Received: (at 58123) by debbugs.gnu.org; 1 Dec 2022 15:59:34 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu Dec 01 10:59:34 2022 Received: from localhost ([127.0.0.1]:40487 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1p0lyI-0000bC-3R for submit <at> debbugs.gnu.org; Thu, 01 Dec 2022 10:59:34 -0500 Received: from eggs.gnu.org ([209.51.188.92]:54078) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1p0lyG-0000b6-8R for 58123 <at> debbugs.gnu.org; Thu, 01 Dec 2022 10:59:32 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1p0ly9-0004Nw-Dx; Thu, 01 Dec 2022 10:59:25 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To: From; bh=0NzDH75PQA6iSp1FK+MSOGBB+TByIg3lfUCDUAa5op8=; b=P+gIriUOF9ZqhpWFlvPR jSHz0KuQ3gvpGxZ3ngeKpCZfmfTkLS91HlJs25V1XBbPT0Jl10eULoaNo9Z7ayCVItbli7TZqxGTU phBD8jXXrgbvi8khn0pwJPdBQgDeMyIpgCeYMafOmnn1VSsYNh/Ges5YyePdAUWrh/cD3vYlRvalh MkON+e7kCCOIZ9/CgLGDJQCjSBYpqMOMNcmQ10kqFjB6bSrBRsZ5bbNTbtIPakGz69LnZjzrYmV4z gGfY7jebpXOM8vNkERP25+jqpqdxveG5AlbvjoFc9cimrz8wgHNY2ZPHoNXNtYiROHD42OY0h/22V TFXUWtpC8xan0A==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201] helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1p0ly8-0005AZ-UJ; Thu, 01 Dec 2022 10:59:25 -0500 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: =?utf-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN> Subject: Re: bug#58123: [PATCH] gnu: services: docker: Add docker-container-service-type References: <87czaygrt8.fsf@HIDDEN> <87k053ri04.fsf@HIDDEN> Date: Thu, 01 Dec 2022 16:59:22 +0100 In-Reply-To: <87k053ri04.fsf@HIDDEN> ("Ludovic =?utf-8?Q?Court=C3=A8s=22'?= =?utf-8?Q?s?= message of "Thu, 13 Oct 2022 15:05:31 +0200") Message-ID: <87a647yv1h.fsf_-_@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58123 Cc: maximedevos@HIDDEN, 58123 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Hi M=C3=A1ja, Did you have a chance to look into this? https://issues.guix.gnu.org/58123 Thanks in advance, Ludo=E2=80=99. Ludovic Court=C3=A8s <ludo@HIDDEN> skribis: > Hello, > > M=C3=A1ja Tom=C3=A1=C5=A1ek <maya.tomasek@HIDDEN> skribis: > >>> I would have two more asks: >>> >>> 1. Could you update doc/guix.texi to document the new service? You >>> can mostly use =E2=80=98generate-documentation=E2=80=99 to produce= the reference of >>> the configuration record, and then add a paragraph giving some >>> context and a documented example. >> >> Is that a command from make? I'm sorry I have never used it, I can >> update it if I can generate it :) > > =E2=80=98generate-documentation=E2=80=99 is a procedure in (gnu services = configuration): > > https://guix.gnu.org/manual/devel/en/html_node/Complex-Configurations.h= tml#index-generate_002ddocumentation > >>> 2. Could you add a test under (gnu tests *)? That would ensure the >>> service does not bitrot going forward. >> >> I'm not exactly sure what would that mean. Test that creates a container >> and then runs it or...? > > I guess the test would start the Shepherd service, ensure it=E2=80=99s ru= nning, > and attempt to talk to the running container one way or another. > > Does that make sense? > > Thanks, > Ludo=E2=80=99.
guix-patches@HIDDEN
:bug#58123
; Package guix-patches
.
Full text available.Received: (at 58123) by debbugs.gnu.org; 13 Oct 2022 13:05:45 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu Oct 13 09:05:45 2022 Received: from localhost ([127.0.0.1]:59903 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oixuD-00044V-3q for submit <at> debbugs.gnu.org; Thu, 13 Oct 2022 09:05:45 -0400 Received: from eggs.gnu.org ([209.51.188.92]:58990) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1oixu9-00044H-CW for 58123 <at> debbugs.gnu.org; Thu, 13 Oct 2022 09:05:43 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:52124) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1oixu2-0001Gp-S7; Thu, 13 Oct 2022 09:05:34 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To: From; bh=/HIS88EQU1cZYLjBW5r+2O9iPXM0evy4sSbILX6KDTA=; b=OCNPmJA++eP8uLMIMwRY POMd7vgU/Q6FUydrm6OWFsaBnXY6+jaBNB8op8Ome7ij0nNcPROC2C+D/QTSFqcgfHJqQ/27E1Etr H0G4h3koM3FD8q+VMfYYMK0Xd+fikFog5c4zVP/LLgF2IwmFsExxgtPdTG/IL7Ml+vVpXaciRfUuK ctrXKF2NdchsduiMJLmVK1MSbHWNhhcsKylOnWlnhYn0lWs+9RhFbGr30CMiVyv2AzuHABrqwuFl5 Jh5DUTyMkYEqyNhRLrENquUV0WXwDz+7zn1L33xnUuIBuBXBjv9XEgnoaDn/Feyij9XruBuoa+XHc SpWZX0L+srmouQ==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201]:50860 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1oixu1-0003ML-6g; Thu, 13 Oct 2022 09:05:33 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: =?utf-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN> Subject: Re: bug#58123: [PATCH] gnu: services: docker: Add docker-container-service-type References: <87czaygrt8.fsf@HIDDEN> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: Duodi 22 =?utf-8?Q?Vend=C3=A9miaire?= an 231 de la =?utf-8?Q?R=C3=A9volution=2C?= jour de la =?utf-8?Q?P=C3=AAche?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Thu, 13 Oct 2022 15:05:31 +0200 In-Reply-To: <87czaygrt8.fsf@HIDDEN> (=?utf-8?B?Ik3DoWphIFRvbcOhxaFl?= =?utf-8?B?ayIncw==?= message of "Tue, 11 Oct 2022 20:04:35 +0200") Message-ID: <87k053ri04.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58123 Cc: maximedevos@HIDDEN, 58123 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Hello, M=C3=A1ja Tom=C3=A1=C5=A1ek <maya.tomasek@HIDDEN> skribis: >> I would have two more asks: >> >> 1. Could you update doc/guix.texi to document the new service? You >> can mostly use =E2=80=98generate-documentation=E2=80=99 to produce = the reference of >> the configuration record, and then add a paragraph giving some >> context and a documented example. > > Is that a command from make? I'm sorry I have never used it, I can > update it if I can generate it :) =E2=80=98generate-documentation=E2=80=99 is a procedure in (gnu services co= nfiguration): https://guix.gnu.org/manual/devel/en/html_node/Complex-Configurations.htm= l#index-generate_002ddocumentation >> 2. Could you add a test under (gnu tests *)? That would ensure the >> service does not bitrot going forward. > > I'm not exactly sure what would that mean. Test that creates a container > and then runs it or...? I guess the test would start the Shepherd service, ensure it=E2=80=99s runn= ing, and attempt to talk to the running container one way or another. Does that make sense? Thanks, Ludo=E2=80=99.
guix-patches@HIDDEN
:bug#58123
; Package guix-patches
.
Full text available.Received: (at 58123) by debbugs.gnu.org; 11 Oct 2022 18:06:45 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Tue Oct 11 14:06:45 2022 Received: from localhost ([127.0.0.1]:54772 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oiJeP-0004Hp-H4 for submit <at> debbugs.gnu.org; Tue, 11 Oct 2022 14:06:45 -0400 Received: from knopi.disroot.org ([178.21.23.139]:38854) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <maya.tomasek@HIDDEN>) id 1oiJeN-0004He-4v for 58123 <at> debbugs.gnu.org; Tue, 11 Oct 2022 14:06:44 -0400 Received: from localhost (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id D30A24DB29; Tue, 11 Oct 2022 20:06:41 +0200 (CEST) X-Virus-Scanned: SPAM Filter at disroot.org X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "To" Received: from knopi.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024) with UTF8SMTP id HX-LSC0RSobA; Tue, 11 Oct 2022 20:06:40 +0200 (CEST) From: =?utf-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1665511477; bh=Up3gKktlcb4OvV0QlrxMENwoNiXIQosNbYeD99aKU7c=; h=From:To:To:Cc:Subject:Date; b=S77qtc8ftkz+IZIWOfajIO2e1rrEDmaSaFsYZJLE2q/yxhDmIKOTVCMQoGc52byNS qsyGPbsXlKkdcE2oB8KQerotb2xHG9AfFHLLkbR31HktzK+0Xo1RB+WLkEIqN5OQtf ugu9sL/pCnFZs2NF0puclDeQQGR0Tki+/7/m4vNwwY7nAsSi47R5OPBd+K7jirvT9j Rd2nicukpgwbk9ZgDGSjuPe2ozCJd8PdJyfjaRJV2ISwFH05CI9wPJVcRhBASvIKGf BVwCRv4cCAEl0VfA7rsFudGKnWPGNeJaDAFG0HzV8XZVLQYywirIPZ4TldkclYrp58 dTfKXREYCs9Hw== To: To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN> Subject: Re: bug#58123: [PATCH] gnu: services: docker: Add docker-container-service-type Date: Tue, 11 Oct 2022 20:04:35 +0200 Message-ID: <87czaygrt8.fsf@HIDDEN> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58123 Cc: maximedevos@HIDDEN, 58123 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Hi Ludo', >> I have applied the changes as you suggested. Thank you for your (as you >> said) "superficial comments", they were really helpful! And I am happy >> that you made them, as I'm sometimes too happy that I have made a >> contribution and I forget that I don't write only for myself, but for >> others. > > Thanks for the nice and useful service! > > It looks pretty good already (in part thanks to Maxime=E2=80=99s guidance= :-)). > I would have two more asks: > > 1. Could you update doc/guix.texi to document the new service? You > can mostly use =E2=80=98generate-documentation=E2=80=99 to produce t= he reference of > the configuration record, and then add a paragraph giving some > context and a documented example. Is that a command from make? I'm sorry I have never used it, I can update it if I can generate it :) > 2. Could you add a test under (gnu tests *)? That would ensure the > service does not bitrot going forward. I'm not exactly sure what would that mean. Test that creates a container and then runs it or...? > Let us know if you need guidance on these things. When you=E2=80=99re do= ne, > please send an updated patch with those changes here. Will do! Maya
guix-patches@HIDDEN
:bug#58123
; Package guix-patches
.
Full text available.Received: (at 58123) by debbugs.gnu.org; 9 Oct 2022 20:31:38 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun Oct 09 16:31:37 2022 Received: from localhost ([127.0.0.1]:45002 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1ohcxV-0005Tp-Hr for submit <at> debbugs.gnu.org; Sun, 09 Oct 2022 16:31:37 -0400 Received: from eggs.gnu.org ([209.51.188.92]:45032) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1ohcxU-0005Tb-8V for 58123 <at> debbugs.gnu.org; Sun, 09 Oct 2022 16:31:36 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:48328) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1ohcxO-0002Tt-OT; Sun, 09 Oct 2022 16:31:30 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To: From; bh=OGHX91I8IIXGg4rCQ9gPmL/1XmPaRorT2nPtPSsQ6fs=; b=Svs+lhltCyxpMIpR4Lar 8ODr7K3RVEDzN7OJnqIwcsZDNSJ1t38zULxchboGdC7Cio4UIiWO7HDzTsBsDw1kkkTC9BlDf30s6 7BCnNTXYF5R3oDspz/bx++VXOypkCJjnqHD0mc07vwTq4gfEV4PR2+1+OqZ/mUh0YpBQOvctn89OJ Sq6z45i3AeEdXRwyrLbhWJ51Yn7gIS86RD8MqLwuPpDR726AUuXCmdPV8q5srVHkq92JfGp283gax 9aj8nkfJAxr20WsM0nvMASVau/DQWEGFZK6UhOBnye8eroLWAA3cBnL8JLpzA4iCyRUuQTkCNIFe+ KdG+2i2G+UmF2Q==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201]:59572 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1ohcxN-0005lk-D9; Sun, 09 Oct 2022 16:31:30 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: =?utf-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN> Subject: Re: bug#58123: [PATCH] gnu: services: docker: Add docker-container-service-type References: <87r0zwr9dv.fsf@HIDDEN> <87mtae9d0t.fsf@HIDDEN> Date: Sun, 09 Oct 2022 22:31:27 +0200 In-Reply-To: <87mtae9d0t.fsf@HIDDEN> (=?utf-8?B?Ik3DoWphIFRvbcOhxaFl?= =?utf-8?B?ayIncw==?= message of "Sun, 02 Oct 2022 22:38:42 +0200") Message-ID: <874jwc4u3k.fsf_-_@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 58123 Cc: maximedevos@HIDDEN, 58123 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Hi M=C3=A1ja, M=C3=A1ja Tom=C3=A1=C5=A1ek <maya.tomasek@HIDDEN> skribis: > I have applied the changes as you suggested. Thank you for your (as you > said) "superficial comments", they were really helpful! And I am happy > that you made them, as I'm sometimes too happy that I have made a > contribution and I forget that I don't write only for myself, but for > others. Thanks for the nice and useful service! It looks pretty good already (in part thanks to Maxime=E2=80=99s guidance := -)). I would have two more asks: 1. Could you update doc/guix.texi to document the new service? You can mostly use =E2=80=98generate-documentation=E2=80=99 to produce the= reference of the configuration record, and then add a paragraph giving some context and a documented example. 2. Could you add a test under (gnu tests *)? That would ensure the service does not bitrot going forward. Let us know if you need guidance on these things. When you=E2=80=99re done, please send an updated patch with those changes here. Thank you! Ludo=E2=80=99.
guix-patches@HIDDEN
:bug#58123
; Package guix-patches
.
