services: ganeti: Use TLS on the remote API by default.

* gnu/services/ganeti.scm (<ganeti-rapi-configuration>): Set SSL? to #t.
* gnu/tests/ganeti.scm (%ganeti-os): Set SSL? to #f.
* doc/guix.texi (Virtualization Services): Adjust accordingly.

doc/guix.texi

@@ -25497,7 +25497,7 @@ The maximum number of simultaneous client requests to handle.  Further
 connections are allowed, but no responses are sent until enough connections
 have closed.
 
-@item @code{ssl?} (default: @code{#f})
+@item @code{ssl?} (default: @code{#t})
 Whether to use SSL/TLS encryption on the RAPI port.
 
 @item @code{ssl-key} (default: @file{"/var/lib/ganeti/server.pem"})

gnu/services/ganeti.scm

@@ -450,7 +450,7 @@ be submitted via this daemon and it schedules and starts them.")))
   (max-clients ganeti-rapi-configuration-max-clients    ;integer
                (default 20))
   (ssl?        ganeti-rapi-configuration-ssl?           ;Boolean
-               (default #f))
+               (default #t))
   (ssl-key     ganeti-rapi-configuration-ssl-key        ;string
                (default "/var/lib/ganeti/server.pem"))
   (ssl-cert    ganeti-rapi-configuration-ssl-cert       ;string

gnu/tests/ganeti.scm

@@ -70,6 +70,11 @@
                    (service ganeti-service-type
                             (ganeti-configuration
                              (file-storage-paths '("/srv/ganeti/file-storage"))
+                             (rapi-configuration
+                              (ganeti-rapi-configuration
+                               ;; Disable TLS so we can test the RAPI without
+                               ;; pulling in GnuTLS.
+                               (ssl? #f)))
                              (os %default-ganeti-os))))
              %base-services))))