diff options
Diffstat (limited to 'index.html')
-rw-r--r-- | index.html | 1763 |
1 files changed, 1717 insertions, 46 deletions
@@ -1,49 +1,1720 @@ <!doctype html> <html> - <head> - <meta charset="utf-8"> - <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> - - <title>reveal.js</title> - - <link rel="stylesheet" href="css/reset.css"> - <link rel="stylesheet" href="css/reveal.css"> - <link rel="stylesheet" href="css/theme/black.css"> - - <!-- Theme used for syntax highlighting of code --> - <link rel="stylesheet" href="lib/css/monokai.css"> - - <!-- Printing and PDF exports --> - <script> - var link = document.createElement( 'link' ); - link.rel = 'stylesheet'; - link.type = 'text/css'; - link.href = window.location.search.match( /print-pdf/gi ) ? 'css/print/pdf.css' : 'css/print/paper.css'; - document.getElementsByTagName( 'head' )[0].appendChild( link ); - </script> - </head> - <body> - <div class="reveal"> - <div class="slides"> - <section>Slide 1</section> - <section>Slide 2</section> - </div> - </div> - - <script src="js/reveal.js"></script> - - <script> - // More info about config & dependencies: - // - https://github.com/hakimel/reveal.js#configuration - // - https://github.com/hakimel/reveal.js#dependencies - Reveal.initialize({ - dependencies: [ - { src: 'plugin/markdown/marked.js' }, - { src: 'plugin/markdown/markdown.js' }, - { src: 'plugin/notes/notes.js', async: true }, - { src: 'plugin/highlight/highlight.js', async: true } - ] - }); - </script> - </body> + <head> + <meta charset="utf-8"> + <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> + + <title>GNU Guix, package manager, system distribution and more</title> + + <link rel="stylesheet" href="css/reveal.css"> + <link rel="stylesheet" href="css/theme/black.css"> + <style> + .reveal h1 { + text-transform: unset; + } + + .reveal h2 { + text-transform: unset; + } + + .reveal h3 { + text-transform: unset; + } + + .timeline { + height: 10em; + } + + .timeline:before { + content: ''; + position: absolute; + top: 0; + left: 50%; + margin-left: -1px; + width: 2px; + height: 100%; + background: #CCD1D9; + z-index: 1 + } + + .timeline-block { + width: calc(50% + 8px); + display: flex; + justify-content: space-between; + clear: both; + } + + .timeline-block-right { + float: right; + } + + .timeline-block-left { + float: left; + direction: rtl + } + + .marker { + width: 16px; + height: 16px; + border-radius: 50%; + border: 2px solid #F5F7FA; + background: #4FC1E9; + margin-top: 10px; + z-index: 9999 + } + + .no-max-height { + max-height: unset !important; + } + + img { + background: none !important; + border: none !important; + box-shadow: none !important; + } + + pre { + background: none !important; + border: none !important; + box-shadow: none !important; + } + + .caption { + display: block; + clear: both; + font-size: large !important; + } + </style> + + <!-- Theme used for syntax highlighting of code --> + <link rel="stylesheet" href="lib/css/zenburn.css"> + + <!-- Printing and PDF exports --> + <script> + var link = document.createElement( 'link' ); + link.rel = 'stylesheet'; + link.type = 'text/css'; + link.href = window.location.search.match( /print-pdf/gi ) ? 'css/print/pdf.css' : 'css/print/paper.css'; + document.getElementsByTagName( 'head' )[0].appendChild( link ); + </script> + </head> + <body> + <div class="reveal"> + <div class="slides"> + <section> + <img src="Guix.svg" style="background: unset; margin: unset; border: unset; box-shadow: unset;"> + <h1>GNU Guix</h1> + <h2>Package manager,<br> system distribution<br> and more…</h2> + + <aside class="notes" data-markdown> + Hello, my name is Chris, and we're going to take a look at + a software project called GNU Guix. + + Before we begin, hands up if you're excited about package + managers? + + I'd prefer to cover only some of the material I've got, + really well, rather than cover all of it badly, so please + interrupt, and jump in with questions as and when they + come to you. + + I've not planned any live demos explicitly, but I'm using + GuixSD on this laptop, and am happy to attempt to demo + stuff. + + I first found out about Guix sometime in late 2015, early + 2016. + + I remember installing it the night before FOSDEM, a free + software conference in Brussles, back in January 2016. At + FOSDEM that year there were many talks about Guix in the + GNU Guile devroom. + + I started using and contributing to Guix soon after. + + Maybe some of you are using Guix already, maybe some of + you have heard of it, but don't know much about it, and + maybe some of you haven't heard of Guix before freenode + live. + + In any case, I hope most of you will learn something about + Guix in the next hour. + + I'm going to try and cover: + - some of the technical fundamentals + - how you can use guix as a package manager + - how you can use Guix to manage systems and services + - and finally, ways in which you can extend Guix + </section> + + <section> + <h1> + Guix... + </h1> + <h2> + Why another package management tool? + </h2> + + <aside class="notes" data-markdown> + So, Guix is a package management tool. Something that you + can use to get and use software. + + If you haven't heard of package management tools before, + think of a package as a somewhat uniform way of dealing + with different bits software. + + I'm imagining many of you use a package manager, maybe + even more than one, so why might you want to use Guix? + + Now Guix is a project, involving quite a few people, and I + imagine there are different views on this, but I've tried + to sum it up as user control or user freedom. + </aside> + </section> + + <section> + <h1>User<br>Control / Freedom</h1> + + <aside class="notes" data-markdown> + Installing software is something which I think has been + getting easier, and better. + + Package managers have helped a lot with this, but often + there is still room for improvement. + + Sometimes, package managers have the option to install + software without building it from source by fetching some + corresponding binary package. But you may want to build + the software from source anyway, and this can be tricky. + + There can be a few reasons for building from source. There + might not be a corresponding binary package available, you + might want to not have to trust the available binary + packages, or you may want to modify the software, patching + a security vulnerability for example. + + Also, when installing software, there can be issues with + package conflicts. + + With some package managers, some packages may conflict + with others, and some may conflict with different versions + of the same package. Making it difficult to meet the needs + of multiple pieces of software, or multiple users. + + Even if you make it through installing software, many + people using software are stuck in a world where if they + take the risk to remove or upgrade some software on there + computer, then something may break. + + Now, of course, updating software may introduce bugs, but + sometimes updating one bit of software can break a related + bit of software that wasn't updated. + + The same goes for installing and removing software, + sometimes, unfortunately, some other piece of software + needed what was removed, or an existing piece of software + conflicts with the newly installed software. + + On the whole, being able to install software from source, + or using prebuilt binary packages, avoiding conflicts + between packages, even multiple versions of the same + package, and being able to remove or upgrade software, + without worrying about causing problems are all issues of + user control and user freedom. + + I think Guix is a tool that can help, so how does it work? + </aside> + </section> + + <section> + <h1>How does Guix work?