diff options
Diffstat (limited to 'gnu/services')
| -rw-r--r-- | gnu/services/audio.scm | 35 | ||||
| -rw-r--r-- | gnu/services/base.scm | 125 | ||||
| -rw-r--r-- | gnu/services/cuirass.scm | 7 | ||||
| -rw-r--r-- | gnu/services/desktop.scm | 56 | ||||
| -rw-r--r-- | gnu/services/networking.scm | 109 | ||||
| -rw-r--r-- | gnu/services/rsync.scm | 172 | ||||
| -rw-r--r-- | gnu/services/web.scm | 14 | ||||
| -rw-r--r-- | gnu/services/xorg.scm | 1 |
8 files changed, 411 insertions, 108 deletions
diff --git a/gnu/services/audio.scm b/gnu/services/audio.scm index 22814a6c09..0a3e9f66bc 100644 --- a/gnu/services/audio.scm +++ b/gnu/services/audio.scm @@ -45,9 +45,7 @@ (port mpd-configuration-port (default "6600")) (address mpd-configuration-address - (default "any")) - (pid-file mpd-configuration-pid-file - (default "/var/run/mpd.pid"))) + (default "any"))) (define (mpd-config->file config) (apply @@ -56,6 +54,7 @@ " type \"pulse\"\n" " name \"MPD\"\n" "}\n" + "pid_file \"" (mpd-file-name config "pid") "\"\n" (map (match-lambda ((config-name config-val) (string-append config-name " \"" (config-val config) "\"\n"))) @@ -63,10 +62,16 @@ ("music_directory" ,mpd-configuration-music-dir) ("playlist_directory" ,mpd-configuration-playlist-dir) ("port" ,mpd-configuration-port) - ("bind_to_address" ,mpd-configuration-address) - ("pid_file" ,mpd-configuration-pid-file))))) + ("bind_to_address" ,mpd-configuration-address))))) -(define (mpd-service config) +(define (mpd-file-name config file) + "Return a path in /var/run/mpd/ that is writable + by @code{user} from @code{config}." + (string-append "/var/run/mpd/" + (mpd-configuration-user config) + "/" file)) + +(define (mpd-shepherd-service config) (shepherd-service (documentation "Run the MPD (Music Player Daemon)") (provision '(mpd)) @@ -74,13 +79,27 @@ (list #$(file-append mpd "/bin/mpd") "--no-daemon" #$(mpd-config->file config)) - #:pid-file #$(mpd-configuration-pid-file config))) + #:pid-file #$(mpd-file-name config "pid") + #:log-file #$(mpd-file-name config "log"))) (stop #~(make-kill-destructor)))) +(define (mpd-service-activation config) + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (define %user + (getpw #$(mpd-configuration-user config))) + + (let ((directory #$(mpd-file-name config ""))) + (mkdir-p directory) + (chown directory (passwd:uid %user) (passwd:gid %user)))))) + (define mpd-service-type (service-type (name 'mpd) (extensions (list (service-extension shepherd-root-service-type - (compose list mpd-service)))) + (compose list mpd-shepherd-service)) + (service-extension activation-service-type + mpd-service-activation))) (default-value (mpd-configuration)))) diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 5001298ab3..64620a9b0a 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -29,6 +29,7 @@ #:use-module (gnu services networking) #:use-module (gnu system pam) #:use-module (gnu system shadow) ; 'user-account', etc. + #:use-module (gnu system uuid) #:use-module (gnu system file-systems) ; 'file-system', etc. #:use-module (gnu system mapped-devices) #:use-module ((gnu system linux-initrd) @@ -47,6 +48,7 @@ #:select (mount-flags->bit-mask)) #:use-module (guix gexp) #:use-module (guix records) + #:use-module (guix modules) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) #:use-module (ice-9 match) @@ -57,8 +59,6 @@ user-unmount-service swap-service user-processes-service - session-environment-service - session-environment-service-type host-name-service console-keymap-service %default-console-font @@ -208,7 +208,10 @@ (list (service-extension etc-service-type file-systems->fstab))) (compose concatenate) - (extend append))) + (extend append) + (description + "Populate the @file{/etc/fstab} based on the given file +system objects."))) (define %root-file-system-shepherd-service (shepherd-service @@ -276,18 +279,12 @@ FILE-SYSTEM." "Return the shepherd service for @var{file-system}, or @code{#f} if @var{file-system} is not auto-mounted upon boot." (let ((target (file-system-mount-point file-system)) - (device (file-system-device file-system)) - (type (file-system-type file-system)) - (title (file-system-title file-system)) - (flags (file-system-flags file-system)) - (options (file-system-options file-system)) - (check? (file-system-check? file-system)) (create? (file-system-create-mount-point? file-system)) (dependencies (file-system-dependencies file-system)) (packages (file-system-packages (list file-system)))) (and (file-system-mount? file-system) - (with-imported-modules '((gnu build file-systems) - (guix build bournish)) + (with-imported-modules (source-module-closure + '((gnu build file-systems))) (shepherd-service (provision (list (file-system->shepherd-service-name file-system))) (requirement `(root-file-system @@ -310,8 +307,7 @@ FILE-SYSTEM." '#$packages)))) (lambda () (mount-file-system - `(#$device #$title #$target #$type #$flags - #$options #$check?) + '#$(file-system->spec file-system) #:root "/")) (lambda () (setenv "PATH" $PATH))) @@ -354,7 +350,10 @@ FILE-SYSTEM." (service-extension fstab-service-type identity))) (compose concatenate) - (extend append))) + (extend append) + (description + "Provide Shepherd services to mount and unmount the given +file systems, as well as corresponding @file{/etc/fstab} entries."))) (define user-unmount-service-type (shepherd-service-type @@ -550,7 +549,11 @@ stopped before 'kill' is called." (service-type (name 'urandom-seed) (extensions (list (service-extension shepherd-root-service-type - urandom-seed-shepherd-service))))) + urandom-seed-shepherd-service))) + (description + "Seed the @file{/dev/urandom} pseudo-random number +generator (RNG) with the value recorded when the system was last shut +down."))) (define (urandom-seed-service) (service urandom-seed-service-type #f)) @@ -595,39 +598,6 @@ to add @var{device} to the kernel's entropy pool. The service will fail if (rng-tools rng-tools) (device device)))) - -;;; -;;; System-wide environment variables. -;;; - -(define (environment-variables->environment-file vars) - "Return a file for pam_env(8) that contains environment variables VARS." - (apply mixed-text-file "environment" - (append-map (match-lambda - ((key . value) - (list key "=" value "\n"))) - vars))) - -(define session-environment-service-type - (service-type - (name 'session-environment) - (extensions - (list (service-extension - etc-service-type - (lambda (vars) - (list `("environment" - ,(environment-variables->environment-file vars))))))) - (compose concatenate) - (extend append))) - -(define (session-environment-service vars) - "Return a service that builds the @file{/etc/environment}, which can be read -by PAM-aware applications to set environment variables for sessions. - -VARS should be an association list in which both the keys and the values are -strings or string-valued gexps." - (service session-environment-service-type vars)) - ;;; ;;; Console & co. @@ -718,7 +688,15 @@ strings or string-valued gexps." (list (service-extension shepherd-root-service-type console-font-shepherd-services))) (compose concatenate) - (extend append))) + (extend append) + (description + "Install the given fonts on the specified ttys (fonts are per +virtual console on GNU/Linux). The value of this service is a list of +tty/font pairs like: + +@example +'((\"tty1\" . \"LatGrkCyr-8x16\")) +@end example\n"))) (define* (console-font-service tty #:optional (font "LatGrkCyr-8x16")) "This procedure is deprecated in favor of @code{console-font-service-type}. @@ -753,7 +731,10 @@ Return a service that sets up Unicode support in @var{tty} and loads (define login-service-type (service-type (name 'login) (extensions (list (service-extension pam-root-service-type - login-pam-service))))) + login-pam-service))) + (description + "Provide a console log-in service as specified by its +configuration value, a @code{login-configuration} object."))) (define* (login-service #:optional (config (login-configuration))) "Return a service configure login according to @var{config}, which specifies @@ -969,7 +950,10 @@ the message of the day, among other things." (define agetty-service-type (service-type (name 'agetty) (extensions (list (service-extension shepherd-root-service-type - agetty-shepherd-service))))) + agetty-shepherd-service))) + (description + "Provide console login using the @command{agetty} +program."))) (define* (agetty-service config) "Return a service to run agetty according to @var{config}, which specifies @@ -1020,7 +1004,10 @@ the tty to run, among other things." (define mingetty-service-type (service-type (name 'mingetty) (extensions (list (service-extension shepherd-root-service-type - mingetty-shepherd-service))))) + mingetty-shepherd-service))) + (description + "Provide console login using the @command{mingetty} +program."))) (define* (mingetty-service config) "Return a service to run mingetty according to @var{config}, which specifies @@ -1189,7 +1176,11 @@ the tty to run, among other things." (inherit config) (name-services (append (nscd-configuration-name-services config) - name-services))))))) + name-services))))) + (description + "Runs libc's @dfn{name service cache daemon} (nscd) with the +given configuration---an @code{<nscd-configuration>} object. @xref{Name +Service Switch}, for an example."))) (define* (nscd-service #:optional (config %nscd-default-configuration)) "Return a service that runs libc's name service cache daemon (nscd) with the @@ -1285,7 +1276,11 @@ information on the configuration file syntax." (extensions (list (service-extension etc-service-type security-limits) (service-extension pam-root-service-type - (lambda _ (list pam-extension)))))))) + (lambda _ (list pam-extension))))) + (description + "Install the specified resource usage limits by populating +@file{/etc/security/limits.conf} and using the @code{pam_limits} +authentication module.")))) (define* (pam-limits-service #:optional (limits '())) "Return a service that makes selected programs respect the list of @@ -1461,7 +1456,9 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) (service-extension activation-service-type guix-activation) (service-extension profile-service-type (compose list guix-configuration-guix)))) - (default-value (guix-configuration)))) + (default-value (guix-configuration)) + (description + "Run the build daemon of GNU@tie{}Guix, aka. @command{guix-daemon}."))) (define* (guix-service #:optional (config %default-guix-configuration)) "Return a service that runs the Guix build daemon according to @@ -1559,7 +1556,10 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) (const %guix-publish-accounts)) (service-extension activation-service-type guix-publish-activation))) - (default-value (guix-publish-configuration)))) + (default-value (guix-publish-configuration)) + (description + "Add a Shepherd service running @command{guix publish}, a +command that allows you to share pre-built binaries with others over HTTP."))) (define* (guix-publish-service #:key (guix guix) (port 80) (host "localhost")) "Return a service that runs @command{guix publish} listening on @var{host} @@ -1731,7 +1731,11 @@ item of @var{packages}." (($ <udev-configuration> udev initial-rules) (udev-configuration (udev udev) - (rules (append initial-rules rules))))))))) + (rules (append initial-rules rules))))))) + (description + "Run @command{udev}, which populates the @file{/dev} +directory dynamically. Get extra rules from the packages listed in the +@code{rules} field of its value, @code{udev-configuration} object."))) (define* (udev-service #:key (udev eudev) (rules '())) "Run @var{udev}, which populates the @file{/dev} directory dynamically. Get @@ -1802,7 +1806,12 @@ extra rules from the packages listed in @var{rules}." (service-type (name 'gpm) (extensions (list (service-extension shepherd-root-service-type - gpm-shepherd-service))))) + gpm-shepherd-service))) + (description + "Run GPM, the general-purpose mouse daemon, with the given +command-line options. GPM allows users to use the mouse in the console, +notably to select, copy, and paste text. The default options use the +@code{ps2} protocol, which works for both USB and PS/2 mice."))) (define* (gpm-service #:key (gpm gpm) (options '("-m" "/dev/input/mice" "-t" "ps2"))) diff --git a/gnu/services/cuirass.scm b/gnu/services/cuirass.scm index 73a30b2402..c5e9fcbb22 100644 --- a/gnu/services/cuirass.scm +++ b/gnu/services/cuirass.