summaryrefslogtreecommitdiff
path: root/gnu/services
AgeCommit message (Collapse)Author
2022-05-26services: openssh: Remove authorized_keys.d before copying the new one.Ludovic Courtès
Fixes <https://issues.guix.gnu.org/55661>. * gnu/services/ssh.scm (openssh-activation): Fix typo in 'delete-file-recursively' call.
2022-05-26services: openssh: Fix computation of the authorized-key directory.Ludovic Courtès
Fixes a bug introduced in 1f29ed4a812f86c45e2d9c37fd9f80f6d0418293, whereby 'authorized-key-directory' would end up creating empty files for authorized keys passed as an extension. See <https://issues.guix.gnu.org/55359>. * gnu/services/ssh.scm (extend-openssh-authorized-keys): Call 'alist->vhash' on the alist resulting from the 'append' call.
2022-05-26services: ssh: Fix extend-openssh-authorized-keys.Oleg Pykhalov
Fixes #55359. * gnu/services/ssh.scm (extend-openssh-authorized-keys): Use KEYS argument.
2022-05-25gnu: guix-build-coordinator: Update to 0-53.3de63f1.Christopher Baines
* gnu/packages/package-management.scm (guix-build-coordinator): Update to 0-53.3de63f1. * gnu/services/guix.scm (guix-build-coordinator-queue-builds-configuration-guix-data-service-build-server-id): New procedure. (guix-build-coordinator-queue-builds-shepherd-services): Use the guix-data-service-build-server-id. * doc/guix.texi (Guix Build Coordinator): Document the new queue builds configuration field.
2022-05-24services: Add log rotation to most networking services.ykonai
This adds a simple log rotation extension to every networking service that specifies a #:log-file in its Shepherd service, which should prevent some logs from accumulating indefinitely. * gnu/services/networking.scm (%ntp-log-rotation): New variable. (ntp-service-type): Extend 'rottlog-service-type'. (openntpd-shepherd-service): Change #:log-file argument to "/var/log/ntpd.log". (openntpd-service-type): Extend 'rottlog-service-type'. (%tor-log-rotation): New variable. (tor-service-type): Extend 'rottlog-service-type'. (%connman-log-rotation): New variable. (connman-service-type): Extend 'rottlog-service-type'. (%hostapd-log-rotation): New variable. (hostapd-service-type): Extend 'rottlog-service-type'. (%pagekite-log-rotation): New variable. (pagekite-service-type): Extend 'rottlog-service-type'. (%yggdrasil-log-rotation): New variable. (yggdrasil-service-type): Extend 'rottlog-service-type'. (%ipfs-log-rotation): New variable. (ipfs-service-type): Extend 'rottlog-service-type'. (%keepalived-log-rotation): New variable. (keepalived-service-type): Extend 'rottlog-service-type'. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-05-22services: openssh: Listen on both IPv4 and IPv6.Ludovic Courtès
Fixes <https://issues.guix.gnu.org/55335>. Reported by Christopher Baines <mail@cbaines.net>. * gnu/services/ssh.scm (openssh-shepherd-service)[inetd-style?]: New variable. <start>: Use it. When using 'make-inetd-constructor', pass a list of endpoints as is possible with the Shepherd 0.9.1. <stop>: Adjust accordingly. * gnu/tests/ssh.scm (run-ssh-test)["wait for port 22"]: Rename to... ["wait for port 22, IPv4"]: ... this. ["wait for port 22, IPv6"]: New test.
2022-05-18services: Add more description fields.Ludovic Courtès
* gnu/services.scm (simple-service): Add 'description' field. * gnu/services/base.scm (udev-rules-service): Likewise. * gnu/system/install.scm (configuration-template-service-type): Likewise. * gnu/tests.scm (marionette-service-type): Likewise.
