summaryrefslogtreecommitdiff
path: root/gnu/services
AgeCommit message (Expand)Author
2022-05-24services: Add log rotation to most networking services.•••This adds a simple log rotation extension to every networking service that specifies a #:log-file in its Shepherd service, which should prevent some logs from accumulating indefinitely. * gnu/services/networking.scm (%ntp-log-rotation): New variable. (ntp-service-type): Extend 'rottlog-service-type'. (openntpd-shepherd-service): Change #:log-file argument to "/var/log/ntpd.log". (openntpd-service-type): Extend 'rottlog-service-type'. (%tor-log-rotation): New variable. (tor-service-type): Extend 'rottlog-service-type'. (%connman-log-rotation): New variable. (connman-service-type): Extend 'rottlog-service-type'. (%hostapd-log-rotation): New variable. (hostapd-service-type): Extend 'rottlog-service-type'. (%pagekite-log-rotation): New variable. (pagekite-service-type): Extend 'rottlog-service-type'. (%yggdrasil-log-rotation): New variable. (yggdrasil-service-type): Extend 'rottlog-service-type'. (%ipfs-log-rotation): New variable. (ipfs-service-type): Extend 'rottlog-service-type'. (%keepalived-log-rotation): New variable. (keepalived-service-type): Extend 'rottlog-service-type'. Signed-off-by: Ludovic Courtès <ludo@gnu.org> ykonai
2022-05-22services: openssh: Listen on both IPv4 and IPv6.•••Fixes <https://issues.guix.gnu.org/55335>. Reported by Christopher Baines <mail@cbaines.net>. * gnu/services/ssh.scm (openssh-shepherd-service)[inetd-style?]: New variable. <start>: Use it. When using 'make-inetd-constructor', pass a list of endpoints as is possible with the Shepherd 0.9.1. <stop>: Adjust accordingly. * gnu/tests/ssh.scm (run-ssh-test)["wait for port 22"]: Rename to... ["wait for port 22, IPv4"]: ... this. ["wait for port 22, IPv6"]: New test. Ludovic Courtès
2022-05-18services: Add more description fields.•••* gnu/services.scm (simple-service): Add 'description' field. * gnu/services/base.scm (udev-rules-service): Likewise. * gnu/system/install.scm (configuration-template-service-type): Likewise. * gnu/tests.scm (marionette-service-type): Likewise. Ludovic Courtès
2022-05-16services: bitlbee: Run as user "bitlbee".•••Fixes <https://issues.guix.gnu.org/55450>. Fixes a bug introduced in 211fe3f66e6dfdaa64974931c458ab1d92afc182 whereby the inetd-spawned process would run as root (it would still run in a separate user namespace, with UID 1000 inside of it, but had the authority of root). * gnu/services/messaging.scm (bitlbee-shepherd-service): Pass #:user and #:group to 'make-inetd-constructor'. Remove "-u bitlbee" argument to BITLBEE*. Ludovic Courtès
2022-05-03services: pipefs: Correctly handle lack of extensions.•••Previously, in the absence of extensions of 'pipefs-service-type', we'd get a wrong-type-arg exception while folding services: In gnu/services/nfs.scm: 134:37 1 (_ #<<pipefs-configuration> mount-point: "/var/lib/nfs…> …) In ice-9/boot-9.scm: 1685:16 0 (raise-exception _ #:continuable? _) In procedure car: Wrong type argument in position 1 (expecting pair): () * gnu/services/nfs.scm (pipefs-service-type)[extend]: Gracefully handle the case where VALUES is the empty list, as done in 'gss-service-type'. Ludovic Courtès
2022-05-02services: Make sure Shepherd destructors match constructors.•••This is a followup to b06ecc57515d4e3c8b2228e8142654e9a26ba6e1, 211fe3f66e6dfdaa64974931c458ab1d92afc182, and fd57ce267c4083fe98242caa31075d2bd62903bf. * gnu/services/base.scm (guix-publish-shepherd-service): Change 'stop' method to use 'make-systemd-destructor' when 'make-systemd-constructor' is used. * gnu/services/dict.scm (dicod-shepherd-service): Change 'stop' method to use 'make-inetd-destructor' when 'make-inetd-constructor' is used. * gnu/services/messaging.scm (bitlbee-shepherd-service): Likewise. Ludovic Courtès
