aboutsummaryrefslogtreecommitdiff
path: root/index.html
diff options
context:
space:
mode:
Diffstat (limited to 'index.html')
-rw-r--r--index.html1763
1 files changed, 1717 insertions, 46 deletions
diff --git a/index.html b/index.html
index 98accc3..62e4755 100644
--- a/index.html
+++ b/index.html
@@ -1,49 +1,1720 @@
<!doctype html>
<html>
- <head>
- <meta charset="utf-8">
- <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
-
- <title>reveal.js</title>
-
- <link rel="stylesheet" href="css/reveal.css">
- <link rel="stylesheet" href="css/theme/black.css">
-
- <!-- Theme used for syntax highlighting of code -->
- <link rel="stylesheet" href="lib/css/zenburn.css">
-
- <!-- Printing and PDF exports -->
- <script>
- var link = document.createElement( 'link' );
- link.rel = 'stylesheet';
- link.type = 'text/css';
- link.href = window.location.search.match( /print-pdf/gi ) ? 'css/print/pdf.css' : 'css/print/paper.css';
- document.getElementsByTagName( 'head' )[0].appendChild( link );
- </script>
- </head>
- <body>
- <div class="reveal">
- <div class="slides">
- <section>Slide 1</section>
- <section>Slide 2</section>
- </div>
- </div>
-
- <script src="lib/js/head.min.js"></script>
- <script src="js/reveal.js"></script>
-
- <script>
- // More info about config & dependencies:
- // - https://github.com/hakimel/reveal.js#configuration
- // - https://github.com/hakimel/reveal.js#dependencies
- Reveal.initialize({
- dependencies: [
- { src: 'plugin/markdown/marked.js' },
- { src: 'plugin/markdown/markdown.js' },
- { src: 'plugin/notes/notes.js', async: true },
- { src: 'plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } }
- ]
- });
- </script>
- </body>
+ <head>
+ <meta charset="utf-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
+
+ <title>GNU Guix, package manager, system distribution and more</title>
+
+ <link rel="stylesheet" href="css/reveal.css">
+ <link rel="stylesheet" href="css/theme/black.css">
+ <style>
+ .reveal h1 {
+ text-transform: unset;
+ }
+
+ .reveal h2 {
+ text-transform: unset;
+ }
+
+ .reveal h3 {
+ text-transform: unset;
+ }
+
+ .timeline {
+ height: 10em;
+ }
+
+ .timeline:before {
+ content: '';
+ position: absolute;
+ top: 0;
+ left: 50%;
+ margin-left: -1px;
+ width: 2px;
+ height: 100%;
+ background: #CCD1D9;
+ z-index: 1
+ }
+
+ .timeline-block {
+ width: calc(50% + 8px);
+ display: flex;
+ justify-content: space-between;
+ clear: both;
+ }
+
+ .timeline-block-right {
+ float: right;
+ }
+
+ .timeline-block-left {
+ float: left;
+ direction: rtl
+ }
+
+ .marker {
+ width: 16px;
+ height: 16px;
+ border-radius: 50%;
+ border: 2px solid #F5F7FA;
+ background: #4FC1E9;
+ margin-top: 10px;
+ z-index: 9999
+ }
+
+ .no-max-height {
+ max-height: unset !important;
+ }
+
+ img {
+ background: none !important;
+ border: none !important;
+ box-shadow: none !important;
+ }
+
+ pre {
+ background: none !important;
+ border: none !important;
+ box-shadow: none !important;
+ }
+
+ .caption {
+ display: block;
+ clear: both;
+ font-size: large !important;
+ }
+ </style>
+
+ <!-- Theme used for syntax highlighting of code -->
+ <link rel="stylesheet" href="lib/css/zenburn.css">
+
+ <!-- Printing and PDF exports -->
+ <script>
+ var link = document.createElement( 'link' );
+ link.rel = 'stylesheet';
+ link.type = 'text/css';
+ link.href = window.location.search.match( /print-pdf/gi ) ? 'css/print/pdf.css' : 'css/print/paper.css';
+ document.getElementsByTagName( 'head' )[0].appendChild( link );
+ </script>
+ </head>
+ <body>
+ <div class="reveal">
+ <div class="slides">
+ <section>
+ <img src="Guix.svg" style="background: unset; margin: unset; border: unset; box-shadow: unset;">
+ <h1>GNU Guix</h1>
+ <h2>Package manager,<br> system distribution<br> and more…</h2>
+
+ <aside class="notes" data-markdown>
+ Hello, my name is Chris, and we're going to take a look at
+ a software project called GNU Guix.
+
+ Before we begin, hands up if you're excited about package
+ managers?
+
+ I'd prefer to cover only some of the material I've got,
+ really well, rather than cover all of it badly, so please
+ interrupt, and jump in with questions as and when they
+ come to you.
+
+ I've not planned any live demos explicitly, but I'm using
+ GuixSD on this laptop, and am happy to attempt to demo
+ stuff.
+
+ I first found out about Guix sometime in late 2015, early
+ 2016.
+
+ I remember installing it the night before FOSDEM, a free
+ software conference in Brussles, back in January 2016. At
+ FOSDEM that year there were many talks about Guix in the
+ GNU Guile devroom.
+
+ I started using and contributing to Guix soon after.
+
+ Maybe some of you are using Guix already, maybe some of
+ you have heard of it, but don't know much about it, and
+ maybe some of you haven't heard of Guix before freenode
+ live.
+
+ In any case, I hope most of you will learn something about
+ Guix in the next hour.
+
+ I'm going to try and cover:
+ - some of the technical fundamentals
+ - how you can use guix as a package manager
+ - how you can use Guix to manage systems and services
+ - and finally, ways in which you can extend Guix
+ </section>
+
+ <section>
+ <h1>
+ Guix...
+ </h1>
+ <h2>
+ Why another package management tool?
+ </h2>
+
+ <aside class="notes" data-markdown>
+ So, Guix is a package management tool. Something that you
+ can use to get and use software.
+
+ If you haven't heard of package management tools before,
+ think of a package as a somewhat uniform way of dealing
+ with different bits software.
+
+ I'm imagining many of you use a package manager, maybe
+ even more than one, so why might you want to use Guix?
+
+ Now Guix is a project, involving quite a few people, and I
+ imagine there are different views on this, but I've tried
+ to sum it up as user control or user freedom.
+ </aside>
+ </section>
+
+ <section>
+ <h1>User<br>Control / Freedom</h1>
+
+ <aside class="notes" data-markdown>
+ Installing software is something which I think has been
+ getting easier, and better.
+
+ Package managers have helped a lot with this, but often
+ there is still room for improvement.
+
+ Sometimes, package managers have the option to install
+ software without building it from source by fetching some
+ corresponding binary package. But you may want to build
+ the software from source anyway, and this can be tricky.
+
+ There can be a few reasons for building from source. There
+ might not be a corresponding binary package available, you
+ might want to not have to trust the available binary
+ packages, or you may want to modify the software, patching
+ a security vulnerability for example.
+
+ Also, when installing software, there can be issues with
+ package conflicts.
+
+ With some package managers, some packages may conflict
+ with others, and some may conflict with different versions
+ of the same package. Making it difficult to meet the needs
+ of multiple pieces of software, or multiple users.
+
+ Even if you make it through installing software, many
+ people using software are stuck in a world where if they
+ take the risk to remove or upgrade some software on there
+ computer, then something may break.
+
+ Now, of course, updating software may introduce bugs, but
+ sometimes updating one bit of software can break a related
+ bit of software that wasn't updated.
+
+ The same goes for installing and removing software,
+ sometimes, unfortunately, some other piece of software
+ needed what was removed, or an existing piece of software
+ conflicts with the newly installed software.
+
+ On the whole, being able to install software from source,
+ or using prebuilt binary packages, avoiding conflicts
+ between packages, even multiple versions of the same
+ package, and being able to remove or upgrade software,
+ without worrying about causing problems are all issues of
+ user control and user freedom.
+
+ I think Guix is a tool that can help, so how does it work?
+ </aside>
+ </section>
+
+ <section>
+ <h1>How does Guix work?</h1>
+
+ <aside class="notes" data-markdown>
+ Before jumping straight in to Guix, there are some
+ important concepts to cover first.
+
+ These are not new concepts, to put things in perspective,
+ here is a timeline.
