Re: guix shell --container from Shepherd to run a service

Sun, 06 Apr 2025 11:42:14 -0700 


Hello Attila,

>
> (simple-service
>  'home-assistant
>  shepherd-root-service-type
>  (list
>   (shepherd-service
>    (requirement '(file-systems networking guix-daemon))
>    (provision '(home-assistant))
>    (documentation "")
>    ;; TODO herd stop doesn't work. it leaves the process
>    ;; running without any errors.
>    (start
>     #~(lambda _
>         (fork+exec-command
>          (list #$(file-append guix "/bin/guix")
>                "shell"
>                "--manifest=/srv/hass/manifest.scm"
>                "--container"
>                "--emulate-fhs"
>                "--network"
>                "--share=/srv/hass"
>                "--no-cwd"
>                "--expose=/gnu"
>                "--expose=/run/current-system"
>                "--"
>                #$(file-append bash "/bin/bash")
>                "-c" "cd /srv/hass && source bin/activate && 
> LD_LIBRARY_PATH=/lib:/lib64 hass --config=/srv/hass/config")
>          #:log-file "/var/log/home-assistant.log"
>          #:user  '#$(user-account-name  *hass-user*)
>          #:group '#$(user-account-group *hass-user*)
>          #:directory "/srv/hass"
>          #:supplementary-groups
>          '#$(user-account-supplementary-groups *hass-user*)
>          #:environment-variables
>          (list (string-append "HOME=/home/"
>                               #$(user-account-name *hass-user*)))))))))
>
> notice that --expose=/gnu was needed, and possibly 
> --expose=/run/current-system, too, but i didn't double check every change.
>
> this way the `guix shell` call will get the versions from the hass user's 
> pull state; i.e. i can independently decide when to upgrade the guix 
> environment of the hass user and process.

It's hard to judge well without the full source code, but the way you
have it written seems more like that you're using the guix package
declared in the channel rather than the user's guix. (if you weren't, I
wouldn't expect file-append at all, but just something like
"/home/*hass-user*/.config/guix/current/bin/guix"...) Meaning that user's
pull state is irrelevant as the reference to guix is directly to the
store. Also the reference would be to the pinned guix package in guix
channel that you're probably not really using on your system.

But all this is based on some assumptions of the code and how you use
your system, so I totally might be wrong.

Regards,
Rutherther

Reply via email to