GNU bug report logs - #41694
[PATCH] doc: cookbook: Add entry about getting substitutes through Tor.

Previous Next

Package: guix-patches;

Reported by: Brice Waegeneire <brice <at> waegenei.re>

Date: Wed, 3 Jun 2020 19:14:01 UTC

Severity: normal

Tags: patch

Done: Brice Waegeneire <brice <at> waegenei.re>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Ludovic Courtès <ludo <at> gnu.org>
To: Brice Waegeneire <brice <at> waegenei.re>
Cc: guix-devel <at> gnu.org, 41694 <at> debbugs.gnu.org
Subject: [bug#41694] [PATCH] doc: cookbook: Add entry about getting substitutes through Tor.
Date: Thu, 04 Jun 2020 14:29:36 +0200

Hi,

Brice Waegeneire <brice <at> waegenei.re> skribis:

> * doc/guix-cookbook.texi (Getting substitutes from Tor): New section.

Yay!

> +@node Getting substitutes from Tor
> +@section Getting substitutes from Tor
> +
> +@quotation Warning
> +@emph{Not all} Guix daemon's traffic will go through Tor!  Only
> +HTTP/HTTPS will get proxied; FTP, Git protocol, SSH, etc connections
> +will still go through the clearnet.  Again, this configuration isn't
> +foolproof some of your traffic won't get routed by Tor at all.  Use it
> +at your own risk.
> +@end quotation

I would suggest adding a line of intro before the warning, otherwise we
see the warning before even knowing what the section is about.  :-)

> +Guix's substitute server is available as a hidden service, if you want

I think official terminology these days is “Onion service”.

> +to use it to get your substitutes from Tor configure your system as
> +follow:
> +
> +@lisp
> +(use-modules (gnu))
> +(use-service-module base networking)
> +
> +(operating-system
> +  …
> +  (services
> +    (cons
> +      (service tor-service-type
> +              (tor-configuration
> +                (config-file (plain-file "tor-config"
> +                                         "HTTPTunnelPort 127.0.0.1:9250"))))
> +      (modify-services %base-services
> +                       (guix-service-type
             ^^^^^^^^^^^^^
Too many spaces here.

> +@example
> +# herd set-http-proxy guix-daemon http://localhost:9250
> +$ guix build --substitute-urls=https://bp7o7ckwlewr4slm.onion hello
> +@end example

To make it copy/pastable, you can remove the prompt and write it as:

  sudo herd set-http-proxy …
  guix build …

Something along these lines LGTM.

Thank you!

Ludo’.
This bug report was last modified 4 years and 355 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.