From patchwork Mon Nov 10 07:33:14 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?57mg5LSn?= <1922694373@qq.com>
X-Patchwork-Id: 43445
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 6434E27BC26; Mon, 10 Nov 2025 14:24:24 +0000 (GMT)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-6.1 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,DMARC_PASS,FREEMAIL_FROM,FREEMAIL_REPLYTO_END_DIGIT,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_VALIDITY_CERTIFIED,
	RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE,SPF_HELO_PASS,
	URIBL_BLOCKED autolearn=ham autolearn_force=no version=4.0.1
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id 81DA327BC24
	for <patchwork@mira.cbaines.net>; Mon, 10 Nov 2025 14:24:23 +0000 (GMT)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1vISoZ-0000oJ-Sy; Mon, 10 Nov 2025 09:24:16 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1vIMmo-00046f-KC
 for guix-patches@gnu.org; Mon, 10 Nov 2025 02:58:02 -0500
Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1vIMmo-0005B2-As
 for guix-patches@gnu.org; Mon, 10 Nov 2025 02:58:02 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=debbugs.gnu.org; s=debbugs-gnu-org;
 h=From:MIME-Version:Date:To:Subject;
 bh=o3lpvkPx/0s6Wv3TVshfkSzYiXL/lsS3F4fSjuhBFLI=;
 b=U2fWRN9veFwuC/dFh1Y49UBBPDpva5eDEcwfnaVjGZkanYMffINl7iRHsTQAC9GUu7i6l0NoU1Droqwi8P/YE8HFxcIrxCss8yapsk85ReQ2gDQyy6rAMdoRE/SKcrX11Bsb1PTCF8M4/6XZW7MxlLHtelBnXHfjucBvxE2jTyTVclE6obVdHFakNIH4r1q9y4osTPi4R0z9tcAJbtPgA8OqlH9haHJgG8wLHcseGQ30BGZ+QB6YKUQOp0yrbacf9gftezN1XHCQ3ziz5aN2Cf/yB2pVbhI5BjLoVpfLFsPP1Ktb5AiCk5rwookY4qd1vJQj7DpWRT9qQsMGJGK47A==;
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1vIMmn-0007Jq-RL
 for guix-patches@gnu.org; Mon, 10 Nov 2025 02:58:01 -0500
X-Loop: help-debbugs@gnu.org
Subject: [bug#79807] add http-proxy switch in guix-daemon to nix-daemon
 service
Resent-From: =?utf-8?b?57mg5LSn?= <1922694373@qq.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Mon, 10 Nov 2025 07:58:01 +0000
Resent-Message-ID: <handler.79807.B.176276148128130@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 79807
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: 
