Dear Wolf,
my system-config.scm is quite normal desktop. Because of my WLAN chip I use a
non-free linux kernel which is customized to my needs (e.g. only btrfs and no
ext*-fs). I change some privileged programs (e.g. exchange slock by slock-caps,
trivial suspend). See below.
my reconfig is and takes today about 25 minutes:
guix time-machine -C ~user/reg/c/config/systems/channels-lock.scm -- system
reconfigure -L ~user/reg/c ~user/reg/c/config/systems/config.scm "$@" |& tee -a
reconfig-$(date +%F.%T).log
Without time-machine the output is the same. But yesterday, I saw some pulls
and applied commits.
NB: I fix the channels to a commit by channels-lock.scm. It contains the
commits just after the last CVEs.
--- begin channels-lock.scm
(list (channel
(name 'nonguix)
(url "https://gitlab.com/nonguix/nonguix";)
(branch "master")
(commit
"fea3efac5021b5c2b5037e0281d95e8ac81b34eb")
(introduction
(make-channel-introduction
"897c1a470da759236cc11798f4e0a5f7d4d59fbc"
(openpgp-fingerprint
"2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5"))))
(channel
(name 'guix)
(url "https://git.guix.gnu.org/guix.git";)
(branch "master")
(commit
"8ee445f39ad6fc706247060e7fd235c13351c7f1")
(introduction
(make-channel-introduction
"9edb3f66fd807b096b48283debdcddccfea34bad"
(openpgp-fingerprint
"BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA")))))
--- end channels-lock.scm
Besides this, I get *three* times {Updating channels + Computing Guix
derivation for 'x86_64-linux'} !
The output of reconfigure is:
--- begin output with channels-lock.scm
Updating channel 'guix' from Git repository at
'https://git.guix.gnu.org/guix.git'...
Updating channel 'nonguix' from Git repository at
'https://gitlab.com/nonguix/nonguix'...
Computing Guix derivation for 'x86_64-linux'...
Updating channel 'guix' from Git repository at
'https://git.guix.gnu.org/guix.git'...
Updating channel 'nonguix' from Git repository at
'https://gitlab.com/nonguix/nonguix'...
Computing Guix derivation for 'x86_64-linux'...
substitute: looking for substitutes on 'https://substitutes.nonguix.org'...
100.0%
substitute: looking for substitutes on 'https://bordeaux.guix.gnu.org'...
100.0%
substitute: looking for substitutes on 'https://ci.guix.gnu.org'...
100.0%
The following derivations will be built:
/gnu/store/4n8p23vp5q94gmcf42wajqj9xxkxh3hp-activate-service.scm.drv
/gnu/store/kpssw1srszhq1p4qcchcqq81rhc8jcqf-activate.scm.drv
/gnu/store/y5b31mf70r84drj6cn3h8l4z5c2m37ys-boot.drv
/gnu/store/dsifllskpmcimyaslwmp09rxnfl9an5n-system.drv
/gnu/store/3c5707shbz9n4g3mpfaz9w88fx8m6ldz-grub.cfg.drv
building /gnu/store/4n8p23vp5q94gmcf42wajqj9xxkxh3hp-activate-service.scm.drv...
building /gnu/store/kpssw1srszhq1p4qcchcqq81rhc8jcqf-activate.scm.drv...
building /gnu/store/y5b31mf70r84drj6cn3h8l4z5c2m37ys-boot.drv...
building /gnu/store/dsifllskpmcimyaslwmp09rxnfl9an5n-system.drv...
building /gnu/store/3c5707shbz9n4g3mpfaz9w88fx8m6ldz-grub.cfg.drv...
/gnu/store/y636b201mc0h5rsp8pi9h670njrmbrr1-system
/gnu/store/9l6wlm8z6j2m3fxxaplbczr9knd9h5j4-grub.cfg
activating system...
Updating channel 'guix' from Git repository at
'https://git.guix.gnu.org/guix.git'...
Updating channel 'nonguix' from Git repository at
'https://gitlab.com/nonguix/nonguix'...
Computing Guix derivation for 'x86_64-linux'...