2022-05-16services: bitlbee: Run as user "bitlbee".Ludovic Courtès
Fixes <https://issues.guix.gnu.org/55450>. Fixes a bug introduced in 211fe3f66e6dfdaa64974931c458ab1d92afc182 whereby the inetd-spawned process would run as root (it would still run in a separate user namespace, with UID 1000 inside of it, but had the authority of root). * gnu/services/messaging.scm (bitlbee-shepherd-service): Pass #:user and #:group to 'make-inetd-constructor'. Remove "-u bitlbee" argument to BITLBEE*.
2022-05-03services: pipefs: Correctly handle lack of extensions.Ludovic Courtès
Previously, in the absence of extensions of 'pipefs-service-type', we'd get a wrong-type-arg exception while folding services: In gnu/services/nfs.scm: 134:37 1 (_ #<<pipefs-configuration> mount-point: "/var/lib/nfs…> …) In ice-9/boot-9.scm: 1685:16 0 (raise-exception _ #:continuable? _) In procedure car: Wrong type argument in position 1 (expecting pair): () * gnu/services/nfs.scm (pipefs-service-type)[extend]: Gracefully handle the case where VALUES is the empty list, as done in 'gss-service-type'.
2022-05-02services: Make sure Shepherd destructors match constructors.Ludovic Courtès
This is a followup to b06ecc57515d4e3c8b2228e8142654e9a26ba6e1, 211fe3f66e6dfdaa64974931c458ab1d92afc182, and fd57ce267c4083fe98242caa31075d2bd62903bf. * gnu/services/base.scm (guix-publish-shepherd-service): Change 'stop' method to use 'make-systemd-destructor' when 'make-systemd-constructor' is used. * gnu/services/dict.scm (dicod-shepherd-service): Change 'stop' method to use 'make-inetd-destructor' when 'make-inetd-constructor' is used. * gnu/services/messaging.scm (bitlbee-shepherd-service): Likewise.
2022-05-02services: bitlbee: Preserve 'PURPLE_PLUGIN_PATH'.Ludovic Courtès
Fixes a regression introduced in 211fe3f66e6dfdaa64974931c458ab1d92afc182 whereby, in inetd mode, and when using 'bitlbee-purple', libpurple plugins would not be found. * gnu/services/messaging.scm (bitlbee-shepherd-service): Pass #:preserved-environment-variables to 'least-authority-wrapper'.
2022-05-01services: opendht: Use 'least-authority-wrapper'.Ludovic Courtès
* gnu/services/networking.scm (opendht-configuration->command-line-arguments): Use 'least-authority-wrapper'. (opendht-shepherd-service): Use 'make-forkexec-constructor'.
2022-05-01services: quassel: Use 'least-authority-wrapper'.Ludovic Courtès
* gnu/services/messaging.scm (quassel-shepherd-service): Use 'least-authority-wrapper' instead of 'make-forkexec-constructor/container'.
2022-05-01services: wesnothd: Use 'least-authority-wrapper'.Ludovic Courtès
* gnu/services/games.scm (wesnothd-shepherd-service): Use 'least-authority-wrapper' instead of 'make-forkexec-constructor/container'.
2022-05-01services: wesnothd: Grant write access to /var/run/wesnothd.Ludovic Courtès
* gnu/services/games.scm (wesnothd-shepherd-service): Augment 'modules' field. Pass #:mappings argument to 'make-forkexec-constructor/container'. (wesnothd-activation): New variable. (wesnothd-service-type): Extend ACTIVATION-SERVICE-TYPE.
2022-05-01services: ipfs: Use 'least-authority-wrapper'.Ludovic Courtès
* gnu/services/networking.scm (ipfs-binary): Call 'least-authority-wrapper'. (%ipfs-home-mapping): Remove surrounding gexp. (ipfs-shepherd-service)[exec-command]: New procedure. [ipfs-config-command, set-config!-gexp, shepherd&co] [container-gexp, container-script]: Remove. [inner-gexp]: Use 'exec-command'.
2022-05-01services: bitlbee: Use 'make-inetd-constructor'.Ludovic Courtès
* gnu/services/messaging.scm (bitlbee-shepherd-service): Add call to 'least-authority-wrapper'. In 'start' method, use 'make-inetd-constructor' when available. * gnu/tests/messaging.scm (run-bitlbee-test)["valid PID"]: Remove test.
