From 7556130c2f940c8c92ea79af633cb08c82f50cb4 Mon Sep 17 00:00:00 2001 From: Christopher Baines Date: Sun, 28 Feb 2021 21:11:58 +0000 Subject: services: guix-build-coordinator: Rework authentication config. A new authentication approach has been added to the coordinator, so to better represent the options, this commit changes the configuration to accept different records, each for different authentication approaches. * gnu/services/guix.scm (guix-build-coordinator-agent-configuration-uuid, guix-build-coordinator-agent-configuration-password, guix-build-coordinator-agent-configuration-password-file): Removed procedures. (guix-build-coordinator-agent-password-auth, guix-build-coordinator-agent-password-auth?, guix-build-coordinator-agent-password-auth-uuid, guix-build-coordinator-agent-password-auth-password, guix-build-coordinator-agent-password-file-auth, guix-build-coordinator-agent-password-file-auth?, guix-build-coordinator-agent-password-file-auth-uuid, guix-build-coordinator-agent-password-file-auth-password-file): New procedures. (guix-build-coordinator-agent-shepherd-services): Adjust to handle the authentication field and it's possible record values. * doc/guix.texi (Guix Build Coordinator): Update documentation. --- doc/guix.texi | 48 ++++++++++++++++++++++++++++++++++++------------ 1 file changed, 36 insertions(+), 12 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 27083f1ae6..b75fce4dbc 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -30962,18 +30962,9 @@ The system user to run the service as. @item @code{coordinator} (default: @code{"http://localhost:8745"}) The URI to use when connecting to the coordinator. -@item @code{uuid} -The UUID of the agent. This should be generated by the coordinator -process, stored in the coordinator database, and used by the intended -agent. - -@item @code{password} (default: @code{#f}) -The password to use when connecting to the coordinator. A file to read -the password from can also be specified, and this is more secure. - -@item @code{password-file} (default: @code{#f}) -A file containing the password to use when connecting to the -coordinator. +@item @code{authentication} +Record describing how this agent should authenticate with the +coordinator. Possible record types are described below. @item @code{systems} (default: @code{#f}) The systems for which this agent should fetch builds. The agent process @@ -30993,6 +30984,39 @@ input store items aren't already available. @end table @end deftp +@deftp {Data Type} guix-build-coordinator-agent-password-auth +Data type representing an agent authenticating with a coordinator via a +UUID and password. + +@table @asis +@item @code{uuid} +The UUID of the agent. This should be generated by the coordinator +process, stored in the coordinator database, and used by the intended +agent. + +@item @code{password} +The password to use when connecting to the coordinator. + +@end table +@end deftp + +@deftp {Data Type} guix-build-coordinator-agent-password-file-auth +Data type representing an agent authenticating with a coordinator via a +UUID and password read from a file. + +@table @asis +@item @code{uuid} +The UUID of the agent. This should be generated by the coordinator +process, stored in the coordinator database, and used by the intended +agent. + +@item @code{password-file} +A file containing the password to use when connecting to the +coordinator. + +@end table +@end deftp + The Guix Build Coordinator package contains a script to query an instance of the Guix Data Service for derivations to build, and then submit builds for those derivations to the coordinator. The service -- cgit v1.2.3