services: configuration: Use *unspecified* instead of 'disabled.
Use *unspecified* as a marker for field values that have not been set. Rationale: 'disabled may easily clash with user values for boolean fields, is confusing (i.e. its meaning is *not* boolean false, but unspecified) and it also passes silently through the symbol? predicate of a field of type symbol. * gnu/services/configuration.scm (configuration-missing-default-value): Renamed from configuration-no-default-value. (define-maybe-helper): Use *unspecified* instead of 'disabled, and make the default value optional. * gnu/home/services/desktop.scm (home-redshift-configuration): Change (maybe-xyz 'disabled) to maybe-xyz. * gnu/services/authentication.scm (nslcd-configuration): Likewise. * gnu/services/cgit.scm (repository-cgit-configuration): Likewise. * gnu/services/file-sharing.scm (serialize-maybe-string) (serialize-maybe-file-object): Use 'unspecified?' instead of (eq? val 'disabled). * gnu/services/messaging.scm (raw-content?): Likewise. (ssl-configuration): Change (maybe-xyz 'disabled) to maybe-xyz. (prosody-configuration): Likewise. * gnu/services/file-sharing.scm (transmission-daemon-configuration): Likewise. * gnu/services/messaging.scm (define-all-configurations): Use *unspecified* instead of 'disabled'. * gnu/services/networking.scm (opendht-configuration): Likewise. * gnu/services/pm.scm (tlp-configuration): Likewise. * gnu/services/telephony.scm (jami-account): Likewise. (jami-configuration): Likewise. * gnu/services/vpn.scm (openvpn-client-configuration): Likewise. * tests/services/configuration.scm ("maybe type, no default") ("maybe type, with default"): New tests. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
parent
e11517052b
commit
8cb1a49a39
|
@ -91,26 +91,26 @@ queried for location information.")
|
|||
"Nighttime color temperature (kelvins).")
|
||||
|
||||
(daytime-brightness
|
||||
(maybe-inexact-number 'disabled)
|
||||
maybe-inexact-number
|
||||
"Daytime screen brightness, between 0.1 and 1.0.")
|
||||
(nighttime-brightness
|
||||
(maybe-inexact-number 'disabled)
|
||||
maybe-inexact-number
|
||||
"Nighttime screen brightness, between 0.1 and 1.0.")
|
||||
|
||||
(latitude
|
||||
(maybe-inexact-number 'disabled)
|
||||
maybe-inexact-number
|
||||
"Latitude, when @code{location-provider} is @code{'manual}.")
|
||||
(longitude
|
||||
(maybe-inexact-number 'disabled)
|
||||
maybe-inexact-number
|
||||
"Longitude, when @code{location-provider} is @code{'manual}.")
|
||||
|
||||
(dawn-time
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Custom time for the transition from night to day in the
|
||||
morning---@code{\"HH:MM\"} format. When specified, solar elevation is not
|
||||
used to determine the daytime/nighttime period.")
|
||||
(dusk-time
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Likewise, custom time for the transition from day to night in the
|
||||
evening.")
|
||||
|
||||
|
|
|
@ -218,7 +218,7 @@
|
|||
|
||||
;; Runtime options
|
||||
(threads
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"The number of threads to start that can handle requests and perform LDAP
|
||||
queries. Each thread opens a separate connection to the LDAP server. The
|
||||
default is to start 5 threads.")
|
||||
|
@ -243,45 +243,45 @@ messages with the specified log level or higher are logged.")
|
|||
"The list of LDAP server URIs. Normally, only the first server will be
|
||||
used with the following servers as fall-back.")
|
||||
(ldap-version
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"The version of the LDAP protocol to use. The default is to use the
|
||||
maximum version supported by the LDAP library.")
|
||||
(binddn
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the distinguished name with which to bind to the directory
|
||||
server for lookups. The default is to bind anonymously.")
|
||||
(bindpw
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the credentials with which to bind. This option is only
|
||||
applicable when used with binddn.")
