diff options
Diffstat (limited to 'gnu/services')
| -rw-r--r-- | gnu/services/cuirass.scm | 29 | ||||
| -rw-r--r-- | gnu/services/cups.scm | 21 | ||||
| -rw-r--r-- | gnu/services/desktop.scm | 40 | ||||
| -rw-r--r-- | gnu/services/pm.scm | 7 |
4 files changed, 68 insertions, 29 deletions
diff --git a/gnu/services/cuirass.scm b/gnu/services/cuirass.scm index f92d33bf94..7bd43cd427 100644 --- a/gnu/services/cuirass.scm +++ b/gnu/services/cuirass.scm @@ -3,7 +3,7 @@ ;;; Copyright © 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com> ;;; Copyright © 2017 Jan Nieuwenhuizen <janneke@gnu.org> -;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net> +;;; Copyright © 2018, 2019 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org> ;;; ;;; This file is part of GNU Guix. @@ -52,6 +52,8 @@ (default cuirass)) (log-file cuirass-configuration-log-file ;string (default "/var/log/cuirass.log")) + (web-log-file cuirass-configuration-web-log-file ;string + (default "/var/log/cuirass-web.log")) (cache-directory cuirass-configuration-cache-directory ;string (dir-name) (default "/var/cache/cuirass")) (ttl cuirass-configuration-ttl ;integer @@ -83,6 +85,7 @@ (cuirass-configuration? config) (let ((cuirass (cuirass-configuration-cuirass config)) (cache-directory (cuirass-configuration-cache-directory config)) + (web-log-file (cuirass-configuration-web-log-file config)) (log-file (cuirass-configuration-log-file config)) (user (cuirass-configuration-user config)) (group (cuirass-configuration-group config)) @@ -106,8 +109,6 @@ #$(scheme-file "cuirass-specs.scm" specs) "--database" #$database "--ttl" #$(string-append (number->string ttl) "s") - "--port" #$(number->string port) - "--listen" #$host "--interval" #$(number->string interval) #$@(if use-substitutes? '("--use-substitutes") '()) #$@(if one-shot? '("--one-shot") '()) @@ -121,6 +122,28 @@ #:user #$user #:group #$group #:log-file #$log-file)) + (stop #~(make-kill-destructor))) + (shepherd-service + (documentation "Run Cuirass web interface.") + (provision '(cuirass-web)) + (requirement '(guix-daemon networking)) + (start #~(make-forkexec-constructor + (list (string-append #$cuirass "/bin/cuirass") + "--cache-directory" #$cache-directory + "--specifications" + #$(scheme-file "cuirass-specs.scm" specs) + "--database" #$database + "--ttl" #$(string-append (number->string ttl) "s") + "--web" + "--port" #$(number->string port) + "--listen" #$host + "--interval" #$(number->string interval) + #$@(if use-substitutes? '("--use-substitutes") '()) + #$@(if fallback? '("--fallback") '())) + + #:user #$user + #:group #$group + #:log-file #$web-log-file)) (stop #~(make-kill-destructor))))))) (define (cuirass-account config) diff --git a/gnu/services/cups.scm b/gnu/services/cups.scm index 9d21b6e70c..e77c43bfbf 100644 --- a/gnu/services/cups.scm +++ b/gnu/services/cups.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org> ;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net> ;;; Copyright © 2019 Alex Griffin <a@ajgrf.com> +;;; Copyright © 2019 Tobias Geerinckx-Rice <me@tobias.gr> ;;; ;;; This file is part of GNU Guix. ;;; @@ -170,7 +171,10 @@ (define (ssl-options? x) (and (list? x) - (and-map (lambda (elt) (memq elt '(AllowRC4 AllowSSL3))) x))) + (and-map (lambda (elt) (memq elt '(AllowRC4 + AllowSSL3 + DenyCBC + DenyTLS1.0))) x))) (define (serialize-ssl-options field-name val) (serialize-field field-name (match val @@ -805,12 +809,15 @@ an IPv6 address enclosed in brackets, an IPv4 address, or @code{*} to indicate all addresses.") (ssl-options (ssl-options '()) - "Sets encryption options. -By default, CUPS only supports encryption using TLS v1.0 