+ </aside>
+ </section>
+
+ <section>
+ <!-- https://codepen.io/Mhmdhasan/pen/mVjpVK -->
+ <div class="timeline">
+ <div class="timeline-block timeline-block-left" style="height: 50%;">
+ <div class="marker"></div>
+ <div class="timeline-content">
+ <h3>1993</h3>
+ First Debian release
+ <!-- https://www.debian.org/doc/manuals/project-history/ch-releases.en.html -->
+ </div>
+ </div>
+
+ <div class="timeline-block timeline-block-right" style="height: 36%;">
+ <div class="marker"></div>
+ <div class="timeline-content">
+ <h3>2004</h3> Nix: A Safe and Policy-Free System for
+ Software Deployment
+ </div>
+ </div>
+
+ <div class="timeline-block timeline-block-left" style="height: 22%;">
+ <div class="marker"></div>
+ <div class="timeline-content">
+ <h3>2012</h3>
+ Guix announced
+ </div>
+ </div>
+ </div>
+
+ <div class="timeline-block timeline-block-right">
+ <div class="marker"></div>
+ <div class="timeline-content">
+ <h3>2017</h3>
+ freenode #live
+ </div>
+ </div>
+
+ <aside class="notes" data-markdown>
+ At the top, we have Debian. Which started in 1993, and has
+ grown to be a very popular free software distribution.
+
+ I love Debian. I've used it quite a bit, including writing
+ packages for software and services.
+
+ If I make any comparisons to it, its not because I think
+ its bad, just that its what I was using, before I began
+ using Guix more and more.
+
+ A while after the Debian project started, and quite a long
+ time ago now, back in 2004, the first paper on a piece of
+ software called Nix was published.
+
+ I didn't find out about Nix until I found out about Guix,
+ but Nix is important to mention, as some of the key
+ concepts underlying Guix come from Nix.
+
+ Around 5 years ago now, the Guix project was started bu
+ Ludovic Courtès, using some of the key ideas from Nix, and
+ adding some more.
+ </aside>
+ </section>
+
+ <section data-background-color="white">
+ <a href="https://nixos.org/~eelco/pubs/nspfssd-lisa2004-final.pdf">
+ <img class="noborder" src="nix-paper-2004.png">
+ </a>
+
+ <aside class="notes" data-markdown>
+ As I said before, the first paper was published in 2004,
+ but there is a more detailed description of Nix in Eelco
+ Dolstra's PhD thesis, "The Purely Functional Software
+ Deployment Model", which was published later in 2006.
+
+ I'm going to have a go at explaining what I think is
+ useful to know for understanding how Guix works, but if
+ you want a more original and comprehensive description,
+ then these papers are the ones to read.
+ </aside>
+ </section>
+
+ <section>
+ <h2>The store</h2>
+
+ <pre class="fragment">/gnu/store/<span class="fragment highlight-current-green">wf65hjwqwpz4wllasn63zysi5irql2sx</span>-hello-2.10
+├── bin
+│   └── hello
+└── share
+ ├── info
+ │ └── ...
+ ├── locale
+ │ └── ...
+ └── man
+ └── ...
+</pre>
+
+ <aside class="notes" data-markdown>
+ We start with the store, a special directory where files,
+ and the outputs from derivations that have been built
+ successfully are stored.
+
+ When using Guix, the location of the store is /gnu/store.
+
+ The store contains store items, and there is a database
+ that contains information on these, such as how the store
+ items refer to each other.
+
+ (Next)
+
+ Shown here is an example store item.
+
+ In this case, its a directory, containing GNU Hello.
+
+ Operations on the store should be performed by the build
+ daemon, which helps ensure that the store is maintained
+ correctly. To protect the integrity of the store, it is
+ useful to make it read only, to everything but the build
+ daemon.
+
+ (Next)
+
+ The hash here is really important, and that comes from the
+ derivation which is used to create the store item.
+ </aside>
+ </section>
+
+ <section data-transition="fade-out">
+ <code>
+ <pre>$ guix build --derivations hello
+/gnu/store/1drc59xkcvgdphzgylxm41ln9p5dwbgn-hello-2.10.drv</pre>
+ </code>
+
+ <code>
+ <small><pre>Derive(
+ [("out",<span class="fragment highlight-current-green" data-fragment-index="1">"/gnu/store/<span class="fragment highlight-current-green">wf65hjwqwpz4wllasn63zysi5irql2sx</span>-hello-2.10"</span>,"","")],
+ [("/gnu/store/0gabs9i1zawd406rkkr7l15ifg61s34r-glibc-2.25.drv",["out"]),
+ ("/gnu/store/1lqw4mz8xzjhnb65kc1nvk8wg39spv5j-hello-2.10.tar.gz.drv",["out"]),
+ ("/gnu/store/1vmhamqwgs3qa7rw28am5rm3b9fjs163-file-5.30.drv",["out"]),
+ ("/gnu/store/23h9fzinl5j1s5x7r2i155f1m7ify9wl-ld-wrapper-0.drv",["out"]),
+ ("/gnu/store/3li1y3cc8rkr4d0q9h8bkvl4h3macnf6-bash-minimal-4.4.12.drv",["out"]),
+ ("/gnu/store/6y5h0pbqci67ql1ij5crkchjzmxkafbv-gawk-4.1.4.drv",["out"]),
+ ("/gnu/store/8xmbpyfnh5cdrk9fmx8j67894bq9vl1r-module-import.drv",["out"]),
+ ("/gnu/store/9sahk6fh2p5k631rxl6amx0cd4z8jn0s-diffutils-3.6.drv",["out"]),
+ ("/gnu/store/cm2f8yxfpy353kxbq5gl7whzvmkl9niv-make-4.2.1.drv",["out"]),
+ ("/gnu/store/fqx5lcb8lhdxkw1dwcgahnqaxgaycgb1-tar-1.29.drv",["out"]),
+ ("/gnu/store/i5fzg4cq88yvl2i7bsnqprzgq494bpdm-patch-2.7.5.drv",["out"]),
+ ("/gnu/store/iwzysdzl3yphqa0c0km8liiimcsrxmvd-glibc-utf8-locales-2.25.drv",["out"]),
+ ("/gnu/store/jwsvpyyxkmyg0wk3cic3b9q9wgimphkz-findutils-4.6.0.drv",["out"]),
+ ("/gnu/store/m5kd44n51ns8zlc8mvii497xc2siydpb-coreutils-8.27.drv",["out"]),
+ ("/gnu/store/pjgbs80jhzpm7lfpsa5dp6jgxkcv6n56-bzip2-1.0.6.drv",["out"]),
+ ("/gnu/store/qgcr4gp3qz098yh6zsnn97dg4h8d2nbn-sed-4.4.drv",["out"]),
+ ("/gnu/store/r49cqbngzhn8q1qr6cjsm4vs85vwzl9i-xz-5.2.2.drv",["out"]),
+ ("/gnu/store/rkjydj936a096s70bxq7sz77bbxzfqvd-gzip-1.8.drv",["out"]),
+ ("/gnu/store/vk9xdybvknvnnaxavdk2q43yvdq5h47r-binutils-2.28.drv",["out"]),
+ ("/gnu/store/wrlssahrl79njwzwv8clcq8vdh2syppx-module-import-compiled.drv",["out"]),
+ ("/gnu/store/xz5ikvwa6pyz11h0a5hmzf9rxyi5xjzw-guile-2.2.2.drv",["out"]),
+ ("/gnu/store/zb0wzrfgiydmr8gbxywyrmg6yp68w4fj-linux-libre-headers-4.4.47.drv",["out"]),
+ ("/gnu/store/zxiy6cnd05p90hmyk1mvr30lm17ghwim-grep-3.0.drv",["out"]),
+ ("/gnu/store/zxkwsk4g0m7j2p54l7xp2gblb6v4zddf-gcc-5.4.0.drv",["out"])],
+ ["/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"],
+ "x86_64-linux",
+ "/gnu/store/d8gkn84yqacjr80pzicz1ka3y2s1f2x0-guile-2.2.2/bin/guile",
+ ["--no-auto-compile",
+ "-L",
+ "/gnu/store/xhwmxry8kkmq7897558qmcmfsx8r1z45-module-import",
+ "/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"],
+ [("GUILE_LOAD_COMPILED_PATH","/gnu/store/r7sf4w2wwrbxbcf04pi9a5gkdhzaya2g-module-import-compiled"),
+ ("out",<span class="fragment highlight-current-green" data-fragment-index="1">"/gnu/store/wf65hjwqwpz4wllasn63zysi5irql2sx-hello-2.10"</span>)]
+)</pre></small>
+ </code>
+
+ <aside class="notes" data-markdown>
+ This is an example derivation for the GNU hello package.
