Age | Commit message (Expand) | Author |
2020-07-20 | ssh: Speed up RPCs by using #:nodelay....Partly fixes <https://bugs.gnu.org/41702>.
* guix/ssh.scm (open-ssh-session): Enable #:nodelay.
* m4/guix.m4 (GUIX_CHECK_GUILE_SSH): Add feature check for this new parameter.
* doc/guix.texi (Requirements): Adjust.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
| Lars-Dominik Braun |
2020-03-23 | ssh: 'send-files' reports missing modules on the remote host....Reported by Mikael Djurfeldt <mikael@djurfeldt.com>
in <https://bugs.gnu.org/40125>.
* guix/ssh.scm (send-files)[inferior-remote-eval*]: New procedure.
[missing]: Use it. Add an explicit 'resolve-module' call.
(report-inferior-exception): New procedure.
| Ludovic Courtès |
2020-02-20 | ssh: Add Kerberos-support to ssh:// daemon URLs...* guix/ssh.scm (open-ssh-session): Fall back to GSSAPI if public key
authentication does not work
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Lars-Dominik Braun |
2019-12-04 | ssh: 'open-ssh-session' can be passed the expected host key....* guix/ssh.scm (open-ssh-session): Add #:host-key parameter.
Pass #:knownhosts to 'make-session'. When HOST-KEY is true, call
'authenticate-server*' instead of 'authenticate-server'.
| Ludovic Courtès |
2019-12-04 | ssh: Always authenticate the server [security fix]....Until now, users of 'open-ssh-session', including "guix deploy" and
"GUIX_DAEMON_SOCKET=ssh://…" (but not "guix offload"), would not
authenticate the SSH server they're talking to.
* guix/ssh.scm (open-ssh-session): Call 'authenticate-server'.
| Ludovic Courtès |
2019-12-04 | ssh: Add 'authenticate-server*' and use it for offloading....* guix/scripts/offload.scm (host-key->type+key): Remove.
(open-ssh-session): Replace server authentication code with a call to
'authenticate-server*'.
* guix/ssh.scm (host-key->type+key, authenticate-server*): New
procedures.
| Ludovic Courtès |
2019-10-15 | ssh: Add a longer SSH timeout by default....* guix/ssh.scm (open-ssh-session): Add #:timeout parameter, and add call
to 'session-set!' to honor it.
| Ludovic Courtès |
2019-08-28 | remote, ssh: Show the command exit status upon failure....* guix/remote.scm (remote-pipe-for-gexp): Show the exit status in error
message.
* guix/ssh.scm (remote-inferior): Likewise.
| Ludovic Courtès |
2019-08-16 | machine: Use 'become-command'....* gnu/machine/ssh.scm (managed-host-remote-eval): Pass an appropriate
'become-command' to 'remote-eval'.
* guix/ssh.scm (remote-authorize-signing-key): Add optional
'become-command' argument.
All callers changed.
| Jakob L. Kreuze |
2019-08-15 | machine: Automatically authorize the coordinator's signing key....* guix/ssh.scm (remote-authorize-signing-key): New variable.
* gnu/machine/ssh.scm (deploy-managed-host): Authorize coordinator's
signing key before any invocations of 'remote-eval'.
(deploy-managed-host): Display an error if a signing key does not exist.
* doc/guix.texi (Invoking guix deploy): Remove section describing manual
signing key authorization.
(Invoking guix deploy): Add section describing the 'authorize?' field.
| Jakob L. Kreuze |
2019-08-15 | machine: Allow non-root users to deploy....* doc/guix.texi (Invoking guix deploy): Add section describing
prerequisites for deploying as a non-root user.
* guix/remote.scm (remote-pipe-for-gexp): New optional 'become-command'
argument.
(%remote-eval): New optional 'become-command' argument.
(remote-eval): New 'become-command' keyword argument.
* guix/ssh.scm (remote-inferior): New optional 'become-command'
argument.
