Open justinchiu opened 8 years ago
I have the same issue. The solution from this issue #1673 helped me.
Thanks for the detailed report!
For reference, stack is using the global manager from http-client-tls
:
-- | Evil global manager, to make life easier for the common use case
globalManager :: IORef Manager
globalManager = unsafePerformIO $ do
-- We may decide in the future to just have a global
-- ConnectionContext and use it directly in tlsManagerSettings, at
-- which point this can again be a simple (newManager
-- tlsManagerSettings >>= newIORef). See:
-- https://github.com/snoyberg/http-client/pull/227.
context <- NC.initConnectionContext
let settings = mkManagerSettingsContext (Just context) def Nothing
manager <- newManager settings
newIORef manager
{-# NOINLINE globalManager #-}
This is only different from your code in that you've added managerSetProxy (proxyEnvironment Nothing)
. Based on my read of https://www.stackage.org/haddock/lts-7.3/http-client-0.4.31.1/Network-HTTP-Client.html#v:proxyEnvironment this would be a no-op, but perhaps it isn't?
Pinging @snoyberg since he is familiar with this stuff.
Just to clarify, the following is not problematic behavior:
proxy = Nothing
It means that the Request
doesn't override the value in the Manager
.
Can you do the following:
export http_proxy=http://localhost:1234
(or some other unused port) and see if it causes an exception about not being able to connect to that portI'm on Windows 7 and proxy support still doesn't seem to work with the latest version of Stack:
$ stack upgrade
Updating package index Hackage (mirrored at https://github.com/commercialhaskell/all-cabal-hashes.git) ...
Fetching package index ...
Fetched package index.
Populating index cache ...
Populated index cache.
Already at latest version, no upgrade required
$ stack --version
Version 1.2.0 i386 hpack-0.14.0
My setup for proxy settrings is:
$ env|grep proxy
http_proxy=http://redacted:8080
https_proxy=http://redacted:8080
If I then try to install anything, it fails to download the build plan because it doesn't seem to use the right proxy settings:
$ stack install --resolver=lts-7.8 Agda
Run from outside a project, using implicit global project config
Downloading lts-7.8 build plan ...
HttpExceptionRequest Request {
host = "raw.githubusercontent.com"
port = 443
secure = True
requestHeaders = []
path = "/fpco/lts-haskell/master//lts-7.8.yaml"
queryString = ""
method = "GET"
proxy = Nothing
rawBody = False
redirectCount = 10
responseTimeout = ResponseTimeoutDefault
requestVersion = HTTP/1.1
}
(ProxyConnectException "raw.githubusercontent.com" 443 (Status {statusCode = 403, statusMessage = "Forbidden"}))
If using a different HTTP client that honors the proxy settings, I can download the build plan just fine:
$ wget https://raw.githubusercontent.com/fpco/lts-haskell/master//lts-7.8.yaml
--2016-11-17 10:53:05-- https://raw.githubusercontent.com/fpco/lts-haskell/master//lts-7.8.yaml
Resolving redacted (redacted)... 10.redacted
Connecting to redacted (redacted)|10.redacted|:8080... connected.
Proxy request sent, awaiting response... 200 OK
Length: 4836248 (4.6M) [text/plain]
Saving to: ‘lts-7.8.yaml’
lts-7.8.yaml 100%[=======================================>] 4.61M 5.76MB/s in 0.8s
2016-11-17 10:53:06 (5.76 MB/s) - ‘lts-7.8.yaml’ saved [4836248/4836248]
Whoops, dropped the ball on this:
$ stack --version
Version 1.2.1, Git revision 3541d38207ff7d50cb49a0d26ab0b4f69a8f9c04 (4307 commits) x86_64 hpack-0.14.1
$ env | grep proxy
http_proxy=fwdproxy:8080
ftp_proxy=fwdproxy:8080
https_proxy=fwdproxy:8080
$ stack setup
HttpExceptionRequest Request {
host = "raw.githubusercontent.com"
port = 443
secure = True
requestHeaders = []
path = "/fpco/stackage-content/master/stack/stack-setup-2.yaml"
queryString = ""
method = "GET"
proxy = Nothing
rawBody = False
redirectCount = 10
responseTimeout = ResponseTimeoutDefault
requestVersion = HTTP/1.1
}
ConnectionTimeout
$ export http_proxy=http://localhost:1111; export https_proxy=http://localhost:1111
$ env | grep proxy
http_proxy=http://localhost:1111
ftp_proxy=fwdproxy:8080
https_proxy=http://localhost:1111
$ stack setup
HttpExceptionRequest Request {
host = "raw.githubusercontent.com"
port = 443
secure = True
requestHeaders = []
path = "/fpco/stackage-content/master/stack/stack-setup-2.yaml"
queryString = ""
method = "GET"
proxy = Nothing
rawBody = False
redirectCount = 10
responseTimeout = ResponseTimeoutDefault
requestVersion = HTTP/1.1
}
ConnectionTimeout
but not quite sure what to make of this. For more context, trying to run stack setup to pull ghc 8 so i can build yi
Exactly same error here with stack v1.3.2 on NixOS with proxy settings (environment variables in place). When trying same on a computer without needing to deal with proxy - all works as expected.