+
+ Normally, there is no formatting or highlighting, but I've
+ added some here to make it more understandable.
+
+ (Next)
+
+ The first thing to notice is the output file, highlighted
+ here in green. It appears twice, the first time is for the
+ build daemon, so it knows what to expect, and the second
+ time is for the builder, so it knows where to put the
+ output.
+
+ The hash part of the filename is computed by hashing
+ something which looks like this, but not containing the
+ output file, as you haven't computed the hash yet.
+
+ So lets remove the output file, and look at what goes in
+ to the hash.
+ </aside>
+ </section>
+
+ <section data-transition="fade">
+ <pre>$ guix build --derivations hello
+/gnu/store/1drc59xkcvgdphzgylxm41ln9p5dwbgn-hello-2.10.drv</pre>
+
+ <small><pre>Derive(
+ [("out",<span class="fragment highlight-current-red" data-fragment-index="1">""</span>,"","")],
+ <span class="fragment highlight-current-green">[("/gnu/store/0gabs9i1zawd406rkkr7l15ifg61s34r-glibc-2.25.drv",["out"]),
+ ("/gnu/store/1lqw4mz8xzjhnb65kc1nvk8wg39spv5j-hello-2.10.tar.gz.drv",["out"]),
+ ("/gnu/store/1vmhamqwgs3qa7rw28am5rm3b9fjs163-file-5.30.drv",["out"]),
+ ("/gnu/store/23h9fzinl5j1s5x7r2i155f1m7ify9wl-ld-wrapper-0.drv",["out"]),
+ ("/gnu/store/3li1y3cc8rkr4d0q9h8bkvl4h3macnf6-bash-minimal-4.4.12.drv",["out"]),
+ ("/gnu/store/6y5h0pbqci67ql1ij5crkchjzmxkafbv-gawk-4.1.4.drv",["out"]),
+ ("/gnu/store/8xmbpyfnh5cdrk9fmx8j67894bq9vl1r-module-import.drv",["out"]),
+ ("/gnu/store/9sahk6fh2p5k631rxl6amx0cd4z8jn0s-diffutils-3.6.drv",["out"]),
+ ("/gnu/store/cm2f8yxfpy353kxbq5gl7whzvmkl9niv-make-4.2.1.drv",["out"]),
+ ("/gnu/store/fqx5lcb8lhdxkw1dwcgahnqaxgaycgb1-tar-1.29.drv",["out"]),
+ ("/gnu/store/i5fzg4cq88yvl2i7bsnqprzgq494bpdm-patch-2.7.5.drv",["out"]),
+ ("/gnu/store/iwzysdzl3yphqa0c0km8liiimcsrxmvd-glibc-utf8-locales-2.25.drv",["out"]),
+ ("/gnu/store/jwsvpyyxkmyg0wk3cic3b9q9wgimphkz-findutils-4.6.0.drv",["out"]),
+ ("/gnu/store/m5kd44n51ns8zlc8mvii497xc2siydpb-coreutils-8.27.drv",["out"]),
+ ("/gnu/store/pjgbs80jhzpm7lfpsa5dp6jgxkcv6n56-bzip2-1.0.6.drv",["out"]),
+ ("/gnu/store/qgcr4gp3qz098yh6zsnn97dg4h8d2nbn-sed-4.4.drv",["out"]),
+ ("/gnu/store/r49cqbngzhn8q1qr6cjsm4vs85vwzl9i-xz-5.2.2.drv",["out"]),
+ ("/gnu/store/rkjydj936a096s70bxq7sz77bbxzfqvd-gzip-1.8.drv",["out"]),
+ ("/gnu/store/vk9xdybvknvnnaxavdk2q43yvdq5h47r-binutils-2.28.drv",["out"]),
+ ("/gnu/store/wrlssahrl79njwzwv8clcq8vdh2syppx-module-import-compiled.drv",["out"]),
+ ("/gnu/store/xz5ikvwa6pyz11h0a5hmzf9rxyi5xjzw-guile-2.2.2.drv",["out"]),
+ ("/gnu/store/zb0wzrfgiydmr8gbxywyrmg6yp68w4fj-linux-libre-headers-4.4.47.drv",["out"]),
+ ("/gnu/store/zxiy6cnd05p90hmyk1mvr30lm17ghwim-grep-3.0.drv",["out"]),
+ ("/gnu/store/zxkwsk4g0m7j2p54l7xp2gblb6v4zddf-gcc-5.4.0.drv",["out"])]</span>,
+ ["/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"],
+ "x86_64-linux",
+ "/gnu/store/d8gkn84yqacjr80pzicz1ka3y2s1f2x0-guile-2.2.2/bin/guile",
+ ["--no-auto-compile",
+ "-L",
+ "/gnu/store/xhwmxry8kkmq7897558qmcmfsx8r1z45-module-import",
+ "/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"],
+ [("GUILE_LOAD_COMPILED_PATH","/gnu/store/r7sf4w2wwrbxbcf04pi9a5gkdhzaya2g-module-import-compiled"),
+ ("out",<span class="fragment highlight-current-red" data-fragment-index="1">""</span>)]
+)</pre></small>
+
+ <aside class="notes" data-markdown>
+ (Next)
+
+ So the output file has now been removed, here highlighted
+ in red.
+
+ (Next)
+
+ One more processing step takes place before this data in
+ hashed. The input derivation files, shown in the green
+ area are replaced with the hash for the corresponding
+ derivation, computed through the same process that we are
+ currently going through.
+ </aside>
+ </section>
+
+ <section data-transition="fade-in">
+ <pre>$ guix build --derivations hello
+/gnu/store/1drc59xkcvgdphzgylxm41ln9p5dwbgn-hello-2.10.drv</pre>
+
+ <small><pre>Derive(
+ [("out","","","")],
+ <span class="fragment highlight-current-green">[("04fb79c7338393b15562c5ffd222b40fb745683896789ad2b37659ac9d597540",["out"]),
+ ("08a81b5317696b0ac342330b4561409db5db8273fee477c26cd2854499e4be1c",["out"]),
+ ("0fcc386963a58070aacfc0cfb4fa5e67e676b25b6b038ed1aa61f12b933a39c3",["out"]),
+ ("1b6c42938b2a02480294d8e89bf9fe94c77f392fd41f7cdb72b4c85071b3d197",["out"]),
+ ("1e8dc40cc0593bae81806df0a1785582fb94ee07802b095ad521e7cb0dd16c41",["out"]),
+ ("2e25667c193bed7410ca1f675ba717d5aec59123392d14b35d0918287de2fdf4",["out"]),
+ ("3266b64f962b87ed7bb437ddd49c33a20d439e049a3829e2c10f5c2d8ae7d294",["out"]),
+ ("39ea9f7baeee4ba446ebbaed88b5354adc088dae479e73a2825471c07088a86c",["out"]),
+ ("522962e0ca0c7a5682ee561e618c9e08ce841d24468125c203e935ecd0e8da37",["out"]),
+ ("523610101af5dc2481bdce53a050d680bbc516c64baf32463cf95ab3b18aa261",["out"]),
+ ("5d7766754e92a0a96ca3b732ae0d9e3da892994961cee1500d7c689a0ddcb785",["out"]),
+ ("61fd1308247835184ffe88140f9025117edb3210c47d617feafa33572ad8b8e3",["out"]),
+ ("6ae6f3630665d92a495a4edb0f337fe1884fff9e6adcef65cf1c79131071d127",["out"]),
+ ("7b8ef27665067602e4e27e801c6e8f385bd83b378037a60a4f5953a02b12c74f",["out"]),
+ ("81c2221261670003975a89df35fba774c3871f4444c0d3a1eef6ef21e7aba678",["out"]),
+ ("875b4153b80df041b31b6d0fb93b4bb8b62fbd3938320a8ce6ff263d01b3a536",["out"]),
+ ("89e81aee370115bec522ad48de0f59030f227fe8a599bb409352a34e710669f8",["out"]),
+ ("a127853978c101a2b52071108ed48834435c0bbaf1b707c13304ef9d8e70c3a6",["out"]),
+ ("ab4bf18925deebcc80259b45cba39b348320a03f61d93e2246dcd6f5d28a1b68",["out"]),
+ ("afe40de343b27326b5e6089c8adf8fdbdb105dcc35f671025c87de0bba965184",["out"]),
+ ("bc726d150b4ba6aa8624eba59ad092d729705de4f0148391d33dac15a8aa5dbf",["out"]),
+ ("bfb16f9021e341594cfce1c772ccd491599694460ac1df24a8bb77fadc2a4a04",["out"]),
+ ("e226a8e968c6132524948d4fd0483a16603b57bddc92f97d6ce31580889754c2",["out"]),
+ ("f662215314a37fcf8ae79e425bd197b3a3351bd8ff3d90506cc069c83c833b6d",["out"])],</span>
+ ["/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"],
+ "x86_64-linux",
+ <span class="fragment highlight-current-green">"/gnu/store/d8gkn84yqacjr80pzicz1ka3y2s1f2x0-guile-2.2.2/bin/guile",
+ ["--no-auto-compile",
+ "-L",
+ "/gnu/store/xhwmxry8kkmq7897558qmcmfsx8r1z45-module-import",
+ "/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"]</span>,
+ <span class="fragment highlight-current-green">[("GUILE_LOAD_COMPILED_PATH","/gnu/store/r7sf4w2wwrbxbcf04pi9a5gkdhzaya2g-module-import-compiled"),
+ ("out","")]</span>
+)</pre></small>
+ <span class="fragment"><!-- Null fragment to end --></span>
+
+ <aside class="notes" data-markdown>
+ This is now what is actually hashed, just without any
+ formatting.
