A packaging tutorial for Guix
Introduction
GNU Guix stands out as the hackable package manager, mostly because it uses GNU Guile, a powerful high-level programming language, one of the Scheme dialects from the Lisp family.
Package definitions are also written in Scheme, which empowers Guix in some very unique ways, unlike most other package managers that use shell scripts or simple languages.
Use functions, structures, macros and all of Scheme expressiveness for your package definitions.
Inheritance makes it easy to customize a package by inheriting from it and modifying only what is needed.
Batch processing: the whole package collection can be parsed, filtered and processed. Building a headless server with all graphical interfaces stripped out? It's possible. Want to rebuild everything from source using specific compiler optimization flags? Pass the
#:make-flags "..."
argument to the list of packages. It wouldn't be a stretch to think Gentoo USE flags here, but this goes even further: the changes don't have to be thought out beforehand by the packager, they can be programmed by the user!
The following tutorial covers all the basics around package creation with Guix. It does not assume much knowledge of the Guix system nor of the Lisp language. The reader is only expected to be familiar with the command line and to have some basic programming knowledge.
Update: Check out the Cookbook for an up-to-date and translated version of this tutorial!
A "Hello World" package
The “Defining Packages” section of the manual introduces the basics of Guix packaging. In the following section, we will partly go over those basics again.
GNU hello
is a dummy project that serves as an idiomatic example for
packaging. It uses the GNU build system (./configure && make && make install
).
Guix already provides a package definition which is a perfect example to start
with. You can look up its declaration with guix edit hello
from the
command line. Let's see how it looks:
(define-public hello
(package
(name "hello")
(version "2.10")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/hello/hello-" version
".tar.gz"))
(sha256
(base32
"0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i"))))
(build-system gnu-build-system)
(synopsis "Hello, GNU world: An example GNU package")
(description
"GNU Hello prints the message \"Hello, world!\" and then exits. It
serves as an example of standard GNU coding practices. As such, it supports
command-line arguments, multiple languages, and so on.")
(home-page "https://www.gnu.org/software/hello/")
(license gpl3+)))
As you can see, most of it is rather straightforward. But let's review the fields together:
- name: The project name. Using Scheme conventions, we prefer to keep it lower case, without underscore and using dash-separated words.
source: This field contains a description of the source code origin. The
origin
record contains these fields:- The method, here
url-fetch
to download via HTTP/FTP, but other methods exist, such asgit-fetch
for Git repositories. - The URI, which is typically some
https://
location forurl-fetch
. Here the specialmirror://gnu
refers to a set of well known locations, all of which can be used by Guix to fetch the source, should some of them fail. - The
sha256
checksum of the requested file. This is essential to ensure the source is not corrupted. Note that Guix works with base32 strings, hence the call to thebase32
function.
- The method, here
- build-system: This is where the power of abstraction provided by the Scheme
language really shines: in this case, the
gnu-build-system
abstracts away the famous./configure && make && make install
shell invocations. Other build systems include thetrivial-build-system
which does not do anything and requires from the packager to program all the build steps, thepython-build-system
, theemacs-build-system
, and many more. - synopsis: It should be a concise summary of what the package does. For many packages a tagline from the project's home page can be used as the synopsis.
- description: Same as for the synopsis, it's fine to re-use the project description from the homepage. Note that Guix uses Texinfo syntax.
- home-page: Use HTTPS if available.
- license: See
guix/licenses.scm
in the project source for a full list.
Time to build our first package! Nothing fancy here for now: we will stick to a dummy "my-hello", a copy of the above declaration.
As with the ritualistic "Hello World" taught with most programming languages, this will possibly be the most "manual" approach. We will work out an ideal setup later; for now we will go the simplest route.
Save the following to a file my-hello.scm
.
(use-modules (guix packages)
(guix download)
(guix build-system gnu)
(guix licenses))
(package
(name "my-hello")
(version "2.10")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/hello/hello-" version
".tar.gz"))
(sha256
(base32
"0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i"))))
(build-system gnu-build-system)
(synopsis "Hello, Guix world: An example custom Guix package")
(description
"GNU Hello prints the message \"Hello, world!\" and then exits. It
serves as an example of standard GNU coding practices. As such, it supports
command-line arguments, multiple languages, and so on.")
