2016-12-30 17:22:27 -05:00
|
|
|
|
;;; GNU Guix --- Functional package management for GNU
|
2021-05-05 17:26:27 -04:00
|
|
|
|
;;; Copyright © 2016, 2017, 2018, 2019, 2020, 2021, 2021 Ludovic Courtès <ludo@gnu.org>
|
2016-12-30 17:22:27 -05:00
|
|
|
|
;;;
|
|
|
|
|
;;; This file is part of GNU Guix.
|
|
|
|
|
;;;
|
|
|
|
|
;;; GNU Guix is free software; you can redistribute it and/or modify it
|
|
|
|
|
;;; under the terms of the GNU General Public License as published by
|
|
|
|
|
;;; the Free Software Foundation; either version 3 of the License, or (at
|
|
|
|
|
;;; your option) any later version.
|
|
|
|
|
;;;
|
|
|
|
|
;;; GNU Guix is distributed in the hope that it will be useful, but
|
|
|
|
|
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
;;; GNU General Public License for more details.
|
|
|
|
|
;;;
|
|
|
|
|
;;; You should have received a copy of the GNU General Public License
|
|
|
|
|
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
|
|
(define-module (guix ssh)
|
|
|
|
|
#:use-module (guix store)
|
2018-12-23 18:55:07 -05:00
|
|
|
|
#:use-module (guix inferior)
|
2017-11-19 16:45:06 -05:00
|
|
|
|
#:use-module (guix i18n)
|
2020-08-31 05:36:26 -04:00
|
|
|
|
#:use-module ((guix diagnostics)
|
|
|
|
|
#:select (info &fix-hint formatted-message))
|
|
|
|
|
#:use-module ((guix progress)
|
|
|
|
|
#:select (progress-bar
|
|
|
|
|
erase-current-line current-terminal-columns))
|
2019-08-15 04:06:41 -04:00
|
|
|
|
#:use-module (gcrypt pk-crypto)
|
2017-04-21 12:44:59 -04:00
|
|
|
|
#:use-module (ssh session)
|
|
|
|
|
#:use-module (ssh auth)
|
|
|
|
|
#:use-module (ssh key)
|
2016-12-30 17:22:27 -05:00
|
|
|
|
#:use-module (ssh channel)
|
|
|
|
|
#:use-module (ssh popen)
|
|
|
|
|
#:use-module (ssh session)
|
2018-01-12 16:32:52 -05:00
|
|
|
|
#:use-module (srfi srfi-1)
|
2016-12-30 17:22:27 -05:00
|
|
|
|
#:use-module (srfi srfi-11)
|
2018-01-12 16:20:30 -05:00
|
|
|
|
#:use-module (srfi srfi-26)
|
2016-12-31 12:34:17 -05:00
|
|
|
|
#:use-module (srfi srfi-34)
|
|
|
|
|
#:use-module (srfi srfi-35)
|
2016-12-30 17:22:27 -05:00
|
|
|
|
#:use-module (ice-9 match)
|
2019-06-10 16:12:28 -04:00
|
|
|
|
#:use-module (ice-9 format)
|
2016-12-31 12:34:17 -05:00
|
|
|
|
#:use-module (ice-9 binary-ports)
|
2020-08-31 05:36:26 -04:00
|
|
|
|
#:use-module (ice-9 vlist)
|
2017-04-21 12:44:59 -04:00
|
|
|
|
#:export (open-ssh-session
|
2019-12-03 15:28:23 -05:00
|
|
|
|
authenticate-server*
|
|
|
|
|
|
2018-12-23 18:55:07 -05:00
|
|
|
|
remote-inferior
|
2017-04-21 13:01:03 -04:00
|
|
|
|
remote-daemon-channel
|
2017-04-21 12:44:59 -04:00
|
|
|
|
connect-to-remote-daemon
|
2019-08-09 14:24:57 -04:00
|
|
|
|
remote-system
|
2019-08-15 04:06:41 -04:00
|
|
|
|
remote-authorize-signing-key
|
2016-12-30 17:22:27 -05:00
|
|
|
|
send-files
|
|
|
|
|
retrieve-files
|
2018-01-12 16:20:30 -05:00
|
|
|
|
retrieve-files*
|
2018-01-12 17:16:53 -05:00
|
|
|
|
remote-store-host
|
|
|
|
|
|
2020-12-18 05:42:57 -05:00
|
|
|
|
report-guile-error))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
|
|
|
|
;;; Commentary:
|
|
|
|
|
;;;
|
|
|
|
|
;;; This module provides tools to support communication with remote stores
|
|
|
|
|
;;; over SSH, using Guile-SSH.
|
|
|
|
|
;;;
|
|
|
|
|
;;; Code:
|
|
|
|
|
|
2017-04-21 12:44:59 -04:00
|
|
|
|
(define %compression
|
|
|
|
|
"zlib@openssh.com,zlib")
|
|
|
|
|
|
2019-12-03 15:28:23 -05:00
|
|
|
|
(define (host-key->type+key host-key)
|
|
|
|
|
"Destructure HOST-KEY, an OpenSSH host key string, and return two values:
|
|
|
|
|
its key type as a symbol, and the actual base64-encoded string."
|
|
|
|
|
(define (type->symbol type)
|
|
|
|
|
(and (string-prefix? "ssh-" type)
|
|
|
|
|
(string->symbol (string-drop type 4))))
|
|
|
|
|
|
|
|
|
|
(match (string-tokenize host-key)
|
|
|
|
|
((type key x)
|
|
|
|
|
(values (type->symbol type) key))
|
|
|
|
|
((type key)
|
|
|
|
|
(values (type->symbol type) key))))
|
|
|
|
|
|
|
|
|
|
(define (authenticate-server* session key)
|
|
|
|
|
"Make sure the server for SESSION has the given KEY, where KEY is a string
|
|
|
|
|
such as \"ssh-ed25519 AAAAC3Nz… root@example.org\". Raise an exception if the
|
|
|
|
|
actual key does not match."
|
|
|
|
|
(let-values (((server) (get-server-public-key session))
|
|
|
|
|
((type key) (host-key->type+key key)))
|
|
|
|
|
(unless (and (or (not (get-key-type server))
|
|
|
|
|
(eq? (get-key-type server) type))
|
|
|
|
|
(string=? (public-key->string server) key))
|
|
|
|
|
;; Key mismatch: something's wrong. XXX: It could be that the server
|
|
|
|
|
;; provided its Ed25519 key when we where expecting its RSA key. XXX:
|
|
|
|
|
;; Guile-SSH 0.10.1 doesn't know about ed25519 keys and 'get-key-type'
|
|
|
|
|
;; returns #f in that case.
