From c1d37d0653766c8de52e22bae01701baf503338f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 28 Jan 2024 23:05:43 +0100 Subject: services: block-facebook-hosts: Use proper unroutable addresses. This is safer and more appropriate than redirecting to localhost. * gnu/services/networking.scm (%unroutable-ipv4, %unroutable-ipv6): New variables. (facebook-host-aliases): Use them. Change-Id: Idd4b1fec903c52d542d177a52fec1814eded4119 --- gnu/services/networking.scm | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'gnu/services') diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 495d049728..8e64e529ab 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013-2023 Ludovic Courtès +;;; Copyright © 2013-2024 Ludovic Courtès ;;; Copyright © 2015 Mark H Weaver ;;; Copyright © 2016, 2018, 2020 Efraim Flashner ;;; Copyright © 2016 John Darrington @@ -270,6 +270,14 @@ ;;; ;;; Code: +(define %unroutable-ipv4 + ;; Unroutable address, as per . + "203.0.113.1") + +(define %unroutable-ipv6 + ;; Unroutable address, as per . + "0100::") + (define facebook-host-aliases ;; This is the list of known Facebook hosts to be added to /etc/hosts if you ;; are to block it. @@ -282,7 +290,8 @@ (append-map (lambda (name) (map (lambda (addr) (host addr name)) - (list "127.0.0.1" "::1"))) domains))) + (list %unroutable-ipv4 %unroutable-ipv6))) + domains))) (define-deprecated %facebook-host-aliases block-facebook-hosts-service-type -- cgit v1.2.3 From 4aa2dccd4e4ae0243dcdf55a8e98d9c1520a4694 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Mon, 12 Feb 2024 16:38:12 +0100 Subject: services: virtual-build-machine: Do not offload when service is stopped. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/services/virtualization.scm (check-vm-availability): Check the value of ‘live-service-running’. Change-Id: Iba858ea0fa417d9276e026b72b4b78791932482e --- gnu/services/virtualization.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'gnu/services') diff --git a/gnu/services/virtualization.scm b/gnu/services/virtualization.scm index 0fbd51de8d..69c8c84190 100644 --- a/gnu/services/virtualization.scm +++ b/gnu/services/virtualization.scm @@ -1500,7 +1500,8 @@ CONFIG, a , is up and running." (srfi srfi-34)) (guard (c ((service-not-found-error? c) #f)) - (->bool (current-service '#$service-name)))))) + (->bool (live-service-running + (current-service '#$service-name))))))) (define (build-vm-guix-extension config) (define vm-ssh-key -- cgit v1.2.3 From 492b3a0c314fa4d08cb2135b61a1b0f0935bfa1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 18 Feb 2024 11:28:28 +0100 Subject: services: virtual-build-machine: Use a non-volatile root file system. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is a followup to e0ade40c2b7f39dc109ef03d43241033e14c4d4a, which didn’t have the desired effect. * gnu/services/virtualization.scm (virtual-build-machine-default-image): Add ‘volatile-root?’ field. Change-Id: I1a622f22cdd0f8f83860a6eb4a852518db3b46b7 --- gnu/services/virtualization.scm | 1 + 1 file changed, 1 insertion(+) (limited to 'gnu/services') diff --git a/gnu/services/virtualization.scm b/gnu/services/virtualization.scm index 69c8c84190..1944268cf8 100644 --- a/gnu/services/virtualization.scm +++ b/gnu/services/virtualization.scm @@ -1239,6 +1239,7 @@ authpriv.*;auth.info /var/log/secure (virtual-build-machine-name config))) (format 'compressed-qcow2) (partition-table-type 'mbr) + (volatile-root? #f) (shared-store? #f) (size %default-virtual-build-machine-image-size) (partitions (match (image-partitions base) -- cgit v1.2.3 From cd0dc17e43d4020d4e56afa32b6cc05072fe2e0e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 18 Feb 2024 12:16:23 +0100 Subject: services: virtual-build-machine: Add periodic GC job. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/services/virtualization.scm (%virtual-build-machine-operating-system): Add ‘periodic-gc’ service. Change-Id: Id5bde1ee3f8e1e549e231375e776d3201ec9e0b5 --- gnu/services/virtualization.scm | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'gnu/services') diff --git a/gnu/services/virtualization.scm b/gnu/services/virtualization.scm index 1944268cf8..ea5edfcec3 100644 --- a/gnu/services/virtualization.scm +++ b/gnu/services/virtualization.scm @@ -36,6 +36,7 @@ #:use-module (gnu services base) #:use-module (gnu services configuration) #:use-module (gnu services dbus) + #:use-module (gnu services mcron) #:use-module (gnu services shepherd) #:use-module (gnu services ssh) #:use-module (gnu services) @@ -1209,6 +1210,11 @@ authpriv.