</h1> + + <aside class="notes" data-markdown> + Before jumping straight in to Guix, there are some + important concepts to cover first. + + These are not new concepts, to put things in perspective, + here is a timeline. + </aside> + </section> + + <section> + <!-- https://codepen.io/Mhmdhasan/pen/mVjpVK --> + <div class="timeline"> + <div class="timeline-block timeline-block-left" style="height: 50%;"> + <div class="marker"></div> + <div class="timeline-content"> + <h3>1993</h3> + First Debian release + <!-- https://www.debian.org/doc/manuals/project-history/ch-releases.en.html --> + </div> + </div> + + <div class="timeline-block timeline-block-right" style="height: 36%;"> + <div class="marker"></div> + <div class="timeline-content"> + <h3>2004</h3> Nix: A Safe and Policy-Free System for + Software Deployment + </div> + </div> + + <div class="timeline-block timeline-block-left" style="height: 22%;"> + <div class="marker"></div> + <div class="timeline-content"> + <h3>2012</h3> + Guix announced + </div> + </div> + </div> + + <div class="timeline-block timeline-block-right"> + <div class="marker"></div> + <div class="timeline-content"> + <h3>2017</h3> + freenode #live + </div> + </div> + + <aside class="notes" data-markdown> + At the top, we have Debian. Which started in 1993, and has + grown to be a very popular free software distribution. + + I love Debian. I've used it quite a bit, including writing + packages for software and services. + + If I make any comparisons to it, its not because I think + its bad, just that its what I was using, before I began + using Guix more and more. + + A while after the Debian project started, and quite a long + time ago now, back in 2004, the first paper on a piece of + software called Nix was published. + + I didn't find out about Nix until I found out about Guix, + but Nix is important to mention, as some of the key + concepts underlying Guix come from Nix. + + Around 5 years ago now, the Guix project was started bu + Ludovic Courtès, using some of the key ideas from Nix, and + adding some more. + </aside> + </section> + + <section data-background-color="white"> + <a href="https://nixos.org/~eelco/pubs/nspfssd-lisa2004-final.pdf"> + <img class="noborder" src="nix-paper-2004.png"> + </a> + + <aside class="notes" data-markdown> + As I said before, the first paper was published in 2004, + but there is a more detailed description of Nix in Eelco + Dolstra's PhD thesis, "The Purely Functional Software + Deployment Model", which was published later in 2006. + + I'm going to have a go at explaining what I think is + useful to know for understanding how Guix works, but if + you want a more original and comprehensive description, + then these papers are the ones to read. + </aside> + </section> + + <section> + <h2>The store</h2> + + <pre class="fragment">/gnu/store/<span class="fragment highlight-current-green">wf65hjwqwpz4wllasn63zysi5irql2sx</span>-hello-2.10 +├── bin +│ └── hello +└── share + ├── info + │ └── ... + ├── locale + │ └── ... + └── man + └── ... +</pre> + + <aside class="notes" data-markdown> + We start with the store, a special directory where files, + and the outputs from derivations that have been built + successfully are stored. + + When using Guix, the location of the store is /gnu/store. + + The store contains store items, and there is a database + that contains information on these, such as how the store + items refer to each other. + + (Next) + + Shown here is an example store item. + + In this case, its a directory, containing GNU Hello. + + Operations on the store should be performed by the build + daemon, which helps ensure that the store is maintained + correctly. To protect the integrity of the store, it is + useful to make it read only, to everything but the build + daemon. + + (Next) + + The hash here is really important, and that comes from the + derivation which is used to create the store item. + </aside> + </section> + + <section data-transition="fade-out"> + <code> + <pre>$ guix build --derivations hello +/gnu/store/1drc59xkcvgdphzgylxm41ln9p5dwbgn-hello-2.10.drv</pre> + </code> + + <code> + <small><pre>Derive( + [("out",<span class="fragment highlight-current-green" data-fragment-index="1">"/gnu/store/<span class="fragment highlight-current-green">wf65hjwqwpz4wllasn63zysi5irql2sx</span>-hello-2.10"</span>,"","")], + [("/gnu/store/0gabs9i1zawd406rkkr7l15ifg61s34r-glibc-2.25.drv",["out"]), + ("/gnu/store/1lqw4mz8xzjhnb65kc1nvk8wg39spv5j-hello-2.10.tar.gz.drv",["out"]), + ("/gnu/store/1vmhamqwgs3qa7rw28am5rm3b9fjs163-file-5.30.drv",["out"]), + ("/gnu/store/23h9fzinl5j1s5x7r2i155f1m7ify9wl-ld-wrapper-0.drv",["out"]), + ("/gnu/store/3li1y3cc8rkr4d0q9h8bkvl4h3macnf6-bash-minimal-4.4.12.drv",["out"]), + ("/gnu/store/6y5h0pbqci67ql1ij5crkchjzmxkafbv-gawk-4.1.4.drv",["out"]), + ("/gnu/store/8xmbpyfnh5cdrk9fmx8j67894bq9vl1r-module-import.drv",["out"]), + ("/gnu/store/9sahk6fh2p5k631rxl6amx0cd4z8jn0s-diffutils-3.6.drv",["out"]), + ("/gnu/store/cm2f8yxfpy353kxbq5gl7whzvmkl9niv-make-4.2.1.drv",["out"]), + ("/gnu/store/fqx5lcb8lhdxkw1dwcgahnqaxgaycgb1-tar-1.29.drv",["out"]), + ("/gnu/store/i5fzg4cq88yvl2i7bsnqprzgq494bpdm-patch-2.7.5.drv",["out"]), + ("/gnu/store/iwzysdzl3yphqa0c0km8liiimcsrxmvd-glibc-utf8-locales-2.25.drv",["out"]), + ("/gnu/store/jwsvpyyxkmyg0wk3cic3b9q9wgimphkz-findutils-4.6.0.drv",["out"]), + ("/gnu/store/m5kd44n51ns8zlc8mvii497xc2siydpb-coreutils-8.27.drv",["out"]), + ("/gnu/store/pjgbs80jhzpm7lfpsa5dp6jgxkcv6n56-bzip2-1.0.6.drv",["out"]), + ("/gnu/store/qgcr4gp3qz098yh6zsnn97dg4h8d2nbn-sed-4.4.drv",["out"]), + ("/gnu/store/r49cqbngzhn8q1qr6cjsm4vs85vwzl9i-xz-5.2.2.drv",["out"]), + ("/gnu/store/rkjydj936a096s70bxq7sz77bbxzfqvd-gzip-1.8.drv",["out"]), + ("/gnu/store/vk9xdybvknvnnaxavdk2q43yvdq5h47r-binutils-2.28.drv",["out"]), + ("/gnu/store/wrlssahrl79njwzwv8clcq8vdh2syppx-module-import-compiled.drv",["out"]), + ("/gnu/store/xz5ikvwa6pyz11h0a5hmzf9rxyi5xjzw-guile-2.2.2.drv",["out"]), + ("/gnu/store/zb0wzrfgiydmr8gbxywyrmg6yp68w4fj-linux-libre-headers-4.4.47.drv",["out"]), + ("/gnu/store/zxiy6cnd05p90hmyk1mvr30lm17ghwim-grep-3.0.drv",["out"]), + ("/gnu/store/zxkwsk4g0m7j2p54l7xp2gblb6v4zddf-gcc-5.4.0.drv",["out"])], + ["/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"], + "x86_64-linux", + "/gnu/store/d8gkn84yqacjr80pzicz1ka3y2s1f2x0-guile-2.2.2/bin/guile", + ["--no-auto-compile", + "-L", + "/gnu/store/xhwmxry8kkmq7897558qmcmfsx8r1z45-module-import", + "/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"], + [("GUILE_LOAD_COMPILED_PATH","/gnu/store/r7sf4w2wwrbxbcf04pi9a5gkdhzaya2g-module-import-compiled"), + ("out",<span class="fragment highlight-current-green" data-fragment-index="1">"/gnu/store/wf65hjwqwpz4wllasn63zysi5irql2sx-hello-2.10"</span>)] +)</pre></small> + </code> + + <aside class="notes" data-markdown> + This is an example derivation for the GNU hello package. + + Normally, there is no formatting or highlighting, but I've + added some here to make it more understandable. + + (Next) + + The first thing to notice is the output file, highlighted + here in green. It appears twice, the first time is for the + build daemon, so it knows what to expect, and the second + time is for the builder, so it knows where to put the + output. + + The hash part of the filename is computed by