|
2020-07-25 12:26:18 -04:00
|
|
|
|
(raise (formatted-message (G_ "server at '~a' returned host key \
|
2019-12-03 15:28:23 -05:00
|
|
|
|
'~a' of type '~a' instead of '~a' of type '~a'~%")
|
|
|
|
|
(session-get session 'host)
|
|
|
|
|
(public-key->string server)
|
|
|
|
|
(get-key-type server)
|
2020-07-25 12:26:18 -04:00
|
|
|
|
key type)))))
|
2019-12-03 15:28:23 -05:00
|
|
|
|
|
2019-07-05 14:54:32 -04:00
|
|
|
|
(define* (open-ssh-session host #:key user port identity
|
2019-12-03 15:48:02 -05:00
|
|
|
|
host-key
|
2019-10-15 06:33:46 -04:00
|
|
|
|
(compression %compression)
|
2022-06-14 03:02:43 -04:00
|
|
|
|
(timeout 3600)
|
|
|
|
|
(connection-timeout 10))
|
2019-07-05 14:54:32 -04:00
|
|
|
|
"Open an SSH session for HOST and return it. IDENTITY specifies the file
|
|
|
|
|
name of a private key to use for authenticating with the host. When USER,
|
|
|
|
|
PORT, or IDENTITY are #f, use default values or whatever '~/.ssh/config'
|
2019-12-03 15:48:02 -05:00
|
|
|
|
specifies; otherwise use them.
|
|
|
|
|
|
|
|
|
|
When HOST-KEY is true, it must be a string like \"ssh-ed25519 AAAAC3Nz…
|
|
|
|
|
root@example.org\"; the server is authenticated and an error is raised if its
|
|
|
|
|
host key is different from HOST-KEY.
|
|
|
|
|
|
2022-06-14 03:02:43 -04:00
|
|
|
|
Error out if connection establishment takes more than CONNECTION-TIMEOUT
|
|
|
|
|
seconds. Install TIMEOUT as the maximum time in seconds after which a read or
|
|
|
|
|
write operation on a channel of the returned session is considered as failing.
|
2019-10-15 06:33:46 -04:00
|
|
|
|
|
|
|
|
|
Throw an error on failure."
|
2017-04-21 12:44:59 -04:00
|
|
|
|
(let ((session (make-session #:user user
|
2019-07-05 14:54:32 -04:00
|
|
|
|
#:identity identity
|
2017-04-21 12:44:59 -04:00
|
|
|
|
#:host host
|
|
|
|
|
#:port port
|
2022-06-14 03:02:43 -04:00
|
|
|
|
#:timeout connection-timeout
|
2017-04-21 12:44:59 -04:00
|
|
|
|
;; #:log-verbosity 'protocol
|
|
|
|
|
|
2019-12-03 15:48:02 -05:00
|
|
|
|
;; Prevent libssh from reading
|
|
|
|
|
;; ~/.ssh/known_hosts when the caller provides
|
|
|
|
|
;; a HOST-KEY to match against.
|
|
|
|
|
#:knownhosts (and host-key "/dev/null")
|
|
|
|
|
|
2017-04-21 12:44:59 -04:00
|
|
|
|
;; We need lightweight compression when
|
|
|
|
|
;; exchanging full archives.
|
|
|
|
|
#:compression compression
|
2020-07-20 05:28:51 -04:00
|
|
|
|
#:compression-level 3
|
|
|
|
|
|
|
|
|
|
;; Speed up RPCs by creating sockets with
|
|
|
|
|
;; TCP_NODELAY.
|
|
|
|
|
#:nodelay #t)))
|
2017-04-21 12:44:59 -04:00
|
|
|
|
|
|
|
|
|
;; Honor ~/.ssh/config.
|
|
|
|
|
(session-parse-config! session)
|
|
|
|
|
|
|
|
|
|
(match (connect! session)
|
|
|
|
|
('ok
|
2019-12-03 15:48:02 -05:00
|
|
|
|
(if host-key
|
|
|
|
|
;; Make sure the server's key is what we expect.
|
|
|
|
|
(authenticate-server* session host-key)
|
|
|
|
|
|
|
|
|
|
;; Authenticate against ~/.ssh/known_hosts.
|
|
|
|
|
(match (authenticate-server session)
|
|
|
|
|
('ok #f)
|
|
|
|
|
(reason
|
2020-07-25 12:26:18 -04:00
|
|
|
|
(raise (formatted-message (G_ "failed to authenticate \
|
2019-12-03 15:41:54 -05:00
|
|
|
|
server at '~a': ~a")
|
2019-12-03 15:48:02 -05:00
|
|
|
|
(session-get session 'host)
|
2020-07-25 12:26:18 -04:00
|
|
|
|
reason)))))
|
2019-12-03 15:41:54 -05:00
|
|
|
|
|
2017-04-21 12:44:59 -04:00
|
|
|
|
;; Use public key authentication, via the SSH agent if it's available.
|
|
|
|
|
(match (userauth-public-key/auto! session)
|
|
|
|
|
('success
|
2019-10-15 06:33:46 -04:00
|
|
|
|
(session-set! session 'timeout timeout)
|
2017-04-21 12:44:59 -04:00
|
|
|
|
session)
|
|
|
|
|
(x
|
2020-02-19 05:13:54 -05:00
|
|
|
|
(match (userauth-gssapi! session)
|
|
|
|
|
('success
|
|
|
|
|
(session-set! session 'timeout timeout)
|
|
|
|
|
session)
|
|
|
|
|
(x
|
|
|
|
|
(disconnect! session)
|
|
|
|
|
(raise (condition
|
|
|
|
|
(&message
|
|
|
|
|
(message (format #f (G_ "SSH authentication failed for '~a': ~a~%")
|
|
|
|
|
host (get-error session)))))))))))
|
2017-04-21 12:44:59 -04:00
|
|
|
|
(x
|
|
|
|
|
;; Connection failed or timeout expired.
|
2020-07-25 12:26:18 -04:00
|
|
|
|
(raise (formatted-message (G_ "SSH connection to '~a' failed: ~a~%")
|
|
|
|
|
host (get-error session)))))))
|
2017-04-21 12:44:59 -04:00
|
|
|
|
|
2019-08-15 04:05:04 -04:00
|
|
|
|
(define* (remote-inferior session #:optional become-command)
|
|
|
|
|
"Return a remote inferior for the given SESSION. If BECOME-COMMAND is
|
|
|
|
|
given, use that to invoke the remote Guile REPL."
|
|
|
|
|
(let* ((repl-command (append (or become-command '())
|
|
|
|
|
'("guix" "repl" "-t" "machine")))
|
|
|
|
|
(pipe (apply open-remote-pipe* session OPEN_BOTH repl-command)))
|
|
|
|
|
(when (eof-object? (peek-char pipe))
|
2019-08-28 12:51:12 -04:00
|
|
|
|
(let ((status (channel-get-exit-status pipe)))
|
|
|
|
|
(close-port pipe)
|
2020-07-25 12:26:18 -04:00
|
|
|
|
(raise (formatted-message (G_ "remote command '~{~a~^ ~}' failed \
|
2019-08-28 12:51:12 -04:00
|
|
|
|
with status ~a")
|
2020-07-25 12:26:18 -04:00
|
|
|
|
repl-command status))))
|
2018-12-23 18:55:07 -05:00
|
|
|
|
(port->inferior pipe)))
|
|
|
|
|
|
2019-08-15 04:05:04 -04:00
|
|
|
|
(define* (inferior-remote-eval exp session #:optional become-command)
|
offload: Use (guix inferior) instead of (ssh dist node).
