From unknown Thu Sep 11 14:10:05 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#79260] [GCD PATCH] 00X-international-substitutes.md: New proposal. Resent-From: Antero Mejr Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 17 Aug 2025 17:49:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 79260 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 79260@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.17554529347063 (code B ref -1); Sun, 17 Aug 2025 17:49:01 +0000 Received: (at submit) by debbugs.gnu.org; 17 Aug 2025 17:48:54 +0000 Received: from localhost ([127.0.0.1]:47848 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1unhUw-0001pl-13 for submit@debbugs.gnu.org; Sun, 17 Aug 2025 13:48:53 -0400 Received: from lists.gnu.org ([2001:470:142::17]:37826) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1unhUs-0001pR-Hm for submit@debbugs.gnu.org; Sun, 17 Aug 2025 13:48:48 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1unhUh-00077e-AI for guix-patches@gnu.org; Sun, 17 Aug 2025 13:48:35 -0400 Received: from sender4-op-o10.zoho.com ([136.143.188.10]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1unhUe-0005ka-Lp for guix-patches@gnu.org; Sun, 17 Aug 2025 13:48:35 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1755452905; cv=none; d=zohomail.com; s=zohoarc; b=kVKbRnwFzn19Semg7LhgMGR1v/Qm5y5iStXU5ej+QvZjjZN/+Gd2BvIII+mKrUixjTlq9iexxqZUqL6N85HaxXd9cUM3liz/GZH1m6T+rh++MgOWimZncAO46dJx3bXFL8guH/hRLfTB0rPMb1raKhdhjIRpExmJpzwiRPUKWCg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1755452905; h=Content-Type:Date:Date:From:From:MIME-Version:Message-ID:Subject:Subject:To:To:Message-Id:Reply-To:Cc; bh=/9ksohsfvnQvKE4rNa6TOeagCAWLQrnjHwrWADKAzAs=; b=cETP8+CnfGJRPuP7HZz48W7u6QwUrJ3CaDxxab9Svb0rjhYpOHf08zcQ3yDmzBvITg3iTu2h3Jy/qI/DyYdLgKU+2vd43kn9hewm88/rmJ9fo/iS81/G5V9yHO2gGYKWbI6wuv+8rEhja2HyD1u+5+v1q5+gxe7nHQgpCTd5Gjg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=antr.me; spf=pass smtp.mailfrom=mail@antr.me; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1755452905; s=zmail; d=antr.me; i=mail@antr.me; h=From:From:To:To:Subject:Subject:Date:Date:Message-ID:MIME-Version:Content-Type:Message-Id:Reply-To:Cc; bh=/9ksohsfvnQvKE4rNa6TOeagCAWLQrnjHwrWADKAzAs=; b=Tqx61OXKISE+cZ4jtJcGK0THL1omEGwVtG6XQWHLN8zuS3QlsNTxubiX+oqj+FIS feRnk9G+gaWy6HiCRvbN3zeC0+rWFFbIZEcVWyUWPkMpsqYqhfHH2ayBwifL82DeVUV iBGWlQK3/OAdjAaSY57O54UgcnMrxU3XFE1lfPrs= Received: by mx.zohomail.com with SMTPS id 1755452902929734.8689812554492; Sun, 17 Aug 2025 10:48:22 -0700 (PDT) From: Antero Mejr Date: Sun, 17 Aug 2025 17:48:21 +0000 Message-ID: <87v7ml261m.fsf@antr.me> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-ZohoMailClient: External Received-SPF: pass client-ip=136.143.188.10; envelope-from=mail@antr.me; helo=sender4-op-o10.zoho.com X-Spam_score_int: -19 X-Spam_score: -2.0 X-Spam_bar: -- X-Spam_report: (-2.0 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, LOTS_OF_MONEY=0.001, MONEY_NOHTML=1.083, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=-1, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 2.1 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: --- 00X-international-substitutes.md | 109 +++++++++++++++++++++++++++++++ 1 file changed, 109 insertions(+) create mode 100644 00X-international-substitutes.md diff --git a/00X-international-substitutes.md b/00X-international-substitutes.md new file mode 100644 index 0000000..11c6a4f --- /dev/null +++ b/00X-international-substitutes.md @@ -0,0 +1,109 @@ +tit [...] Content analysis details: (2.1 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2001:470:142:0:0:0:0:17 listed in] [list.dnswl.org] 0.0 LOTS_OF_MONEY Huge... sums of money 1.1 MONEY_NOHTML Lots of money in plain text X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.1 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: --- 00X-international-substitutes.md | 109 +++++++++++++++++++++++++++++++ 1 file changed, 109 insertions(+) create mode 100644 00X-international-substitutes.md diff --git a/00X-international-substitutes.md b/00X-international-substitutes.md new file mode 100644 index 0000000..11c6a4f --- /dev/null +++ b/00X-international-substitutes.md @@ -0,0 +1,109 @@ +tit [...] Content analysis details: (1.1 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) 0.0 LOTS_OF_MONEY Huge... sums of money 1.1 MONEY_NOHTML Lots of money in plain text -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager --- 00X-international-substitutes.md | 109 +++++++++++++++++++++++++++++++ 1 file changed, 109 insertions(+) create mode 100644 00X-international-substitutes.md diff --git a/00X-international-substitutes.md b/00X-international-substitutes.md new file mode 100644 index 0000000..11c6a4f --- /dev/null +++ b/00X-international-substitutes.md @@ -0,0 +1,109 @@ +title: International substitute servers +id: +status: draft +discussion: +authors: Antero Mejr +sponsors: +date: +draft-date: 2025-08-07 +discussion-date: +deliberation-date: +SPDX-License-Identifier: CC-BY-SA-4.0 OR GFDL-1.3-no-invariants-or-later +--- + +# Summary + +The official binary substitute servers for Guix, `ci.guix.gnu.org` and +`bordeaux`, are both located in Western Europe. Users outside Western Europe may +experience slower speeds when downloading substitutes: 50-200 kbps is not +uncommon. Since substitutes can be quite large, this causes significant slow +down when performing package operations. This RFC proposes the establishment of +additional substitute servers in other regions. + +# Motivation + +In the present state, users outside Europe experience substitute download speeds +on the order of kilobits per second. This comprises some of the perceived +"slowness" of Guix, as mentioned in all three of the [Guix +surveys](https://guix.gnu.org/en/blog/2025/guix-user-and-contributor-survey-2024-the-results-part-1/). +Other package managers with distributed substitute servers achieve download +speeds of tens or even hundreds of megabytes per second, many times faster than +the single Guix substitute server can provide. + +Common dependency packages such as LLVM can be large, around 50-200 MB. +Downloading substitutes for them on such a slow connection will take at least 5 +minutes, and that is only for a single dependency. This is a significant +impediment to package management operations and workflows. + +Distributing substitutes can also increase reliability. As it stands, if +`ci.guix.gnu.org` is not available, the user will not be able to download +substitutes at all. It also assists with reproducibility: more identical +substitute builds means a higher degree of assurance of deterministic, +reproducible packages. + +# Detailed Design + +Many package managers make available dozens of substitute servers (often called +"mirrors") from which to download compiled packages. Usually package managers +have some sort of configuration option to select the mirror with the fastest +connection, typically the mirror that is geographically closest, and possibly +some sort of auto-detection of connection speeds. Guix does not currently have +such a configuration option, and defaults to `ci.guix.gnu.org`. The addition of +a mirror selection configuration option is part of this proposal. Such an option +could be a `guix-configuration` option of `guix-service-type`. + +The Guix installer, for both the ISO and foreign-distro forms, would have an +additional prompt to select a substitute server from a list. + +Since many Guix users and developers are based in the United States, a US-based +server would be a sensible first step beyond the European region. From there +community feedback can be solicited to determine locations for future servers, +so long as sufficient funds are available. + +## Cost of Reverting + +Cost scale: 0 - No incompatibility + +Users of Guix System would experience no change, as substitute server +authentication is handled automatically. Users of Guix on foreign distros who +are installing for the first time would experience no change, so long as they +choose to authorize binary substitutes at install time. + +For users of Guix that is already installed on a foreign distro, they may need +to follow [these +steps](https://guix.gnu.org/manual/en/html_node/Substitute-Server-Authorization.html) +to