+
+ (Next)
+
+ The key parts are the hashes of all the input derivations.
+
+ (Next)
+
+ The description of the build process.
+
+ (Next)
+
+ And finally, the environment variables.
+
+ (Next)
+
+ When this derivation is handed over to the build daemon,
+ it will run the build process in an isolated
+ environment. The build process will only be able to read
+ from the areas of the store that are inputs to the
+ derivation. It will also only be able to write to the
+ specified output locations.
+
+ Network access is disabled, to ensure that the process
+ isn't able to access the network, avoiding the possibility
+ that it depends on something via the network.
+ </aside>
+ </section>
+
+ <section>
+ <code>
+ <pre>$ guix build --derivations hello
+/gnu/store/1drc59xkcvgdphzgylxm41ln9p5dwbgn-hello-2.10.drv</pre>
+ </code>
+
+ <code>
+ <small><pre>Derive(
+ [("out","/gnu/store/wf65hjwqwpz4wllasn63zysi5irql2sx-hello-2.10","","")],
+ [("/gnu/store/0gabs9i1zawd406rkkr7l15ifg61s34r-glibc-2.25.drv",["out"]),
+ <span class="fragment highlight-green">("/gnu/store/1lqw4mz8xzjhnb65kc1nvk8wg39spv5j-hello-2.10.tar.gz.drv",["out"])</span>,
+ ("/gnu/store/1vmhamqwgs3qa7rw28am5rm3b9fjs163-file-5.30.drv",["out"]),
+ ("/gnu/store/23h9fzinl5j1s5x7r2i155f1m7ify9wl-ld-wrapper-0.drv",["out"]),
+ ("/gnu/store/3li1y3cc8rkr4d0q9h8bkvl4h3macnf6-bash-minimal-4.4.12.drv",["out"]),
+ ("/gnu/store/6y5h0pbqci67ql1ij5crkchjzmxkafbv-gawk-4.1.4.drv",["out"]),
+ ("/gnu/store/8xmbpyfnh5cdrk9fmx8j67894bq9vl1r-module-import.drv",["out"]),
+ ("/gnu/store/9sahk6fh2p5k631rxl6amx0cd4z8jn0s-diffutils-3.6.drv",["out"]),
+ ("/gnu/store/cm2f8yxfpy353kxbq5gl7whzvmkl9niv-make-4.2.1.drv",["out"]),
+ ("/gnu/store/fqx5lcb8lhdxkw1dwcgahnqaxgaycgb1-tar-1.29.drv",["out"]),
+ ("/gnu/store/i5fzg4cq88yvl2i7bsnqprzgq494bpdm-patch-2.7.5.drv",["out"]),
+ ("/gnu/store/iwzysdzl3yphqa0c0km8liiimcsrxmvd-glibc-utf8-locales-2.25.drv",["out"]),
+ ("/gnu/store/jwsvpyyxkmyg0wk3cic3b9q9wgimphkz-findutils-4.6.0.drv",["out"]),
+ ("/gnu/store/m5kd44n51ns8zlc8mvii497xc2siydpb-coreutils-8.27.drv",["out"]),
+ ("/gnu/store/pjgbs80jhzpm7lfpsa5dp6jgxkcv6n56-bzip2-1.0.6.drv",["out"]),
+ ("/gnu/store/qgcr4gp3qz098yh6zsnn97dg4h8d2nbn-sed-4.4.drv",["out"]),
+ ("/gnu/store/r49cqbngzhn8q1qr6cjsm4vs85vwzl9i-xz-5.2.2.drv",["out"]),
+ ("/gnu/store/rkjydj936a096s70bxq7sz77bbxzfqvd-gzip-1.8.drv",["out"]),
+ ("/gnu/store/vk9xdybvknvnnaxavdk2q43yvdq5h47r-binutils-2.28.drv",["out"]),
+ ("/gnu/store/wrlssahrl79njwzwv8clcq8vdh2syppx-module-import-compiled.drv",["out"]),
+ ("/gnu/store/xz5ikvwa6pyz11h0a5hmzf9rxyi5xjzw-guile-2.2.2.drv",["out"]),
+ ("/gnu/store/zb0wzrfgiydmr8gbxywyrmg6yp68w4fj-linux-libre-headers-4.4.47.drv",["out"]),
+ ("/gnu/store/zxiy6cnd05p90hmyk1mvr30lm17ghwim-grep-3.0.drv",["out"]),
+ ("/gnu/store/zxkwsk4g0m7j2p54l7xp2gblb6v4zddf-gcc-5.4.0.drv",["out"])],
+ ["/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"],
+ "x86_64-linux",
+ "/gnu/store/d8gkn84yqacjr80pzicz1ka3y2s1f2x0-guile-2.2.2/bin/guile",
+ ["--no-auto-compile",
+ "-L",
+ "/gnu/store/xhwmxry8kkmq7897558qmcmfsx8r1z45-module-import",
+ "/gnu/store/hqlhinp4gsfym9l5bq63c7g8y1j14ynz-hello-2.10-guile-builder"],
+ [("GUILE_LOAD_COMPILED_PATH","/gnu/store/r7sf4w2wwrbxbcf04pi9a5gkdhzaya2g-module-import-compiled"),
+ ("out","/gnu/store/wf65hjwqwpz4wllasn63zysi5irql2sx-hello-2.10")]
+)</pre></small>
+ </code>
+
+ <aside class="notes" data-markdown>
+ Going back to the original derivation, one of the inputs
+ is the release of GNU Hello.
+
+ (Next)
+
+ It's shown here in green.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Fixed-output derivation</h2>
+ <pre>$ guix build -S -d hello
+/gnu/store/1lqw4mz8xzjhnb65kc1nvk8wg39spv5j-hello-2.10.tar.gz.drv</pre>
+ <small>
+ <pre>Derive(
+ [("out",
+ <span class="fragment highlight-current-green">"/gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz",
+ "sha256",
+ "31e066137a962676e89f69d1b65382de95a7ef7d914b8cb956f41ea72e0f516b"</span>)],
+ [],
+ ["/gnu/store/qivc6nybj6mxa95h7h10hg7qv81rdfcm-mirrors",
+ "/gnu/store/wvbspgpk15aq6kcf2f67xjai1fbkbyqc-content-addressed-mirrors"],
+ "x86_64-linux",
+ "builtin:download",
+ [],
+ [("content-addressed-mirrors","/gnu/store/wvbspgpk15aq6kcf2f67xjai1fbkbyqc-content-addressed-mirrors"),
+ ("impureEnvVars","http_proxy https_proxy LC_ALL LC_MESSAGES LANG COLUMNS"),
+ ("mirrors","/gnu/store/qivc6nybj6mxa95h7h10hg7qv81rdfcm-mirrors"),
+ ("out","/gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz"),
+ ("preferLocalBuild","1"),
+ ("url","\"mirror://gnu/hello/hello-2.10.tar.gz\"")]
+)</pre></small>
+
+ <aside class="notes" data-markdown>
+ The derivation for building the hello package that we've
+ just looked at is one type of derivation, but there is
+ another.
