 So, Ludovic, I'm going to talk about GNU Geeks and how we managed to build a complete GNU Linux distribution out of a minimalistic language, if not the minimalistic language which is scheme, that parenthesis thing that you've heard about just before. All right. Before I go into presenting Geeks, let me just talk about something you know which is GNU Linux. So, I like potlucks. So, potlucks are these parties where people join together and everybody bring their own dish, and that's pretty cool. That's a good way to discover new dishes, new taste, things that perhaps you wouldn't cook yourself, right? You get to discover lots of new things. GNU Linux is a bit like this, right? It grew sort of organically and people brought their own dishes, and you get to discover lots of things if you look carefully at how your system or your laptop actually works. So, you will find that there are things written in C, there are things written in Perl, there are things written in Python, there are lots of things, and perhaps a bunch of Bash scripts with a whole rich collection of custom configuration language on top of it, right? So, that's very tasteful. This is great in a way, but if you look at it from the perspective of someone who's actually trying to understand how this all works together, or from the perspective of someone who's trying to learn or trying to modify things, that's maybe not so great. That's a whole lot of things to learn, a whole lot of languages, configuration languages, XMLJS, and you name it, all that. And trying to bring some unification to all this is one of the goals of Geeks. So, let me go into that. So, Geeks, who has already heard about Geeks in this room? All right, that's quite a lot of people, that's good. That's a good thing because I didn't plan to really present it in detail. But basically, if you went to Ricardo's talk before, for example, Geeks is actually a whole bunch of things. So you wouldn't have to think of Geeks as a package manager, and it's true. That's a package manager that you can use to install package, you get transactional upgrades, you get wallbacks, non-route installation of packages, that kind of feature, which is quite unusual and pretty cool, I think. But it's also a whole tool set of tools that deal with packages one way or another. So we have tools, for example, that can create environments on the fly like Geeks environment. So it's pretty much like virtual-env, if you're in Python. We have tools that can create darker images, application bundles, if that's something you need. We have all sorts of tools. And we also have an actual standalone system that you can run on your machine. And that's a standalone GNULINX distribution. Also, yeah, as I was preparing this talk for the minimalistic language tracker, I was like, what kind of minimalism are we talking about? So this is not this kind of minimalism, not in terms of number of lines of code. But there is some sort of a minimalistic feel to it, especially in the use of the language, which I'm gonna talk about. Yeah, we have a wonderful reference card if you want to know more about how to use Geeks as for all these features that I talk about. So you can find it on the web or you can find it on paper right here. This is wonderful. What's not on the reference card is this thing, which is how you manage a complete system, a standalone system. Distribution that you install on your machine or that you create in a VM or in a container. So this is just what we get with Geeks. You get to basically declare your system configuration entirely, including accounts, services, locats, blah, blah, blah, blah, blah. This is a very simple system configuration. Yeah, I think even if you're not a schemer, even if you're kind of afraid of parenthesis that happens, I'm being told. You can still, I guess, understand what's happening here. You could imagine that these are curly braces and maybe that works better for you, I don't know. All right, so once you have this configuration, like I said, you can actually, there is a bunch of Geeks system command and you can create a VM. You can instantiate it on actual bare metal hardware, etc., etc. This is really nice. So how did we get there? Why did we end up using scheme and all the things to build this system? So the other day I wanted to learn about Terraform, which is an infrastructure as code tool. I'm not very familiar with this kind of tool. And so I ended up watching a keynote by one of the Terraform people, explaining the new features of the upcoming version of Terraform. And one thing that struck me in this part, the person was presenting. So Terraform actually has its own configuration language like many tools. So it's called the HashiCorp configuration language, ATL. It's a very corporate name, I guess. And so it's a language, a DSL, the mean specific language that allows you to configure your infrastructure, basically. And the person was presenting the new features of the language and that person was saying, look, here's one of my favorite new features. The new four key words allows you to iterate over lists and generate lists and map. This gives you a whole bunch of new flexibility. And I thought this is exactly what we want to do with geeks. We want to give you a whole bunch of new flexibility. That's the point. So we happen to take a different approach, technically. But the end result is the same, we have a whole bunch of new flexibility. So if you're familiar or even not familiar with Lisp, you're probably familiar with all the mystic around Lisp. That Lisp is somehow magic, like a thing of wizard. And Chris Weber, who is sitting here, rightfully noted that the wizardry thing is a double H third. It's a good thing in the sense that, wow, you can do so many things. But at the same time, it sounds like black magic, which is kind of not so great. I don't think it's black magic, but I do think it has very important features. So there is this famous quote that Lisp is not the right tool for any particular domain, basically. But it allows you to attack new problems by implementing new languages. That's basically what we're doing here. It's not a new idea, it's just the idea of embedding domain-specific languages in general purpose programming languages. And that's basically what we're doing here. I should also mention, since we're in the scheme, sorry. In the minimalistic language, there are room that the scheme standard, yeah. The scheme, I'm sorry. The scheme standard has this famous quote also that I could put it here, which is that programming languages should not be designed by pulling features on top of features, but by removing the weaknesses that make those features appear necessary. So there's a whole thing about minimalism in scheme and Lisp. So how did it all start? So the initial thing in Geeks, well, the initial thing was playing with reproducible software deployment via Nix. And