Age | Commit message (Expand) | Author |
2021-05-07 | services: configuration: Add a new helper to ease generating documentation....The original (undocumented) procedure to generate the doc has a difficult to
grasp interface; add a simpler one on top of it.
* gnu/services/configuration.scm (configuration->documentation): New procedure.
| Maxim Cournoyer |
2021-05-07 | services: configuration: Support fields without default values....Not all fields in a configuration have a sensible default value. This changes
makes it possible to omit a default value for a configuration field, requiring
the user to provide a value.
* gnu/services/configuration.scm (configuration-missing-field): New procedure.
(define-configuration): Make default value optional.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
| Xinglu Chen |
2021-05-06 | services: spice-vdagent: Clear the socket file prior to starting....This fixes the following issue where spice-vdagent would fail to start if the
spice-vdagent-sock socket file already existed:
spice-vdagentd: Fatal could not create the server socket
/run/spice-vdagentd/spice-vdagent-sock: Error binding to address: Address
already in use
The requirement is also modified to depend on dbus-system, a cue taken from
upstream's own systemd service file (see 'data/spice-vdagentd.service' in the
sources).
* gnu/services/spice.scm (spice-vdagent-activation): Delete procedure.
(spice-vdagent-shepherd-service): Fix indentation.
[requirement]: Replace udev by dbus-system.
[start]: Ensure the spice-vdagentd run-time directory exists and that the
spice-vdagent-sock socket file does *not* exist before forking the daemon.
| Maxim Cournoyer |
2021-05-06 | services: dovecot: Add ‘managesieve-sieve-capability’ option....* gnu/services/mail.scm (protocol-configuration): Add a
‘managesieve-sieve-capability’ field.
* doc/guix.texi (Mail Services): Document it.
Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
| Alexey Abramov |
2021-05-06 | services: dovecot: Add ‘managesieve-notify-capability’ option....* gnu/services/mail.scm (protocol-configuration): Add a
‘managesieve-notify-capability’ field.
* doc/guix.texi (Mail Services): Document it.
Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
| Alexey Abramov |
2021-05-06 | services: dovecot: Add ‘imap-metadata?’ protocol configuration option....* gnu/services/mail.scm (protocol-configuration): Add an ‘imap-metadata?’
setting to enable IMAP METADATA support in the ‘imap’ protocol.
* doc/guix.texi (Mail Services): Document it.
Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
| Alexey Abramov |
2021-05-06 | services: dovecot: Add ‘mail-attribute-dict’ configuration option....* gnu/services/mail.scm (dovecot-configuration): Define a
‘mail-attribute-dict’ directive for IMAP METADATA storage.
* doc/guix.texi (Mail Services): Document it.
Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
| Alexey Abramov |
2021-05-05 | services: Fix the spice-vdagent service....* gnu/services/spice.scm (spice-vdagent-activation): Update runtime directory
from /var/run/spice-vdagentd to /run/spice-vdagentd.
(spice-vdagent-service-type): Specify a default value and fix indentation.
| Maxim Cournoyer |
2021-05-02 | services: guix-build-coordinator: Fix queue builds state directory....This service doesn't create a PID file, but it does write a file with the
processed commits in it, so create a directory to contain that.
* gnu/services/guix.scm (guix-build-coordinator-queue-builds-activation):
Ensure /var/cache/guix-build-coordinator-queue-builds exists.
| Christopher Baines |
2021-04-27 | services: mysql: Add extra-environment as configuration option....* gnu/services/databases.scm (mysql-configuration): Add extra-environment
(mysql-service): Use #:log-file and #:environment-variables
* doc/guix.texi: Document it.
Signed-off-by: Leo Prikler <leo.prikler@student.tugraz.at>
| methuselah-0 |
2021-04-26 | services: nix: Add /bin/sh to build-sandbox-paths....Fixes <https://bugs.gnu.org/46297>.
* gnu/services/nix.scm (nix-service-etc): Add /bin/sh to build-sandbox-paths.
| Oleg Pykhalov |
2021-04-24 | services: Add a service for rasdaemon....* gnu/services/linux.scm (rasdaemon-configuration, rasdaemon-configuration?,
rasdaemon-configuration-record?, rasdaemon-service-type): New variables.