(home-page "https://www.gnu.org/software/hello/")
(license gpl3+))
We will explain the extra code in a moment.
Feel free to play with the different values of the various fields. If you change the source, you'll need to update the checksum. Indeed, Guix refuses to build anything if the given checksum does not match the computed checksum of the source code. To obtain the correct checksum of the package declaration, we need to download the source, compute the sha256 checksum and convert it to base32.
Thankfully, Guix can automate this task for us; all we need is to provide the URI:
$ guix download mirror://gnu/hello/hello-2.10.tar.gz
Starting download of /tmp/guix-file.JLYgL7
From https://ftpmirror.gnu.org/gnu/hello/hello-2.10.tar.gz...
following redirection to `https://mirror.ibcp.fr/pub/gnu/hello/hello-2.10.tar.gz'...
…10.tar.gz 709KiB 2.5MiB/s 00:00 [##################] 100.0%
/gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz
0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i
In this specific case the output tells us which mirror was chosen.
If the result of the above command is not the same as in the above snippet,
update your my-hello
declaration accordingly.
Note that GNU package tarballs come with an OpenPGP signature, so you
should definitely check the signature of this tarball with gpg
to
authenticate it before going further:
$ guix download mirror://gnu/hello/hello-2.10.tar.gz.sig
Starting download of /tmp/guix-file.03tFfb
From https://ftpmirror.gnu.org/gnu/hello/hello-2.10.tar.gz.sig...
following redirection to `https://ftp.igh.cnrs.fr/pub/gnu/hello/hello-2.10.tar.gz.sig'...
….tar.gz.sig 819B 1.2MiB/s 00:00 [##################] 100.0%
/gnu/store/rzs8wba9ka7grrmgcpfyxvs58mly0sx6-hello-2.10.tar.gz.sig
0q0v86n3y38z17rl146gdakw9xc4mcscpk8dscs412j22glrv9jf
$ gpg --verify /gnu/store/rzs8wba9ka7grrmgcpfyxvs58mly0sx6-hello-2.10.tar.gz.sig /gnu/store/hbdalsf5lpf01x4dcknwx6xbn6n5km6k-hello-2.10.tar.gz
gpg: Signature made Sun 16 Nov 2014 01:08:37 PM CET
gpg: using RSA key A9553245FDE9B739
gpg: Good signature from "Sami Kerola <kerolasa@iki.fi>" [unknown]
gpg: aka "Sami Kerola (http://www.iki.fi/kerolasa/) <kerolasa@iki.fi>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 8ED3 96E3 7E38 D471 A005 30D3 A955 3245 FDE9 B739
You can then happily run
$ guix package --install-from-file=my-hello.scm
You should now have my-hello
in your profile!
$ guix package --list-installed=my-hello
my-hello 2.10 out
/gnu/store/f1db2mfm8syb8qvc357c53slbvf1g9m9-my-hello-2.10
We've gone as far as we could without any knowledge of Scheme. Now is the right time to introduce the minimum we need from the language before we can proceed.
A Scheme crash-course
As we've seen above, basic packages don't require much Scheme knowledge, if at all. But as you progress and your desire to write more and more complex packages grows, it will become both necessary and empowering to hone your Lisper skills.
Since an extensive Lisp course is very much out of the scope of this tutorial, we will only cover some basics here.
Update: Check out the Cookbook for an up-to-date and translated version of this introduction to Scheme.
Guix uses the Guile implementation of Scheme. To start playing with the
language, install it with guix package --install guile
and start a REPL by
running guile
from the command line.
Alternatively you can also run guix environment --ad-hoc guile -- guile
if
you'd rather not have Guile installed in your user profile.
In the following examples we use the >
symbol to denote the REPL prompt, that
is, the line reserved for user input. See the Guile manual for more details on
the REPL.
Scheme syntax boils down to a tree of expressions (or s-expression in Lisp lingo). An expression can be a literal such as numbers and strings, or a compound which is a parenthesized list of compounds and literals.
