXNTCsqrDpuXZInlWRrf0 WWAGoh0MiQG6gajJmFGcCxIZwb5BtJHCaPb7696WAUe3JiID72sGhFadhoZ7mPkKg80ZxE+4Op4t1 cHtdFLrwrEWk0ISA0l8CsoW8DLtrx0fPAdcjuYYYFIAjwT0V/3OXXk2L5fzbBRvOSRm7MncoqU9+M 7wYKLvmlCXxBAMO0zZNmBIgnIMiXDk77QhoCg1FFomoMAUn29JAgpWnOJxjfox0PgIAe2DASMSJ+L UBU8mJ//ntMwvLVLK6rVI3OK0VsJNmIVX0H0XaHrla5TrPYU4sJxmvbdgmVoR05N6nbcAA9SmD25N YT5RU+5w==; MIME-Version: 1.0 Date: Thu, 04 Jan 2024 12:28:28 -0500 From: Richard Sent To: help-guix@gnu.org Subject: Deferring evaluation of a get-secret procedure so -L doesn't evaluate it unless needed for build Message-ID: X-Sender: richard@freakingpenguin.com Content-Type: multipart/mixed; boundary="=_99e29934b24fc91fd798f066a5cf3b0b" X-Authenticated-Id: richard@freakingpenguin.com Received-SPF: pass client-ip=136.175.108.59; envelope-from=richard@freakingpenguin.com; helo=mail-108-mta59.mxroute.com X-Spam_score_int: -16 X-Spam_score: -1.7 X-Spam_bar: - X-Spam_report: (-1.7 / 5.0 requ) BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, WEIRD_PORT=0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Thu, 04 Jan 2024 15:06:35 -0500 X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: help-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Scanner: mx13.migadu.com X-Migadu-Spam-Score: -5.17 X-Spam-Score: -5.17 X-Migadu-Queue-Id: B2F62637DA X-TUID: wG+7kXdYogUG --=_99e29934b24fc91fd798f066a5cf3b0b Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8; format=flowed Hi Guix! Until recently I reconfigured my home & system by setting the GUILE_LOAD_PATH env var, but I am now trying to transition to using the -L argument. I have a configuration repo that's broken down into separate modules, (mostly) like so: --8<---------------cut here---------------start------------->8--- lib └── rsent ├── constants │   └── wireguard.scm ├── home │   └── pathfinder.scm ├── system │   └── pathfinder.scm └── utils    └── secrets.scm --8<---------------cut here---------------end--------------->8--- wireguard.scm contains code that fetches secret values (private+preshared keys) from my password store and defines a service using that secret value. The code looks something like this: --8<---------------cut here---------------start------------->8--- (define wireguard-lan-secret-service (service (wireguard-configuration ... (private-key (plain-file "private.key" (get-secret* "System/WireGuard/LAN/private.key")))))) --8<---------------cut