Re: `guix pull` over HTTPS

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: `guix pull` over HTTPS

From:	Marius Bakke
Subject:	Re: `guix pull` over HTTPS
Date:	Tue, 28 Feb 2017 21:44:02 +0100
User-agent:	Notmuch/0.23.5 (https://notmuchmail.org) Emacs/25.1.1 (x86_64-unknown-linux-gnu)

>> I want to bundle a 'le-certs' package with GNU Guix, and change `guix
>> pull` to know to use the le-certs bundle when pulling from
>> %snapshot-url. For other URLs, users will have to take care of it
>> themselves. 
>
> This sounds like a better approach. Also, I did not see this email
> before sending the patch! If you package it up, I can look into
> realizing the package in `guix pull` directly.

I gave this a go using "nss-certs", but can't figure out how to set
SSL_CERT_DIR (or GUIX_TLS_CERTIFICATE_DIRECTORY) in `guix pull`. The
naive approach of setting the variable before calling
"download-to-store" does not work because %x509-certificate-directory
has already been evaluated.

I wonder what's the best approach here. Parameterizing this and
propagating it all the way down to (tls-wrap) similar to
#:verify-certificate? could work, but seems awkward. Any suggestions?

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: `guix pull` over HTTPS, (continued)
- Re: `guix pull` over HTTPS, Ludovic Courtès, 2017/02/10
- Re: `guix pull` over HTTPS, Bob Proulx, 2017/02/13

Prev by Date: Re: `guix pull` over HTTPS
Next by Date: Re: `guix pull` over HTTPS
Previous by thread: Re: `guix pull` over HTTPS
Next by thread: Re: `guix pull` over HTTPS
Index(es):
- Date
- Thread