GNU bug report logs - #63877
[PATCH] gnu: services: web: Set SSL_CERT_DIR in php-fpm environment.

Previous Next

Package: guix-patches;

Reported by: Timo Wilken <guix <at> twilken.net>

Date: Sat, 3 Jun 2023 18:26:02 UTC

Severity: normal

Tags: moreinfo, patch

Full log

View this message in rfc822 format

From: Bruno Victal <mirai <at> makinata.eu>
To: Timo Wilken <guix <at> twilken.net>
Cc: 63877 <at> debbugs.gnu.org, Ludovic Courtès <ludo <at> gnu.org>
Subject: [bug#63877] [PATCH v2] gnu: services: web: Allow specifying extra php-fpm environment variables.
Date: Thu, 19 Oct 2023 15:32:39 +0100

Hi Timo,

On 2023-10-15 21:54, Timo Wilken wrote:
> Hi Bruno, (hi Ludo'), thank you for your detailed feedback and sorry for not
> responding earlier!
> 
> On Mon Jun 5, 2023 at 5:44 AM CEST, Bruno Victal wrote:
>> Ungexp-ing lists can be rather tricky [...]
>>
>> You need to quote the list [...]
> 
> I was thinking of something closer to the example I added to doc/guix.texi in
> my patch. The gexp would not be a list directly, but instead be some code that
> would produce a list when evaluated, e.g.:
> 
> --8<---------------cut here---------------start------------->8---
> #~(list (string-append "SSL_CERT_DIR=" #$nss-certs "/etc/ssl/certs"))))
> --8<---------------cut here---------------end--------------->8---
> 
> That would let you refer to store paths in variable values, instead of being
> limited to literal strings.

Right, I can see that it is indeed useful to accept a G-Exp instead.

> As far as I know, the following throws an error, and `file-append' instead of
> `string-append' wouldn't work because of the `"SSL_CERT_DIR="' prefix, right?
> 
> --8<---------------cut here---------------start------------->8---
> #~(#$(string-append "SSL_CERT_DIR=" nss-certs "/etc/ssl/certs"))))
> --8<---------------cut here---------------end--------------->8---

This ungexp doesn't work because it's “too wide”, in fact the bug
in [1] was caused by a very similar snippet.

Furthermore this would still run into the ungexp pitfall of being
interpreted as a procedure call since you now have:

--8<---------------cut here---------------start------------->8---
…
#:environment-variables (append ("SSL_CERT_DIR=<garbage-here>…" …)
                                (default-environment-variables))
…
--8<---------------cut here---------------end--------------->8---

You could try using a list gexps/strings like this:

--8<---------------cut here---------------start------------->8---
(list #~(string-append "SSL_CERT_DIR=" #$nss-certs "/etc/ssl/certs")
      "FOO=bar"
      (string-append "BAR=" 999))
--8<---------------cut here---------------end--------------->8---

Although your G-Exp idea might be better as it obviates the
need to do things like '#$ (by using #~(list …) or #~'("foo" …)).


[1]: <https://issues.guix.gnu.org/65383>

-- 
Furthermore, I consider that nonfree software must be eradicated.

Cheers,
Bruno.
This bug report was last modified 1 year and 119 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.