Full text available.Received: (at 58123) by debbugs.gnu.org; 2 Oct 2022 20:44:49 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun Oct 02 16:44:49 2022 Received: from localhost ([127.0.0.1]:48180 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1of5pQ-0005cw-1x for submit <at> debbugs.gnu.org; Sun, 02 Oct 2022 16:44:48 -0400 Received: from knopi.disroot.org ([178.21.23.139]:44264) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <maya.tomasek@HIDDEN>) id 1of5pN-0005cl-A4 for 58123 <at> debbugs.gnu.org; Sun, 02 Oct 2022 16:44:46 -0400 Received: from localhost (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id C36594C529; Sun, 2 Oct 2022 22:44:42 +0200 (CEST) X-Virus-Scanned: SPAM Filter at disroot.org Received: from knopi.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024) with UTF8SMTP id OXBn0_OTqyEp; Sun, 2 Oct 2022 22:44:41 +0200 (CEST) From: =?utf-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1664743124; bh=eRe6fGFEEf1LV038jTKA0V/XsxLZt7bqH1kcdjcY9Ys=; h=From:To:Subject:Date; b=AiK0TtvewpbDhlQ1HFA1pKkrFdVeOQmvdigSgPYwFa5NAV1gk6Jfau8xvcA9YzP9k DL8fIRPsL6uN31HP/7r+x+enDh29mVFjNkhZohJ2X33Y1/QFuhuqnmzzUTgi8gjfGq HsqlcupjE9B3DNmvO0LSNVnxBlEBd8z9N6eGGhPiedeVu6nDxuEuG/7BqHSn0vA0pb tlPSKv9f4n2WVpF2YIuKVOixorV3f2o7xIn9cwpyKq6Pt/e0E23CHN6esw5ka1mNCL DupfBos6iPU0Chhqlq89kDTSCn6PtLq/Siit4ubWdzYuXi9QIPFNTr2FZqvSrF5hPD XR35HZaTDuK/A== To: 58123 <at> debbugs.gnu.org, maximedevos@HIDDEN Subject: Date: Sun, 02 Oct 2022 22:38:42 +0200 Message-ID: <87mtae9d0t.fsf@HIDDEN> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: I have applied the changes as you suggested. Thank you for your (as you said) "superficial comments", they were really helpful! And I am happy that you made them, as I'm sometimes too happy that I hav [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 2.0 BLANK_SUBJECT Subject is present but empty X-Debbugs-Envelope-To: 58123 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: 1.0 (+) --=-=-= Content-Type: text/plain I have applied the changes as you suggested. Thank you for your (as you said) "superficial comments", they were really helpful! And I am happy that you made them, as I'm sometimes too happy that I have made a contribution and I forget that I don't write only for myself, but for others. --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: attachment; filename=0001-Add-docker-container-management-with-shepherd.patch Content-Transfer-Encoding: quoted-printable --- gnu/services/docker.scm | 240 +++++++++++++++++++++++++++++++++++++--- 1 file changed, 222 insertions(+), 18 deletions(-) diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm index 741bab5a8c..f3a347981f 100644 --- a/gnu/services/docker.scm +++ b/gnu/services/docker.scm @@ -5,6 +5,7 @@ ;;; Copyright =C2=A9 2020 Efraim Flashner <efraim@HIDDEN> ;;; Copyright =C2=A9 2020 Jesse Dowell <jessedowell@HIDDEN> ;;; Copyright =C2=A9 2021 Brice Waegeneire <brice@HIDDEN> +;;; Copyright =C2=A9 2022 Maya Tomasek <maya.omase@HIDDEN> ;;; ;;; This file is part of GNU Guix. ;;; @@ -21,7 +22,9 @@ ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. =20 -(define-module (gnu services docker) +(define-module (magi system docker) + #:use-module (srfi srfi-1) + #:use-module (ice-9 format) #:use-module (gnu services) #:use-module (gnu services configuration) #:use-module (gnu services base) @@ -36,9 +39,191 @@ (define-module (gnu services docker) #:use-module (guix packages) =20 #:export (docker-configuration + docker-container docker-service-type singularity-service-type)) =20 +(define (pair-of-strings? val) + (and (pair? val) + (string? (car val)) + (string? (cdr val)))) + +(define (list-of-pair-of-strings? val) + (list-of pair-of-strings?)) + +(define-configuration/no-serialization docker-container + (name + (symbol '()) + "Name of the docker container. Will be used to denote service to Shephe= rd and must be unique! +We recommend, that the name of the container is prefixed with @code{docker= -}.") + (documentation + (string "") + "Documentation on the docker container (optional). It will be used for = the shepherd service.") + (image-name + (string #f) + "A name of the image that will be used. (Note that the existence of the= image +is not guaranteed by this daemon.)") + (volumes + (list-of-pair-of-strings '()) + "A list of volume bindings. In (HOST-PATH CONTAINER-PATH) format.") + (ports + (list-of-pair-of-strings '()) + "A list of port bindings. In (HOST-PORT CONTAINER-PORT) or (HOST-PORT C= ONTAINER-PORT OPTIONS) format. +For example, both port bindings are valid: + +@lisp +(ports '((\"2222\" \"22\") (\"21\" \"21\" \"tcp\"))) +@end lisp") + (environments + (list-of-pair-of-strings '()) + "A list of environment variables, inside the container environment, in = (VARIABLE VALUE) format.") + (network + (string "none") + "Network type. + +Available types are: +@table @code +@c Copied from https://docs.docker.com/network/ + +@item none + +The default option. For this container, disable all networking. Usually us= ed in +conjunction with a custom network driver. none is not available for swarm = services. + +@item bridge + +Bridge networks are usually used when your applications run in standalone +containers that need to communicate. + +@item host + +For standalone containers, remove network isolation between the container = and the Docker host,=20 +and use the host=E2=80=99s networking directly. + +@item overlay + +Overlay networks connect multiple Docker daemons together and enable swarm= services to +communicate with each other. You can also use overlay networks to facilita= te +communication between a swarm service and a standalone container, or betwe= en +two standalone containers on different Docker daemons. This strategy remov= es +the need to do OS-level routing between these containers. + +@item ipvlan + +IPvlan networks give users total control over both IPv4 and IPv6 addressin= g. +The VLAN driver builds on top of that in giving operators complete control= of +layer 2 VLAN tagging and even IPvlan L3 routing for users interested in un= derlay +network integration. + +@item macvlan + +Macvlan networks allow you to assign a MAC address to a container, making = it appear +as a physical device on your network. The Docker daemon routes traffic to = containers +by their MAC addresses. Using the macvlan driver is sometimes the best cho= ice when +dealing with legacy applications that expect to be directly connected to t= he physical +network, rather than routed through the Docker host=E2=80=99s network stac= k. + +@end table") + (additional-arguments + (list-of-strings '()) + "Additional arguments to the docker command line interface.") + (container-command + (list-of-strings '()) + "Command to send into the container.") + (pid-file-timeout + (number 5) + "If the docker container does not show up in @code{docker ps} as @code{= running} in less than pid-file-timeout seconds, the container is considered= as failing to start. + +Note that some containers take a really long time to start, so you should = adjust it accordingly.")) + +(define (serialize-volumes config) + "Serialize list of pairs into flat list of @code{(\"-v\" \"HOST_PATH:CON= TAINER_PATH\" ...)}" + (append-map + (lambda (volume-bind) + (list "-v" (apply format #f "~a:~a~^:~a" volume-bind))) + (docker-container-volumes config))) + +(define (serialize-ports config) + "Serialize list of either pairs, or lists into flat list of +@code{(\"-p\" \"NUMBER:NUMBER\" \"-p\" \"NUMBER:NUMBER/PROTOCOL\" ...)}" + (append-map + (lambda (port-bind) + (list "-p" (apply format #f "~a:~a~^/~a" port-bind))) + (docker-container-ports config))) + +(define (serialize-environments config) + "Serialize list of pairs into flat list of @code{(\"-e\" \"VAR=3Dval\" \= "-e\" \"VAR=3Dval\" ...)}." + (append-map + (lambda (env-bind) + (list "-e" (apply format #f "~a=3D~a" env-bind))) + (docker-container-environments config))) + +(define (docker-container-startup-script docker-cli container-name cid-fil= e config) + "Return a program file, that executes the startup sequence of the @code{= docker-container-shepherd-service}." + (let* ((image-name (docker-container-image-name config)) + (volumes (serialize-volumes config)) + (ports (serialize-ports config)) + (envs (serialize-environments config)) + (network (docker-container-network config)) + (additional-arguments (docker-container-additional-arguments conf= ig)) + (container-command (docker-container-container-command config))) + (with-imported-modules + '((guix build utils)) + (program-file + (string-append "start-" container-name "-container") + #~(let ((docker (string-append #$docker-cli "/bin/docker"))) + (use-modules (guix build utils)) + ;; These two commands should fail + ;; they are there as a failsafe to + ;; prevent contamination from unremoved containers + (system* docker "stop" #$container-name) + (system* docker "rm" #$container-name) + (apply invoke `(,docker + "run" + ,(string-append "--name=3D" #$container-name) + ;; Automatically remove the container when stop= ping + ;; If you want persistent data, you need to use + ;; volume binds or other methods. + "--rm" + ,(string-append "--network=3D" #$network) + ;; Write to a cid file the container id, this a= llows + ;; for shepherd to manage container even when t= he process + ;; itself gets detached from the container + "--cidfile" #$cid-file + #$@volumes + #$@ports + #$@envs + #$@additional-arguments + ,#$image-name + #$@container-command))))))) + +(define (docker-container-shepherd-service docker-cli config) + "Return a shepherd-service that runs CONTAINER." + (let* ((container-name (symbol->string (docker-container-name config))) + (cid-file (string-append "/var/run/docker/" container-name ".pid"= )) + (pid-file-timeout (docker-container-pid-file-timeout config))) + (shepherd-service + (provision (list (docker-container-name config))) + (requirement `(dockerd)) + (documentation (docker-container-documentation config)) + (start #~(apply make-forkexec-constructor + `(,(list #$(docker-container-startup-script docker-cl= i container-name cid-file config)) + ;; Watch the cid-file instead of the docker run com= mand, as the daemon can + ;; still be running even when the command terminates + #:pid-file #$cid-file + #:pid-file-timeout #$pid-file-timeout))) + (stop #~(lambda _ + (invoke + (string-append #$docker-cli "/bin/docker") + "stop" + #$container-name) + ;; Shepherd expects the stop command to return #f if it suc= ceeds + ;; docker stop should always succeed + #f))))) + +(define (list-of-docker-containers? val) + (list-of docker-container?)) + (define-configuration docker-configuration (docker (file-like docker) @@ -65,8 +250,21 @@ (define-configuration docker-configuration (environment-variables (list '()) "Environment variables to set for dockerd") + (containers + (list-of-docker-containers '()) + "List of docker containers to run as shepherd services.") (no-serialization)) =20 +(define (docker-container-shepherd-services config) + "Return shepherd services for all containers inside config." + (let ((docker-cli (docker-configuration-docker-cli config))) + (map + (lambda (container) + (docker-container-shepherd-service + docker-cli + container)) + (docker-configuration-containers config)))) + (define %docker-accounts (list (user-group (name "docker") (system? #t)))) =20 @@ -88,20 +286,20 @@ (define (containerd-shepherd-service config) (debug? (docker-configuration-debug? config)) (containerd (docker-configuration-containerd config))) (shepherd-service - (documentation "containerd daemon.") - (provision '(containerd)) - (start #~(make-forkexec-constructor - (list (string-append #$package "/bin/containerd") - #$@(if debug? - '("--log-level=3Ddebug") - '())) - ;; For finding containerd-shim binary. - #:environment-variables - (list (string-append "PATH=3D" #$containerd "/bin")) - #:pid-file "/run/containerd/containerd.pid" - #:pid-file-timeout 300 - #:log-file "/var/log/containerd.log")) - (stop #~(make-kill-destructor))))) + (documentation "containerd daemon.") + (provision '(containerd)) + (start #~(make-forkexec-constructor + (list (string-append #$package "/bin/containerd") + #$@(if debug? + '("--log-level=3Ddebug") + '())) + ;; For finding containerd-shim binary. + #:environment-variables + (list (string-append "PATH=3D" #$containerd "/bin")) + #:pid-file "/run/containerd/containerd.pid" + #:pid-file-timeout 300 + #:log-file "/var/log/containerd.log")) + (stop #~(make-kill-destructor))))) =20 (define (docker-shepherd-service config) (let* ((docker (docker-configuration-docker config)) @@ -148,7 +346,7 @@ (define (docker-shepherd-service config) (define docker-service-type (service-type (name 'docker) (description "Provide capability to run Docker application -bundles in Docker containers.") +bundles in Docker containers and optionally wrap those containers in sheph= erd services.") (extensions (list ;; Make sure the 'docker' command is available. @@ -158,10 +356,16 @@ (define docker-service-type %docker-activation) (service-extension shepherd-root-service-type (lambda (config) - (list (containerd-shepherd-service = config) - (docker-shepherd-service conf= ig)))) + (cons* (containerd-shepherd-service= config) + (docker-shepherd-service con= fig) + (docker-container-shepherd-s= ervices config)))) (service-extension account-service-type (const %docker-accounts)))) + (compose concatenate) + (extend (lambda (config containers) + (docker-configuration + (inherit config) + (containers (append containers (docker-configur= ation-containers config)))))) (default-value (docker-configuration)))) =20 --=20 2.37.3 --=-=-=--
guix-patches@HIDDEN
:bug#58123
; Package guix-patches
.