|
||||
(rootpwmoddn
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the distinguished name to use when the root user tries to modify
|
||||
a user's password using the PAM module.")
|
||||
(rootpwmodpw
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the credentials with which to bind if the root user tries to
|
||||
change a user's password. This option is only applicable when used with
|
||||
rootpwmoddn")
|
||||
|
||||
;; SASL authentication options
|
||||
(sasl-mech
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the SASL mechanism to be used when performing SASL
|
||||
authentication.")
|
||||
(sasl-realm
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the SASL realm to be used when performing SASL authentication.")
|
||||
(sasl-authcid
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the authentication identity to be used when performing SASL
|
||||
authentication.")
|
||||
(sasl-authzid
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the authorization identity to be used when performing SASL
|
||||
authentication.")
|
||||
(sasl-canonicalize?
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"Determines whether the LDAP server host name should be canonicalised. If
|
||||
this is enabled the LDAP library will do a reverse host name lookup. By
|
||||
default, it is left up to the LDAP library whether this check is performed or
|
||||
|
@ -289,7 +289,7 @@ not.")
|
|||
|
||||
;; Kerberos authentication options
|
||||
(krb5-ccname
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Set the name for the GSS-API Kerberos credentials cache.")
|
||||
|
||||
;; Search / mapping options
|
||||
|
@ -302,11 +302,11 @@ not.")
|
|||
default scope is subtree; base scope is almost never useful for name service
|
||||
lookups; children scope is not supported on all servers.")
|
||||
(deref
|
||||
(maybe-deref-option 'disabled)
|
||||
maybe-deref-option
|
||||
"Specifies the policy for dereferencing aliases. The default policy is to
|
||||
never dereference aliases.")
|
||||
(referrals
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"Specifies whether automatic referral chasing should be enabled. The
|
||||
default behaviour is to chase referrals.")
|
||||
(maps
|
||||
|
@ -322,132 +322,132 @@ applies and an LDAP search filter expression.")
|
|||
|
||||
;; Timing / reconnect options
|
||||
(bind-timelimit
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"Specifies the time limit in seconds to use when connecting to the
|
||||
directory server. The default value is 10 seconds.")
|
||||
(timelimit
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"Specifies the time limit (in seconds) to wait for a response from the LDAP
|
||||
server. A value of zero, which is the default, is to wait indefinitely for
|
||||
searches to be completed.")
|
||||
(idle-timelimit
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"Specifies the period if inactivity (in seconds) after which the con‐
|
||||
nection to the LDAP server will be closed. The default is not to time out
|
||||
connections.")
|
||||
(reconnect-sleeptime
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"Specifies the number of seconds to sleep when connecting to all LDAP
|
||||
servers fails. By default one second is waited between the first failure and
|
||||
the first retry.")
|
||||
(reconnect-retrytime
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"Specifies the time after which the LDAP server is considered to be
|
||||
permanently unavailable. Once this time is reached retries will be done only
|
||||
once per this time period. The default value is 10 seconds.")
|
||||
|
||||
;; TLS options
|
||||
(ssl
|
||||
(maybe-ssl-option 'disabled)
|
||||
maybe-ssl-option
|
||||
"Specifies whether to use SSL/TLS or not (the default is not to). If
|
||||
'start-tls is specified then StartTLS is used rather than raw LDAP over SSL.")
|
||||
(tls-reqcert
|
||||
(maybe-tls-reqcert-option 'disabled)
|
||||
maybe-tls-reqcert-option
|
||||
"Specifies what checks to perform on a server-supplied certificate.
|
||||
The meaning of the values is described in the ldap.conf(5) manual page.")
|
||||
(tls-cacertdir
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the directory containing X.509 certificates for peer authen‐
|
||||
tication. This parameter is ignored when using GnuTLS.")
|
||||
(tls-cacertfile
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the path to the X.509 certificate for peer authentication.")