2022-05-01services: dicod: Use 'make-inetd-constructor'.Ludovic Courtès
* gnu/services/dict.scm (dicod-shepherd-service): Use 'make-inetd-constructor' in the 'start' method when available.
2022-05-01services: dicod: Rewrite using 'least-authority-wrapper'.Ludovic Courtès
* gnu/services/dict.scm (dicod-shepherd-service): Rewrite using 'least-authority-wrapper' plus 'make-forkexec-constructor' instead of 'make-forkexec-constructor/container'.
2022-05-01gexp: Add 'references-file'.Ludovic Courtès
* gnu/services/base.scm (references-file): Remove. * guix/gexp.scm (references-file): New procedure. * tests/gexp.scm ("references-file"): New test.
2022-04-29services: guix-publish: Use socket activation when possible.Ludovic Courtès
* gnu/services/base.scm (guix-publish-shepherd-service): Use 'make-systemd-constructor' when it's available and ADVERTISE? is false.
2022-04-29services: Add missing 'description' fields.Ludovic Courtès
* gnu/services/databases.scm (postgresql-service-type)[description]: New field. (memcached-service-type)[description]: New field. (mysql-service-type)[description]: New field. (redis-service-type)[description]: New field. * gnu/services/desktop.scm (geoclue-service-type)[description]: New field. (udisks-service-type)[description]: New field. (elogind-service-type)[description]: New field. (account-service-type)[description]: New field. * gnu/services/kerberos.scm (krb5-service-type)[description]: New field. (pam-krb5-service-type)[description]: New field. * gnu/services/lirc.scm (lirc-service-type)[description]: New field. * gnu/services/mail.scm (dovecot-service-type)[description]: New field. (opensmtpd-service-type)[description]: New field. (mail-aliases-service-type)[description]: New field. (exim-service-type)[description]: New field. * gnu/services/monitoring.scm (zabbix-server-service-type)[description]: New field. (zabbix-agent-service-type)[description]: New field. * gnu/services/nfs.scm (rpcbind-service-type)[description]: New field. (pipefs-service-type)[description]: New field. (gss-service-type)[description]: New field. (idmap-service-type)[description]: New field. * gnu/services/spice.scm (spice-vdagent-service-type)[description]: New field. * gnu/services/sysctl.scm (sysctl-service-type)[description]: New field. * gnu/services/virtualization.scm (libvirt-service-type)[description]: New field. (virtlog-service-type)[description]: New field. * gnu/services/vpn.scm (openvpn-server-service-type)[description]: New field. (openvpn-client-service-type)[description]: New field. (wireguard-service-type)[description]: New field. * gnu/services/web.scm (httpd-service-type)[description]: New field. (fcgiwrap-service-type)[description]: New field. (agate-service-type)[description]: New field. [name]: Fix.
2022-04-22services: nar-herder: Allow specifying the log level.Christopher Baines
* gnu/services/guix.scm (nar-herder-configuration-log-level): New procedure. (nar-herder-shepherd-services): Pass the log-level to the nar-herder process. * doc/guix.texi (Nar Herder): Document configuring the log-level.
2022-04-19services: yggdrasil: Tweak description.Ludovic Courtès
* gnu/services/networking.scm (yggdrasil-service-type)[description]: Add @command markup.
2022-04-18services: ipfs: Adjust for Shepherd 0.9.Ludovic Courtès
This is a followup to e1f0c88ea221d846b5a533c4dc88e99e953af63e. * gnu/services/networking.scm (%ipfs-activation)[shepherd&co]: New variable. [container-gexp]: Use it.