Full text available.Received: (at 58123) by debbugs.gnu.org; 30 Sep 2022 18:48:56 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Sep 30 14:48:56 2022 Received: from localhost ([127.0.0.1]:42951 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oeL4C-0007c5-Bi for submit <at> debbugs.gnu.org; Fri, 30 Sep 2022 14:48:56 -0400 Received: from baptiste.telenet-ops.be ([195.130.132.51]:40386) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <maximedevos@HIDDEN>) id 1oeL4A-0007bw-Qs for 58123 <at> debbugs.gnu.org; Fri, 30 Sep 2022 14:48:55 -0400 Received: from [IPV6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16] ([IPv6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16]) by baptiste.telenet-ops.be with bizsmtp id SJou2800120ykKC01Jourv; Fri, 30 Sep 2022 20:48:54 +0200 Message-ID: <6c9813c0-ea43-3238-2b6d-376307017e9c@HIDDEN> Date: Fri, 30 Sep 2022 20:48:53 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.12.0 Subject: Re: [bug#58123] [PATCH] gnu: services: docker: Add docker-container-service-type Content-Language: en-US To: =?UTF-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN>, 58123 <at> debbugs.gnu.org References: <87r0zwr9dv.fsf@HIDDEN> <dd0d0076-39e1-5934-4304-1fae7ed5e042@HIDDEN> <87edvt9e16.fsf@HIDDEN> From: Maxime Devos <maximedevos@HIDDEN> In-Reply-To: <87edvt9e16.fsf@HIDDEN> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------D50Qfzvlo8cG3AlbjirfLJaA" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22; t=1664563734; bh=FM4mQ3NL30pcW688seY8yC43nNPMipyWFDZshuKodXs=; h=Date:Subject:To:References:From:In-Reply-To; b=Zse1kUwe98Hifgqpx2Srs1SZj3viTu6o8Sx/F1Gtiz2Eoyx57S3BZy3guUVBB4rZj Gi0GU6z8/mivMj+B7W5hch+r69H6YRZmiwRGNweEDlTZyckZrjssacslGso7hyjknQ PTqnWaupSngAQ/0XP8axQYlh5ZgOAhEh2iUJRQPNnlPVUxsYUz22DqyBrgZJHkxSNv Z0BuMPFPtakqZS2yjpxK8++9AiRK5tcuy7ceD3Zt/bV16k6Q1Hh1Ru7QOl1ofQIWQO a7GQ38sLWhljN8A6hM+ozb7flGZgW6/ZUDpeeZDO/GjECtHffbgHgavt5T5N04SWB/ jh1SxepUwLj5w== X-Spam-Score: -2.5 (--) X-Debbugs-Envelope-To: 58123 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.5 (---) This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------D50Qfzvlo8cG3AlbjirfLJaA Content-Type: multipart/mixed; boundary="------------XTnHacixFct70WqHO7MBTIcY"; protected-headers="v1" From: Maxime Devos <maximedevos@HIDDEN> To: =?UTF-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN>, 58123 <at> debbugs.gnu.org Message-ID: <6c9813c0-ea43-3238-2b6d-376307017e9c@HIDDEN> Subject: Re: [bug#58123] [PATCH] gnu: services: docker: Add docker-container-service-type References: <87r0zwr9dv.fsf@HIDDEN> <dd0d0076-39e1-5934-4304-1fae7ed5e042@HIDDEN> <87edvt9e16.fsf@HIDDEN> In-Reply-To: <87edvt9e16.fsf@HIDDEN> --------------XTnHacixFct70WqHO7MBTIcY Content-Type: multipart/mixed; boundary="------------fR4tjA3Uz8rILqY5Oa6WhJRV" --------------fR4tjA3Uz8rILqY5Oa6WhJRV Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64 DQoNCk9uIDMwLTA5LTIwMjIgMTU6NDAsIE3DoWphIFRvbcOhxaFlayB3cm90ZToNCj4gKyhk ZWZpbmUtY29uZmlndXJhdGlvbi9uby1zZXJpYWxpemF0aW9uIGRvY2tlci1jb250YWluZXIt Y29uZmlndXJhdGlvbg0KPiArICAobmFtZQ0KPiArICAgKHN5bWJvbCAnKCkpDQo+ICsgICAi TmFtZSBvZiB0aGUgZG9ja2VyIGNvbnRhaW5lci4gV2lsbCBiZSB1c2VkIHRvIGRlbm90ZSBz ZXJ2aWNlIHRvIFNoZXBoZXJkIGFuZCBtdXN0IGJlIHVuaXF1ZSENCj4gK1dlIHJlY29tbWVu ZCwgdGhhdCB0aGUgbmFtZSBvZiB0aGUgY29udGFpbmVyIGlzIHByZWZpeGVkIHdpdGggQGNv ZGV7ZG9ja2VyLX0uIikNCg0KT24gdW5pcXVlbmVzczogb24gc2Vjb25kIHRob3VnaHQsIHRo YXQncyBwcm9iYWJseSBhbHJlYWR5IGhhbmRsZWQgYnkgdGhlIA0KZ2VuZXJhbCBzZXJ2aWNl IGNvZGUsIHByb2JhYmx5IG5vIG5lZWQgZm9yIGFuIGFkZGl0aW9uYWwgY2hlY2sgaGVyZS4N Cg0KR3JlZXRpbmdzLA0KTWF4aW1lLg0K --------------fR4tjA3Uz8rILqY5Oa6WhJRV Content-Type: application/pgp-keys; name="OpenPGP_0x49E3EE22191725EE.asc" Content-Disposition: attachment; filename="OpenPGP_0x49E3EE22191725EE.asc" Content-Description: OpenPGP public key Content-Transfer-Encoding: quoted-printable -----BEGIN PGP PUBLIC KEY BLOCK----- xjMEX4ch6BYJKwYBBAHaRw8BAQdANPb/d6MrGnGi5HyvODCkBUJPRjiFQcRU5V+m xvMaAa/NL01heGltZSBEZXZvcyA8bWF4aW1lLmRldm9zQHN0dWRlbnQua3VsZXV2 ZW4uYmU+wpAEExYIADgWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCX4ch6AIbAwUL CQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRBJ4+4iGRcl7japAQC3opZ2KGWzWmRc /gIWSu0AAcfMwyinFEEPa/QhUt2CogD/e2RdF4CYAgaRHJJmZ9WU7piKbLZ7llB4 LzgezVDHggzNJU1heGltZSBEZXZvcyA8bWF4aW1lZGV2b3NAdGVsZW5ldC5iZT7C kAQTFggAOBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJf56ycAhsDBQsJCAcDBRUK CQgLBRYCAwEAAh4BAheAAAoJEEnj7iIZFyXujpQBAKV1SwDDl4f24rXciDlB9L8W ycZt30CgbewMSRQk4mvbAP9dFMbVVixYBd6C8cfhR+NsOBGiOJnQABlUmgNuqGFJ Dc44BF+HIegSCisGAQQBl1UBBQEBB0BOlzIWiJzgobMF6/cqwLaLk7jIcFSZ++c0 k9cCNT6YXwMBCAfCeAQYFggAIBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJfhyHo AhsMAAoJEEnj7iIZFyXuMr0BAJc8cl5PGvVmVuSQVKjleNl4DK1/XAaPAYPe34AE fZJPAP9IqLCQhH/FeJanHqBP8gNdGNI2qn8RnnLVfRJgUjZ1BA=3D=3D =3DOVqp -----END PGP PUBLIC KEY BLOCK----- --------------fR4tjA3Uz8rILqY5Oa6WhJRV-- --------------XTnHacixFct70WqHO7MBTIcY-- --------------D50Qfzvlo8cG3AlbjirfLJaA Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wnsEABYIACMWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYzc6FgUDAAAAAAAKCRBJ4+4iGRcl7uh8 APsFLqo1z4Dxqa5HSdI2JG5arzpRJXOnJjTFrcBt/GUwogEArJxR6tWHva6c9LK01TidQ1fm0VX5 sNQwxE+C/Nmbswc= =LrkQ -----END PGP SIGNATURE----- --------------D50Qfzvlo8cG3AlbjirfLJaA--
guix-patches@HIDDEN
:bug#58123
; Package guix-patches
.
Full text available.Received: (at 58123) by debbugs.gnu.org; 30 Sep 2022 18:47:55 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Sep 30 14:47:55 2022 Received: from localhost ([127.0.0.1]:42946 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oeL3C-0007aS-Q6 for submit <at> debbugs.gnu.org; Fri, 30 Sep 2022 14:47:55 -0400 Received: from baptiste.telenet-ops.be ([195.130.132.51]:37770) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <maximedevos@HIDDEN>) id 1oeL38-0007aF-PK for 58123 <at> debbugs.gnu.org; Fri, 30 Sep 2022 14:47:53 -0400 Received: from [IPV6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16] ([IPv6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16]) by baptiste.telenet-ops.be with bizsmtp id SJnn2800B20ykKC01Jnnb2; Fri, 30 Sep 2022 20:47:47 +0200 Message-ID: <b4cfc59a-470a-14a1-6437-49995ca0f2a3@HIDDEN> Date: Fri, 30 Sep 2022 20:47:47 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.12.0 Content-Language: en-US To: =?UTF-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN>, 58123 <at> debbugs.gnu.org References: <87r0zwr9dv.fsf@HIDDEN> <dd0d0076-39e1-5934-4304-1fae7ed5e042@HIDDEN> <87edvt9e16.fsf@HIDDEN> From: Maxime Devos <maximedevos@HIDDEN> Subject: Re: [bug#58123] [PATCH] gnu: services: docker: Add docker-container-service-type In-Reply-To: <87edvt9e16.fsf@HIDDEN> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------1aGvWHNHKQBfCz01vb6gOHxT" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22; t=1664563667; bh=woEPNda4ukbd36rPAkwstR22Vv37/h/AMt0lq8cDJh8=; h=Date:To:References:From:Subject:In-Reply-To; b=mt7ZKeEZ3t7NzoPoucBPsNzfcVDcTgrEtA0k4FE+iH9utZakKfuRX8d7u36ymkfXO NEduVjnp+E5newX896LyijuTMu5pFml6QmuSHuHmpFQk0xTgDhk3FWk7MA4wDV9l3Y pK88X+bcLEnhl0m+ODh2oSsbHItOn+rdahV3KVBkzDbv3daBkAeEG2CGsDuhbTkRYY qtu8r4lNVVBP01heu9EuuCBdulfofmtlL49pOExQbzbMODDuyV5EgvHRPo1wyo+WdU k3qXtDvXvxNHIHkpSke1aLSoaQSZgHRLuAUGQgsPEtHlSNS/NIkikAHDYJH4L9xKt6 8VfgFs57lqmWQ== X-Spam-Score: -2.5 (--) X-Debbugs-Envelope-To: 58123 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.5 (---) This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------1aGvWHNHKQBfCz01vb6gOHxT Content-Type: multipart/mixed; boundary="------------NYqIaQwvFN5rwMiFT3HtEksi"; protected-headers="v1" From: Maxime Devos <maximedevos@HIDDEN> To: =?UTF-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN>, 58123 <at> debbugs.gnu.org Message-ID: <b4cfc59a-470a-14a1-6437-49995ca0f2a3@HIDDEN> Subject: Re: [bug#58123] [PATCH] gnu: services: docker: Add docker-container-service-type References: <87r0zwr9dv.fsf@HIDDEN> <dd0d0076-39e1-5934-4304-1fae7ed5e042@HIDDEN> <87edvt9e16.fsf@HIDDEN> In-Reply-To: <87edvt9e16.fsf@HIDDEN> --------------NYqIaQwvFN5rwMiFT3HtEksi Content-Type: multipart/mixed; boundary="------------eqjSKE2fm4H03jbvTdp0G4Xs" --------------eqjSKE2fm4H03jbvTdp0G4Xs Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64 DQo+Pj4gKw0KPj4+ICsoZGVmaW5lIChkb2NrZXItY29udGFpbmVyLXNoZXBoZXJkLXNlcnZp Y2UgZG9ja2VyLWNsaSBjb25maWcpDQo+Pj4gKyAgIlJldHVybiBhIHNoZXBoZXJkLXNlcnZp Y2UgdGhhdCBydW5zIENPTlRBSU5FUi4iDQo+Pj4gKyAgKGxldCogKChjb250YWluZXItbmFt ZSAoc3ltYm9sLT5zdHJpbmcgKGRvY2tlci1jb250YWluZXItY29uZmlndXJhdGlvbi1uYW1l IGNvbmZpZykpKQ0KPj4+ICsgICAgICAgICAoY2lkLWZpbGUgKHN0cmluZy1hcHBlbmQgIi92 YXIvcnVuL2RvY2tlci8iIGNvbnRhaW5lci1uYW1lICIucGlkIikpDQo+Pg0KPj4gVGhpcyBz b3VuZHMgbGlrZSAiLiIsICIuLiIgYW5kIGFueXRoaW5nIGNvbnRhaW5pbmcgYSAiLyIgb3Ig Ilx4MDAiIHdvdWxkDQo+PiBiZSBpbnZhbGlkIGNvbnRhaW5lciBuYW1lcywgSSByZWNvbW1l bmQgcmVmaW5pbmcgdGhlIHR5cGUgY2hlY2sgZm9yDQo+PiAnY29udGFpbmVyLW5hbWUnIGEg bGl0dGxlLiAgSXQgYWxzbyBsb29rcyBsaWtlIGNvbnRhaW5lciBuYW1lcyBtdXN0IGJlDQo+ PiB1bmlxdWUgd2l0aGluIGEgc3lzdGVtLCB0aGF0IHNvdW5kcyBsaWtlIHNvbWV0aGluZyB0 byBtZW50aW9uIGluIGl0cw0KPj4gZG9jc3RyaW5nIHRvIG1lLg0KPj4NCj4gDQo+IFRoZXJl IGFjdHVhbGx5IGlzIG1lbnRpb24gb2YgaXQhDQo+IA0KPiAiTmFtZSBvZiB0aGUgZG9ja2Vy IGNvbnRhaW5lci4gV2lsbCBiZSB1c2VkIHRvIGRlbm90ZSBzZXJ2aWNlIHRvIFNoZXBoZXJk IGFuZCBtdXN0IGJlIHVuaXF1ZSENCj4gV2UgcmVjb21tZW5kLCB0aGF0IHRoZSBuYW1lIG9m IHRoZSBjb250YWluZXIgaXMgcHJlZml4ZWQgd2l0aA0KPiBAY29kZXtkb2NrZXItfS4iDQoN Ck9vcHMsIGRpZG4ndCBub3RpY2UgdGhhdC4gIEhvd2V2ZXIsIHlvdSBjb3VsZCBpbnNlcnQg YSBjaGVjayBzb21ld2hlcmUgDQpmb3IgdW5pcXVlbmVzcywgdG8gYXZvaWQgYWNjaWRlbnRz Lg0KDQo+Pj4gKyAgICAgKHN0b3AgKGlmICMkYXR0YWNoZWQ/DQo+Pj4gKyAgICAgICAgICAg ICAgICN+KG1ha2Uta2lsbC1kZXN0cnVjdG9yKQ0KPj4+ICsgICAgICAgICAgICAgICAjfihs YW1iZGEgXw0KPj4+ICsgICAgICAgICAgICAgICAgICAgKGV4ZWMtY29tbWFuZCAobGlzdA0K Pj4+ICsgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgKHN0cmluZy1hcHBlbmQg IyRkb2NrZXItY2xpICIvYmluL2RvY2tlciIpDQo+Pj4gKyAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAic3RvcCIgIyRjb250YWluZXItbmFtZSkpDQo+Pj4gKyAgICAgICAg ICAgICAgICAgICAjZikpKSkpKQ0KPj4NCj4+IE5vdCB2ZXJ5IGZhbWlsaWFyIHdpdGggaG93 IFNoZXBoZXJkIHdvcmtzIGhlcmUsIGJ1dCBJIHRoaW5rIHRoYXQgdGhlDQo+PiAncmV0dXJu ICNmYWxzZScgZHNlc2VydmVzIGEgY29tbWFuZC4NCj4+DQo+IA0KPiBXZWxsLCBJIGxvb2tl ZCB0aHJvdWdoIHRoZSBzb3VyY2UgY29kZSwgYW5kIHRoaXMgaXMgc2hlcGhlcmQncyBvd24N Cj4gZGVmaW5pdGlvbjoNCj4gDQo+IA0KPiAoZGVmaW5lKiAobWFrZS1raWxsLWRlc3RydWN0 b3IgIzpvcHRpb25hbCAoc2lnbmFsIFNJR1RFUk0pKQ0KPiAgICAiUmV0dXJuIGEgcHJvY2Vk dXJlIHRoYXQgc2VuZHMgU0lHTkFMIHRvIHRoZSBwcm9jZXNzIGdyb3VwIG9mIHRoZSBQSUQg Z2l2ZW4NCj4gYXMgYXJndW1lbnQsIHdoZXJlIFNJR05BTCBkZWZhdWx0cyB0byBgU0lHVEVS TScuIg0KPiAgICAobGFtYmRhIChwaWQgLiBhcmdzKQ0KPiAgICAgIDs7IEtpbGwgdGhlIHdo b2xlIHByb2Nlc3MgZ3JvdXAgUElEIGJlbG9uZ3MgdG8uICBEb24ndCBhc3N1bWUgdGhhdCBQ SUQgaXMNCj4gICAgICA7OyBhIHByb2Nlc3MgZ3JvdXAgSUQ6IHRoYXQncyBub3QgdGhlIGNh c2Ugd2hlbiB1c2luZyAjOnBpZC1maWxlLCB3aGVyZQ0KPiAgICAgIDs7IHRoZSBwcm9jZXNz IGdyb3VwIElEIGlzIHRoZSBQSUQgb2YgdGhlIHByb2Nlc3MgdGhhdCAiZGFlbW9uaXplZCIu ICBJZg0KPiAgICAgIDs7IHRoaXMgcHJvY2VkdXJlIGlzIGNhbGxlZCwgYmV0d2VlbiB0aGUg cHJvY2VzcyBmb3JrIGFuZCBleGVjLCB0aGUgUEdJRA0KPiAgICAgIDs7IHdpbGwgc3RpbGwg YmUgemVybyAodGhlIFNoZXBoZXJkIFBHSUQpLiBJbiB0aGF0IGNhc2UsIHVzZSB0aGUgUElE Lg0KPiAgICAgIChsZXQgKChwZ2lkIChnZXRwZ2lkIHBpZCkpKQ0KPiAgICAgICAgKGlmICg9 IChnZXRwZ2lkIDApIHBnaWQpDQo+ICAgICAgICAgICAgKGtpbGwgcGlkIHNpZ25hbCkgO2Rv bid0IGtpbGwgb3Vyc2VsZg0KPiAgICAgICAgICAgIChraWxsICgtIHBnaWQpIHNpZ25hbCkp KQ0KPiAgICAgICNmKSkNCj4gDQo+IA0KPiBTbyBJIHRoaW5rIHRoYXQgcmV0dXJuaW5nICNm IHdvcmtzLiBkb2NrZXIgc3RvcCB3aWxsIHNlbmQgU0lHS0lMTCBpZiB0aGUNCj4gY29udGFp bmVyIHRha2VzIHRvbyBsb25nLCBzbyBpdCBzaG91bGQgc3VjY2VlZC4NCg0KTm90IHNheWlu ZyBpdCB3b24ndCB3b3JrLCBqdXN0IHRoYXQgaXQgZGVzZXJ2ZXMgYSBjb21tZW50ICh0aG91 Z2ggDQphcHBhcmVudGx5IEkgbWlzc3BlbGxlZCAnY29tbWVudCcpLCBldmVuIGlmIGl0J3Mg b25seSBzb21ldGhpbmcgbGlrZSANCiJyZXR1cm4gI2ZhbHNlIGFzIGRvbmUgYnkgJ21ha2Ut a2lsbC1kZXN0cnVjdG9yJyIuDQoNCkhvd2V2ZXIsICdleGVjLWNvbW1hbmQnIHJ1bnMgJ2V4 ZWMnIChyZXBsYWNpbmcgdGhlIHNoZXBoZXJkIHByb2Nlc3MpLCBJIA0KdGhpbmsgeW91IG5l ZWQgc29tZXRoaW5nIGxpa2UgJ2ludm9rZScgb3IgJ3N5c3RlbSonIGluc3RlYWQuDQoNCkdy ZWV0aW5ncywNCk1heGltRS4NCg== --------------eqjSKE2fm4H03jbvTdp0G4Xs Content-Type: application/pgp-keys; name="OpenPGP_0x49E3EE22191725EE.asc" Content-Disposition: attachment; filename="OpenPGP_0x49E3EE22191725EE.asc" Content-Description: OpenPGP public key Content-Transfer-Encoding: quoted-printable -----BEGIN PGP PUBLIC KEY BLOCK----- xjMEX4ch6BYJKwYBBAHaRw8BAQdANPb/d6MrGnGi5HyvODCkBUJPRjiFQcRU5V+m xvMaAa/NL01heGltZSBEZXZvcyA8bWF4aW1lLmRldm9zQHN0dWRlbnQua3VsZXV2 ZW4uYmU+wpAEExYIADgWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCX4ch6AIbAwUL CQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRBJ4+4iGRcl7japAQC3opZ2KGWzWmRc /gIWSu0AAcfMwyinFEEPa/QhUt2CogD/e2RdF4CYAgaRHJJmZ9WU7piKbLZ7llB4 LzgezVDHggzNJU1heGltZSBEZXZvcyA8bWF4aW1lZGV2b3NAdGVsZW5ldC5iZT7C kAQTFggAOBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJf56ycAhsDBQsJCAcDBRUK CQgLBRYCAwEAAh4BAheAAAoJEEnj7iIZFyXujpQBAKV1SwDDl4f24rXciDlB9L8W ycZt30CgbewMSRQk4mvbAP9dFMbVVixYBd6C8cfhR+NsOBGiOJnQABlUmgNuqGFJ Dc44BF+HIegSCisGAQQBl1UBBQEBB0BOlzIWiJzgobMF6/cqwLaLk7jIcFSZ++c0 k9cCNT6YXwMBCAfCeAQYFggAIBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJfhyHo AhsMAAoJEEnj7iIZFyXuMr0BAJc8cl5PGvVmVuSQVKjleNl4DK1/XAaPAYPe34AE fZJPAP9IqLCQhH/FeJanHqBP8gNdGNI2qn8RnnLVfRJgUjZ1BA=3D=3D =3DOVqp -----END PGP PUBLIC KEY BLOCK----- --------------eqjSKE2fm4H03jbvTdp0G4Xs-- --------------NYqIaQwvFN5rwMiFT3HtEksi-- --------------1aGvWHNHKQBfCz01vb6gOHxT Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wnsEABYIACMWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYzc50wUDAAAAAAAKCRBJ4+4iGRcl7hox APwMXh8ljOvHyVQbTAbmFZ0dfGLILT/AKPtrzANYq94N3gD/RFgoflz8UMnm1cxTCSw+ou9DU0Bg EtLG+iXalYA4Xgc= =cybu -----END PGP SIGNATURE----- --------------1aGvWHNHKQBfCz01vb6gOHxT--
guix-patches@HIDDEN
:bug#58123
; Package guix-patches
.
Full text available.Received: (at 58123) by debbugs.gnu.org; 30 Sep 2022 16:49:54 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Sep 30 12:49:53 2022 Received: from localhost ([127.0.0.1]:42807 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1oeJCy-0004e0-RE for submit <at> debbugs.gnu.org; Fri, 30 Sep 2022 12:49:53 -0400 Received: from knopi.disroot.org ([178.21.23.139]:39958) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <maya.tomasek@HIDDEN>) id 1oeGFQ-00016g-O8 for 58123 <at> debbugs.gnu.org; Fri, 30 Sep 2022 09:40:14 -0400 Received: from localhost (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id E920F4BCFD; Fri, 30 Sep 2022 15:40:10 +0200 (CEST) X-Virus-Scanned: SPAM Filter at disroot.org Received: from knopi.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I1XolEzqq_YU; Fri, 30 Sep 2022 15:40:09 +0200 (CEST) From: =?utf-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1664545209; bh=jCelJf2+Mj2uHbBQzLrx/u0huO1RBab1/hbIRQNWZbQ=; h=From:To:Subject:In-Reply-To:References:Date; b=j/qX+UtFHCQnkiqZ0nV3nb1EExeEIWvwqBC7Ms46fw42os6skOYGLfKC+2AoAdieY Y6y+311rw/n4rh9ot4MWmQmPxk9AS9EfF5eOTgy1xVf/goHw7FIeBY0g9nxDELBlri +N5ibkD3I643QhVunpYP1NNrMRofCeg9zymwBGcZr3DCW1MBngyFqEFzVQs3noII59 pHE4HQ6/bLfa0zNUgW0yRpCTHQuZnXNKgIbGPecgVX+rHlgM6kY/iCE3xE/07dohHL OD06DAQADB7/xuEpSn3JR49e8kE6L7f0B54b5CAV9cyRhusAzYxjCzr4spr7akkIha wRs8rLWyy3KHg== To: Maxime Devos <maximedevos@HIDDEN>, 58123 <at> debbugs.gnu.org Subject: Re: [bug#58123] [PATCH] gnu: services: docker: Add docker-container-service-type In-Reply-To: <dd0d0076-39e1-5934-4304-1fae7ed5e042@HIDDEN> References: <87r0zwr9dv.fsf@HIDDEN> <dd0d0076-39e1-5934-4304-1fae7ed5e042@HIDDEN> Date: Fri, 30 Sep 2022 15:40:05 +0200 Message-ID: <87edvt9e16.fsf@HIDDEN> Mime-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 58123 X-Mailman-Approved-At: Fri, 30 Sep 2022 12:49:50 -0400 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Hi > On 27-09-2022 19:16, guix-patches--- via wrote: >> >> This patch provides a new service type, which allows the creation of shepherd >> services from docker containers. >> --- >> Hi, >> >> I have written a definition of the docker-container-service-type. It is >> a service that allows you to convert docker containers into shepherd >> services. [...] >> >> There is currently no documentation outside of docstrings, I plan to >> write it, but first I would welcome comments from you, maybe this >> service isn't suitable for guix, as it does imply breaking of the >> declarative guix model, but that goes for docker and flatpak too, so I >> thought I can try it. > > We already have a docker-service-type, why not a > docker-container-service-type, though I wouldn't recommend docker > myself. Can't really document on the docker bits, but some mostly > superficial comments: I was thinking that this isn't exactly a "needed" use and can be thought of as separate, but probably I was wrong. >> >> +(define (pair-of-strings? val) >> + (and (pair val) > > I think you meant 'pair?' here, not 'pair'. > Yes. >> + (string? (car val)) >> + (string? (cdr val)))) >> + >> +(define (list-of-pair-of-strings? val) >> + (list-of pair-of-strings?)) >> + >> +(define-configuration/no-serialization docker-container-configuration >> + (name >> + (symbol '()) >> + "Name of the docker container. Will be used to denote service to Shepherd and must be unique! >> +We recommend, that the name of the container is prefixed with @code{docker-}.") >> + (comment >> + (string "") >> + "A documentation on the docker container.") > > I don't think documentation is countable, maybe > > "Documentation on the Docker container (optional)." > > ? (I don't know what casing is appropriate here). > >> + (image-name >> + (string) >> + "A name of the image that will be used. (Note that the existence of the image >> +is not guaranteed by this daemon.)") >> + (volumes >> + (list-of-pair-of-strings '()) >> + "A list of volume binds. In (HOST_PATH CONTAINER_PATH) format.") > > binds -> bindings and HOST_PATH CONTAINER_PATH -> (HOST-PATH > CONTAINER-PATH) per Scheme conventions. > >> + (ports >> + (list-of-pair-of-strings '()) >> + "A