summaryrefslogtreecommitdiff
path: root/gnu/services
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/services')
-rw-r--r--gnu/services/base.scm2
-rw-r--r--gnu/services/certbot.scm133
-rw-r--r--gnu/services/configuration.scm3
-rw-r--r--gnu/services/desktop.scm13
-rw-r--r--gnu/services/dict.scm26
-rw-r--r--gnu/services/messaging.scm57
-rw-r--r--gnu/services/version-control.scm63
-rw-r--r--gnu/services/xorg.scm298
8 files changed, 483 insertions, 112 deletions
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 06b2a7d2d8..11f55c588c 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -1345,7 +1345,7 @@ failed to register hydra.gnu.org public key: ~a~%" status))))))))
(define %default-authorized-guix-keys
;; List of authorized substitute keys.
(list (file-append guix "/share/guix/hydra.gnu.org.pub")
- (file-append guix "/share/guix/bayfront.guixsd.org.pub")))
+ (file-append guix "/share/guix/berlin.guixsd.org.pub")))
(define-record-type* <guix-configuration>
guix-configuration make-guix-configuration
diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm
new file mode 100644
index 0000000000..dc072ea8da
--- /dev/null
+++ b/gnu/services/certbot.scm
@@ -0,0 +1,133 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;; Copyright © 2016 Sou Bunnbu <iyzsong@member.fsf.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu services certbot)
+ #:use-module (gnu services)
+ #:use-module (gnu services base)
+ #:use-module (gnu services shepherd)
+ #:use-module (gnu services mcron)
+ #:use-module (gnu services web)
+ #:use-module (gnu system shadow)
+ #:use-module (gnu packages tls)
+ #:use-module (guix records)
+ #:use-module (guix gexp)
+ #:use-module (srfi srfi-1)
+ #:use-module (ice-9 match)
+ #:export (certbot-service-type
+ certbot-configuration
+ certbot-configuration?))
+
+;;; Commentary:
+;;;
+;;; Automatically obtaining TLS certificates from Let's Encrypt.
+;;;
+;;; Code:
+
+
+(define-record-type* <certbot-configuration>
+ certbot-configuration make-certbot-configuration
+ certbot-configuration?
+ (package certbot-configuration-package
+ (default certbot))
+ (webroot certbot-configuration-webroot
+ (default "/var/www"))
+ (hosts certbot-configuration-hosts
+ (default '()))
+ (default-location certbot-configuration-default-location
+ (default
+ (nginx-location-configuration
+ (uri "/")
+ (body
+ (list "return 301 https://$host$request_uri;"))))))
+
+(define certbot-renewal-jobs
+ (match-lambda
+ (($ <certbot-configuration> package webroot hosts default-location)
+ (match hosts
+ ;; Avoid pinging certbot if we have no hosts.
+ (() '())
+ (_
+ (list
+ ;; Attempt to renew the certificates twice a week.
+ #~(job (lambda (now)
+ (next-day-from (next-hour-from now '(3))
+ '(2 5)))
+ (string-append #$package "/bin/certbot renew"
+ (string-concatenate
+ (map (lambda (host)
+ (string-append " -d " host))
+ #$hosts))))))))))
+
+(define certbot-activation
+ (match-lambda
+ (($ <certbot-configuration> package webroot hosts default-location)
+ (with-imported-modules '((guix build utils))
+ #~(begin
+ (use-modules (guix build utils))
+ (mkdir-p #$webroot)
+ (for-each
+ (lambda (host)
+ (unless (file-exists? (in-vicinity "/etc/letsencrypt/live" host))
+ (unless (zero? (system*
+ (string-append #$certbot "/bin/certbot")
+ "certonly" "--webroot" "-w" #$webroot
+ "-d" host))
+ (error "failed to acquire cert for host" host))))
+ '#$hosts))))))
+
+(define certbot-nginx-server-configurations
+ (match-lambda
+ (($ <certbot-configuration> package webroot hosts default-location)
+ (map
+ (lambda (host)
+ (nginx-server-configuration
+ (http-port 80)
+ (https-port #f)
+ (ssl-certificate #f)
+ (ssl-certificate-key #f)
+ (server-name (list host))
+ (locations
+ (filter identity
+ (list
+ (nginx-location-configuration
+ (uri "/.well-known")
+ (body (list (list "root " webroot ";"))))
+ default-location)))))
+ hosts))))
+
+(define certbot-service-type
+ (service-type (name 'certbot)
+ (extensions
+ (list (service-extension nginx-service-type
+ certbot-nginx-server-configurations)
+ (service-extension activation-service-type
+ certbot-activation)
+ (service-extension mcron-service-type
+ certbot-renewal-jobs)))
+ (compose concatenate)
+ (extend (lambda (config additional-hosts)
+ (certbot-configuration
+ (inherit config)
+ (hosts (append (certbot-configuration-hosts config)
+ additional-hosts)))))
+ (default-value (certbot-configuration))
+ (description
+ "Automatically renew @url{https://letsencrypt.org, Let's
+Encrypt} HTTPS certificates by adjusting the nginx web server configuration
+and periodically invoking @command{certbot}.")))