2022-04-12services: Replace murmur-service-type with mumble-server-service-type.Liliana Marie Prikler
* gnu/services/telephony.scm (murmur-configuration, make-murmur-configuration) (murmur-configuration?, murmur-configuration-package) (murmur-configuration-user, murmur-configuration-group) (murmur-configuration-port, murmur-configuration-welcome-text) (murmur-configuration-server-password) (murmur-configuration-max-users) (murmur-configuration-max-user-bandwidth) (murmur-configuration-database-file) (murmur-configuration-log-file, murmur-configuration-pid-file) (murmur-configuration-autoban-attempts) (murmur-configuration-autoban-timeframe) (murmur-configuration-autoban-time) (murmur-configuration-opus-threshold) (murmur-configuration-channel-nesting-limit) (murmur-configuration-channelname-regex) (murmur-configuration-username-regex) (murmur-configuration-test-message-length) (murmur-configuration-image-message-length) (murmur-configuration-cert-required?) (murmur-configuration-remember-channel?) (murmur-configuration-allow-html?) (murmur-configuration-allow-ping?) (murmur-configuration-bonjour?) (murmur-configuration-send-version?) (murmur-configuration-log-days) (murmur-configuration-obfuscate-ips?) (murmur-configuration-ssl-cert murmur-configuration-ssl-key) (murmur-configuration-ssl-dh-params murmur-configuration-ssl-ciphers) (murmur-configuration-public-registration) (murmur-configuration-file) (murmur-public-registration-configuration) (make-murmur-public-registration-configuration) (murmur-public-registration-configuration?) (murmur-public-registration-configuration-name) (murmur-public-registration-configuration-url) (murmur-public-registration-configuration-password) (murmur-public-registration-configuration-hostname) (murmur-service-type): Add deprecation alias and rename to ... (mumble-server-configuration, make-mumble-server-configuration) (mumble-server-configuration?, mumble-server-configuration-package) (mumble-server-configuration-user, mumble-server-configuration-group) (mumble-server-configuration-port, mumble-server-configuration-welcome-text) (mumble-server-configuration-server-password) (mumble-server-configuration-max-users) (mumble-server-configuration-max-user-bandwidth) (mumble-server-configuration-database-file) (mumble-server-configuration-log-file, mumble-server-configuration-pid-file) (mumble-server-configuration-autoban-attempts) (mumble-server-configuration-autoban-timeframe) (mumble-server-configuration-autoban-time) (mumble-server-configuration-opus-threshold) (mumble-server-configuration-channel-nesting-limit) (mumble-server-configuration-channelname-regex) (mumble-server-configuration-username-regex) (mumble-server-configuration-test-message-length) (mumble-server-configuration-image-message-length) (mumble-server-configuration-cert-required?) (mumble-server-configuration-remember-channel?) (mumble-server-configuration-allow-html?) (mumble-server-configuration-allow-ping?) (mumble-server-configuration-bonjour?) (mumble-server-configuration-send-version?) (mumble-server-configuration-log-days) (mumble-server-configuration-obfuscate-ips?) (mumble-server-configuration-ssl-cert mumble-server-configuration-ssl-key) (mumble-server-configuration-ssl-dh-params) (mumble-server-configuration-ssl-ciphers) (mumble-server-configuration-public-registration) (mumble-server-configuration-file) (mumble-server-public-registration-configuration) (make-mumble-server-public-registration-configuration) (mumble-server-public-registration-configuration?) (mumble-server-public-registration-configuration-name) (mumble-server-public-registration-configuration-url) (mumble-server-public-registration-configuration-password) (mumble-server-public-registration-configuration-hostname) (mumble-server-service-type): ... these. * doc/guix.texi ("Murmur (VoIP server)"): Rename to ... ("Mumble server"): ... this. Adjust documentation accordingly.
2022-04-10services: shepherd: Do not unload transient services.Ludovic Courtès
Fixes <https://issues.guix.gnu.org/54812>. Starting with Shepherd 0.9.0 and the use of 'make-inetd-constructor' in commit 808b9e850491c7b1d867a5f1f4d5ee6f61f345d4, systems might be running transient Shepherd services such as those corresponding to SSH connections. Before this change, 'shepherd-service-upgrade' would have those transient services in the list of services to unload; concretely, that would lead all SSH connections to be closed upon 'guix system reconfigure'. * gnu/services/shepherd.scm (shepherd-service-upgrade): Remove transient services to TO-UNLOAD.