here---------------end--------------->8--- I've noticed that when I run `guix home reconfigure -L lib lib/rsent/home/pathfinder.scm`, (get-secret* ...) is still evaluated, meaning that I'm prompted for a password when I don't need to enter one (home-environment doesn't support wireguard-service). I don't have this problem if I run `GUILE_LOAD_PATH=lib guix home reconfigure lib/rsent/home/pathfinder.scm`, presumably because Guix's -L doesn't just add to the load path, but also evaluates every file for possible package definitions. I suspect I need to replace (plain-file ...) with another option, perhaps (computed-file), as well as rework (get-secret*) into a gexp. I'm struggling with the syntax though, so any help in this would be appreciated. Or if there's a better solution, that would be amazing! *On another note*, should Guix have another command line flag that behaves identically to `$ guile -L`? Adds directory to the load path, but does not do anything else? The distinction between Guile and Guix's -L isn't emphasized enough in my experience. To a beginner, these two sound identical. Guile: -L DIRECTORY add DIRECTORY to the front of the module load path Guix: -L, --load-path=DIR prepend DIR to the package module search path Apologies for the wall of text, hopefully someone has some thoughts. Richard --=_99e29934b24fc91fd798f066a5cf3b0b Content-Transfer-Encoding: base64 Content-Type: text/plain; name=secrets.scm Content-Disposition: attachment; filename=secrets.scm; size=2559 KGRlZmluZS1tb2R1bGUgKHJzZW50IHV0aWxzIHNlY3JldHMpCiAgIzp1c2UtbW9kdWxlIChnbnUg c2VydmljZXMpCiAgIzp1c2UtbW9kdWxlIChnbnUgc2VydmljZXMgc2hlcGhlcmQpCiAgIzp1c2Ut bW9kdWxlIChnbnUgc2VydmljZXMgZG9ja2VyKQogICM6dXNlLW1vZHVsZSAoaWNlLTkgcG9wZW4p CiAgIzp1c2UtbW9kdWxlIChpY2UtOSByZGVsaW0pCiAgIzp1c2UtbW9kdWxlIChndWl4IG1lbW9p emF0aW9uKQogICM6ZXhwb3J0IChnZXQtc2VjcmV0KikKICAjOmV4cG9ydCAocmVtb3ZlLXVudXNl ZC1zZWNyZXQtc2VydmljZXMpCiAgIzpleHBvcnQgKHdoZW4tdXNpbmctc2VjcmV0cykKICAjOmV4 cG9ydCAoc2VjcmV0LXNlcnZpY2UpKQoKKGRlZmluZSAoc3Vkby11c2VyKQogICJSZXR1cm5zIGEg QGNvZGV7c3RyaW5nfSByZXByZXNlbnRpbmcgdGhlIHVzZXIgdGhlIHBhc3MgY29tbWFuZHMgc2hv dWxkIHJ1biBhcy4gVGhpcwppcyBuZWNlc3NhcnkgYmVjYXVzZSByZWNvbmZpZ3VyZSByZXF1aXJl cyBzdWRvIHRvIGJlIHVzZWQsIHdoaWNoIHdvdWxkIHJ1biBhIHN1ZG9sZXNzCnBhc3MgY29tbWFu ZCBhcyByb290LiBUaGlzIGNhdXNlcyBwYXNzIHRvIG1pc3MgdGhlIHBhc3N3b3JkIHN0b3JlLiIK