or higher using known -secure cipher suites. The @code{AllowRC4} option enables the 128-bit RC4 -cipher suites, which are required for some older clients that do not implement -newer ones. The @code{AllowSSL3} option enables SSL v3.0, which is required -for some older clients that do not support TLS v1.0.") + "Sets encryption options. By default, CUPS only supports encryption +using TLS v1.0 or higher using known secure cipher suites. Security is +reduced when @code{Allow} options are used, and enhanced when @code{Deny} +options are used. The @code{AllowRC4} option enables the 128-bit RC4 cipher +suites, which are required for some older clients. The @code{AllowSSL3} option +enables SSL v3.0, which is required for some older clients that do not support +TLS v1.0. The @code{DenyCBC} option disables all CBC cipher suites. The +@code{DenyTLS1.0} option disables TLS v1.0 support - this sets the minimum +protocol version to TLS v1.1.") #; (ssl-port (non-negative-integer 631) diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index 343d507c14..a32756e040 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -963,23 +963,29 @@ with the administrator's password." (match-record enlightenment-desktop-configuration <enlightenment-desktop-configuration> (enlightenment) - (list (file-append enlightenment - "/lib/enlightenment/utils/enlightenment_sys") - (file-append enlightenment - "/lib/enlightenment/utils/enlightenment_backlight") - ;; TODO: Move this binary to a screen-locker service. - (file-append enlightenment - "/lib/enlightenment/utils/enlightenment_ckpasswd") - (file-append enlightenment - (string-append - "/lib/enlightenment/modules/cpufreq/" - (match (string-tokenize (%current-system) - (char-set-complement (char-set #\-))) - ((arch "linux") (string-append "linux-gnu-" arch)) - ((arch "gnu") (string-append "gnu-" arch))) - "-" - (version-major+minor (package-version enlightenment)) - "/freqset"))))) + (let ((module-arch (match (string-tokenize (%current-system) + (char-set-complement (char-set #\-))) + ((arch "linux") (string-append "linux-gnu-" arch)) + ((arch "gnu") (string-append "gnu-" arch))))) + (list (file-append enlightenment + "/lib/enlightenment/utils/enlightenment_sys") + (file-append enlightenment + "/lib/enlightenment/utils/enlightenment_backlight") + ;; TODO: Move this binary to a screen-locker service. + (file-append enlightenment + "/lib/enlightenment/utils/enlightenment_ckpasswd") + (file-append enlightenment + (string-append + "/lib/enlightenment/modules/cpufreq/" + module-arch "-" + (package-version enlightenment) + "/freqset")) + (file-append enlightenment + (string-append + "/lib/enlightenment/modules/sysinfo/" + module-arch "-" + (package-version enlightenment) + "/cpuclock_sysfs")))))) (define enlightenment-desktop-service-type (service-type diff --git a/gnu/services/pm.scm b/gnu/services/pm.scm index 3817bd09de..1e01b5059d 100644 --- a/gnu/services/pm.scm +++ b/gnu/services/pm.scm @@ -401,7 +401,8 @@ shutdown on system startup.")) (compose list tlp-configuration-tlp)) (service-extension activation-service-type tlp-activation))) - (default-value (tlp-configuration)))) + (default-value (tlp-configuration)) + (description "Run TLP, a power management tool."))) (define (generate-tlp-documentation) (generate-documentation @@ -441,4 +442,6 @@ shutdown on system startup.")) (name 'thermald) (extensions (list (service-extension shepherd-root-service-type thermald-shepherd-service))) - (default-value (thermald-configuration)))) + (default-value (thermald-configuration)) + (description "Run thermald, a CPU frequency scaling service that helps +prevent overheating."))) |