#t
and#f
stand for the booleans "true" and "false", respectively.Examples of valid expressions:
> "Hello World!" "Hello World!" > 17 17 > (display (string-append "Hello " "Guix" "\n")) "Hello Guix!"
This last example is a function call embedded in another function call. When a parenthesized expression is evaluated, the first term is the function and the rest are the arguments passed to the function. Every function returns the last evaluated expression as value.
Anonymous functions are declared with the
lambda
term:> (lambda (x) (* x x)) #<procedure 120e348 at <unknown port>:24:0 (x)>
The above lambda returns the square of its argument. Since everything is an expression, the
lambda
expression returns an anonymous function, which can in turn be applied to an argument:> ((lambda (x) (* x x)) 3) 9
Anything can be assigned a global name with
define
:> (define a 3) > (define square (lambda (x) (* x x))) > (square a) 9
Procedures can be defined more concisely with the following syntax:
(define (square x) (* x x))
A list structure can be created with the
list
procedure:> (list 2 a 5 7) (2 3 5 7)
The quote disables evaluation of a parenthesized expression: the first term is not called over the other terms. Thus it effectively returns a list of terms.
> '(display (string-append "Hello " "Guix" "\n")) (display (string-append "Hello " "Guix" "\n")) > '(2 a 5 7) (2 a 5 7)
The quasiquote disables evaluation of a parenthesized expression until a comma re-enables it. Thus it provides us with fine-grained control over what is evaluated and what is not.
> `(2 a 5 7 (2 ,a 5 ,(+ a 4))) (2 a 5 7 (2 3 5 7))
Note that the above result is a list of mixed elements: numbers, symbols (here
a
) and the last element is a list itself.Multiple variables can be named locally with
let
:> (define x 10) > (let ((x 2) (y 3)) (list x y)) (2 3) > x 10 > y ERROR: In procedure module-lookup: Unbound variable: y
Use
let*
to allow later variable declarations to refer to earlier definitions.> (let* ((x 2) (y (* x 3))) (list x y)) (2 6)
The keyword syntax is
#:
, it is used to create unique identifiers. See also the Keywords section in the Guile manual.The percentage
%
is typically used for read-only global variables in the build stage. Note that it is merely a convention, like_
in C. Scheme Lisp treats%
exactly the same as any other letter.Modules are created with
define-module
. For instance(define-module (guix build-system ruby) #:use-module (guix store) #:export (ruby-build ruby-build-system))
defines the module
ruby
which must be located inguix/build-system/ruby.scm
somewhere inGUILE_LOAD_PATH
. It depends on the(guix store)
module and it exports two symbols,ruby-build
andruby-build-system
.
For a more detailed introduction, check out Scheme at a Glance, by Steve Litt.
One of the reference Scheme books is the seminal Structure and Interpretation
of Computer Programs, by Harold Abelson and Gerald Jay Sussman, with Julie
Sussman. You'll find a free copy online, together with videos of the lectures
by the authors. The book is available in Texinfo format as the sicp
Guix
package. Go ahead, run guix package --install sicp
and start reading with
info sicp
(or with the Emacs Info reader). An unofficial ebook is also
available.
You'll find more books, tutorials and other resources at https://schemers.org/.
Setup
Now that we know some Scheme basics we can detail the different possible setups for working on Guix packages.
There are several ways to set up a Guix packaging environment.
We recommend you work directly on the Guix source checkout since it makes it easier for everyone to contribute to the project.
But first, let's look at other possibilities.
Local file
This is what we previously did with my-hello
. With the Scheme basics we've
covered, we are now able to explain the leading chunks. As stated in guix package --help
:
-f, --install-from-file=FILE
install the package that the code within FILE
evaluates to
Thus the last expression must return a package, which is the case in our earlier example.
The use-modules
expression tells which of the modules we need in the file.
Modules are a collection of values and procedures. They are commonly called
"libraries" or "packages" in other programming languages.
GUIX_PACKAGE_PATH
Note: Starting from Guix 0.16, the more flexible Guix "channels" are the
preferred way and supersede GUIX_PACKAGE_PATH
. See below.
It can be tedious to specify the file from the command line instead of simply
calling guix package --install my-hello
as you would do with the official
packages.