(inferior-remote-eval): New optional 'become-command' argument.
(remote-authorize-signing-key): New optional 'become-command' argument.
* gnu/machine/ssh.scm (machine-become-command): New variable.
(managed-host-remote-eval): Invoke 'remote-eval' with the
'#:become-command' keyword.
(deploy-managed-host): Invoke 'remote-authorize-signing-key' with the
'#:become-command' keyword.
| Jakob L. Kreuze |
2019-08-14 | remote: Build derivations appropriate for the remote's...* gnu/machine/ssh.scm (machine-ssh-configuration): Add 'system' field.
(managed-host-remote-eval): Pass 'system' field to 'remote-eval'.
(machine-check-building-for-appropriate-system): New variable.
(check-deployment-sanity): Add call to
'machine-check-building-for-appropriate-system'.
* doc/guix.texi (Invoking guix deploy): Describe new 'system' field.
* guix/ssh.scm (remote-system): New variable.
* guix/remote.scm (remote-eval): Use result of 'remote-system' when
lowering the G-Expression.
(remote-eval): Add 'system' keyword argument.
(trampoline): Return a <program-file> rather than a <scheme-file>.
| Jakob L. Kreuze |
2019-07-06 | ssh: Add 'identity' keyword to 'open-ssh-session'....* guix/ssh.scm (open-ssh-session): Add 'identity' keyword argument.
| Jakob L. Kreuze |
2019-06-10 | ssh: Add missing import....* guix/ssh.scm: Use (ice-9 format).
| Ludovic Courtès |
2019-01-21 | store: Rename '&nix-error' to '&store-error'....* guix/store.scm (&nix-error): Rename to...
(&store-error): ... this, and adjust users.
(&nix-connection-error): Rename to...
(&store-connection-error): ... this, and adjust users.
(&nix-protocol-error): Rename to...
(&store-protocol-error): ... this, adjust users.
(&nix-error, &nix-connection-error, &nix-protocol-error): Define these
condition types and their getters as deprecrated aliases.
* build-aux/run-system-tests.scm, guix/derivations.scm,
guix/grafts.scm, guix/scripts/challenge.scm,
guix/scripts/graph.scm, guix/scripts/lint.scm,
guix/scripts/offload.scm, guix/serialization.scm,
guix/ssh.scm, guix/tests.scm, guix/ui.scm,
tests/derivations.scm, tests/gexp.scm, tests/guix-daemon.sh,
tests/packages.scm, tests/store.scm, doc/guix.texi: Adjust to use the
new names.
| Ludovic Courtès |
2019-01-21 | store: Rename <nix-server> to <store-connection>....* guix/store.scm (<nix-server>): Rename to...
(<store-connection>): ... this. Adjust users accordingly.
(nix-server?, nix-server-major-version)
(nix-server-minor-version, nix-server-socket)
(nix-server-version): Define as deprecated aliases.
* guix/inferior.scm: Adjust accordingly.
* guix/ssh.scm: Likewise.
| Ludovic Courtès |
2019-01-09 | Remove most uses of the _IO*F constants....These constants, for use with 'setvbuf', were deprecated in Guile 2.2
and disappeared in Guile 3.0. Here we keep these constants in
build-side code where removing them is not feasible.
* guix/build/download-nar.scm (download-nar): Adjust 'setvbuf' calls to
the Guile 2.2+ API.
* guix/build/download.scm (open-socket-for-uri): Likewise.
(open-connection-for-uri, url-fetch): Likewise.
* guix/build/make-bootstrap.scm (make-stripped-libc): Likewise.
* guix/build/union.scm (setvbuf) [guile-2.0]: New conditional wrapper.
(union-build): Adjust to new API.
* guix/ftp-client.scm (ftp-open, ftp-list, ftp-retr): Likewise.
* guix/http-client.scm (http-fetch): Likewise.