Using inferiors and thus 'guix repl' simplifies setup on build
machines (no need to worry about GUILE_LOAD_PATH etc.)
Furthermore, the 'guix repl -t machine' protocol running in a remote
pipe addresses several issues with the current implementation of nodes
and RREPLs in Guile-SSH: fewer round trips, doesn't leave a 'guile
--listen' process behind it, stateless (since a new process is started
each time), more efficient (the SSH channel can be reused), more
reliable (no 'pgrep', 'pkill', and shellology; see
<https://github.com/artyom-poptsov/guile-ssh/issues/11> as an example.)
* guix/ssh.scm (inferior-remote-eval): New procedure.
(send-files): Use it instead of 'make-node' and 'node-eval'.
* guix/scripts/offload.scm (node-guile-version): New procedure.
(node-free-disk-space, transfer-and-offload, node-load)
(choose-build-machine, assert-node-has-guix): Use 'remote-inferior'
instead of 'make-node' and 'inferior-eval' instead of 'node-eval'.
(assert-node-can-import, assert-node-can-export): Likewise, and add
'session' parameter.
(check-machine-availability): Likewise, and add calls to
'close-inferior' and 'disconnect!'.
(check-machine-status): Likewise.
* doc/guix.texi (Daemon Offload Setup): Remove bit related to 'guile' in
$PATH and $GUILE_LOAD_PATH; mention 'guix' alone.
2018-12-24 09:40:04 -05:00
|
|
|
|
"Evaluate EXP in a new inferior running in SESSION, and close the inferior
|
2019-08-15 04:05:04 -04:00
|
|
|
|
right away. If BECOME-COMMAND is given, use that to invoke the remote Guile
|
|
|
|
|
REPL."
|
|
|
|
|
(let ((inferior (remote-inferior session become-command)))
|
offload: Use (guix inferior) instead of (ssh dist node).
Using inferiors and thus 'guix repl' simplifies setup on build
machines (no need to worry about GUILE_LOAD_PATH etc.)
Furthermore, the 'guix repl -t machine' protocol running in a remote
pipe addresses several issues with the current implementation of nodes
and RREPLs in Guile-SSH: fewer round trips, doesn't leave a 'guile
--listen' process behind it, stateless (since a new process is started
each time), more efficient (the SSH channel can be reused), more
reliable (no 'pgrep', 'pkill', and shellology; see
<https://github.com/artyom-poptsov/guile-ssh/issues/11> as an example.)
* guix/ssh.scm (inferior-remote-eval): New procedure.
(send-files): Use it instead of 'make-node' and 'node-eval'.
* guix/scripts/offload.scm (node-guile-version): New procedure.
(node-free-disk-space, transfer-and-offload, node-load)
(choose-build-machine, assert-node-has-guix): Use 'remote-inferior'
instead of 'make-node' and 'inferior-eval' instead of 'node-eval'.
(assert-node-can-import, assert-node-can-export): Likewise, and add
'session' parameter.
(check-machine-availability): Likewise, and add calls to
'close-inferior' and 'disconnect!'.
(check-machine-status): Likewise.
* doc/guix.texi (Daemon Offload Setup): Remove bit related to 'guile' in
$PATH and $GUILE_LOAD_PATH; mention 'guix' alone.
2018-12-24 09:40:04 -05:00
|
|
|
|
(dynamic-wind
|
|
|
|
|
(const #t)
|
|
|
|
|
(lambda ()
|
|
|
|
|
(inferior-eval exp inferior))
|
|
|
|
|
(lambda ()
|
|
|
|
|
;; Close INFERIOR right away to prevent finalization from happening in
|
|
|
|
|
;; another thread at the wrong time (see
|
|
|
|
|
;; <https://bugs.gnu.org/26976>.)
|
|
|
|
|
(close-inferior inferior)))))
|
|
|
|
|
|
2020-12-18 05:42:57 -05:00
|
|
|
|
(define (remote-run exp session)
|
|
|
|
|
"Run EXP in a new process in SESSION and return a remote pipe.
|
|
|
|
|
|
|
|
|
|
Unlike 'inferior-remote-eval', this is used for side effects and may
|
|
|
|
|
communicate over stdout/stdin as it sees fit. EXP is typically a loop that
|
|
|
|
|
processes data from stdin and/or sends data to stdout. The assumption is that
|
|
|
|
|
EXP never returns or calls 'primitive-exit' when it's done."
|
|
|
|
|
(define pipe
|
|
|
|
|
(open-remote-pipe* session OPEN_BOTH
|
|
|
|
|
"guix" "repl" "-t" "machine"))
|
|
|
|
|
|
|
|
|
|
(match (read pipe)
|
|
|
|
|
(('repl-version _ ...)
|
|
|
|
|
#t)
|
|
|
|
|
((? eof-object?)
|
|
|
|
|
(close-port pipe)
|
|
|
|
|
(raise (formatted-message
|
|
|
|
|
(G_ "failed to start 'guix repl' on '~a'")
|
|
|
|
|
(session-get session 'host)))))
|
|
|
|
|
|
|
|
|
|
;; Disable buffering so 'guix repl' does not read more than what's really
|
|
|
|
|
;; sent to itself.
|
|
|
|
|
(write '(setvbuf (current-input-port) 'none) pipe)
|
|
|
|
|
(force-output pipe)
|
|
|
|
|
|
|
|
|
|
;; Read the reply and subsequent newline.
|
|
|
|
|
(read pipe) (get-u8 pipe)
|
|
|
|
|
|
|
|
|
|
(write exp pipe)
|
|
|
|
|
(force-output pipe)
|
|
|
|
|
|
|
|
|
|
;; From now on, we stop following the inferior protocol.
|
|
|
|
|
pipe)
|
|
|
|
|
|
2017-04-21 13:01:03 -04:00
|
|
|
|
(define* (remote-daemon-channel session
|
|
|
|
|
#:optional
|
|
|
|
|
(socket-name
|
|
|
|
|
"/var/guix/daemon-socket/socket"))
|
|
|
|
|
"Return an input/output port (an SSH channel) to the daemon at SESSION."