To: 79807@debbugs.gnu.org
X-Debbugs-Original-To: guix-patches@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.176276148128130
 (code B ref -1); Mon, 10 Nov 2025 07:58:01 +0000
Received: (at submit) by debbugs.gnu.org; 10 Nov 2025 07:58:01 +0000
Received: from localhost ([127.0.0.1]:36650 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1vIMmh-0007JU-Kh
 for submit@debbugs.gnu.org; Mon, 10 Nov 2025 02:58:01 -0500
Received: from lists.gnu.org ([2001:470:142::17]:53932)
 by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <1922694373@qq.com>) id 1vIMQI-00060j-Be
 for submit@debbugs.gnu.org; Mon, 10 Nov 2025 02:34:48 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <1922694373@qq.com>) id 1vIMQB-0003XE-Qo
 for guix-patches@gnu.org; Mon, 10 Nov 2025 02:34:39 -0500
Received: from xmbghk7.mail.qq.com ([43.163.128.50])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <1922694373@qq.com>) id 1vIMQ5-0002L1-86
 for guix-patches@gnu.org; Mon, 10 Nov 2025 02:34:39 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qq.com; s=s201512;
 t=1762760065; bh=o3lpvkPx/0s6Wv3TVshfkSzYiXL/lsS3F4fSjuhBFLI=;
 h=Date:From:Subject:To;
 b=wJ6q9ugViO4E8prOqGesShEoaQY3qpBjc7dqLoFukQs9jW3/r4bsEIrmfK7TWMxNk
 qW3Dgf1ZLquRBx3aE3qBWvOFQGOWoBq77HSeXaDgHuJrVukd6unMJGk2vFIqw1x24Z
 3tHUlEa1hEBuOdvgr3grkiSO8NlT6cuxx+Gp99yw=
Received: from [IPV6:2001:da8:2d00:806:43fd:25a5:9d04:adb1]
 ([2001:da8:2d00:806:43fd:25a5:9d04:adb1])
 by newxmesmtplogicsvrszb20-1.qq.com (NewEsmtp) with SMTP
 id 84E84A2C; Mon, 10 Nov 2025 15:33:14 +0800
X-QQ-mid: xmsmtpt1762759994t6uxcjddo
Message-ID: <tencent_6E8B36B7600D3A7CB99E37F35F081EBB3C07@qq.com>
X-QQ-XMAILINFO: OOyEews/EdUgJzs3pvwOg0M8sYy0JBM4E9mu1CFrRB9DifrYwcivgXVuSHmU1H
 xjXIR1UXY+tBWusPduN1mIz4/2xNadvjcSSjlCPmbqgiLWc2GbSU/9QoJqbypRbCYRLNVTOiCM5G
 1RY32GduDefNJ6J/T910jek2qHFdBD+IXcqNHMYveAN9fuIFTgqIjpZF/H8Vc3NwjSDak+Gub6qC
 kWe+ytqkdOqMis5Ooe6ydACqpPt8LPlGQ8azIldI6K0ymcA9rpAIoUOfhLEG07yVIWWchuxOZfg7
 PMMqh6pbIEnpYJA+qihgzglrcUVDCF/1bTB56E0Z/34TD0MO16oue5sDbbvoOQnf7aj+urQI2KFF
 O/hT9JJuQqM8Hf0WSfEEw/raiS9nPaPBea/IY+IKv6esPQYInhcWXDLwxVpTjEn4TLiD6JksU/LJ
 Cilkburq3ffINBznVdsxQEYxzFT7WMLJ8ICH00l7sdnzQKJWX1DPSczaY6SDeFTF/o5+wkzyaN4v