hashing + something which looks like this, but not containing the + output file, as you haven't computed the hash yet. + + So lets remove the output file, and look at what goes in + to the hash. + </aside> + </section> + + <section data-transition="fade"> + <pre>$ guix build --derivations hello +/gnu/store/1drc59xkcvgdphzgylxm41ln9p5dwbgn-hello-2.10.drv</pre> + + <small><pre>Derive( + [("out",<span class="fragment highlight-current-red" data-fragment-index="1">""</span>,"","")], + <span class="fragment highlight-current-green">[("/gnu/store/0gabs9i1zawd406rkkr7l15ifg61s34r-glibc-2.25.drv",["out"]), + ("/gnu/store/1lqw4mz8xzjhnb65kc1nvk8wg39spv5j-hello-2.10.tar.gz.drv",["out"]), + ("/gnu/store/1vmhamqwgs3qa7rw28am5rm3b9fjs163-file-5.30.drv",["out"]), + ("/gnu/store/23h9fzinl5j1s5x7r2i155f1m7ify9wl-ld-wrapper-0.drv",["out"]), + ("/gnu/store/3li1y3cc8rkr4d0q9h8bkvl4h3macnf6-bash-minimal-4.4.12.drv",["out"]), + ("/gnu/store/6y5h0pbqci67ql1ij5crkchjzmxkafbv-gawk-4.1.4.drv",["out"]), + ("/gnu/store/8xmbpyfnh5cdrk9fmx8j67894bq9vl1r-module-import.drv",["out"]), + ("/gnu/store/9sahk6fh2p5k631rxl6amx0cd4z8jn0s-diffutils-3.6.drv",["out"]), + ("/gnu/store/cm2f8yxfpy353kxbq5gl7whzvmkl9niv-make-4.2.1.drv",["out"]), + ("/gnu/store/fqx5lcb8lhdxkw1dwcgahnqaxgaycgb1-tar-1.29.drv",["out"]), + ("/gnu/store/i5fzg4cq88yvl2i7bsnqprzgq494bpdm-patch-2.7.5.drv",["out"]), + ("/gnu/store/iwzysdzl3yphqa0c0km8liiimcsrxmvd-glibc-utf8-locales-2.25.drv",["out"]), + ("/gnu/store/jwsvpyyxkmyg0wk3cic3b9q9wgimphkz-findutils-4.6.0.drv",["out"]), + ("/gnu/store/m5kd44n51ns8zlc8mvii497xc2siydpb-coreutils-8.27.drv",["out"]), + ("/gnu/store/pjgbs80jhzpm7lfpsa5dp6jgxkcv6n56-bzip2-1.0.6.drv",["out"]), + ("/gnu/store/qgcr4gp3qz098yh6zsnn97dg4h8d2nbn-sed-4.4.drv",["out"]), + ("/gnu/store/r49cqbngzhn8q1qr6cjsm4vs85vwzl9i-xz-5.2.2.drv",["out"]), + ("/gnu/store/rkjydj936a096s70bxq7sz77bbxzfqvd-gzip-1.8.drv",["out"]), + ("/gnu/store/vk9xdybvknvnnaxavdk2q43yvdq5h47r-binutils-2.28.drv",["out"]), + ("/gnu/store/wrlssahrl79njwzwv8clcq8vdh2syppx-module-import-compiled.drv",["out"]), + ("/gnu/store/xz5ikvwa6pyz11h0a5hmzf9rxyi5xjzw-guile-2.2.2.drv",["out"]), + ("/gnu/store/zb0wzrfgiydmr8gbxywyrmg6yp68w4fj-linux-libre-headers-4.4.47.drv",["out"]), + ("/gnu/store/zxiy6cnd05p90hmyk1mvr30lm17ghwim-grep-3.0.drv",["out"]), + ("/gnu/store/zxkwsk4g0m7j2p54l7xp2gblb6v4zddf-gcc-5.4.0.drv",["out"])]</span>, + ["/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"], + "x86_64-linux", + "/gnu/store/d8gkn84yqacjr80pzicz1ka3y2s1f2x0-guile-2.2.2/bin/guile", + ["--no-auto-compile", + "-L", + "/gnu/store/xhwmxry8kkmq7897558qmcmfsx8r1z45-module-import", + "/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"], + [("GUILE_LOAD_COMPILED_PATH","/gnu/store/r7sf4w2wwrbxbcf04pi9a5gkdhzaya2g-module-import-compiled"), + ("out",<span class="fragment highlight-current-red" data-fragment-index="1">""</span>)] +)</pre></small> + + <aside class="notes" data-markdown> + (Next) + + So the output file has now been removed, here highlighted + in red. + + (Next) + + One more processing step takes place before this data in + hashed. The input derivation files, shown in the green + area are replaced with the hash for the corresponding + derivation, computed through the same process that we are + currently going through. + </aside> + </section> + + <section data-transition="fade-in"> + <pre>$ guix build --derivations hello +/gnu/store/1drc59xkcvgdphzgylxm41ln9p5dwbgn-hello-2.10.drv</pre> + + <small><pre>Derive( + [("out","","","")], + <span class="fragment highlight-current-green">[("04fb79c7338393b15562c5ffd222b40fb745683896789ad2b37659ac9d597540",["out"]), + ("08a81b5317696b0ac342330b4561409db5db8273fee477c26cd2854499e4be1c",["out"]), + ("0fcc386963a58070aacfc0cfb4fa5e67e676b25b6b038ed1aa61f12b933a39c3",["out"]), + ("1b6c42938b2a02480294d8e89bf9fe94c77f392fd41f7cdb72b4c85071b3d197",["out"]), + ("1e8dc40cc0593bae81806df0a1785582fb94ee07802b095ad521e7cb0dd16c41",["out"]), + ("2e25667c193bed7410ca1f675ba717d5aec59123392d14b35d0918287de2fdf4",["out"]), + ("3266b64f962b87ed7bb437ddd49c33a20d439e049a3829e2c10f5c2d8ae7d294",["out"]), + ("39ea9f7baeee4ba446ebbaed88b5354adc088dae479e73a2825471c07088a86c",["out"]), + ("522962e0ca0c7a5682ee561e618c9e08ce841d24468125c203e935ecd0e8da37",["out"]), + ("523610101af5dc2481bdce53a050d680bbc516c64baf32463cf95ab3b18aa261",["out"]), + ("5d7766754e92a0a96ca3b732ae0d9e3da892994961cee1500d7c689a0ddcb785",["out"]), + ("61fd1308247835184ffe88140f9025117edb3210c47d617feafa33572ad8b8e3",["out"]), + ("6ae6f3630665d92a495a4edb0f337fe1884fff9e6adcef65cf1c79131071d127",["out"]), + ("7b8ef27665067602e4e27e801c6e8f385bd83b378037a60a4f5953a02b12c74f",["out"]), + ("81c2221261670003975a89df35fba774c3871f4444c0d3a1eef6ef21e7aba678",["out"]), + ("875b4153b80df041b31b6d0fb93b4bb8b62fbd3938320a8ce6ff263d01b3a536",["out"]), + ("89e81aee370115bec522ad48de0f59030f227fe8a599bb409352a34e710669f8",["out"]), + ("a127853978c101a2b52071108ed48834435c0bbaf1b707c13304ef9d8e70c3a6",["out"]), + ("ab4bf18925deebcc80259b45cba39b348320a03f61d93e2246dcd6f5d28a1b68",["out"]), + ("afe40de343b27326b5e6089c8adf8fdbdb105dcc35f671025c87de0bba965184",["out"]), + ("bc726d150b4ba6aa8624eba59ad092d729705de4f0148391d33dac15a8aa5dbf",["out"]), + ("bfb16f9021e341594cfce1c772ccd491599694460ac1df24a8bb77fadc2a4a04",["out"]), + ("e226a8e968c6132524948d4fd0483a16603b57bddc92f97d6ce31580889754c2",["out"]), + ("f662215314a37fcf8ae79e425bd197b3a3351bd8ff3d90506cc069c83c833b6d",["out"])],</span> + ["/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"], + "x86_64-linux", + <span class="fragment highlight-current-green">"/gnu/store/d8gkn84yqacjr80pzicz1ka3y2s1f2x0-guile-2.2.2/bin/guile", + ["--no-auto-compile", + "-L", + "/gnu/store/xhwmxry8kkmq7897558qmcmfsx8r1z45-module-import", + "/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"]</span>, + <span class="fragment highlight-current-green">[("GUILE_LOAD_COMPILED_PATH","/gnu/store/r7sf4w2wwrbxbcf04pi9a5gkdhzaya2g-module-import-compiled"), + ("out","")]</span> +)</pre></small> + <span class="fragment"><!-- Null fragment to end --></span> + + <aside class="notes" data-markdown> + This is now what is actually hashed, just without any + formatting. + + (Next) + + The key parts are the hashes of all the input derivations. + + (Next) + + The description of the build process. + + (Next) + + And finally, the environment variables. + + (Next) + + When this derivation is handed over to the build daemon, + it will run the build process in an isolated + environment. The build process will only be able to read + from the areas of the store that are inputs to the + derivation. It will also only be able to write to the + specified output locations. + + Network access is disabled, to ensure that the process + isn't able to access the network, avoiding the possibility + that it depends on something via the network. + </aside> + </section> + + <section> + <code> + <pre>$ guix build --derivations hello +/gnu/store/1drc59xkcvgdphzgylxm41ln9p5dwbgn-hello-2.10.drv</pre> + </code> + + <code> + <small><pre>Derive( + [("out","/gnu/store/wf65hjwqwpz4wllasn63zysi5irql2sx-hello-2.10","","")], + [("/gnu/store/0gabs9i1zawd406rkkr7l15ifg61s34r-glibc-2.25.drv",["out"]), + <span class="fragment