2022-04-10services: herd: Report whether a service is transient.Ludovic Courtès
* gnu/services/herd.scm (<live-service>)[transient?]: New field. (current-services): Check the value of 'transient?'. Call 'resolve-transients'. (resolve-transients): New procedure.
2022-04-09services: rottlog: Keep fewer "guix-daemon.log" files.Ludovic Courtès
* gnu/services/admin.scm (%default-rotations): For "guix-daemon.log", add 'options' field.
2022-04-07services: openssh: Start as an inetd service.Ludovic Courtès
* gnu/services/ssh.scm (openssh-shepherd-service): Use 'make-inetd-constructor' when it is defined. (<openssh-configuration>)[max-connections]: New field. * gnu/tests/ssh.scm (run-ssh-test)["sshd PID"]: Adjust to cope with PID-FILE being #f. * gnu/tests/ssh.scm (%test-openssh): Pass #f as the 'pid-file' argument. * doc/guix.texi (Networking Services): Document 'max-connections'.
2022-04-07services: shepherd: Default to version 0.9.Ludovic Courtès
* gnu/services/shepherd.scm (scm->go): Define 'shepherd&co' and pass it to 'with-extensions'. (shepherd-configuration-file): Call 'start-in-the-background' when it is defined. (<shepherd-configuration>)[shepherd]: Default to SHEPHERD-0.9. * gnu/system.scm (hurd-default-essential-services): Use SHEPHERD-0.8.
2022-04-05services: messaging: Fix two copy-paste mistakes; avoid warnings.Attila Lendvai
* gnu/services/messaging.scm (file-name-list, file-object-list): Fix name in 'define-maybe' instances. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-04-04services: Add 'log-cleanup' service to '%base-services' for build logs.Ludovic Courtès
* gnu/services/base.scm (%base-services): Add 'log-cleanup-service-type' instance. * doc/guix.texi (Log Rotation): Add example and mention '%base-services'.
2022-04-04services: Add 'log-cleanup-service-type'.Ludovic Courtès
* gnu/services/admin.scm (<log-cleanup-configuration>): New record type. (log-cleanup-program, log-cleanup-mcron-jobs): New procedures. (log-cleanup-service-type): New variable. * doc/guix.texi (Log Rotation): Document it.
2022-03-25services: xorg: Remove xf86-input-synaptics from %default-xorg-modules.SeerLite
Fixes <https://issues.guix.gnu.org/35450>. This driver isn't intended to be installed by default as it takes precedence over the recommended xf86-input-libinput. * gnu/services/xorg.scm (%default-xorg-modules): Remove xf86-input-synaptics. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
2022-03-24services: murmur: Fix server program name.fesoj000
* gnu/services/telephony.scm (murmur-activation): (murmur-shepherd-service): Change file name of mumble server, which is now called mumble-server instead of murmurd since version 1.4.x. Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2022-03-24services: dnsmasq: Add more options.Remco van 't Veer
* gnu/services/dns.scm (<dnsmasq-configuration>): Add forward-private-reverse-lookup?, strict-order? and cpe-id options. (dnsmasq-shepherd-service): Pass added options to dnsmasq and use match-record instead of match-lambda. * doc/guix.texi (Guix Services): Document options added to dnsmasq. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-03-20services: thermald: Add 'adaptive?' field.Jelle Licht
* gnu/services/pm.scm (<thermald-configuration>): Add 'adaptive?' field. (thermald-shepherd-service): Use it to pass --adaptive to thermald. * doc/guix.texi (Power Management Services): Document the 'adaptive?' field of 'thermald-configuration'.
2022-03-17Revert "services: nfs: Define rpcbind-shepherd-service at the top level."Maxim Cournoyer
This reverts commit 0a9e82b43080275a2755624f3208287056dc9f95, which didn't end up fixing anything. The problem was elsewhere; namely, using 'operating-system-services' instead of 'operating-system-user-services'.