$ stack install --nix ghc-mod hlint stylish-haskell hindent pandoc
[1 of 2] Compiling Main ( /home/kuznero/.stack/setup-exe-src/setup-mPHDZzAJ.hs, /home/kuznero/.stack/setup-exe-src/setup-mPHDZzAJ.o )
[2 of 2] Compiling StackSetupShim ( /home/kuznero/.stack/setup-exe-src/setup-shim-mPHDZzAJ.hs, /home/kuznero/.stack/setup-exe-src/setup-shim-mPHDZzAJ.o )
Linking /home/kuznero/.stack/setup-exe-cache/x86_64-linux-nix/tmp-Cabal-simple_mPHDZzAJ_1.24.0.0_ghc-8.0.1 ...
Progress: 4/129HttpExceptionRequest Request {
host = "s3.amazonaws.com"
port = 443
secure = True
requestHeaders = []
path = "/hackage.fpcomplete.com/package/SHA-1.6.4.2.tar.gz"
queryString = ""
method = "GET"
proxy = Nothing
rawBody = False
redirectCount = 10
responseTimeout = ResponseTimeoutDefault
requestVersion = HTTP/1.1
}
(ConnectionFailure getAddrInfo: does not exist (Name or service not known))
HttpExceptionRequest Request {
host = "s3.amazonaws.com"
port = 443
secure = True
requestHeaders = []
path = "/hackage.fpcomplete.com/package/Cabal-1.24.2.0.tar.gz"
queryString = ""
method = "GET"
proxy = Nothing
rawBody = False
redirectCount = 10
responseTimeout = ResponseTimeoutDefault
requestVersion = HTTP/1.1
}
(ConnectionFailure getAddrInfo: does not exist (Name or service not known))
...
What value are you putting in your environment variable? While the exception generated by network isn't particularly helpful, it seems to indicate that the DNS name it's looking up cannot be found.
I've put together a branch + simple test case to help out with this if you're able to run it, on the http-client repo. It's the better-getAddrInfo-exception branch (https://github.com/snoyberg/http-client/tree/better-getAddrInfo-exception). If you check it out, you can run:
$ stack build http-client
$ stack ghc attic/sanity.hs
Then running sanity.hs
with appropriate environment variables should give the same error you're seeing above, but now with slightly more information.
I will be able to try your repo test case tomorrow when I will get back to work. With regards to environment variable values, I've tried these:
http_proxy=http://127.0.0.1:3128/
https_proxy=http://127.0.0.1:3128/
HTTP_PROXY=http://127.0.0.1:3128/
HTTPS_PROXY=http://127.0.0.1:3128/
I am using CNTLM for proxying through our domain level proxy.