ICAob3IgKGdldGVudiAiU1VET19VU0VSIikgKGdldGVudiAiVVNFUiIpKSkKCihkZWZpbmUgKHVz ZS1zZWNyZXRzKQogICJSZXR1cm5zICN0IGlmIHNlY3JldHMgc2hvdWxkIGJlIHVzZWQuIgogIChu b3QgKGdldGVudiAiUlNFTlRfTk9fU0VDUkVUUyIpKSkKCihkZWZpbmUtc3ludGF4IHdoZW4tdXNp bmctc2VjcmV0cwogIChzeW50YXgtcnVsZXMgKCkKICAgICJXaGVuIG1hY3JvIHdpdGggYSBzcGVj aWZpYyB0ZXN0LiBNdXN0IGJlIHdyaXR0ZW4gYXMgYSBtYWNybyBpbnN0ZWFkIG9mCmEgZnVuY3Rp b24gdG8gYXZvaWQgZXZhbHVhdGluZyBiMS4gYjEgd291bGQgYmUgZXZhbGVkIGJlZm9yZSBiZWlu ZwpwYXNzZWQgdG8gdGhlIGZ1bmN0aW9uLCBhbmQgdHJ5aW5nIHRvIGNoZWF0IHdpdGggYSBzZXhw IGFuZCAoZXZhbCkKZmFpbHMgYmVjYXVzZSB0aGUgZnVuY3Rpb24gZG9lc24ndCBoYXZlIHZpc2li aWxpdHkgdG8gdGhlIHJlY29yZApkZWZpbml0aW9uIGZpZWxkcy4iCiAgICAoKF8gIGIxIC4uLikK ICAgICAoaWYgKHVzZS1zZWNyZXRzKSAoYmVnaW4gYjEgLi4uKSkpKSkKCihkZWZpbmUtc3ludGF4 IHNlY3JldC1zZXJ2aWNlCiAgKHN5bnRheC1ydWxlcyAoKQogICAgIkEgc2VjcmV0IHNlcnZpY2Ug aXMgYSBzZXJ2aWNlIHRoYXQgaXMgcmVwbGFjZWQgd2l0aCAjPHVuc3BlY2lmaWVkPgp3aGVuICh1 c2Utc2VjcmV0cykgaXMgZmFsc2UuIgogICAgKChfIGEgYiBjIGMqIC4uLikKICAgICAoc3ludGF4 LWVycm9yICJUb28gbWFueSBhcmd1bWVudHMiKSkKICAgICgoXyBzZXJ2aWNlLXR5cGUgc2Vydmlj ZS1jb25maWd1cmF0aW9uIC4uLikKICAgICAod2hlbi11c2luZy1zZWNyZXRzIChzZXJ2aWNlIHNl cnZpY2UtdHlwZSBzZXJ2aWNlLWNvbmZpZ3VyYXRpb24gLi4uKSkpKSkKCihkZWZpbmUgKGdldC1z ZWNyZXQga2V5KQogICJSZXR1cm5zIHRoZSBhc3NvY2lhdGVkIHNlY3JldCBmb3Iga2V5LiBLZXkg c2hvdWxkIGJlIGluIHRoZSBmb3JtIG9mIGEgcGFzc3dvcmQtc3RvcmUgcGF0aC4iCiAgOzsgVE9E TzogVGhyb3cgZXJyb3IgaWYgcGFzcyBmYWlscy4KICAoZm9ybWF0ICN0ICJ+IUZldGNoaW5nIHNl Y3JldCBmb3IgfmEuLi4gIiBrZXkpCiAgKGxldCogKChwb3J0IChvcGVuLWlucHV0LXBpcGUgKHN0 cmluZy1hcHBlbmQgInN1ZG8gLXUgIiAoc3Vkby11c2VyKSAiIHBhc3MgbHMgIiBrZXkpKSkKICAg ICAgICAgKHN0ciAgKHJlYWQtbGluZSBwb3J0KSkpIDsgZnJvbSAoaWNlLTkgcmRlbGltKQogICAg KGNsb3NlLXBpcGUgcG9ydCkKICAgIChmb3JtYXQgI3QgIn4hZG9uZVxuIikKICAgIHN0cikpCgo7 OyBNZW1vaXplIGJlY2F1c2UgZ3VpeCBzZWVtcyB0byBjYWxsIHRoaXMgZnVuY3Rpb24gdHdpY2Ug cGVyIHNlY3JldCwKOzsgd2l0aCBhIG5vbnRyaXZpYWwgdGltZSBkZWxheSBiZXR3ZWVuIHRoZW0u IFRoaXMgdGVjaG5pY2FsbHkgbWFrZXMKOzsgaXQgbGVzcyBzZWN1cmUgc2luY2UgaXQgbGVhdmVz IHRoZSBzZWNyZXQgaW4gbWVtb3J5IGFmdGVyIGl0J3MKOzsgdXNlZCwgYnV0IHRoZSBzZWNyZXRz IGFyZSBiZWluZyB3cml0dGVuIHRvIHRoZSBzdG9yZSBhbnl3YXkgYW5kCjs7IHRoaXMgcGFydGlj dWxhciBhdHRhY2sgdmVjdG9yIHdvdWxkIHJlcXVpcmUgYSBoaWdoIGxldmVsIG9mIGFjY2Vzcwo7 OyB0byB0aGUgbWFjaGluZS4KKGRlZmluZSBnZXQtc2VjcmV0KiAobWVtb2l6ZSBnZXQtc2VjcmV0 KSkKCihkZWZpbmUgKHJlbW92ZS11bnVzZWQtc2VjcmV0LXNlcnZpY2VzIHNlcnZpY2VzKQogICJX