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2016 Mathieu Lirzin <mthl@gnu.org> ;;; Copyright © 2016, 2017 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com> +;;; Copyright © 2017 Jan Nieuwenhuizen <janneke@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -60,7 +61,9 @@ (database cuirass-configuration-database ;string (file-name) (default "/var/run/cuirass/cuirass.db")) (port cuirass-configuration-port ;integer (port) - (default 8080)) + (default 8081)) + (host cuirass-configuration-host ;string + (default "localhost")) (specifications cuirass-configuration-specifications) ;gexp that evaluates to specification-alist (use-substitutes? cuirass-configuration-use-substitutes? ;boolean @@ -84,6 +87,7 @@ (interval (cuirass-configuration-interval config)) (database (cuirass-configuration-database config)) (port (cuirass-configuration-port config)) + (host (cuirass-configuration-host config)) (specs (cuirass-configuration-specifications config)) (use-substitutes? (cuirass-configuration-use-substitutes? config)) (one-shot? (cuirass-configuration-one-shot? config)) @@ -100,6 +104,7 @@ #$(scheme-file "cuirass-specs.scm" specs) "--database" #$database "--port" #$(number->string port) + "--listen" #$host "--interval" #$(number->string interval) #$@(if use-substitutes? '("--use-substitutes") '()) #$@(if one-shot? '("--one-shot") '()) diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index 0509bd8a44..527a3101cf 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2015 Andy Wingo <wingo@igalia.com> ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com> +;;; Copyright © 2017 Maxim Cournoyer <maxim.cournoyer@gmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -384,32 +385,67 @@ site} for more information." ;;; Bluetooth. ;;; -(define (bluetooth-shepherd-service bluez) +(define-record-type* <bluetooth-configuration> + bluetooth-configuration make-bluetooth-configuration + bluetooth-configuration? + (bluez bluetooth-configuration-bluez (default bluez)) + (auto-enable? bluetooth-configuration-auto-enable? (default #f))) + +(define (bluetooth-configuration-file config) + "Return a configuration file for the systemd bluetooth service, as a string." + (string-append + "[Policy]\n" + "AutoEnable=" (bool (bluetooth-configuration-auto-enable? + config)))) + +(define (bluetooth-directory config) + (computed-file "etc-bluetooth" + #~(begin + (mkdir #$output) + (chdir #$output) + (call-with-output-file "main.conf" + (lambda (port) + (display #$(bluetooth-configuration-file config) + port)))))) + +(define (bluetooth-shepherd-service config) "Return a shepherd service for @command{bluetoothd}." (shepherd-service (provision '(bluetooth)) (requirement '(dbus-system udev)) (documentation "Run the bluetoothd daemon.") (start #~(make-forkexec-constructor - (string-append #$bluez "/libexec/bluetooth/bluetoothd"))) + (string-append #$(bluetooth-configuration-bluez config) + "/libexec/bluetooth/bluetoothd"))) (stop #~(make-kill-destructor)))) (define bluetooth-service-type (service-type (name 'bluetooth) (extensions - (list (service-extension dbus-root-service-type list) - (service-extension udev-service-type list) + (list (service-extension dbus-root-service-type + (compose list bluetooth-configuration-bluez)) + (service-extension udev-service-type + (compose list bluetooth-configuration-bluez)) + (service-extension etc-service-type + (lambda (config) + `(("bluetooth" + ,(bluetooth-directory config))))) (service-extension shepherd-root-service-type (compose list bluetooth-shepherd-service)))))) -(define* (bluetooth-service #:key (bluez bluez)) +(define* (bluetooth-service #:key (bluez bluez) (auto-enable? #f)) "Return a service that runs the @command{bluetoothd} daemon, which manages -all the Bluetooth devices and provides a number of D-Bus interfaces. +all the Bluetooth devices and provides a number of D-Bus interfaces. When +AUTO-ENABLE? is true, the bluetooth controller is powered automatically at +boot. Users need to be in the @code{lp} group to access the D-Bus service. " - (service bluetooth-service-type bluez)) + (service