From 2e04ab7147948b51d4e437ca9ba910530ac2a788 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Wed, 16 Jan 2019 11:18:34 +0100 Subject: services: avahi: Deprecate the 'avahi-service' procedure. * gnu/services/avahi.scm (): Export getters. Add default values. (avahi-service-type)[default-value]: New field. (avahi-service): Mark as deprecated. * gnu/services/desktop.scm (%desktop-services): Use the 'service' form instead of calling 'avahi-service'. * gnu/tests/base.scm (%avahi-os): Likewise. * doc/guix.texi (Base Services): Adjust example accordingly. (Networking Services): Update accordingly. --- doc/guix.texi | 71 ++++++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 48 insertions(+), 23 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 2039ff67cf..1cdf99dba7 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -10848,7 +10848,9 @@ system, you will want to append services to @var{%base-services}, like this: @example -(cons* (avahi-service) (lsh-service) %base-services) +(cons* (service avahi-service-type) + (service openssh-service-type) + %base-services) @end example @end defvr @@ -12709,31 +12711,54 @@ browsers, from accessing Facebook. The @code{(gnu services avahi)} provides the following definition. -@deffn {Scheme Procedure} avahi-service [#:avahi @var{avahi}] @ - [#:host-name #f] [#:publish? #t] [#:ipv4? #t] @ - [#:ipv6? #t] [#:wide-area? #f] @ - [#:domains-to-browse '()] [#:debug? #f] -Return a service that runs @command{avahi-daemon}, a system-wide +@defvr {Scheme Variable} avahi-service-type +This is the service that runs @command{avahi-daemon}, a system-wide mDNS/DNS-SD responder that allows for service discovery and -"zero-configuration" host name lookups (see @uref{http://avahi.org/}), and -extends the name service cache daemon (nscd) so that it can resolve -@code{.local} host names using -@uref{http://0pointer.de/lennart/projects/nss-mdns/, nss-mdns}. Additionally, -add the @var{avahi} package to the system profile so that commands such as -@command{avahi-browse} are directly usable. - -If @var{host-name} is different from @code{#f}, use that as the host name to +``zero-configuration'' host name lookups (see @uref{http://avahi.org/}). +Its value must be a @code{zero-configuration} record---see below. + +This service extends the name service cache daemon (nscd) so that it can +resolve @code{.local} host names using +@uref{http://0pointer.de/lennart/projects/nss-mdns/, nss-mdns}. @xref{Name +Service Switch}, for information on host name resolution. + +Additionally, add the @var{avahi} package to the system profile so that +commands such as @command{avahi-browse} are directly usable. +@end defvr + +@deftp {Data Type} avahi-configuration +Data type representation the configuration for Avahi. + +@table @asis + +@item @code{host-name} (default: @code{#f}) +If different from @code{#f}, use that as the host name to publish for this machine; otherwise, use the machine's actual host name. -When @var{publish?} is true, publishing of host names and services is allowed; -in particular, avahi-daemon will publish the machine's host name and IP -address via mDNS on the local network. +@item @code{publish?} (default: @code{#t}) +When true, allow host names and services to be published (broadcast) over the +network. -When @var{wide-area?} is true, DNS-SD over unicast DNS is enabled. +@item @code{publish-workstation?} (default: @code{#t}) +When true, @command{avahi-daemon} publishes the machine's host name and IP +address via mDNS on the local network. To view the host names published on +your local network, you can run: -Boolean values @var{ipv4?} and @var{ipv6?} determine whether to use IPv4/IPv6 -sockets. -@end deffn +@example +avahi-browse _workstation._tcp +@end example + +@item @code{wide-area?} (default: @code{#f}) +When true, DNS-SD over unicast DNS is enabled. + +@item @code{ipv4?} (default: @code{#t}) +@itemx @code{ipv6?} (default: @code{#t}) +These fields determine whether to use IPv4/IPv6 sockets. + +@item @code{domains-to-browse} (default: @code{'()}) +This is a list of domains to browse. +@end table +@end deftp @deffn {Scheme Variable} openvswitch-service-type This is the type of the @uref{http://www.openvswitch.org, Open vSwitch} @@ -22303,8 +22328,8 @@ want is to have @code{.local} host lookup working. Note that, in this case, in addition to setting the @code{name-service-switch} of the @code{operating-system} declaration, -you also need to use @code{avahi-service} (@pxref{Networking Services, -@code{avahi-service}}), or @var{%desktop-services}, which includes it +you also need to use @code{avahi-service-type} (@pxref{Networking Services, +@code{avahi-service-type}}), or @var{%desktop-services}, which includes it (@pxref{Desktop Services}). Doing this makes @code{nss-mdns} accessible to the name service cache daemon (@pxref{Base Services, @code{nscd-service}}). -- cgit v1.2.3 From 61b7f97177da423d87e142e92af008f2bf1dbd6b Mon Sep 17 00:00:00 2001 From: Damien Cassou Date: Wed, 16 Jan 2019 13:18:12 +0100 Subject: doc: Add missing parameter to guix system reconfigure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * doc/guix.texi (Proceeding with the Installation): Mention that /etc/config.scm must be passed as parameter and that root is needed. Signed-off-by: Ludovic Courtès --- doc/guix.texi | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 1cdf99dba7..57844d4722 