aboutsummaryrefslogtreecommitdiff
path: root/gnu/services
Commit message (Collapse)AuthorAge
* Merge branch 'version-1.3.0'Maxim Cournoyer2021-05-11
|\
| * services: spice-vdagent: Clear the socket file prior to starting.Maxim Cournoyer2021-05-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the following issue where spice-vdagent would fail to start if the spice-vdagent-sock socket file already existed: spice-vdagentd: Fatal could not create the server socket /run/spice-vdagentd/spice-vdagent-sock: Error binding to address: Address already in use The requirement is also modified to depend on dbus-system, a cue taken from upstream's own systemd service file (see 'data/spice-vdagentd.service' in the sources). * gnu/services/spice.scm (spice-vdagent-activation): Delete procedure. (spice-vdagent-shepherd-service): Fix indentation. [requirement]: Replace udev by dbus-system. [start]: Ensure the spice-vdagentd run-time directory exists and that the spice-vdagent-sock socket file does *not* exist before forking the daemon.
| * services: Fix the spice-vdagent service.Maxim Cournoyer2021-05-05
| | | | | | | | | | | | * gnu/services/spice.scm (spice-vdagent-activation): Update runtime directory from /var/run/spice-vdagentd to /run/spice-vdagentd. (spice-vdagent-service-type): Specify a default value and fix indentation.
* | services: configuration: Export 'no-serialization' syntactic keyword.Ludovic Courtès2021-05-08
| | | | | | | | | | | | This is a followup to 3f9a12dc082b20426fc740416601b69ea1897193. * gnu/services/configuration.scm (no-serialization): New variable.
* | services: docker: Disable configuration serialization.Maxim Cournoyer2021-05-08
| | | | | | | | | | * gnu/services/docker.scm (serialize-boolean): Delete procedure. (docker-configuration) <no-serialization>: New syntactic keyword.
* | services: configuration: Fix %location accessor name.Maxim Cournoyer2021-05-08
| | | | | | | | | | | | | | | | | | | | | | | | | | The non-hygienic binding of the source location accessor was set to '-location'; in modules where multiple configurations were defined, it would cause compilation warnings such as: gnu/services/mail.scm:175:0: warning: shadows previous definition of `%-location-procedure' at gnu/services/mail.scm:165:0 * gnu/services/configuration.scm (define-configuration-helper) <id>: Add a missing #'stem argument to use the configuration name as a prefix to the location accessor identifier.
* | services: configuration: Allow specifying a custom serializer.Xinglu Chen2021-05-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In some cases, rather than globally disabling serialization, it may be more appropriate to disable or otherwise alter the serialization procedure of a specific field. In large module, multiple configurations may also exist that would need to alter the default serialization procedure, which is named after the field type. Being able to specify a per-field serialization procedure provides more flexibility. * gnu/services/configuration.scm (define-configuration): Add an optional pattern variable to allow specifying a custom serialization procedure. (define-configuration-helper) <field-serializer>: Use it to transform the syntax. (empty-serializer): New procedure. (serialize-package): Alias to ‘empty-serializer’. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* | services: configuration: Allow disabling serialization.Maxim Cournoyer2021-05-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Serialization is not always useful, for example when deriving command line arguments from a configuration. This change provides a way to turn it off, which removes the need to define a bunch of dummy serialization procedures. Credit goes to Andrew Gierth (RhodiumToad) from #guile for providing the solution. Thank you! * gnu/services/configuration.scm (define-configuration-helper): New procedure. (define-configuration) <no-serialization>: New syntactic keyword. Use it in a new pattern. Refactor the macro so that it makes use of the above helper procedure.
* | services: configuration: Avoid a compilation warning.Maxim Cournoyer2021-05-08
| | | | | | | | | | | | | | This resolves a compilation warning introduced with commit bb716e8d9d. * gnu/services/configuration.scm (configuration->documentation): Use display to print the string instead of format.
* | services: configuration: Add a new helper to ease generating documentation.Maxim Cournoyer2021-05-07
| | | | | | | | | | | | | | The original (undocumented) procedure to generate the doc has a difficult to grasp interface; add a simpler one on top of it. * gnu/services/configuration.scm (configuration->documentation): New procedure.