|
2016-12-30 17:22:27 -05:00
|
|
|
|
(define redirect
|
|
|
|
|
;; Code run in SESSION to redirect the remote process' stdin/stdout to the
|
|
|
|
|
;; daemon's socket, à la socat. The SSH protocol supports forwarding to
|
|
|
|
|
;; Unix-domain sockets but libssh doesn't have an API for that, hence this
|
|
|
|
|
;; hack.
|
|
|
|
|
`(begin
|
2018-01-10 11:52:23 -05:00
|
|
|
|
(use-modules (ice-9 match) (rnrs io ports)
|
2018-01-12 17:32:25 -05:00
|
|
|
|
(rnrs bytevectors))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
2021-05-05 17:26:27 -04:00
|
|
|
|
(define connect-to-daemon
|
|
|
|
|
;; XXX: 'connect-to-daemon' used to be private and before that it
|
|
|
|
|
;; didn't even exist, hence these shenanigans.
|
|
|
|
|
(let ((connect-to-daemon
|
|
|
|
|
(false-if-exception (module-ref (resolve-module '(guix store))
|
|
|
|
|
'connect-to-daemon))))
|
|
|
|
|
(lambda (uri)
|
|
|
|
|
(if connect-to-daemon
|
|
|
|
|
(connect-to-daemon uri)
|
|
|
|
|
(let ((sock (socket AF_UNIX SOCK_STREAM 0)))
|
|
|
|
|
(connect sock AF_UNIX ,socket-name)
|
|
|
|
|
sock)))))
|
|
|
|
|
|
|
|
|
|
;; Use 'connect-to-daemon' to honor GUIX_DAEMON_SOCKET.
|
|
|
|
|
(let ((sock (connect-to-daemon (or (getenv "GUIX_DAEMON_SOCKET")
|
2021-05-11 06:21:12 -04:00
|
|
|
|
,socket-name)))
|
2018-02-07 16:31:48 -05:00
|
|
|
|
(stdin (current-input-port))
|
|
|
|
|
(stdout (current-output-port))
|
|
|
|
|
(select* (lambda (read write except)
|
|
|
|
|
;; This is a workaround for
|
|
|
|
|
;; <https://bugs.gnu.org/30365> in Guile < 2.2.4:
|
|
|
|
|
;; since 'select' sometimes returns non-empty sets for
|
|
|
|
|
;; no good reason, call 'select' a second time with a
|
|
|
|
|
;; zero timeout to filter out incorrect replies.
|
|
|
|
|
(match (select read write except)
|
|
|
|
|
((read write except)
|
|
|
|
|
(select read write except 0))))))
|
2019-01-07 04:57:18 -05:00
|
|
|
|
(setvbuf stdout 'none)
|
2018-01-12 17:32:25 -05:00
|
|
|
|
|
|
|
|
|
;; Use buffered ports so that 'get-bytevector-some' returns up to the
|
|
|
|
|
;; whole buffer like read(2) would--see <https://bugs.gnu.org/30066>.
|
2019-01-07 04:57:18 -05:00
|
|
|
|
(setvbuf stdin 'block 65536)
|
|
|
|
|
(setvbuf sock 'block 65536)
|
2018-01-12 17:32:25 -05:00
|
|
|
|
|
2016-12-30 17:22:27 -05:00
|
|
|
|
(let loop ()
|
2018-02-07 16:31:48 -05:00
|
|
|
|
(match (select* (list stdin sock) '() '())
|
2018-01-10 17:06:08 -05:00
|
|
|
|
((reads () ())
|
2016-12-30 17:22:27 -05:00
|
|
|
|
(when (memq stdin reads)
|
2018-01-12 17:32:25 -05:00
|
|
|
|
(match (get-bytevector-some stdin)
|
|
|
|
|
((? eof-object?)
|
2016-12-30 17:22:27 -05:00
|
|
|
|
(primitive-exit 0))
|
2018-01-12 17:32:25 -05:00
|
|
|
|
(bv
|
|
|
|
|
(put-bytevector sock bv)
|
|
|
|
|
(force-output sock))))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
(when (memq sock reads)
|
2018-01-12 17:32:25 -05:00
|
|
|
|
(match (get-bytevector-some sock)
|
|
|
|
|
((? eof-object?)
|
2016-12-30 17:22:27 -05:00
|
|
|
|
(primitive-exit 0))
|
2018-01-12 17:32:25 -05:00
|
|
|
|
(bv
|
|
|
|
|
(put-bytevector stdout bv))))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
(loop))
|
|
|
|
|
(_
|
|
|
|
|
(primitive-exit 1)))))))
|
|
|
|
|
|
2020-12-18 05:42:57 -05:00
|
|
|
|
(remote-run redirect session))
|
2017-04-21 13:01:03 -04:00
|
|
|
|
|
|
|
|
|
(define* (connect-to-remote-daemon session
|
|
|
|
|
#:optional
|
|
|
|
|
(socket-name
|
|
|
|
|
"/var/guix/daemon-socket/socket"))
|
|
|
|
|
"Connect to the remote build daemon listening on SOCKET-NAME over SESSION,
|
2019-01-21 09:32:35 -05:00
|
|
|
|
an SSH session. Return a <store-connection> object."
|
2021-05-05 17:24:15 -04:00
|
|
|
|
(guard (c ((store-connection-error? c)
|
|
|
|
|
;; Raise a more focused error condition.
|
|
|
|
|
(raise (formatted-message
|
|
|
|
|
(G_ "failed to connect over SSH to daemon at '~a', socket ~a")
|
|
|
|
|
(session-get session 'host)
|
|
|
|
|
socket-name))))
|
|
|
|
|
(open-connection #:port (remote-daemon-channel session socket-name))))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
|
|
|
|
(define (store-import-channel session)
|
|
|
|
|
"Return an output port to which archives to be exported to SESSION's store
|
|
|
|
|
can be written."
|
|
|
|
|
;; Using the 'import-paths' RPC on a remote store would be slow because it
|
|
|
|
|
;; makes a round trip every time 32 KiB have been transferred. This
|
|
|
|
|
;; procedure instead opens a separate channel to use the remote
|
|
|
|
|
;; 'import-paths' procedure, which consumes all the data in a single round
|
2017-06-04 16:53:40 -04:00
|
|
|
|
;; trip. This optimizes the successful case at the expense of error
|
|
|
|
|
;; conditions: errors can only be reported once all the input has been
|
|
|
|
|
;; consumed.