|
||||
(tls-randfile
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the path to an entropy source. This parameter is ignored when
|
||||
using GnuTLS.")
|
||||
(tls-ciphers
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the ciphers to use for TLS as a string.")
|
||||
(tls-cert
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the path to the file containing the local certificate for client
|
||||
TLS authentication.")
|
||||
(tls-key
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Specifies the path to the file containing the private key for client TLS
|
||||
authentication.")
|
||||
|
||||
;; Other options
|
||||
(pagesize
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"Set this to a number greater than 0 to request paged results from the LDAP
|
||||
server in accordance with RFC2696. The default (0) is to not request paged
|
||||
results.")
|
||||
(nss-initgroups-ignoreusers
|
||||
(maybe-ignore-users-option 'disabled)
|
||||
maybe-ignore-users-option
|
||||
"This option prevents group membership lookups through LDAP for the
|
||||
specified users. Alternatively, the value 'all-local may be used. With that
|
||||
value nslcd builds a full list of non-LDAP users on startup.")
|
||||
(nss-min-uid
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"This option ensures that LDAP users with a numeric user id lower than the
|
||||
specified value are ignored.")
|
||||
(nss-uid-offset
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"This option specifies an offset that is added to all LDAP numeric user
|
||||
ids. This can be used to avoid user id collisions with local users.")
|
||||
(nss-gid-offset
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"This option specifies an offset that is added to all LDAP numeric group
|
||||
ids. This can be used to avoid user id collisions with local groups.")
|
||||
(nss-nested-groups
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"If this option is set, the member attribute of a group may point to
|
||||
another group. Members of nested groups are also returned in the higher level
|
||||
group and parent groups are returned when finding groups for a specific user.
|
||||
The default is not to perform extra searches for nested groups.")
|
||||
(nss-getgrent-skipmembers
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"If this option is set, the group member list is not retrieved when looking
|
||||
up groups. Lookups for finding which groups a user belongs to will remain
|
||||
functional so the user will likely still get the correct groups assigned on
|
||||
login.")
|
||||
(nss-disable-enumeration
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"If this option is set, functions which cause all user/group entries to be
|
||||
loaded from the directory will not succeed in doing so. This can dramatically
|
||||
reduce LDAP server load in situations where there are a great number of users
|
||||
and/or groups. This option is not recommended for most configurations.")
|
||||
(validnames
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"This option can be used to specify how user and group names are verified
|
||||
within the system. This pattern is used to check all user and group names
|
||||
that are requested and returned from LDAP.")
|
||||
(ignorecase
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"This specifies whether or not to perform searches using case-insensitive
|
||||
matching. Enabling this could open up the system to authorization bypass
|
||||
vulnerabilities and introduce nscd cache poisoning vulnerabilities which allow
|
||||
denial of service.")
|
||||
(pam-authc-ppolicy
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"This option specifies whether password policy controls are requested and
|
||||
handled from the LDAP server when performing user authentication.")
|
||||
(pam-authc-search
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"By default nslcd performs an LDAP search with the user's credentials after
|
||||
BIND (authentication) to ensure that the BIND operation was successful. The
|
||||
default search is a simple check to see if the user's DN exists. A search
|
||||
filter can be specified that will be used instead. It should return at least
|
||||
one entry.")
|
||||
(pam-authz-search
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"This option allows flexible fine tuning of the authorisation check that
|
||||
should be performed. The search filter specified is executed and if any
|
||||
entries match, access is granted, otherwise access is denied.")
|
||||
(pam-password-prohibit-message
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"If this option is set password modification using pam_ldap will be denied
|
||||
and the specified message will be presented to the user instead. The message
|
||||
can be used to direct the user to an alternative means of changing their
|
||||
|
|
|
@ -241,27 +241,27 @@ is no suitable HEAD.")
|
|||
(repo-file-object "")
|
||||
"Override the default @code{email-filter}.")
|
||||
(enable-commit-graph?
