Hi all, > > - Is there a way to make `guix-daemon` use a Tor proxy? I have two > > systems using Guix, one is a Guix System, the other is using a foreign > > distro, and I'd like to adjust both to use Tor instead since it's faster. > > I saw that`guix-daemon` respects `http_proxy` and `https_proxy` envvars, but > trying it out on my foreign-distro Guix computer, adding > `https_proxy=socks5h://127.0.0.1:9050 http_proxy=socks5h://127.0.0.1:9050` to > the `systemd` service file doesn't work. > > guix substitute: error: TLS error in procedure 'handshake': The TLS > connection was non-properly terminated. > substitution of /gnu/store/1bdldr80p39g1mjnh76xw6hmwqrrb8lz-wine64-6.0 > failed > guix package: error: some substitutes for the outputs of derivation > `/gnu/store/wr9kf2bgcsvwxcmhnl9lf047nr8xcklc-wine64-6.0.drv' failed (usually > happens due to networking issues); try `--fallback' to build derivation from > source > > > Looking at the foreign distro's syslog: > > Mar 5 19:52:03 developer guix-daemon[145182]: accepted connection from > pid 145190, user raid5atemyhomework > Mar 5 19:52:05 developer guix-daemon[145200]: spurious SIGPOLL > Mar 5 19:52:07 developer Tor[1029]: Socks version 67 not recognized. > (This port is not an HTTP proxy; did you want to use HTTPTunnelPort?) > > > So it looks to me that`guix-daemon` expects `https_proxy` to be an HTTPS > proxy and not a SOCKS5/SOCKS5H proxy. I'll look into Tor's HTTPTunnelPort.
On the foreign distro computer, adding an `HTTPTunnelPort 9080` to `/etc/tor/torrc` and then adding `http_proxy=https://127.0.0.1:9080 https_proxy=https://127.0.0.1:9080` to `guix-daemon.service`, then restarting services, seems to work. ``` ownloading from https://ci.guix.gnu.org/nar/lzip/1bdldr80p39g1mjnh76xw6hmwqrrb8lz-wine64-6.0 ... wine64-6.0 54.4MiB 579KiB/s 01:36 [##################] 100.0% substitute: updating substitutes from 'https://ci.guix.gnu.org'... 100.0% The following derivation will be built: /gnu/store/7mr17xka558smr0c76crf9g727ccj76g-profile.drv 3.2 MB will be downloaded downloading from https://ci.guix.gnu.org/nar/lzip/gs3li4m0ydajm57r0qn1wvsdyfsa68p7-font-gnu-unifont-13.0.06 ... font-gnu-unifont-13.0.06 3.0MiB 515KiB/s 00:06 [##################] 100.0% ``` The above is significantly better than the previous runs where I get 11KiB/s, and matches the speeds I get from `torify wget`. While it's a good ***workaround*** for my problem instead of me silently weeping at the ridiculous slowness of Guix substitutes, it doesn't solve my root problem: * SOMETHING between my ISP and ci.guix.gnu.org is throttling access to the substitutes. * Given that I have been using my ISP for a year without experiencing such spurious slowdowns, and I have been using ci.guix.gnu.org for the past few months only and have been hit with this slowness in the past month or so, I am more inclined to blame ci.guix.gnu.org, but please tell me how I can find out what is throttling the bandwidth here. The fact that Tor is ***FASTER*** is very suspicious. Thanks raid5atemyhomework