Giacomo Leidi

My personal space on the web. Mostly about FOSS and technological autonomy.


SOPS Guix - This project implements secure, atomic, trustless secret provisioning with Guix. It works by putting encrypted secrets in the store and by adding a one-shot Shepherd service that decrypts them at startup in a ramfs/tmpfs filesystem. This means that clear text secrets never hit the disk and that you can (and actually are encouraged to) check in your SOPS secrets in the same version control system you use to track you Guix configurations.

gocix - This project aims at providing a community managed library of Guix services. Code from this channel implements a Guix native experience for services that are not yet guixable, through OCI backed Shepherd services.


Guix - Guix is a zero-trust deployment toolkit and Linux distribution. It allows the generation of bit by bit reproducible artefacts (OS packages, Docker images, virtual machines), enabling all parties in the free software supply chain to independently verify whether a given binary comes from a certain source.

mobilizon-reshare - Supercharge your event promotion strategy as an organization by automating your social media publishing through an application that can be run on your server, giving you full control and privacy.

guile-sparql - A SPARQL module for Guile Scheme to query an RDF store. Additionally, it provides an interface to write SPARQL queries using S-expressions.