 |
Title: Guix: fetch packages from other Guix in the LAN |
|
Author: Solène |
|
Date: 07 June 2021 |
|
Tags: guix |
|
Description: |
|
|
|
# Introduction |
|
|
|
In this how-to I will explain how to configure two Guix system to share |
|
packages from one to another. The idea is that most of the time |
|
packages are downloaded from ci.guix.gnu.org but sometimes you can |
|
compile local packages too, in both case you will certainly prefer |
|
computers from your network to get the same packages from a computer |
|
that already had them to save some bandwidth. This is quite easy to |
|
achieve in Guix. |
|
|
|
We need at least two Guix systems, I'll name the one with the package |
|
"server" and the system that will install packages the "client". |
|
|
|
# Prepare the server |
|
|
|
On the server, edit your /etc/config.scm file and add this service: |
|
|
|
```Code: scheme language |
|
(service guix-publish-service-type |
|
(guix-publish-configuration |
|
(host "0.0.0.0") |
|
(port 8080) |
|
(advertise? #t)))) |
|
``` |
|
|
 |
Guix Manual: guix-publish service |
|
|
|
Run "guix archive --generate-key" as root to create a public key and |
|
then reconfigure the system. Your system is now publishing packages on |
|
port 8080 and advertising it with mDNS (involving avahi). |
|
|
|
Your port 8080 should be reachable now with a link to a public key. |
|
|
|
# Prepare the client |
|
|
|
On the client, edit your /etc/config.scm file and modify the |
|
"%desktop-services" or "%base-services" if any. |
|
|
|
```Code: scheme language |
|
(guix-service-type |
|
config => |
|
(guix-configuration |
|
(inherit config) |
|
(discover? #t) |
|
(authorized-keys |
|
(append (list (local-file "/etc/key.pub")) |
|
%default-authorized-guix-keys))))))) |
|
``` |
|
|
|
Guix Manual: Getting substitutes from other servers |
|
|
|
Download the public key from the server (visiting its ip on port 8080 |
|
you will get a link) and store it in "/etc/key.pub", reconfigure your |
|
system. |
|
|
|
Now, when you install a package, you should see from where the |
|
substitution (name for packages) are downloaded from. |
|
|
|
# Declaring a repository (not dynamic) |
|
|
|
In the previous example, we are using advertising on the server and |
|
discovery on the client, this may not be desired and won't work from a |
|
different network. |
|
|
|
You can manually register a remote substitute server instead of using |
|
discovery by using "substitute-urls" like this: |
|
|
|
``` |
|
(guix-service-type |
|
config => |
|
(guix-configuration |
|
(inherit config) |
|
(discover? #t) |
|
(substitute-urls |
|
(append (list "http://192.168.1.66:8080") |
|
%default-substitute-urls)) |
|
(authorized-keys |
|
(append (list (local-file "/etc/key.pub")) |
|
%default-authorized-guix-keys))))))) |
|
``` |
|
|
|
# Conclusion |
|
|
|
I'm doing my best to avoid wasting bandwidth and resources in general, |
|
I really like this feature because this doesn't require much |
|
configuration or infrastructure and work in a sort of peer-to-peer. |
|
|
|
Other projects like Debian prefer using a proxy that keep in cache the |
|
packages downloaded and act as a repository provider itself to proxyfi |
|
the service. |
|
|
|
In case of doubts of the validity of the substitutions provided by an |
|
url, the challenge feature can be used to check if reproducible builds |
|
done locally match the packages provided by a source. |
|
|
|
Guix Manual: guix challenge documentation |
|
Guix Manual: guix weather, a command to get information from a repository |