|
2016-12-30 17:22:27 -05:00
|
|
|
|
(define import
|
|
|
|
|
`(begin
|
2017-06-04 16:53:40 -04:00
|
|
|
|
(use-modules (guix) (srfi srfi-34)
|
|
|
|
|
(rnrs io ports) (rnrs bytevectors))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
2017-06-04 16:53:40 -04:00
|
|
|
|
(define (consume-input port)
|
|
|
|
|
(let ((bv (make-bytevector 32768)))
|
|
|
|
|
(let loop ()
|
|
|
|
|
(let ((n (get-bytevector-n! port bv 0
|
|
|
|
|
(bytevector-length bv))))
|
|
|
|
|
(unless (eof-object? n)
|
|
|
|
|
(loop))))))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
2017-06-04 16:53:40 -04:00
|
|
|
|
;; Upon completion, write an sexp that denotes the status.
|
|
|
|
|
(write
|
|
|
|
|
(catch #t
|
|
|
|
|
(lambda ()
|
|
|
|
|
(guard (c ((nix-protocol-error? c)
|
|
|
|
|
;; Consume all the input since the only time we can
|
|
|
|
|
;; report the error is after everything has been
|
|
|
|
|
;; consumed.
|
|
|
|
|
(consume-input (current-input-port))
|
|
|
|
|
(list 'protocol-error (nix-protocol-error-message c))))
|
|
|
|
|
(with-store store
|
2020-08-07 05:26:07 -04:00
|
|
|
|
(write '(importing)) ;we're ready
|
|
|
|
|
(force-output)
|
|
|
|
|
|
2019-01-07 04:57:18 -05:00
|
|
|
|
(setvbuf (current-input-port) 'none)
|
2017-06-04 16:53:40 -04:00
|
|
|
|
(import-paths store (current-input-port))
|
|
|
|
|
'(success))))
|
|
|
|
|
(lambda args
|
2020-12-18 05:42:57 -05:00
|
|
|
|
(cons 'error args))))
|
|
|
|
|
(primitive-exit 0)))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
2020-12-18 05:42:57 -05:00
|
|
|
|
(remote-run import session))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
2016-12-31 12:13:29 -05:00
|
|
|
|
(define* (store-export-channel session files
|
|
|
|
|
#:key recursive?)
|
2016-12-30 17:22:27 -05:00
|
|
|
|
"Return an input port from which an export of FILES from SESSION's store can
|
2016-12-31 12:13:29 -05:00
|
|
|
|
be read. When RECURSIVE? is true, the closure of FILES is exported."
|
2016-12-30 17:22:27 -05:00
|
|
|
|
;; Same as above: this is more efficient than calling 'export-paths' on a
|
|
|
|
|
;; remote store.
|
|
|
|
|
(define export
|
|
|
|
|
`(begin
|
2018-01-07 16:13:45 -05:00
|
|
|
|
(use-modules (guix) (srfi srfi-1)
|
|
|
|
|
(srfi srfi-26) (srfi srfi-34))
|
|
|
|
|
|
|
|
|
|
(guard (c ((nix-connection-error? c)
|
|
|
|
|
(write `(connection-error ,(nix-connection-error-file c)
|
2020-12-18 05:42:57 -05:00
|
|
|
|
,(nix-connection-error-code c)))
|
|
|
|
|
(primitive-exit 1))
|
2018-01-07 16:13:45 -05:00
|
|
|
|
((nix-protocol-error? c)
|
|
|
|
|
(write `(protocol-error ,(nix-protocol-error-status c)
|
2020-12-18 05:42:57 -05:00
|
|
|
|
,(nix-protocol-error-message c)))
|
|
|
|
|
(primitive-exit 2))
|
2018-01-07 16:13:45 -05:00
|
|
|
|
(else
|
2020-12-18 05:42:57 -05:00
|
|
|
|
(write `(exception))
|
|
|
|
|
(primitive-exit 3)))
|
2018-01-07 16:13:45 -05:00
|
|
|
|
(with-store store
|
|
|
|
|
(let* ((files ',files)
|
|
|
|
|
(invalid (remove (cut valid-path? store <>)
|
|
|
|
|
files)))
|
|
|
|
|
(unless (null? invalid)
|
|
|
|
|
(write `(invalid-items ,invalid))
|
|
|
|
|
(exit 1))
|
|
|
|
|
|
2018-01-12 16:32:52 -05:00
|
|
|
|
;; TODO: When RECURSIVE? is true, we could send the list of store
|
|
|
|
|
;; items in the closure so that the other end can filter out
|
|
|
|
|
;; those it already has.
|
|
|
|
|
|
2018-01-07 16:13:45 -05:00
|
|
|
|
(write '(exporting)) ;we're ready
|
|
|
|
|
(force-output)
|
|
|
|
|
|
2019-01-07 04:57:18 -05:00
|
|
|
|
(setvbuf (current-output-port) 'none)
|
2018-01-07 16:13:45 -05:00
|
|
|
|
(export-paths store files (current-output-port)
|
2020-12-18 05:42:57 -05:00
|
|
|
|
#:recursive? ,recursive?)
|
|
|
|
|
(primitive-exit 0))))))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
2020-12-18 05:42:57 -05:00
|
|
|
|
(remote-run export session))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
2019-08-09 14:24:57 -04:00
|
|
|
|
(define (remote-system session)
|
|
|
|
|
"Return the system type as expected by Nix, usually ARCHITECTURE-KERNEL, of
|
|
|
|
|
the machine on the other end of SESSION."
|
|
|
|
|
(inferior-remote-eval '(begin (use-modules (guix utils)) (%current-system))
|
|
|
|
|
session))
|
2019-08-15 04:06:41 -04:00
|
|
|
|
|
2019-08-15 12:09:11 -04:00
|
|
|
|
(define* (remote-authorize-signing-key key session #:optional become-command)
|
2019-08-15 04:06:41 -04:00
|
|
|
|
"Send KEY, a canonical sexp containing a public key, over SESSION and add it
|
|
|
|
|
to the system ACL file if it has not yet been authorized."
|
|
|
|
|
(inferior-remote-eval
|
|
|
|
|
`(begin
|
|
|
|
|
(use-modules (guix build utils)
|
|
|
|
|
(guix pki)
|
|
|
|
|
(guix utils)
|
|
|
|
|
(gcrypt pk-crypto)
|
|
|
|
|
(srfi srfi-26))
|
|
|
|
|
|
|
|
|
|
(define acl (current-acl))
|
|
|
|
|
(define key (string->canonical-sexp ,(canonical-sexp->string key)))
|
|
|
|
|
|
|
|
|
|
(unless (authorized-key? key)
|
|
|
|
|
(let ((acl (public-keys->acl (cons key (acl->public-keys acl)))))
|
|
|
|
|
(mkdir-p (dirname %acl-file))
|
|
|
|
|
(with-atomic-file-output %acl-file
|
|
|
|
|
(cut write-acl acl <>)))))
|
2019-08-15 12:09:11 -04:00
|
|
|
|
session
|
|
|
|
|
become-command))
|
2019-08-09 14:24:57 -04:00
|
|
|
|
|
2020-08-31 05:36:26 -04:00
|
|
|
|
(define (prepare-to-send store host log-port items)
|
|
|
|
|
"Notify the user that we're about to send ITEMS to HOST. Return three
|
|
|
|
|
values allowing 'notify-send-progress' to track the state of this transfer."