diff --git a/gnu/services/configuration.scm b/gnu/services/configuration.scm
index 0a2219e743..c45340f02f 100644
--- a/gnu/services/configuration.scm
+++ b/gnu/services/configuration.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Andy Wingo <wingo@igalia.com>
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
+;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -165,7 +166,7 @@
(configuration-field-default-value-thunk f)
(lambda _ '%invalid))))
(define (show-default? val)
- (or (string? default) (number? default) (boolean? default)
+ (or (string? val) (number? val) (boolean? val)
(and (symbol? val) (not (eq? val '%invalid)))
(and (list? val) (and-map show-default? val))))
`(deftypevr (% (category
diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm
index 4b5100c27a..78530b3454 100644
--- a/gnu/services/desktop.scm
+++ b/gnu/services/desktop.scm
@@ -507,6 +507,15 @@ site} for more information."
(udisks udisks-configuration-udisks
(default udisks)))
+(define %udisks-activation
+ (with-imported-modules '((guix build utils))
+ #~(begin
+ (use-modules (guix build utils))
+
+ (let ((run-dir "/var/run/udisks2"))
+ (mkdir-p run-dir)
+ (chmod run-dir #o700)))))
+
(define udisks-service-type
(let ((udisks-package (lambda (config)
(list (udisks-configuration-udisks config)))))
@@ -518,6 +527,8 @@ site} for more information."
udisks-package)
(service-extension udev-service-type
udisks-package)
+ (service-extension activation-service-type
+ (const %udisks-activation))
;; Profile 'udisksctl' & co. in the system profile.
(service-extension profile-service-type
@@ -843,7 +854,7 @@ with the administrator's password."
(define %desktop-services
;; List of services typically useful for a "desktop" use case.
- (cons* (slim-service)
+ (cons* (service slim-service-type)
;; Screen lockers are a pretty useful thing and these are small.
(screen-locker-service slock)
diff --git a/gnu/services/dict.scm b/gnu/services/dict.scm
index 69eadafd2e..c8403c0135 100644
--- a/gnu/services/dict.scm
+++ b/gnu/services/dict.scm
@@ -21,6 +21,7 @@
(define-module (gnu services dict)
#:use-module (guix gexp)
#:use-module (guix records)
+ #:use-module (guix modules)
#:use-module (gnu services)
#:use-module (gnu services shepherd)
#:use-module (gnu system shadow)
@@ -144,14 +145,23 @@ database {
(let ((dicod (file-append (dicod-configuration-dico config)
"/bin/dicod"))
(dicod.conf (dicod-configuration-file config)))
- (list (shepherd-service
- (provision '(dicod))
- (documentation "Run the dicod daemon.")
- (start #~(make-forkexec-constructor
- (list #$dicod "--foreground"
- (string-append "--config=" #$dicod.conf))
- #:user "dicod" #:group "dicod"))
- (stop #~(make-kill-destructor))))))
+ (with-imported-modules (source-module-closure
+ '((gnu build shepherd)
+ (gnu system file-systems)))
+ (list (shepherd-service
+ (provision '(dicod))
+ (documentation "Run the dicod daemon.")