highlight-green">("/gnu/store/1lqw4mz8xzjhnb65kc1nvk8wg39spv5j-hello-2.10.tar.gz.drv",["out"])</span>, + ("/gnu/store/1vmhamqwgs3qa7rw28am5rm3b9fjs163-file-5.30.drv",["out"]), + ("/gnu/store/23h9fzinl5j1s5x7r2i155f1m7ify9wl-ld-wrapper-0.drv",["out"]), + ("/gnu/store/3li1y3cc8rkr4d0q9h8bkvl4h3macnf6-bash-minimal-4.4.12.drv",["out"]), + ("/gnu/store/6y5h0pbqci67ql1ij5crkchjzmxkafbv-gawk-4.1.4.drv",["out"]), + ("/gnu/store/8xmbpyfnh5cdrk9fmx8j67894bq9vl1r-module-import.drv",["out"]), + ("/gnu/store/9sahk6fh2p5k631rxl6amx0cd4z8jn0s-diffutils-3.6.drv",["out"]), + ("/gnu/store/cm2f8yxfpy353kxbq5gl7whzvmkl9niv-make-4.2.1.drv",["out"]), + ("/gnu/store/fqx5lcb8lhdxkw1dwcgahnqaxgaycgb1-tar-1.29.drv",["out"]), + ("/gnu/store/i5fzg4cq88yvl2i7bsnqprzgq494bpdm-patch-2.7.5.drv",["out"]), + ("/gnu/store/iwzysdzl3yphqa0c0km8liiimcsrxmvd-glibc-utf8-locales-2.25.drv",["out"]), + ("/gnu/store/jwsvpyyxkmyg0wk3cic3b9q9wgimphkz-findutils-4.6.0.drv",["out"]), + ("/gnu/store/m5kd44n51ns8zlc8mvii497xc2siydpb-coreutils-8.27.drv",["out"]), + ("/gnu/store/pjgbs80jhzpm7lfpsa5dp6jgxkcv6n56-bzip2-1.0.6.drv",["out"]), + ("/gnu/store/qgcr4gp3qz098yh6zsnn97dg4h8d2nbn-sed-4.4.drv",["out"]), + ("/gnu/store/r49cqbngzhn8q1qr6cjsm4vs85vwzl9i-xz-5.2.2.drv",["out"]), + ("/gnu/store/rkjydj936a096s70bxq7sz77bbxzfqvd-gzip-1.8.drv",["out"]), + ("/gnu/store/vk9xdybvknvnnaxavdk2q43yvdq5h47r-binutils-2.28.drv",["out"]), + ("/gnu/store/wrlssahrl79njwzwv8clcq8vdh2syppx-module-import-compiled.drv",["out"]), + ("/gnu/store/xz5ikvwa6pyz11h0a5hmzf9rxyi5xjzw-guile-2.2.2.drv",["out"]), + ("/gnu/store/zb0wzrfgiydmr8gbxywyrmg6yp68w4fj-linux-libre-headers-4.4.47.drv",["out"]), + ("/gnu/store/zxiy6cnd05p90hmyk1mvr30lm17ghwim-grep-3.0.drv",["out"]), + ("/gnu/store/zxkwsk4g0m7j2p54l7xp2gblb6v4zddf-gcc-5.4.0.drv",["out"])], + ["/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"], + "x86_64-linux", + "/gnu/store/d8gkn84yqacjr80pzicz1ka3y2s1f2x0-guile-2.2.2/bin/guile", + ["--no-auto-compile", + "-L", + "/gnu/store/xhwmxry8kkmq7897558qmcmfsx8r1z45-module-import", + "/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"], + [("GUILE_LOAD_COMPILED_PATH","/gnu/store/r7sf4w2wwrbxbcf04pi9a5gkdhzaya2g-module-import-compiled"), + ("out","/gnu/store/wf65hjwqwpz4wllasn63zysi5irql2sx-hello-2.10")] +)</pre></small> + </code> + + <aside class="notes" data-markdown> + Going back to the original derivation, one of the inputs + is the release of GNU Hello. + + (Next) + + It's shown here in green. + </aside> + </section> + + <section> + <h2>Fixed-output derivation</h2> + <pre>$ guix build -S -d hello +/gnu/store/1lqw4mz8xzjhnb65kc1nvk8wg39spv5j-hello-2.10.tar.gz.drv</pre> + <small> + <pre>Derive( + [("out", + <span class="fragment highlight-current-green">"/gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz", + "sha256", + "31e066137a962676e89f69d1b65382de95a7ef7d914b8cb956f41ea72e0f516b"</span>)], + [], + ["/gnu/store/qivc6nybj6mxa95h7h10hg7qv81rdfcm-mirrors", + "/gnu/store/wvbspgpk15aq6kcf2f67xjai1fbkbyqc-content-addressed-mirrors"], + "x86_64-linux", + "builtin:download", + [], + [("content-addressed-mirrors","/gnu/store/wvbspgpk15aq6kcf2f67xjai1fbkbyqc-content-addressed-mirrors"), + ("impureEnvVars","http_proxy https_proxy LC_ALL LC_MESSAGES LANG COLUMNS"), + ("mirrors","/gnu/store/qivc6nybj6mxa95h7h10hg7qv81rdfcm-mirrors"), + ("out","/gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz"), + ("preferLocalBuild","1"), + ("url","\"mirror://gnu/hello/hello-2.10.tar.gz\"")] +)</pre></small> + + <aside class="notes" data-markdown> + The derivation for building the hello package that we've + just looked at is one type of derivation, but there is + another. + + This derivation is a fixed output derivation. Unlike the + previous derivation, it can access the network. + + The compromise here is that the output must be known in + advance. + + (Next) + + Here, highlighted in green is the file that this + derivation will create, as well as the hash value and + algorithm. + + Derivations and fixed output derivations are the building + blocks that both Nix and Guix use to populate the store + with software. + </aside> + </section> + + <section data-background-color="white"> + <img class="noborder" src="hello-derivation-graph.svg"> + <span class="caption"> + Derivation graph for the hello package + </span> + + <aside class="notes" data-markdown> + Here is the bigger picture. This is the graph of + derivations, both with fixed output and non-fixed output + derivations. + + If you can make it out, the fixed output derivations are + in black, and the other derivations are in purple. + + The fixed output derivations tend to sit around the edge + of the graph, as they describe the building blocks used in + the other derivations. + + Fixed output derivations are used to describe the source + code of software, e.g. a source tarball or git repository + checkout. + + There are also bootstrap binaries in the graph. You can't + just go from source code, with no compiler, to compiling a + compiler, so Guix includes some bootstrap binaries to get + started with. + + Other fixed output derivations include patches that are + applied to source code, the build scripts, and Guile + modules that are used in the build scripts. + + This graph also includes the Guix bootstraping process, + for getting from the bootstrap binaries, to GNU hello, and + everything in between. + + Also, thinking back to what goes in to the hash for the + outout of a derivation, that is the hashes of the input + derivations, the build process and environment variables + for non-fixed output derivations, and the output name, + hash algorithm and value for fixed output derivations, we + can now start to look at when changes happen in this + graph, what will happen to the outputs for derivations. + + For exapmle, if you were to change the source code for the + hello package, that would mean that the hash would be + different, therefore the hash of the fixed output + derivation would be different. As that hash is part of the + hash of the hello derivation, its hash would change as + well. + + Comparing this with a Debian package for example, which + would always produce /usr/bin/hello, regardless of the + source code, the way that the derivations output is + computed means that having hello in the store twice just + works. + + While I think it can be useful to understand these low + level details, Guix provides software and tooling to make + it easy to manage and manipulate derivations, using higher + level concepts like packages, build systems and more. + </aside> + </section> + + <section> + <h2>The hello package</h2> + + <small class="stretch"><pre> + <code class="scheme">(define-public hello + (package + (name "hello") + (version "2.10") + (source (origin + (method url-fetch) + (uri (string-append "mirror://gnu/hello/hello-" version + ".tar.gz")) + (sha256 + (base32 + "0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i")))) + (build-system gnu-build-system) + (synopsis "Hello, GNU world: An example GNU package") + (description + "GNU Hello prints the message \"Hello, world!\" and then exits. It +serves as an example of standard GNU coding practices. As such, it supports +command-line arguments, multiple languages, and so on.") + (home-page "https://www.gnu.org/software/hello/") + (license gpl3+)))</code></pre></small> + + <aside class="notes" data-markdown> + This is the package for GNU hello, that corresponds to the + derivation for GNU hello. + + Packages are the term used within Guix for an individual + bit of software. For example, guix itself is available as + a package. + + Unless you write some custom code for creating packages, + this is as simple as they get. + + The complexity of building hello is hidden away entirely + in the build system, the gnu-build-system in the case of + GNU hello. + </aside> + </section> + + <section> + <h1>What can you do with Guix?