|
|
|
|
|
(let* ((count (length items))
|
|
|
|
|
(sizes (fold (lambda (item result)
|
|
|
|
|
(vhash-cons item
|
|
|
|
|
(path-info-nar-size
|
|
|
|
|
(query-path-info store item))
|
|
|
|
|
result))
|
|
|
|
|
vlist-null
|
|
|
|
|
items))
|
|
|
|
|
(total (vlist-fold (lambda (pair result)
|
|
|
|
|
(match pair
|
|
|
|
|
((_ . size) (+ size result))))
|
|
|
|
|
0
|
|
|
|
|
sizes)))
|
|
|
|
|
(info (N_ "sending ~a store item (~h MiB) to '~a'...~%"
|
|
|
|
|
"sending ~a store items (~h MiB) to '~a'...~%" count)
|
|
|
|
|
count
|
|
|
|
|
(inexact->exact (round (/ total (expt 2. 20))))
|
|
|
|
|
host)
|
|
|
|
|
|
|
|
|
|
(values log-port sizes total 0)))
|
|
|
|
|
|
|
|
|
|
(define (notify-transfer-progress item port sizes total sent)
|
|
|
|
|
"Notify the user that we've already transferred SENT bytes out of TOTAL.
|
|
|
|
|
Use SIZES to determine the size of ITEM, which is about to be sent."
|
|
|
|
|
(define (display-bar %)
|
|
|
|
|
(erase-current-line port)
|
|
|
|
|
(format port "~3@a% ~a"
|
|
|
|
|
(inexact->exact (round (* 100. (/ sent total))))
|
|
|
|
|
(progress-bar % (- (max (current-terminal-columns) 5) 5)))
|
|
|
|
|
(force-output port))
|
|
|
|
|
|
2020-09-02 17:58:34 -04:00
|
|
|
|
(unless (zero? total)
|
|
|
|
|
(let ((% (* 100. (/ sent total))))
|
|
|
|
|
(match (vhash-assoc item sizes)
|
|
|
|
|
(#f
|
|
|
|
|
(display-bar %)
|
|
|
|
|
(values port sizes total sent))
|
|
|
|
|
((_ . size)
|
|
|
|
|
(display-bar %)
|
|
|
|
|
(values port sizes total (+ sent size)))))))
|
2020-08-31 05:36:26 -04:00
|
|
|
|
|
|
|
|
|
(define (notify-transfer-completion port . args)
|
|
|
|
|
"Notify the user that the transfer has completed."
|
|
|
|
|
(apply notify-transfer-progress "" port args) ;display the 100% progress bar
|
|
|
|
|
(erase-current-line port)
|
|
|
|
|
(force-output port))
|
|
|
|
|
|
2016-12-30 17:22:27 -05:00
|
|
|
|
(define* (send-files local files remote
|
2016-12-31 12:13:29 -05:00
|
|
|
|
#:key
|
|
|
|
|
recursive?
|
|
|
|
|
(log-port (current-error-port)))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
"Send the subset of FILES from LOCAL (a local store) that's missing to
|
2016-12-31 12:32:15 -05:00
|
|
|
|
REMOTE, a remote store. When RECURSIVE? is true, send the closure of FILES.
|
|
|
|
|
Return the list of store items actually sent."
|
2016-12-30 17:22:27 -05:00
|
|
|
|
;; Compute the subset of FILES missing on SESSION and send them.
|
2016-12-31 12:13:29 -05:00
|
|
|
|
(let* ((files (if recursive? (requisites local files) files))
|
2019-01-21 09:32:35 -05:00
|
|
|
|
(session (channel-get-session (store-connection-socket remote)))
|
2020-09-02 17:55:20 -04:00
|
|
|
|
(missing (inferior-remote-eval
|
offload: Use (guix inferior) instead of (ssh dist node).
Using inferiors and thus 'guix repl' simplifies setup on build
machines (no need to worry about GUILE_LOAD_PATH etc.)
Furthermore, the 'guix repl -t machine' protocol running in a remote
pipe addresses several issues with the current implementation of nodes
and RREPLs in Guile-SSH: fewer round trips, doesn't leave a 'guile
--listen' process behind it, stateless (since a new process is started
each time), more efficient (the SSH channel can be reused), more
reliable (no 'pgrep', 'pkill', and shellology; see
<https://github.com/artyom-poptsov/guile-ssh/issues/11> as an example.)
* guix/ssh.scm (inferior-remote-eval): New procedure.
(send-files): Use it instead of 'make-node' and 'node-eval'.
* guix/scripts/offload.scm (node-guile-version): New procedure.
(node-free-disk-space, transfer-and-offload, node-load)
(choose-build-machine, assert-node-has-guix): Use 'remote-inferior'
instead of 'make-node' and 'inferior-eval' instead of 'node-eval'.
(assert-node-can-import, assert-node-can-export): Likewise, and add
'session' parameter.
(check-machine-availability): Likewise, and add calls to
'close-inferior' and 'disconnect!'.
(check-machine-status): Likewise.
* doc/guix.texi (Daemon Offload Setup): Remove bit related to 'guile' in
$PATH and $GUILE_LOAD_PATH; mention 'guix' alone.
2018-12-24 09:40:04 -05:00
|
|
|
|
`(begin
|
|
|
|
|
(use-modules (guix)
|
|
|
|
|
(srfi srfi-1) (srfi srfi-26))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
offload: Use (guix inferior) instead of (ssh dist node).
Using inferiors and thus 'guix repl' simplifies setup on build
machines (no need to worry about GUILE_LOAD_PATH etc.)
Furthermore, the 'guix repl -t machine' protocol running in a remote
pipe addresses several issues with the current implementation of nodes
and RREPLs in Guile-SSH: fewer round trips, doesn't leave a 'guile
--listen' process behind it, stateless (since a new process is started
each time), more efficient (the SSH channel can be reused), more
reliable (no 'pgrep', 'pkill', and shellology; see
<https://github.com/artyom-poptsov/guile-ssh/issues/11> as an example.)
* guix/ssh.scm (inferior-remote-eval): New procedure.
(send-files): Use it instead of 'make-node' and 'node-eval'.
* guix/scripts/offload.scm (node-guile-version): New procedure.
(node-free-disk-space, transfer-and-offload, node-load)
(choose-build-machine, assert-node-has-guix): Use 'remote-inferior'
instead of 'make-node' and 'inferior-eval' instead of 'node-eval'.
(assert-node-can-import, assert-node-can-export): Likewise, and add
'session' parameter.
(check-machine-availability): Likewise, and add calls to
'close-inferior' and 'disconnect!'.