bluetooth-service-type + (bluetooth-configuration + (bluez bluez) + (auto-enable? auto-enable?)))) ;;; @@ -696,7 +732,8 @@ seats.)" ;; We need /run/user, /run/systemd, etc. (service-extension file-system-service-type - (const %elogind-file-systems)))))) + (const %elogind-file-systems)))) + (default-value (elogind-configuration)))) (define* (elogind-service #:key (config (elogind-configuration))) "Return a service that runs the @command{elogind} login and seat management @@ -809,8 +846,9 @@ with the administrator's password." (simple-service 'mtp udev-service-type (list libmtp)) ;; The D-Bus clique. + (service network-manager-service-type) + (service wpa-supplicant-service-type) ;needed by NetworkManager (avahi-service) - (wicd-service) (udisks-service) (upower-service) (accountsservice-service) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index b45008de64..42b96b417e 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -25,6 +25,7 @@ #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (gnu services dbus) + #:use-module (gnu services base) #:use-module (gnu system shadow) #:use-module (gnu system pam) #:use-module (gnu packages admin) @@ -253,7 +254,12 @@ fe80::1%lo0 apps.facebook.com\n") (service-extension etc-service-type static-networking-etc-files))) (compose concatenate) - (extend append))) + (extend append) + (description + "Turn up the specified network interfaces upon startup, +with the given IP address, gateway, netmask, and so on. The value for +services of this type is a list of @code{static-networking} objects, one per +network interface."))) (define* (static-networking-service interface ip #:key @@ -422,7 +428,11 @@ restrict -6 ::1\n")) (service-extension account-service-type (const %ntp-accounts)) (service-extension activation-service-type - ntp-service-activation))))) + ntp-service-activation))) + (description + "Run the @command{ntpd}, the Network Time Protocol (NTP) +daemon of the @uref{http://www.ntp.org, Network Time Foundation}. The daemon +will keep the system clock synchronized with that of the given servers."))) (define* (ntp-service #:key (ntp ntp) (servers %ntp-servers) @@ -520,7 +530,11 @@ make an initial adjustment of more than 1,000 seconds." (inetd-configuration (inherit config) (entries (append (inetd-configuration-entries config) - entries))))))) + entries))))) + (description + "Start @command{inetd}, the @dfn{Internet superserver}. It is responsible +for listening on Internet sockets and spawning the corresponding services on +demand."))) ;;; @@ -671,7 +685,10 @@ HiddenServicePort ~a ~a~%" (hidden-services (append (tor-configuration-hidden-services config) services))))) - (default-value (tor-configuration)))) + (default-value (tor-configuration)) + (description + "Run the @uref{https://torproject.org, Tor} anonymous +networking daemon."))) (define* (tor-service #:optional (config-file (plain-file "empty" "")) @@ -691,7 +708,9 @@ and lines for hidden services added via @code{tor-hidden-service}. Run ;; A type that extends Tor with hidden services. (service-type (name 'tor-hidden-service) (extensions - (list (service-extension tor-service-type list))))) + (list (service-extension tor-service-type list))) + (description + "Define a new Tor @dfn{hidden service}."))) (define (tor-hidden-service name mapping) "Define a new Tor @dfn{hidden service} called @var{name} and implementing @@ -798,7 +817,10 @@ project's documentation} for more information." (const %bitlbee-accounts)) (service-extension activation-service-type (const %bitlbee-activation)))) - (default-value (bitlbee-configuration)))) + (default-value (bitlbee-configuration)) + (description + "Run @url{http://bitlbee.org,BitlBee}, a daemon that acts as +a gateway between IRC and chat networks."))) (define* (bitlbee-service #:key (bitlbee bitlbee) (interface "127.0.0.1") (port 6667) @@ -862,7 +884,10 @@ configuration file." (const %wicd-activation)) ;; Add Wicd to the global profile. - (service-extension profile-service-type list))))) + (service-extension profile-service-type list))) + (description + "Run @url{https://launchpad.net/wicd,Wicd}, a network +management daemon that aims to simplify wired and wireless networking."))) (define* (wicd-service #:key (wicd wicd)) "Return a service that runs @url{https://launchpad.net/wicd,Wicd}, a network @@ -885,7 +910,9 @@ and @command{wicd-curses} user interfaces." (network-manager network-manager-configuration-network-manager (default network-manager)) (dns network-manager-configuration-dns - (default "default"))) + (default "default")) + (vpn-plugins network-manager-vpn-plugins ;list of <package> + (default '()))) (define %network-manager-activation ;; Activation gexp for NetworkManager. @@ -893,25 +920,38 @@ and @command{wicd-curses} user interfaces." (use-modules (guix build utils)) (mkdir-p "/etc/NetworkManager/system-connections"))) +(define (vpn-plugin-directory plugins) + "Return a directory containing PLUGINS, the NM VPN plugins." + (directory-union "network-manager-vpn-plugins" plugins)) + +(define network-manager-environment + (match-lambda + (($ <network-manager-configuration> network-manager dns vpn-plugins) + ;; Define this variable in the global environment such that + ;; "nmcli connection import type openvpn file foo.ovpn" works. + `(("NM_VPN_PLUGIN_DIR" + . ,(file-append (vpn-plugin-directory vpn-plugins) + "/lib/NetworkManager/VPN")))))) + (define network-manager-shepherd-service (match-lambda - (($ <network-manager-configuration> network-manager dns) - (let - ((conf (plain-file "NetworkManager.conf" - (string-append " -[main] -dns=" dns " -")))) - (list (shepherd-service - (documentation "Run the NetworkManager.") - (provision '(networking)) - (requirement '(user-processes dbus-system wpa-supplicant loopback)) - (start #~(make-forkexec-constructor - (list (string-append #$network-manager - "/sbin/NetworkManager") - (string-append "--config=" #$conf) - "--no-daemon"))) - (stop #~(make-kill-destructor)))))))) + (($ <network-manager-configuration> network-manager dns vpn-plugins) + (let ((conf (plain-file "NetworkManager.conf" + (string-append "[main]\ndns=" dns "\n"))) + (vpn (vpn-plugin-directory vpn-plugins))) + (list (shepherd-service + (documentation "Run the NetworkManager.") + (provision '(networking)) + (requirement '(user-processes dbus-system wpa-supplicant loopback)) + (start #~(make-forkexec-constructor + (list (string-append #$network-manager + "/sbin/NetworkManager") + (string-append "--config=" #$conf) + "--no-daemon") + #:environment-variables + (list (string-append "NM_VPN_PLUGIN_DIR=" #$vpn + "/lib/NetworkManager/VPN")))) + (stop #~(make-kill-destructor)))))))) (define network-manager-service-type (let @@ -929,9 +969,15 @@ dns=" dns " (service-extension polkit-service-type config->package) (service-extension activation-service-type (const %network-manager-activation)) + (service-extension session-environment-service-type + network-manager-environment) ;; Add network-manager to the system profile. (service-extension profile-service-type config->package))) - (default-value (network-manager-configuration))))) + (default-value (network-manager-configuration)) + (description + "Run @uref{https://wiki.gnome.org/Projects/NetworkManager, +NetworkManager}, a network management daemon that aims to simplify wired and +wireless networking.")))) ;;; @@ -985,7 +1031,10 @@ dns=" dns " connman-activation) ;; Add connman to the system profile. (service-extension profile-service-type - connman-package)))))) + connman-package))) + (description + "Run @url{https://01.org/connman,Connman}, +a network connection manager.")))) ;;; @@ -1071,6 +1120,10 @@ dns=" dns " (service-extension profile-service-type (compose list openvswitch-configuration-package)) (service-extension shepherd-root-service-type - openvswitch-shepherd-service))))) + openvswitch-shepherd-service))) + (description + "Run @uref{http://www.openvswitch.org, Open vSwitch}, a multilayer virtual +switch designed to enable massive network automation through programmatic +extension."))) ;;; networking.scm ends here diff --git a/gnu/services/rsync.scm b/gnu/services/rsync.scm new file mode 100644 index 0000000000..621e6c46d4 --- /dev/null +++ b/gnu/services/rsync.scm @@ -0,0 +1,172 