* doc/guix.texi (Linux Services): Document it.
Signed-off-by: Leo Famulari <leo@famulari.name>
| B. Wilson |
2021-04-23 | services: guix-build-coordinator: Fix queue builds default config....Use the default client port rather than the default agent communication port
for the queue builds script.
* gnu/services/guix.scm (<guix-build-coordinator-queue-builds-configuration>):
Change coordinator default.
| Christopher Baines |
2021-04-23 | services: guix-build-coordinator: Remove incorrect pid file....The queue builds script doesn't create a pid file, so don't have the shepherd
expect to find one.
* gnu/services/guix.scm (guix-build-coordinator-queue-builds-shepherd-services):
Remove #:pid-file.
| Christopher Baines |
2021-04-23 | services: guix-build-coordinator: Fix service activation parts....Don't hardcode usernames, as these are in the config. Also fix the %user being
missing from the queue-builds service activation.
* gnu/services/guix.scm (guix-build-coordinator-activation,
guix-build-coordinator-agent-activation): Use config for the user name.
(guix-build-coordinator-queue-builds-activation): Define %user.
| Christopher Baines |
2021-04-23 | services: guix-build-coordinator: Add max-1min-load-average option....To the agent configuration.
* gnu/services/guix.scm (<guix-build-coordinator-agent-configuration>): New
field, max-1min-load-average.
(guix-build-coordinator-agent-configuration-max-1min-load-average): New
procedure.
(guix-build-coordinator-agent-shepherd-services): If set, include the
max-1min-load-average in the agent arguments.
| Christopher Baines |
2021-04-20 | services: wireguard: Add keep-alive support....* gnu/services/vpn.scm (<wireguard-peer>): Add 'keep-alive' field.
(wireguard-configuration-file): Use it.
* doc/guix.texi (VPN Services): Document it.
| Guillaume Le Vaillant |
2021-04-14 | services: cuirass: Use "/tmp" database host....This is a follow-up of c311147bd16aa0e5746d9cbf31502f5fd61e470c.
* gnu/services/cuirass.scm (%cuirass-default-database): Use "/tmp" database
host.
| Mathieu Othacehe |
2021-04-14 | Revert "services: mysql: Add extra-environment as configuration option."...This reverts commit f3626119d738f30b5ab59e76c105fd7b4c077ddc.
This commit inadvertently broke a string freeze. Let's be nice to our
translators and not do that.
| Leo Prikler |
2021-04-13 | services: postgresql: Use "/tmp" host directory....This is a follow-up of c311147bd16aa0e5746d9cbf31502f5fd61e470c.
* gnu/services/databases.scm (<postgresql-role-configuration>)[host]: Set to
"/tmp" which the default Postgresql socket directory.
| Mathieu Othacehe |
2021-04-13 | services: mysql: Add extra-environment as configuration option....* gnu/services/databases.scm (mysql-configuration): Add extra-environment
(mysql-service): Use #:log-file and #:environment-variables
* doc/guix.texi: Document it.
Signed-off-by: Leo Prikler <leo.prikler@student.tugraz.at>
| methuselah-0 |
2021-04-12 | services: postgresql: Change service default socket directory....Fixes <https://bugs.gnu.org/46737>.
PostgreSQL running with a different socket directory to the default one in the
package itself breaks some services, this commit restores the previous
behaviour where PostgreSQL by default will run with a socket directory that
matches the default used by PostgreSQL packaged for Guix.
Switching to a different default value can happen, but only alongside changing
the PostgreSQL package.
* gnu/services/databases.scm (<postgresql-config-file>)[socket-directory]:
Change default to #false.
* doc/guix.texi (Database Services): Update documentation, and specify a
different value for disabling connections via sockets.
* gnu/tests/guix.scm (%guix-data-service-os): Use default PostgreSQL
behaviour.
* gnu/tests/monitoring.scm (%zabbix-os): Likewise.
* gnu/tests/web.scm (patchwork-os): Likewise.
Signed-off-by: Leo Famulari <leo@famulari.name>
| Christopher Baines |
2021-04-12 | services: ipfs: Tweak description....* gnu/services/networking.scm (ipfs-service-type)[description]: Avoid
abbreviation.
| Ludovic Courtès |
2021-04-12 | services: Add ipfs-service-type...* gnu/services/networking.scm (ipfs-service-type)
(%ipfs-home-mapping, %ipfs-environment)
(%ipfs-accounts, %ipfs-home): New variables.