cmFwIHRoZSBsaXN0IG9mIHNlcnZpY2VzIHdpdGggdGhpcyB3aGVuIHVzaW5nIHNlcnZpY2VzIHRo YXQgbWF5IGluY2x1ZGUgc2VjcmV0cy4iCiAgKGZpbHRlciAobGFtYmRhICh2YWwpCiAgICAgICAg ICAgIChub3QgKHVuc3BlY2lmaWVkPyB2YWwpKSkKICAgICAgICAgIHNlcnZpY2VzKSkK --=_99e29934b24fc91fd798f066a5cf3b0b Content-Transfer-Encoding: base64 Content-Type: text/plain; name=wireguard.scm Content-Disposition: attachment; filename=wireguard.scm; size=1467 KGRlZmluZS1tb2R1bGUgKHJzZW50IGNvbnN0YW50cyB3aXJlZ3VhcmQpCiAgIzp1c2UtbW9kdWxl IChnbnUgc2VydmljZXMpCiAgIzp1c2UtbW9kdWxlIChnbnUgc2VydmljZXMgc2hlcGhlcmQpCiAg Izp1c2UtbW9kdWxlIChnbnUgc2VydmljZXMgdnBuKQogICM6dXNlLW1vZHVsZSAoZ3VpeCByZWNv cmRzKQogICM6dXNlLW1vZHVsZSAoZ3VpeCBnZXhwKQogICM6dXNlLW1vZHVsZSAoZ251IHN5c3Rl bSkKICAjOnVzZS1tb2R1bGUgKHJzZW50IHV0aWxzIHNlcnZpY2VzKQogICM6dXNlLW1vZHVsZSAo cnNlbnQgdXRpbHMgc2VjcmV0cykKICAjOmV4cG9ydCAod2lyZWd1YXJkLW5pY2tsZXNsYW4tc2Vj cmV0LXNlcnZpY2UpCiAgIzpleHBvcnQgKHdpcmVndWFyZC1uaWNrbGVzbGFuLW9wZXJhdGluZy1z eXN0ZW0pKQoKKGRlZmluZSB3aXJlZ3VhcmQtbmlja2xlc2xhbi1zZWNyZXQtc2VydmljZQogIChz ZWNyZXQtc2VydmljZQogICAoYXV0by1zdGFydC1kaXNhYmxlZCB3aXJlZ3VhcmQtc2VydmljZS10 eXBlKQogICAod2lyZWd1YXJkLWNvbmZpZ3VyYXRpb24KICAgIChpbnRlcmZhY2UgIndnLW5pY2ts ZXNicmVhZCIpCiAgICAocHJpdmF0ZS1rZXkKICAgICAocGxhaW4tZmlsZSAicHJpdmF0ZS5rZXki CiAgICAgICAgICAgICAgICAgKGdldC1zZWNyZXQqCiAgICAgICAgICAgICAgICAgICJTeXN0ZW0v V2lyZUd1YXJkL05pY2tsZXNCcmVhZC9wcml2YXRlLmtleSIpKSkKICAgIChhZGRyZXNzZXMgJygi MTAuMTY5LjIyMi40LzI0IikpCiAgICAoZG5zICcoIjEwLjEuMS4xIikpCiAgICAocGVlcnMKICAg ICAobGlzdAogICAgICAod2lyZWd1YXJkLXBlZXIKICAgICAgIChuYW1lICJuaWNrbGVzbGFuIikK ICAgICAgIChlbmRwb2ludCAibmljbGVhcnkuY29tOjUxODIwIikKICAgICAgIChwdWJsaWMta2V5 ICJFSG9QWEdKdlFWVnBRNlBaL1hRdEh4MHA1RldFVkNTM3kyb0kyTytZOXpvPSIpCiAgICAgICAo cHJlc2hhcmVkLWtleQogICAgICAgIChwbGFpbi1maWxlICJwcmVzaGFyZWQua2V5IgogICAgICAg ICAgICAgICAgICAgIChnZXQtc2VjcmV0KgogICAgICAgICAgICAgICAgICAgICAiU3lzdGVtL1dp cmVHdWFyZC9OaWNrbGVzQnJlYWQvcHJlc2hhcmVkLmtleSIpKSkKICAgICAgIChhbGxvd2VkLWlw cyAnKCIxMC4xLjEuMC8yNCIpKSkpKSkpKQoKKGRlZmluZSAod2lyZWd1YXJkLW5pY2tsZXNsYW4t b3BlcmF0aW5nLXN5c3RlbSBiYXNlLW9wZXJhdGluZy1zeXN0ZW0pCiAgKG9wZXJhdGluZy1zeXN0 ZW0KICAgIChpbmhlcml0IGJhc2Utb3BlcmF0aW5nLXN5c3RlbSkKICAgIChzZXJ2aWNlcwogICAg IChhcHBlbmQgKHJlbW92ZS11bnVzZWQtc2VjcmV0LXNlcnZpY2VzIChsaXN0IHdpcmVndWFyZC1u aWNrbGVzbGFuLXNlY3JldC1zZXJ2aWNlKSkKICAgICAgICAgICAgIChvcGVyYXRpbmctc3lzdGVt LXVzZXItc2VydmljZXMgYmFzZS1vcGVyYXRpbmctc3lzdGVtKSkpKSkK --=_99e29934b24fc91fd798f066a5cf3b0b--