list of port binds. In (HOST_PORT CONTAINER_PORT) or (HOST_PORT CONTAINER_PORT OPTIONS) format. >> +For example, both port bindings are valid: >> + >> +@lisp >> +(ports '((\"2222\" \"22\") (\"21\" \"21\" \"tcp\"))) >> +@end lisp" > > * binds -> bindings > >> + (environments >> + (list-of-pair-of-strings '()) >> + "A list of variable binds, inside the container enviornment. In (VARIABLE VALUE) format.")) > > 'enviornment' -> 'environment', 'variable binds' -> 'environment > variables', '. In' -> ', in'. > >> + (network >> + (string "none") >> + "Network type.") > > Can the available network types be listed or a reference to the Docker > documentation be added, to help users with determining what to set it to? > >> + (additional-arguments >> + (list-of-strings '()) >> + "Additional arguments to the docker command line interface.") >> + (container-command >> + (list-of-strings '()) >> + "Command to send into the container.") >> + (attached? >> + (boolean #t) >> + "Run the container as an normal attached process (sending SIGTERM). >> +Or run the container as a isolated environment that must be stopped with @code{docker stop}. >> + >> +Please verify first, that you container is indeed not attached, otherwise @code{shepherd} might >> +assume the process is dead, even when it is not. >> + >> +You can do that, by first running your container with @code{docker run image-name}. >> + >> +Then check @code{docker ps}, if the command shows beside your container the word @code{running}. >> +Your container is indeed detached, but if it shows @code{starting}, and it doesn't flip to >> +@code{running} after a while, it means that you container is attached, and you need to keep this >> +option turned @code{#t}.")) >> + >> +(define (serialize-volumes config) >> + "Serialize list of pairs into flat list of @code{(\"-v\" \"HOST_PATH:CONTAINER_PATH\" ...)}" >> + (append-map >> + (lambda (volume-bind) >> + (list "-v" (format #f "~?" "~a:~a" volume-bind))) >> + (docker-container-configuration-volumes config))) > > See following about pairs and simplification. > >> + >> +(define (serialize-ports config) >> + "Serialize list of either pairs, or lists into flat list of >> +@code{(\"-p\" \"NUMBER:NUMBER\" \"-p\" \"NUMBER:NUMBER/PROTOCOL\" ...)}" >> + (append-map >> + (lambda (port-bind) >> + (list "-p" (format #f "~?" "~a:~a~^/~a" port-bind))) >> + (docker-container-configuration-ports config))) > > See following about pairs and simplification. > >> + >> +(define (serialized-environments config) >> + "Serialize list of pairs into flat list of @code{(\"-e\" \"VAR=val\" \"-e\" \"VAR=val\" ...)}." >> + (append-map >> + (lambda (env-bind) >> + (list "-e" (format #f "~?" "~a=~a" env-bind))) >> + (docker-container-configuration-environments config))) > > I tried this out in a REPL, but found that it doesn't accept pairs but > 2-element lists: > > scheme@(guile-user)> (format #f "~?" "~a=~a" '("x" . "y")) > ice-9/boot-9.scm:1685:16: In procedure raise-exception: > In procedure length: Wrong type argument in position 1: ("x" . "y") > > Entering a new prompt. Type `,bt' for a backtrace or `,q' to continue. > scheme@(guile-user) [1]> ,q > scheme@(guile-user)> (format #f "~?" "~a=~a" '("x" "y")) > $1 = "x=y" > > Also, the 'format' can be simplified: > > (apply format #f "~a=~a" env-bind) > > >> + >> +(define (docker-container-startup-script docker-cli container-name config) >> + "Return a program file, that executes the startup sequence of the @code{docker-container-shepherd-service}." >> + (let* ((attached? (docker-container-configuration-attached? config)) >> + (image-name (docker-container-configuration-image config)) >> + (volumes (serialize-volumes config)) >> + (ports (serialize-ports config)) >> + (envs (serialize-environments config)) >> + (network (docker-container-configuration-network config)) >> + (additional-arguments (docker-container-configuration-additional-arguments config)) >> + (container-command (docker-container-configuration-container-command config))) >> + (program-file >> + (string-append "start-" container-name "-container") >> + #~(let ((docker (string-append #$docker-cli "/bin/docker"))) >> + (system* docker "stop" #$container-name) >> + (system* docker "rm" #$container-name) > + (apply system* `(,docker >> + "run" >> + ,(string-append "--name=" #$container-name) >> + ;; Automatically remove the container when stopping >> + ;; If you want persistent data, you need to use >> + ;; volume binds or other methods. >> + "--rm" >> + ,(string-append "--network=" #$network) >> + ;; TODO: >> + ;; Write to a cid file the container id, this allows >> + ;; for shepherd to manage container even when the process >> + ;; itself gets detached from the container >> + ,@(if (not #$attached) '("--cidfile" #$cid-file) '()) >> + #$@volumes >> + #$@ports >> + #$@envs >> + #$@additional-arguments >> + ,#$image-name >> + #$@container-command)))))) > > 'system*' can fail, which it does by returning some number (and not by > an exception). I recommend using 'invoke' from (guix build utils) > (which uses exceptions) instead; you may need use-modules + > with-imported-modules to use that module. > > >> + >> +(define (docker-container-shepherd-service docker-cli config) >> + "Return a shepherd-service that runs CONTAINER." >> + (let* ((container-name (symbol->string (docker-container-configuration-name config))) >> + (cid-file (string-append "/var/run/docker/" container-name ".pid")) > > This sounds like ".", ".." and anything containing a "/" or "\x00" would > be invalid container names, I recommend refining the type check for > 'container-name' a little. It also looks like container names must be > unique within a system, that sounds like something to mention in its > docstring to me. > There actually is mention of it! "Name of the docker container. Will be used to denote service to Shepherd and must be unique! We recommend, that the name of the container is prefixed with @code{docker-}." But I agree I need to modify it a bit. >> + (attached? (docker-container-configuration-attached? config))) >> + (shepherd-service >> + (provision (list (docker-container-configuration-name config))) >> + (requirement `(dockerd)) >> + (start #~(make-forkexec-constructor >> + (list #$(docker-container-startup-script docker-cli container-name config)) >> + ;; Watch the cid-file instead of the docker run command, as the daemon can >> + ;; still be running even when the command terminates >> + (if (not #$attached?) >> + #:pid-file #$cid-file))) > > I don't think this does what you want it to do -- when attached, it will > evaluate to #$cid-file, when not, it will evaluate to #:pid-flile. > > Try apply+list instead: > > (apply > make-forkexec-constructor > (list ...) > #$(if $attached > #~() > #~(list #:pid-file #$cid-file))) > > (Changing the staging is not required, though myself I prefer it this way.) > > I recommend writing a system test (in gnu/tests/docker.scm), to prevent > such problems, though I don't know how feasible it would be. > I overlooked some issues, as I was sending the patch after last minute changes and I forgot to check it, thank you for noticing that mistake. >> + (stop (if #$attached? >> + #~(make-kill-destructor) >> + #~(lambda _ >> + (exec-command (list >> + (string-append #$docker-cli "/bin/docker") >> + "stop" #$container-name)) >> + #f)))))) > > Not very familiar with how Shepherd works here, but I think that the > 'return #false' dseserves a command. > Well, I looked through the source code, and this is shepherd's own definition: (define* (make-kill-destructor #:optional (signal SIGTERM)) "Return a procedure that sends SIGNAL to the process group of the PID given as argument, where SIGNAL defaults to `SIGTERM'." (lambda (pid . args) ;; Kill the whole process group PID belongs to. Don't assume that PID is ;; a process group ID: that's not the case when using #:pid-file, where ;; the process group ID is the PID of the process that "daemonized". If ;; this procedure is called, between the process fork and exec, the PGID ;; will still be zero (the Shepherd PGID). In that case, use the PID. (let ((pgid (getpgid pid))) (if (= (getpgid 0) pgid) (kill pid signal) ;don't kill ourself (kill (- pgid) signal))) #f)) So I think that returning #f works. docker stop will send SIGKILL if the container takes too long, so it should succeed. I will send a new patch with this service moved into the docker-service-type and addressed your criticisms. Maya
guix-patches@HIDDEN
:bug#58123
; Package guix-patches
.