When this didn't work, I've tried using Windows proxy directly without CNTLM with following environment variable values:
http_proxy=http://username:password@proxyhost:proxyport/
https_proxy=http://username:password@proxyhost:proxyport/
HTTP_PROXY=http://username:password@proxyhost:proxyport/
HTTPS_PROXY=http://username:password@proxyhost:proxyport/
In reply to @snoyberg for running test case in better-getAddrInfo-exception
branch:
kuznero@soul:~/Projects/GitHub/http-client (branch: better-getAddrInfo-exception)
$ stack build --nix --install-ghc http-client
these paths will be fetched (70.20 MiB download, 987.94 MiB unpacked):
/nix/store/75p1400r0bg58ap13smyf75i9vy6bblc-ghc-7.10.3-doc
/nix/store/f0pdkzhsdf305m52gvf0vk31f2dliky1-ghc-7.10.3
fetching path ‘/nix/store/75p1400r0bg58ap13smyf75i9vy6bblc-ghc-7.10.3-doc’...
*** Downloading ‘https://cache.nixos.org/nar/0xdncpl3nm53b8ccyv71k2j1lnn8anai66rj4cnj9zp9agck8pza.nar.xz’ (signed by ‘cache.nixos.org-1’) to ‘/nix/store/75p1400r0bg58ap13smyf75i9vy6bblc-ghc-7.10.3-doc’...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 8776k 100 8776k 0 0 572k 0 0:00:15 0:00:15 --:--:-- 571k
fetching path ‘/nix/store/f0pdkzhsdf305m52gvf0vk31f2dliky1-ghc-7.10.3’...
*** Downloading ‘https://cache.nixos.org/nar/03lkjx76jz71ys1ardh4ga1hsw75rqwknd0n15khwgh2gxif1dpp.nar.xz’ (signed by ‘cache.nixos.org-1’) to ‘/nix/store/f0pdkzhsdf305m52gvf0vk31f2dliky1-ghc-7.10.3’...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 61.6M 100 61.6M 0 0 517k 0 0:02:01 0:02:01 --:--:-- 532k
[1 of 2] Compiling Main ( /home/kuznero/.stack/setup-exe-src/setup-mPHDZzAJ.hs, /home/kuznero/.stack/setup-exe-src/setup-mPHDZzAJ.o )
[2 of 2] Compiling StackSetupShim ( /home/kuznero/.stack/setup-exe-src/setup-shim-mPHDZzAJ.hs, /home/kuznero/.stack/setup-exe-src/setup-shim-mPHDZzAJ.o )
Linking /home/kuznero/.stack/setup-exe-cache/x86_64-linux-nix/tmp-Cabal-simple_mPHDZzAJ_1.22.5.0_ghc-7.10.3 ...
Progress: 4/25HttpExceptionRequest Request {
host = "s3.amazonaws.com"
port = 443
secure = True
requestHeaders = []
path = "/hackage.fpcomplete.com/package/mtl-2.2.1.tar.gz"
queryString = ""
method = "GET"
proxy = Nothing
rawBody = False
redirectCount = 10
responseTimeout = ResponseTimeoutDefault
requestVersion = HTTP/1.1
}
(ConnectionFailure getAddrInfo: does not exist (Name or service not known))
HttpExceptionRequest Request {
host = "s3.amazonaws.com"
port = 443
secure = True
requestHeaders = []
path = "/hackage.fpcomplete.com/package/base64-bytestring-1.0.0.1.tar.gz"
queryString = ""
method = "GET"
proxy = Nothing
rawBody = False
redirectCount = 10
responseTimeout = ResponseTimeoutDefault
requestVersion = HTTP/1.1
}
(ConnectionFailure getAddrInfo: does not exist (Name or service not known))
HttpExceptionRequest Request {
host = "s3.amazonaws.com"
port = 443
secure = True
requestHeaders = []
path = "/hackage.fpcomplete.com/package/data-default-class-0.0.1.tar.gz"
queryString = ""
method = "GET"
proxy = Nothing
rawBody = False
redirectCount = 10
responseTimeout = ResponseTimeoutDefault
requestVersion = HTTP/1.1
}
(ConnectionFailure getAddrInfo: does not exist (Name or service not known))
HttpExceptionRequest Request {
host = "s3.amazonaws.com"
port = 443
secure = True
requestHeaders = []
path = "/hackage.fpcomplete.com/package/network-2.6.2.1.tar.gz"
queryString = ""
method = "GET"
proxy = Nothing
rawBody = False
redirectCount = 10
responseTimeout = ResponseTimeoutDefault
requestVersion = HTTP/1.1
}
(ConnectionFailure getAddrInfo: does not exist (Name or service not known))
And since that fails I cannot get to running stack ghc --nix attic/sanity.hs
:
attic/sanity.hs:1:8:
Could not find module `Network.HTTP.Client'
Use -v to see a list of the files searched for.