</h1> + + <aside class="notes" data-markdown> + So far, we've covered the store and derivations. + + These are important, but not what you'd normally be + concerned with if you're using Guix. + </aside> + </section> + + <section> + <h2>Install a package in to your profile</h2> + + <code> + guix package -i hello + </code> + + <aside class="notes" data-markdown> + So, lets look at how you might actually use the GNU hello + package. + + Guix is usable as a package manager on an existing GNU + + Linux system, and also even supports the Hurd I think. + + With Guix, the packages installed by each user are kept + separate. However, the overhead for this is minimal, as + everything is still kept in the store. Effectively it + becomes a two step process, ensure that the package is + present in the store, and then link to it from the users + profile. + + This separation means that these commands just affect the + user that runs them, and not other users on the system. + </aside> + </section> + + <section> + <h2>Upgrade the packages in your profile</h2> + + <code> + guix package -u + </code> + + <aside class="notes" data-markdown> + If you want to update the packages in your profile, you + can use the -u flag to guix package. + + If you only want to upgrade specific packages, you can put + them after -u. + </aside> + </section> + + <section> + <h2>Roll back to the previous generation of your profile</h2> + + <code> + guix package --roll-back + </code> + + <aside class="notes" data-markdown> + When you use the guix package command, the installation, + upgrade and remove operations don't destroy any state. + + This means that you can roll back to previous states, + providing you haven't explicitly removed them. + + To better explain how this all fits together, here are + some useful diagrams. + </aside> + </section> + + <section data-transition="fade-out"> + <pre>guix package -i samtools bowtie</pre> + <img class="stretch noborder" src="profile-0.svg"> + <a href="https://git.sv.gnu.org/cgit/guix/maintenance.git/tree/talks/bobkonf2017/profile-0.svg" + class="caption"> + Modified, © Ricardo Wurmus + </a> + + <aside class="notes" data-markdown> + Obviously, knowing this isn't required to use the commands + I just mentioned, but this is a technical talk, so lets go + through the details. + + Normally, you'd have a .guix-profile symlink in your home + directory. + + This symlink then points to a file in /var/guix + representing the current version of the profile. + + This file is also a symlink, which links to a file in the + same directory. The name of this file is a number, which + is the generation of the profile. + + This numbered file, in this case 42, is yet another + symlink. This symlink finally points to the profile within + the store. + + Profiles in the store are a way of composing packages. A + profile contains symlinks to other packages in the store, + in a convenient directory structure, e.g. all of the files + in the /bin directory within packages end up in the /bin + directory of the profile. + </aside> + </section> + + <section data-transition="fade"> + <pre>guix package -r bowtie</pre> + <img class="stretch noborder" src="profile-1.svg"> + <a href="https://git.sv.gnu.org/cgit/guix/maintenance.git/tree/talks/bobkonf2017/profile-1.svg" + class="caption"> + Modified, © Ricardo Wurmus + </a> + + <aside class="notes" data-markdown> + When you tell guix to install, remove or upgrade some + software, it generates a new generation of your profile, + and then switches to using it. + + So here, removing the bowtie package means that a new + profile is generated, without the bowtie package. + + The bowtie package is still in the store, and still + referenced by the previous generation of the profile. + + The other change made is the guix-profile symlink in + /var/guix. It changes to point to the new 43rd generation + of your profile. + </aside> + </section> + + <section data-transition="fade-in"> + <pre>guix package --roll-back</pre> + <img class="stretch noborder" src="rollback.svg"> + <a href="https://git.sv.gnu.org/cgit/guix/maintenance.git/tree/talks/bobkonf2017/rollback.svg" + class="caption"> + Modified, © Ricardo Wurmus + </a> + + <aside class="notes" data-markdown> + If you decide that you didn't want to remove the bowtie + package, you can roll back to the previous generation of + your profile. + + Like upgrading, rolling back is atomic, all that is + required is to make the change is to switch the + guix-profile symlink in /var/guix to point at the file + named 42 in that same directory. + </aside> + </section> + + <section> + <h2>Wait a minute, what was installed?</h2> + + <aside class="notes" data-markdown> + So, we've just covered some of the uses of the guix + package commands. + + Lets go back to that first command, guix package -i hello. + </aside> + </section> + + <section data-background-color="white"> + <code> + guix package -i hello + </code> + <img class="noborder fragment" src="hello-derivation-graph.svg"> + + <aside class="notes" data-markdown> + What did this actually install? + + While this may look ambiguous, just install hello, it + actually ends up being rather specific. + + The instruction here to install hello will match a + specific package. If there are multiple packages with the + name hello, then the version can be used to + disambiguate. By default, Guix will pick the highest + version. + + The package describes everything about how to build that + software, all the way down to the bootstrap binaries. + + (Next) + + When you install hello, you specify hello built through + the process described in this diagram. Now I guess most + users of guix will fetch a binary substitute for the hello + package, and any dependencies they need, rather than going + through the process of building it. + + All of this means that Guix gives you the means to get a + high degree of reproducibility and determinism when using + software. + + There is no guarantee that the output will be identical + bit for bit, but that is something that the Guix project + is working towards, along with other people and projects + in the free software community. + + There is however a guarantee that the process will be + identical. + + The hello package isn't a very good example of this, but + imagine a more complicated scenario, some software with + many more dependencies and complexity. + + There is a danger with some approaches that as you make + changes, other changes occur because of a lack of + reproducibility. + + With Debian for example, unless you are quite careful with + the versioned dependency constraints and the available + packages, there is a potential for new versions of + software to creep in from repositories that you're using. + + With Guix, providing you are using the same package + definitions, you'll get the same reproducible process when + building your software. + + + <!-- More than "have all the bits" + + Say, one day, you sit down, and have a moment of + inspiration. You come up with a wonderful mathematical + proof. + + Obviously, you need other people to be able to reproduce + these amazing findings. + + You're not going to just take a copy of the final result, + you're going to set out your workings in detail, so that + someone else, maybe even you can take this description, + and inspect it to work out how the proof works. + + If there turns out to be problems, or areas that could be + improved, you can take your detailed workings, and improve + them, working forward to generate the same, or an improved + output.