The following derivation will be built:
/gnu/store/1c1csvzk2pw612pp93g6k14105r6xq5l-switch-to-system.scm.drv
building /gnu/store/1c1csvzk2pw612pp93g6k14105r6xq5l-switch-to-system.scm.drv...
making '/var/guix/profiles/system-43-link' the current system...
populating /etc from /gnu/store/1km8pkvp5n8i67qx0vkmw4lqb7vrqjdj-etc...
setting up privileged programs in '/run/privileged/bin'...
warning: failed to privilege
"/gnu/store/aal4fxvkvpzc3p03fy3bbzl19zi550xs-slock-1.5/bin/slock": File exists
warning: failed to privilege
"/gnu/store/jxhjfzsnl8sgnzaizfd7ljhmampnvw6l-slock-caps-1.5/bin/slock": File
exists
The following derivation will be built:
/gnu/store/7c0k15mlwda70q81dbvyfm0bqlgpr7c0-install-bootloader.scm.drv
building
/gnu/store/7c0k15mlwda70q81dbvyfm0bqlgpr7c0-install-bootloader.scm.drv...
guix system: bootloader successfully installed on '(/boot/efi)'
Updating channel 'guix' from Git repository at
'https://git.guix.gnu.org/guix.git'...
Updating channel 'nonguix' from Git repository at
'https://gitlab.com/nonguix/nonguix'...
Computing Guix derivation for 'x86_64-linux'...
[...shepard and kexec stuff]
--- end output with channels-lock.scm
PS: my system-config.scm is
--- begin system-config.scm
(define-public h2ka-system
(operating-system
(kernel host-linux)
(initrd microcode-initrd)
(firmware (list linux-firmware))
(locale "de_DE.utf8")
(timezone "Europe/Berlin")
(keyboard-layout (keyboard-layout "de" "deadgraveacute"))
(host-name "host")
(users (cons* (user-account
(name "me")
(comment "me")
(group "users")
(home-directory "/home/me")
(supplementary-groups '("wheel" "netdev"
"audio" "video")))
%base-user-accounts))
(packages
(append
(map
specification->package
'("cifs-utils"
"davfs2"
"i3-wm"
"i3status"
"suspend"
"dmenu"
"bash"
;;"dwm"
"tinyalsa"
"alsa-plugins"
"alsa-utils"
"pulseaudio"
"lxde"
"lxpanel"
"st"
;;"s6"
;;"execline"
))
%base-packages))
(privileged-programs
(cons*
(privileged-program
(program (file-append slock-caps "/bin/slock"))
(setuid? #t)
)
(privileged-program
(program (file-append suspend "/bin/suspend"))
(group "wheel")
(setuid? #f)
(setgid? #t)
)
(privileged-program
(program (file-append davfs2 "/sbin/mount.davfs"))
(setuid? #t))
(privileged-program
(program (file-append cifs-utils "/sbin/mount.cifs"))
(setuid? #t))
((remove-privileged
`(,(file-append slock "/bin/slock")))
%default-privileged-programs)))
(services
(cons*
(service mcron-service-type
(mcron-configuration
(jobs (list cpupower-powersave-job
lift-nofile-limit-job
renice-guix-daemon-job
guix-reconfigure-job
guix-release-throttle-job))))
(service xfce-desktop-service-type)
(service cups-service-type ;2025-07-27
(cups-configuration
(web-interface? #t)
(extensions
(list foomatic-filters cups-filters hplip dbus foo2zjs
hplip-plugin))))
(service nix-service-type) ; 2025-05-08
(service varnish-service-type) ; 2025-05-08
(set-xorg-configuration
(xorg-configuration
(keyboard-layout keyboard-layout)
(extra-config (list touchpad-conf))))
(service
screen-locker-service-type
(screen-locker-configuration
(name "slock")
(program (file-append slock-caps "/bin/slock"))))
;; Dies ist die Standardliste von Diensten, zu der wir
;; Einträge hinzufügen.