 TbEIGpnC1PN2OCB0RT5QvglKYLf44Ap8qcBeouE/SKv06H4LhR8uToGc5DIlLo7PGTpHAtmoyxz3
 KQp8Ru6DOH8jPuS8RL5q1H62BSj2BxL14p8RI8Ln/JyUcfdoRx3Lnd5+G0ohOA9JnIE78Hbs2ew/
 UMR02VgQjZIwUjqUOdN2RPemqkyHYJixYetGtKyB/ieXegUr+sk35j7htcRO/SZjgSpy7cTsvkwa
 k8PrRI5AwDgKPF6G6sBi2vAAWh49lCEmUN7n595fMQLymPVefglWuAb4cAOzQt7+WGqg63ftVIE6
 Nx+p9wfBgYHUTVuOgk7NnZRl5G7Z29T1ifFcqU73X6askdthjd3LSFh8avfy/w8ekje3iCAC04CL
 HQAGfOANN3KMds9Uc2UzPDUP61ZQ7sgVj+tlOwVTa5z8s1jDBsjA8mflLM948SkxoUDWSYbo4N4V
 md2Y41oBzOkIVpLFfpxMJDJuXmmO+4XubGY/nU0KSS92QrWf3mQQXY/aLVL81G
X-QQ-XMRINFO: NyFYKkN4Ny6FSmKK/uo/jdU=
X-OQ-MSGID: <3deef2e4-53e4-4fc4-952b-e06eda7afc81@qq.com>
Date: Mon, 10 Nov 2025 07:33:14 +0000
MIME-Version: 1.0
User-Agent: Icedove Daily
Content-Language: en-US
Autocrypt: addr=1922694373@qq.com; keydata=
 xjMEZ6hXVRYJKwYBBAHaRw8BAQdAXLF9/fRAwaj8y05OAWXKlcBt5xS2F/P2wW3JyI/oG9HN
 JTE5MjI2OTQzNzNAcXEuY29tIDwxOTIyNjk0MzczQHFxLmNvbT7CjwQTFggANxYhBEaaEyIT
 40phJNyAAY1Lyc02G2yMBQJnqFdVBQkFo5qAAhsDBAsJCAcFFQgJCgsFFgIDAQAACgkQjUvJ
 zTYbbIx7awD/S0CJEWZRxYSCo3NsyURY4plCTHUiWkrCJEgKxXa2DdYBAKaPNlektK9gh3qI
 pvyI0dm6RN37bBKo3TjIAF4odvMDzjgEZ6hXVRIKKwYBBAGXVQEFAQEHQL7DKhnchStNIvrC
 9iMC7gusc2ONg1Mg/3R6JYgGhJQIAwEIB8J+BBgWCAAmFiEERpoTIhPjSmEk3IABjUvJzTYb
 bIwFAmeoV1UFCQWjmoACGwwACgkQjUvJzTYbbIzsxwEAmMqaETcaPwCcpd5irD+4c9s64B4E
 y2cAGxkivLneHWABANe/5Wje7LXDNmjNH3f4I1DkBzEpbXwlG0blWEGWqscD
Received-SPF: pass client-ip=43.163.128.50; envelope-from=1922694373@qq.com;
 helo=xmbghk7.mail.qq.com
X-Spam_score_int: -17
X-Spam_score: -1.8
X-Spam_bar: -
X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001,
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Mailman-Approved-At: Mon, 10 Nov 2025 02:57:54 -0500
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-Mailman-Approved-At: Mon, 10 Nov 2025 09:24:05 -0500
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Reply-to: =?utf-8?b?57mg5LSn?= <1922694373@qq.com>
X-ACL-Warn: ,
 =?utf-8?b?57mg5LSnIHZpYSBHdWl4LXBhdGNoZXM=?= <guix-patches@gnu.org>
X-Patchwork-Original-From: =?utf-8?b?57mg5LSnIHZpYSBHdWl4LXBhdGNoZXM=?= via
 <guix-patches@gnu.org>
From: =?utf-8?b?57mg5LSn?= <1922694373@qq.com>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