Full text available.Received: (at 58123) by debbugs.gnu.org; 29 Sep 2022 18:32:08 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Thu Sep 29 14:32:08 2022 Received: from localhost ([127.0.0.1]:39572 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1odyKN-00051l-SF for submit <at> debbugs.gnu.org; Thu, 29 Sep 2022 14:32:08 -0400 Received: from albert.telenet-ops.be ([195.130.137.90]:59148) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <maximedevos@HIDDEN>) id 1odyKI-00051Y-TQ for 58123 <at> debbugs.gnu.org; Thu, 29 Sep 2022 14:32:06 -0400 Received: from [IPV6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16] ([IPv6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16]) by albert.telenet-ops.be with bizsmtp id RuXz2800320ykKC06uXz6n; Thu, 29 Sep 2022 20:31:59 +0200 Message-ID: <dd0d0076-39e1-5934-4304-1fae7ed5e042@HIDDEN> Date: Thu, 29 Sep 2022 20:31:59 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.12.0 Content-Language: en-US To: =?UTF-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN>, 58123 <at> debbugs.gnu.org References: <87r0zwr9dv.fsf@HIDDEN> From: Maxime Devos <maximedevos@HIDDEN> Subject: Re: [bug#58123] [PATCH] gnu: services: docker: Add docker-container-service-type In-Reply-To: <87r0zwr9dv.fsf@HIDDEN> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------MkhQdqx650Vxa0JLe6dYfSvF" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22; t=1664476319; bh=VVUatcLyJ0TNAZ5w71v14sDtzCVFj/G9QusfmoiUslE=; h=Date:To:References:From:Subject:In-Reply-To; b=m+BKTtL3zNFwgSbb1XkDndWnOPbb7TSILh1QGv4ZCYYSNFNQmWF+ZSHPdEMmKsyA8 4qMfA1mKyCoRlxlrIExw3ZjvHtsCq88LlWsmmJAJ+HUpZdAqcdtKqJCXXKNjITLyk8 RhOV5khewGLaks0bFJ4EZu4loD5xijvqrSw6ByWrgyxOOqv3uHLKFbAoN+BqXWbjkS IQ3o4fayh3JJN4un0mv1vBI5KPeKEiv8H9tkHcKyq61TUWIYBlIFFrGWuZ2Cd0XPw/ ADvNwrmbcDRP78KyVFepznJZEvwIC5gcGW62WOKs2E80WL7G4PSF91NLp+iuPYi0Qo B60zdtPA7W5Nw== X-Spam-Score: -1.8 (-) X-Debbugs-Envelope-To: 58123 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.8 (--) This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------MkhQdqx650Vxa0JLe6dYfSvF Content-Type: multipart/mixed; boundary="------------cWvhmhlwM8vYzhvCwxcOYDXd"; protected-headers="v1" From: Maxime Devos <maximedevos@HIDDEN> To: =?UTF-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN>, 58123 <at> debbugs.gnu.org Message-ID: <dd0d0076-39e1-5934-4304-1fae7ed5e042@HIDDEN> Subject: Re: [bug#58123] [PATCH] gnu: services: docker: Add docker-container-service-type References: <87r0zwr9dv.fsf@HIDDEN> In-Reply-To: <87r0zwr9dv.fsf@HIDDEN> --------------cWvhmhlwM8vYzhvCwxcOYDXd Content-Type: multipart/mixed; boundary="------------Uop0srNDnw720NWSCTaIOq8W" --------------Uop0srNDnw720NWSCTaIOq8W Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64 DQoNCk9uIDI3LTA5LTIwMjIgMTk6MTYsIGd1aXgtcGF0Y2hlcy0tLSB2aWEgd3JvdGU6DQo+ IA0KPiBUaGlzIHBhdGNoIHByb3ZpZGVzIGEgbmV3IHNlcnZpY2UgdHlwZSwgd2hpY2ggYWxs b3dzIHRoZSBjcmVhdGlvbiBvZiBzaGVwaGVyZA0KPiBzZXJ2aWNlcyBmcm9tIGRvY2tlciBj b250YWluZXJzLg0KPiAtLS0NCj4gSGksDQo+IA0KPiBJIGhhdmUgd3JpdHRlbiBhIGRlZmlu aXRpb24gb2YgdGhlIGRvY2tlci1jb250YWluZXItc2VydmljZS10eXBlLiBJdCBpcw0KPiBh IHNlcnZpY2UgdGhhdCBhbGxvd3MgeW91IHRvIGNvbnZlcnQgZG9ja2VyIGNvbnRhaW5lcnMg aW50byBzaGVwaGVyZA0KPiBzZXJ2aWNlcy4gIFsuLi5dDQo+IA0KPiBUaGVyZSBpcyBjdXJy ZW50bHkgbm8gZG9jdW1lbnRhdGlvbiBvdXRzaWRlIG9mIGRvY3N0cmluZ3MsIEkgcGxhbiB0 bw0KPiB3cml0ZSBpdCwgYnV0IGZpcnN0IEkgd291bGQgd2VsY29tZSBjb21tZW50cyBmcm9t IHlvdSwgbWF5YmUgdGhpcw0KPiBzZXJ2aWNlIGlzbid0IHN1aXRhYmxlIGZvciBndWl4LCBh cyBpdCBkb2VzIGltcGx5IGJyZWFraW5nIG9mIHRoZQ0KPiBkZWNsYXJhdGl2ZSBndWl4IG1v ZGVsLCBidXQgdGhhdCBnb2VzIGZvciBkb2NrZXIgYW5kIGZsYXRwYWsgdG9vLCBzbyBJDQo+ IHRob3VnaHQgSSBjYW4gdHJ5IGl0Lg0KDQpXZSBhbHJlYWR5IGhhdmUgYSBkb2NrZXItc2Vy dmljZS10eXBlLCB3aHkgbm90IGEgDQpkb2NrZXItY29udGFpbmVyLXNlcnZpY2UtdHlwZSwg dGhvdWdoIEkgd291bGRuJ3QgcmVjb21tZW5kIGRvY2tlciANCm15c2VsZi4gIENhbid0IHJl YWxseSBkb2N1bWVudCBvbiB0aGUgZG9ja2VyIGJpdHMsIGJ1dCBzb21lIG1vc3RseSANCnN1 cGVyZmljaWFsIGNvbW1lbnRzOg0KDQo+DQo+ICsoZGVmaW5lIChwYWlyLW9mLXN0cmluZ3M/ IHZhbCkNCj4gKyAgKGFuZCAocGFpciB2YWwpDQoNCkkgdGhpbmsgeW91IG1lYW50ICdwYWly PycgaGVyZSwgbm90ICdwYWlyJy4NCg0KPiArICAgICAgIChzdHJpbmc/IChjYXIgdmFsKSkN Cj4gKyAgICAgICAoc3RyaW5nPyAoY2RyIHZhbCkpKSkNCj4gKw0KPiArKGRlZmluZSAobGlz dC1vZi1wYWlyLW9mLXN0cmluZ3M/IHZhbCkNCj4gKyAgKGxpc3Qtb2YgcGFpci1vZi1zdHJp bmdzPykpDQo+ICsNCj4gKyhkZWZpbmUtY29uZmlndXJhdGlvbi9uby1zZXJpYWxpemF0aW9u IGRvY2tlci1jb250YWluZXItY29uZmlndXJhdGlvbg0KPiArICAobmFtZQ0KPiArICAgKHN5 bWJvbCAnKCkpDQo+ICsgICAiTmFtZSBvZiB0aGUgZG9ja2VyIGNvbnRhaW5lci4gV2lsbCBi ZSB1c2VkIHRvIGRlbm90ZSBzZXJ2aWNlIHRvIFNoZXBoZXJkIGFuZCBtdXN0IGJlIHVuaXF1 ZSENCj4gK1dlIHJlY29tbWVuZCwgdGhhdCB0aGUgbmFtZSBvZiB0aGUgY29udGFpbmVyIGlz IHByZWZpeGVkIHdpdGggQGNvZGV7ZG9ja2VyLX0uIikNCj4gKyAgKGNvbW1lbnQNCj4gKyAg IChzdHJpbmcgIiIpDQo+ICsgICAiQSBkb2N1bWVudGF0aW9uIG9uIHRoZSBkb2NrZXIgY29u dGFpbmVyLiIpDQoNCkkgZG9uJ3QgdGhpbmsgZG9jdW1lbnRhdGlvbiBpcyBjb3VudGFibGUs IG1heWJlDQoNCiJEb2N1bWVudGF0aW9uIG9uIHRoZSBEb2NrZXIgY29udGFpbmVyIChvcHRp b25hbCkuIg0KDQo/ICAoSSBkb24ndCBrbm93IHdoYXQgY2FzaW5nIGlzIGFwcHJvcHJpYXRl IGhlcmUpLg0KDQo+ICsgIChpbWFnZS1uYW1lDQo+ICsgICAoc3RyaW5nKQ0KPiArICAgIkEg bmFtZSBvZiB0aGUgaW1hZ2UgdGhhdCB3aWxsIGJlIHVzZWQuIChOb3RlIHRoYXQgdGhlIGV4 aXN0ZW5jZSBvZiB0aGUgaW1hZ2UNCj4gK2lzIG5vdCBndWFyYW50ZWVkIGJ5IHRoaXMgZGFl bW9uLikiKQ0KPiArICAodm9sdW1lcw0KPiArICAgKGxpc3Qtb2YtcGFpci1vZi1zdHJpbmdz ICcoKSkNCj4gKyAgICJBIGxpc3Qgb2Ygdm9sdW1lIGJpbmRzLiBJbiAoSE9TVF9QQVRIIENP TlRBSU5FUl9QQVRIKSBmb3JtYXQuIikNCg0KYmluZHMgLT4gYmluZGluZ3MgYW5kIEhPU1Rf UEFUSCBDT05UQUlORVJfUEFUSCAtPiAoSE9TVC1QQVRIIA0KQ09OVEFJTkVSLVBBVEgpIHBl ciBTY2hlbWUgY29udmVudGlvbnMuDQoNCj4gKyAgKHBvcnRzDQo+ICsgICAobGlzdC1vZi1w YWlyLW9mLXN0cmluZ3MgJygpKQ0KPiArICAgIkEgbGlzdCBvZiBwb3J0IGJpbmRzLiBJbiAo SE9TVF9QT1JUIENPTlRBSU5FUl9QT1JUKSBvciAoSE9TVF9QT1JUIENPTlRBSU5FUl9QT1JU IE9QVElPTlMpIGZvcm1hdC4NCj4gK0ZvciBleGFtcGxlLCBib3RoIHBvcnQgYmluZGluZ3Mg YXJlIHZhbGlkOg0KPiArDQo+ICtAbGlzcA0KPiArKHBvcnRzICcoKFwiMjIyMlwiIFwiMjJc IikgKFwiMjFcIiBcIjIxXCIgXCJ0Y3BcIikpKQ0KPiArQGVuZCBsaXNwIg0KDQoqIGJpbmRz IC0+IGJpbmRpbmdzDQoNCj4gKyAgIChlbnZpcm9ubWVudHMNCj4gKyAgICAobGlzdC1vZi1w YWlyLW9mLXN0cmluZ3MgJygpKQ0KPiArICAgICJBIGxpc3Qgb2YgdmFyaWFibGUgYmluZHMs IGluc2lkZSB0aGUgY29udGFpbmVyIGVudmlvcm5tZW50LiBJbiAoVkFSSUFCTEUgVkFMVUUp IGZvcm1hdC4iKSkNCg0KJ2Vudmlvcm5tZW50JyAtPiAnZW52aXJvbm1lbnQnLCAndmFyaWFi bGUgYmluZHMnIC0+ICdlbnZpcm9ubWVudCANCnZhcmlhYmxlcycsICcuIEluJyAtPiAnLCBp bicuDQoNCj4gKyAgKG5ldHdvcmsNCj4gKyAgIChzdHJpbmcgIm5vbmUiKQ0KPiArICAgIk5l dHdvcmsgdHlwZS4iKQ0KDQpDYW4gdGhlIGF2YWlsYWJsZSBuZXR3b3JrIHR5cGVzIGJlIGxp c3RlZCBvciBhIHJlZmVyZW5jZSB0byB0aGUgRG9ja2VyIA0KZG9jdW1lbnRhdGlvbiBiZSBh ZGRlZCwgdG8gaGVscCB1c2VycyB3aXRoIGRldGVybWluaW5nIHdoYXQgdG8gc2V0IGl0IHRv Pw0KDQo+ICsgIChhZGRpdGlvbmFsLWFyZ3VtZW50cw0KPiArICAgKGxpc3Qtb2Ytc3RyaW5n cyAnKCkpDQo+ICsgICAiQWRkaXRpb25hbCBhcmd1bWVudHMgdG8gdGhlIGRvY2tlciBjb21t YW5kIGxpbmUgaW50ZXJmYWNlLiIpDQo+ICsgIChjb250YWluZXItY29tbWFuZA0KPiArICAg KGxpc3Qtb2Ytc3RyaW5ncyAnKCkpDQo+ICsgICAiQ29tbWFuZCB0byBzZW5kIGludG8gdGhl IGNvbnRhaW5lci4iKQ0KPiArICAoYXR0YWNoZWQ/DQo+ICsgICAoYm9vbGVhbiAjdCkNCj4g KyAgICJSdW4gdGhlIGNvbnRhaW5lciBhcyBhbiBub3JtYWwgYXR0YWNoZWQgcHJvY2VzcyAo c2VuZGluZyBTSUdURVJNKS4NCj4gK09yIHJ1biB0aGUgY29udGFpbmVyIGFzIGEgaXNvbGF0 ZWQgZW52aXJvbm1lbnQgdGhhdCBtdXN0IGJlIHN0b3BwZWQgd2l0aCBAY29kZXtkb2NrZXIg c3RvcH0uDQo+ICsNCj4gK1BsZWFzZSB2ZXJpZnkgZmlyc3QsIHRoYXQgeW91IGNvbnRhaW5l ciBpcyBpbmRlZWQgbm90IGF0dGFjaGVkLCBvdGhlcndpc2UgQGNvZGV7c2hlcGhlcmR9IG1p Z2h0DQo+ICthc3N1bWUgdGhlIHByb2Nlc3MgaXMgZGVhZCwgZXZlbiB3aGVuIGl0IGlzIG5v dC4NCj4gKw0KPiArWW91IGNhbiBkbyB0aGF0LCBieSBmaXJzdCBydW5uaW5nIHlvdXIgY29u dGFpbmVyIHdpdGggQGNvZGV7ZG9ja2VyIHJ1biBpbWFnZS1uYW1lfS4NCj4gKw0KPiArVGhl biBjaGVjayBAY29kZXtkb2NrZXIgcHN9LCBpZiB0aGUgY29tbWFuZCBzaG93cyBiZXNpZGUg eW91ciBjb250YWluZXIgdGhlIHdvcmQgQGNvZGV7cnVubmluZ30uDQo+ICtZb3VyIGNvbnRh aW5lciBpcyBpbmRlZWQgZGV0YWNoZWQsIGJ1dCBpZiBpdCBzaG93cyBAY29kZXtzdGFydGlu Z30sIGFuZCBpdCBkb2Vzbid0IGZsaXAgdG8NCj4gK0Bjb2Rle3J1bm5pbmd9IGFmdGVyIGEg d2hpbGUsIGl0IG1lYW5zIHRoYXQgeW91IGNvbnRhaW5lciBpcyBhdHRhY2hlZCwgYW5kIHlv dSBuZWVkIHRvIGtlZXAgdGhpcw0KPiArb3B0aW9uIHR1cm5lZCBAY29kZXsjdH0uIikpDQo+ ICsNCj4gKyhkZWZpbmUgKHNlcmlhbGl6ZS12b2x1bWVzIGNvbmZpZykNCj4gKyAgIlNlcmlh bGl6ZSBsaXN0IG9mIHBhaXJzIGludG8gZmxhdCBsaXN0IG9mIEBjb2RleyhcIi12XCIgXCJI T1NUX1BBVEg6Q09OVEFJTkVSX1BBVEhcIiAuLi4pfSINCj4gKyAgKGFwcGVuZC1tYXANCj4g KyAgIChsYW1iZGEgKHZvbHVtZS1iaW5kKQ0KPiArICAgICAobGlzdCAiLXYiIChmb3JtYXQg I2YgIn4/IiAifmE6fmEiIHZvbHVtZS1iaW5kKSkpDQo+ICsgICAoZG9ja2VyLWNvbnRhaW5l ci1jb25maWd1cmF0aW9uLXZvbHVtZXMgY29uZmlnKSkpDQoNClNlZSBmb2xsb3dpbmcgYWJv dXQgcGFpcnMgYW5kIHNpbXBsaWZpY2F0aW9uLg0KDQo+ICsNCj4gKyhkZWZpbmUgKHNlcmlh bGl6ZS1wb3J0cyBjb25maWcpDQo+ICsgICJTZXJpYWxpemUgbGlzdCBvZiBlaXRoZXIgcGFp cnMsIG9yIGxpc3RzIGludG8gZmxhdCBsaXN0IG9mDQo+ICtAY29kZXsoXCItcFwiIFwiTlVN QkVSOk5VTUJFUlwiIFwiLXBcIiBcIk5VTUJFUjpOVU1CRVIvUFJPVE9DT0xcIiAuLi4pfSIN Cj4gKyAgKGFwcGVuZC1tYXANCj4gKyAgIChsYW1iZGEgKHBvcnQtYmluZCkNCj4gKyAgICAg KGxpc3QgIi1wIiAoZm9ybWF0ICNmICJ+PyIgIn5hOn5hfl4vfmEiIHBvcnQtYmluZCkpKQ0K PiArICAgKGRvY2tlci1jb250YWluZXItY29uZmlndXJhdGlvbi1wb3J0cyBjb25maWcpKSkN Cg0KU2VlIGZvbGxvd2luZyBhYm91dCBwYWlycyBhbmQgc2ltcGxpZmljYXRpb24uDQoNCj4g Kw0KPiArKGRlZmluZSAoc2VyaWFsaXplZC1lbnZpcm9ubWVudHMgY29uZmlnKQ0KPiArICAi U2VyaWFsaXplIGxpc3Qgb2YgcGFpcnMgaW50byBmbGF0IGxpc3Qgb2YgQGNvZGV7KFwiLWVc IiBcIlZBUj12YWxcIiBcIi1lXCIgXCJWQVI9dmFsXCIgLi4uKX0uIg0KPiArICAoYXBwZW5k LW1hcA0KPiArICAgKGxhbWJkYSAoZW52LWJpbmQpDQo+ICsgICAgIChsaXN0ICItZSIgKGZv cm1hdCAjZiAifj8iICJ+YT1+YSIgZW52LWJpbmQpKSkNCj4gKyAgIChkb2NrZXItY29udGFp bmVyLWNvbmZpZ3VyYXRpb24tZW52aXJvbm1lbnRzIGNvbmZpZykpKQ0KDQpJIHRyaWVkIHRo