|
||||
(maybe-repo-boolean 'disabled)
|
||||
maybe-repo-boolean
|
||||
"A flag which can be used to disable the global setting
|
||||
@code{enable-commit-graph?}.")
|
||||
(enable-log-filecount?
|
||||
(maybe-repo-boolean 'disabled)
|
||||
maybe-repo-boolean
|
||||
"A flag which can be used to disable the global setting
|
||||
@code{enable-log-filecount?}.")
|
||||
(enable-log-linecount?
|
||||
(maybe-repo-boolean 'disabled)
|
||||
maybe-repo-boolean
|
||||
"A flag which can be used to disable the global setting
|
||||
@code{enable-log-linecount?}.")
|
||||
(enable-remote-branches?
|
||||
(maybe-repo-boolean 'disabled)
|
||||
maybe-repo-boolean
|
||||
"Flag which, when set to @code{#t}, will make cgit display remote
|
||||
branches in the summary and refs views.")
|
||||
(enable-subject-links?
|
||||
(maybe-repo-boolean 'disabled)
|
||||
maybe-repo-boolean
|
||||
"A flag which can be used to override the global setting
|
||||
@code{enable-subject-links?}.")
|
||||
(enable-html-serving?
|
||||
(maybe-repo-boolean 'disabled)
|
||||
maybe-repo-boolean
|
||||
"A flag which can be used to override the global setting
|
||||
@code{enable-html-serving?}.")
|
||||
(hide?
|
||||
|
|
|
@ -93,7 +93,7 @@
|
|||
(define (configuration-missing-field kind field)
|
||||
(configuration-error
|
||||
(format #f "~a configuration missing required field ~a" kind field)))
|
||||
(define (configuration-no-default-value kind field)
|
||||
(define (configuration-missing-default-value kind field)
|
||||
(configuration-error
|
||||
(format #f "The field `~a' of the `~a' configuration record \
|
||||
does not have a default value" field kind)))
|
||||
|
@ -142,7 +142,8 @@ does not have a default value" field kind)))
|
|||
(id #'stem #'serialize-maybe- #'stem))))
|
||||
#`(begin
|
||||
(define (maybe-stem? val)
|
||||
(or (eq? val 'disabled) (stem? val)))
|
||||
(or (unspecified? val)
|
||||
(stem? val)))
|
||||
#,@(if serialize?
|
||||
(list #'(define (serialize-maybe-stem field-name val)
|
||||
(if (stem? val)
|
||||
|
@ -170,10 +171,10 @@ does not have a default value" field kind)))
|
|||
(values #'(field-type def)))
|
||||
((field-type)
|
||||
(identifier? #'field-type)
|
||||
(values #'(field-type 'disabled)))
|
||||
(values #'(field-type *unspecified*)))
|
||||
(field-type
|
||||
(identifier? #'field-type)
|
||||
(values #'(field-type 'disabled)))))
|
||||
(values #'(field-type *unspecified*)))))
|
||||
|
||||
(define (define-configuration-helper serialize? serializer-prefix syn)
|
||||
(syntax-case syn ()
|
||||
|
@ -219,9 +220,7 @@ does not have a default value" field kind)))
|
|||
source-properties->location))
|
||||
(innate))
|
||||
#,@(map (lambda (name getter def)
|
||||
(if (eq? (syntax->datum def) (quote 'undefined))
|
||||
#`(#,name #,getter)
|
||||
#`(#,name #,getter (default #,def))))
|
||||
#`(#,name #,getter (default #,def)))
|
||||
#'(field ...)
|
||||
#'(field-getter ...)
|
||||
#'(field-default ...)))