2022-05-02services: bitlbee: Preserve 'PURPLE_PLUGIN_PATH'.•••Fixes a regression introduced in 211fe3f66e6dfdaa64974931c458ab1d92afc182 whereby, in inetd mode, and when using 'bitlbee-purple', libpurple plugins would not be found. * gnu/services/messaging.scm (bitlbee-shepherd-service): Pass #:preserved-environment-variables to 'least-authority-wrapper'. Ludovic Courtès
2022-05-01services: opendht: Use 'least-authority-wrapper'.•••* gnu/services/networking.scm (opendht-configuration->command-line-arguments): Use 'least-authority-wrapper'. (opendht-shepherd-service): Use 'make-forkexec-constructor'. Ludovic Courtès
2022-05-01services: quassel: Use 'least-authority-wrapper'.•••* gnu/services/messaging.scm (quassel-shepherd-service): Use 'least-authority-wrapper' instead of 'make-forkexec-constructor/container'. Ludovic Courtès
2022-05-01services: wesnothd: Use 'least-authority-wrapper'.•••* gnu/services/games.scm (wesnothd-shepherd-service): Use 'least-authority-wrapper' instead of 'make-forkexec-constructor/container'. Ludovic Courtès
2022-05-01services: wesnothd: Grant write access to /var/run/wesnothd.•••* gnu/services/games.scm (wesnothd-shepherd-service): Augment 'modules' field. Pass #:mappings argument to 'make-forkexec-constructor/container'. (wesnothd-activation): New variable. (wesnothd-service-type): Extend ACTIVATION-SERVICE-TYPE. Ludovic Courtès
2022-05-01services: ipfs: Use 'least-authority-wrapper'.•••* gnu/services/networking.scm (ipfs-binary): Call 'least-authority-wrapper'. (%ipfs-home-mapping): Remove surrounding gexp. (ipfs-shepherd-service)[exec-command]: New procedure. [ipfs-config-command, set-config!-gexp, shepherd&co] [container-gexp, container-script]: Remove. [inner-gexp]: Use 'exec-command'. Ludovic Courtès
2022-05-01services: bitlbee: Use 'make-inetd-constructor'.•••* gnu/services/messaging.scm (bitlbee-shepherd-service): Add call to 'least-authority-wrapper'. In 'start' method, use 'make-inetd-constructor' when available. * gnu/tests/messaging.scm (run-bitlbee-test)["valid PID"]: Remove test. Ludovic Courtès
2022-05-01services: dicod: Use 'make-inetd-constructor'.•••* gnu/services/dict.scm (dicod-shepherd-service): Use 'make-inetd-constructor' in the 'start' method when available. Ludovic Courtès
2022-05-01services: dicod: Rewrite using 'least-authority-wrapper'.•••* gnu/services/dict.scm (dicod-shepherd-service): Rewrite using 'least-authority-wrapper' plus 'make-forkexec-constructor' instead of 'make-forkexec-constructor/container'. Ludovic Courtès
2022-05-01gexp: Add 'references-file'.•••* gnu/services/base.scm (references-file): Remove. * guix/gexp.scm (references-file): New procedure. * tests/gexp.scm ("references-file"): New test. Ludovic Courtès
2022-04-29services: guix-publish: Use socket activation when possible.•••* gnu/services/base.scm (guix-publish-shepherd-service): Use 'make-systemd-constructor' when it's available and ADVERTISE? is false. Ludovic Courtès
2022-04-29services: Add missing 'description' fields.•••* gnu/services/databases.scm (postgresql-service-type)[description]: New field. (memcached-service-type)[description]: New field. (mysql-service-type)[description]: New field. (redis-service-type)[description]: New field. * gnu/services/desktop.scm (geoclue-service-type)[description]: New field. (udisks-service-type)[description]: New field. (elogind-service-type)[description]: New field. (account-service-type)[description]: New field. * gnu/services/kerberos.scm (krb5-service-type)[description]: New field. (pam-krb5-service-type)[description]: New field. * gnu/services/lirc.scm (lirc-service-type)[description]: New field. * gnu/services/mail.scm (dovecot-service-type)[description]: New field. (opensmtpd-service-type)[description]: New field. (mail-aliases-service-type)[description]: New field. (exim-service-type)[description]: New field. * gnu/services/monitoring.scm (zabbix-server-service-type)[description]: New