authorize the new substitute servers if they wish to use them. Otherwise they +would not see the benefits. + +No deprecation of existing substitute servers would be necessary. + +Depending on whether colocation is used, maintenance of the substitute server +may require a Guix developer in the geographic area of the server, with proper +vetting/access clearance to perform administrative tasks directly on the +hardware. Remote maintenance of the server(s) would be possible for most +operations. + +Should a new substitute server need to be decommissioned (for whatever reason), +there would need to be a process established for doing so without breaking +compatibility. This would involve having the decommissioned substitute server +URL redirect to a different active and authorized substitute server. + +# Drawbacks and Open Issues + +TODO: Decide specifics (colocate vs. cloud, location) + +The main drawback of maintaining additional substitute servers is cost, in both +the initial investment and recurring costs. For example, Nix serves their +infrastructure through [Amazon +AWS](https://discourse.nixos.org/t/s3-sponsorship-extension-more-resources-to-build-a-more-sustainable-nix/50936) +and their recurring costs are $15,000 per month. + +However, Guix could potentially mitigate some of the costs. Making use of +donated hardware, and using colocation instead of the cloud could reduce the +monthly spend. Also the FSF may have resources that can provide servers or +colocation services at a reduced price. Guix also has an FSF [Working Together +Fund](https://my.fsf.org/civicrm/contribute/transact?reset=1&id=50) that could +potentially be used to fund substitute servers. + +The [Guix Foundation](https://foundation.guix.info/) may also be interested in +providing financial support for international substitute servers. -- 2.50.1 From unknown Thu Sep 11 14:10:05 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#79260] [GCD PATCH] 00X-international-substitutes.md: New proposal. Resent-From: Andreas Enge Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 18 Aug 2025 15:13:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 79260 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Antero Mejr Cc: 79260@debbugs.gnu.org Received: via spool by 79260-submit@debbugs.gnu.org id=B79260.175552997222558 (code B ref 79260); Mon, 18 Aug 2025 15:13:02 +0000 Received: (at 79260) by debbugs.gnu.org; 18 Aug 2025 15:12:52 +0000 Received: from localhost ([127.0.0.1]:50826 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uo1XY-0005rm-Fm for submit@debbugs.gnu.org; Mon, 18 Aug 2025 11:12:52 -0400 Received: from hera.aquilenet.fr ([185.233.100.1]:54428) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uo1XW-0005rU-Qm for 79260@debbugs.gnu.org; Mon, 18 Aug 2025 11:12:51 -0400 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 6615C2F7; Mon, 18 Aug 2025 17:12:44 +0200 (CEST) Authentication-Results: hera.aquilenet.fr; none X-Virus-Scanned: Debian amavis at hera.aquilenet.fr Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavis, port 10024) with ESMTP id tdmQdiwEnhpC; Mon, 18 Aug 2025 17:12:43 +0200 (CEST) Received: from jurong (167.76.29.93.rev.sfr.net [93.29.76.167]) by hera.aquilenet.fr (Postfix) with ESMTPSA id BB78261; Mon, 18 Aug 2025 17:12:43 +0200 (CEST) Date: Mon, 18 Aug 2025 17:12:42 +0200 From: Andreas Enge Message-ID: References: <87v7ml261m.fsf@antr.me> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87v7ml261m.fsf@antr.me> X-Rspamd-Server: hera X-Spamd-Bar: ----- X-Rspamd-Queue-Id: 6615C2F7 X-Spamd-Result: default: False [-5.25 / 15.00]; BAYES_HAM(-2.87)[99.44%]; NEURAL_HAM(-2.78)[-0.927]; MID_RHS_NOT_FQDN(0.50)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCPT_COUNT_TWO(0.00)[2]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; ARC_NA(0.00)[] X-Rspamd-Action: no action X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hello Antero, I forgot the official policy, but I think you are supposed to send GCD proposals to guix-devel; very few people still look at the old issue tracker after things have moved to Codeberg. Andreas