Please let me know if you think I can do something to finally run sanity.hs
.
Can you compile the executable on a non proxied machine and then run on the proxied machine? I'd like to get to the point where this is being reproed against just http-client so we can simplify debugging.
On Thu, Jan 5, 2017, 10:51 AM Roman Kuznetsov notifications@github.com wrote:
In reply to @snoyberg https://github.com/snoyberg for running test case in better-getAddrInfo-exception branch:
kuznero@soul:~/Projects/GitHub/http-client (branch: better-getAddrInfo-exception) $ stack build --nix --install-ghc http-client these paths will be fetched (70.20 MiB download, 987.94 MiB unpacked): /nix/store/75p1400r0bg58ap13smyf75i9vy6bblc-ghc-7.10.3-doc /nix/store/f0pdkzhsdf305m52gvf0vk31f2dliky1-ghc-7.10.3 fetching path ‘/nix/store/75p1400r0bg58ap13smyf75i9vy6bblc-ghc-7.10.3-doc’...
*** Downloading ‘https://cache.nixos.org/nar/0xdncpl3nm53b8ccyv71k2j1lnn8anai66rj4cnj9zp9agck8pza.nar.xz’ (signed by ‘cache.nixos.org-1’) to ‘/nix/store/75p1400r0bg58ap13smyf75i9vy6bblc-ghc-7.10.3-doc’... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 8776k 100 8776k 0 0 572k 0 0:00:15 0:00:15 --:--:-- 571k
fetching path ‘/nix/store/f0pdkzhsdf305m52gvf0vk31f2dliky1-ghc-7.10.3’...
*** Downloading ‘https://cache.nixos.org/nar/03lkjx76jz71ys1ardh4ga1hsw75rqwknd0n15khwgh2gxif1dpp.nar.xz’ (signed by ‘cache.nixos.org-1’) to ‘/nix/store/f0pdkzhsdf305m52gvf0vk31f2dliky1-ghc-7.10.3’... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 61.6M 100 61.6M 0 0 517k 0 0:02:01 0:02:01 --:--:-- 532k
[1 of 2] Compiling Main ( /home/kuznero/.stack/setup-exe-src/setup-mPHDZzAJ.hs, /home/kuznero/.stack/setup-exe-src/setup-mPHDZzAJ.o ) [2 of 2] Compiling StackSetupShim ( /home/kuznero/.stack/setup-exe-src/setup-shim-mPHDZzAJ.hs, /home/kuznero/.stack/setup-exe-src/setup-shim-mPHDZzAJ.o ) Linking /home/kuznero/.stack/setup-exe-cache/x86_64-linux-nix/tmp-Cabal-simple_mPHDZzAJ_1.22.5.0_ghc-7.10.3 ... Progress: 4/25HttpExceptionRequest Request { host = "s3.amazonaws.com" port = 443 secure = True requestHeaders = [] path = "/hackage.fpcomplete.com/package/mtl-2.2.1.tar.gz" queryString = "" method = "GET" proxy = Nothing rawBody = False redirectCount = 10 responseTimeout = ResponseTimeoutDefault requestVersion = HTTP/1.1 } (ConnectionFailure getAddrInfo: does not exist (Name or service not known))
HttpExceptionRequest Request { host = "s3.amazonaws.com" port = 443 secure = True requestHeaders = [] path = "/hackage.fpcomplete.com/package/base64-bytestring-1.0.0.1.tar.gz" queryString = "" method = "GET" proxy = Nothing rawBody = False redirectCount = 10 responseTimeout = ResponseTimeoutDefault requestVersion = HTTP/1.1 } (ConnectionFailure getAddrInfo: does not exist (Name or service not known))
HttpExceptionRequest Request { host = "s3.amazonaws.com" port = 443 secure = True requestHeaders = [] path = "/hackage.fpcomplete.com/package/data-default-class-0.0.1.tar.gz" queryString = "" method = "GET" proxy = Nothing rawBody = False redirectCount = 10 responseTimeout = ResponseTimeoutDefault requestVersion = HTTP/1.1 } (ConnectionFailure getAddrInfo: does not exist (Name or service not known))
HttpExceptionRequest Request { host = "s3.amazonaws.com" port = 443 secure = True requestHeaders = [] path = "/hackage.fpcomplete.com/package/network-2.6.2.1.tar.gz" queryString = "" method = "GET" proxy = Nothing rawBody = False redirectCount = 10 responseTimeout = ResponseTimeoutDefault requestVersion = HTTP/1.1 } (ConnectionFailure getAddrInfo: does not exist (Name or service not known))
And since that fails I cannot get to running stack ghc --nix attic/sanity.hs:
attic/sanity.hs:1:8: Could not find module `Network.HTTP.Client' Use -v to see a list of the files searched for.