Guix makes it possible to streamline the process by adding as many "package declaration paths" as you want.
Create a directory, say ~./guix-packages
and add it to the GUIX_PACKAGE_PATH
environment variable:
$ mkdir ~/guix-packages
$ export GUIX_PACKAGE_PATH=~/guix-packages
To add several directories, separate them with a colon (:
).
Our previous my-hello
needs some adjustments though:
(define-module (my-hello)
#:use-module (guix licenses)
#:use-module (guix packages)
#:use-module (guix build-system gnu)
#:use-module (guix download))
(define-public my-hello
(package
(name "my-hello")
(version "2.10")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/hello/hello-" version
".tar.gz"))
(sha256
(base32
"0ssi1wpaf7plaswqqjwigppsg5fyh99vdlb9kzl7c9lng89ndq1i"))))
(build-system gnu-build-system)
(synopsis "Hello, Guix world: An example custom Guix package")
(description
"GNU Hello prints the message \"Hello, world!\" and then exits. It
serves as an example of standard GNU coding practices. As such, it supports
command-line arguments, multiple languages, and so on.")
(home-page "https://www.gnu.org/software/hello/")
(license gpl3+)))
Note that we have assigned the package value to an exported variable name with
define-public
. This is effectively assigning the package to the my-hello
variable so that it can be referenced, among other as dependency of other
packages.
If you use guix package --install-from-file=my-hello.scm
on the above file, it
will fail because the last expression, define-public
, does not return a
package. If you want to use define-public
in this use-case nonetheless, make
sure the file ends with an evaluation of my-hello
:
; ...
(define-public my-hello
; ...
)
my-hello
This last example is not very typical.
Now my-hello
should be part of the package collection like all other official
packages. You can verify this with:
$ guix package --show=my-hello
Guix channels
Guix 0.16 features channels, which is very similar to GUIX_PACKAGE_PATH
but
provides better integration and provenance tracking. Channels are not
necessarily local, they can be maintained as a public Git repository for
instance. Of course, several channels can be used at the same time.
See the “Channels” section in the manual for setup details.
Direct checkout hacking
Working directly on the Guix project is recommended: it reduces the friction when the time comes to submit your changes upstream to let the community benefit from your hard work!
Unlike most software distributions, the Guix repository holds in one place both the tooling (including the package manager) and the package definitions. This choice was made so that it would give developers the flexibility to modify the API without breakage by updating all packages at the same time. This reduces development inertia.
Check out the official Git repository:
$ git clone https://git.savannah.gnu.org/git/guix.git
In the rest of this article, we use $GUIX_CHECKOUT
to refer to the location of
the checkout.
Follow the instruction from the "Contributing" chapter in the manual to set up the repository environment.
Once ready, you should be able to use the package definitions from the repository environment.
Feel free to edit package definitions found in $GUIX_CHECKOUT/gnu/packages
.
The $GUIX_CHECKOUT/pre-inst-env
script lets you use guix
over the package
collection of the repository.
Search packages, such as Ruby:
$ cd $GUIX_CHECKOUT $ ./pre-inst-env guix package --list-available=ruby ruby 1.8.7-p374 out gnu/packages/ruby.scm:119:2 ruby 2.1.6 out gnu/packages/ruby.scm:91:2 ruby 2.2.2 out gnu/packages/ruby.scm:39:2
Build a package, here Ruby version 2.1:
$ ./pre-inst-env guix build --keep-failed ruby@2.1 /gnu/store/c13v73jxmj2nir2xjqaz5259zywsa9zi-ruby-2.1.6
Install it to your user profile:
$ ./pre-inst-env guix package --install ruby@2.1
Check for common mistakes:
$ ./pre-inst-env guix lint ruby@2.1
Guix strives at maintaining a high packaging standard; when contributing to the Guix project, remember to
- follow the coding style,
- and review the check list from the manual.
Once you are happy with the result, you are welcome to send your contribution to make it part of Guix. This process is also detailed in the manual.
It's a community effort so the more join in, the better Guix becomes!