the third thing that we came up with was this way to represent package definitions. All right, so if you've ever hacked Linux, GNU, Linux distribution, you've probably added this kind of package definition. This one you have parentheses, so it does look very declarative. It could be JSON, it could be YAML. It's very similar. But it's actually code. And you can see there's a string up in there that actually concatenates string. So that gives you a whole bunch of flexibility, as you can see. Yeah, this is actually code. It looks like a purely declarative thing, but it's really code. So you can write functions that create packages out of other packages or parameterized packages, you can do all sort of things. That's how it started. Then if you're using the standalone Geeks on your machine, you get to, as I said before, you can select which system services are running on your machine. So for example, if you write this thing, this creates a system object for OpenSSH with a default configuration. Right, that's pretty simple. But obviously, you can also specify a configuration. So you say, all right, OpenSSH configuration. I want X11 forwarding, and I want to permit root login, but using public keys. Something like that. And you can do that for a whole bunch of services. So this one is a bit more interesting, maybe. This is Seagit. So Seagit, it sees web interface for Git that allows you to browse repositories and so on in a web interface. It's if you're going to set it up by hand, it can be quite tedious, because you need to set up nginx, you need to set up fcgiwrap, this kind of thing. But as it turns out, if you're using Geeks, you can just say this. And it's going to ensure that nginx and fcgiwrap are actually set up correctly. Somehow on your system, it will just work. So I think that's pretty cool. Did I get the configuration right? Because I think the authors are right here. I hope so. And you don't get to, this is the same basic language, right? You don't get to learn a new configuration language every time. That's my point. But like I said, it's also code. So let's say you can say, I want to take the default list of desktop services that you would normally use to configure your laptop, for example. But I want to remove the NTP service that's provided as part of that default list of services. And so this is actually schemed. The lambda keywords means that we're defining a function, basically. That takes a service. And then we look at the kind of the service. And if it's actually the NTP service, then we remove it from that list. That's programming. We can do a bit more advanced things like, I want to say, all right, I'm taking this desktop services list. But I want to change some of the configuration for these services. Let's say I want to change how MinGetTTY is configured by adding a message of the day, or I want to change UPower to specify what happens if I close the lead, etc., etc. Again, this is configuration embedded in a general purpose language. So there are still open issues, like often people see this and they say, well, all right, that looks interesting. That allows you to actually program your configuration, which can be useful. But are you really going to write bindings for every configuration file out there? And the answer so far is yes. And yeah, it turns out to work so far. I mean, it's not too much of a pain. Sometimes we have cheat codes that allows us to escape from the scheme bindings if we really need to. But in general, it just works, and that's a reasonable thing to do. So we'll see how it goes. All right, so to summarize with Geeks being embedded in a general purpose language, we get all this programmability that I showed before. But we also get the ability to build new tools that would otherwise be pretty hard to build if we didn't have a general purpose language available. So among these tools, we have an Emacs interface. So if Emacs is your thing, you can actually manage your whole package set directly from within Emacs. I like it. And then we have tools like Geeks Refresh, which automatically updates packages, Geeks Lint, which lints, Geeks Graph, Geeks System Extension Graph, which allows you to inspect your operating system declaration, basically if you want to see how services fit together. All right, but since we're doing scheme a whole lot, what if we try to unify beyond this glue layer, basically? I've only talked about the glue layer that glues, packages, services, etc. together, but what if we went a bit beyond? So there are often questions about Nix versus Geeks, what's the difference, etc., etc. So from a technical viewpoint, this is an example. Nix uses DSL, a domain-specific language that's an external language designed specifically for the purpose of the Nix package manager. It looks like this, so curly braces, as you can see. So you have functions, function calls, it's a functional programming language, lazily evaluated. It's really cool, but it remains a domain-specific language, right? So it's really designed for this particular domain, for defining packages and so on, but it's not designed to do anything, roughly. So for example, in a package definition in Nix, what you would do is insert bash snippets to define the actions that you want to do during the package build, right? So you have the package definition that's within the Nix language. And right here you have a bash snippet that's going to run when you actually build the package. This is, it does a job, right? It can be pretty convenient at times, but there's a catch to it, which is that these are just strings, right? And you end up mixing two different programming languages. And in fact, you end up concatenating strings that happen to form bash programs and sometimes that can be tricky. One example is escapes. There's obviously clashes between the Nix syntax and the bash syntax like Nix uses dollars, bash uses dollars. So how do you escape things? That creates a whole class of problems and a whole class of issues. I guess sometimes it can be tricky to find the right way to escape things. And so since we have a general purpose language at hand, it came naturally that we could after all use scheme not only to glue things together but also to actually perform specific actions. So one example that I like is the initial RAM disk. If you're familiar with how the initial RAM disk for Linux is usually made, it's a mixture of C programs that invoke bash script that do all sorts of things. And eventually you end up with a CPIO archive. It can be quite tricky and inside that archive you typically have C programs that use a custom C library, blah, blah, blah, it's a whole world. So what we're doing here is that we're using scheme again. So what if we just write scheme that's going to run into that initial RAM disk when you boot your system? That's what we're doing. It simplifies things because we can reuse code, we