+ (modules '((gnu build shepherd)
+ (gnu system file-systems)))
+ (start #~(make-forkexec-constructor/container
+ (list #$dicod "--foreground"
+ (string-append "--config=" #$dicod.conf))
+ #:user "dicod" #:group "dicod"
+ #:mappings (list (file-system-mapping
+ (source "/var/run/dicod")
+ (target source)
+ (writable? #t)))))
+ (stop #~(make-kill-destructor)))))))
(define dicod-service-type
(service-type
diff --git a/gnu/services/messaging.scm b/gnu/services/messaging.scm
index 715d6181f5..d57a7562a2 100644
--- a/gnu/services/messaging.scm
+++ b/gnu/services/messaging.scm
@@ -160,7 +160,7 @@
(define (module-list? val)
(string-list? val))
(define (serialize-module-list field-name val)
- (serialize-string-list field-name (cons "posix" val)))
+ (serialize-string-list field-name val))
(define-maybe module-list)
(define (file-name? val)
@@ -176,6 +176,12 @@
(serialize-string-list field-name val))
(define-maybe file-name)
+(define (raw-content? val)
+ (not (eq? val 'disabled)))
+(define (serialize-raw-content field-name val)
+ (format #t "~a" val))
+(define-maybe raw-content)
+
(define-configuration mod-muc-configuration
(name
(string "Prosody Chatrooms")
@@ -203,12 +209,12 @@ just joined the room."))
"This determines what handshake to use.")
(key
- (file-name "/etc/prosody/certs/key.pem")
- "Path to your private key file, relative to @code{/etc/prosody}.")
+ (maybe-file-name 'disabled)
+ "Path to your private key file.")
(certificate
- (file-name "/etc/prosody/certs/cert.pem")
- "Path to your certificate file, relative to @code{/etc/prosody}.")
+ (maybe-file-name 'disabled)
+ "Path to your certificate file.")
(capath
(file-name "/etc/ssl/certs")
@@ -271,7 +277,9 @@ can create such a file with:
"tls"
"dialback"
"disco"
+ "carbons"
"private"
+ "blocklist"
"vcard"
"version"
"uptime"
@@ -321,6 +329,13 @@ can create such a file with:
paths in order. See @url{http://prosody.im/doc/plugins_directory}."
global)
+ (certificates
+ (file-name "/etc/prosody/certs")
+ "Every virtual host and component needs a certificate so that clients and
+servers can securely verify its identity. Prosody will automatically load
+certificates/keys from the directory specified here."
+ global)
+
(admins
(string-list '())
"This is a list of accounts that are admins for the server. Note that you
@@ -339,8 +354,8 @@ Example: @code{(admins '(\"user1@@example.com\" \"user2@@example.net\"))}"
(module-list %default-modules-enabled)
"This is the list of modules Prosody will load on startup. It looks for
@code{mod_modulename.lua} in the plugins folder, so make sure that exists too.
-Documentation on modules can be found at: @url{http://prosody.im/doc/modules}.
-Defaults to @samp{%default-modules-enabled}."
+Documentation on modules can be found at:
+@url{http://prosody.im/doc/modules}."
common)
(modules-disabled
@@ -376,6 +391,12 @@ using them. See @url{http://prosody.im/doc/advanced_ssl_config}."
See @url{http://prosody.im/doc/modules/mod_tls}."
common)
+ (disable-sasl-mechanisms
+ (string-list '("DIGEST-MD5"))
+ "Set of mechanisms that will never be offered. See
+@url{https://prosody.im/doc/modules/mod_saslauth}."
+ common)
+
(s2s-require-encryption?
(boolean #f)
"Whether to force all server-to-server connections to be encrypted or not.
@@ -427,6 +448,19 @@ by the GuixSD Prosody Service. See @url{http://prosody.im/doc/logging}."
"File to write pid in. See @url{http://prosody.im/doc/modules/mod_posix}."
global)
+ (http-max-content-size
+ (maybe-non-negative-integer 'disabled)
+ "Maximum allowed size of the HTTP body (in bytes)."