(check-machine-status): Likewise.
* doc/guix.texi (Daemon Offload Setup): Remove bit related to 'guile' in
$PATH and $GUILE_LOAD_PATH; mention 'guix' alone.
2018-12-24 09:40:04 -05:00
|
|
|
|
(with-store store
|
|
|
|
|
(remove (cut valid-path? store <>)
|
|
|
|
|
',files)))
|
|
|
|
|
session))
|
2020-08-31 05:36:26 -04:00
|
|
|
|
(port (store-import-channel session))
|
|
|
|
|
(host (session-get session 'host)))
|
2020-08-07 05:26:07 -04:00
|
|
|
|
;; Make sure everything alright on the remote side.
|
|
|
|
|
(match (read port)
|
|
|
|
|
(('importing)
|
|
|
|
|
#t)
|
|
|
|
|
(sexp
|
|
|
|
|
(handle-import/export-channel-error sexp remote)))
|
|
|
|
|
|
2016-12-30 17:22:27 -05:00
|
|
|
|
;; Send MISSING in topological order.
|
2020-08-31 05:36:26 -04:00
|
|
|
|
(let ((tty? (isatty? log-port)))
|
|
|
|
|
(export-paths local missing port
|
|
|
|
|
#:start (cut prepare-to-send local host log-port <>)
|
|
|
|
|
#:progress (if tty? notify-transfer-progress (const #f))
|
|
|
|
|
#:finish (if tty? notify-transfer-completion (const #f))))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
|
|
|
|
;; Tell the remote process that we're done. (In theory the end-of-archive
|
|
|
|
|
;; mark of 'export-paths' would be enough, but in practice it's not.)
|
|
|
|
|
(channel-send-eof port)
|
|
|
|
|
|
2017-06-04 16:53:40 -04:00
|
|
|
|
;; Wait for completion of the remote process and read the status sexp from
|
2018-11-24 13:38:55 -05:00
|
|
|
|
;; PORT. Wait for the exit status only when 'read' completed; otherwise,
|
|
|
|
|
;; we might wait forever if the other end is stuck.
|
2017-06-04 16:53:40 -04:00
|
|
|
|
(let* ((result (false-if-exception (read port)))
|
2018-11-24 13:38:55 -05:00
|
|
|
|
(status (and result
|
|
|
|
|
(zero? (channel-get-exit-status port)))))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
(close-port port)
|
2017-06-04 16:53:40 -04:00
|
|
|
|
(match result
|
|
|
|
|
(('success . _)
|
|
|
|
|
missing)
|
|
|
|
|
(('protocol-error message)
|
|
|
|
|
(raise (condition
|
store: Rename '&nix-error' to '&store-error'.
* guix/store.scm (&nix-error): Rename to...
(&store-error): ... this, and adjust users.
(&nix-connection-error): Rename to...
(&store-connection-error): ... this, and adjust users.
(&nix-protocol-error): Rename to...
(&store-protocol-error): ... this, adjust users.
(&nix-error, &nix-connection-error, &nix-protocol-error): Define these
condition types and their getters as deprecrated aliases.
* build-aux/run-system-tests.scm, guix/derivations.scm,
guix/grafts.scm, guix/scripts/challenge.scm,
guix/scripts/graph.scm, guix/scripts/lint.scm,
guix/scripts/offload.scm, guix/serialization.scm,
guix/ssh.scm, guix/tests.scm, guix/ui.scm,
tests/derivations.scm, tests/gexp.scm, tests/guix-daemon.sh,
tests/packages.scm, tests/store.scm, doc/guix.texi: Adjust to use the
new names.
2019-01-21 11:41:11 -05:00
|
|
|
|
(&store-protocol-error (message message) (status 42)))))
|
2017-06-04 16:53:40 -04:00
|
|
|
|
(('error key args ...)
|
|
|
|
|
(raise (condition
|
store: Rename '&nix-error' to '&store-error'.
* guix/store.scm (&nix-error): Rename to...
(&store-error): ... this, and adjust users.
(&nix-connection-error): Rename to...
(&store-connection-error): ... this, and adjust users.
(&nix-protocol-error): Rename to...
(&store-protocol-error): ... this, adjust users.
(&nix-error, &nix-connection-error, &nix-protocol-error): Define these
condition types and their getters as deprecrated aliases.
* build-aux/run-system-tests.scm, guix/derivations.scm,
guix/grafts.scm, guix/scripts/challenge.scm,
guix/scripts/graph.scm, guix/scripts/lint.scm,
guix/scripts/offload.scm, guix/serialization.scm,
guix/ssh.scm, guix/tests.scm, guix/ui.scm,
tests/derivations.scm, tests/gexp.scm, tests/guix-daemon.sh,
tests/packages.scm, tests/store.scm, doc/guix.texi: Adjust to use the
new names.
2019-01-21 11:41:11 -05:00
|
|
|
|
(&store-protocol-error
|
2017-06-04 16:53:40 -04:00
|
|
|
|
(message (call-with-output-string
|
|
|
|
|
(lambda (port)
|
|
|
|
|
(print-exception port #f key args))))
|
|
|
|
|
(status 43)))))
|
|
|
|
|
(_
|
|
|
|
|
(raise (condition
|
store: Rename '&nix-error' to '&store-error'.
* guix/store.scm (&nix-error): Rename to...
(&store-error): ... this, and adjust users.
(&nix-connection-error): Rename to...
(&store-connection-error): ... this, and adjust users.
(&nix-protocol-error): Rename to...
(&store-protocol-error): ... this, adjust users.
(&nix-error, &nix-connection-error, &nix-protocol-error): Define these
condition types and their getters as deprecrated aliases.
* build-aux/run-system-tests.scm, guix/derivations.scm,
guix/grafts.scm, guix/scripts/challenge.scm,
guix/scripts/graph.scm, guix/scripts/lint.scm,
guix/scripts/offload.scm, guix/serialization.scm,
guix/ssh.scm, guix/tests.scm, guix/ui.scm,
tests/derivations.scm, tests/gexp.scm, tests/guix-daemon.sh,
tests/packages.scm, tests/store.scm, doc/guix.texi: Adjust to use the
new names.