(ipfs-configuration, ipfs-configuration?)
(ipfs-configuration-package, ipfs-configuration-gateway)
(ipfs-configuration-api, ipfs-shepherd-service)
(ipfs-binary, %ipfs-activation): New procedures.
* doc/guix.texi (Networking Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Maxime Devos |
2021-04-10 | services: git-daemon: Fix typo in docstring....* gnu/services/version-control.scm (git-daemon-service): Fix docstring
typo.
| Tobias Geerinckx-Rice |
2021-04-09 | services: Add Laminar....* gnu/services/ci.scm: New file.
* gnu/tests/ci.scm: New file.
* doc/guix.texi (Laminar): Document the Laminar service.
| Christopher Baines |
2021-04-06 | services: dovecot: Fix serialization of a free-form-args arguments....* gnu/services/mail.scm (serialize-free-form-args): Change destination and
return a string containing the formated text.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Alexey Abramov |
2021-04-03 | services: guix-publish: Add zstd compression by default....That way, the default config with (advertises? #t) and without a cache
will offer zstd-compressed substitutes, which should lead to much higher
throughput than gzip.
* gnu/services/base.scm (default-compression): When
'guix-publish-configuration-cache' returns true, use higher level
compression ratios. Add "zstd".
* doc/guix.texi (Base Services): Mention zstd.
| Ludovic Courtès |
2021-04-01 | services: kmscon: Add font-engine and font-size fields....* gnu/services/base.scm (<kmscon-configuration>): Add font-engine and
font-size fields.
(kmscon-service-type): Honor them.
* doc/guix.texi (Base Services): Document them.
| qblade |
2021-04-01 | gnu: services: web: Have fcgiwrap log to a file....This makes it easier to access the output.
* gnu/services/web.scm (fcgiwrap-shepherd-service): Pass #:log-file to
make-forkexec-constructor.
| Christopher Baines |
2021-04-01 | gnu: services: web: Cleanup whitespace....Replace tabs with spaces, and delete trailing whitespace.
* gnu/services/web.scm: Cleanup whitespace.
| Christopher Baines |
2021-03-31 | services: sysctl: Export <sysctl-configuration> record field accessors....* gnu/services/sysctl.scm (sysctl-configuration-sysctl)
(sysctl-configuration-settings): Export.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| muradm |
2021-03-31 | services: xorg: Export %default-xorg-server-arguments....* gnu/services/xorg.scm (%default-xorg-server-arguments): Export.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Valentin Herrmann |
2021-03-29 | services: rottlog: Add /var/log/mcron.log to '%default-rotations'....Fixes <https://bugs.gnu.org/47436>.
Reported by Leo Famulari <leo@famulari.name>.
* gnu/services/admin.scm (%rotated-files): Add "/var/log/mcron.log".
| Ludovic Courtès |
2021-03-23 | services: cuirass: Set default port values....* gnu/services/cuirass.scm (<cuirass-remote-server-configuration>,
<cuirass-configuration>): Set default port values.
| Mathieu Othacehe |
2021-03-23 | services: cuirass: Adapt to Cuirass 1.0....* gnu/services/cuirass.scm (cuirass-shepherd-service,
cuirass-remote-worker-shepherd-service): Adapt to Cuirass 1.0.
| Mathieu Othacehe |
2021-03-18 | services: Enable "protected hardlinks" and "protected symlinks" by default....References:
https://sysctl-explorer.net/fs/protected_hardlinks/
https://sysctl-explorer.net/fs/protected_symlinks/
* gnu/services/sysctl.scm (%default-sysctl-settings): New public variable.
(<sysctl-configuration>): Use %default-sysctl-settings as the default value.
* gnu/services/base.scm (%base-services): Add sysctl-service-type.
* doc/guix.texi (Miscellaneous Services): Document the new defaults.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Leo Famulari |
2021-03-16 | gnu: Remove MongoDB....mongodb 3.4.10 has unpatched CVEs and mongodb 3.4.24 has some files in the
release tarball under the SSPL, therefore we cannot provide mongodb while
upholding to good security standards.
