Hi Maxim,
On Wed, Oct 29 2025, Maxim Cournoyer wrote:
I'm not sure what services you are using that gives you this bad
experience, but in my experience I can typically start with the
default
config and get something going.
I don't think this is just my experience. I've been a part of
multiple
conversations on IRC where people have asked about how to
construct a
configuration file to include a specific option which Guix doesn't
support. I've even suggested a few hacks to do things like putting
a
field value as "value\nnext_option=value" to write the desired
file.
Many services are fine. Particularly ones that don't require
much/any
configuration (like your "default configuration" examples).
Particular
services where I've had to venture outside of our supported
options:
- knot-service-type, using the includes option to add logging
configuration
- mumble, overwriting the whole thing to add default channel
configuration
- openssh-service-type, to limit the allowed set of algorithms for
some
things
- dovecot-service-type, for metrics reporting via the "stats"
service
It's worth acknowledging that in all of these cases I have been
able to
configure the services the way I want. This is good! However, I
feel bad
about it. I feel like I'm doing things the wrong/unsupported way
(which
is related to the earlier "unusual" comment).
It also makes it harder for me to use configurations that I find
on the
internet or with other tools. As an example, my dovecot
configuration
was constructed by finding and copying the standard Guix
configuration
file and then using examples from the dovecot documentation that
did
what I wanted.
One place where I also use an opaque configuration is the
opensmtpd
service, where I appreciate there is no other option. I provide a
gexp
to the config-file option. Since this is the only way to do it, I
don't
feel bad - I just write the configuration I want (substantially
cobbled
together from examples).
I think this interface/documentation is great! Another plus for
me is
that when using 'define-configuration', there is some type
checking for
your configuration fields, so it's less likely that an error
ends up in
the generated configuration file.
Many services have a way to check that a config file is valid
(like
doveconf, or nginx -t). I'm sure this there are services which
lack this
ability, but I wonder how much safety we can get by running these
checks
during the system build.
Carlo