* guix/inferior.scm (proxy): Likewise.
* guix/scripts/substitute.scm (fetch, http-multiple-get): Likewise.
* guix/self.scm (compiled-modules): Likewise.
* guix/ssh.scm (remote-daemon-channel, store-import-channel)
(store-export-channel): Likewise.
* guix/ui.scm (initialize-guix): Likewise.
* tests/publish.scm (http-get-port): Likewise.
* guix/store.scm (%newlines): Adjust comment.
| Ludovic Courtès |
2018-12-24 | offload: Use (guix inferior) instead of (ssh dist node)....Using inferiors and thus 'guix repl' simplifies setup on build
machines (no need to worry about GUILE_LOAD_PATH etc.)
Furthermore, the 'guix repl -t machine' protocol running in a remote
pipe addresses several issues with the current implementation of nodes
and RREPLs in Guile-SSH: fewer round trips, doesn't leave a 'guile
--listen' process behind it, stateless (since a new process is started
each time), more efficient (the SSH channel can be reused), more
reliable (no 'pgrep', 'pkill', and shellology; see
<https://github.com/artyom-poptsov/guile-ssh/issues/11> as an example.)
* guix/ssh.scm (inferior-remote-eval): New procedure.
(send-files): Use it instead of 'make-node' and 'node-eval'.
* guix/scripts/offload.scm (node-guile-version): New procedure.
(node-free-disk-space, transfer-and-offload, node-load)
(choose-build-machine, assert-node-has-guix): Use 'remote-inferior'
instead of 'make-node' and 'inferior-eval' instead of 'node-eval'.
(assert-node-can-import, assert-node-can-export): Likewise, and add
'session' parameter.
(check-machine-availability): Likewise, and add calls to
'close-inferior' and 'disconnect!'.
(check-machine-status): Likewise.
* doc/guix.texi (Daemon Offload Setup): Remove bit related to 'guile' in
$PATH and $GUILE_LOAD_PATH; mention 'guix' alone.
| Ludovic Courtès |
2018-12-24 | ssh: Add 'remote-inferior'....* guix/inferior.scm (<inferior>)[close]: New field.
(port->inferior): New procedure.
(open-inferior): Rewrite in terms of 'port->inferior'.
(close-inferior): Honor INFERIOR's 'close' field.
(inferior-eval-with-store): Add FIXME comment.
* guix/ssh.scm (remote-inferior): New procedure.
| Ludovic Courtès |
2018-11-24 | ssh: Make 'send-files' more robust....Possibly fixes <https://bugs.gnu.org/33239>.
* guix/ssh.scm (send-files): Call 'channel-get-exit-status' only when
RESULT is true.
| Ludovic Courtès |
2018-11-05 | ssh: Honor the SOCKET-NAME argument of connect-to-remote-daemon....* guix/ssh.scm (connect-to-remote-daemon): Pass the `socket-name' variable to
the `open-connection' call so that it is honored.
| Maxim Cournoyer |
2018-07-29 | ssh: Display the size of the store items being sent....* guix/ssh.scm (send-files): Compute the size of MISSING and display
it.
| Ludovic Courtès |
2018-02-09 | ssh: Work around 'select' bug in Guile....Fixes <https://bugs.gnu.org/30365>.
* guix/ssh.scm (remote-daemon-channel)[redirect]: Define 'select*' and
use it.
| Ludovic Courtès |
2018-01-12 | ssh: Switch back to 'get-bytevector-some'....This mostly reverts 17af5d51de7c40756a4a39d336f81681de2ba447.
Suggested by Andy Wingo <wingo@igalia.com>.
* guix/ssh.scm (remote-daemon-channel)[redirect]: Remove 'read!' FFI
hack. Use buffered ports.
| Ludovic Courtès |
2018-01-12 | offload: 'test' reports Guile and module errors more nicely....Fixes <https://bugs.gnu.org/26008>.
