aboutsummaryrefslogtreecommitdiff
path: root/gnu/services
Commit message (Collapse)AuthorAge
* services: guix: Depend on 'avahi-daemon' when 'discover?' is set.Ludovic Courtès2023-05-24
| | | | | | | | | | Previously, with shepherd 0.10.0, guix-daemon would start quickly, possibly before avahi-daemon is running. Consequently, its "guix discover" child process would exit immediately with a warning saying "Avahi daemon is not running". * gnu/services/base.scm (guix-shepherd-service): When DISCOVER? is true, add 'avahi-daemon' to 'requirement'.
* services: cups: Add cups PAM service.muradm2023-05-23
| | | | | | | | | | | | | | | | | | Fixes <https://issues.guix.gnu.org/63198>. Have the CUPS service extend pam-root-service-type providing minimal configuration to authenticate users. Since PAM authentication is provided, the regular cups package can be used as default instead of the minimal, PAM-lacking variant. * gnu/services/cups.scm (cups-configuration) [cups]: Replace cups-minimal with cups. [allow-empty-password?]: PAM service configuration permitting empty passwords. (opaque-cups-configuration): Likewise. (cups-pam-service): New procedure. (cups-service-type): Extend pam-root-service-type with cups-pam-service. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* services: Transient inetd services inherit requirements.Ludovic Courtès2023-05-21
| | | | | | | | | | | | That way, per-connection transient services such as 'sshd-123' inherit dependencies of their "parent" ('sshd' in this example), which is more consistent than not depending on anything. * gnu/services/dict.scm (dicod-shepherd-service): Pass #:requirements to 'make-inetd-constructor'. * gnu/services/messaging.scm (bitlbee-shepherd-service): Likewise. * gnu/services/ssh.scm (openssh-shepherd-service): Likewise. * gnu/services/vnc.scm (xvnc-shepherd-service): Likewise.
* services: root-file-system: Remove reference to 'stop-logging'.Ludovic Courtès2023-05-21
| | | | | | | | * gnu/services/base.scm (%root-file-system-shepherd-service): In 'stop' method, remove reference to 'stop-logging'. That procedure is gone in Shepherd 0.10.0, leading to an unbound-variable exception. Additionally, calling is unnecessary since 0.4.0, where shepherd logs to syslog (thus the open file descriptor is not backed by an on-disk file).
* services: agetty: 'stop' method does nothing when running is 'idle.Ludovic Courtès2023-05-21
| | | | | | | This is a followup to 57e731c358d000f614fbda23654cae6a5e79df80. * gnu/services/base.scm (agetty-shepherd-service): Change 'stop' method to return #f immediately when the running value is 'idle.
* services: rsync: Use least authority wrapper.Maxim Cournoyer2023-05-18
| | | | | | | * gnu/services/rsync.scm (rsync-shepherd-service) Wrap rsync command in a least-authority-wrapper. Reviewed-by: Ludovic Courtès <ludo@gnu.org>
* services: rsync: Use make-inetd-constructor.Maxim Cournoyer2023-05-18
| | | | | | | | * gnu/services/rsync.scm (rsync-shepherd-service): Use make-inetd-constructor if available in start slot. * gnu/tests/rsync.scm (run-rsync-test): Delete "PID file" test. Reviewed-by: Ludovic Courtès <ludo@gnu.org>
* services: ssh: Really rename openssh-challenge-response-authentication?Maxim Cournoyer2023-05-17
| | | | | | | | | Fixes up 9c161c1f0d, which renamed the accessor of <openssh-configuration> but failed to adjust the single usage. * gnu/services/ssh.scm (openssh-config-file): Rename openssh-challenge-response-authentication? call to openssh-configuration-challenge-response-authentication?.
* services: ssh: Rename openssh-challenge-response-authentication?Maxim Cournoyer2023-05-17
| | | | | | | | | | This is a follow-up commit to the preceding commit, which exported all <openssh-configuration> accessors. * gnu/services/ssh.scm (<openssh-configuration>): Rename openssh-challenge-response-authentication? to openssh-configuration-challenge-response-authentication?. It's a mouthful, but is at least consistent with the rest.