--> + </aside> + </section> + + <section> + <code> +guix environment hello + </code> + + <aside class="notes" data-markdown> + The guix package command is one way of using guix, but + there are other ways. + + The guix environment command is primarily aimed at + developers working on software, but in general it allows + you to create more temporary profiles. + + For this command, if you were to run it, a subshell would + start, which includes all the inputs to the packages + listed. Here, all the inputs for the hello package, like + gcc for example. + + For another example, when working on guix itself, I often + use the guix environment guix command, to get a + environment in which I can build guix. + </aside> + </section> + + <section> + <code> + guix environment --ad-hoc hello guile + </code> + <br><br> + <pre class="fragment">/gnu/store/5w8jk6p57l5an1d39lngw560r2bw2dx1-profile/bin +├── guild -> /gnu/store/yih…6fk-guile-2.2.2/bin/guild +├── guile -> /gnu/store/yih…6fk-guile-2.2.2/bin/guile +├── guile-config -> /gnu/store/yih…6fk-guile-2.2.2/bin/guile-config +├── guile-snarf -> /gnu/store/yih…6fk-guile-2.2.2/bin/guile-snarf +├── guile-tools -> /gnu/store/yih…6fk-guile-2.2.2/bin/guile-tools +└── hello -> /gnu/store/wf6…2sx-hello-2.10/bin/hello</pre> + + <aside class="notes" data-markdown> + With the --ad-hoc argument, you can specify that you don't + want the inputs for packages, but instead want the + packages themselves to be in the environment. + + (Next) + + As before, the profile that this creates brings together + the two packages, as shown here by the symlinks within the + profile to individual packages. + </aside> + </section> + + <section> + <code> + guix environment --pure --ad-hoc hello + </code> + + <aside class="notes" data-markdown> + The guix environment command supports the --pure + flag. This will mean that the subshell that you enter + won't inherit environment variables. + + This can help make the behaviour more predictable, by + isolating what you do in the environment. + </aside> + </section> + + <section> + <code> + guix environment --container --ad-hoc hello + </code> + + <br> + <pre>$ echo /gnu/store/* +/gnu/store/…-ncurses-6.0 /gnu/store/…-profile +/gnu/store/…-manual-database /gnu/store/…-gcc-5.4.0-lib +/gnu/store/…-info-dir /gnu/store/…-bash-4.4.12 +/gnu/store/…-readline-7.0 /gnu/store/…-glibc-2.25 +/gnu/store/…-hello-2.10 /gnu/store/…-bash-static-4.4.12</pre> + + <aside class="notes" data-markdown> + You can do more for isolation through. + + The guix environment command has a neat --container + argument. + + This means that the subshell you enter will be in a new + mount, pid, ipc, uts, user and network namespace. + + The new mount namespace only gives the environment access + to the store items that are needed, some default other + directories, as well as the current working directory. + + Here, I'm using echo to show the files in the store. I + can't use ls, but coreutils isn't in this + environment. What is show here is the minimal set of + packages required to run hello, and also the bash shell in + which the echo command is running. + + Now, this is only possible because the information about + the complete dependencies needed to run hello which are + stored in the database accompanying the store. + </aside> + </section> + + <section data-background="white"> + <img src="hello-references-graph.svg"> + + <span class="caption">Graph of the hello package references</span> + + <aside class="notes" data-markdown> + If you graph the hello package references, you get this. + + The hello store item references two other store items + directly, the lib output of the gcc package, and glibc. + + glibc also references bash-static, so that is included + here also. + </aside> + </section> + + <section> + <small><pre>$ ldd /gnu/store/wf65hjwqwpz4wllasn63zysi5irql2sx-hello-2.10/bin/hello + +linux-vdso.so.1 (0x00007ffece166000) +libgcc_s.so.1 => /gnu/store/3x53yv4v144c9xp02rs64z7j597kkqax-gcc-5.4.0-lib/lib/libgcc_s.so.1 (0x00007fee83076000) +libc.so.6 => /gnu/store/n6nvxlk2j8ysffjh3jphn1k5silnakh6-glibc-2.25/lib/libc.so.6 (0x00007fee82cd7000) +/gnu/store/n6nvxlk2j8ysffjh3jphn1k5silnakh6-glibc-2.25/lib/ld-linux-x86-64.so.2 (0x00007fee8328d000)</pre></small> + + <aside class="notes" data-markdown> + Lets take a deeper look. + + When the hello store item references the gcc and glibc + store items, it literally contains references to those + directories in the binary. + + If you use the ldd command to show the shared libraries + that are linked against, then you see the exact paths + being specified. + + This is good for a number of reasons. + + From a reliability point of view, this helps, as hello is + going to be consistent in the shared libraries that it + loads. This particular way of using shared libraries, as + well as other approaches to have store items reference + each other is one of the tools packages in guix use to + make the software less vulnerable to change and breakages. + + Another benefit of this is that you are still doing + dynamic linking. I've heard of people not using dynamic + linking, and statically linking executables to get some of + the same benefits that Guix provides, but statically + linked binaries can consume more disk and memory space, + Guix I think gives you the best of both worlds, reliable + dynamic linking. + </aside> + </section> + + <section> + <h2>Guix + Direnv</h2> + <br><br> + + <code> + use guix --ad-hoc gcc-toolchain python python-lxml + </code> + <br><br> + + <code> + <pre>$ cd /tmp/foo +direnv: loading .envrc +direnv: using guix --ad-hoc gcc-toolchain python python-lxml +direnv: export +PAGER +PYTHONPATH ~CPLUS_INCLUDE_PATH + ~C_INCLUDE_PATH ~LIBRARY_PATH ~PATH</pre> + </code> + + <aside class="notes" data-markdown> + This is a neat way that I use guix environment, and hook + it up with another program called direnv. + + direnv is an environment switcher for the shell, and guix + environment can specify environment variables to load a + profile. Therefore, you can combine the two so that when + you enter a directory, direnv will invoke guix to load the + environment. + + Direnv is configured through using a file named .envrc in + the directory you want it to be active in. + + The example I'm showing here is to create an environment + containing gcc-toolchain, python and python-lxml when you + enter the /tmp/foo directory. + </aside> + </section> + + <section> + <h1>Managing systems and services with Guix</h1> + + <aside class="notes" data-markdown> + So far, we've covered some of the underlying mechanisms + that allow Guix to work how it does, and also some of the + ways it can be used as a package manager, both the guix + package and guix environment commands. + + This isn't all Guix can offer though, it also includes the + capabilities to describe entire systems, and the services + that run on them. + + When used in this way, it can be called GuixSD, the Guix + system distribution. A distribution of GNU + Linux. + </aside> + </section> + + <section> + <h2>Systems</h2> + + <small class="stretch"><pre><code class="scheme no-max-height">(use-modules (gnu)) +(use-service-modules networking ssh) +(use-package-modules screen ssh) + +(operating-system + (host-name "komputilo") + (timezone "Europe/Berlin") + (locale "en_US.utf8") + + (bootloader (bootloader-configuration + (bootloader grub-bootloader) + (target "/dev/sdX"))) + (file-systems (cons (file-system + (device "my-root") + (title 