Reported by Myles English <mylesenglish@gmail.com>.
* guix/ssh.scm (retrieve-files*): Move error reporting to...
(report-guile-error, report-module-error): ... here. New procedures.
* guix/scripts/offload.scm (assert-node-repl): Use 'report-guile-error'.
(assert-node-has-guix): Explicitly check for 'use-modules' first. Use
'report-module-error'.
| Ludovic Courtès |
2018-01-12 | ssh: 'retrieve-files' now only retrieves what's missing....* guix/ssh.scm (retrieve-files): Remove the subset of FILES that is
valid in LOCAL.
(store-export-channel): Add comment.
| Ludovic Courtès |
2018-01-12 | offload: Fix regression in file retrieval....This fixes a regression in 'retrieve-files*' introduced in
896fec476f728183b331cbb6e2afb891207b4205, whereby (guix scripts offload)
would not read the initial sexp now sent by the remote host via
'store-export-channel'. This would effectively prevent file retrieval
entirely when offloading.
* guix/ssh.scm (retrieve-files*): New procedure, like former
'retrieve-files' but with an extra #:import parameter.
(retrieve-files): Rewrite in terms of 'retrieve-files*'.
(file-retrieval-port): Make private.
* guix/scripts/offload.scm (transfer-and-offload): Pass #:import to
'retrieve-files*'.
(retrieve-files*): Remove.
| Ludovic Courtès |
2018-01-11 | ssh: Pass an empty "exceptfds" set to 'select'....Previously the redirect code could end up exiting prematurely because of
an uninteresting "exceptional condition" on the socket (info "(libc)
Waiting for I/O").
* guix/ssh.scm (remote-daemon-channel): Pass the empty list as the third
argument to 'select'. It was a mistake to pass a non-empty list there
in the first place.
| Ludovic Courtès |
2018-01-11 | ssh: Work around 'get-bytevector-some' bug....This works around <https://bugs.gnu.org/30066> and noticeably improves
performance when using GUIX_DAEMON_SOCKET=ssh://HOST (the redirect code
was transferring data to guix-daemon one byte at a time!).
* guix/ssh.scm (remote-daemon-channel)[redirect]: Define 'read!' and use
it instead of 'get-bytevector-some'.
| Ludovic Courtès |
2018-01-07 | ssh: Improve error reporting when retrieving files....'guix copy --from' now reports messages much more useful than "failed to
retrieve files".
* guix/ssh.scm (store-export-channel)[export]: Wrap 'use-modules' in
'catch' and 'with-store' in 'guard'. Check for invalid items. Write a
status sexp on stdout.
(raise-error): New macro.
(retrieve-files): Read the initial status sexp and report errors
accordingly.
| Ludovic Courtès |
2017-11-19 | ssh: Use (guix i18n)....* guix/ssh.scm: Use (guix i18n) instead of (guix ui).
| Ludovic Courtès |
2017-06-04 | ssh: Improve error reporting when 'send-files' fails....Fixes <http://bugs.gnu.org/26972>.
* guix/ssh.scm (store-import-channel)[import]: Add 'consume-input'
procedure. Wrap body in 'catch' and 'guard'. Use 'open-remote-pipe'
with OPEN_BOTH instead of 'open-remote-output-pipe'.
(send-files): After the 'channel-send-eof' call, do (read port).
Interpret the result sexp and raise an error condition if needed.
| Ludovic Courtès |
2017-05-03 | ui: Rename '_' to 'G_'....This avoids collisions with '_' when the latter is used as a 'match'
pattern for instance. See
<https://lists.gnu.org/archive/html/guix-devel/2017-04/msg00464.html>.
* guix/ui.scm: Rename '_' to 'G_'.
* po/guix/Makevars (XGETTEXT_OPTIONS): Adjust accordingly.
* build-aux/compile-all.scm (warnings): Remove 'format'.