* services: openssh: Export openssh-configuration accessors.Maxim Cournoyer2023-05-17
| | | | * gnu/services/ssh.scm: Export openssh-configuration accessors.
* services: shepherd: Default to 0.10.Ludovic Courtès2023-05-13
| | | | | | | * gnu/services/shepherd.scm (<shepherd-configuration>)[shepherd]: Default to SHEPHERD-0.10. * gnu/home/services/shepherd.scm (<home-shepherd-configuration>)[shepherd]: Likewise.
* services: nar-herder: Support extra environment vars.Christopher Baines2023-05-13
| | | | | | | | * gnu/services/guix.scm (nar-herder-configuration-extra-environment-variables): New procedure. (nar-herder-shepherd-services): Pass the environment variables to the shepherd. * doc/guix.texi (Guix Services): Document it.
* services: inetd: Export accessors.Bruno Victal2023-05-11
| | | | | | | | | | * gnu/services/networking.scm: Export inetd-configuration?, inetd-configuration-program, inetd-configuration-entries, inetd-entry?, inetd-entry-node, inetd-entry-name, inetd-entry-socket-type, inetd-entry-protocol, inetd-entry-wait?, inetd-entry-user, inetd-entry-program and inetd-entry-arguments. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: Add vnstat-service-type.Bruno Victal2023-05-11
| | | | | | | * gnu/services/monitoring.scm (vnstat-service-type): New variable. * doc/guix.texi (Monitoring Services): Document it. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: dhcp-client-configuration: Add 'shepherd-requirement' field.Sergey Trofimov2023-05-11
| | | | | | | | | | * gnu/services/networking.scm (<dhcp-client-configuration>) [shepherd-requirement]: New field. (dhcp-client-shepherd-service): Honor it. (dhcp-client-configuration-shepherd-requirement): Export accessor. * doc/guix.texi (Networking Setup): Document it. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: elogind: Add elogind as a shepherd PAM requirement.Josselin Poiret2023-05-11
| | | | | | | * gnu/services/desktop.scm (pam-extension-procedure): Add the elogind shepherd requirement to the PAM extension. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* system: pam: Let PAM extensions add shepherd requirements.Josselin Poiret2023-05-11
| | | | | | | | | | | | | | | | | | | | | | | | | * gnu/system/pam.scm (<pam-extension>): New record type. (pam-shepherd-service): Add Shepherd synchronization point. * gnu/services/mail.scm (dovecot-shepherd-service) * gnu/services/lightdm.scm (lightdm-shepherd-service) * gnu/services/mail.scm (opensmtpd-shepherd-service) * gnu/services/sddm.scm (sddm-shepherd-service) * gnu/services/ssh.scm (lsh-shepherd-service, openssh-shepherd-service) * gnu/services/xorg.scm (slim-shepherd-service, gdm-shepherd-service) * gnu/services/base.scm (greetd-shepherd-services): Add PAM requirement. * gnu/system/pam.scm (/etc-entry, extend-configuration, pam-root-service-type, pam-root-service) * gnu/services/authentication.scm (pam-ldap-pam-service) * gnu/services/base.scm (pam-limits-service-type) (greetd-pam-service) * gnu/services/desktop.scm (pam-gnome-keyring) * gnu/services/kerberos.scm (pam-krb5-pam-service) * gnu/services/pam-mount.scm (pam-mount-pam-service): Adapt to use pam-extension. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: syslog: Do not call 'umask' in PID 1.Ludovic Courtès2023-05-11
| | | | | | | | | | | | Fixes a race condition when starting services in parallel with shepherd 0.10.x whereby a service might create files and directories with umask #o137. An example is the bitlbee service with its least-authority wrapper: the wrapper would create a tree with directories set to #o640, thereby making the whole directory tree inaccessible. * gnu/services/base.scm (syslog-shepherd-service): Pass #:file-creation-mask to 'make-forkexec-constructor' instead of calling 'umask' in PID 1.