aXMgb3V0IGluIGEgUkVQTCwgYnV0IGZvdW5kIHRoYXQgaXQgZG9lc24ndCBhY2NlcHQgcGFp cnMgYnV0IA0KMi1lbGVtZW50IGxpc3RzOg0KDQpzY2hlbWVAKGd1aWxlLXVzZXIpPiAoZm9y bWF0ICNmICJ+PyIgIn5hPX5hIiAnKCJ4IiAuICJ5IikpDQppY2UtOS9ib290LTkuc2NtOjE2 ODU6MTY6IEluIHByb2NlZHVyZSByYWlzZS1leGNlcHRpb246DQpJbiBwcm9jZWR1cmUgbGVu Z3RoOiBXcm9uZyB0eXBlIGFyZ3VtZW50IGluIHBvc2l0aW9uIDE6ICgieCIgLiAieSIpDQoN CkVudGVyaW5nIGEgbmV3IHByb21wdC4gIFR5cGUgYCxidCcgZm9yIGEgYmFja3RyYWNlIG9y IGAscScgdG8gY29udGludWUuDQpzY2hlbWVAKGd1aWxlLXVzZXIpIFsxXT4gLHENCnNjaGVt ZUAoZ3VpbGUtdXNlcik+IChmb3JtYXQgI2YgIn4/IiAifmE9fmEiICcoIngiICJ5IikpDQok MSA9ICJ4PXkiDQoNCkFsc28sIHRoZSAnZm9ybWF0JyBjYW4gYmUgc2ltcGxpZmllZDoNCg0K KGFwcGx5IGZvcm1hdCAjZiAifmE9fmEiIGVudi1iaW5kKQ0KDQoNCj4gKw0KPiArKGRlZmlu ZSAoZG9ja2VyLWNvbnRhaW5lci1zdGFydHVwLXNjcmlwdCBkb2NrZXItY2xpIGNvbnRhaW5l ci1uYW1lIGNvbmZpZykNCj4gKyAgIlJldHVybiBhIHByb2dyYW0gZmlsZSwgdGhhdCBleGVj dXRlcyB0aGUgc3RhcnR1cCBzZXF1ZW5jZSBvZiB0aGUgQGNvZGV7ZG9ja2VyLWNvbnRhaW5l ci1zaGVwaGVyZC1zZXJ2aWNlfS4iDQo+ICsgIChsZXQqICgoYXR0YWNoZWQ/IChkb2NrZXIt Y29udGFpbmVyLWNvbmZpZ3VyYXRpb24tYXR0YWNoZWQ/IGNvbmZpZykpDQo+ICsgICAgICAg ICAoaW1hZ2UtbmFtZSAoZG9ja2VyLWNvbnRhaW5lci1jb25maWd1cmF0aW9uLWltYWdlIGNv bmZpZykpDQo+ICsgICAgICAgICAodm9sdW1lcyAoc2VyaWFsaXplLXZvbHVtZXMgY29uZmln KSkNCj4gKyAgICAgICAgIChwb3J0cyAoc2VyaWFsaXplLXBvcnRzIGNvbmZpZykpDQo+ICsg ICAgICAgICAoZW52cyAoc2VyaWFsaXplLWVudmlyb25tZW50cyBjb25maWcpKQ0KPiArICAg ICAgICAgKG5ldHdvcmsgKGRvY2tlci1jb250YWluZXItY29uZmlndXJhdGlvbi1uZXR3b3Jr IGNvbmZpZykpDQo+ICsgICAgICAgICAoYWRkaXRpb25hbC1hcmd1bWVudHMgKGRvY2tlci1j b250YWluZXItY29uZmlndXJhdGlvbi1hZGRpdGlvbmFsLWFyZ3VtZW50cyBjb25maWcpKQ0K PiArICAgICAgICAgKGNvbnRhaW5lci1jb21tYW5kIChkb2NrZXItY29udGFpbmVyLWNvbmZp Z3VyYXRpb24tY29udGFpbmVyLWNvbW1hbmQgY29uZmlnKSkpDQo+ICsgICAgKHByb2dyYW0t ZmlsZQ0KPiArICAgICAoc3RyaW5nLWFwcGVuZCAic3RhcnQtIiBjb250YWluZXItbmFtZSAi LWNvbnRhaW5lciIpDQo+ICsgICAgICN+KGxldCAoKGRvY2tlciAoc3RyaW5nLWFwcGVuZCAj JGRvY2tlci1jbGkgIi9iaW4vZG9ja2VyIikpKQ0KPiArICAgICAgICAgKHN5c3RlbSogZG9j a2VyICJzdG9wIiAjJGNvbnRhaW5lci1uYW1lKQ0KPiArICAgICAgICAgKHN5c3RlbSogZG9j a2VyICJybSIgIyRjb250YWluZXItbmFtZSkgPiArICAgICAgICAgKGFwcGx5IHN5c3RlbSog YCgsZG9ja2VyDQo+ICsgICAgICAgICAgICAgICAgICAgICAgICAgICJydW4iDQo+ICsgICAg ICAgICAgICAgICAgICAgICAgICAgICwoc3RyaW5nLWFwcGVuZCAiLS1uYW1lPSIgIyRjb250 YWluZXItbmFtZSkNCj4gKyAgICAgICAgICAgICAgICAgICAgICAgICAgOzsgQXV0b21hdGlj YWxseSByZW1vdmUgdGhlIGNvbnRhaW5lciB3aGVuIHN0b3BwaW5nDQo+ICsgICAgICAgICAg ICAgICAgICAgICAgICAgIDs7IElmIHlvdSB3YW50IHBlcnNpc3RlbnQgZGF0YSwgeW91IG5l ZWQgdG8gdXNlDQo+ICsgICAgICAgICAgICAgICAgICAgICAgICAgIDs7IHZvbHVtZSBiaW5k cyBvciBvdGhlciBtZXRob2RzLg0KPiArICAgICAgICAgICAgICAgICAgICAgICAgICAiLS1y bSINCj4gKyAgICAgICAgICAgICAgICAgICAgICAgICAgLChzdHJpbmctYXBwZW5kICItLW5l dHdvcms9IiAjJG5ldHdvcmspDQo+ICsgICAgICAgICAgICAgICAgICAgICAgICAgIDs7IFRP RE86DQo+ICsgICAgICAgICAgICAgICAgICAgICAgICAgIDs7IFdyaXRlIHRvIGEgY2lkIGZp bGUgdGhlIGNvbnRhaW5lciBpZCwgdGhpcyBhbGxvd3MNCj4gKyAgICAgICAgICAgICAgICAg ICAgICAgICAgOzsgZm9yIHNoZXBoZXJkIHRvIG1hbmFnZSBjb250YWluZXIgZXZlbiB3aGVu IHRoZSBwcm9jZXNzDQo+ICsgICAgICAgICAgICAgICAgICAgICAgICAgIDs7IGl0c2VsZiBn ZXRzIGRldGFjaGVkIGZyb20gdGhlIGNvbnRhaW5lcg0KPiArICAgICAgICAgICAgICAgICAg ICAgICAgICAsQChpZiAobm90ICMkYXR0YWNoZWQpICcoIi0tY2lkZmlsZSIgIyRjaWQtZmls ZSkgJygpKQ0KPiArICAgICAgICAgICAgICAgICAgICAgICAgICAjJEB2b2x1bWVzDQo+ICsg ICAgICAgICAgICAgICAgICAgICAgICAgICMkQHBvcnRzDQo+ICsgICAgICAgICAgICAgICAg ICAgICAgICAgICMkQGVudnMNCj4gKyAgICAgICAgICAgICAgICAgICAgICAgICAgIyRAYWRk aXRpb25hbC1hcmd1bWVudHMNCj4gKyAgICAgICAgICAgICAgICAgICAgICAgICAgLCMkaW1h Z2UtbmFtZQ0KPiArICAgICAgICAgICAgICAgICAgICAgICAgICAjJEBjb250YWluZXItY29t bWFuZCkpKSkpKQ0KDQonc3lzdGVtKicgY2FuIGZhaWwsIHdoaWNoIGl0IGRvZXMgYnkgcmV0 dXJuaW5nIHNvbWUgbnVtYmVyIChhbmQgbm90IGJ5IA0KYW4gZXhjZXB0aW9uKS4gIEkgcmVj b21tZW5kIHVzaW5nICdpbnZva2UnIGZyb20gKGd1aXggYnVpbGQgdXRpbHMpIA0KKHdoaWNo IHVzZXMgZXhjZXB0aW9ucykgaW5zdGVhZDsgeW91IG1heSBuZWVkIHVzZS1tb2R1bGVzICsg DQp3aXRoLWltcG9ydGVkLW1vZHVsZXMgdG8gdXNlIHRoYXQgbW9kdWxlLg0KDQoNCj4gKw0K PiArKGRlZmluZSAoZG9ja2VyLWNvbnRhaW5lci1zaGVwaGVyZC1zZXJ2aWNlIGRvY2tlci1j bGkgY29uZmlnKQ0KPiArICAiUmV0dXJuIGEgc2hlcGhlcmQtc2VydmljZSB0aGF0IHJ1bnMg Q09OVEFJTkVSLiINCj4gKyAgKGxldCogKChjb250YWluZXItbmFtZSAoc3ltYm9sLT5zdHJp bmcgKGRvY2tlci1jb250YWluZXItY29uZmlndXJhdGlvbi1uYW1lIGNvbmZpZykpKQ0KPiAr ICAgICAgICAgKGNpZC1maWxlIChzdHJpbmctYXBwZW5kICIvdmFyL3J1bi9kb2NrZXIvIiBj b250YWluZXItbmFtZSAiLnBpZCIpKQ0KDQpUaGlzIHNvdW5kcyBsaWtlICIuIiwgIi4uIiBh bmQgYW55dGhpbmcgY29udGFpbmluZyBhICIvIiBvciAiXHgwMCIgd291bGQgDQpiZSBpbnZh bGlkIGNvbnRhaW5lciBuYW1lcywgSSByZWNvbW1lbmQgcmVmaW5pbmcgdGhlIHR5cGUgY2hl Y2sgZm9yIA0KJ2NvbnRhaW5lci1uYW1lJyBhIGxpdHRsZS4gIEl0IGFsc28gbG9va3MgbGlr ZSBjb250YWluZXIgbmFtZXMgbXVzdCBiZSANCnVuaXF1ZSB3aXRoaW4gYSBzeXN0ZW0sIHRo YXQgc291bmRzIGxpa2Ugc29tZXRoaW5nIHRvIG1lbnRpb24gaW4gaXRzIA0KZG9jc3RyaW5n IHRvIG1lLg0KDQo+ICsgICAgICAgICAoYXR0YWNoZWQ/IChkb2NrZXItY29udGFpbmVyLWNv bmZpZ3VyYXRpb24tYXR0YWNoZWQ/IGNvbmZpZykpKQ0KPiArICAgIChzaGVwaGVyZC1zZXJ2 aWNlDQo+ICsgICAgIChwcm92aXNpb24gKGxpc3QgKGRvY2tlci1jb250YWluZXItY29uZmln dXJhdGlvbi1uYW1lIGNvbmZpZykpKQ0KPiArICAgICAocmVxdWlyZW1lbnQgYChkb2NrZXJk KSkNCj4gKyAgICAgKHN0YXJ0ICN+KG1ha2UtZm9ya2V4ZWMtY29uc3RydWN0b3INCj4gKyAg ICAgICAgICAgICAgIChsaXN0ICMkKGRvY2tlci1jb250YWluZXItc3RhcnR1cC1zY3JpcHQg ZG9ja2VyLWNsaSBjb250YWluZXItbmFtZSBjb25maWcpKQ0KPiArICAgICAgICAgICAgICAg OzsgV2F0Y2ggdGhlIGNpZC1maWxlIGluc3RlYWQgb2YgdGhlIGRvY2tlciBydW4gY29tbWFu ZCwgYXMgdGhlIGRhZW1vbiBjYW4NCj4gKyAgICAgICAgICAgICAgIDs7IHN0aWxsIGJlIHJ1 bm5pbmcgZXZlbiB3aGVuIHRoZSBjb21tYW5kIHRlcm1pbmF0ZXMNCj4gKyAgICAgICAgICAg ICAgIChpZiAobm90ICMkYXR0YWNoZWQ/KQ0KPiArICAgICAgICAgICAgICAgICAgICM6cGlk LWZpbGUgIyRjaWQtZmlsZSkpKQ0KDQpJIGRvbid0IHRoaW5rIHRoaXMgZG9lcyB3aGF0IHlv dSB3YW50IGl0IHRvIGRvIC0tIHdoZW4gYXR0YWNoZWQsIGl0IHdpbGwgDQpldmFsdWF0ZSB0 byAjJGNpZC1maWxlLCB3aGVuIG5vdCwgaXQgd2lsbCBldmFsdWF0ZSB0byAjOnBpZC1mbGls ZS4NCg0KVHJ5IGFwcGx5K2xpc3QgaW5zdGVhZDoNCg0KKGFwcGx5DQogICBtYWtlLWZvcmtl eGVjLWNvbnN0cnVjdG9yDQogICAobGlzdCAuLi4pDQogICAjJChpZiAkYXR0YWNoZWQNCiAg ICAgICAgICN+KCkNCiAgICAgICAgICN+KGxpc3QgIzpwaWQtZmlsZSAjJGNpZC1maWxlKSkp DQoNCihDaGFuZ2luZyB0aGUgc3RhZ2luZyBpcyBub3QgcmVxdWlyZWQsIHRob3VnaCBteXNl bGYgSSBwcmVmZXIgaXQgdGhpcyB3YXkuKQ0KDQpJIHJlY29tbWVuZCB3cml0aW5nIGEgc3lz dGVtIHRlc3QgKGluIGdudS90ZXN0cy9kb2NrZXIuc2NtKSwgdG8gcHJldmVudCANCnN1Y2gg cHJvYmxlbXMsIHRob3VnaCBJIGRvbid0IGtub3cgaG93IGZlYXNpYmxlIGl0IHdvdWxkIGJl Lg0KDQo+ICsgICAgIChzdG9wIChpZiAjJGF0dGFjaGVkPw0KPiArICAgICAgICAgICAgICAg I34obWFrZS1raWxsLWRlc3RydWN0b3IpDQo+ICsgICAgICAgICAgICAgICAjfihsYW1iZGEg Xw0KPiArICAgICAgICAgICAgICAgICAgIChleGVjLWNvbW1hbmQgKGxpc3QNCj4gKyAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAoc3RyaW5nLWFwcGVuZCAjJGRvY2tlci1j bGkgIi9iaW4vZG9ja2VyIikNCj4gKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAic3RvcCIgIyRjb250YWluZXItbmFtZSkpDQo+ICsgICAgICAgICAgICAgICAgICAgI2Yp KSkpKSkNCg0KTm90IHZlcnkgZmFtaWxpYXIgd2l0aCBob3cgU2hlcGhlcmQgd29ya3MgaGVy ZSwgYnV0IEkgdGhpbmsgdGhhdCB0aGUgDQoncmV0dXJuICNmYWxzZScgZHNlc2VydmVzIGEg Y29tbWFuZC4NCg0KQWxzbywgb24gKHN0cmluZy1hcHBlbmQgIyRkb2NrZXItY2xpICIvYmlu L2RvY2tlciIpOiB3ZSBoYXZlDQojJChmaWxlLWFwcGVuZCBkb2NrZXItY2xpICIvYmluL2Rv Y2tlciIpIGZvciB0aGF0LCB0aG91Z2ggaW4gdGhpcyBjYXNlIA0KaXQgZG9lc24ndCBtYXR0 ZXIgKGZvciB1c2VzIGluc2lkZSAncXVvdGUnLCBpdCBkb2VzLCBidXQgaGVyZSwgbm90IHJl YWxseSkuDQoNCkdyZWV0aW5ncywNCk1heGltZS4NCg== --------------Uop0srNDnw720NWSCTaIOq8W Content-Type: application/pgp-keys; name="OpenPGP_0x49E3EE22191725EE.asc" Content-Disposition: attachment; filename="OpenPGP_0x49E3EE22191725EE.asc" Content-Description: OpenPGP public key Content-Transfer-Encoding: quoted-printable -----BEGIN PGP PUBLIC KEY BLOCK----- xjMEX4ch6BYJKwYBBAHaRw8BAQdANPb/d6MrGnGi5HyvODCkBUJPRjiFQcRU5V+m xvMaAa/NL01heGltZSBEZXZvcyA8bWF4aW1lLmRldm9zQHN0dWRlbnQua3VsZXV2 ZW4uYmU+wpAEExYIADgWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCX4ch6AIbAwUL CQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRBJ4+4iGRcl7japAQC3opZ2KGWzWmRc /gIWSu0AAcfMwyinFEEPa/QhUt2CogD/e2RdF4CYAgaRHJJmZ9WU7piKbLZ7llB4 LzgezVDHggzNJU1heGltZSBEZXZvcyA8bWF4aW1lZGV2b3NAdGVsZW5ldC5iZT7C kAQTFggAOBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJf56ycAhsDBQsJCAcDBRUK CQgLBRYCAwEAAh4BAheAAAoJEEnj7iIZFyXujpQBAKV1SwDDl4f24rXciDlB9L8W ycZt30CgbewMSRQk4mvbAP9dFMbVVixYBd6C8cfhR+NsOBGiOJnQABlUmgNuqGFJ Dc44BF+HIegSCisGAQQBl1UBBQEBB0BOlzIWiJzgobMF6/cqwLaLk7jIcFSZ++c0 k9cCNT6YXwMBCAfCeAQYFggAIBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJfhyHo AhsMAAoJEEnj7iIZFyXuMr0BAJc8cl5PGvVmVuSQVKjleNl4DK1/XAaPAYPe34AE fZJPAP9IqLCQhH/FeJanHqBP8gNdGNI2qn8RnnLVfRJgUjZ1BA=3D=3D =3DOVqp -----END PGP PUBLIC KEY BLOCK----- --------------Uop0srNDnw720NWSCTaIOq8W-- --------------cWvhmhlwM8vYzhvCwxcOYDXd-- --------------MkhQdqx650Vxa0JLe6dYfSvF Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wnsEABYIACMWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYzXknwUDAAAAAAAKCRBJ4+4iGRcl7jTQ APsFykmO2S637Lr1xb3NYFQ1wWg+2mZaXQj1C/NFyAVJ0gEAiQMRlZrdgaFAj0LkDVKcMWoRa/dQ tsJEFAoNlxJKiQ0= =AwYa -----END PGP SIGNATURE----- --------------MkhQdqx650Vxa0JLe6dYfSvF--
guix-patches@HIDDEN
:bug#58123
; Package guix-patches
.