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 Oleg Pykhalov <go.wigust@gmail.com> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu services rsync) + #:use-module (gnu services) + #:use-module (gnu services base) + #:use-module (gnu services shepherd) + #:use-module (gnu system shadow) + #:use-module (gnu packages rsync) + #:use-module (gnu packages admin) + #:use-module (guix records) + #:use-module (guix gexp) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) + #:use-module (ice-9 match) + #:export (rsync-configuration + rsync-configuration? + rsync-service-type)) + +;;;; Commentary: +;;; +;;; This module implements a service that to run instance of Rsync, +;;; files synchronization tool. +;;; +;;;; Code: + +(define-record-type* <rsync-configuration> + rsync-configuration + make-rsync-configuration + rsync-configuration? + (package rsync-configuration-package ; package + (default rsync)) + (port-number rsync-configuration-port-number ; integer + (default 873)) + (pid-file rsync-configuration-pid-file ; string + (default "/var/run/rsyncd/rsyncd.pid")) + (lock-file rsync-configuration-lock-file ; string + (default "/var/run/rsyncd/rsyncd.lock")) + (log-file rsync-configuration-log-file ; string + (default "/var/log/rsyncd.log")) + (use-chroot? rsync-configuration-use-chroot? ; boolean + (default #t)) + (share-path rsync-configuration-share-path ; string + (default "/srv/rsyncd")) + (share-comment rsync-configuration-share-comment ; string + (default "Rsync share")) + (read-only? rsync-configuration-read-only? ; boolean + (default #f)) + (timeout rsync-configuration-timeout ; integer + (default 300)) + (user rsync-configuration-user ; string + (default "root")) + (group rsync-configuration-group ; string + (default "root")) + (uid rsync-configuration-uid ; string + (default "rsyncd")) + (gid rsync-configuration-gid ; string + (default "rsyncd"))) + +(define (rsync-account config) + "Return the user accounts and user groups for CONFIG." + (let ((rsync-user (if (rsync-configuration-uid config) + (rsync-configuration-uid config) + (rsync-configuration-user config))) + (rsync-group (if (rsync-configuration-gid config) + (rsync-configuration-gid config) + (rsync-configuration-group config)))) + (list (user-group (name rsync-group) (system? #t)) + (user-account + (name rsync-user) + (system? #t) + (group rsync-group) + (comment "rsyncd privilege separation user") + (home-directory (string-append "/var/run/" + rsync-user)) + (shell #~(string-append #$shadow "/sbin/nologin")))))) + +(define (rsync-activation config) + "Return the activation GEXP for CONFIG." + (with-imported-modules '((guix build utils)) + #~(begin + (let ((share-directory #$(rsync-configuration-share-path config)) + (user (getpw (if #$(rsync-configuration-uid config) + #$(rsync-configuration-uid config) + #$(rsync-configuration-user config)))) + (group (getpw (if #$(rsync-configuration-gid config) + #$(rsync-configuration-gid config) + #$(rsync-configuration-group config))))) + (mkdir-p (dirname #$(rsync-configuration-pid-file config))) + (and=> share-directory mkdir-p) + (chown share-directory + (passwd:uid user) + (group:gid group)))))) + +(define rsync-config-file + ;; Return the rsync configuration file corresponding to CONFIG. + (match-lambda + (($ <rsync-configuration> package port-number pid-file lock-file log-file + use-chroot? share-path share-comment read-only? + timeout user group uid gid) + (if (not (string=? user "root")) + (cond + ((<= port-number 1024) + (error (string-append "rsync-service: to run on port " + (number->string port-number) + ", user must be root."))) + (use-chroot? + (error (string-append "rsync-service: to run in a chroot" + ", user must be root."))) + (uid + (error "rsync-service: to use uid, user must be root.")) + (gid + (error "rsync-service: to use gid, user must be root.")))) + (mixed-text-file + "rsync.conf" + "# Generated by 'rsync-service'.