(modify-services
%desktop-services
(guix-service-type
config
=> (guix-configuration
(inherit config)
;; (privileged? #f) ; new 2025-04-25
(channels my-channels)
(guix (guix-for-channels my-channels))
(substitute-urls
(cons* "https://substitutes.nonguix.org";
%default-substitute-urls))
(authorized-keys
(cons*
(plain-file "non-guix.pub"
"(public-key (ecc (curve Ed25519)
(q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)))")
;;(local-file "./signing-key.pub")
%default-authorized-guix-keys))))
)))
(bootloader (bootloader-configuration
(bootloader grub-efi-bootloader)
(targets (list "/boot/efi"))
(keyboard-layout keyboard-layout)))
(swap-devices (list (swap-space
(target (uuid
"7aae4d4e-bbd1-4af7-a8e7-cf7c3f65724f")))))
;; Die Liste der Dateisysteme, die "eingehängt" werden. Die, zu den
;; Dateisystemen einzigartigen, Identifikatoren ("UUIDs") können durch das
;; Ausführen des Befehls "blkid" in einem Terminal erhalten werden.
(file-systems
(cons*
(file-system
(mount-point "/")
(device (uuid
"5edbc69f-592c-42e1-8a95-0d6b728225b3"
'btrfs))
(type "btrfs"))
(file-system
(mount-point "/boot/efi")
(device (uuid "D6F3-2354"
'fat32))
(type "vfat"))
%base-file-systems))))
--- end system-config.scm
PPS: my suspend is
--- begin suspend.scm
(define-module (config packages suspend))
(use-modules
(gnu packages bash)
(guix build-system trivial)
(guix gexp)
(guix licenses)
(guix modules)
(guix packages)
)
(define-public suspend
(package
(name "suspend")
(version "0.1")
(source #f) ; no external source
(inputs (list bash))
(build-system trivial-build-system)
(arguments
(list
#:builder
(with-imported-modules
(source-module-closure
'((guix build utils)))
#~(begin
(use-modules (guix build utils))
(let* ((out (getenv "out"))
(bin (string-append out "/bin"))
(script (string-append bin "/suspend"))
(she-bang (string-append
"#!"
#$(file-append bash "/bin/bash")
"\n")))
(mkdir-p bin)
(call-with-output-file script
(lambda (port)
(display she-bang port)
(display "echo mem > /sys/power/state\n" port)))
(chmod script #o755))))))
(synopsis "Suspend command")
(description "Provides a suspend command, which could be
privileged in a system configuration.")
(home-page "https://codeberg.de/stefanK/stix";) ; not yet there
(license public-domain)))
suspend
--- end suspend.scm
--
Kind regars,
S. Karrmann
> Gesendet: Mittwoch, 6. August 2025 um 21:55
> Von: "Tomas Volf" <[email protected]>
> An: "Stefan Karrmann" <[email protected]>
> CC: [email protected]
> Betreff: Re: Computing Guix derivation for 'x86_64-linux' takes ages... -> 3
> proposals
>
> Stefan Karrmann <[email protected]> writes:
>
> > Dear all,
> >
> > this question was asked several times. But >Computing Guix derivation for
> > 'x86_64-linux'< annoys really.
> >
> > Why do we need this so often?
> >
> > Of course, we need this, if we pull a new guix. If we do it, we know that
> > it takes its time.
> >
> > But why do we need it with >guix system reconfigure< etc.pp.? We have a
> > pulled
> > guix locally and ready. That's the one we want to use! Well, I see that
> > >guix
> > system reconfigure< pulls new commits. But why? I don't want them.
>
> Would you be able to share some more details about your configuration
> and setup in general? It is some time since I have last used `guix
> system reconfigure' -- I only use `guix deploy' these days -- but I have
> to say I do not recall reconfigure doing a pull. So this might be
> something specific to your setup?
>
> Can you get reproducer in a virtual machine and share the configuration
> and commands to run?
>
> > [..]
> > OPEN: How to handle local trees (i.e. -L directory)? Well, they add
> > new branches and leafs, maybe a new forest. They do not change the old
> > forest at all.
>
> I do not think this is accurate. You can use -L to deploy completely
> custom Guix -- that is how pre-inst-env works when using checkout of the
> Guix repository. So while I agree that *usually* -L just adds new
> stuff, it very much *can* change "the old forest".
>
> Tomas
> --
> There are only two hard things in Computer Science:
> cache invalidation, naming things and off-by-one errors.
>