* services: dicod, bitlbee: Pass 'make-inetd-constructor' a list of endpoints.Ludovic Courtès2023-05-11
| | | | | | | | | 'make-inetd-constructor' accepts a list of endpoints since version 0.9.1 of the Shepherd (released in May 2022). * gnu/services/dict.scm (dicod-shepherd-service): Pass 'make-inetd-constructor' a list of endpoints. * gnu/services/messaging.scm (bitlbee-shepherd-service): Likewise.
* services: guix-build-coordinator-agent: Support max-parallel-uploads.Christopher Baines2023-05-10
| | | | | | | | | | | This should be usable with the new guile-gnutls. * gnu/services/guix.scm (guix-build-coordinator-agent-configuration-max-parallel-uploads): New procedure. * gnu/services/guix.scm (guix-build-coordinator-agent-shepherd-services): Use the new argument. * doc/guix.texi (Guix Services): Document it.
* services: guix-build-coordinator: Support extra environment vars.Christopher Baines2023-05-09
| | | | | | | | | | | | I'm looking at this because I need to do some debugging of Guile's GC, and there are some useful environment variables for that, but it should be generally useful. * gnu/services/guix.scm (guix-build-coordinator-configuration-extra-environment-variables): New procedure. (guix-build-coordinator-shepherd-services): Pass the environment variables to the shepherd. * doc/guix.texi (Guix Services): Document it.
* service: qemu-binfmt: Remove broken qemu targets.Efraim Flashner2023-05-09
| | | | | * gnu/services.virtualization.scm (%qemu-platforms): Remove %i486, %aarch64be.
* services: guix-build-coordinator: Simpify service startup.Christopher Baines2023-05-06
| | | | | | | | Take advantage of changes in the build coordinator to reduce the complexity of the service startup script. * gnu/services/guix.scm (make-guix-build-coordinator-start-script): Remove the metrics registry and datastore.
* services: qemu-binfmt: Add more targets.Efraim Flashner2023-05-04
| | | | | | | | * gnu/services/virtualization.scm (%i486, %sparc64, %aarch64be, %xtensa, %xtensaeb, %microblaze, %microblazeel, %or1k, %hexagon, %loongson64): New variables. (%armeb): Correct family field. (%qemu-platforms): Add them.
* services: earlyoom: Rotate log files.Efraim Flashner2023-05-04
| | | | | * gnu/services/linux.scm (%earlyoom-log-rotation): New variable. (earlyoom-service-type): Add service-extension for log rotation.
* services: cups: Use cups-minimal to avoid PAM authentication.Maxim Cournoyer2023-05-03
| | | | | | | | | | Fixes <https://issues.guix.gnu.org/63198>. Our CUPS service doesn't currently extend the PAM configuration, and prevents users from authenticating. Use cups-minimal, which has no PAM support. * gnu/services/cups.scm (cups-configuration) [cups]: Use cups-minimal. (opaque-cups-configuration): Likewise.
* system: guix: Use config's ACL file location.Josselin Poiret2023-04-30
| | | | | | | * gnu/services/base.scm (substitute-key-authorization): Use %acl-file instead of hardcoded "/etc/guix/acl". Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: tor: Deprecate 'tor-hidden-service' procedure.Bruno Victal2023-04-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to (now renamed) 'hidden-service' record type not being exported, the only way Onion services (formely hidden services) could have worked is through the now deprecated 'tor-hidden-service' procedure. This commit updates the Tor service documentation, corrects some inconsistently named accessors in <tor-configuration> record-type, renames and refactors tor-hidden-service-configuration to tor-onion-service-configuration using define-configuration and also exports it, allowing Onion services to be configured directly within a <tor-configuration> record. Lastly, it also deprecates the 'tor-hidden-service' procedure. * doc/guix.texi (Networking Services): Substitute mentions of “Hidden services” with “Onion Services”. Add a Tor Onion service configuration example. Document <tor-onion-service-configuration>. Remove mention of 'tor-hidden-service' procedure. * gnu/services/networking.scm: Export tor-configuration-tor, tor-configuration-config-file, tor-configuration-hidden-services, tor-configuration-socks-socket-type, tor-configuration-control-socket-path, tor-onion-service-configuration, tor-onion-service-configuration?, tor-onion-service-configuration-name, tor-onion-service-configuration-mapping. (<tor-configuration>)[control-socket?]: Rename accessor. (<hidden-service>): Replace with … (<tor-onion-service-configuration>): … this. (tor-configuration->torrc): Update record-type name. (tor-activation): Ditto. (tor-hidden-service-type): Remove variable. (tor-hidden-service): Deprecate procedure. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* Merge remote-tracking branch 'origin/master' into core-updatesAndreas Enge2023-04-22
|\
| * services: herd: 'load-services/safe' is synonymous with 'load-services'.Ludovic Courtès2023-04-21
| | | | | | | | | | | | | | This is a followup to 547965aa27b6a09cadf42130b7ec7db3f1aee61f. * gnu/services/herd.scm (load-services/safe): Make an alias for 'load-services'.