Extended example
The above "Hello World" example is as simple as it goes. Packages can be more complex than that and Guix can handle more advanced scenarios. Let's look at another, more sophisticated package (slightly modified from the source):
(define-module (gnu packages version-control)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix utils)
#:use-module (guix packages)
#:use-module (guix git-download)
#:use-module (guix build-system cmake)
#:use-module (gnu packages ssh)
#:use-module (gnu packages web)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
#:use-module (gnu packages compression)
#:use-module (gnu packages tls))
(define-public my-libgit2
(let ((commit "e98d0a37c93574d2c6107bf7f31140b548c6a7bf")
(revision "1"))
(package
(name "my-libgit2")
(version (git-version "0.26.6" revision commit))
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/libgit2/libgit2/")
(commit commit)))
(file-name (git-file-name name version))
(sha256
(base32
"17pjvprmdrx4h6bb1hhc98w9qi6ki7yl57f090n9kbhswxqfs7s3"))
(patches (search-patches "libgit2-mtime-0.patch"))
(modules '((guix build utils)))
(snippet '(begin
;; Remove bundled software.
(delete-file-recursively "deps")
#t))))
(build-system cmake-build-system)
(outputs '("out" "debug"))
(arguments
`(#:tests? #t ; Run the test suite (this is the default)
#:configure-flags '("-DUSE_SHA1DC=ON") ; SHA-1 collision detection
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'fix-hardcoded-paths
(lambda _
(substitute* "tests/repo/init.c"
(("#!/bin/sh") (string-append "#!" (which "sh"))))
(substitute* "tests/clar/fs.h"
(("/bin/cp") (which "cp"))
(("/bin/rm") (which "rm")))
#t))
;; Run checks more verbosely.
(replace 'check
(lambda _ (invoke "./libgit2_clar" "-v" "-Q")))
(add-after 'unpack 'make-files-writable-for-tests
(lambda _ (for-each make-file-writable (find-files "." ".*")))))))
(inputs
`(("libssh2" ,libssh2)
("http-parser" ,http-parser)
("python" ,python-wrapper)))
(native-inputs
`(("pkg-config" ,pkg-config)))
(propagated-inputs
;; These two libraries are in 'Requires.private' in libgit2.pc.
`(("openssl" ,openssl)
("zlib" ,zlib)))
(home-page "https://libgit2.github.com/")
(synopsis "Library providing Git core methods")
(description
"Libgit2 is a portable, pure C implementation of the Git core methods
provided as a re-entrant linkable library with a solid API, allowing you to
write native speed custom Git applications in any language with bindings.")
;; GPLv2 with linking exception
(license license:gpl2))))
(In those cases were you only want to tweak a few fields from a package definition, you should rely on inheritance instead of copy-pasting everything. See below.)
Let's discuss those fields in depth.
git-fetch
method
Unlike the url-fetch
method, git-fetch
expects a git-reference
which takes
a Git repository and a commit. The commit can be any Git reference such as
tags, so if the version
is tagged, then it can be used directly. Sometimes
the tag is prefixed with a v
, in which case you'd use (commit (string-append "v" version))
.
To ensure that the source code from the Git repository is stored in a unique
directory with a readable name we use (file-name (git-file-name name version))
.
Note that there is also a git-version
procedure that can be used to derive the
version when packaging programs for a specific commit.
Snippets
Snippets are quoted (i.e. non-evaluated) Scheme code that are a means of patching
the source. They are a Guix-y alternative to the traditional .patch
files.
Because of the quote, the code in only evaluated when passed to the Guix daemon
for building.
There can be as many snippet as needed.
Snippets might need additional Guile modules which can be imported from the
modules
field.
Inputs
First, a syntactic comment: See the quasi-quote / comma syntax?
(native-inputs
`(("pkg-config" ,pkg-config)))
is equivalent to
(native-inputs
(list (list "pkg-config" pkg-config)))
You'll mostly see the former because it's shorter.
There are 3 different input types. In short:
- native-inputs: Required for building but not runtime – installing a package through a substitute won't install these inputs.
- inputs: Installed in the store but not in the profile, as well as being present at build time.
- propagated-inputs: Installed in the store and in the profile, as well as being present at build time.
See the package reference in the manual for more details.