*;auth.info /var/log/secure (openssh-configuration (openssh openssh-sans-x))) + ;; Run GC once per hour. + (simple-service 'perdiodic-gc mcron-service-type + (list #~(job "12 * * * *" + "guix gc -F 2G"))) + (modify-services %base-services ;; By default, the secret service introduces a ;; pre-initialized /etc/guix/acl file in the VM. Thus, -- cgit v1.2.3 From 1cff19d8d4d99f502db43cff6e9e7472197256f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 18 Feb 2024 12:39:26 +0100 Subject: =?UTF-8?q?services:=20virtual-build-machine:=20Add=20=E2=80=98con?= =?UTF-8?q?figuration=E2=80=99=20action.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/services/virtualization.scm (build-vm-shepherd-services): Add ‘configuration’ action. * doc/guix.texi (Virtualization Services): Document it. Change-Id: I4734e096d744b3cda0d523692498a73c0029e188 --- gnu/services/virtualization.scm | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'gnu/services') diff --git a/gnu/services/virtualization.scm b/gnu/services/virtualization.scm index ea5edfcec3..7b04ddb35e 100644 --- a/gnu/services/virtualization.scm +++ b/gnu/services/virtualization.scm @@ -1342,6 +1342,22 @@ authpriv.*;auth.info /var/log/secure (kill (- pid) SIGTERM) (apply throw key args))))))) (stop #~(make-kill-destructor)) + (actions + (list (shepherd-action + (name 'configuration) + (documentation + "Display the configuration of this virtual build machine.") + (procedure + #~(lambda (_) + (format #t "CPU: ~a~%" + #$(virtual-build-machine-cpu config)) + (format #t "number of CPU cores: ~a~%" + #$(virtual-build-machine-cpu-count config)) + (format #t "memory size: ~a MiB~%" + #$(virtual-build-machine-memory-size config)) + (format #t "initial date: ~a~%" + #$(date->string + (virtual-build-machine-date config)))))))) (auto-start? (virtual-build-machine-auto-start? config))))) (define (authorize-guest-substitutes-on-host) -- cgit v1.2.3 From 0a7bf792c88ebaf0ec6c55e03a4f587bd5597796 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81ngel=20Moreno?= Date: Sun, 13 Aug 2023 12:37:04 +0200 Subject: services: Add whoogle-service-type. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/services/web.scm (whoogle-service-type): New variable. * doc/guix.texi (Web Services): Document it. Signed-off-by: Ludovic Courtès --- gnu/services/web.scm | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) (limited to 'gnu/services') diff --git a/gnu/services/web.scm b/gnu/services/web.scm index 05fd71f994..406117c457 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -16,6 +16,7 @@ ;;; Copyright © 2020, 2021 Alexandru-Sergiu Marton ;;; Copyright © 2022 Simen Endsjø ;;; Copyright © 2023 Bruno Victal +;;; Copyright © 2023 Miguel Ángel Moreno ;;; ;;; This file is part of GNU Guix. ;;; @@ -36,6 +37,7 @@ #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (gnu services admin) + #:use-module (gnu services configuration) #:use-module (gnu services getmail) #:use-module (gnu services mail) #:use-module (gnu system pam) @@ -47,6 +49,7 @@ #:use-module (gnu packages patchutils) #:use-module (gnu packages php) #:use-module (gnu packages python) + #:use-module (gnu packages python-web) #:use-module (gnu packages gnupg) #:use-module (gnu packages guile) #:use-module (gnu packages logging) @@ -240,6 +243,13 @@ varnish-service-type + whoogle-service-type + whoogle-configuration + whoogle-configuration-package + whoogle-configuration-host + whoogle-configuration-port + whoogle-configuration-environment-variables + patchwork-database-configuration patchwork-database-configuration? patchwork-database-configuration-engine @@ -1603,6 +1613,52 @@ files.") (default-value (varnish-configuration)))) + +;;; +;;; Whoogle +;;; + +(define-configuration/no-serialization whoogle-configuration + (package + (package whoogle-search) + "The @code{whoogle-search} package to use.") + (host + (string "127.0.0.1") + "The host address to run Whoogle on.") + (port + (integer 5000) + "The port to run Whoogle on.") + (environment-variables + (list-of-strings '()) + "A list of strings specifying environment variables used to configure +Whoogle.")) + +(define (whoogle-shepherd-service config) + (match-record config + (package host port environment-variables) + (list + (shepherd-service + (provision '(whoogle-search)) + (start #~(make-forkexec-constructor + (list (string-append #$package "/bin/whoogle-search") + "--host" #$host "--port" #$(number->string port)) + #:environment-variables + (append (list "CONFIG_VOLUME=/var/cache/whoogle-search") + '#$environment-variables))) + (stop #~(make-kill-destructor)) + (documentation "Run a @code{whoogle-search} instance."))))) + +(define whoogle-service-type + (service-type + (name 'whoogle-search) + (extensions + (list (service-extension shepherd-root-service-type + whoogle-shepherd-service) + (service-extension profile-service-type + (compose list whoogle-configuration-package)))) + (default-value (whoogle-configuration)) + (description "Set up the @code{whoogle-search} metasearch engine."))) + ;;; ;;; Patchwork -- cgit v1.2.3