| * services: nscd: Depend on syslogd.Ludovic Courtès2023-04-21
| | | | | | | | | | | | | | This gets rid of nscd debug messages on the console at boot time. * gnu/services/base.scm (nscd-shepherd-service): Add dependency on 'syslogd'.
| * services: postgresql: Add default package.Ludovic Courtès2023-04-21
| | | | | | | | | | | | * gnu/services/databases.scm (<postgresql-configuration>)[postgresql]: Add default value, moved from... (postgresql-service-type)[default-value]: ... here.
| * services: knot: Add 'configuration' action.Ludovic Courtès2023-04-21
| | | | | | | | * gnu/services/dns.scm (knot-shepherd-service): Add 'actions' field.
| * services: rsync: Add 'configuration' action.Ludovic Courtès2023-04-21
| | | | | | | | * gnu/services/rsync.scm (rsync-shepherd-service): Add 'actions' field.
| * services: redis: Add 'configuration' action.Ludovic Courtès2023-04-21
| | | | | | | | | | * gnu/services/databases.scm (redis-shepherd-service): Add 'actions' field.
| * services: mysql: Add 'configuration' action.Ludovic Courtès2023-04-21
| | | | | | | | | | * gnu/services/databases.scm (mysql-shepherd-service): Add 'actions' field.
| * services: postgresql: Add 'configuration' action.Ludovic Courtès2023-04-21
| | | | | | | | | | * gnu/services/databases.scm (postgresql-shepherd-service): Add 'actions' field.
| * services: postgresql: Add the 'postgresql' Shepherd service name.Ludovic Courtès2023-04-21
| | | | | | | | | | * gnu/services/databases.scm (postgresql-shepherd-service): Add 'postgresql' to 'provision'.
| * services: syslog: Log auth.info to /var/log/secure in default configuration.Maxim Cournoyer2023-04-21
| | | | | | | | | | | | | | | | | | | | | | This causes authentication failures such as those generated by SSH brute force attacks to appear in /var/log/secure, which is picked up by tools such as fail2ban. * gnu/services/base.scm (%default-syslog.conf): Add a auth.info selector for the /var/log/secure log. Series-to: 62802@debbugs.gnu.org
| * services/syslog: Strip leading white space indent in syslog.conf.Maxim Cournoyer2023-04-21
| | | | | | | | | | | | | | This is a cosmetic change. * gnu/services/base.scm (%default-syslog.conf): Add a comment referencing the documentation. Strip the extraneous leading trailing white space indent.
| * services: syslog: Add a reload action.Maxim Cournoyer2023-04-21
| | | | | | | | | | * gnu/services/base.scm (syslog-service-type) [actions]: Add a reload action. * doc/guix.texi (Base Services): Document it.
| * services: syslog: Move configuration to /etc/syslog.conf.Maxim Cournoyer2023-04-21
| | | | | | | | | | | | | | | | | | | | Having the configuration live at a static location makes it possible to hot-reload it. * gnu/services/base.scm (syslog.conf): New variable. (syslog-etc, syslog-shepherd-service): New procedures. (syslog-service-type): Rewrite using the above new variable and procedures, extending etc-service-type with its configuration file.