+
+ This derivation is a fixed output derivation. Unlike the
+ previous derivation, it can access the network.
+
+ The compromise here is that the output must be known in
+ advance.
+
+ (Next)
+
+ Here, highlighted in green is the file that this
+ derivation will create, as well as the hash value and
+ algorithm.
+
+ Derivations and fixed output derivations are the building
+ blocks that both Nix and Guix use to populate the store
+ with software.
+ </aside>
+ </section>
+
+ <section data-background-color="white">
+ <img class="noborder" src="hello-derivation-graph.svg">
+ <span class="caption">
+ Derivation graph for the hello package
+ </span>
+
+ <aside class="notes" data-markdown>
+ Here is the bigger picture. This is the graph of
+ derivations, both with fixed output and non-fixed output
+ derivations.
+
+ If you can make it out, the fixed output derivations are
+ in black, and the other derivations are in purple.
+
+ The fixed output derivations tend to sit around the edge
+ of the graph, as they describe the building blocks used in
+ the other derivations.
+
+ Fixed output derivations are used to describe the source
+ code of software, e.g. a source tarball or git repository
+ checkout.
+
+ There are also bootstrap binaries in the graph. You can't
+ just go from source code, with no compiler, to compiling a
+ compiler, so Guix includes some bootstrap binaries to get
+ started with.
+
+ Other fixed output derivations include patches that are
+ applied to source code, the build scripts, and Guile
+ modules that are used in the build scripts.
+
+ This graph also includes the Guix bootstraping process,
+ for getting from the bootstrap binaries, to GNU hello, and
+ everything in between.
+
+ Also, thinking back to what goes in to the hash for the
+ outout of a derivation, that is the hashes of the input
+ derivations, the build process and environment variables
+ for non-fixed output derivations, and the output name,
+ hash algorithm and value for fixed output derivations, we
+ can now start to look at when changes happen in this
+ graph, what will happen to the outputs for derivations.
+
+ For exapmle, if you were to change the source code for the
+ hello package, that would mean that the hash would be
+ different, therefore the hash of the fixed output
+ derivation would be different. As that hash is part of the
+ hash of the hello derivation, its hash would change as
+ well.
+
+ Comparing this with a Debian package for example, which
+ would always produce /usr/bin/hello, regardless of the
+ source code, the way that the derivations output is
+ computed means that having hello in the store twice just
+ works.
+
+ While I think it can be useful to understand these low
+ level details, Guix provides software and tooling to make
+ it easy to manage and manipulate derivations, using higher
+ level concepts like packages, build systems and more.
+ </aside>
+ </section>
+
+ <section>
+ <h2>The hello package</h2>
+
+ <small class="stretch"><pre>
+ <code class="scheme">(define-public hello
+ (package
+ (name "hello")
+ (version "2.10")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnu/hello/hello-" version
+ ".tar.gz"))
+ (sha256
+ (base32
+ "0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i"))))
+ (build-system gnu-build-system)
+ (synopsis "Hello, GNU world: An example GNU package")
+ (description
+ "GNU Hello prints the message \"Hello, world!\" and then exits. It
+serves as an example of standard GNU coding practices. As such, it supports
+command-line arguments, multiple languages, and so on.")
+ (home-page "https://www.gnu.org/software/hello/")
+ (license gpl3+)))</code></pre></small>
+
+ <aside class="notes" data-markdown>
+ This is the package for GNU hello, that corresponds to the
+ derivation for GNU hello.
+
+ Packages are the term used within Guix for an individual
+ bit of software. For example, guix itself is available as
+ a package.
+
+ Unless you write some custom code for creating packages,
+ this is as simple as they get.
+
+ The complexity of building hello is hidden away entirely
+ in the build system, the gnu-build-system in the case of
+ GNU hello.
+ </aside>
+ </section>
+
+ <section>
+ <h1>What can you do with Guix?</h1>
+
+ <aside class="notes" data-markdown>
+ So far, we've covered the store and derivations.
+
+ These are important, but not what you'd normally be
+ concerned with if you're using Guix.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Install a package in to your profile</h2>
+
+ <code>
+ guix package -i hello
+ </code>
+
+ <aside class="notes" data-markdown>
+ So, lets look at how you might actually use the GNU hello
+ package.
+
+ Guix is usable as a package manager on an existing GNU +
+ Linux system, and also even supports the Hurd I think.
+
+ With Guix, the packages installed by each user are kept
+ separate. However, the overhead for this is minimal, as
+ everything is still kept in the store. Effectively it
+ becomes a two step process, ensure that the package is
+ present in the store, and then link to it from the users
+ profile.
+
+ This separation means that these commands just affect the
+ user that runs them, and not other users on the system.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Upgrade the packages in your profile</h2>
+
+ <code>
+ guix package -u
+ </code>
+
+ <aside class="notes" data-markdown>
+ If you want to update the packages in your profile, you
+ can use the -u flag to guix package.
+
+ If you only want to upgrade specific packages, you can put
+ them after -u.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Roll back to the previous generation of your profile</h2>
+
+ <code>
+ guix package --roll-back
+ </code>
+
+ <aside class="notes" data-markdown>
+ When you use the guix package command, the installation,
+ upgrade and remove operations don't destroy any state.
+
+ This means that you can roll back to previous states,
+ providing you haven't explicitly removed them.
+
+ To better explain how this all fits together, here are
+ some useful diagrams.
+ </aside>
+ </section>
+
+ <section data-transition="fade-out">
+ <pre>guix package -i samtools bowtie</pre>
+ <img class="stretch noborder" src="profile-0.svg">
+ <a href="https://git.sv.gnu.org/cgit/guix/maintenance.git/tree/talks/bobkonf2017/profile-0.svg"
+ class="caption">
+ Modified, © Ricardo Wurmus
+ </a>
+
+ <aside class="notes" data-markdown>
+ Obviously, knowing this isn't required to use the commands
+ I just mentioned, but this is a technical talk, so lets go
+ through the details.
+
+ Normally, you'd have a .guix-profile symlink in your home
+ directory.
+
+ This symlink then points to a file in /var/guix
+ representing the current version of the profile.
+
+ This file is also a symlink, which links to a file in the
+ same directory. The name of this file is a number, which
+ is the generation of the profile.
+
+ This numbered file, in this case 42, is yet another
+ symlink. This symlink finally points to the profile within
+ the store.
+
+ Profiles in the store are a way of composing packages. A
+ profile contains symlinks to other packages in the store,
+ in a convenient directory structure, e.g. all of the files
+ in the /bin directory within packages end up in the /bin
+ directory of the profile.
+ </aside>
+ </section>
+
+ <section data-transition="fade">
+ <pre>guix package -r bowtie</pre>
+ <img class="stretch noborder" src="profile-1.svg">
+ <a href="https://git.sv.gnu.org/cgit/guix/maintenance.git/tree/talks/bobkonf2017/profile-1.svg"
+ class="caption">
+ Modified, © Ricardo Wurmus
+ </a>
+
+ <aside class="notes" data-markdown>
+ When you tell guix to install, remove or upgrade some
+ software, it generates a new generation of your profile,
+ and then switches to using it.
+
+ So here, removing the bowtie package means that a new
+ profile is generated, without the bowtie package.
+
+ The bowtie package is still in the store, and still
+ referenced by the previous generation of the profile.
+
+ The other change made is the guix-profile symlink in
+ /var/guix. It changes to point to the new 43rd generation
+ of your profile.
+ </aside>
+ </section>
+
+ <section data-transition="fade-in">
+ <pre>guix package --roll-back</pre>
+ <img class="stretch noborder" src="rollback.svg">
+ <a href="https://git.sv.gnu.org/cgit/guix/maintenance.git/tree/talks/bobkonf2017/rollback.svg"
+ class="caption">
+ Modified, © Ricardo Wurmus
+ </a>
+
+ <aside class="notes" data-markdown>
+ If you decide that you didn't want to remove the bowtie
+ package, you can roll back to the previous generation of
+ your profile.