|
||||
|
@ -236,8 +235,8 @@ does not have a default value" field kind)))
|
|||
(lambda ()
|
||||
(display '#,(id #'stem #'% #'stem))
|
||||
(if (eq? (syntax->datum field-default)
|
||||
'undefined)
|
||||
(configuration-no-default-value
|
||||
'*unspecified*)
|
||||
(configuration-missing-default-value
|
||||
'#,(id #'stem #'% #'stem) 'field)
|
||||
field-default)))
|
||||
(documentation doc))
|
||||
|
|
|
@ -115,8 +115,7 @@ type generated and used by Transmission clients, suitable for passing to the
|
|||
(set! serialize-maybe-string
|
||||
(lambda (field-name val)
|
||||
(serialize-string field-name
|
||||
(if (and (symbol? val)
|
||||
(eq? val 'disabled))
|
||||
(if (unspecified? val)
|
||||
""
|
||||
val))))
|
||||
|
||||
|
@ -181,8 +180,7 @@ type generated and used by Transmission clients, suitable for passing to the
|
|||
(define-maybe file-object)
|
||||
(set! serialize-maybe-file-object
|
||||
(lambda (field-name val)
|
||||
(if (and (symbol? val)
|
||||
(eq? val 'disabled))
|
||||
(if (unspecified? val)
|
||||
(serialize-string field-name "")
|
||||
(serialize-file-object field-name val))))
|
||||
|
||||
|
@ -281,7 +279,7 @@ torrent is being downloaded, then moved to @code{download-dir} once the
|
|||
torrent is complete. Otherwise, files for all torrents (including those still
|
||||
being downloaded) will be placed in @code{download-dir}.")
|
||||
(incomplete-dir
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"The directory in which files from incompletely downloaded torrents will be
|
||||
held when @code{incomplete-dir-enabled?} is @code{#t}.")
|
||||
(umask
|
||||
|
@ -305,7 +303,7 @@ for new @file{.torrent} files and the torrents they describe added
|
|||
automatically (and the original files removed, if
|
||||
@code{trash-original-torrent-files?} is @code{#t}).")
|
||||
(watch-dir
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"The directory to be watched for @file{.torrent} files indicating new
|
||||
torrents to be added, when @code{watch-dir-enabled} is @code{#t}.")
|
||||
(trash-original-torrent-files?
|
||||
|
@ -401,11 +399,11 @@ upstream gateway automatically using @acronym{UPnP} and @acronym{NAT-PMP}.")
|
|||
@code{prefer-unencrypted-connections}, @code{prefer-encrypted-connections} or
|
||||
@code{require-encrypted-connections}.")
|
||||
(peer-congestion-algorithm
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"The TCP congestion-control algorithm to use for peer connections,
|
||||
specified using a string recognized by the operating system in calls to
|
||||
@code{setsockopt} (or set to @code{disabled}, in which case the
|
||||
operating-system default is used).
|
||||
@code{setsockopt} (or leave it unset, in which case the operating-system
|
||||
default is used).
|
||||
|
||||
Note that on GNU/Linux systems, the kernel must be configured to allow
|
||||
processes to use a congestion-control algorithm not in the default set;
|
||||
|
@ -465,7 +463,7 @@ torrent before it is regenerated.")
|
|||
"When @code{#t}, the daemon will ignore peers mentioned in the blocklist it
|
||||
has most recently downloaded from @code{blocklist-url}.")
|
||||
(blocklist-url
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"The URL of a peer blocklist (in @acronym{P2P}-plaintext or eMule
|
||||
@file{.dat} format) to be periodically downloaded and applied when
|
||||
@code{blocklist-enabled?} is @code{#t}.")
|
||||
|
@ -564,11 +562,11 @@ which allows remote control of the daemon via its Web interface, the
|
|||
the side effect of disabling host-name whitelisting (see
|
||||
@code{rpc-host-whitelist-enabled?}.")
|
||||
(rpc-username
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"The username required by clients to access the @acronym{RPC} interface
|
||||
when @code{rpc-authentication-required?} is @code{#t}.")