Please let me know if you think I can do something to finally run sanity.hs.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/commercialhaskell/stack/issues/2672#issuecomment-270593182, or mute the thread https://github.com/notifications/unsubscribe-auth/AADBB9V8oZ3VamQxv-ulH7JQJUnfyPxLks5rPK7zgaJpZM4KOW1o .
Now I am having a NixOS specific error as it seems when running on proxied computer (bits built on non-proxied computer):
$ attic/sanity
attic/sanity: error while loading shared libraries: libgmp.so.10: cannot open shared object file: No such file or directory
Though I have gmp
package installed system wide. How can I overcome this?
I have tried running with nix-shell -p gmp
, nix-shell -p gmp4
and nix-shell -p gmp5
. Didn't help.
@snoyberg finally I managed to run it, and it just works:
kuznero@soul:~/Projects/GitHub/http-client (branch: better-getAddrInfo-exception!)
$ nix-build --no-out-link "<nixpkgs>" -A gmp
/nix/store/50s6fp36mb6akz5l87x0pw4ppa66jvzq-gmp-6.1.1
kuznero@soul:~/Projects/GitHub/http-client (branch: better-getAddrInfo-exception!)
$ echo $LD_LIBRARY_PATH
/run/opengl-driver/lib:/run/opengl-driver-32/lib
kuznero@soul:~/Projects/GitHub/http-client (branch: better-getAddrInfo-exception!)
$ LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/nix/store/50s6fp36mb6akz5l87x0pw4ppa66jvzq-gmp-6.1.1/lib
kuznero@soul:~/Projects/GitHub/http-client (branch: better-getAddrInfo-exception!)
$ echo $LD_LIBRARY_PATH
/run/opengl-driver/lib:/run/opengl-driver-32/lib:/nix/store/50s6fp36mb6akz5l87x0pw4ppa66jvzq-gmp-6.1.1/lib
kuznero@soul:~/Projects/GitHub/http-client (branch: better-getAddrInfo-exception!)
$ attic/sanity
Response {responseStatus = Status {statusCode = 200, statusMessage = "OK"}, responseVersion = HTTP/1.1, responseHeaders = [("Via","1.1 W89505"),("Connection","Keep-Alive"),("Proxy-Connection","Keep-Alive"),("Content-Length","31"),("Date","Thu, 05 Jan 2017 09:50:30 GMT"),("Content-Type","application/json"),("Server","nginx"),("Access-Control-Allow-Origin","*"),("Access-Control-Allow-Credentials","true")], responseBody = "{\n \"origin\": \"212.93.55.21\"\n}\n", responseCookieJar = CJ {expose = []}, responseClose' = ResponseClose}
So, that does not show any error, but I cannot still run stack install --nix hindent
for example. What else can be wrong then?
Hmm, interesting. If you just run something like stack unpack mtl
without using --nix
, what happens?
It just works :)
kuznero@soul:~/Projects/GitHub
$ stack unpack mtl
mtl-2.2.1: download
Unpacked mtl-2.2.1 to /home/kuznero/Projects/GitHub/mtl-2.2.1/
kuznero@soul:~/Projects/GitHub
$ ls
mtl-2.2.1
I guess this explains why stack setup --nix
works fine and able to download everything it needs.