+
+ Like upgrading, rolling back is atomic, all that is
+ required is to make the change is to switch the
+ guix-profile symlink in /var/guix to point at the file
+ named 42 in that same directory.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Wait a minute, what was installed?</h2>
+
+ <aside class="notes" data-markdown>
+ So, we've just covered some of the uses of the guix
+ package commands.
+
+ Lets go back to that first command, guix package -i hello.
+ </aside>
+ </section>
+
+ <section data-background-color="white">
+ <code>
+ guix package -i hello
+ </code>
+ <img class="noborder fragment" src="hello-derivation-graph.svg">
+
+ <aside class="notes" data-markdown>
+ What did this actually install?
+
+ While this may look ambiguous, just install hello, it
+ actually ends up being rather specific.
+
+ The instruction here to install hello will match a
+ specific package. If there are multiple packages with the
+ name hello, then the version can be used to
+ disambiguate. By default, Guix will pick the highest
+ version.
+
+ The package describes everything about how to build that
+ software, all the way down to the bootstrap binaries.
+
+ (Next)
+
+ When you install hello, you specify hello built through
+ the process described in this diagram. Now I guess most
+ users of guix will fetch a binary substitute for the hello
+ package, and any dependencies they need, rather than going
+ through the process of building it.
+
+ All of this means that Guix gives you the means to get a
+ high degree of reproducibility and determinism when using
+ software.
+
+ There is no guarantee that the output will be identical
+ bit for bit, but that is something that the Guix project
+ is working towards, along with other people and projects
+ in the free software community.
+
+ There is however a guarantee that the process will be
+ identical.
+
+ The hello package isn't a very good example of this, but
+ imagine a more complicated scenario, some software with
+ many more dependencies and complexity.
+
+ There is a danger with some approaches that as you make
+ changes, other changes occur because of a lack of
+ reproducibility.
+
+ With Debian for example, unless you are quite careful with
+ the versioned dependency constraints and the available
+ packages, there is a potential for new versions of
+ software to creep in from repositories that you're using.
+
+ With Guix, providing you are using the same package
+ definitions, you'll get the same reproducible process when
+ building your software.
+
+
+ <!-- More than "have all the bits"
+
+ Say, one day, you sit down, and have a moment of
+ inspiration. You come up with a wonderful mathematical
+ proof.
+
+ Obviously, you need other people to be able to reproduce
+ these amazing findings.
+
+ You're not going to just take a copy of the final result,
+ you're going to set out your workings in detail, so that
+ someone else, maybe even you can take this description,
+ and inspect it to work out how the proof works.
+
+ If there turns out to be problems, or areas that could be
+ improved, you can take your detailed workings, and improve
+ them, working forward to generate the same, or an improved
+ output.-->
+ </aside>
+ </section>
+
+ <section>
+ <code>
+guix environment hello
+ </code>
+
+ <aside class="notes" data-markdown>
+ The guix package command is one way of using guix, but
+ there are other ways.
+
+ The guix environment command is primarily aimed at
+ developers working on software, but in general it allows
+ you to create more temporary profiles.
+
+ For this command, if you were to run it, a subshell would
+ start, which includes all the inputs to the packages
+ listed. Here, all the inputs for the hello package, like
+ gcc for example.
+
+ For another example, when working on guix itself, I often
+ use the guix environment guix command, to get a
+ environment in which I can build guix.
+ </aside>
+ </section>
+
+ <section>
+ <code>
+ guix environment --ad-hoc hello guile
+ </code>
+ <br><br>
+ <pre class="fragment">/gnu/store/5w8jk6p57l5an1d39lngw560r2bw2dx1-profile/bin
+├── guild -> /gnu/store/yih…6fk-guile-2.2.2/bin/guild
+├── guile -> /gnu/store/yih…6fk-guile-2.2.2/bin/guile
+├── guile-config -> /gnu/store/yih…6fk-guile-2.2.2/bin/guile-config
+├── guile-snarf -> /gnu/store/yih…6fk-guile-2.2.2/bin/guile-snarf
+├── guile-tools -> /gnu/store/yih…6fk-guile-2.2.2/bin/guile-tools
+└── hello -> /gnu/store/wf6…2sx-hello-2.10/bin/hello</pre>
+
+ <aside class="notes" data-markdown>
+ With the --ad-hoc argument, you can specify that you don't
+ want the inputs for packages, but instead want the
+ packages themselves to be in the environment.
+
+ (Next)
+
+ As before, the profile that this creates brings together
+ the two packages, as shown here by the symlinks within the
+ profile to individual packages.
+ </aside>
+ </section>
+
+ <section>
+ <code>
+ guix environment --pure --ad-hoc hello
+ </code>
+
+ <aside class="notes" data-markdown>
+ The guix environment command supports the --pure
+ flag. This will mean that the subshell that you enter
+ won't inherit environment variables.
+
+ This can help make the behaviour more predictable, by
+ isolating what you do in the environment.
+ </aside>
+ </section>
+
+ <section>
+ <code>
+ guix environment --container --ad-hoc hello
+ </code>
+
+ <br>
+ <pre>$ echo /gnu/store/*
+/gnu/store/…-ncurses-6.0 /gnu/store/…-profile
+/gnu/store/…-manual-database /gnu/store/…-gcc-5.4.0-lib
+/gnu/store/…-info-dir /gnu/store/…-bash-4.4.12
+/gnu/store/…-readline-7.0 /gnu/store/…-glibc-2.25
+/gnu/store/…-hello-2.10 /gnu/store/…-bash-static-4.4.12</pre>
+
+ <aside class="notes" data-markdown>
+ You can do more for isolation through.
+
+ The guix environment command has a neat --container
+ argument.
+
+ This means that the subshell you enter will be in a new
+ mount, pid, ipc, uts, user and network namespace.
+
+ The new mount namespace only gives the environment access
+ to the store items that are needed, some default other
+ directories, as well as the current working directory.
+
+ Here, I'm using echo to show the files in the store. I
+ can't use ls, but coreutils isn't in this
+ environment. What is show here is the minimal set of
+ packages required to run hello, and also the bash shell in
+ which the echo command is running.
+
+ Now, this is only possible because the information about
+ the complete dependencies needed to run hello which are
+ stored in the database accompanying the store.
+ </aside>
+ </section>
+
+ <section data-background="white">
+ <img src="hello-references-graph.svg">
+
+ <span class="caption">Graph of the hello package references</span>
+
+ <aside class="notes" data-markdown>
+ If you graph the hello package references, you get this.
+
+ The hello store item references two other store items
+ directly, the lib output of the gcc package, and glibc.
+
+ glibc also references bash-static, so that is included
+ here also.
+ </aside>
+ </section>
+
+ <section>
+ <small><pre>$ ldd /gnu/store/wf65hjwqwpz4wllasn63zysi5irql2sx-hello-2.10/bin/hello
+
+linux-vdso.so.1 (0x00007ffece166000)
+libgcc_s.so.1 => /gnu/store/3x53yv4v144c9xp02rs64z7j597kkqax-gcc-5.4.0-lib/lib/libgcc_s.so.1 (0x00007fee83076000)
+libc.so.6 => /gnu/store/n6nvxlk2j8ysffjh3jphn1k5silnakh6-glibc-2.25/lib/libc.so.6 (0x00007fee82cd7000)
+/gnu/store/n6nvxlk2j8ysffjh3jphn1k5silnakh6-glibc-2.25/lib/ld-linux-x86-64.so.2 (0x00007fee8328d000)</pre></small>
+
+ <aside class="notes" data-markdown>
+ Lets take a deeper look.
+
+ When the hello store item references the gcc and glibc
+ store items, it literally contains references to those
+ directories in the binary.
+
+ If you use the ldd command to show the shared libraries
+ that are linked against, then you see the exact paths
+ being specified.
+
+ This is good for a number of reasons.
+
+ From a reliability point of view, this helps, as hello is
+ going to be consistent in the shared libraries that it
+ loads. This particular way of using shared libraries, as
+ well as other approaches to have store items reference
+ each other is one of the tools packages in guix use to
+ make the software less vulnerable to change and breakages.