field. (zabbix-agent-service-type)[description]: New field. * gnu/services/nfs.scm (rpcbind-service-type)[description]: New field. (pipefs-service-type)[description]: New field. (gss-service-type)[description]: New field. (idmap-service-type)[description]: New field. * gnu/services/spice.scm (spice-vdagent-service-type)[description]: New field. * gnu/services/sysctl.scm (sysctl-service-type)[description]: New field. * gnu/services/virtualization.scm (libvirt-service-type)[description]: New field. (virtlog-service-type)[description]: New field. * gnu/services/vpn.scm (openvpn-server-service-type)[description]: New field. (openvpn-client-service-type)[description]: New field. (wireguard-service-type)[description]: New field. * gnu/services/web.scm (httpd-service-type)[description]: New field. (fcgiwrap-service-type)[description]: New field. (agate-service-type)[description]: New field. [name]: Fix. Ludovic Courtès
2022-04-22services: nar-herder: Allow specifying the log level.•••* gnu/services/guix.scm (nar-herder-configuration-log-level): New procedure. (nar-herder-shepherd-services): Pass the log-level to the nar-herder process. * doc/guix.texi (Nar Herder): Document configuring the log-level. Christopher Baines
2022-04-19services: yggdrasil: Tweak description.•••* gnu/services/networking.scm (yggdrasil-service-type)[description]: Add @command markup. Ludovic Courtès
2022-04-18services: ipfs: Adjust for Shepherd 0.9.•••This is a followup to e1f0c88ea221d846b5a533c4dc88e99e953af63e. * gnu/services/networking.scm (%ipfs-activation)[shepherd&co]: New variable. [container-gexp]: Use it. Ludovic Courtès
2022-04-12services: Replace murmur-service-type with mumble-server-service-type.•••* gnu/services/telephony.scm (murmur-configuration, make-murmur-configuration) (murmur-configuration?, murmur-configuration-package) (murmur-configuration-user, murmur-configuration-group) (murmur-configuration-port, murmur-configuration-welcome-text) (murmur-configuration-server-password) (murmur-configuration-max-users) (murmur-configuration-max-user-bandwidth) (murmur-configuration-database-file) (murmur-configuration-log-file, murmur-configuration-pid-file) (murmur-configuration-autoban-attempts) (murmur-configuration-autoban-timeframe) (murmur-configuration-autoban-time) (murmur-configuration-opus-threshold) (murmur-configuration-channel-nesting-limit) (murmur-configuration-channelname-regex) (murmur-configuration-username-regex) (murmur-configuration-test-message-length) (murmur-configuration-image-message-length) (murmur-configuration-cert-required?) (murmur-configuration-remember-channel?) (murmur-configuration-allow-html?) (murmur-configuration-allow-ping?) (murmur-configuration-bonjour?) (murmur-configuration-send-version?) (murmur-configuration-log-days) (murmur-configuration-obfuscate-ips?) (murmur-configuration-ssl-cert murmur-configuration-ssl-key) (murmur-configuration-ssl-dh-params murmur-configuration-ssl-ciphers) (murmur-configuration-public-registration) (murmur-configuration-file) (murmur-public-registration-configuration) (make-murmur-public-registration-configuration) (murmur-public-registration-configuration?) (murmur-public-registration-configuration-name) (murmur-public-registration-configuration-url) (murmur-public-registration-configuration-password) (murmur-public-registration-configuration-hostname) (murmur-service-type): Add deprecation alias and rename to ... (mumble-server-configuration, make-mumble-server-configuration) (mumble-server-configuration?, mumble-server-configuration-package) (mumble-server-configuration-user, mumble-server-configuration-group) (mumble-server-configuration-port, mumble-server-configuration-welcome-text) (mumble-server-configuration-server-password) (mumble-server-configuration-max-users) (mumble-server-configuration-max-user-bandwidth) (mumble-server-configuration-database-file) (mumble-server-configuration-log-file, mumble-server-configuration-pid-file) (mumble-server-configuration-autoban-attempts) (mumble-server-configuration-autoban-timeframe) (mumble-server-configuration-autoban-time) (mumble-server-configuration-opus-threshold) (mumble-server-configuration-channel-nesting-limit) (mumble-server-configuration-channelname-regex) (mumble-server-configuration-username-regex) (mumble-server-configuration-test-message-length) (mumble-server-configuration-image-message-length) (mumble-server-configuration-cert-required?) (mumble-server-configuration-remember-channel?) (mumble-server-configuration-allow-html?) (mumble-server-configuration-allow-ping?) (mumble-server-configuration-bonjour?) (mumble-server-configuration-send-version?) (mumble-server-configuration-log-days) (mumble-server-configuration-obfuscate-ips?) (mumble-server-configuration-ssl-cert mumble-server-configuration-ssl-key) (mumble-server-configuration-ssl-dh-params) (mumble-server-configuration-ssl-ciphers) (mumble-server-configuration-public-registration) (mumble-server-configuration-file) (mumble-server-public-registration-configuration) (make-mumble-server-public-registration-configuration) (mumble-server-public-registration-configuration?) (mumble-server-public-registration-configuration-name) (mumble-server-public-registration-configuration-url) (mumble-server-public-registration-configuration-password) (mumble-server-public-registration-configuration-hostname) (mumble-server-service-type): ... these. * doc/guix.texi ("Murmur (VoIP server)"): Rename to ... ("Mumble server"): ... this. Adjust documentation accordingly. Liliana Marie Prikler
2022-04-10services: shepherd: Do not unload transient services.•••Fixes <https://issues.guix.gnu.org/54812>. Starting with Shepherd 0.9.0 and the use of 'make-inetd-constructor' in commit 808b9e850491c7b1d867a5f1f4d5ee6f61f345d4, systems might be running transient Shepherd services such as those corresponding to SSH connections. Before this change, 'shepherd-service-upgrade' would have those transient services in the list of services to unload; concretely, that would lead all SSH connections to be closed upon 'guix system reconfigure'. * gnu/services/shepherd.scm (shepherd-service-upgrade): Remove transient services to TO-UNLOAD. Ludovic Courtès
2022-04-10services: herd: Report whether a service is transient.•••* gnu/services/herd.scm (<live-service>)[transient?]: New field. (current-services): Check the value of 'transient?'. Call 'resolve-transients'. (resolve-transients): New procedure. Ludovic Courtès
2022-04-09services: rottlog: Keep fewer "guix-daemon.log" files.•••* gnu/services/admin.scm (%default-rotations): For "guix-daemon.log", add 'options' field. Ludovic Courtès
2022-04-07services: openssh: Start as an inetd service.•••* gnu/services/ssh.scm (openssh-shepherd-service): Use 'make-inetd-constructor' when it is defined. (<openssh-configuration>)[max-connections]: New field. * gnu/tests/ssh.scm (run-ssh-test)["sshd PID"]: Adjust to cope with PID-FILE being #f. * gnu/tests/ssh.scm (%test-openssh): Pass #f as the 'pid-file' argument. * doc/guix.texi (Networking Services): Document 'max-connections'. Ludovic Courtès
2022-04-07services: shepherd: Default to version 0.9.•••* gnu/services/shepherd.scm (scm->go): Define 'shepherd&co' and pass it to 'with-extensions'. (shepherd-configuration-file): Call 'start-in-the-background' when it is defined. (<shepherd-configuration>)[shepherd]: Default to SHEPHERD-0.9. * gnu/system.scm (hurd-default-essential-services): Use SHEPHERD-0.8. Ludovic Courtès
2022-04-05services: messaging: Fix two copy-paste mistakes; avoid warnings.•••* gnu/services/messaging.scm (file-name-list, file-object-list): Fix name in 'define-maybe' instances. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Attila Lendvai
