[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SSH error guix pull
|
From: |
Mauritz Stenek |
|
Subject: |
Re: SSH error guix pull |
|
Date: |
Tue, 05 Dec 2023 11:44:57 -0600 |
Thanks Wojtek for your kind help (my comments below).
Status update: I got it running!
Perhaps I should clarify that I'm running a very light setup --
Desktop services with dwm (I tried to go even leaner, but I
couldn't get the xorg server to work w/o a login manager); I'm
unsure if this is affecting the ssh setup.
This is what I did (the superflouos commented lines show my tweaks
to the doc's suggestion[1]):
(1) I created an ssh agent -- as per the shepherd docs[1] with
some tweaks. I added the `&` to the recommended bash setup to send
the job to the background:
```
if [[ ! -S ${XDG_RUNTIME_DIR-$HOME/.cache}/shepherd/socket ]];
then
shepherd &
fi
```
(2) I commented out `(shepherd service)` import and the
`(perform-service-action 'shepherd 'daemonize)` expression in the
`init.scm` file:
```
(use-modules ;; (shepherd service)
((ice-9 ftw) #:select (scandir)))
;; Send shepherd into the background
;; (perform-service-action 'shepherd 'daemonize)
;; Load all the files in the directory 'init.d' with a suffix
'.scm'.
(for-each
(lambda (file)
(load (string-append "init.d/" file)))
(scandir (string-append (dirname (current-filename)) "/init.d")
(lambda (file)
(string-suffix? ".scm" file))))
```
(3): I removed the conditional export of the auth sock varible in
the `.bash_profile` file:
```
#if [[ ! -n ${SSH_CONNECTION} ]]; then
SSH_AUTH_SOCK=${XDG_RUNTIME_DIR-$HOME/.cache}/ssh-agent/socket
export SSH_AUTH_SOCK
#fi
```
and that's it: the setup that works.
However, The error `guix pull` ssh error only goes away after I
ssh to a remote computer: `$ ssh root@repo.local`; this command
somehow triggers something that makes `git pull` work. Odd.
[1]:
https://www.gnu.org/software/shepherd/manual/html_node/Managing-User-Services.html
On 2023-12-01 at 14:07, Wojtek Kosior <koszko@koszko.org> wrote:
[[PGP Signed Part:Undecided]]
Starting service root...
Service root started.
Service root running with value #t.
Service root has been started.
Uncaught exception while loading configuration file
'/home/mst/.config/shepherd/init.scm': (goops-error #f "No
applicable method for ~S in call ~S" (#<<generic>
service-actions
(1)> (service-actions shepherd)) ())
```
which I don't know how to fix.
I see… I've never been using shepherd alone, in separation from
Guix
but I see that my Guix-generated user shepherd config has this
--8<---------------cut
here---------------start------------->8---
(action 'root 'daemonize)
--8<---------------cut
here---------------end--------------->8---
while the example you linked to uses
--8<---------------cut
here---------------end--------------->8---
(perform-service-action 'shepherd 'daemonize)
--8<---------------cut
here---------------start------------->8---
Anyway, if there's no strong reason for not using Guix home, I'd
suggest
using it. I mean the `guix home` command and its subcommands.
It
handles — among others — shepherd configuration. The link I
gave
earlier was about using SSH through Guix home.
Yes, I still need to explore Guix Home -- baby steps.
> Btw, there's perhaps another solution — pull from local git
> checkout.
> You can pass a filesystem path instead of a url when running
> `guix
> pull`. This might later cause some issues if you try to `sudo
> guix
> system reconfigure` but that's another topic…
I was able to install a package like this but it's not ideal.
You can also set serve a cloneable git repo over HTTP on
localhost…
Here's a sample script for this that I happen to have written
for my own
purposes just today ;)
--8<---------------cut
here---------------start------------->8---
#!/usr/bin/env -S guix repl --
!#
;; SPDX-License-Identifier: CC0-1.0
;; Copyright (C) 2023 Wojtek Kosior <koszko@koszko.org>
;;
;; Available under the terms of Creative Commons Zero v1.0
Universal.
(use-modules ((guix gexp) #:select
(gexp file-append mixed-text-file program-file
lower-object))
((gnu packages version-control) #:select (git))
((gnu packages web) #:select (lighttpd))
((guix store) #:select (run-with-store with-store
%store-monad))
((guix monads) #:select (mlet mbegin return))
((guix derivations) #:select
(built-derivations derivation-output-path
derivation-outputs)))
(define here
(dirname (current-filename)))
(define git-http-backend
(file-append git "/libexec/git-core/git-http-backend"))
(define lighttpd-config
(mixed-text-file "lighttpd.conf"
"\
server.document-root = \"/dev/null\"
server.modules = ( \"mod_alias\", \"mod_cgi\", \"mod_setenv\")
server.port = 8098
alias.url = ( \"/guix\" => \"" git-http-backend "\" )
cgi.assign = (\"\" => \"\")
setenv.add-environment = (
\"GIT_PROJECT_ROOT\" => \"" here "\" + \"/.git\",
\"GIT_HTTP_EXPORT_ALL\" => \"\"
)
"))
(define run-lighttpd-guix-repo-server
(program-file "run-lighttpd-guix-repo-server"
#~(system* #$(file-append lighttpd
"/sbin/lighttpd") "-D"
"-f" #$lighttpd-config)))
(system*
(with-store store
(run-with-store store
(mlet %store-monad ((script-drv (lower-object
run-lighttpd-guix-repo-server)))
(mbegin %current-monad
(built-derivations (list script-drv))
(return (derivation-output-path
(assoc-ref (derivation-outputs script-drv)
"out"))))))))
--8<---------------cut
here---------------end--------------->8---
One can write it as, say, "serve-git-repo.scm" in a git project
checkout (possibly also listing it in `.git/info/exclude` to
have git
ignore it). Then `chmod +x` it and run — if all goes OK, it
should
serve the repo at: http://localhost:8098/guix
It's then possible to do e.g.