+ common)
+
+ (http-external-url
+ (maybe-string 'disabled)
+ "Some modules expose their own URL in various ways. This URL is built
+from the protocol, host and port used. If Prosody sits behind a proxy, the
+public URL will be @code{http-external-url} instead. See
+@url{https://prosody.im/doc/http#external_url}."
+ common)
+
(virtualhosts
(virtualhost-configuration-list
(list (virtualhost-configuration
@@ -511,7 +545,12 @@ See also @url{http://prosody.im/doc/modules/mod_muc}."
(hostname
(string (configuration-missing-field 'ext-component 'hostname))
"Hostname of the component."
- ext-component)))
+ ext-component)
+
+ (raw-content
+ (maybe-raw-content 'disabled)
+ "Raw content that will be added to the configuration file."
+ common)))
;; Serialize Virtualhost line first.
(define (serialize-virtualhost-configuration config)
@@ -683,7 +722,7 @@ See also @url{http://prosody.im/doc/modules/mod_muc}."
(display c))
str))))
(define (show-default? val)
- (or (string? default) (number? default) (boolean? default)
+ (or (string? val) (number? val) (boolean? val)
(and (list? val) (and-map show-default? val))))
(format #t "@deftypevr {@code{~a} parameter} ~a ~a\n~a\n"
configuration-name field-type field-name field-docs)
diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
index e39f4411fd..fce2ce1c25 100644
--- a/gnu/services/version-control.scm
+++ b/gnu/services/version-control.scm
@@ -55,7 +55,11 @@
%cgit-configuration-nginx
cgit-configuration-nginx-config
- cgit-service-type))
+ cgit-service-type
+
+ git-http-configuration
+ git-http-configuration?
+ git-http-nginx-location-configuration))
;;; Commentary:
;;;
@@ -152,7 +156,11 @@
(service-extension account-service-type
(const %git-daemon-accounts))
(service-extension activation-service-type
- git-daemon-activation)))))
+ git-daemon-activation)))
+ (description
+ "Expose Git respositories over the insecure @code{git://} TCP-based
+protocol.")
+ (default-value (git-daemon-configuration))))
(define* (git-daemon-service #:key (config (git-daemon-configuration)))
"Return a service that runs @command{git daemon}, a simple TCP server to
@@ -255,4 +263,53 @@ access to exported repositories under @file{/srv/git}."
cgit-activation)
(service-extension nginx-service-type
cgit-configuration-nginx-config)))
- (default-value (cgit-configuration))))
+ (default-value (cgit-configuration))
+ (description
+ "Run the Cgit web interface, which allows users to browse Git
+repositories.")))
+
+
+;;;
+;;; HTTP access. Add the result of calling
+;;; git-http-nginx-location-configuration to an nginx-server-configuration's
+;;; "locations" field.
+;;;
+
+(define-record-type* <git-http-configuration>
+ git-http-configuration
+ make-git-http-configuration
+ git-http-configuration?
+ (package git-http-configuration-package ;package
+ (default git))
+ (git-root git-http-configuration-git-root ;string
+ (default "/srv/git"))
+ (export-all? git-http-configuration-export-all? ;boolean
+ (default #f))
+ (uri-path git-http-configuration-uri-path ;string
+ (default "/git/"))
+ (fcgiwrap-socket git-http-configuration-fcgiwrap-socket ;string
+ (default "127.0.0.1:9000")))
+
+(define* (git-http-nginx-location-configuration #:optional
+ (config
+ (git-http-configuration)))
+ (match config
+ (($ <git-http-configuration> package git-root export-all?
+ uri-path fcgiwrap-socket)
+ (nginx-location-configuration
+ (uri (string-append "~ /" (string-trim-both uri-path #\/) "(/.*)"))
+ (body
+ (list
+ (list "fastcgi_pass " fcgiwrap-socket ";")
+ (list "fastcgi_param SCRIPT_FILENAME "
+ package "/libexec/git-core/git-http-backend"
+ ";")
+ "fastcgi_param QUERY_STRING $query_string;"
+ "fastcgi_param REQUEST_METHOD $request_method;"
+ "fastcgi_param CONTENT_TYPE $content_type;"
+ "fastcgi_param CONTENT_LENGTH $content_length;"
+ (if export-all?
