From b5eb901ab508e13a10d8c11fe0c9d0d06dddce96 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 7 Sep 2020 23:12:27 +0200 Subject: Remove (guix json) and require Guile-JSON 4.3.0+. This is a followup to 4071879c86d059ee087c8986915ea72b8c742b72. * guix/json.scm: Remove. * Makefile.am (MODULES): Adjust accordingly. * m4/guix.m4 (GUIX_CHECK_GUILE_JSON): Check for 'define-json-mapping'. * doc/guix.texi (Requirements): Require Guile-JSON 4.3.0+. * guix/ci.scm, guix/cve.scm, guix/import/cpan.scm, guix/import/crate.scm, guix/swh.scm: Remove (guix json) import. * guix/import/gem.scm, guix/import/pypi.scm: Likewise, and import (json). * guix/self.scm (specification->package): Switch to GUILE-JSON-4. * guix/git-download.scm (git-fetch): Likewise. --- doc/guix.texi | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'doc/guix.texi') diff --git a/doc/guix.texi b/doc/guix.texi index f224e356bc..4e9e5581c3 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -790,7 +790,8 @@ or later; @c FIXME: Specify a version number once a release has been made. @uref{https://gitlab.com/guile-git/guile-git, Guile-Git}, from August 2017 or later; -@item @uref{https://savannah.nongnu.org/projects/guile-json/, Guile-JSON} 3.x; +@item @uref{https://savannah.nongnu.org/projects/guile-json/, +Guile-JSON} 4.3.0 or later; @item @url{https://www.gnu.org/software/make/, GNU Make}. @end itemize -- cgit v1.2.3 From 4678767a160f26052a2adf487aee0610040ddc2e Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 8 Sep 2020 09:11:36 +0200 Subject: doc: Tweak .texi to avoid po4a-translate infinite loop. * doc/guix.texi (Requirements): Keep @uref on one line as splitting it would lead po4a-translate to enter an infinite loop. --- doc/guix.texi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'doc/guix.texi') diff --git a/doc/guix.texi b/doc/guix.texi index 4e9e5581c3..1d6782e6fa 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -790,8 +790,8 @@ or later; @c FIXME: Specify a version number once a release has been made. @uref{https://gitlab.com/guile-git/guile-git, Guile-Git}, from August 2017 or later; -@item @uref{https://savannah.nongnu.org/projects/guile-json/, -Guile-JSON} 4.3.0 or later; +@item @uref{https://savannah.nongnu.org/projects/guile-json/, Guile-JSON} +4.3.0 or later; @item @url{https://www.gnu.org/software/make/, GNU Make}. @end itemize -- cgit v1.2.3 From bcfe0f0c1e9a2b91049d7c6c591c7f0c6a002c14 Mon Sep 17 00:00:00 2001 From: Alexey Abramov Date: Tue, 8 Sep 2020 15:53:42 +0200 Subject: services: dovecot: Use modules via symlink to system profile. * gnu/services/mail.scm (%dovecot-activation): Link the location with multiple plugins (dovecot-pigeonhole, etc), to a place where dovecot can find them. * gnu/services/mail.scm (dovecot-configuration): Use the symlink. Signed-off-by: Tobias Geerinckx-Rice --- doc/guix.texi | 3 ++- gnu/services/mail.scm | 13 ++++++++++--- 2 files changed, 12 insertions(+), 4 deletions(-) (limited to 'doc/guix.texi') diff --git a/doc/guix.texi b/doc/guix.texi index 1d6782e6fa..cfd90471f7 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -18615,7 +18615,8 @@ Defaults to @samp{"/var/run/dovecot/auth-userdb"}. @deftypevr {@code{dovecot-configuration} parameter} file-name mail-plugin-dir Directory where to look up mail plugins. -Defaults to @samp{"/usr/lib/dovecot"}. +Defaults to @samp{"/etc/dovecot/modules"}, a union of all enabled mail +plugins. @end deftypevr @deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list mail-plugins diff --git a/gnu/services/mail.scm b/gnu/services/mail.scm index cfcaf4601b..c3ecbb394b 100644 --- a/gnu/services/mail.scm +++ b/gnu/services/mail.scm @@ -1044,8 +1044,10 @@ (define-configuration dovecot-configuration This is used by imap (for shared users) and lda.") (mail-plugin-dir - (file-name "/usr/lib/dovecot") - "Directory where to look up mail plugins.") + (file-name "/etc/dovecot/modules") + "Directory where to look up mail plugins. +Defaults to @samp{\"/etc/dovecot/modules\"}, a union of all enabled mail +plugins.") (mail-plugins (space-separated-string-list '()) @@ -1519,13 +1521,18 @@ (define* (create-self-signed-certificate-if-absent (else (format (current-error-port) "Failed to create public key at ~a.\n" public-key))))) - (let ((user (getpwnam "dovecot"))) + (let ((user (getpwnam "dovecot")) + ;; This is Dovecot's term for the base directory for + ;; dynamically loadable modules. It supports only one. + (moduledir "/etc/dovecot/modules")) (mkdir-p/perms "/var/run/dovecot" user #o755) (mkdir-p/perms "/var/lib/dovecot" user #o755) (mkdir-p/perms "/etc/dovecot" user #o755) (copy-file #$(plain-file "dovecot.conf" config-str) "/etc/dovecot/dovecot.conf") (mkdir-p/perms "/etc/dovecot/private" user #o700) + (unless (file-exists? moduledir) + (symlink "/run/current-system/profile/lib/dovecot" moduledir)) (create-self-signed-certificate-if-absent #:private-key "/etc/dovecot/private/default.pem" #:public-key "/etc/dovecot/default.pem" -- cgit v1.2.3 From bba0533115df9a31b696ee3782c8054174b955b1 Mon Sep 17 00:00:00 2001 From: Jelle Licht Date: Mon, 25 May 2020 20:58:46 +0200 Subject: services: php-fpm: Add 'php-ini-file' configuration. * gnu/services/web.scm: ()[php-ini-file]: New record field. (php-fpm-shepherd-service): Use it. * doc/guix.texi (Web Services): Document it. --- doc/guix.texi | 25 +++++++++++++++++++++++++ gnu/services/web.scm | 10 ++++++++-- 2 files changed, 33 insertions(+), 2 deletions(-) (limited to 'doc/guix.texi') diff --git a/doc/guix.texi b/doc/guix.texi index cfd90471f7..bad2d36e42 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -22191,6 +22191,31 @@ Can be set to @code{#f} to disable logging. @item @code{file} (default @code{#f}) An optional override of the whole configuration. You can use the @code{mixed-text-file} function or an absolute filepath for it. +@item @code{php-ini-file} (default @code{#f}) +An optional override of the default php settings. +It may be any ``file-like'' object (@pxref{G-Expressions, file-like objects}). +You can use the @code{mixed-text-file} function or an absolute filepath for it. + +For local development it is useful to set a higher timeout and memory +limit for spawned php processes. This be accomplished with the +following operating system configuration snippet: +@lisp +(define %local-php-ini + (plain-file "php.ini" + "memory_limit = 2G +max_execution_time = 1800")) + +(operating-system + ;; @dots{} + (services (cons (service php-fpm-service-type + (php-fpm-configuration + (php-ini-file %local-php-ini))) + %base-services))) +@end lisp + +Consult the @url{https://www.php.net/manual/en/ini.core.php,core php.ini +directives} for comprehensive documentation on the acceptable +@file{php.ini} directives. @end table @end deftp diff --git a/gnu/services/web.scm b/gnu/services/web.scm index d11a1c0545..c8ffc19d83 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -152,6 +152,7 @@ (define-module (gnu services web) php-fpm-configuration-timezone php-fpm-configuration-workers-log-file php-fpm-configuration-file + php-fpm-configuration-php-ini-file php-fpm-dynamic-process-manager-configuration make-php-fpm-dynamic-process-manager-configuration @@ -856,6 +857,8 @@ (define-record-type* php-fpm-configuration (version-major (package-version php)) "-fpm.www.log"))) (file php-fpm-configuration-file ;#f | file-like + (default #f)) + (php-ini-file php-fpm-configuration-php-ini-file ;#f | file-like (default #f))) (define-record-type* @@ -962,7 +965,7 @@ (define php-fpm-shepherd-service (match-lambda (($ php socket user group socket-user socket-group pid-file log-file pm display-errors - timezone workers-log-file file) + timezone workers-log-file file php-ini-file) (list (shepherd-service (provision '(php-fpm)) (documentation "Run the php-fpm daemon.") @@ -973,7 +976,10 @@ (define php-fpm-shepherd-service #$(or file (default-php-fpm-config socket user group socket-user socket-group pid-file log-file - pm display-errors timezone workers-log-file))) + pm display-errors timezone workers-log-file)) + #$@(if php-ini-file + `("-c" ,php-ini-file) + '())) #:pid-file #$pid-file)) (stop #~(make-kill-destructor))))))) -- cgit v1.2.3 From 7a68d3ccadc7391b97e94582301f3dfaf51a3179 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 8 Sep 2020 14:59:01 +0200 Subject: doc: Distinguish the "nar bundle" format from "nar". * doc/guix.texi (Invoking guix archive): Introduce the term "nar bundle" and clarify what the output of "guix archive --export" really is. * guix/nar.scm (restore-one-item, restore-file-set): Use the term "nar bundle" in docstrings. --- doc/guix.texi | 12 +++++++++++- guix/nar.scm | 15 ++++++++------- 2 files changed, 19 insertions(+), 8 deletions(-) (limited to 'doc/guix.texi') diff --git a/doc/guix.texi b/doc/guix.texi index bad2d36e42..db2013c16b 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -4990,7 +4990,13 @@ what you should use in this case (@pxref{Invoking guix copy}). @cindex nar, archive format @cindex normalized archive (nar) -Archives are stored in the ``normalized archive'' or ``nar'' format, which is +@cindex nar bundle, archive format +Each store item is written in the @dfn{normalized archive} or @dfn{nar} +format (described below), and the output of @command{guix archive +--export} (and input of @command{guix archive --import}) is a @dfn{nar +bundle}. + +The nar format is comparable in spirit to `tar', but with differences that make it more appropriate for our purposes. First, rather than recording all Unix metadata for each file, the nar format only mentions @@ -5000,6 +5006,10 @@ entries are stored always follows the order of file names according to the C locale collation order. This makes archive production fully deterministic. +That nar bundle format is essentially the concatenation of zero or more +nars along with metadata for each store item it contains: its file name, +references, corresponding derivation, and a digital signature. + When exporting, the daemon digitally signs the contents of the archive, and that digital signature is appended. When importing, the daemon verifies the signature and rejects the import in case of an invalid diff --git a/guix/nar.scm b/guix/nar.scm index 6bb2ea5b96..a23af2e5de 100644 --- a/guix/nar.scm +++ b/guix/nar.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2018, 2019 Ludovic Courtès +;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2018, 2019, 2020 Ludovic Courtès ;;; Copyright © 2014 Mark H Weaver ;;; ;;; This file is part of GNU Guix. @@ -156,7 +156,8 @@ (define-syntax-rule (with-temporary-store-file name body ...) (define* (restore-one-item port #:key acl (verify-signature? #t) (lock? #t) (log-port (current-error-port))) - "Restore one store item from PORT; return its file name on success." + "Restore one store item of a nar bundle read from PORT; return its file name +on success." (define (assert-valid-signature