* | services: configuration: Support fields without default values.Xinglu Chen2021-05-07
| | | | | | | | | | | | | | | | | | | | | | Not all fields in a configuration have a sensible default value. This changes makes it possible to omit a default value for a configuration field, requiring the user to provide a value. * gnu/services/configuration.scm (configuration-missing-field): New procedure. (define-configuration): Make default value optional. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* | services: dovecot: Add ‘managesieve-sieve-capability’ option.Alexey Abramov2021-05-06
| | | | | | | | | | | | | | | | * gnu/services/mail.scm (protocol-configuration): Add a ‘managesieve-sieve-capability’ field. * doc/guix.texi (Mail Services): Document it. Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
* | services: dovecot: Add ‘managesieve-notify-capability’ option.Alexey Abramov2021-05-06
| | | | | | | | | | | | | | | | * gnu/services/mail.scm (protocol-configuration): Add a ‘managesieve-notify-capability’ field. * doc/guix.texi (Mail Services): Document it. Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
* | services: dovecot: Add ‘imap-metadata?’ protocol configuration option.Alexey Abramov2021-05-06
| | | | | | | | | | | | | | | | * gnu/services/mail.scm (protocol-configuration): Add an ‘imap-metadata?’ setting to enable IMAP METADATA support in the ‘imap’ protocol. * doc/guix.texi (Mail Services): Document it. Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
* | services: dovecot: Add ‘mail-attribute-dict’ configuration option.Alexey Abramov2021-05-06
| | | | | | | | | | | | | | | | * gnu/services/mail.scm (dovecot-configuration): Define a ‘mail-attribute-dict’ directive for IMAP METADATA storage. * doc/guix.texi (Mail Services): Document it. Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
* | services: guix-build-coordinator: Fix queue builds state directory.Christopher Baines2021-05-02
| | | | | | | | | | | | | | | | This service doesn't create a PID file, but it does write a file with the processed commits in it, so create a directory to contain that. * gnu/services/guix.scm (guix-build-coordinator-queue-builds-activation): Ensure /var/cache/guix-build-coordinator-queue-builds exists.
* | services: mysql: Add extra-environment as configuration option.methuselah-02021-04-27
| | | | | | | | | | | | | | | | * gnu/services/databases.scm (mysql-configuration): Add extra-environment (mysql-service): Use #:log-file and #:environment-variables * doc/guix.texi: Document it. Signed-off-by: Leo Prikler <leo.prikler@student.tugraz.at>
* | services: nix: Add /bin/sh to build-sandbox-paths.Oleg Pykhalov2021-04-26
| | | | | | | | | | | | Fixes <https://bugs.gnu.org/46297>. * gnu/services/nix.scm (nix-service-etc): Add /bin/sh to build-sandbox-paths.
* | services: Add a service for rasdaemon.B. Wilson2021-04-24
| | | | | | | | | | | | | | | | * gnu/services/linux.scm (rasdaemon-configuration, rasdaemon-configuration?, rasdaemon-configuration-record?, rasdaemon-service-type): New variables. * doc/guix.texi (Linux Services): Document it. Signed-off-by: Leo Famulari <leo@famulari.name>
* | services: guix-build-coordinator: Fix queue builds default config.Christopher Baines2021-04-23
| | | | | | | | | | | | | | | | Use the default client port rather than the default agent communication port for the queue builds script. * gnu/services/guix.scm (<guix-build-coordinator-queue-builds-configuration>): Change coordinator default.
* | services: guix-build-coordinator: Remove incorrect pid file.Christopher Baines2021-04-23
| | | | | | | | | | | | | | | | The queue builds script doesn't create a pid file, so don't have the shepherd expect to find one. * gnu/services/guix.scm (guix-build-coordinator-queue-builds-shepherd-services): Remove #:pid-file.