So in other words, this only occurs when run from inside the nix invocation? I'm woefully ignorant of what goes on inside the Nix world, I can't even fathom what would be triggering this. Can you somehow run the sanity
exe inside a matching Nix env and see if that triggers something? I'm guessing this might be an environment variable encoding issue, but that's a huge guess out of left field.
:) Environment variables are defined in a rather conventional way. And again, on non-proxied NixOS computer it works fine. While I was investigating this issue I read on one of the blogs related to something like ruby or something like that, that after library is getting a redirect reply it stops applying proxy settings. Can that be the case with http-client
?
That shouldn't be the case, but you can test it by modifying the sanity
exe to use a URL that should be getting a redirect.
I have tried querying http://s3.amazonaws.com/hackage.fpcomplete.com/package/base-orphans-0.5.4.tar.gz
(not https
) and it works. I will try changing sanity.hs
to use tls and try with https
version of that url.
But on that note, is it possible to instruct stack to not to use https?
You can modify the package-indices settings in stack.yaml or your global config to give it a different base URL, that should do it, though there are a number of other URLs you might need to change too.
I have tried that before, but it seems to have affect on stack setup
flow only...
So clearly there's something going on inside http-client that's the problem, and almost certainly unrelated to Stack itself. And it's also almost certainly the case that it only happens on Nix machines. The only way I can see this getting resolved is some reproducible case against http-client itself.
Will it still make sense for me to try to use tls manager and run test through https?
Sure, that's fine, but at least naively it doesn't look like TLS has nothing to do with this.
Interesting, running sanity
and sanity-tls
over http
and https
respectively just works fine.
@snoyberg can you maybe point in certain direction on where should I start digging with this issue? Maybe involve people who's more savvy ion NixOS? As of now with NixOS+Proxy it seems that it is simply impossible to use stack unfortunately.
I had a comment earlier about running the compiled sanity
executable from inside the nix environment, I'd imagine via something like stack --nix exec ./sanity
. Were you able to try that?
I have not tried doing so through stack before, trying running sanity
directly results in this:
kuznero@soul:~/Projects/GitHub/http-client (branch: better-getAddrInfo-exception!)
$ LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/nix/store/50s6fp36mb6akz5l87x0pw4ppa66jvzq-gmp-6.1.1/lib
kuznero@soul:~/Projects/GitHub/http-client (branch: better-getAddrInfo-exception!)
[127] $ ~/Downloads/sanity
Response {responseStatus = Status {statusCode = 200, statusMessage = "OK"}, responseVersion = HTTP/1.1, responseHeaders = [("Via","1.1 W89505"),("Connection","Keep-Alive"),("Proxy-Connection","Keep-Alive"),("Content-Length","4996"),("Date","Thu, 05 Jan 2017 10:14:04 GMT"),("Age","12594"),("Content-Type","binary/octet-stream"),("ETag","\"e590aa3f2de078eba409723eceed153a\""),("Server","AmazonS3"),("Accept-Ranges","bytes"),("x-amz-id-2","TemE4sHjIKxQXUN6Nt2cNXJ1EysxdU7pgXsiCHJusdtzESyBd0OfhKd+VLCLVtpVYfm1dBQ77lk="),("x-amz-request-id","074C8C99B326EBEE"),("Last-Modified","Fri, 19 Jun 2015 20:38:51 GMT")], responseBody = "\US\139...
Then I tried running it through stack as you suggested:
kuznero@soul:~/Projects/GitHub/http-client (branch: better-getAddrInfo-exception!)
$ stack exec --nix ~/Downloads/sanity
/home/kuznero/Downloads/sanity: error while loading shared libraries: libgmp.so.10: cannot open shared object file: No such file or directory
And trying to add --extra-lib-dirs
to stack exec
does not seem to help (not sure if I do it correctly though):
kuznero@soul:~/Projects/GitHub/http-client (branch: better-getAddrInfo-exception!)
$ stack exec --nix --extra-lib-dirs=/nix/store/50s6fp36mb6akz5l87x0pw4ppa66jvzq-gmp-6.1.1/lib ~/Downloads/sanity
/home/kuznero/Downloads/sanity: error while loading shared libraries: libgmp.so.10: cannot open shared object file: No such file or directory
@snoyberg sorry for throwing in seemingly unrelated problems, but I would really like to help reproducing and fixing it if possible.