'label) + (mount-point "/") + (type "ext4")) + %base-file-systems)) + + (users (cons (user-account + (name "alice") + (comment "Bob's sister") + (group "users") + (supplementary-groups '("wheel" + "audio" "video")) + (home-directory "/home/alice")) + %base-user-accounts)) + + (packages (cons* screen openssh %base-packages)) + + (services (cons* (dhcp-client-service) + (service openssh-service-type + (openssh-configuration + (port-number 2222))) + %base-services)))</code></pre></small> + + <aside class="notes" data-markdown> + Currently when using GuixSD, you'll probably be using a + configuration file for the system. Here is a modified + version of the bare bones example included within Guix. + + This specification allows you to declare a whole load of + different things about your system, the filesystems, + users, packages, services and more. + + When using GuixSD, the filesystem is a bit different from + other distributions. + + You don't by default have a /usr directory. As Guix + manages packages in per user profiles, with the addition + of a system profile, managing a stateful /usr directory + would possibly impact some of the advantages that Guix + brings. + + That doesn't mean you can't have stateful files in /usr + though, on this laptop I have /usr/bin/env and + /usr/share/zoneinfo, as that helps with some software that + I use. + + Another point to mention about GuixSD is how changes to + this configuration work. + + Changes work similar to the changes to package profiles, + there are generations of the system in /var/guix/profiles, + and to apply a change in the configuration to a system, + you reconfigure the system to use that configuration. + + This process generates the new system state, and then + switches to it as atomically as possible. This, along with + the ability to boot in to previous generations of the + system make GuixSD very reliable. + + Generations of the system don't only include Linux, but + other components of the system like services and file + system configuration. + + I really like this. For example, I reconfigured this + laptop yesterday, save in the knowledge that if anything + went wrong, I could just boot in to the previous + generation of my system. + + Compared to other ways I've managed systems, I think using + Guix has a lot of advantages. + + The broad way in which Guix manages the system + configuration, and does so as a proper feature set it + apart from other systems I've used, like Ansible and + Puppet, where you attempt to converge some system to the + desired state, and usually specify more about what you + want, than what you don't, which can leave room for + systems to become inconsistent in bad ways. + + I'm also enjoying not having to convince apt to untangle + Debian systems that I've broken when trying to upgrade. + </aside> + </section> + + <section> + <h2>Services</h2> + + <pre><code class="scheme">... + + (services (cons* (dhcp-client-service) + (service openssh-service-type + (openssh-configuration + (port-number 2222))) + %base-services)))</code></pre> + + + <aside class="notes" data-markdown> + One important part of GuixSD is the services. + + Guix packages are usable on other systems, however + services are specific to GuixSD. + + They are similar though, in that they are both described + through values in Guile. + + I won't go in to writing service definitions here, though + it is something that I quite enjoy doing. + + There are quite a few examples in Guix at the moment, so + you might be able to get a feel for them by looking at the + documentation and the source code. + + Guix services can cooperate together by a process called + service extension. For example, services that describe a + daemon extend the root shepherd service, passing across + the details of the service they want to provide. + </aside> + </section> + + <section data-background-color="white"> + <img class="stretch noborder" + src="bare-bones-extension-graph.svg"> + <span class="caption">Extension graph</span> + + <aside class="notes" data-markdown> + Here is the extension graph for the system definition I + showed previously. + + Note all of the services extending the shepherd-root + service. + </aside> + </section> + + <section data-background-color="white"> + <img class="stretch noborder" + src="bare-bones-shepherd-graph.svg"> + <span class="caption">Shepherd graph</span> + + <aside class="notes" data-markdown> + Mostly just because it's easy, here is the graph of the + shepherd services from the system definition I showed + previously. + + For both these graphs, there are neater layouts, but these + were the best layouts I came up with for fitting on a + slide. + </aside> + </section> + + <section> + <h1> + Extending Guix + </h1> + + <aside class="notes" data-markdown> + One of the areas where I think Guix really excels is + extensibility. + + Because most of the functionality is defined through code, + you're already in an environment where you have a lot of + control. + </aside> + </section> + + <section> + <h2>Writing a package definition</h2> + + <p> + Importers available for: gnu, nix, pypi, cpan, hackage, + stackage, elpa, gem, cran, crate, texlive and json. + </p> + + <aside class="notes" data-markdown> + If you want to use something, and can't find a existing + package for it, you could look at writing one. + + Guix has definitions for around six and a half thousand + packages, but if you are used to the packages from Debian + for example, there will be some stuff missing. + + Guix contains several importers, which can use existing + metadata from some source, to construct a package + definition. + + Depending on the importer, and how complete the + information was that it got from the relevant source, you + might be able to build this package straight away, or it + might need some tweaking. + </aside> + </section> + + <section> + <h2>Hello package definition</h2> + + <small class="stretch"><pre> + <code class="scheme">(define-public hello + (package + (name "hello") + (version "2.10") + (source (origin + (method url-fetch) + (uri (string-append "mirror://gnu/hello/hello-" version + ".tar.gz")) + (sha256 + (base32 + "0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i")))) + (build-system gnu-build-system) + (synopsis "Hello, GNU world: An example GNU package") + (description + "GNU Hello prints the message \"Hello, world!\" and then exits. It +serves as an example of standard GNU coding practices. As such, it supports +command-line arguments, multiple languages, and so on.") + (home-page "https://www.gnu.org/software/hello/") + (license gpl3+)))</code></pre></small> + + <aside class="notes" data-markdown> + For some packages, like hello here, the package definition + is quite simple. + + There are definitely packages in Guix where this is not + the case. + + If there is not an importer available, or if the importer + does a poor job, the other practical way of writing a + package definition is to find something similar, and adapt + it. + </aside> + </section> + + <section> + <h2>Inheritance</h2> + + <small class="stretch"><pre><code class="scheme">(define-public ruby-2.3 + (package + (inherit ruby) + (version "2.3.5") + (source + (origin + (method url-fetch) + (uri (string-append "http://cache.ruby-lang.org/pub/ruby/" + (version-major+minor version) + "/ruby-" version ".tar.xz")) + (sha256 + (base32 + "1npzcnq5kh0f9y88w5gj4v6ln8csr91361k3r43dmhlhn6mpsfkx")) + (modules '((guix build utils))) + (snippet `(begin + ;; Remove bundled libffi + (delete-file-recursively "ext/fiddle/libffi-3.2.1") + #t))))))</code></pre></small> + + <aside class="notes" data-markdown> + Inheritance can come in really useful if you end up + extending Guix. + + Because Guix uses values, mostly records in Guile to + describe things. You can create new records by inheriting + from a record, and just overriding some of the fields. + + This is used within Guix for package definitions that are + similar, here for example, ruby, which is inherited from + is the 2.4.2 release of ruby, so to define the package for + the 2.3 version, you just inherit, and override the + version and source. + + This type of inheritance can be really useful when making + Guix packages suit your needs. + </aside> + </section> + + <section> + <h2>G-expressions, a way of staging code</h2> + + <pre><code class="scheme">(define build-exp + #~(begin + (mkdir #$output) + (chdir #$output) + (symlink (string-append #$coreutils "/bin/ls") + "list-files")))</code></pre> + + <aside class="notes" data-markdown> + G-expressions could easily be a whole talk on there own, + so I won't go in to two much detail here, only to say that + if you start trying to implement services, or do + interesting stuff extending Guix, you'll probably be + leveraging G-expressions. + + There a way of staging code to run as a derivation. Here + for example, this G-expression describes creating some + output directory, and then creating a symlink to the ls + binary in the coreutils package. + + G-expressions make it really easy to do complicated things + with Guix, mostly by providing an easy way to handle the + representation of things that can end up as store items. + </aside> + </section> + + <section> + <h1>What is Guix?</h1> + + <span class="fragment"> + Standalone package definitions<br>+ bootstrap binaries + </span><br><br> + <span class="fragment">Package management tool + library</span><br><br> + <span class="fragment"> + GNU+Linux distribution, with declarative<br>configuration for + the system and services + </span><br><br> + <span class="fragment"> + <small> + Build packages from source, offload build tasks to other + machines, copy store items to other machines, graph + packages and systems, inspect the size of store items, + publish substitutes, run the garbage collector, generate + package definitions from various sources, update package + definitions for new releases, build raw or ISO disk + images... + </small> + </span> + + <aside class="notes" data-markdown> + Given all of this, the question "what is Guix?" isn't very + easy to give a single answer to. + + (Next fragment) + + One aspect of Guix is the standalone package definitions, + and the bootstrap binaries. Together providing a stable, + controllable and inspectable set of software which you can + use directly, and also use as a stable foundation to build + upon. + + (Next fragment) + + Along with this, Guix has tooling to make use of the + package definitions, providing a number of different ways + in which to use them. + + From the guix package command, to manage persistent + profiles, to the guix environment command to create more + temporary profiles and development environments, to the + guix pack command, which allows you to take packages and + pack them up in different ways, currently a tarball and + Docker image also known as the Open Container Initiative + image format. + + Even more functionality and flexibility is available if + you need it, by directly using Guix as a library. + + (Next fragment) + + On top of all of this, Guix provides and brings together + the software and tooling you need to setup a GNU+Linux + distribution, a.k.a GuixSD, the Guix system distribution. + + The state of the system can be specified in a declarative + way, from the user accounts, to the file systems, to the + configuration for many services like PostgreSQL, OpenSSH, + MongoDB, nginx, Dovecot and many more. + + Using the same approaches as for packages and profiles, + this offers roll backs for the system profile, not only + switching back to a previous version of Linux if + applicable, but other parts of the system as well. + + To complement this, Guix includes the tooling for systems + to generate disk images, system containers and virtual + machines, all from a operating system definition. + + (Next fragment) + + And then come all the smaller features, that I think still + make a big difference. + + Building packages from source is seemless, just change the + package definition, and then use it. If you need to change + a dependency of the package you care about, or a + dependency of a dependency of a package you care about, + then its no different. + + Build tasks can be offloaded to other machines. You can + generate graphs for packages, showing the inputs, and + their inputs, and so on. + + The guix size command will show you the references of a + store item, along with their size. + + The guix publish command and service can be used to + publish binary substitutes, for use on other machines. The + guix gc command invokes the garbage collector allows you + to remove unused items from the store, freeing up disk + space. + + The guix import command can generate package definitions + from various sources like the Python package index, + Rubygems.org, CPAN, Hackage, Stackage, Elpa and more. + + The guix refresh command can for some packages update the + package definitions, by checking for new releases. + + And... there is probably even more things that I've + missed, and I haven't even covered any of the tooling that + people have built that uses or enhances Guix. + </aside> + </section> + + <section> + <h2>Use Guix!</h2> + + <p> + Install Guix within an existing system. + </p> + + <p> + Install GuixSD, a distribution of GNU+Linux. + </p> + + <aside class="notes" data-markdown> + If you are going to directly benefit from all of this, + then there are a few different ways of using Guix. + + You can use it within a existing system. The Linux and + Hurd kernels are supported, and Guix has been ported to + the x86 64, i686 and armhf architectures. + + Due to the way Guix works, it's very isolated from the + system its installed on. By default, just requiring two + directories, /gnu and /var/guix and the build daemon to be + running. + + With Guix installed within an existing system, you can + create system containers, virtual machines, but to take + full advantage of features such as the declarative system + configuration, you'll need to install GuixSD. + </aside> + </section> + + <section> + <h3>Talk to others on</h3> + <h2>#guix on freenode</h2> + + <p> + For the manual, mailing lists, papers, blog posts and + talks, go to + <a href="https://gnu.org/s/guix/help"> + https://gnu.org/s/guix/help + </a> + </p> + + <aside class="notes" data-markdown> + If you'd like to talk to others, there is an active IRC + channel, #guix on Freenode. + + I'm in there, my nick is cbaines. + + From the website, you can find a online version of the + manual, and details on the mailing lists. + </alias> + </section> + </div> + </div> + + <script src="lib/js/head.min.js"></script> + <script src="js/reveal.js"></script> + + <script> + Reveal.initialize({ + controls: false, + history: true, + dependencies: [ + { src: 'plugin/markdown/marked.js' }, + { src: 'plugin/markdown/markdown.js' }, + { src: 'plugin/notes/notes.js', async: true }, + { src: 'plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } }, + { src: 'plugin/tagcloud/tagcloud.js', async: true } + ] + }); + </script> + </body> </html> |