* | services: guix-build-coordinator: Fix service activation parts.Christopher Baines2021-04-23
| | | | | | | | | | | | | | | | | | Don't hardcode usernames, as these are in the config. Also fix the %user being missing from the queue-builds service activation. * gnu/services/guix.scm (guix-build-coordinator-activation, guix-build-coordinator-agent-activation): Use config for the user name. (guix-build-coordinator-queue-builds-activation): Define %user.
* | services: guix-build-coordinator: Add max-1min-load-average option.Christopher Baines2021-04-23
| | | | | | | | | | | | | | | | | | | | | | To the agent configuration. * gnu/services/guix.scm (<guix-build-coordinator-agent-configuration>): New field, max-1min-load-average. (guix-build-coordinator-agent-configuration-max-1min-load-average): New procedure. (guix-build-coordinator-agent-shepherd-services): If set, include the max-1min-load-average in the agent arguments.
* | services: wireguard: Add keep-alive support.Guillaume Le Vaillant2021-04-20
|/ | | | | | * gnu/services/vpn.scm (<wireguard-peer>): Add 'keep-alive' field. (wireguard-configuration-file): Use it. * doc/guix.texi (VPN Services): Document it.
* services: cuirass: Use "/tmp" database host.Mathieu Othacehe2021-04-14
| | | | | | | This is a follow-up of c311147bd16aa0e5746d9cbf31502f5fd61e470c. * gnu/services/cuirass.scm (%cuirass-default-database): Use "/tmp" database host.
* Revert "services: mysql: Add extra-environment as configuration option."Leo Prikler2021-04-14
| | | | | | This reverts commit f3626119d738f30b5ab59e76c105fd7b4c077ddc. This commit inadvertently broke a string freeze. Let's be nice to our translators and not do that.
* services: postgresql: Use "/tmp" host directory.Mathieu Othacehe2021-04-13
| | | | | | | This is a follow-up of c311147bd16aa0e5746d9cbf31502f5fd61e470c. * gnu/services/databases.scm (<postgresql-role-configuration>)[host]: Set to "/tmp" which the default Postgresql socket directory.
* services: mysql: Add extra-environment as configuration option.methuselah-02021-04-13
| | | | | | | | * gnu/services/databases.scm (mysql-configuration): Add extra-environment (mysql-service): Use #:log-file and #:environment-variables * doc/guix.texi: Document it. Signed-off-by: Leo Prikler <leo.prikler@student.tugraz.at>
* services: postgresql: Change service default socket directory.Christopher Baines2021-04-12
| | | | | | | | | | | | | | | | | | | | | | | Fixes <https://bugs.gnu.org/46737>. PostgreSQL running with a different socket directory to the default one in the package itself breaks some services, this commit restores the previous behaviour where PostgreSQL by default will run with a socket directory that matches the default used by PostgreSQL packaged for Guix. Switching to a different default value can happen, but only alongside changing the PostgreSQL package. * gnu/services/databases.scm (<postgresql-config-file>)[socket-directory]: Change default to #false. * doc/guix.texi (Database Services): Update documentation, and specify a different value for disabling connections via sockets. * gnu/tests/guix.scm (%guix-data-service-os): Use default PostgreSQL behaviour. * gnu/tests/monitoring.scm (%zabbix-os): Likewise. * gnu/tests/web.scm (patchwork-os): Likewise. Signed-off-by: Leo Famulari <leo@famulari.name>
* services: ipfs: Tweak description.Ludovic Courtès2021-04-12
| | | | | * gnu/services/networking.scm (ipfs-service-type)[description]: Avoid abbreviation.
* services: Add ipfs-service-typeMaxime Devos2021-04-12
| | | | | | | | | | | | | * gnu/services/networking.scm (ipfs-service-type) (%ipfs-home-mapping, %ipfs-environment) (%ipfs-accounts, %ipfs-home): New variables. (ipfs-configuration, ipfs-configuration?) (ipfs-configuration-package, ipfs-configuration-gateway) (ipfs-configuration-api, ipfs-shepherd-service) (ipfs-binary, %ipfs-activation): New procedures. * doc/guix.texi (Networking Services): Document it. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: git-daemon: Fix typo in docstring.Tobias Geerinckx-Rice2021-04-10
| | | | | * gnu/services/version-control.scm (git-daemon-service): Fix docstring typo.