+
+ Another benefit of this is that you are still doing
+ dynamic linking. I've heard of people not using dynamic
+ linking, and statically linking executables to get some of
+ the same benefits that Guix provides, but statically
+ linked binaries can consume more disk and memory space,
+ Guix I think gives you the best of both worlds, reliable
+ dynamic linking.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Guix + Direnv</h2>
+ <br><br>
+
+ <code>
+ use guix --ad-hoc gcc-toolchain python python-lxml
+ </code>
+ <br><br>
+
+ <code>
+ <pre>$ cd /tmp/foo
+direnv: loading .envrc
+direnv: using guix --ad-hoc gcc-toolchain python python-lxml
+direnv: export +PAGER +PYTHONPATH ~CPLUS_INCLUDE_PATH
+ ~C_INCLUDE_PATH ~LIBRARY_PATH ~PATH</pre>
+ </code>
+
+ <aside class="notes" data-markdown>
+ This is a neat way that I use guix environment, and hook
+ it up with another program called direnv.
+
+ direnv is an environment switcher for the shell, and guix
+ environment can specify environment variables to load a
+ profile. Therefore, you can combine the two so that when
+ you enter a directory, direnv will invoke guix to load the
+ environment.
+
+ Direnv is configured through using a file named .envrc in
+ the directory you want it to be active in.
+
+ The example I'm showing here is to create an environment
+ containing gcc-toolchain, python and python-lxml when you
+ enter the /tmp/foo directory.
+ </aside>
+ </section>
+
+ <section>
+ <h1>Managing systems and services with Guix</h1>
+
+ <aside class="notes" data-markdown>
+ So far, we've covered some of the underlying mechanisms
+ that allow Guix to work how it does, and also some of the
+ ways it can be used as a package manager, both the guix
+ package and guix environment commands.
+
+ This isn't all Guix can offer though, it also includes the
+ capabilities to describe entire systems, and the services
+ that run on them.
+
+ When used in this way, it can be called GuixSD, the Guix
+ system distribution. A distribution of GNU + Linux.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Systems</h2>
+
+ <small class="stretch"><pre><code class="scheme no-max-height">(use-modules (gnu))
+(use-service-modules networking ssh)
+(use-package-modules screen ssh)
+
+(operating-system
+ (host-name "komputilo")
+ (timezone "Europe/Berlin")
+ (locale "en_US.utf8")
+
+ (bootloader (bootloader-configuration
+ (bootloader grub-bootloader)
+ (target "/dev/sdX")))
+ (file-systems (cons (file-system
+ (device "my-root")
+ (title 'label)
+ (mount-point "/")
+ (type "ext4"))
+ %base-file-systems))
+
+ (users (cons (user-account
+ (name "alice")
+ (comment "Bob's sister")
+ (group "users")
+ (supplementary-groups '("wheel"
+ "audio" "video"))
+ (home-directory "/home/alice"))
+ %base-user-accounts))
+
+ (packages (cons* screen openssh %base-packages))
+
+ (services (cons* (dhcp-client-service)
+ (service openssh-service-type
+ (openssh-configuration
+ (port-number 2222)))
+ %base-services)))</code></pre></small>
+
+ <aside class="notes" data-markdown>
+ Currently when using GuixSD, you'll probably be using a
+ configuration file for the system. Here is a modified
+ version of the bare bones example included within Guix.
+
+ This specification allows you to declare a whole load of
+ different things about your system, the filesystems,
+ users, packages, services and more.
+
+ When using GuixSD, the filesystem is a bit different from
+ other distributions.
+
+ You don't by default have a /usr directory. As Guix
+ manages packages in per user profiles, with the addition
+ of a system profile, managing a stateful /usr directory
+ would possibly impact some of the advantages that Guix
+ brings.
+
+ That doesn't mean you can't have stateful files in /usr
+ though, on this laptop I have /usr/bin/env and
+ /usr/share/zoneinfo, as that helps with some software that
+ I use.
+
+ Another point to mention about GuixSD is how changes to
+ this configuration work.
+
+ Changes work similar to the changes to package profiles,
+ there are generations of the system in /var/guix/profiles,
+ and to apply a change in the configuration to a system,
+ you reconfigure the system to use that configuration.
+
+ This process generates the new system state, and then
+ switches to it as atomically as possible. This, along with
+ the ability to boot in to previous generations of the
+ system make GuixSD very reliable.
+
+ Generations of the system don't only include Linux, but
+ other components of the system like services and file
+ system configuration.
+
+ I really like this. For example, I reconfigured this
+ laptop yesterday, save in the knowledge that if anything
+ went wrong, I could just boot in to the previous
+ generation of my system.
+
+ Compared to other ways I've managed systems, I think using
+ Guix has a lot of advantages.
+
+ The broad way in which Guix manages the system
+ configuration, and does so as a proper feature set it
+ apart from other systems I've used, like Ansible and
+ Puppet, where you attempt to converge some system to the
+ desired state, and usually specify more about what you
+ want, than what you don't, which can leave room for
+ systems to become inconsistent in bad ways.
+
+ I'm also enjoying not having to convince apt to untangle
+ Debian systems that I've broken when trying to upgrade.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Services</h2>
+
+ <pre><code class="scheme">...
+
+ (services (cons* (dhcp-client-service)
+ (service openssh-service-type
+ (openssh-configuration
+ (port-number 2222)))
+ %base-services)))</code></pre>
+
+
+ <aside class="notes" data-markdown>
+ One important part of GuixSD is the services.
+
+ Guix packages are usable on other systems, however
+ services are specific to GuixSD.
+
+ They are similar though, in that they are both described
+ through values in Guile.
+
+ I won't go in to writing service definitions here, though
+ it is something that I quite enjoy doing.
+
+ There are quite a few examples in Guix at the moment, so
+ you might be able to get a feel for them by looking at the
+ documentation and the source code.
+
+ Guix services can cooperate together by a process called
+ service extension. For example, services that describe a
+ daemon extend the root shepherd service, passing across
+ the details of the service they want to provide.
+ </aside>
+ </section>
+
+ <section data-background-color="white">
+ <img class="stretch noborder"
+ src="bare-bones-extension-graph.svg">
+ <span class="caption">Extension graph</span>
+
+ <aside class="notes" data-markdown>
+ Here is the extension graph for the system definition I
+ showed previously.
+
+ Note all of the services extending the shepherd-root
+ service.
+ </aside>
+ </section>
+
+ <section data-background-color="white">
+ <img class="stretch noborder"
+ src="bare-bones-shepherd-graph.svg">
+ <span class="caption">Shepherd graph</span>
+
+ <aside class="notes" data-markdown>
+ Mostly just because it's easy, here is the graph of the
+ shepherd services from the system definition I showed
+ previously.
+
+ For both these graphs, there are neater layouts, but these
+ were the best layouts I came up with for fitting on a
+ slide.
+ </aside>
+ </section>
+
+ <section>
+ <h1>
+ Extending Guix
+ </h1>
+
+ <aside class="notes" data-markdown>
+ One of the areas where I think Guix really excels is
+ extensibility.
+
+ Because most of the functionality is defined through code,
+ you're already in an environment where you have a lot of
+ control.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Writing a package definition</h2>
+
+ <p>
+ Importers available for: gnu, nix, pypi, cpan, hackage,
+ stackage, elpa, gem, cran, crate, texlive and json.
+ </p>
+
+ <aside class="notes" data-markdown>
+ If you want to use something, and can't find a existing
+ package for it, you could look at writing one.
+
+ Guix has definitions for around six and a half thousand
+ packages, but if you are used to the packages from Debian
+ for example, there will be some stuff missing.
+
+ Guix contains several importers, which can use existing
+ metadata from some source, to construct a package
+ definition.
+
+ Depending on the importer, and how complete the
+ information was that it got from the relevant source, you
+ might be able to build this package straight away, or it
+ might need some tweaking.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Hello package definition</h2>
+
+ <small class="stretch"><pre>
+ <code class="scheme">(define-public hello
+ (package
+ (name "hello")
+ (version "2.10")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnu/hello/hello-" version
+ ".tar.gz"))
+ (sha256
+ (base32
+ "0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i"))))
+ (build-system gnu-build-system)
+ (synopsis "Hello, GNU world: An example GNU package")
+ (description
+ "GNU Hello prints the message \"Hello, world!\" and then exits. It
+serves as an example of standard GNU coding practices. As such, it supports
+command-line arguments, multiple languages, and so on.")