The distinction between the various inputs is important: if a dependency can be handled as an input instead of a propagated input, it should be done so, or else it "pollutes" the user profile for no good reason.
For instance, a user installing a graphical program that depends on a command line tool might only be interested in the graphical part, so there is no need to force the command line tool into the user profile. The dependency is a concern to the package, not to the user. Inputs make it possible to handle dependencies without bugging the user by adding undesired executable files (or libraries) to their profile.
Same goes for native-inputs: once the program is installed, build-time dependencies can be safely garbage-collected. It also matters when a substitute is available, in which case only the inputs and propagated inputs will be fetched: the native inputs are not required to install a package from a substitute.
Outputs
Just like how a package can have multiple inputs, it can also produce multiple outputs.
Each output corresponds to a separate directory in the store.
The user can choose which output to install; this is useful to save space or to avoid polluting the user profile with unwanted executables or libraries.
Output separation is optional. When the outputs
field is left out, the
default and only output (the complete package) is referred to as "out"
.
Typical separate output names include debug
and doc
.
It's advised to separate outputs only when you've shown it's worth it: if the
output size is significant (compare with guix size
) or in case the package is
modular.
Build system arguments
The arguments
is a keyword-value list used to configure the build process.
The simplest argument #:tests?
can be used to disable the test suite when
building the package. This is mostly useful when the package does not feature
any test suite. It's strongly recommended to keep the test suite on if there is
one.
Another common argument is :make-flags
, which specifies a list of flags to
append when running make, as you would from the command line. For instance, the
following flags
#:make-flags (list (string-append "prefix=" (assoc-ref %outputs "out"))
"CC=gcc")
translate into
$ make CC=gcc prefix=/gnu/store/...-<out>
This sets the C compiler to gcc
and the prefix
variable (the installation
directory in Make parlance) to (assoc-ref %outputs "out")
, which is a build-stage
global variable pointing to the destination directory in the store (something like
/gnu/store/...-my-libgit2-20180408
).
Similarly, it's possible to set the "configure" flags.
#:configure-flags '("-DUSE_SHA1DC=ON")
The %build-inputs
variable is also generated in scope. It's an association
table that maps the input names to their store directories.
The phases
keyword lists the sequential steps of the build system. Typically
phases include unpack
, configure
, build
, install
and check
. To know
more about those phases, you need to work out the appropriate build system
definition in $GUIX_CHECKOUT/guix/build/gnu-build-system.scm
:
(define %standard-phases
;; Standard build phases, as a list of symbol/procedure pairs.
(let-syntax ((phases (syntax-rules ()
((_ p ...) `((p . ,p) ...)))))
(phases set-SOURCE-DATE-EPOCH set-paths install-locale unpack
bootstrap
patch-usr-bin-file
patch-source-shebangs configure patch-generated-file-shebangs
build check install
patch-shebangs strip
validate-runpath
validate-documentation-location
delete-info-dir-file
patch-dot-desktop-files
install-license-files
reset-gzip-timestamps
compress-documentation)))
Or from the REPL:
> (add-to-load-path "/path/to/guix/checkout")
> ,module (guix build gnu-build-system)
> (map first %standard-phases)
(set-SOURCE-DATE-EPOCH set-paths install-locale unpack bootstrap
patch-usr-bin-file patch-source-shebangs configure
patch-generated-file-shebangs build check install patch-shebangs strip
validate-runpath validate-documentation-location delete-info-dir-file
patch-dot-desktop-files install-license-files reset-gzip-timestamps
compress-documentation)
If you want to know more about what happens during those phases, consult the associated procedures.
For instance, as of this writing the definition of unpack
for the GNU build
system is
(define* (unpack #:key source #:allow-other-keys)
"Unpack SOURCE in the working directory, and change directory within the
source. When SOURCE is a directory, copy it in a sub-directory of the current
working directory."
(if (file-is-directory? source)
(begin
(mkdir "source")
(chdir "source")
;; Preserve timestamps (set to the Epoch) on the copied tree so that
;; things work deterministically.
(copy-recursively source "."
#:keep-mtime? #t))
(begin
(if (string-suffix? ".zip" source)
(invoke "unzip" source)
(invoke "tar" "xvf" source))
(chdir (first-subdirectory "."))))