\n\n" + "pid file = " pid-file "\n" + "lock file = " lock-file "\n" + "log file = " log-file "\n" + "port = " (number->string port-number) "\n" + "use chroot = " (if use-chroot? "true" "false") "\n" + (if uid (string-append "uid = " uid "\n") "") + "gid = " (if gid gid "nogroup") "\n" ; no group nobody + "\n" + "[files]\n" + "path = " share-path "\n" + "comment = " share-comment "\n" + "read only = " (if read-only? "true" "false") "\n" + "timeout = " (number->string timeout) "\n")))) + +(define (rsync-shepherd-service config) + "Return a <shepherd-service> for rsync with CONFIG." + (let* ((rsync (rsync-configuration-package config)) + (pid-file (rsync-configuration-pid-file config)) + (port-number (rsync-configuration-port-number config)) + (user (rsync-configuration-user config)) + (group (rsync-configuration-group config))) + (list (shepherd-service + (provision '(rsync)) + (documentation "Run rsync daemon.") + (start #~(make-forkexec-constructor + (list (string-append #$rsync "/bin/rsync") + "--config" #$(rsync-config-file config) + "--daemon") + #:pid-file #$pid-file + #:user #$user + #:group #$group)) + (stop #~(make-kill-destructor)))))) + +(define rsync-service-type + (service-type + (name 'rsync) + (extensions + (list (service-extension shepherd-root-service-type rsync-shepherd-service) + (service-extension account-service-type rsync-account) + (service-extension activation-service-type rsync-activation))) + (default-value (rsync-configuration)))) diff --git a/gnu/services/web.scm b/gnu/services/web.scm index 18278502e4..9d713003c3 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -99,6 +99,8 @@ (default '())) (index nginx-server-configuration-index (default (list "index.html"))) + (try-files nginx-server-configuration-try-files + (default '())) (ssl-certificate nginx-server-configuration-ssl-certificate (default "/etc/nginx/cert.pem")) (ssl-certificate-key nginx-server-configuration-ssl-certificate-key @@ -179,6 +181,7 @@ of index files." (nginx-server-configuration-ssl-certificate-key server)) (root (nginx-server-configuration-root server)) (index (nginx-server-configuration-index server)) + (try-files (nginx-server-configuration-try-files server)) (server-tokens? (nginx-server-configuration-server-tokens? server)) (locations (nginx-server-configuration-locations server))) (define-syntax-parameter <> (syntax-rules ())) @@ -207,6 +210,9 @@ of index files." (and/l ssl-certificate-key " ssl_certificate_key " <> ";\n") " root " root ";\n" " index " (config-index-strings index) ";\n" + (if (not (nil? try-files)) + (and/l (config-index-strings try-files) " try_files " <> ";\n") + "") " server_tokens " (if server-tokens? "on" "off") ";\n" "\n" (map emit-nginx-location-config locations) @@ -262,7 +268,7 @@ of index files." (define nginx-activation (match-lambda (($ <nginx-configuration> nginx log-directory run-directory server-blocks - upstream-blocks config-file) + upstream-blocks file) #~(begin (use-modules (guix build utils)) @@ -281,7 +287,7 @@ of index files." (mkdir-p (string-append #$run-directory "/logs")) ;; Check configuration file syntax. (system* (string-append #$nginx "/sbin/nginx") - "-c" #$(or config-file + "-c" #$(or file (default-nginx-config nginx log-directory run-directory server-blocks upstream-blocks)) "-t"))))) @@ -289,14 +295,14 @@ of index files." (define nginx-shepherd-service (match-lambda (($ <nginx-configuration> nginx log-directory run-directory server-blocks - upstream-blocks config-file) + upstream-blocks file) (let* ((nginx-binary (file-append nginx "/sbin/nginx")) (nginx-action (lambda args #~(lambda _ (zero? (system* #$nginx-binary "-c" - #$(or config-file + #$(or file (default-nginx-config nginx log-directory run-directory server-blocks upstream-blocks)) #$@args)))))) diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm index 5a8ee6cd40..6200fa302a 100644 --- a/gnu/services/xorg.scm +++ b/gnu/services/xorg.scm @@ -135,6 +135,7 @@ Section \"Files\" ModulePath \"" xf86-input-mouse "/lib/xorg/modules/input\" ModulePath \"" xf86-input-synaptics "/lib/xorg/modules/input\" ModulePath \"" xorg-server "/lib/xorg/modules\" + ModulePath \"" xorg-server "/lib/xorg/modules/drivers\" ModulePath \"" xorg-server "/lib/xorg/modules/extensions\" ModulePath \"" xorg-server "/lib/xorg/modules/multimedia\" EndSection |