* services: Add Laminar.Christopher Baines2021-04-09
| | | | | | * gnu/services/ci.scm: New file. * gnu/tests/ci.scm: New file. * doc/guix.texi (Laminar): Document the Laminar service.
* services: dovecot: Fix serialization of a free-form-args arguments.Alexey Abramov2021-04-06
| | | | | | | * gnu/services/mail.scm (serialize-free-form-args): Change destination and return a string containing the formated text. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: guix-publish: Add zstd compression by default.Ludovic Courtès2021-04-03
| | | | | | | | | | | That way, the default config with (advertises? #t) and without a cache will offer zstd-compressed substitutes, which should lead to much higher throughput than gzip. * gnu/services/base.scm (default-compression): When 'guix-publish-configuration-cache' returns true, use higher level compression ratios. Add "zstd". * doc/guix.texi (Base Services): Mention zstd.
* services: kmscon: Add font-engine and font-size fields.qblade2021-04-01
| | | | | | | * gnu/services/base.scm (<kmscon-configuration>): Add font-engine and font-size fields. (kmscon-service-type): Honor them. * doc/guix.texi (Base Services): Document them.
* gnu: services: web: Have fcgiwrap log to a file.Christopher Baines2021-04-01
| | | | | | | This makes it easier to access the output. * gnu/services/web.scm (fcgiwrap-shepherd-service): Pass #:log-file to make-forkexec-constructor.
* gnu: services: web: Cleanup whitespace.Christopher Baines2021-04-01
| | | | | | Replace tabs with spaces, and delete trailing whitespace. * gnu/services/web.scm: Cleanup whitespace.
* services: sysctl: Export <sysctl-configuration> record field accessors.muradm2021-03-31
| | | | | | | * gnu/services/sysctl.scm (sysctl-configuration-sysctl) (sysctl-configuration-settings): Export. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: xorg: Export %default-xorg-server-arguments.Valentin Herrmann2021-03-31
| | | | | | * gnu/services/xorg.scm (%default-xorg-server-arguments): Export. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: rottlog: Add /var/log/mcron.log to '%default-rotations'.Ludovic Courtès2021-03-29
| | | | | | | Fixes <https://bugs.gnu.org/47436>. Reported by Leo Famulari <leo@famulari.name>. * gnu/services/admin.scm (%rotated-files): Add "/var/log/mcron.log".
* services: cuirass: Set default port values.Mathieu Othacehe2021-03-23
| | | | | * gnu/services/cuirass.scm (<cuirass-remote-server-configuration>, <cuirass-configuration>): Set default port values.
* services: cuirass: Adapt to Cuirass 1.0.Mathieu Othacehe2021-03-23
| | | | | * gnu/services/cuirass.scm (cuirass-shepherd-service, cuirass-remote-worker-shepherd-service): Adapt to Cuirass 1.0.
* services: Enable "protected hardlinks" and "protected symlinks" by default.Leo Famulari2021-03-18
| | | | | | | | | | | | | | References: https://sysctl-explorer.net/fs/protected_hardlinks/ https://sysctl-explorer.net/fs/protected_symlinks/ * gnu/services/sysctl.scm (%default-sysctl-settings): New public variable. (<sysctl-configuration>): Use %default-sysctl-settings as the default value. * gnu/services/base.scm (%base-services): Add sysctl-service-type. * doc/guix.texi (Miscellaneous Services): Document the new defaults. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu: Remove MongoDB.Léo Le Bouter2021-03-16
| | | | | | | | | | | | | | | | | | | | | | mongodb 3.4.10 has unpatched CVEs and mongodb 3.4.24 has some files in the release tarball under the SSPL, therefore we cannot provide mongodb while upholding to good security standards. It turns out feff80cec3c97a3df2c20d300be12d67f79d4f22 was right since while the main license file wasnt altered to SSPL, some files in the tree contain SSPL headers. * gnu/packages/databases.scm (go-gopkg.in-mgo.v2): Remove. * gnu/packages/databases.scm (mongo-tools): Remove. * doc/guix.texi (mongodb-service-type): Remove. * gnu/tests/databases.scm (%test-mongodb, %mongodb-os, run-mongodb-test): Remove. * gnu/services/databases.scm (mongodb-configuration, mongodb-configuration?, mongodb-configuration-mongodb, mongodb-configuration-config-file, mongodb-configuration-data-directory, mongodb-service-type, %default-mongodb-configuration-file, %mongodb-accounts, mongodb-activation, mongodb-shepherd-service): Remove. * gnu/packages/databases.scm (mongodb): Remove.