+ "fastcgi_param GIT_HTTP_EXPORT_ALL \"\";"
+ "")
+ (list "fastcgi_param GIT_PROJECT_ROOT " git-root ";")
+ "fastcgi_param PATH_INFO $1;"))))))
diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm
index c5a1a0d423..cef0d60b59 100644
--- a/gnu/services/xorg.scm
+++ b/gnu/services/xorg.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017 Andy Wingo <wingo@igalia.com>
-;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
;;;
;;; This file is part of GNU Guix.
@@ -45,13 +45,27 @@
#:use-module (ice-9 match)
#:export (xorg-configuration-file
%default-xorg-modules
+ %default-xorg-fonts
xorg-wrapper
xorg-start-command
xinitrc
%default-slim-theme
%default-slim-theme-name
+
slim-configuration
+ slim-configuration?
+ slim-configuration-slim
+ slim-configuration-allow-empty-passwords?
+ slim-configuration-auto-login?
+ slim-configuration-default-user
+ slim-configuration-theme
+ slim-configuration-theme-name
+ slim-configuration-xauth
+ slim-configuration-shepherd
+ slim-configuration-auto-login-session
+ slim-configuration-startx
+
slim-service-type
slim-service
@@ -70,11 +84,52 @@
;;;
;;; Code:
-(define* (xorg-configuration-file #:key (drivers '()) (resolutions '())
+(define %default-xorg-modules
+ ;; Default list of modules loaded by the server. Note that the order
+ ;; matters since it determines which driver is going to be used when there's
+ ;; a choice.
+ (list xf86-video-vesa
+ xf86-video-fbdev
+ xf86-video-ati
+ xf86-video-cirrus
+ xf86-video-intel
+ xf86-video-mach64
+ xf86-video-nouveau
+ xf86-video-nv
+ xf86-video-sis
+
+ ;; Libinput is the new thing and is recommended over evdev/synaptics:
+ ;; <http://who-t.blogspot.fr/2015/01/xf86-input-libinput-compatibility-with.html>.
+ xf86-input-libinput
+
+ xf86-input-evdev
+ xf86-input-keyboard
+ xf86-input-mouse
+ xf86-input-synaptics))
+
+(define %default-xorg-fonts
+ ;; Default list of fonts available to the X server.
+ (list (file-append font-alias "/share/fonts/X11/75dpi")
+ (file-append font-alias "/share/fonts/X11/100dpi")
+ (file-append font-alias "/share/fonts/X11/misc")
+ (file-append font-alias "/share/fonts/X11/cyrillic")
+ (file-append font-misc-misc ;default fonts for xterm
+ "/share/fonts/X11/misc")
+ (file-append font-adobe75dpi "/share/fonts/X11/75dpi")))
+
+(define* (xorg-configuration-file #:key
+ (modules %default-xorg-modules)
+ (fonts %default-xorg-fonts)
+ (drivers '()) (resolutions '())
(extra-config '()))
"Return a configuration file for the Xorg server containing search paths for
all the common drivers.
+@var{modules} must be a list of @dfn{module packages} loaded by the Xorg
+server---e.g., @code{xf86-video-vesa}, @code{xf86-input-keyboard}, and so on.
+@var{fonts} must be a list of font directories to add to the server's
+@dfn{font path}.
+
@var{drivers} must be either the empty list, in which case Xorg chooses a
graphics driver automatically, or a list of driver names that will be tried in
this order---e.g., @code{(\"modesetting\" \"vesa\")}.
@@ -84,17 +139,32 @@ appropriate screen resolution; otherwise, it must be a list of
resolutions---e.g., @code{((1024 768) (640 480))}.
Last, @var{extra-config} is a list of strings or objects appended to the
-@code{mixed-text-file} argument list. It is used to pass extra text to be
+configuration file. It is used to pass extra text to be
added verbatim to the configuration file."
- (define (device-section driver)
- (string-append "
+ (define all-modules
+ ;; 'xorg-server' provides 'fbdevhw.so' etc.
