aboutsummaryrefslogtreecommitdiff
path: root/doc/guix.texi
diff options
context:
space:
mode:
Diffstat (limited to 'doc/guix.texi')
-rw-r--r--doc/guix.texi171
1 files changed, 168 insertions, 3 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index e8c4e0eaf3..6b4b19d0cf 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -219,6 +219,7 @@ Services
* Database Services:: SQL databases.
* Mail Services:: IMAP, POP3, SMTP, and all that.
* Messaging Services:: Messaging services.
+* Monitoring Services:: Monitoring services.
* Kerberos Services:: Kerberos services.
* Web Services:: Web servers.
* DNS Services:: DNS daemons.
@@ -9011,6 +9012,7 @@ declaration.
* Database Services:: SQL databases.
* Mail Services:: IMAP, POP3, SMTP, and all that.
* Messaging Services:: Messaging services.
+* Monitoring Services:: Monitoring services.
* Kerberos Services:: Kerberos services.
* Web Services:: Web servers.
* DNS Services:: DNS daemons.
@@ -10201,10 +10203,22 @@ shell daemon, @command{sshd}. Its value must be an
(service openssh-service-type
(openssh-configuration
(x11-forwarding? #t)
- (permit-root-login 'without-password)))
+ (permit-root-login 'without-password)
+ (authorized-keys
+ `(("alice" ,(local-file "alice.pub"))
+ ("bob" ,(local-file "bob.pub"))))))
@end example
See below for details about @code{openssh-configuration}.
+
+This service can be extended with extra authorized keys, as in this
+example:
+
+@example
+(service-extension openssh-service-type
+ (const `(("charlie"
+ ,(local-file "charlie.pub")))))
+@end example
@end deffn
@deftp {Data Type} openssh-configuration
@@ -10276,8 +10290,33 @@ server. Alternately, one can specify the @command{sftp-server} command:
(service openssh-service-type
(openssh-configuration
(subsystems
- '(("sftp" ,(file-append openssh "/libexec/sftp-server"))))))
+ `(("sftp" ,(file-append openssh "/libexec/sftp-server"))))))
+@end example
+
+@item @code{authorized-keys} (default: @code{'()})
+@cindex authorized keys, SSH
+@cindex SSH authorized keys
+This is the list of authorized keys. Each element of the list is a user
+name followed by one or more file-like objects that represent SSH public
+keys. For example:
+
+@example
+(openssh-configuration
+ (authorized-keys
+ `(("rekado" ,(local-file "rekado.pub"))
+ ("chris" ,(local-file "chris.pub"))
+ ("root" ,(local-file "rekado.pub") ,(local-file "chris.pub")))))
@end example
+
+@noindent
+registers the specified public keys for user accounts @code{rekado},
+@code{chris}, and @code{root}.
+
+Additional authorized keys can be specified @i{via}
+@code{service-extension}.
+
+Note that this does @emph{not} interfere with the use of
+@file{~/.ssh/authorized_keys}.
@end table
@end deftp
@@ -11722,6 +11761,38 @@ TCP port on which the database server listens for incoming connections.
@end table
@end deftp
+@defvr {Scheme Variable} memcached-service-type
+This is the service type for the @uref{https://memcached.org/,
+Memcached} service, which provides a distributed in memory cache. The
+value for the service type is a @code{memcached-configuration} object.
+@end defvr
+
+@example
+(service memcached-service-type)
+@end example
+
+@deftp {Data Type} memcached-configuration
+Data type representing the configuration of memcached.
+
+@table @asis
+@item @code{memcached} (default: @code{memcached})
+The Memcached package to use.
+
+@item @code{interfaces} (default: @code{'("0.0.0.0")})
+Network interfaces on which to listen.
+
+@item @code{tcp-port} (default: @code{11211})
+Port on which to accept connections on,
+
+@item @code{udp-port} (default: @code{11211})
+Port on which to accept UDP connections on, a value of 0 will disable
+listening on a UDP socket.
+
+@item @code{additional-options} (default: @code{'()})
+Additional command line options to pass to @code{memcached}.
+@end table
+@end deftp
+
@defvr {Scheme Variable} redis-service-type
This is the service type for the @uref{https://redis.io/, Redis}
key/value store, whose value is a @code{redis-configuration} object.
@@ -13599,6 +13670,94 @@ string, you could instantiate a prosody service like this:
(prosody.cfg.lua "")))
@end example
+@node Monitoring Services
+@subsubsection Monitoring Services
+
+@subsubheading Tailon Service
+
+@uref{https://tailon.readthedocs.io/, Tailon} is a web application for
+viewing and searching log files.
+
+The following example will configure the service with default values.
+By default, Tailon can be accessed on port 8080 (@code{http://localhost:8080}).
+
+@example
+(service tailon-service-type)
+@end example
+
+The following example customises more of the Tailon configuration,
+adding @command{sed} to the list of allowed commands.
+
+@example
+(service tailon-service-type
+ (tailon-configuration
+ (config-file
+ (tailon-configuration-file
+ (allowed-commands '("tail" "grep" "awk" "sed"))))))
+@end example
+
+
+@deftp {Data Type} tailon-configuration
+Data type representing the configuration of Tailon.
+This type has the following parameters:
+
+@table @asis
+@item @code{config-file} (default: @code{(tailon-configuration-file)})
+The configuration file to use for Tailon. This can be set to a
+@dfn{tailon-configuration-file} record value, or any gexp
+(@pxref{G-Expressions}).
+
+For example, to instead use a local file, the @code{local-file} function
+can be used:
+
+@example
+(service tailon-service-type
+ (tailon-configuration
+ (config-file (local-file "./my-tailon.conf"))))
+@end example
+
+@item @code{package} (default: @code{tailon})
+The tailon package to use.
+
+@end table
+@end deftp
+
+@deftp {Data Type} tailon-configuration-file
+Data type representing the configuration options for Tailon.
+This type has the following parameters:
+
+@table @asis
+@item @code{files} (default: @code{(list "/var/log")})
+List of files to display. The list can include strings for a single file
+or directory, or a list, where the first item is the name of a
+subsection, and the remaining items are the files or directories in that
+subsection.
+
+@item @code{bind} (default: @code{"localhost:8080"})
+Address and port to which Tailon should bind on.
+
+@item @code{relative-root} (default: @code{#f})
+URL path to use for Tailon, set to @code{#f} to not use a path.
+
+@item @code{allow-transfers?} (default: @code{#t})
+Allow downloading the log files in the web interface.
+
+@item @code{follow-names?} (default: @code{#t})
+Allow tailing of not-yet existent files.
+
+@item @code{tail-lines} (default: @code{200})
+Number of lines to read initially from each file.
+
+@item @code{allowed-commands} (default: @code{(list "tail" "grep" "awk")})
+Commands to allow running. By default, @code{sed} is disabled.
+
+@item @code{debug?} (default: @code{#f})
+Set @code{debug?} to @code{#t} to show debug messages.
+
+@end table
+@end deftp
+
+
@node Kerberos Services
@subsubsection Kerberos Services
@cindex Kerberos
@@ -16350,7 +16509,13 @@ passed.
@anchor{guix system vm}
Build a virtual machine that contains the operating system declared in
@var{file}, and return a script to run that virtual machine (VM).
-Arguments given to the script are passed to QEMU.
+Arguments given to the script are passed to QEMU as in the example
+below, which enables networking and requests 1@tie{}GiB of RAM for the
+emulated machine:
+
+@example
+$ /gnu/store/@dots{}-run-vm.sh -m 1024 -net user
+@end example
The VM shares its store with the host system.