* services/qemu-binfmt: Use the F flag and the static output of QEMU.Maxim Cournoyer2021-03-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes <https://issues.guix.gnu.org/36117>. Before this change, the 'binfmt_misc' entries registered for QEMU would not be usable in container contexts outside of guix-daemon (without manually bind mounting file names). For example: $ docker run --rm arm32v7/debian true standard_init_linux.go:207: exec user process caused "no such file or directory" After this change, any container can make use of the QEMU binfmt_misc registrations, as their corresponding QEMU static binaries are fully pre-loaded by the kernel. * gnu/services/virtualization.scm (<qemu-platform>): Define using 'define-record-type*'. [flags]: New field, which defaults to "F" (fix binary). (%i386, %i486, %alpha, %arm, %armeb, %sparc, %sparc32plus, %ppc, %ppc64) (%ppc64le, %m68k, %mips, %mipsel, %mipsn32, %mipsn32el, %mips64, %mips64el) (%riscv32, %riscv64, %sh4, %sh4eb, %s390x, %aarch64, %hppa): Adjust. (qemu-binfmt-guix-chroot): Remove variable. (qemu-binfmt-service-type): Remove the qemu-binfmt-guix-chroot extension. * gnu/services/qemu-binfmt (qemu-platform->binfmt): Use the static output of QEMU. * doc/contributing.texi (Submitting Patches): Update doc. * doc/guix.texi (Virtualization Services): Update doc.
* services: Prevent following symlinks during activation.Maxime Devos2021-03-10
| | | | | | | | | | | | | | | | | | | | This addresses a potential security issue, where a compromised service could trick the activation code in changing the permissions, owner and group of arbitrary files. However, this patch is currently only a partial fix, due to a TOCTTOU (time-of-check to time-of-use) race, which can be fixed once guile has bindings to openat and friends. Fixes: <https://lists.gnu.org/archive/html/guix-devel/2021-01/msg00388.html> * gnu/build/activation.scm: new procedure 'mkdir-p/perms'. * gnu/services/authentication.scm (%nslcd-activation, nslcd-service-type): use new procedure. * gnu/services/cups.scm (%cups-activation): likewise. * gnu/services/dbus.scm (dbus-activation): likewise. * gnu/services/dns.scm (knot-activation): likewise. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: cuirass: Remove simple cuirass configuration.Mathieu Othacehe2021-03-10
| | | | | | | | The Cuirass configuration has been simplified so that this is no longer needed. * gnu/services/cuirass.scm (<build-manifest>, <simple-cuirass-configuration>, simple-cuirass-configuration->specs): Remove them.
* services: cuirass: Do not create the database directory.Mathieu Othacehe2021-03-10
| | | | | | | Fixes: <https://issues.guix.gnu.org/46683>. * gnu/services/cuirass.scm (cuirass-activation): Since the PostgreSQL switch, it is no longer needed to create the database directory.
* services: guix-build-coordinator: Add dynamic auth with file record.Christopher Baines2021-03-05
| | | | | | | | | | | * gnu/services/guix.scm (guix-build-coordinator-agent-dynamic-auth-with-file, guix-build-coordinator-agent-dynamic-auth-with-filen?, guix-build-coordinator-agent-dynamic-auth-with-file-agent-name, guix-build-coordinator-agent-dynamic-auth-with-file-token-file): New procedures. (guix-build-coordinator-agent-shepherd-services): Handle new dynamic auth with file record. * doc/guix.texi (Guix Build Coordinator): Document the new dynamic auth with file record.