+ (home-page "https://www.gnu.org/software/hello/")
+ (license gpl3+)))</code></pre></small>
+
+ <aside class="notes" data-markdown>
+ For some packages, like hello here, the package definition
+ is quite simple.
+
+ There are definitely packages in Guix where this is not
+ the case.
+
+ If there is not an importer available, or if the importer
+ does a poor job, the other practical way of writing a
+ package definition is to find something similar, and adapt
+ it.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Inheritance</h2>
+
+ <small class="stretch"><pre><code class="scheme">(define-public ruby-2.3
+ (package
+ (inherit ruby)
+ (version "2.3.5")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "http://cache.ruby-lang.org/pub/ruby/"
+ (version-major+minor version)
+ "/ruby-" version ".tar.xz"))
+ (sha256
+ (base32
+ "1npzcnq5kh0f9y88w5gj4v6ln8csr91361k3r43dmhlhn6mpsfkx"))
+ (modules '((guix build utils)))
+ (snippet `(begin
+ ;; Remove bundled libffi
+ (delete-file-recursively "ext/fiddle/libffi-3.2.1")
+ #t))))))</code></pre></small>
+
+ <aside class="notes" data-markdown>
+ Inheritance can come in really useful if you end up
+ extending Guix.
+
+ Because Guix uses values, mostly records in Guile to
+ describe things. You can create new records by inheriting
+ from a record, and just overriding some of the fields.
+
+ This is used within Guix for package definitions that are
+ similar, here for example, ruby, which is inherited from
+ is the 2.4.2 release of ruby, so to define the package for
+ the 2.3 version, you just inherit, and override the
+ version and source.
+
+ This type of inheritance can be really useful when making
+ Guix packages suit your needs.
+ </aside>
+ </section>
+
+ <section>
+ <h2>G-expressions, a way of staging code</h2>
+
+ <pre><code class="scheme">(define build-exp
+ #~(begin
+ (mkdir #$output)
+ (chdir #$output)
+ (symlink (string-append #$coreutils "/bin/ls")
+ "list-files")))</code></pre>
+
+ <aside class="notes" data-markdown>
+ G-expressions could easily be a whole talk on there own,
+ so I won't go in to two much detail here, only to say that
+ if you start trying to implement services, or do
+ interesting stuff extending Guix, you'll probably be
+ leveraging G-expressions.
+
+ There a way of staging code to run as a derivation. Here
+ for example, this G-expression describes creating some
+ output directory, and then creating a symlink to the ls
+ binary in the coreutils package.
+
+ G-expressions make it really easy to do complicated things
+ with Guix, mostly by providing an easy way to handle the
+ representation of things that can end up as store items.
+ </aside>
+ </section>
+
+ <section>
+ <h1>What is Guix?</h1>
+
+ <span class="fragment">
+ Standalone package definitions<br>+ bootstrap binaries
+ </span><br><br>
+ <span class="fragment">Package management tool + library</span><br><br>
+ <span class="fragment">
+ GNU+Linux distribution, with declarative<br>configuration for
+ the system and services
+ </span><br><br>
+ <span class="fragment">
+ <small>
+ Build packages from source, offload build tasks to other
+ machines, copy store items to other machines, graph
+ packages and systems, inspect the size of store items,
+ publish substitutes, run the garbage collector, generate
+ package definitions from various sources, update package
+ definitions for new releases, build raw or ISO disk
+ images...
+ </small>
+ </span>
+
+ <aside class="notes" data-markdown>
+ Given all of this, the question "what is Guix?" isn't very
+ easy to give a single answer to.
+
+ (Next fragment)
+
+ One aspect of Guix is the standalone package definitions,
+ and the bootstrap binaries. Together providing a stable,
+ controllable and inspectable set of software which you can
+ use directly, and also use as a stable foundation to build
+ upon.
+
+ (Next fragment)
+
+ Along with this, Guix has tooling to make use of the
+ package definitions, providing a number of different ways
+ in which to use them.
+
+ From the guix package command, to manage persistent
+ profiles, to the guix environment command to create more
+ temporary profiles and development environments, to the
+ guix pack command, which allows you to take packages and
+ pack them up in different ways, currently a tarball and
+ Docker image also known as the Open Container Initiative
+ image format.
+
+ Even more functionality and flexibility is available if
+ you need it, by directly using Guix as a library.
+
+ (Next fragment)
+
+ On top of all of this, Guix provides and brings together
+ the software and tooling you need to setup a GNU+Linux
+ distribution, a.k.a GuixSD, the Guix system distribution.
+
+ The state of the system can be specified in a declarative
+ way, from the user accounts, to the file systems, to the
+ configuration for many services like PostgreSQL, OpenSSH,
+ MongoDB, nginx, Dovecot and many more.
+
+ Using the same approaches as for packages and profiles,
+ this offers roll backs for the system profile, not only
+ switching back to a previous version of Linux if
+ applicable, but other parts of the system as well.
+
+ To complement this, Guix includes the tooling for systems
+ to generate disk images, system containers and virtual
+ machines, all from a operating system definition.
+
+ (Next fragment)
+
+ And then come all the smaller features, that I think still
+ make a big difference.
+
+ Building packages from source is seemless, just change the
+ package definition, and then use it. If you need to change
+ a dependency of the package you care about, or a
+ dependency of a dependency of a package you care about,
+ then its no different.
+
+ Build tasks can be offloaded to other machines. You can
+ generate graphs for packages, showing the inputs, and
+ their inputs, and so on.
+
+ The guix size command will show you the references of a
+ store item, along with their size.
+
+ The guix publish command and service can be used to
+ publish binary substitutes, for use on other machines. The
+ guix gc command invokes the garbage collector allows you
+ to remove unused items from the store, freeing up disk
+ space.
+
+ The guix import command can generate package definitions
+ from various sources like the Python package index,
+ Rubygems.org, CPAN, Hackage, Stackage, Elpa and more.
+
+ The guix refresh command can for some packages update the
+ package definitions, by checking for new releases.
+
+ And... there is probably even more things that I've
+ missed, and I haven't even covered any of the tooling that
+ people have built that uses or enhances Guix.
+ </aside>
+ </section>
+
+ <section>
+ <h2>Use Guix!</h2>
+
+ <p>
+ Install Guix within an existing system.
+ </p>
+
+ <p>
+ Install GuixSD, a distribution of GNU+Linux.
+ </p>
+
+ <aside class="notes" data-markdown>
+ If you are going to directly benefit from all of this,
+ then there are a few different ways of using Guix.
+
+ You can use it within a existing system. The Linux and
+ Hurd kernels are supported, and Guix has been ported to
+ the x86 64, i686 and armhf architectures.
+
+ Due to the way Guix works, it's very isolated from the
+ system its installed on. By default, just requiring two
+ directories, /gnu and /var/guix and the build daemon to be
+ running.
+
+ With Guix installed within an existing system, you can
+ create system containers, virtual machines, but to take
+ full advantage of features such as the declarative system
+ configuration, you'll need to install GuixSD.
+ </aside>
+ </section>
+
+ <section>
+ <h3>Talk to others on</h3>
+ <h2>#guix on freenode</h2>
+
+ <p>
+ For the manual, mailing lists, papers, blog posts and
+ talks, go to
+ <a href="https://gnu.org/s/guix/help">
+ https://gnu.org/s/guix/help
+ </a>
+ </p>
+
+ <aside class="notes" data-markdown>
+ If you'd like to talk to others, there is an active IRC
+ channel, #guix on Freenode.
+
+ I'm in there, my nick is cbaines.
+
+ From the website, you can find a online version of the
+ manual, and details on the mailing lists.
+ </alias>
+ </section>
+ </div>
+ </div>
+
+ <script src="lib/js/head.min.js"></script>
+ <script src="js/reveal.js"></script>
+
+ <script>
+ Reveal.initialize({
+ controls: false,
+ history: true,
+ dependencies: [
+ { src: 'plugin/markdown/marked.js' },
+ { src: 'plugin/markdown/markdown.js' },
+ { src: 'plugin/notes/notes.js', async: true },
+ { src: 'plugin/highlight/highlight.js', async: true, callback: function() { hljs.initHighlightingOnLoad(); } },
+ { src: 'plugin/tagcloud/tagcloud.js', async: true }
+ ]
+ });
+ </script>
+ </body>
</html>