* gnu/packages.scm,
gnu/services.scm,
gnu/services/shepherd.scm,
gnu/system.scm,
gnu/system/shadow.scm,
guix/gnupg.scm,
guix/http-client.scm,
guix/import/cpan.scm,
guix/import/elpa.scm,
guix/import/pypi.scm,
guix/nar.scm,
guix/scripts.scm,
guix/scripts/archive.scm,
guix/scripts/authenticate.scm,
guix/scripts/build.scm,
guix/scripts/challenge.scm,
guix/scripts/container.scm,
guix/scripts/container/exec.scm,
guix/scripts/copy.scm,
guix/scripts/download.scm,
guix/scripts/edit.scm,
guix/scripts/environment.scm,
guix/scripts/gc.scm,
guix/scripts/graph.scm,
guix/scripts/hash.scm,
guix/scripts/import.scm,
guix/scripts/import/cpan.scm,
guix/scripts/import/cran.scm,
guix/scripts/import/crate.scm,
guix/scripts/import/elpa.scm,
guix/scripts/import/gem.scm,
guix/scripts/import/gnu.scm,
guix/scripts/import/hackage.scm,
guix/scripts/import/nix.scm,
guix/scripts/import/pypi.scm,
guix/scripts/import/stackage.scm,
guix/scripts/lint.scm,
guix/scripts/offload.scm,
guix/scripts/pack.scm,
guix/scripts/package.scm,
guix/scripts/perform-download.scm,
guix/scripts/publish.scm,
guix/scripts/pull.scm,
guix/scripts/refresh.scm,
guix/scripts/size.scm,
guix/scripts/substitute.scm,
guix/scripts/system.scm,
guix/ssh.scm,
guix/upstream.scm: Use 'G_' instead of '_'. Most of this change was
obtained by running: "sed -i -e's/(_ "/(G_ "/g' `find -name \*.scm`".
| Ludovic Courtès |
2017-04-21 | ssh: Decompose 'connect-to-remote-daemon'....* guix/ssh.scm (remote-daemon-channel): New procedure.
(connect-to-remote-daemon): Implement in terms of it.
| Ludovic Courtès |
2017-04-21 | ssh: Move 'open-ssh-session' to (guix ssh)....* guix/scripts/copy.scm (%compression, open-ssh-session): Move to...
* guix/ssh.scm: ... here. Use '&message' conditions instead of calling
'leave'.
| Ludovic Courtès |
2016-12-31 | ssh: 'retrieve-files' detects remote export failures....* guix/ssh.scm (retrieve-files): Call 'lookahead-u8' and raise a
'&message' condition when it returns EOF.
| Ludovic Courtès |
2016-12-31 | ssh: 'send-files' returns the list of items sent....* guix/ssh.scm (send-files): Return MISSING.
| Ludovic Courtès |
2016-12-31 | ssh: Allow transfers of complete closures....* guix/ssh.scm (store-export-channel, send-files)
(file-retrieval-port, retrieve-files): Add #:recursive? parameter and
honor it.
| Ludovic Courtès |
2016-12-31 | Add (guix ssh) module....* guix/scripts/offload.scm (connect-to-remote-daemon)
(store-import-channel, store-export-channel, send-files)
(retrieve-files): Move to (guix ssh).
(nonce): Add optional 'name' parameter and use it.
(retrieve-files*): New procedure.
(transfer-and-offload): Use it instead of 'retrieve-files', and add
first parameter to 'send-files'.
(assert-node-can-import): Likewise.
(assert-node-can-export): Use 'retrieve-files' instead of
'store-export-channel'.
* guix/ssh.scm: New file.
* configure.ac: Use 'GUIX_CHECK_GUILE_SSH' and define 'HAVE_GUILE_SSH'
Automake conditional.
* Makefile.am (MODULES) [HAVE_GUILE_SSH]: Add guix/ssh.scm.
| Ludovic Courtès |