diff options
Diffstat (limited to 'doc/guix.texi')
-rw-r--r-- | doc/guix.texi | 171 |
1 files changed, 168 insertions, 3 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index e8c4e0eaf3..6b4b19d0cf 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -219,6 +219,7 @@ Services * Database Services:: SQL databases. * Mail Services:: IMAP, POP3, SMTP, and all that. * Messaging Services:: Messaging services. +* Monitoring Services:: Monitoring services. * Kerberos Services:: Kerberos services. * Web Services:: Web servers. * DNS Services:: DNS daemons. @@ -9011,6 +9012,7 @@ declaration. * Database Services:: SQL databases. * Mail Services:: IMAP, POP3, SMTP, and all that. * Messaging Services:: Messaging services. +* Monitoring Services:: Monitoring services. * Kerberos Services:: Kerberos services. * Web Services:: Web servers. * DNS Services:: DNS daemons. @@ -10201,10 +10203,22 @@ shell daemon, @command{sshd}. Its value must be an (service openssh-service-type (openssh-configuration (x11-forwarding? #t) - (permit-root-login 'without-password))) + (permit-root-login 'without-password) + (authorized-keys + `(("alice" ,(local-file "alice.pub")) + ("bob" ,(local-file "bob.pub")))))) @end example See below for details about @code{openssh-configuration}. + +This service can be extended with extra authorized keys, as in this +example: + +@example +(service-extension openssh-service-type + (const `(("charlie" + ,(local-file "charlie.pub"))))) +@end example @end deffn @deftp {Data Type} openssh-configuration @@ -10276,8 +10290,33 @@ server. Alternately, one can specify the @command{sftp-server} command: (service openssh-service-type (openssh-configuration (subsystems - '(("sftp" ,(file-append openssh "/libexec/sftp-server")))))) + `(("sftp" ,(file-append openssh "/libexec/sftp-server")))))) +@end example + +@item @code{authorized-keys} (default: @code{'()}) +@cindex authorized keys, SSH +@cindex SSH authorized keys +This is the list of authorized keys. Each element of the list is a user +name followed by one or more file-like objects that represent SSH public +keys. For example: + +@example +(openssh-configuration + (authorized-keys + `(("rekado" ,(local-file "rekado.pub")) + ("chris" ,(local-file "chris.pub")) + ("root" ,(local-file "rekado.pub") ,(local-file "chris.pub"))))) @end example + +@noindent +registers the specified public keys for user accounts @code{rekado}, +@code{chris}, and @code{root}. + +Additional authorized keys can be specified @i{via} +@code{service-extension}. + +Note that this does @emph{not} interfere with the use of +@file{~/.ssh/authorized_keys}. @end table @end deftp @@ -11722,6 +11761,38 @@ TCP port on which the database server listens for incoming connections. @end table @end deftp +@defvr {Scheme Variable} memcached-service-type +This is the service type for the @uref{https://memcached.org/, +Memcached} service, which provides a distributed in memory cache. The +value for the service type is a @code{memcached-configuration} object. +@end defvr + +@example +(service memcached-service-type) +@end example + +@deftp {Data Type} memcached-configuration +Data type representing the configuration of memcached. + +@table @asis +@item @code{memcached} (default: @code{memcached}) +The Memcached package to use. + +@item @code{interfaces} (default: @code{'("0.0.0.0")}) +Network interfaces on which to listen. + +@item @code{tcp-port} (default: @code{11211}) +Port on which to accept connections on, + +@item @code{udp-port} (default: @code{11211}) +Port on which to accept UDP connections on, a value of 0 will disable +listening on a UDP socket. + +@item @code{additional-options} (default: @code{'()}) +Additional command line options to pass to @code{memcached}. +@end table +@end deftp + @defvr {Scheme Variable} redis-service-type This is the service type for the @uref{https://redis.io/, Redis} key/value store, whose value is a @code{redis-configuration} object. @@ -13599,6 +13670,94 @@ string, you could instantiate a prosody service like this: (prosody.cfg.lua ""))) @end example +@node Monitoring Services +@subsubsection Monitoring Services + +@subsubheading Tailon Service + +@uref{https://tailon.readthedocs.io/, Tailon} is a web application for +viewing and searching log files. + +The following example will configure the service with default values. +By default, Tailon can be accessed on port 8080 (@code{http://localhost:8080}). + +@example +(service tailon-service-type) +@end example + +The following example customises more of the Tailon configuration, +adding @command{sed} to the list of allowed commands. + +@example +(service tailon-service-type + (tailon-configuration + (config-file + (tailon-configuration-file + (allowed-commands '("tail" "grep" "awk" "sed")))))) +@end example + + +@deftp {Data Type} tailon-configuration +Data type representing the configuration of Tailon. +This type has the following parameters: + +@table @asis +@item @code{config-file} (default: @code{(tailon-configuration-file)}) +The configuration file to use for Tailon. This can be set to a +@dfn{tailon-configuration-file} record value, or any gexp +(@pxref{G-Expressions}). + +For example, to instead use a local file, the @code{local-file} function +can be used: + +@example +(service tailon-service-type + (tailon-configuration + (config-file (local-file "./my-tailon.conf")))) +@end example + +@item @code{package} (default: @code{tailon}) +The tailon package to use. + +@end table +@end deftp + +@deftp {Data Type} tailon-configuration-file +Data type representing the configuration options for Tailon. +This type has the following parameters: + +@table @asis +@item @code{files} (default: @code{(list "/var/log")}) +List of files to display. The list can include strings for a single file +or directory, or a list, where the first item is the name of a +subsection, and the remaining items are the files or directories in that +subsection. + +@item @code{bind} (default: @code{"localhost:8080"}) +Address and port to which Tailon should bind on. + +@item @code{relative-root} (default: @code{#f}) +URL path to use for Tailon, set to @code{#f} to not use a path. + +@item @code{allow-transfers?} (default: @code{#t}) +Allow downloading the log files in the web interface. + +@item @code{follow-names?} (default: @code{#t}) +Allow tailing of not-yet existent files. + +@item @code{tail-lines} (default: @code{200}) +Number of lines to read initially from each file. + +@item @code{allowed-commands} (default: @code{(list "tail" "grep" "awk")}) +Commands to allow running. By default, @code{sed} is disabled. + +@item @code{debug?} (default: @code{#f}) +Set @code{debug?} to @code{#t} to show debug messages. + +@end table +@end deftp + + @node Kerberos Services @subsubsection Kerberos Services @cindex Kerberos @@ -16350,7 +16509,13 @@ passed. @anchor{guix system vm} Build a virtual machine that contains the operating system declared in @var{file}, and return a script to run that virtual machine (VM). -Arguments given to the script are passed to QEMU. +Arguments given to the script are passed to QEMU as in the example +below, which enables networking and requests 1@tie{}GiB of RAM for the +emulated machine: + +@example +$ /gnu/store/@dots{}-run-vm.sh -m 1024 -net user +@end example The VM shares its store with the host system. |