2019-01-21 11:41:11 -05:00
|
|
|
|
(&store-protocol-error
|
2017-06-04 16:53:40 -04:00
|
|
|
|
(message "unknown error while sending files over SSH")
|
|
|
|
|
(status 44)))))))))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
|
|
|
|
(define (remote-store-session remote)
|
|
|
|
|
"Return the SSH channel beneath REMOTE, a remote store as returned by
|
|
|
|
|
'connect-to-remote-daemon', or #f."
|
2019-01-21 09:32:35 -05:00
|
|
|
|
(channel-get-session (store-connection-socket remote)))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
|
|
|
|
(define (remote-store-host remote)
|
|
|
|
|
"Return the name of the host REMOTE is connected to, where REMOTE is a
|
|
|
|
|
remote store as returned by 'connect-to-remote-daemon'."
|
|
|
|
|
(match (remote-store-session remote)
|
|
|
|
|
(#f #f)
|
|
|
|
|
((? session? session)
|
|
|
|
|
(session-get session 'host))))
|
|
|
|
|
|
2016-12-31 12:13:29 -05:00
|
|
|
|
(define* (file-retrieval-port files remote
|
|
|
|
|
#:key recursive?)
|
2016-12-30 17:22:27 -05:00
|
|
|
|
"Return an input port from which to retrieve FILES (a list of store items)
|
|
|
|
|
from REMOTE, along with the number of items to retrieve (lower than or equal
|
|
|
|
|
to the length of FILES.)"
|
2016-12-31 12:13:29 -05:00
|
|
|
|
(values (store-export-channel (remote-store-session remote) files
|
|
|
|
|
#:recursive? recursive?)
|
|
|
|
|
(length files))) ;XXX: inaccurate when RECURSIVE? is true
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
2018-01-07 16:13:45 -05:00
|
|
|
|
(define-syntax raise-error
|
|
|
|
|
(syntax-rules (=>)
|
|
|
|
|
((_ fmt args ... (=> hint-fmt hint-args ...))
|
|
|
|
|
(raise (condition
|
|
|
|
|
(&message
|
|
|
|
|
(message (format #f fmt args ...)))
|
|
|
|
|
(&fix-hint
|
|
|
|
|
(hint (format #f hint-fmt hint-args ...))))))
|
|
|
|
|
((_ fmt args ...)
|
|
|
|
|
(raise (condition
|
|
|
|
|
(&message
|
|
|
|
|
(message (format #f fmt args ...))))))))
|
|
|
|
|
|
2020-08-07 05:26:07 -04:00
|
|
|
|
(define (handle-import/export-channel-error sexp remote)
|
|
|
|
|
"Report an error corresponding to SEXP, the EOF object or an sexp read from
|
|
|
|
|
REMOTE."
|
|
|
|
|
(match sexp
|
|
|
|
|
((? eof-object?)
|
|
|
|
|
(report-guile-error (remote-store-host remote)))
|
|
|
|
|
(('connection-error file code . _)
|
|
|
|
|
(raise-error (G_ "failed to connect to '~A' on remote host '~A': ~a")
|
|
|
|
|
file (remote-store-host remote) (strerror code)))
|
|
|
|
|
(('invalid-items items . _)
|
|
|
|
|
(raise-error (N_ "no such item on remote host '~A':~{ ~a~}"
|
|
|
|
|
"no such items on remote host '~A':~{ ~a~}"
|
|
|
|
|
(length items))
|
|
|
|
|
(remote-store-host remote) items))
|
|
|
|
|
(('protocol-error status message . _)
|
|
|
|
|
(raise-error (G_ "protocol error on remote host '~A': ~a")
|
|
|
|
|
(remote-store-host remote) message))
|
|
|
|
|
(_
|
|
|
|
|
(raise-error (G_ "failed to retrieve store items from '~a'")
|
|
|
|
|
(remote-store-host remote)))))
|
|
|
|
|
|
2018-01-12 16:20:30 -05:00
|
|
|
|
(define* (retrieve-files* files remote
|
|
|
|
|
#:key recursive? (log-port (current-error-port))
|
|
|
|
|
(import (const #f)))
|
|
|
|
|
"Pass IMPORT an input port from which to read the sequence of FILES coming
|
|
|
|
|
from REMOTE. When RECURSIVE? is true, retrieve the closure of FILES."
|
2016-12-30 17:22:27 -05:00
|
|
|
|
(let-values (((port count)
|
2016-12-31 12:13:29 -05:00
|
|
|
|
(file-retrieval-port files remote
|
|
|
|
|
#:recursive? recursive?)))
|
2018-01-07 16:13:45 -05:00
|
|
|
|
(match (read port) ;read the initial status
|
|
|
|
|
(('exporting)
|
|
|
|
|
(format #t (N_ "retrieving ~a store item from '~a'...~%"
|
|
|
|
|
"retrieving ~a store items from '~a'...~%" count)
|
|
|
|
|
count (remote-store-host remote))
|
|
|
|
|
|
2018-01-12 16:20:30 -05:00
|
|
|
|
(dynamic-wind
|
|
|
|
|
(const #t)
|
|
|
|
|
(lambda ()
|
|
|
|
|
(import port))
|
|
|
|
|
(lambda ()
|
|
|
|
|
(close-port port))))
|
2020-08-07 05:26:07 -04:00
|
|
|
|
(sexp
|
|
|
|
|
(handle-import/export-channel-error sexp remote)))))
|
2016-12-30 17:22:27 -05:00
|
|
|
|
|
2018-01-12 16:20:30 -05:00
|
|
|
|
(define* (retrieve-files local files remote
|
|
|
|
|
#:key recursive? (log-port (current-error-port)))
|
|
|
|
|
"Retrieve FILES from REMOTE and import them using the 'import-paths' RPC on
|
|
|
|
|
LOCAL. When RECURSIVE? is true, retrieve the closure of FILES."
|
2018-01-12 16:32:52 -05:00
|
|
|
|
(retrieve-files* (remove (cut valid-path? local <>) files)
|
|
|
|
|
remote
|
2018-01-12 16:20:30 -05:00
|
|
|
|
#:recursive? recursive?
|
|
|
|
|
#:log-port log-port
|
|
|
|
|
#:import (lambda (port)
|
|
|
|
|
(import-paths local port))))
|
|
|
|
|
|
2018-01-12 17:16:53 -05:00
|
|
|
|
|
|
|
|
|
;;;
|
|
|
|
|
;;; Error reporting.
|
|
|
|
|
;;;
|
|
|
|
|
|
|
|
|
|
(define (report-guile-error host)
|
|
|
|
|
(raise-error (G_ "failed to start Guile on remote host '~A'") host
|
|
|
|
|
(=> (G_ "Make sure @command{guile} can be found in
|
|
|
|
|
@code{$PATH} on the remote host. Run @command{ssh ~A guile --version} to
|
|
|
|
|
check.")
|
|
|
|
|
host)))
|
|
|
|
|
|
2020-03-23 05:08:41 -04:00
|
|
|
|
(define (report-inferior-exception exception host)
|
|
|
|
|
"Report EXCEPTION, an &inferior-exception that occurred on HOST."
|
|
|
|
|
(raise-error (G_ "exception occurred on remote host '~A': ~s")
|
|
|
|
|
host (inferior-exception-arguments exception)))
|
|
|
|
|
|
2016-12-30 17:22:27 -05:00
|
|
|
|
;;; ssh.scm ends here
|