It turns out feff80cec3c97a3df2c20d300be12d67f79d4f22 was right since while
the main license file wasnt altered to SSPL, some files in the tree contain
SSPL headers.
* gnu/packages/databases.scm (go-gopkg.in-mgo.v2): Remove.
* gnu/packages/databases.scm (mongo-tools): Remove.
* doc/guix.texi (mongodb-service-type): Remove.
* gnu/tests/databases.scm (%test-mongodb, %mongodb-os, run-mongodb-test):
Remove.
* gnu/services/databases.scm (mongodb-configuration, mongodb-configuration?,
mongodb-configuration-mongodb, mongodb-configuration-config-file,
mongodb-configuration-data-directory, mongodb-service-type,
%default-mongodb-configuration-file, %mongodb-accounts, mongodb-activation,
mongodb-shepherd-service): Remove.
* gnu/packages/databases.scm (mongodb): Remove.
| Léo Le Bouter |
2021-03-15 | services/qemu-binfmt: Use the F flag and the static output of QEMU....Fixes <https://issues.guix.gnu.org/36117>.
Before this change, the 'binfmt_misc' entries registered for QEMU would not be
usable in container contexts outside of guix-daemon (without manually bind
mounting file names).
For example:
$ docker run --rm arm32v7/debian true
standard_init_linux.go:207: exec user process caused "no such file or directory"
After this change, any container can make use of the QEMU binfmt_misc
registrations, as their corresponding QEMU static binaries are fully
pre-loaded by the kernel.
* gnu/services/virtualization.scm (<qemu-platform>): Define using
'define-record-type*'.
[flags]: New field, which defaults to "F" (fix binary).
(%i386, %i486, %alpha, %arm, %armeb, %sparc, %sparc32plus, %ppc, %ppc64)
(%ppc64le, %m68k, %mips, %mipsel, %mipsn32, %mipsn32el, %mips64, %mips64el)
(%riscv32, %riscv64, %sh4, %sh4eb, %s390x, %aarch64, %hppa): Adjust.
(qemu-binfmt-guix-chroot): Remove variable.
(qemu-binfmt-service-type): Remove the qemu-binfmt-guix-chroot extension.
* gnu/services/qemu-binfmt (qemu-platform->binfmt): Use the static output of
QEMU.
* doc/contributing.texi (Submitting Patches): Update doc.
* doc/guix.texi (Virtualization Services): Update doc.
| Maxim Cournoyer |
2021-03-10 | services: Prevent following symlinks during activation....This addresses a potential security issue, where a compromised
service could trick the activation code in changing the permissions,
owner and group of arbitrary files. However, this patch is
currently only a partial fix, due to a TOCTTOU (time-of-check to
time-of-use) race, which can be fixed once guile has bindings
to openat and friends.
Fixes: <https://lists.gnu.org/archive/html/guix-devel/2021-01/msg00388.html>
* gnu/build/activation.scm: new procedure 'mkdir-p/perms'.
* gnu/services/authentication.scm
(%nslcd-activation, nslcd-service-type): use new procedure.
* gnu/services/cups.scm (%cups-activation): likewise.
* gnu/services/dbus.scm (dbus-activation): likewise.
* gnu/services/dns.scm (knot-activation): likewise.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Maxime Devos |
2021-03-10 | services: cuirass: Remove simple cuirass configuration....The Cuirass configuration has been simplified so that this is no longer
needed.
* gnu/services/cuirass.scm (<build-manifest>, <simple-cuirass-configuration>,
simple-cuirass-configuration->specs): Remove them.
| Mathieu Othacehe |
2021-03-10 | services: cuirass: Do not create the database directory....Fixes: <https://issues.guix.gnu.org/46683>.
* gnu/services/cuirass.scm (cuirass-activation): Since the PostgreSQL switch,
it is no longer needed to create the database directory.
| Mathieu Othacehe |
2021-03-05 | services: guix-build-coordinator: Add dynamic auth with file record....* gnu/services/guix.scm (guix-build-coordinator-agent-dynamic-auth-with-file,
guix-build-coordinator-agent-dynamic-auth-with-filen?,
guix-build-coordinator-agent-dynamic-auth-with-file-agent-name,
guix-build-coordinator-agent-dynamic-auth-with-file-token-file): New procedures.