2022-04-04services: Add 'log-cleanup' service to '%base-services' for build logs.•••* gnu/services/base.scm (%base-services): Add 'log-cleanup-service-type' instance. * doc/guix.texi (Log Rotation): Add example and mention '%base-services'. Ludovic Courtès
2022-04-04services: Add 'log-cleanup-service-type'.•••* gnu/services/admin.scm (<log-cleanup-configuration>): New record type. (log-cleanup-program, log-cleanup-mcron-jobs): New procedures. (log-cleanup-service-type): New variable. * doc/guix.texi (Log Rotation): Document it. Ludovic Courtès
2022-03-25services: xorg: Remove xf86-input-synaptics from %default-xorg-modules.•••Fixes <https://issues.guix.gnu.org/35450>. This driver isn't intended to be installed by default as it takes precedence over the recommended xf86-input-libinput. * gnu/services/xorg.scm (%default-xorg-modules): Remove xf86-input-synaptics. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org> SeerLite
2022-03-24services: murmur: Fix server program name.•••* gnu/services/telephony.scm (murmur-activation): (murmur-shepherd-service): Change file name of mumble server, which is now called mumble-server instead of murmurd since version 1.4.x. Co-authored-by: Ludovic Courtès <ludo@gnu.org> fesoj000
2022-03-24services: dnsmasq: Add more options.•••* gnu/services/dns.scm (<dnsmasq-configuration>): Add forward-private-reverse-lookup?, strict-order? and cpe-id options. (dnsmasq-shepherd-service): Pass added options to dnsmasq and use match-record instead of match-lambda. * doc/guix.texi (Guix Services): Document options added to dnsmasq. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Remco van 't Veer
2022-03-20services: thermald: Add 'adaptive?' field.•••* gnu/services/pm.scm (<thermald-configuration>): Add 'adaptive?' field. (thermald-shepherd-service): Use it to pass --adaptive to thermald. * doc/guix.texi (Power Management Services): Document the 'adaptive?' field of 'thermald-configuration'. Jelle Licht
2022-03-17Revert "services: nfs: Define rpcbind-shepherd-service at the top level."•••This reverts commit 0a9e82b43080275a2755624f3208287056dc9f95, which didn't end up fixing anything. The problem was elsewhere; namely, using 'operating-system-services' instead of 'operating-system-user-services'. Maxim Cournoyer
2022-03-17services: nfs: Define rpcbind-shepherd-service at the top level.•••Attempting to use the 'nfs-service-type' as part of a computed operating-system definition, the following exception would be thrown: ice-9/boot-9.scm:1685:16: In procedure raise-exception: ERROR: 1. &ambiguous-target-service-error: service: #<<service> type: #<service-type rpcbind 7f7529853780> value: #<<rpcbind-configuration> rpcbind: #<package rpcbind@1.2.6 gnu/packages/onc-rpc.scm:87 7f75389e78f0> warm-start?: #t>> target-type: #<service-type shepherd-root 7f7529396080> 2. &message: "more than one target service of type 'shepherd-root'" The problem was that the rpcbind shepherd-service object was dynamically instantiated every time the rpcbind-service-type would be called, causing multiple objects in some situations, resulting in the above condition. * gnu/services/nfs.scm (rpcbind-service-type): Refactor and adjust in a way to extract... (rpcbind-shepherd-service): ... this new procedure. Maxim Cournoyer
2022-03-10services: openssh: Change 'authorized-keys' accessor name.•••* gnu/services/ssh.scm (<openssh-configuration>)[authorized-keys]: Rename accessor to 'openssh-configuration-authorized-keys'. (openssh-activation, extend-openssh-authorized-keys): Adjust accordingly. Ludovic Courtès
2022-03-10services: secret-service: Do not generate SSH and Guix key pairs.•••The justification about the order of activation snippets given in the comment had been obsolete since 39e3b4b7cee175a3c1f37329744c582528d55f5d. Lately, running the activation snippets for "ssh-keygen -A" and "guix archive --generate-key" would take a little bit too long, thereby preventing the childhurd from starting on time. * gnu/services/virtualization.scm (secret-service-operating-system): Clear 'generate-host-keys?' and 'generate-substitute-key?'. Ludovic Courtès