already know the language. We can, it's a general purpose language anyway, so we can do anything basically and it does the work. So this is actual code and what we are doing here is that there is a special hash tilled thing there which means we're actually doing code staging. So this is pretty much the equivalent of concatenating strings together to create a program but here we're generating a scheme program. And this is all scheme so we know that the syntax is going to be valid. We can easily refer to existing objects in scheme via hash dollar. And so we know we're basically generating valid code. We can reuse scheme libraries and so on and so forth. And we end up with scheme inside the initial RAM disk. I like to show the diagram which explains how the system, the standalone geeks works. Basically we have the Linux kernel, we have the initial RAM disk which runs Guile. But we also have the init system which is called good new shepherd which also uses Guile and then possibly we have application that may or may not use Guile, all right. So that's the idea. And because we have this init system in scheme, well we can also use this hash till thing to generate the bits of configuration for the init system. So instead of generating unit files for example, which would be just the strings that we concatenate together. We can actually have access to the API of the init system. We can generate its configuration. We can share code, reuse existing code inside the init system. So one example that I like is, well, all right. This is the definition of a service that mounts and unmounts file systems. We have access to the mount procedure to perform the mount syscall, basically, so we can do that. And yeah, this is the example that I like. So this is, you have the B2B IRC gateway. This is its service definition. But if you want to run it in a container, you can just say, all right, I'm importing the GNU build Linux container library inside my shepherd PID one environment. And now I say make fork exact constructor slash container, which is a function provided by this library. And I'm running that demo in a container, right? So we're just reusing existing guide code directly in the service manager. That's really cool, I think. All right, so I think it's about time to wrap up. So what we do have is that we're using a minimalistic language that some people view as academic, right? It has very basic features. It has macros, basically, but simply using macros, we can build embedded domain specific languages of all kinds. And that's how we end up defining complete systems. I think it's pretty hackable. We have a single git repositories that contains the whole system, including package definitions. So you can basically grab the whole system, you can navigate interfaces. And I think that's pretty unusual for a complete GNU Linux distribution to be searchable and hackable in this way. And we use code staging techniques, so this hash till thing that I showed before, to basically allow us to glue together different layers of scheme code that are going to run at different moments in time. And this is it, I invite you to join us now and share the parenthesis. You can install the distribution, you can get one of these reference cards, you can use it, report issues, and you can share your ideas. We were supposed to release 1.0 for FOSDOM, but I don't have networking access, so I'm not going to do it right now. And there are other reasons. But anyway, it's going to happen very soon, so I invite you to give it a try and report what you think about it. Thank you. Any questions? Yes. Just some configuration management at the beginning. My question is, how it looks behind this code? How it generates the configuration? Is it just, I say, templating of the configuration of files? Or do you use some smarter approach, like what Electra do or I don't know what to do. Or is it something that understands the configuration format you want to generate? So the question is, how do we generate configuration files from the scheme snippet that we have? In many cases, the configuration file format is basically a key value thing. And so we have a generic system that allows us to define bindings for this type of configuration file, basically. And that automatically takes care of generating the configuration file. And then we also have more ad hoc ways of generating special configuration files, for example. Okay, and do you have also some tools for different configuration or some converting existing configuration to scheme? Do we have tools to convert existing configurations to scheme? No, we don't have them. But that's why we usually provide a way to specify, if you don't want to use the scheme version because you already have different configuration files, usually you can do it. We'll provide an escape hatch that allows you to say, all right, I'm using this configuration file for NGINX, for example. Yes, all right, so the question is, do we have any plans to support transactional upgrades at the system level, right? It's actually already the case, so problem solved. So when you instantiate a system with a different configuration, it actually creates a new generation of the system. So you can, at any time, when you boot your system, you can choose in the grab menu which generation you want to boot. And you can boot an older generation of your system. You can roll back to an older version of your system, basically. Yeah, all right. So the question is whether we could manage a whole fleet of systems and that stateful systems you're saying that do not use Geeks. Did I get that right or? That's outside the scope of Geeks, I would say. So Geeks is really concerned with configuring Geeks systems. And we could, in theory, manage a whole fleet of Geeks machines. For example, we don't do that yet. We don't have the tooling yet to do that. But I know that, for example, NICSOS has tools to do that. So we could say have basically a single configuration template and apply it to a whole number of machines. That's what we could do, yeah. One question. So this contributing to Geeks is actually with a pre-instance that you can just change something and install it as if you had your change of accuracy that's hands down the best contribution experience I've ever had in a Geeks distribution, so that's really cool. So not really a question but a comment. Which is that Geeks is wonderful. Basically you can easily contribute to it. Okay, all right, one last question maybe, are we still, yes? Does it automatically, do I need to use ransom code to generate it? So what happens if you change your system configuration? Is it automatically reconfigured? Right, so no, it's not automatically reconfigured. You basically edit your config file and then you run Geeks system reconfigure. And that will instantiate the new configuration. So, yeah, that's the idea. Thank you, Lido. All right, thank you.