(guix-build-coordinator-agent-shepherd-services): Handle new dynamic auth with
file record.
* doc/guix.texi (Guix Build Coordinator): Document the new dynamic auth with
file record.
| Christopher Baines |
2021-03-03 | services: shepherd: Make 'assert-valid-graph' public....* gnu/services/shepherd.scm (assert-valid-graph): Make public.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Andrew Tropin |
2021-02-28 | services: guix-build-coordinator: Add dynamic auth record....* gnu/services/guix.scm (guix-build-coordinator-agent-dynamic-auth,
guix-build-coordinator-agent-dynamic-auth?,
guix-build-coordinator-agent-dynamic-auth-agent-name,
guix-build-coordinator-agent-dynamic-auth-token): New procedures.
(guix-build-coordinator-agent-shepherd-services): Handle new dynamic auth
record.
* doc/guix.texi (Guix Build Coordinator): Document the new dynamic auth
record.
| Christopher Baines |
2021-02-28 | services: guix-build-coordinator: Rework authentication config....A new authentication approach has been added to the coordinator, so to better
represent the options, this commit changes the configuration to accept
different records, each for different authentication approaches.
* gnu/services/guix.scm (guix-build-coordinator-agent-configuration-uuid,
guix-build-coordinator-agent-configuration-password,
guix-build-coordinator-agent-configuration-password-file): Removed
procedures.
(guix-build-coordinator-agent-password-auth,
guix-build-coordinator-agent-password-auth?,
guix-build-coordinator-agent-password-auth-uuid,
guix-build-coordinator-agent-password-auth-password,
guix-build-coordinator-agent-password-file-auth,
guix-build-coordinator-agent-password-file-auth?,
guix-build-coordinator-agent-password-file-auth-uuid,
guix-build-coordinator-agent-password-file-auth-password-file): New
procedures.
(guix-build-coordinator-agent-shepherd-services): Adjust to handle the
authentication field and it's possible record values.
* doc/guix.texi (Guix Build Coordinator): Update documentation.
| Christopher Baines |
2021-02-25 | services: shepherd: Make /run/booted-system a symlink to the store item....Fixes <https://bugs.gnu.org/46767>.
Previously /run/booted-system would end up referring to
/var/guix/profiles/system-NNN-link; consequently, the booted system
would not be GC-protected.
* gnu/services/shepherd.scm (shepherd-boot-gexp): Call
'canonicalize-path' instead of 'readlink'.
| Ludovic Courtès |
2021-02-23 | services: cuirass: Fix services requirements....* gnu/services/cuirass.scm (cuirass-shepherd-service): Add "postgres-roles" to
cuirass requirements. Set cuirass-web requirements to cuirass only. Remove
"guix-daemon" and "networking" from cuirass-remote-server requirements as are
already required by cuirass.
| Mathieu Othacehe |
2021-02-23 | services: postgresql-roles: Fix race condition....Make sure that the postgresql-roles script is completed before declaring the
postgresql-roles service as started.
* gnu/services/databases.scm (postgresql-create-roles): Return the command
line instead of a program-file.
(postgresql-role-shepherd-service): Use fork+exec-command to start the role
creation script and wait for its completion before returning.
| Mathieu Othacehe |
2021-02-23 | services: cuirass: Improve simple-cuirass-services....Instead of returning multiple services in simple-cuirass-services, rely on the
instantiate-missing-services procedure to instantiate postgresql and
postgresql-role-service-type when missing.
Turn simple-cuirass-services procedure into
simple-cuirass-configuration->specs, that takes a simple-cuirass-configuration
record and returns a Cuirass specification.
Suggested-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/cuirass.scm (%default-cuirass-config): Remove it.
(simple-cuirass-services): Rename it to ...
(simple-cuirass-configuration->specs): ... this procedure.
* gnu/tests/cuirass.scm (cuirass-services): Remove postgresql and
postgresql-role services that are automatically instantiated.
(simple-cuirass-service): New variable.
(%cuirass-simple-test): Adapt it to use simple-cuirass-configuration->specs
instead of simple-cuirass-services.
* doc/guix.texi (Simple Cuirass): Update it.
| Mathieu Othacehe |