2022-03-10services: openssh: Add 'generate-host-keys?' field.•••* gnu/services/ssh.scm (<openssh-configuration>)[generate-host-keys?]: New field. (openssh-activation): Honor it. * doc/guix.texi (Networking Services): Document it. Ludovic Courtès
2022-03-10services: guix: Add 'generate-substitute-key?' field.•••* gnu/services/base.scm (<guix-configuration>)[generate-substitute-key?]: New field. (guix-activation): Honor it. * doc/guix.texi (Base Services): Document it. Ludovic Courtès
2022-03-09services: bluetooth: Add missing config parameters.•••* doc/guix.texi (Desktop Services): Document 'bluetooth-service-type' and 'bluetooth-configuration'. * gnu/services/desktop.scm (<bluetooth-configuration>): Add many fields. (bluetooth-configuration-file): Handle them. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Demis Balbach
2022-03-03services: openvpn: Actually save log file.•••* gnu/services/vpn.scm (openvpn-shepherd-service): Pass #:log-file to 'make-forkexec-constructor'. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Cameron Chaparro
2022-02-26services: pulseaudio: Deploy the configuration files to /etc/pulse.•••* gnu/services/sound.scm (pulseaudio-environment) [PULSE_CONFIG, PULSE_CLIENTCONFIG]: Use fixed locations, and move logic to... (pulseaudio-etc): ... this service extension. Guard against producing empty files. Maxim Cournoyer
2022-02-26services: pulseaudio: Add an extra-script-files configuration field.•••* gnu/services/sound.scm (<pulseaudio-configuration>) [extra-script-files]: Add field. (extra-script-files->file-union): New procedure. (append-include-directive): Likewise. (pulseaudio-etc): Use them. * doc/guix.texi: Document the new 'extra-script-files- configuration field. Maxim Cournoyer
2022-02-26services/sound: Normalize pulseaudio-configuration accessor names.•••* gnu/services/sound.scm (<pulseaudio-configuration>): Adjust getter names to match convention. Maxim Cournoyer
2022-02-25agetty-shepherd-service: Rename console agetty to "term-console" for clarity.•••* gnu/services/base.scm (agetty-shepherd-service)[provision]: Rename console agetty to "term-console". Danny Milosavljevic
2022-02-25services: %base-services: Adapt agetty-service-type to depend on syslogd•••Fixes <https://issues.guix.gnu.org/30464>. * gnu/services/base.scm (%base-services): Reorder syslog-service for clarity. [shepherd-requirement]: New field. Danny Milosavljevic
2022-02-25services: agetty: Add shepherd-requirement.•••* gnu/services/base.scm (<agetty-configuration>): Add shepherd-requirement. * doc/guix.texi (agetty-configuration): Document it. Danny Milosavljevic
2022-02-20services: udev: Use a fixed location for the rules directory and config.•••Fixes <https://issues.guix.gnu.org/47681>. This change adjusts the location of the udev configuration file and rules directory to a fixed location. Since udev relies on inotify to discover change to its rules directory (/etc/udev/rules.d), by using a fixed directory layout, new udev rules can be automatically picked up without restarting the service. * gnu/services/base.scm (udev-rules-union): Build rules output directly in #$output. (udev-shepherd-service)[start]: Adjust the UDEV_CONFIG_FILE and EUDEV_RULES_DIRECTORY environment variables. [actions]: Remove field. The 'rules' action is no longer useful. (udev.conf): New variable. (udev-etc): New procedure. (udev-service-type): Extend the etc-service-type with it. Maxim Cournoyer
2022-02-19services: dbus: Increase auth_timeout value to 5 minutes.•••This is a follow-up to 488f1c589df; the problem had re-appeared on my machine. * gnu/services/dbus.scm (dbus-configuration-directory): Increase 'auth_timeout' value from 60000 to 300000 ms (5 minutes). Maxim Cournoyer