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -9660,12 +9660,12 @@ unless your configuration specifies otherwise (@pxref{user-account-password, user account passwords}). @cindex upgrading GuixSD -From then on, you can update GuixSD whenever you want by running -@command{guix pull} as @code{root} (@pxref{Invoking guix pull}), and -then running @command{guix system reconfigure} to build a new system -generation with the latest packages and services (@pxref{Invoking guix -system}). We recommend doing that regularly so that your system -includes the latest security updates (@pxref{Security Updates}). +From then on, you can update GuixSD whenever you want by running @command{guix +pull} as @code{root} (@pxref{Invoking guix pull}), and then running +@command{guix system reconfigure /etc/config.scm}, as @code{root} too, to +build a new system generation with the latest packages and services +(@pxref{Invoking guix system}). We recommend doing that regularly so that +your system includes the latest security updates (@pxref{Security Updates}). Join us on @code{#guix} on the Freenode IRC network or on @email{guix-devel@@gnu.org} to share your experience---good or not so -- cgit v1.2.3 From 2e7addd20b5ff051562fbf6e8a6bd3fccbb4fb77 Mon Sep 17 00:00:00 2001 From: Mathieu Othacehe Date: Fri, 23 Nov 2018 22:53:39 +0900 Subject: doc: Document the graphical installer. * doc/guix.texi (Preparing for Installation): Mention the graphical installer. --- doc/guix.texi | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 57844d4722..ee7cf1da14 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -9328,12 +9328,20 @@ GuixSD in a virtual machine (VM). @subsection Preparing for Installation Once you have successfully booted your computer using the installation medium, -you should end up with a root prompt. Several console TTYs are configured -and can be used to run commands as root. TTY2 shows this documentation, -browsable using the Info reader commands (@pxref{Top,,, info-stnd, -Stand-alone GNU Info}). The installation system runs the GPM mouse -daemon, which allows you to select text with the left mouse button and -to paste it with the middle button. +you should end up with the welcome page of the graphical installer. The +graphical installer is a text-based user interface built upon the newt +library. It shall guide you through all the different steps needed to install +GNU GuixSD. However, as the graphical installer is still under heavy +development, you might want to fallback to the original, shell based install +process, by switching to TTYs 3 to 6 with the shortcuts CTRL-ALT-F[3-6]. The +following sections describe the installation procedure assuming you're using +one of those TTYs. They are configured and can be used to run commands as +root. + +TTY2 shows this documentation, browsable using the Info reader commands +(@pxref{Top,,, info-stnd, Stand-alone GNU Info}). The installation system +runs the GPM mouse daemon, which allows you to select text with the left mouse +button and to paste it with the middle button. @quotation Note Installation requires access to the Internet so that any missing -- cgit v1.2.3 From 65cd70ce42d4a46a65f284cbd1386e3e169383e4 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Thu, 17 Jan 2019 17:53:57 +0100 Subject: services: openssh: Add escape hatch. * gnu/services/ssh.scm ()[extra-content]: New field. * doc/guix.texi (Networking Services): Document it. --- doc/guix.texi | 13 +++++++++++++ gnu/services/ssh.scm | 10 ++++++++++ 2 files changed, 23 insertions(+) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index ee7cf1da14..245a18bc70 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -12644,6 +12644,19 @@ This is a symbol specifying the logging level: @code{quiet}, @code{fatal}, @code{error}, @code{info}, @code{verbose}, @code{debug}, etc. See the man page for @file{sshd_config} for the full list of level names. +@item @code{extra-content} (default: @code{""}) +This field can be used to append arbitrary text to the configuration file. It +is especially useful for elaborate configurations that cannot be expressed +otherwise. This configuration, for example, would generally disable root +logins, but permit them from one specific IP address: + +@example +(openssh-configuration + (extra-content "\ +Match Address 192.168.0.1 + PermitRootLogin yes")) +@end example + @end table @end deftp diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index bb94c5f41a..97b7f3c07b 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2016 David Craven ;;; Copyright © 2016 Julien Lepiller ;;; Copyright © 2017 Clément Lassieur +;;; Copyright © 2019 Ricardo Wurmus ;;; ;;; This file is part of GNU Guix. ;;; @@ -323,6 +324,12 @@ The other options should be self-descriptive." (log-level openssh-configuration-log-level (default 'info)) + ;; String + ;; This is an "escape hatch" to provide configuration that isn't yet + ;; supported by this configuration record. + (extra-content openssh-configuration-extra-content + (default "")) + ;; list of user-name/file-like tuples (authorized-keys openssh-authorized-keys (default '())) @@ -471,6 +478,9 @@ of user-name/file-like tuples." (match-lambda ((name command) (format port "Subsystem\t~a\t~a\n" name command))) '#$(openssh-configuration-subsystems config)) + + (format port "~a\n" + #$(openssh-configuration-extra-content config)) #t))))) (define (openssh-shepherd-service config) -- cgit v1.2.3