Would be pretty useful, as far as I know there is no way to change /etc/{subuid,subgid} in the system configuration without manually editing.

Well I had to make one :) it is being tracked on https://issues.guix.gnu.org/72337 . You can define subuid and subgid ranges like so:

(use-modules (gnu system shadow)      ;for 'subids-service-type'
                         (gnu system accounts))   ;for 'subid-range'

(operating-system
  (services
    (list
      (simple-service 'alice-bob-subids
                      subids-service-type
                      (subids-extension
                        (subgids
                         (list
                          (subid-range (name "alice"))))
                        (subuids
                         (list
                          (subid-range (name "alice"))
                          (subid-range (name "bob")
                                       (start 100700)))))))))

which would yield

# cat /etc/subgid
root:100000:65536
alice:165536:65536


# cat /etc/subuid
root:100000:700
bob:100700:65536
alice:166236:65536

Another annoyance with podman on guix is making / a shared mount doesn’t work so changes in mounts aren’t propagated.

I think I solved that by using a Shepherd service run on boot calling mount --make-shared / . I didn't do extensive testing of mounts but I'm currently using this on my systems as it's set up in my personal channel. By adding the following to my own system config

(use-modules (small-guix system accounts)
                         (small-guix services containers))

(service iptables-service-type)
(service rootless-podman-service-type
               (rootless-podman-configuration
                (subgids
                 (list (subid-range (name "alice"))))
                (subuids
                 (list (subid-range (name "alice"))))))

I'm able to run the following rootless Podman hello world

$ podman run -it --rm docker.io/alpine cat /etc/*release*
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.20.2
PRETTY_NAME="Alpine Linux v3.20"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://gitlab.alpinelinux.org/alpine/aports/-/issues"

and with guix shell podman-compose I'm able to run this Podman compose hello world:

$ mkdir data
$ echo hello world > data/index.html
$ podman compose up -d

...

exit code: 0
$ curl localhost:8080
hello world

So some kind of mount appears to work. Thank you for your feedback and feel free to try the service from my own channel if you are interested in providing more or in trying rootless podman on the Guix System.

A little too pitchy imho. It is just a regular linux distro with each system update creating a new fs snapshots .

Just use Nix/Guix lmao

I wouldn't go the manual way if you are not forced. If you use NetworkManager you can import the configuration either grafically or with nmcli.

It should be sufficiente to modify the network manager service provided by Guix:

(modify-services %desktop-services
 [...]
 (network-manager-service-type config =>
 		               (network-manager-configuration
			        (inherit config)
			        (vpn-plugins (list network-manager-openvpn))))

reconfiguring your system, rebooting and then importing the configuration and set your credentials

It is quite basic still and historically had some problems with reboots, but lately it has gained a lot of attention and bug fixes. I have no experience of runnit, compared to systemd is leaner but in my experience there's no big feature lacking

They do very different things even if the outcome is the same. You are not rollingback your system by downgrading each package. You are statefully changing your filesystem. Rollbacks in Nix and Guix are internet free, atomic and reproducible because they amount to changing the target of a single symlink

I guess you are not entitled free support once you execute a free program

I think functional distros like Guix or Nix are just another thing. Their ability of programming , provisioning and deploying software environments is unparalleled. My personal favorite is Guix since, while having less packages than Nix, it has the most consistent experience: everything is in Scheme from the top to the bottom of the distro. Also it pushes really hard on a sane bootstrapping story while allowing for impurity through channels like nonguix .

The main downside is the lack of tutorials and a documentation that's very intense, let's say. typical of GNU projects. I suggest the System Crafters youtube channel which has a lot of nice tutorials

with nonguix the lines are like five instead of one, but yes there are less packages than nix. the real selling point imho is how everything is human-sized and consistent

imho having a more accessible contribution workflow would increase the number of people interested in spending time in reviewing.

Regardless of the many problems of web forges today the ability to review only what's changed between the various revisions of a pull request and the comments in a single view is not achievable with a simple email workflow. You end up reimplementing the PR/MR functionality with other tools, exactly as is happening with the Guix QA tools. I love them but we're reimplementing gitlab/gitea/codeberg by parsing patch revisions from emails subjects.

it's not like it's easy contributing to guix :( i really hope they move to something more accessible

If you don't have commit access you don't need an account. I contributed many times without ever registering on Savannah.

Do you have commit access? Otherwise your account is mostly useless also if they don't delete it.