signature hash file) ;; Bail out if SIGNATURE, which must be a string as produced by @@ -251,11 +252,11 @@ (define port* (define* (restore-file-set port #:key (verify-signature? #t) (lock? #t) (log-port (current-error-port))) - "Restore the file set read from PORT to the store. The format of the data -on PORT must be as created by 'export-paths'---i.e., a series of Nar-formatted -archives with interspersed meta-data joining them together, possibly with a -digital signature at the end. Log progress to LOG-PORT. Return the list of -files restored. + "Restore the file set (\"nar bundle\") read from PORT to the store. The +format of the data on PORT must be as created by 'export-paths'---i.e., a +series of Nar-formatted archives with interspersed meta-data joining them +together, possibly with a digital signature at the end. Log progress to +LOG-PORT. Return the list of files restored. When LOCK? is #f, assume locks for the files to be restored are already held. This is the case when the daemon calls a build hook. -- cgit v1.2.3 From d9d88c2ff0d367599d0a851ccf9377c4e21079d6 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Fri, 11 Sep 2020 22:19:02 +0200 Subject: Revert "services: dovecot: Use modules via symlink to system profile." This reverts commit bcfe0f0c1e9a2b91049d7c6c591c7f0c6a002c14 for now. It breaks most current use(r)s of the Dovecot service and needs to be combined with an extra modules configuration field of some kind. See . --- doc/guix.texi | 3 +-- gnu/services/mail.scm | 13 +++---------- 2 files changed, 4 insertions(+), 12 deletions(-) (limited to 'doc/guix.texi') diff --git a/doc/guix.texi b/doc/guix.texi index db2013c16b..a6e14ea177 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -18625,8 +18625,7 @@ Defaults to @samp{"/var/run/dovecot/auth-userdb"}. @deftypevr {@code{dovecot-configuration} parameter} file-name mail-plugin-dir Directory where to look up mail plugins. -Defaults to @samp{"/etc/dovecot/modules"}, a union of all enabled mail -plugins. +Defaults to @samp{"/usr/lib/dovecot"}. @end deftypevr @deftypevr {@code{dovecot-configuration} parameter} space-separated-string-list mail-plugins diff --git a/gnu/services/mail.scm b/gnu/services/mail.scm index 291a2db8e1..71fa975b5d 100644 --- a/gnu/services/mail.scm +++ b/gnu/services/mail.scm @@ -988,10 +988,8 @@ (define-configuration dovecot-configuration This is used by imap (for shared users) and lda.") (mail-plugin-dir - (file-name "/etc/dovecot/modules") - "Directory where to look up mail plugins. -Defaults to @samp{\"/etc/dovecot/modules\"}, a union of all enabled mail -plugins.") + (file-name "/usr/lib/dovecot") + "Directory where to look up mail plugins.") (mail-plugins (space-separated-string-list '()) @@ -1523,18 +1521,13 @@ (define* (create-self-signed-certificate-if-absent (else (format (current-error-port) "Failed to create public key at ~a.\n" public-key))))) - (let ((user (getpwnam "dovecot")) - ;; This is Dovecot's term for the base directory for - ;; dynamically loadable modules. It supports only one. - (moduledir "/etc/dovecot/modules")) + (let ((user (getpwnam "dovecot"))) (mkdir-p/perms "/var/run/dovecot" user #o755) (mkdir-p/perms "/var/lib/dovecot" user #o755) (mkdir-p/perms "/etc/dovecot" user #o755) (copy-file #$(plain-file "dovecot.conf" config-str) "/etc/dovecot/dovecot.conf") (mkdir-p/perms "/etc/dovecot/private" user #o700) - (unless (file-exists? moduledir) - (symlink "/run/current-system/profile/lib/dovecot" moduledir)) (create-self-signed-certificate-if-absent #:private-key "/etc/dovecot/private/default.pem" #:public-key "/etc/dovecot/default.pem" -- cgit v1.2.3