+ (append modules (list xorg-server)))
+
+ (define build
+ #~(begin
+ (use-modules (ice-9 match)
+ (srfi srfi-1)
+ (srfi srfi-26))
+
+ (call-with-output-file #$output
+ (lambda (port)
+ (define drivers
+ '#$drivers)
+
+ (define (device-section driver)
+ (string-append "
Section \"Device\"
Identifier \"device-" driver "\"
Driver \"" driver "\"
EndSection"))
- (define (screen-section driver resolutions)
- (string-append "
+ (define (screen-section driver resolutions)
+ (string-append "
Section \"Screen\"
Identifier \"screen-" driver "\"
Device \"device-" driver "\"
@@ -108,65 +178,56 @@ Section \"Screen\"
EndSubSection
EndSection"))
- (apply mixed-text-file "xserver.conf" "
-Section \"Files\"
- FontPath \"" font-alias "/share/fonts/X11/75dpi\"
- FontPath \"" font-alias "/share/fonts/X11/100dpi\"
- FontPath \"" font-alias "/share/fonts/X11/misc\"
- FontPath \"" font-alias "/share/fonts/X11/cyrillic\"
- FontPath \"" font-adobe75dpi "/share/fonts/X11/75dpi\"
- ModulePath \"" xf86-video-vesa "/lib/xorg/modules/drivers\"
- ModulePath \"" xf86-video-fbdev "/lib/xorg/modules/drivers\"
- ModulePath \"" xf86-video-ati "/lib/xorg/modules/drivers\"
- ModulePath \"" xf86-video-cirrus "/lib/xorg/modules/drivers\"
- ModulePath \"" xf86-video-intel "/lib/xorg/modules/drivers\"
- ModulePath \"" xf86-video-mach64 "/lib/xorg/modules/drivers\"
- ModulePath \"" xf86-video-nouveau "/lib/xorg/modules/drivers\"
- ModulePath \"" xf86-video-nv "/lib/xorg/modules/drivers\"
- ModulePath \"" xf86-video-sis "/lib/xorg/modules/drivers\"
-
- # Libinput is the new thing and is recommended over evdev/synaptics
- # by those who know:
- # <http://who-t.blogspot.fr/2015/01/xf86-input-libinput-compatibility-with.html>.
- ModulePath \"" xf86-input-libinput "/lib/xorg/modules/input\"
-
- ModulePath \"" xf86-input-evdev "/lib/xorg/modules/input\"
- ModulePath \"" xf86-input-keyboard "/lib/xorg/modules/input\"
- ModulePath \"" xf86-input-mouse "/lib/xorg/modules/input\"
- ModulePath \"" xf86-input-synaptics "/lib/xorg/modules/input\"
- ModulePath \"" xorg-server "/lib/xorg/modules\"
- ModulePath \"" xorg-server "/lib/xorg/modules/drivers\"
- ModulePath \"" xorg-server "/lib/xorg/modules/extensions\"
- ModulePath \"" xorg-server "/lib/xorg/modules/multimedia\"
-EndSection
-
+ (define (expand modules)
+ ;; Append to MODULES the relevant /lib/xorg/modules
+ ;; sub-directories.
+ (append-map (lambda (module)
+ (filter-map (lambda (directory)
+ (let ((full (string-append module
+ directory)))
+ (and (file-exists? full)
+ full)))
+ '("/lib/xorg/modules/drivers"
+ "/lib/xorg/modules/input"
+ "/lib/xorg/modules/multimedia"
+ "/lib/xorg/modules/extensions")))
+ modules))
+
+ (display "Section \"Files\"\n" port)
+ (for-each (lambda (font)
+ (format port " FontPath \"~a\"~%" font))
+ '#$fonts)
+ (for-each (lambda (module)
+ (format port
+ " ModulePath \"~a\"~%"
+ module))
+ (append (expand '#$all-modules)
+
+ ;; For fbdevhw.so and so on.