Alright, I got a mini Nix setup going. What does stack --nix exec env
have to say? In particular, I'm interested in stack --nix exec env | grep -i ^http
. For the record, on my machine:
$ stack exec --nix env | grep -i ^http
$ stack exec env | grep -i ^http
HTTPS_PROXY=http://127.0.0.1:3128
HTTP_PROXY=http://127.0.0.1:3128
http_proxy=http://127.0.0.1:3128
https_proxy=http://127.0.0.1:3128
In other words, the env vars aren't being passed in to nix.
Interesting... Who controls what environment to pass when stack
is running with --nix
option? I can also see that stack exec --nix env | grep -i proxy
produces nothing on my box. And even running this does not help:
http_proxy=http://127.0.0.1:3128 stack exec --nix env | grep -i proxy
I am puzzled about where to look next. Does stack
support additional NixOS options when --nix
is used?
Another thing to remember here is that stack setup --nix
is also then running with --nix
option, but it seems that it has access to all the necessary environment variables.
I'm not sure about any of this, it's beyond my expertise. But I think it's safe to say that we've identified the real issue:
__Many --nix command do not forward the https?_proxy
environment variables to the inner command__
I'm going to update the issue title, and then perhaps someone with more Nix expertise can comment on the right way to address this.
Ping @YPares
FWIW the original block I had in installing is gone and everything works fine for me now after pulling.
The Stack guide documents the solution I believe:
https://docs.haskellstack.org/en/stable/nix_integration/#the-nix-shell
See http://nixos.org/nix/manual/#options-1 for more about what a "pure" Nix shell means.
By default stack --nix
spawns a pure Nix shell, for better reproducibility. A pure shell throws away the parent environment, including the PATH
, so most system resources will be invisible inside the shell (think of it as a sandbox). This is not unlike Docker.
If you want to pass through some environment variables, then a simple solution is to stack --nix --no-nix-pure
.
BTW, stack setup --nix
won't do what you expect / won't work. No equivalent of stack setup
is required when --nix
is passed. @YPares please add a message to that effect to stack setup
already.
No equivalent of stack setup is required when --nix is passed. @YPares please add a message
OK my bad. It seems this has been resolved in the latest Stack. stack setup
does what you expect: prefetch and unpack the appropriate GHC from Nixpkgs (instead of using the official upstream bindists, which won't work with Nix). In any case, this is tangential to the ticket.
That had solved my problem! :) Thanks @mboes!
@mboes does it make sense to make some exceptions to the environment variable rule, including the proxy environment variables?
@borsboom would the same exception logic make sense for Docker as well?
@snoyberg I think so. @YPares in fact it might be nice to add a field in the stack.yaml
where the user can whitelist arbitrary environment variables.
@mboes I'm not sure you can ask nix-shell to forward some env vars. I think you cannot
So this mean we should recreate those variables in the generated nix code, but this wouldn't work in the case where the user gives a custom shell.nix
.
You could do it by passing a special --args to the Nix shell containing the env vars you want to set with the values from the host environment. It would be a tad finicky I agree.
I modified the nix README to make it clearer that the pure shell changes the env vars: see commit 05acb2c
Great addition, thanks.
General summary/comments (optional)
opening an issue because i'm not sure if i'm doing something stupid and this is my fault or not.
Running on centos 6
It seems like the globalManager isn't respecting the http_proxy and https_proxy env variables. I'm not completely sure though since I'm a n00b with this.
I'm trying to build yi, and when I run stack setup it seems unable to fetch defaultStackSetupYaml and the request times out in getSetupInfo.
I hackily added (copy pasted from http-client then added the managerSetProxy call)
to src/main/Main.hs, rebuilt stack, and successfully fetched the yaml file with
after including
Network.HTTP.Client.TLS Data.IORef System.IO.Unsafe Data.Default.Class
in ghci and in the executable in stack.cabal. (fetching the defaultStackSetupYaml does not work in ghci without my modifications to globalManager.) Any help would be appreciated!Steps to reproduce
Run stack setup (my stack is currently on ghc 7.10 and am trying to update to 8) in yi's homedir.
Expected
The request to respect the proxy and go through.
Actual
Stack version