I copied the relevant code from guix service in gnu/services/base.scm to 
gnu/services/nix.scm to let us use `sudo herd set-http-proxy nix-daemon ...`

Note that Though this patch makes the nix-daemon get the http_proxy and 
https_proxy, it does not work at all, because nix requires (extra-config 
'("extra-experimental-features = configurable-impure-env\n" "impure-env 
= [ \"http_proxy=<your proxy>\" \"https_proxy=<your proxy>\" ]\n")) set 
explicitly, actively ignoring any dunamically set var envs. In other 
words, nix here has to get the config specified AND the same env var in 
its environment before it would care about this.

This is a problem of nix, to even require user to explicitly 
configure&compile the http_proxy variable for use. But this does not 
mean we do not need to prepare such a toggle like guix-daemon does, as 
they are actually similar.

below is the content of file 
0001-mostly-copied-from-guix-service-type.patch (sorry for the dumb 
commit message)

 From 01108abb4a71b29315f3ae0a959f76db4199802c Mon Sep 17 00:00:00 2001
From: "R.W.Flurando" <rw-flurando@inventati.org>
Date: Mon, 10 Nov 2025 14:54:58 +0800
Subject: [PATCH] mostly copied from guix-service-type

Change-Id: I0ca29641e72cc002a78d70f6a41b9e7697fb53a5
---
  gnu/services/nix.scm | 41 +++++++++++++++++++++++++++++++++++++----
  1 file changed, 37 insertions(+), 4 deletions(-)

  ;; Copied from gnu/services/base.scm
  (define* (nix-build-accounts count #:key
                               (group "nixbld")
@@ -111,7 +138,7 @@ (define (nix-activation _)

  (define nix-service-etc
    (match-lambda
-    (($ <nix-configuration> package sandbox build-directory 
build-sandbox-items extra-config)
+    (($ <nix-configuration> package sandbox build-directory 
build-sandbox-items _ extra-config _)
       (let ((ref-file (references-file package)))
         `(("nix/nix.conf"
            ,(computed-file
@@ -149,18 +176,24 @@ (define %immutable-nix-store
  (define nix-shepherd-service
    ;; Return a <shepherd-service> for Nix.
    (match-lambda
-    (($ <nix-configuration> package _ build-directory _ _ extra-options)
+    (($ <nix-configuration> package _ build-directory _ http-proxy _ 
extra-options)
       (list
        (shepherd-service
         (provision '(nix-daemon))
         (documentation "Run nix-daemon.")
+       (actions (list shepherd-set-http-proxy-action))
         (requirement '(user-processes file-system-/nix/store))
         (start #~(make-forkexec-constructor
                   (list (string-append #$package "/bin/nix-daemon")
                         #$@extra-options)
                   #:environment-variables
-                 (list (string-append "TMPDIR=" #$build-directory)
-                       "PATH=/run/current-system/profile/bin")))
+                 (append (list (string-append "TMPDIR=" #$build-directory)
+                   "PATH=/run/current-system/profile/bin")
+             (let ((proxy (or (getenv "http_proxy") #$http-proxy)))
+               (if proxy
+                               (list (string-append "http_proxy=" proxy)
+                                     (string-append "https_proxy=" proxy))
+                               '())))))
         (respawn? #f)
         (stop #~(make-kill-destructor)))))))

-- 
2.51.2

-- 
fingerprint: 469A 1322 13E3 4A61 24DC 8001 8D4B C9CD 361B 6C8C

diff --git a/gnu/services/nix.scm b/gnu/services/nix.scm
index 83ba78ce7e..24ec08ac13 100644
--- a/gnu/services/nix.scm
+++ b/gnu/services/nix.scm
@@ -59,11 +59,38 @@ (define-record-type* <nix-configuration>
                         (default "/tmp"))
    (build-sandbox-items nix-configuration-build-sandbox-items ;list of 
strings
                         (default '()))
+  (http-proxy          nix-http-proxy ;string | #f
+                       (default #f))
    (extra-config        nix-configuration-extra-config ;list of strings
                         (default '()))
    (extra-options       nix-configuration-extra-options ;list of strings
                         (default '())))

+(define shepherd-set-http-proxy-action
+  ;; Shepherd action to change the HTTP(S) proxy.
+  (shepherd-action
+   (name 'set-http-proxy)
+   (documentation
+    "Change the HTTP(S) proxy used by 'nix-daemon' and restart it.")
+   (procedure #~(lambda* (_ #:optional proxy)
+                  (let ((environment (environ)))
+                    ;; A bit of a hack: communicate PROXY to the 'start'
+                    ;; method via environment variables.
+                    (if proxy
+                        (begin
+                          (format #t "changing HTTP/HTTPS \
+proxy of 'nix-daemon' to ~s...~%"
+                                  proxy)
+                          (setenv "http_proxy" proxy))
+                        (begin
+                          (format #t "clearing HTTP/HTTPS \
+proxy of 'nix-daemon'...~%")
+                          (unsetenv "http_proxy")))
+                    (perform-service-action (lookup-service 
'nix-daemon) ; copied from guix-service-type with guix-daemon changed to 
nix-daemon
+                                            'restart)
+                    (environ environment)
+                    #t)))))
+