#t)
Note the chdir
call: it changes the working directory to where the source was
unpacked.
Thus every phase following the unpack
will use the source as a working
directory, which is why we can directly work on the source files.
That is to say, unless a later phase changes the working directory to something
else.
We modify the list of %standard-phases
of the build system with the
modify-phases
macro as per the list of specified modifications, which may have
the following forms:
(add-before PHASE NEW-PHASE PROCEDURE)
: RunPROCEDURE
namedNEW-PHASE
beforePHASE
.(add-after PHASE NEW-PHASE PROCEDURE)
: Same, but afterwards.(replace PHASE PROCEDURE)
.(delete PHASE)
.
The PROCEDURE
supports the keyword arguments inputs
and outputs
. Each
input (whether native, propagated or not) and output directory is referenced
by their name in those variables. Thus (assoc-ref outputs "out")
is the store
directory of the main output of the package. A phase procedure may look like
this:
(lambda* (#:key inputs outputs #:allow-other-keys)
(let (((bash-directory (assoc-ref inputs "bash"))
(output-directory (assoc-ref outputs "out"))
(doc-directory (assoc-ref outputs "doc"))
; ...
#t)
The procedure must return #t
on success. It's brittle to rely on the return
value of the last expression used to tweak the phase because there is no
guarantee it would be a #t
. Hence the trailing #t
to ensure the right value
is returned on success.
Code staging
The astute reader may have noticed the quasi-quote and comma syntax in the argument field. Indeed, the build code in the package declaration should not be evaluated on the client side, but only when passed to the Guix daemon. This mechanism of passing code around two running processes is called code staging.
"Utils" functions
When customizing phases
, we often need to write code that mimics the
equivalent system invocations (make
, mkdir
, cp
, etc.) commonly used during
regular "Unix-style" installations.
Some like chmod
are native to Guile. See the Guile reference manual for a
complete list.
Guix provides additional helper functions which prove especially handy in the context of package management.
Some of those functions can be found in
$GUIX_CHECKOUT/guix/guix/build/utils.scm
. Most of them mirror the behaviour
of the traditional Unix system commands:
- which: Like the
which
system command. - find-files: Akin to the
find
system command. - mkdir-p: Like
mkdir -p
, which creates all parents as needed. - install-file: Similar to
install
when installing a file to a (possibly non-existing) directory. Guile hascopy-file
which works likecp
. - copy-recursively: Like
cp -r
. - delete-file-recursively: Like
rm -rf
. - invoke: Run an executable. This should be used instead of
system*
. - with-directory-excursion: Run the body in a different working directory, then restore the previous working directory.
- substitute*: A "sed-like" function.
Module prefix
The license in our last example needs a prefix: this is because of how the
license
module was imported in the package, as #:use-module ((guix licenses) #:prefix license:)
. The Guile module import mechanism gives the user full
control over namespacing: this is needed to avoid clashes between, say, the
zlib
variable from licenses.scm
(a license value) and the zlib
variable
from compression.scm
(a package value).
Other build systems
What we've seen so far covers the majority of packages using a build system
other than the trivial-build-system
. The latter does not automate anything
and leaves you to build everything manually. This can be more demanding and we
won't cover it here for now, but thankfully it is rarely necessary to fall back
on this system.
For the other build systems, such as ASDF, Emacs, Perl, Ruby and many more, the process is very similar to the GNU build system except for a few specialized arguments.
Learn more about build systems in
- the manual, section 4.2 Build systems,
- the source code in the
$GUIX_CHECKOUT/guix/build
and$GUIX_CHECKOUT/guix/build-system
directories.
Programmable and automated package definition
We can't repeat it enough: having a full-fledged programming language at hand empowers us in ways that reach far beyond traditional package management.
Let's illustrate this with some awesome features of Guix!
Recursive importers
You might find some build systems good enough that there is little to do at all to write a package, to the point that it becomes repetitive and tedious after a while. A raison d'être of computers is to replace human beings at those boring tasks. So let's tell Guix to do this for us and create the package definition of an R package from CRAN (the output is trimmed for conciseness):
$ guix import cran --recursive walrus
(define-public r-mc2d
; ...