Full text available.Received: (at submit) by debbugs.gnu.org; 27 Sep 2022 19:18:26 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Tue Sep 27 15:18:26 2022 Received: from localhost ([127.0.0.1]:56834 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1odG65-0004Mb-S3 for submit <at> debbugs.gnu.org; Tue, 27 Sep 2022 15:18:26 -0400 Received: from lists.gnu.org ([209.51.188.17]:51306) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <maya.tomasek@HIDDEN>) id 1odEn2-0002DH-Az for submit <at> debbugs.gnu.org; Tue, 27 Sep 2022 13:54:41 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:39160) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <maya.tomasek@HIDDEN>) id 1odEn2-0000yu-57 for guix-patches@HIDDEN; Tue, 27 Sep 2022 13:54:40 -0400 Received: from knopi.disroot.org ([178.21.23.139]:47034) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <maya.tomasek@HIDDEN>) id 1odEmz-0005Nc-62 for guix-patches@HIDDEN; Tue, 27 Sep 2022 13:54:39 -0400 Received: from localhost (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id 831584C38F for <guix-patches@HIDDEN>; Tue, 27 Sep 2022 19:54:10 +0200 (CEST) X-Virus-Scanned: SPAM Filter at disroot.org Received: from knopi.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VjWtnDYMMhev for <guix-patches@HIDDEN>; Tue, 27 Sep 2022 19:54:09 +0200 (CEST) From: =?utf-8?B?TcOhamEgVG9tw6HFoWVr?= <maya.tomasek@HIDDEN> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1664301248; bh=KsnGyHiu2wE5h/5N+3HziBpCVGhsZHHOvBe14pPFf9M=; h=From:To:Subject:Date; b=EQ7mUb6J7Pt/mnWpKG4gRIecfhcGIfiS5C0Ct5i86pR6TWD0Mcrwa395O9CYULepw Qn7qcVL3ZwsaNwrhVHg1C8J/ow4zEzRXRfP/k7jk8EsGpLDfVBMjSuYD3IEVzS4T10 aWjvwN5xXDTLTKC0lTHENvA08BzUIqr1NTvnPM121Hycf5in4kgTilMx8y/7VtDHhC a+w+XBQuRS1SJVFCCu2VmWZ7Fk2051UwT/eDyjwEQ2y4DxxClkDZpy5IjryOg0Y6d3 h0791xOGxMn6n4YhJTXTpeUfAFsKrOuPCjplkdZ3PIc6Fzn+JbXswKLvS5KH3xdHcM irz7ntTyZKJ/g== To: guix-patches@HIDDEN Subject: [PATCH] gnu: services: docker: Add docker-container-service-type Date: Tue, 27 Sep 2022 19:16:32 +0200 Message-ID: <87r0zwr9dv.fsf@HIDDEN> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=178.21.23.139; envelope-from=maya.tomasek@HIDDEN; helo=knopi.disroot.org X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.4 (-) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Tue, 27 Sep 2022 15:18:23 -0400 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.4 (--) This patch provides a new service type, which allows the creation of shephe= rd services from docker containers. --- Hi, I have written a definition of the docker-container-service-type. It is a service that allows you to convert docker containers into shepherd services. It has some limitations: 1. Containers are deleted when stopping. This makes it easier to manage them from shepherd. You can achieve persistence with volume binds. =20=20=20 2. Containers must be either attached or detached. Some containers simply run a command inside the container, and when run with docker run, they stay attached and the docker run command therefore behaves like a normal command. However, some containers use docker's "init system", that means that they won't block the docker run command. Sadly attached containers don't properly report that they are initialized, so to docker they are in the "starting" state until termination. This means that docker doesn't create a cid file (pid file for containers). To sum it up, there is no way to tell how will the container report it's state, and this process must be specified by the user, if the container runs attached or detached. 3. Images are not managed. Docker does manage images in a really stupid way. My original idea was to have a file-like object to define an image (from an image archive), but sadly it has been more complex than I initially thought. Docker uses 2 versions of archive manifests, and each archive can have multiple images, depending on the architecture. And those images can be composed from layers, which are also images. The daemon determines ad-hoc which images from the archive it will use, and there is no official tool (at leats when I looked for it) to get image ids reliably. As the docker load command can return multiple images. I will expand on the process on how the images could be used in a managed way, but I have to say something to the current interface. It works by expecting an image by name from the image-name field. That means that docker must already have the image in its database. There is currently no way to ensure that images will be in docker database before running shepherd services, but I expect they should simply fail to start. There is currently no documentation outside of docstrings, I plan to write it, but first I would welcome comments from you, maybe this service isn't suitable for guix, as it does imply breaking of the declarative guix model, but that goes for docker and flatpak too, so I thought I can try it. Now finally to images. The idea is that all images belonging to a docker-container-configuration are tagged (via docker tag) with the name o the docker-container-configuration-name (as this is unique). The activation service would get the propper image-id (which is not easy to get from the manifest, but with some json parsing, it can be done). Then it would load the image into the docker database with docker load, and tag the new image with the docker-configuration-name tag. This would automatically update the image from which the container is running without having to modify the shepherd service. Sadly docker does not allow for containers to be ran directly from the image archive and this is the most straightforward workaround I could think of. I hope this patch finds you in good mood, Maya PS. I found out that the original docker-service-type wasn't indent-region. And it got snuck into the patch, I hope this will still be a valid patch. gnu/services/docker.scm | 289 +++++++++++++++++++++++++++++++++------- 1 file changed, 242 insertions(+), 47 deletions(-) diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm index 741bab5a8c..b05804aa16 100644 --- a/gnu/services/docker.scm +++ b/gnu/services/docker.scm @@ -5,6 +5,7 @@ ;;; Copyright =C2=A9 2020 Efraim Flashner <efraim@HIDDEN> ;;; Copyright =C2=A9 2020 Jesse Dowell <jessedowell@HIDDEN> ;;; Copyright =C2=A9 2021 Brice Waegeneire <brice@HIDDEN> +;;; Copyright =C2=A9 2022 Maya Tomasek <maya.omase@HIDDEN> ;;; ;;; This file is part of GNU Guix. ;;; @@ -37,6 +38,8 @@ (define-module (gnu services docker) =20 #:export (docker-configuration docker-service-type + docker-container-configuration + docker-container-service-type singularity-service-type)) =20 (define-configuration docker-configuration @@ -164,6 +167,198 @@ (define docker-service-type (const %docker-accounts)))) (default-value (docker-configuration)))) =20 +(define (pair-of-strings? val) + (and (pair val) + (string? (car val)) + (string? (cdr val)))) + +(define (list-of-pair-of-strings? val) + (list-of pair-of-strings?)) + +(define-configuration/no-serialization docker-container-configuration + (name + (symbol '()) + "Name of the docker container. Will be used to denote service to Shephe= rd and must be unique! +We recommend, that the name of the container is prefixed with @code{docker= -}.") + (comment + (string "") + "A documentation on the docker container.") + (image-name + (string) + "A name of the image that will be used. (Note that the existence of the= image +is not guaranteed by this daemon.)") + (volumes + (list-of-pair-of-strings '()) + "A list of volume binds. In (HOST_PATH CONTAINER_PATH) format.") + (ports + (list-of-pair-of-strings '()) + "A list of port binds. In (HOST_PORT CONTAINER_PORT) or (HOST_PORT CONT= AINER_PORT OPTIONS) format. +For example, both port bindings are valid: + +@lisp +(ports '((\"2222\" \"22\") (\"21\" \"21\" \"tcp\"))) +@end lisp" + (environments + (list-of-pair-of-strings '()) + "A list of variable binds, inside the container enviornment. In (VARIA= BLE VALUE) format.")) + (network + (string "none") + "Network type.") + (additional-arguments + (list-of-strings '()) + "Additional arguments to the docker command line interface.") + (container-command + (list-of-strings '()) + "Command to send into the container.") + (attached? + (boolean #t) + "Run the container as an normal attached process (sending SIGTERM). +Or run the container as a isolated environment that must be stopped with @= code{docker stop}. + +Please verify first, that you container is indeed not attached, otherwise = @code{shepherd} might +assume the process is dead, even when it is not. + +You can do that, by first running your container with @code{docker run ima= ge-name}. + +Then check @code{docker ps}, if the command shows beside your container th= e word @code{running}. +Your container is indeed detached, but if it shows @code{starting}, and it= doesn't flip to +@code{running} after a while, it means that you container is attached, and= you need to keep this +option turned @code{#t}.")) + +(define (serialize-volumes config) + "Serialize list of pairs into flat list of @code{(\"-v\" \"HOST_PATH:CON= TAINER_PATH\" ...)}" + (append-map + (lambda (volume-bind) + (list "-v" (format #f "~?" "~a:~a" volume-bind))) + (docker-container-configuration-volumes config))) + +(define (serialize-ports config) + "Serialize list of either pairs, or lists into flat list of +@code{(\"-p\" \"NUMBER:NUMBER\" \"-p\" \"NUMBER:NUMBER/PROTOCOL\" ...)}" + (append-map + (lambda (port-bind) + (list "-p" (format #f "~?" "~a:~a~^/~a" port-bind))) + (docker-container-configuration-ports config))) + +(define (serialized-environments config) + "Serialize list of pairs into flat list of @code{(\"-e\" \"VAR=3Dval\" \= "-e\" \"VAR=3Dval\" ...)}." + (append-map + (lambda (env-bind) + (list "-e" (format #f "~?" "~a=3D~a" env-bind))) + (docker-container-configuration-environments config))) + +(define (docker-container-startup-script docker-cli container-name config) + "Return a program file, that executes the startup sequence of the @code{= docker-container-shepherd-service}." + (let* ((attached? (docker-container-configuration-attached? config)) + (image-name (docker-container-configuration-image config)) + (volumes (serialize-volumes config)) + (ports (serialize-ports config)) + (envs (serialize-environments config)) + (network (docker-container-configuration-network config)) + (additional-arguments (docker-container-configuration-additional-= arguments config)) + (container-command (docker-container-configuration-container-comm= and config))) + (program-file + (string-append "start-" container-name "-container") + #~(let ((docker (string-append #$docker-cli "/bin/docker"))) + (system* docker "stop" #$container-name) + (system* docker "rm" #$container-name) + (apply system* `(,docker + "run" + ,(string-append "--name=3D" #$container-name) + ;; Automatically remove the container when stopp= ing + ;; If you want persistent data, you need to use + ;; volume binds or other methods. + "--rm" + ,(string-append "--network=3D" #$network) + ;; TODO: + ;; Write to a cid file the container id, this al= lows + ;; for shepherd to manage container even when th= e process + ;; itself gets detached from the container + ,@(if (not #$attached) '("--cidfile" #$cid-file)= '()) + #$@volumes + #$@ports + #$@envs + #$@additional-arguments + ,#$image-name + #$@container-command)))))) + +(define (docker-container-shepherd-service docker-cli config) + "Return a shepherd-service that runs CONTAINER." + (let* ((container-name (symbol->string (docker-container-configuration-n= ame config))) + (cid-file (string-append "/var/run/docker/" container-name ".pid"= )) + (attached? (docker-container-configuration-attached? config))) + (shepherd-service + (provision (list (docker-container-configuration-name config))) + (requirement `(dockerd)) + (start #~(make-forkexec-constructor + (list #$(docker-container-startup-script docker-cli contain= er-name config)) + ;; Watch the cid-file instead of the docker run command, as= the daemon can + ;; still be running even when the command terminates + (if (not #$attached?) + #:pid-file #$cid-file))) + (stop (if #$attached? + #~(make-kill-destructor) + #~(lambda _ + (exec-command (list + (string-append #$docker-cli "/bin/docker= ") + "stop" #$container-name)) + #f)))))) + + +(define (list-of-docker-container-configurations? val) + (list-of docker-container-configuration?)) + +(define-configuration/no-serialization docker-container-service-configurat= ion + (docker-cli + (file-like docker-cli) + "The docker package to use.") + (containers + (list-of-docker-container-configurations '()) + "The docker containers to run.")) + +(define (docker-container-shepherd-services config) + "Return shepherd services for all containers inside config." + (let ((docker-cli (docker-container-service-configuration-docker-cli con= fig))) + (map + (lambda (container) + (docker-container-shepherd-service + docker-cli + container)) + (docker-container-service-configuration-containers config)))) + +(define docker-container-service-type + "This is the type of the service that runs docker containers using GNU S= hepherd. +It allows for declarative management of running containers inside the Guix= System. + +This service can be extended with list of @code{<docker-container-configur= ation>} objects. + +The following is an example @code{docker-container-service-type} configura= tion. + +@lisp +(service docker-container-service-type + (containers (list + (docker-container-configuration + (name 'docker-example) + (comment \"An example docker container configuration\") + (image-name \"example/example:latest\") ;; Note that ima= ges must be provided separately. + (volumes '((\"/mnt\" \"/\") (\"/home/example\" \"/home/u= ser\"))) + (ports '((\"21\" \"21\" \"tcp\") (\"22\" \"22\"))) + (network \"host\"))))) +@end lisp" + (service-type + (name 'docker-container) + (description "Manage docker containers with shepherd.") + (extensions + (list (service-extension shepherd-root-service-type docker-container-s= hepherd-services))) + (compose concatenate) + (extend (lambda (config containers) + (let ((docker-cli (docker-container-service-configuration-doc= ker-cli config)) + (initial-containers (docker-container-service-configura= tion-containers config))) + (docker-container-service-configuration + (docker-cli docker-cli) + (containers (append initial-containers containers)))))) + (default-value (docker-container-service-configuration)))) + ;;; ;;; Singularity. --=20 2.37.3
Mája Tomášek <maya.tomasek@HIDDEN>
:guix-patches@HIDDEN
.
Full text available.guix-patches@HIDDEN
:bug#58123
; Package guix-patches
.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.