+ (list #$(file-append xorg-server
+ "/lib/xorg/modules"))))
+ (display "EndSection\n" port)
+ (display "
Section \"ServerFlags\"
Option \"AllowMouseOpenFail\" \"on\"
-EndSection
-"
- (string-join (map device-section drivers) "\n") "\n"
- (string-join (map (cut screen-section <> resolutions)
- drivers)
- "\n")
+EndSection\n" port)
- "\n"
- extra-config))
+ (display (string-join (map device-section drivers) "\n")
+ port)
+ (newline port)
+ (display (string-join
+ (map (cut screen-section <> '#$resolutions)
+ drivers)
+ "\n")
+ port)
+ (newline port)
+
+ (for-each (lambda (config)
+ (display config port))
+ '#$extra-config)))))
+
+ (computed-file "xserver.conf" build))
-(define %default-xorg-modules
- (list xf86-video-vesa
- xf86-video-fbdev
- xf86-video-ati
- xf86-video-cirrus
- xf86-video-intel
- xf86-video-mach64
- xf86-video-nouveau
- xf86-video-nv
- xf86-video-sis
- xf86-input-libinput
- xf86-input-evdev
- xf86-input-keyboard
- xf86-input-mouse
- xf86-input-synaptics))
(define (xorg-configuration-directory modules)
"Return a directory that contains the @code{.conf} files for X.org that
@@ -196,8 +257,9 @@ in @var{modules}."
(define* (xorg-wrapper #:key
(guile (canonical-package guile-2.0))
- (configuration-file (xorg-configuration-file))
(modules %default-xorg-modules)
+ (configuration-file (xorg-configuration-file
+ #:modules modules))
(xorg-server xorg-server))
"Return a derivation that builds a @var{guile} script to start the X server
from @var{xorg-server}. @var{configuration-file} is the server configuration
@@ -221,12 +283,16 @@ in place of @code{/usr/bin/X}."
(define* (xorg-start-command #:key
(guile (canonical-package guile-2.0))
- (configuration-file (xorg-configuration-file))
(modules %default-xorg-modules)
+ (fonts %default-xorg-fonts)
+ (configuration-file
+ (xorg-configuration-file #:modules modules
+ #:fonts fonts))
(xorg-server xorg-server))
- "Return a derivation that builds a @code{startx} script in which a number of
-X modules are available. See @code{xorg-wrapper} for more details on the
-arguments. The result should be used in place of @code{startx}."
+ "Return a @code{startx} script in which @var{modules}, a list of X module
+packages, and @var{fonts}, a list of X font directories, are available. See
+@code{xorg-wrapper} for more details on the arguments. The result should be
+used in place of @code{startx}."
(define X
(xorg-wrapper #:guile guile
#:configuration-file configuration-file
@@ -245,10 +311,15 @@ arguments. The result should be used in place of @code{startx}."
fallback-session)
"Return a system-wide xinitrc script that starts the specified X session,
which should be passed to this script as the first argument. If not, the
-@var{fallback-session} will be used."
+@var{fallback-session} will be used or, if @var{fallback-session} is false, a
+desktop session from the system or user profile will be used."
(define builder
#~(begin
- (use-modules (ice-9 match))
+ (use-modules (ice-9 match)
+ (ice-9 regex)
+ (ice-9 ftw)
+ (srfi srfi-1)
+ (srfi srfi-26))
(define (close-all-fdes)
;; Close all the open file descriptors except 0 to 2.
@@ -272,16 +343,60 @@ which should be passed to this script as the first argument. If not, the
(execl shell shell "--login" "-c"
(string-join (cons command args)))))
+ (define system-profile
+ "/run/current-system/profile")
+
+ (define user-profile
+ (and=> (getpw (getuid))
+ (lambda (pw)
+ (string-append (passwd:dir pw) "/.guix-profile"))))
+
+ (define (xsession-command desktop-file)
+ ;; Read from DESKTOP-FILE its X session command and return it as a
+ ;; list.
+ (define exec-regexp
+ (make-regexp "^[[:blank:]]*Exec=(.*)$"))
+
+ (call-with-input-file desktop-file
+ (lambda (port)
+ (let loop ()
+ (match (read-line port)
+ ((? eof-object?) #f)
+ ((= (cut regexp-exec exec-regexp <>) result)
+ (if result
+ (string-tokenize (match:substring result 1))
+ (loop))))))))
+
+ (define (find-session profile)
+ ;; Return an X session command from PROFILE or #f if none was found.