| * services: agetty: 'term-console' succeeds by default.Ludovic Courtès2023-04-17
| | | | | | | | | | | | | | | | | | | | | | | | | | Previously, on a typical setup without "console=ttyS0" or similar in 'kernel-arguments', the 'term-console' Shepherd service would always be marked as failing to start. This is undesirable because it raises a false alarm: the service is expected to do nothing in this case. This patch instead marks it as succeeding and logs a message explaining it's doing nothing. * gnu/services/base.scm (agetty-shepherd-service): In 'start' method, succeed when TTY is #f and print a message.
| * services: mpd: Use proper records for user and group fields.Bruno Victal2023-04-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Deprecate using strings for these fields and prefer user-account (resp. user-group) instead to avoid duplication within account-service-type. Fixes #61570 <https://issues.guix.gnu.org/61570>. * gnu/services/audio.scm (%mpd-user, %mpd-group) (mpd-serialize-user-account, mpd-serialize-user-group) (mpd-user-sanitizer, mpd-group-sanitizer): New variables. (mpd-configuration)[user]: Use user-account as value type. Sanitize via mpd-user-sanitizer. [group]: Use user-group as value type. Sanitize via mpd-group-sanitizer. (mpd-shepherd-service): Adjust accordingly. (mpd-accounts): Likewise. * doc/guix.texi (Audio Services)[Music Player Daemon]: Likewise. Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
| * services: mpd: Fix unintentional API breakage for mixer-type field.Bruno Victal2023-04-14
| | | | | | | | | | | | | | * gnu/services/audio.scm (mpd-output)[mixer-type]: Use sanitizer to accept both strings and symbols as values. Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
* | services: agetty: 'term-console' succeeds by default.Ludovic Courtès2023-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | Previously, on a typical setup without "console=ttyS0" or similar in 'kernel-arguments', the 'term-console' Shepherd service would always be marked as failing to start. This is undesirable because it raises a false alarm: the service is expected to do nothing in this case. This patch instead marks it as succeeding and logs a message explaining it's doing nothing. * gnu/services/base.scm (agetty-shepherd-service): In 'start' method, succeed when TTY is #f and print a message.
* | Merge branch 'master' into core-updates.Maxim Cournoyer2023-04-14
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: gnu/local.mk gnu/packages/build-tools.scm gnu/packages/certs.scm gnu/packages/check.scm gnu/packages/compression.scm gnu/packages/cups.scm gnu/packages/fontutils.scm gnu/packages/gnuzilla.scm gnu/packages/guile.scm gnu/packages/ibus.scm gnu/packages/image-processing.scm gnu/packages/linux.scm gnu/packages/music.scm gnu/packages/nss.scm gnu/packages/pdf.scm gnu/packages/python-xyz.scm gnu/packages/qt.scm gnu/packages/ruby.scm gnu/packages/shells.scm gnu/packages/tex.scm gnu/packages/video.scm gnu/packages/vulkan.scm gnu/packages/web.scm gnu/packages/webkit.scm gnu/packages/wm.scm
| * services: nginx: Add reopen action.Bruno Victal2023-04-11
| | | | | | | | | | | | | | | | This is required to allow log file rotations using rottlog, etc. * gnu/services/web.scm (nginx-shepherd-service): Add reopen shepherd action. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
| * services: nginx: Make logging level configurable.Bruno Victal2023-04-11
| | | | | | | | | | | | | | | | | | * gnu/services/web.scm (<nginx-configuration>)[log-level]: New field. (assert-valid-log-level): New procedure. (default-nginx-config): Make log-level configurable. * doc/guix.texi (Web Services): Document it. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
| * services: desktop: Remove 'xfce-desktop-service' procedure.Bruno Victal2023-04-07
| | | | | | | | | | | | * gnu/services/desktop.scm (xfce-desktop-service): Remove procedure. Signed-off-by: Ludovic Courtès <ludo@gnu.org>