(license gpl2+)))
(define-public r-jmvcore
; ...
(license gpl2+)))
(define-public r-wrs2
; ...
(license gpl3)))
(define-public r-walrus
(package
(name "r-walrus")
(version "1.0.3")
(source
(origin
(method url-fetch)
(uri (cran-uri "walrus" version))
(sha256
(base32
"1nk2glcvy4hyksl5ipq2mz8jy4fss90hx6cq98m3w96kzjni6jjj"))))
(build-system r-build-system)
(propagated-inputs
`(("r-ggplot2" ,r-ggplot2)
("r-jmvcore" ,r-jmvcore)
("r-r6" ,r-r6)
("r-wrs2" ,r-wrs2)))
(home-page "https://github.com/jamovi/walrus")
(synopsis "Robust Statistical Methods")
(description
"This package provides a toolbox of common robust statistical tests, including robust descriptives, robust t-tests, and robust ANOVA. It is also available as a module for 'jamovi' (see <https://www.jamovi.org> for more information). Walrus is based on the WRS2 package by Patrick Mair, which is in turn based on the scripts and work of Rand Wilcox. These analyses are described in depth in the book 'Introduction to Robust Estimation & Hypothesis Testing'.")
(license gpl3)))
The recursive importer won't import packages for which Guix already has package definitions, except for the very first.
Not all applications can be packaged this way, only those relying on a select number of supported systems. Read about the full list of importers in the guix import section of the manual.
Automatic update
Guix can be smart enough to check for updates on systems it knows. It can report outdated package definitions with
$ guix refresh hello
In most cases, updating a package to a newer version requires little more than changing the version number and the checksum. Guix can do that automatically as well:
$ guix refresh hello --update
Inheritance
If you've started browsing the existing package definitions, you might have
noticed that a significant number of them have a inherit
field:
(define-public adwaita-icon-theme
(package (inherit gnome-icon-theme)
(name "adwaita-icon-theme")
(version "3.26.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnome/sources/" name "/"
(version-major+minor version) "/"
name "-" version ".tar.xz"))
(sha256
(base32
"17fpahgh5dyckgz7rwqvzgnhx53cx9kr2xw0szprc6bnqy977fi8"))))
(native-inputs
`(("gtk-encode-symbolic-svg" ,gtk+ "bin")))))
All unspecified fields are inherited from the parent package. This is very convenient to create alternative packages, for instance with different source, version or compilation options.
Getting help
Sadly, some applications can be tough to package. Sometimes they need a patch to work with the non-standard filesystem hierarchy enforced by the store. Sometimes the tests won't run properly. (They can be skipped but this is not recommended.) Other times the resulting package won't be reproducible.
Should you be stuck, unable to figure out how to fix any sort of packaging issue, don't hesitate to ask the community for help.
See the Guix homepage for information on the mailing lists, IRC, etc.
Conclusion
This tutorial was a showcase of the sophisticated package management that Guix
boasts. At this point we have mostly restricted this introduction to the
gnu-build-system
which is a core abstraction layer on which more advanced
abstractions are based.
Where do we go from here? Next we ought to dissect the innards of the build
system by removing all abstractions, using the trivial-build-system
: this
should give us a thorough understanding of the process before investigating some
more advanced packaging techniques and edge cases.
Other features worth exploring are the interactive editing and debugging capabilities of Guix provided by the Guile REPL.
Those fancy features are completely optional and can wait; now is a good time to take a well-deserved break. With what we've introduced here you should be well armed to package lots of programs. You can get started right away and hopefully we will see your contributions soon!
References
"GNU Guix: Package without a scheme!", by Andreas Enge
Notices
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
About GNU Guix
GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.
In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.
GuixSD can be used on an i686, x86_64, ARMv7, and AArch64 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.
Sauf indication contraire, les billets de blog de ce site sont la propriété de leurs auteurs respectifs et publiés sous les termes de la licence CC-BY-SA 4.0 et ceux de la GNU Free Documentation License (version 1.3 ou supérieur, sans section invariante, sans texte de préface ni de postface).