+ (let ((directory (string-append profile "/share/xsessions")))
+ (match (scandir directory
+ (cut string-suffix? ".desktop" <>))
+ ((or () #f)
+ #f)
+ ((sessions ...)
+ (any xsession-command
+ (map (cut string-append directory "/" <>)
+ sessions))))))
+
(let* ((home (getenv "HOME"))
(xsession-file (string-append home "/.xsession"))
(session (match (command-line)
- ((_) (list #$fallback-session))
- ((_ x ..1) x))))
+ ((_)
+ #$(if fallback-session
+ #~(list #$fallback-session)
+ #f))
+ ((_ x ..1)
+ x))))
(if (file-exists? xsession-file)
;; Run ~/.xsession when it exists.
- (apply exec-from-login-shell xsession-file session)
- ;; Otherwise, start the specified session.
- (apply exec-from-login-shell session)))))
+ (apply exec-from-login-shell xsession-file
+ (or session '()))
+ ;; Otherwise, start the specified session or a fallback.
+ (apply exec-from-login-shell
+ (or session
+ (find-session user-profile)
+ (find-session system-profile)))))))
(program-file "xinitrc" builder))
@@ -304,19 +419,24 @@ which should be passed to this script as the first argument. If not, the
slim-configuration?
(slim slim-configuration-slim
(default slim))
- (allow-empty-passwords? slim-configuration-allow-empty-passwords?)
- (auto-login? slim-configuration-auto-login?)
- (default-user slim-configuration-default-user)
- (theme slim-configuration-theme)
- (theme-name slim-configuration-theme-name)
+ (allow-empty-passwords? slim-configuration-allow-empty-passwords?
+ (default #t))
+ (auto-login? slim-configuration-auto-login?
+ (default #f))
+ (default-user slim-configuration-default-user
+ (default ""))
+ (theme slim-configuration-theme
+ (default %default-slim-theme))
+ (theme-name slim-configuration-theme-name
+ (default %default-slim-theme-name))
(xauth slim-configuration-xauth
(default xauth))
(shepherd slim-configuration-shepherd
(default shepherd))
- (bash slim-configuration-bash
- (default bash))
- (auto-login-session slim-configuration-auto-login-session)
- (startx slim-configuration-startx))
+ (auto-login-session slim-configuration-auto-login-session
+ (default #f))
+ (startx slim-configuration-startx
+ (default (xorg-start-command))))
(define (slim-pam-service config)
"Return a PAM service for @command{slim}."
@@ -391,16 +511,16 @@ reboot_cmd " shepherd "/sbin/reboot\n"
;; Unconditionally add xterm to the system profile, to
;; avoid bad surprises.
(service-extension profile-service-type
- (const (list xterm)))))))
+ (const (list xterm)))))
+ (default-value (slim-configuration))))
-(define* (slim-service #:key (slim slim)
+(define* (slim-service #:key (slim slim) ;deprecated
(allow-empty-passwords? #t) auto-login?
(default-user "")
(theme %default-slim-theme)
(theme-name %default-slim-theme-name)
- (xauth xauth) (shepherd shepherd) (bash bash)
- (auto-login-session (file-append windowmaker
- "/bin/wmaker"))
+ (xauth xauth) (shepherd shepherd)
+ (auto-login-session #f)
(startx (xorg-start-command)))
"Return a service that spawns the SLiM graphical login manager, which in
turn starts the X display server with @var{startx}, a command as returned by
@@ -433,7 +553,7 @@ theme."
(allow-empty-passwords? allow-empty-passwords?)
(auto-login? auto-login?) (default-user default-user)
(theme theme) (theme-name theme-name)
- (xauth xauth) (shepherd shepherd) (bash bash)
+ (xauth xauth) (shepherd shepherd)
(auto-login-session auto-login-session)
(startx startx))))
generated by cgit v1.2.3 (git 2.25.4) at 2024-11-05 20:03:14 +0000