2022-03-17services: nfs: Define rpcbind-shepherd-service at the top level.Maxim Cournoyer
Attempting to use the 'nfs-service-type' as part of a computed operating-system definition, the following exception would be thrown: ice-9/boot-9.scm:1685:16: In procedure raise-exception: ERROR: 1. &ambiguous-target-service-error: service: #<<service> type: #<service-type rpcbind 7f7529853780> value: #<<rpcbind-configuration> rpcbind: #<package rpcbind@1.2.6 gnu/packages/onc-rpc.scm:87 7f75389e78f0> warm-start?: #t>> target-type: #<service-type shepherd-root 7f7529396080> 2. &message: "more than one target service of type 'shepherd-root'" The problem was that the rpcbind shepherd-service object was dynamically instantiated every time the rpcbind-service-type would be called, causing multiple objects in some situations, resulting in the above condition. * gnu/services/nfs.scm (rpcbind-service-type): Refactor and adjust in a way to extract... (rpcbind-shepherd-service): ... this new procedure.
2022-03-10services: openssh: Change 'authorized-keys' accessor name.Ludovic Courtès
* gnu/services/ssh.scm (<openssh-configuration>)[authorized-keys]: Rename accessor to 'openssh-configuration-authorized-keys'. (openssh-activation, extend-openssh-authorized-keys): Adjust accordingly.
2022-03-10services: secret-service: Do not generate SSH and Guix key pairs.Ludovic Courtès
The justification about the order of activation snippets given in the comment had been obsolete since 39e3b4b7cee175a3c1f37329744c582528d55f5d. Lately, running the activation snippets for "ssh-keygen -A" and "guix archive --generate-key" would take a little bit too long, thereby preventing the childhurd from starting on time. * gnu/services/virtualization.scm (secret-service-operating-system): Clear 'generate-host-keys?' and 'generate-substitute-key?'.
2022-03-10services: openssh: Add 'generate-host-keys?' field.Ludovic Courtès
* gnu/services/ssh.scm (<openssh-configuration>)[generate-host-keys?]: New field. (openssh-activation): Honor it. * doc/guix.texi (Networking Services): Document it.
2022-03-10services: guix: Add 'generate-substitute-key?' field.Ludovic Courtès
* gnu/services/base.scm (<guix-configuration>)[generate-substitute-key?]: New field. (guix-activation): Honor it. * doc/guix.texi (Base Services): Document it.
2022-03-09services: bluetooth: Add missing config parameters.Demis Balbach
* doc/guix.texi (Desktop Services): Document 'bluetooth-service-type' and 'bluetooth-configuration'. * gnu/services/desktop.scm (<bluetooth-configuration>): Add many fields. (bluetooth-configuration-file): Handle them. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-03-03services: openvpn: Actually save log file.Cameron Chaparro
* gnu/services/vpn.scm (openvpn-shepherd-service): Pass #:log-file to 'make-forkexec-constructor'. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-02-26services: pulseaudio: Deploy the configuration files to /etc/pulse.Maxim Cournoyer
* gnu/services/sound.scm (pulseaudio-environment) [PULSE_CONFIG, PULSE_CLIENTCONFIG]: Use fixed locations, and move logic to... (pulseaudio-etc): ... this service extension. Guard against producing empty files.
2022-02-26services: pulseaudio: Add an extra-script-files configuration field.Maxim Cournoyer
* gnu/services/sound.scm (<pulseaudio-configuration>) [extra-script-files]: Add field. (extra-script-files->file-union): New procedure. (append-include-directive): Likewise. (pulseaudio-etc): Use them. * doc/guix.texi: Document the new 'extra-script-files- configuration field.
2022-02-26services/sound: Normalize pulseaudio-configuration accessor names.Maxim Cournoyer
* gnu/services/sound.scm (<pulseaudio-configuration>): Adjust getter names to match convention.
2022-02-25agetty-shepherd-service: Rename console agetty to "term-console" for clarity.Danny Milosavljevic
* gnu/services/base.scm (agetty-shepherd-service)[provision]: Rename console agetty to "term-console".