--8<---------------cut
here---------------start------------->8---
guix pull --url=http://localhost:8098/guix
--8<---------------cut
here---------------end--------------->8---
The benefit is that the aforementioned `guix system reconfigure`
seems
to work afterwards (although the local git repo server needs to
be
running during this time).
Voila! We no longer need to rely on remote git servers
availability :)
It'd make sense to also spawn this HTTP server through
shepherd.
And to generalize it to be able to serve multiple repos at once
— for
example a custom Guix tree, a channel other than "guix" and some
software projects
Cool! I will definitely give this a try!
Best
Wojtek
-- (sig_start)
website: https://koszko.org/koszko.html
fingerprint: E972 7060 E3C5 637C 8A4F 4B42 4BC5 221C 5A79 FD1A
follow me on Fediverse:
https://friendica.me/profile/koszko/profile
♥ R29kIGlzIHRoZXJlIGFuZCBsb3ZlcyBtZQ== | ÷
c2luIHNlcGFyYXRlZCBtZSBmcm9tIEhpbQ==
✝ YnV0IEplc3VzIGRpZWQgdG8gc2F2ZSBtZQ== | ?
U2hhbGwgSSBiZWNvbWUgSGlzIGZyaWVuZD8=
-- (sig_end)
On Fri, 01 Dec 2023 12:37:58 -0600 Mauritz Stenek
<mstenek@disroot.org> wrote:
On 2023-12-01 at 07:12, Wojtek Kosior <koszko@koszko.org>
wrote:
> [[PGP Signed Part:Undecided]]
> Hi
>
>> However, on a full Guix system I keep getting this error:
>>
>> ```
>> guix pull: error: Git error: error authenticating: no auth
>> sock
>> variable
>> ```
>>
>> and, for the life of me, I just can't get it to work.
>
> Maybe you're not running ssh user agent daemon under your
> user?
> You
> need it for this to work.
>
> You can probably spawn it in a number of ways. One of them
> would be
> through Guix home. See this[1] Guix manual node for info
> about
> ssh-agent's home service :)
>
> Also, you're not running `guix pull` with sudo, are you? It
> wouldn't
> work this way because sudo erases environment variables,
> including
> "SSH_AUTH_SOCK".
>
> Btw, on my fully Guixified laptop I am using Guix home
> without
> ssh-agent configured and yet I do have ssh-agent running
> under
> my user.
> I'm not sure what started it…
Seems like that is the situation. I actually tried to run the
ssh-agent user service example in the shepherd manual
(https://www.gnu.org/software/shepherd/manual/html_node/Managing-User-Services.html)
-- verbatim -- and I get this error:
```
Starting service root...
Service root started.
Service root running with value #t.
Service root has been started.
Uncaught exception while loading configuration file
'/home/mst/.config/shepherd/init.scm': (goops-error #f "No
applicable method for ~S in call ~S" (#<<generic>
service-actions
(1)> (service-actions shepherd)) ())
```
which I don't know how to fix.
Other than that example, I'm at a loss with ssh.
>
>> (disclaimer: I'm a total scheme/guile neophyte -- and am
>> learning
>> as I go)
>
> As all of us, haha :D
:D
>
> Btw, there's perhaps another solution — pull from local git
> checkout.
> You can pass a filesystem path instead of a url when running
> `guix
> pull`. This might later cause some issues if you try to `sudo
> guix
> system reconfigure` but that's another topic…
I was able to install a package like this but it's not ideal.
> Good luck and happy hacking!
Thanks! I can tell you, it is a journey.
> Wojtek
>
> [1]
> https://guix.gnu.org/manual/devel/en/html_node/Secure-Shell.html
>
>
> -- (sig_start)
> website: https://koszko.org/koszko.html
> fingerprint: E972 7060 E3C5 637C 8A4F 4B42 4BC5 221C 5A79
> FD1A
> follow me on Fediverse:
> https://friendica.me/profile/koszko/profile
>
> ♥ R29kIGlzIHRoZXJlIGFuZCBsb3ZlcyBtZQ== | ÷
> c2luIHNlcGFyYXRlZCBtZSBmcm9tIEhpbQ==
> ✝ YnV0IEplc3VzIGRpZWQgdG8gc2F2ZSBtZQ== | ?
> U2hhbGwgSSBiZWNvbWUgSGlzIGZyaWVuZD8=
> -- (sig_end)
>
>
> On Thu, 30 Nov 2023 19:47:43 -0600 Mauritz Stenek
> <mstenek@disroot.org> wrote:
>
>> I'm trying out Guix and created a personal (private) channel
>> with
>> some custom packages. I access my git repo with ssh.
>>
>> Using Guix on a foreign distro, pulling from my git repo
>> works
>> fine after applying this strategy:
>> https://issues.guix.gnu.org/31285.
>>
>> However, on a full Guix system I keep getting this error:
>>
>> ```
>> guix pull: error: Git error: error authenticating: no auth
>> sock
>> variable
>> ```
>>
>> and, for the life of me, I just can't get it to work.
>>
>> (disclaimer: I'm a total scheme/guile neophyte -- and am
>> learning
>> as I go)
>>
>> Please help.
>>
>
> [[End of PGP Signed Part]]
[[End of PGP Signed Part]]
--
Mauritz Stenek <mstenek@disroot.org>