|
||||
(rpc-password
|
||||
(maybe-transmission-password-hash 'disabled)
|
||||
maybe-transmission-password-hash
|
||||
"The password required by clients to access the @acronym{RPC} interface
|
||||
when @code{rpc-authentication-required?} is @code{#t}. This must be specified
|
||||
using a password hash in the format recognized by Transmission clients, either
|
||||
|
@ -613,7 +611,7 @@ they are added in ``paused'' state.")
|
|||
@code{script-torrent-done-filename} will be invoked each time a torrent
|
||||
completes.")
|
||||
(script-torrent-done-filename
|
||||
(maybe-file-object 'disabled)
|
||||
maybe-file-object
|
||||
"A file name or file-like object specifying a script to run each time a
|
||||
torrent completes, when @code{script-torrent-done-enabled?} is @code{#t}.")
|
||||
(scrape-paused-torrents-enabled?
|
||||
|
|
|
@ -76,6 +76,7 @@
|
|||
(lambda (field target)
|
||||
(and (memq (syntax->datum target) `(common ,arg)) field)))
|
||||
(syntax-case stx ()
|
||||
;; TODO Also handle (field-type) form, without a default.
|
||||
((_ stem (field (field-type def) doc target) ...)
|
||||
(with-syntax (((new-field-type ...)
|
||||
(map (lambda (field-type target)
|
||||
|
@ -89,7 +90,7 @@
|
|||
((new-def ...)
|
||||
(map (lambda (def target)
|
||||
(if (eq? 'common (syntax->datum target))
|
||||
#''disabled def))
|
||||
#'*unspecified* def))
|
||||
#'(def ...) #'(target ...)))
|
||||
((new-doc ...)
|
||||
(map (lambda (doc target)
|
||||
|
@ -199,7 +200,7 @@
|
|||
(define-maybe file-object-list)
|
||||
|
||||
(define (raw-content? val)
|
||||
(not (eq? val 'disabled)))
|
||||
(not (unspecified? val)))
|
||||
(define (serialize-raw-content field-name val)
|
||||
val)
|
||||
(define-maybe raw-content)
|
||||
|
@ -227,15 +228,15 @@ just joined the room."))
|
|||
|
||||
(define-configuration ssl-configuration
|
||||
(protocol
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"This determines what handshake to use.")
|
||||
|
||||
(key
|
||||
(maybe-file-name 'disabled)
|
||||
maybe-file-name
|
||||
"Path to your private key file.")
|
||||
|
||||
(certificate
|
||||
(maybe-file-name 'disabled)
|
||||
maybe-file-name
|
||||
"Path to your certificate file.")
|
||||
|
||||
(capath
|
||||
|
@ -244,48 +245,48 @@ just joined the room."))
|
|||
trust when verifying the certificates of remote servers.")
|
||||
|
||||
(cafile
|
||||
(maybe-file-object 'disabled)
|
||||
maybe-file-object
|
||||
"Path to a file containing root certificates that you wish Prosody to trust.
|
||||
Similar to @code{capath} but with all certificates concatenated together.")
|
||||
|
||||
(verify
|
||||
(maybe-string-list 'disabled)
|
||||
maybe-string-list
|
||||
"A list of verification options (these mostly map to OpenSSL's
|
||||
@code{set_verify()} flags).")
|
||||
|
||||
(options
|
||||
(maybe-string-list 'disabled)
|
||||
maybe-string-list
|
||||
"A list of general options relating to SSL/TLS. These map to OpenSSL's
|
||||
@code{set_options()}. For a full list of options available in LuaSec, see the
|
||||
LuaSec source.")
|
||||
|
||||
(depth
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"How long a chain of certificate authorities to check when looking for a
|
||||
trusted root certificate.")
|
||||
|
||||
(ciphers
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"An OpenSSL cipher string. This selects what ciphers Prosody will offer to
|
||||
clients, and in what order.")
|
||||
|
||||
(dhparam
|
||||
(maybe-file-name 'disabled)
|
||||
maybe-file-name
|
||||
"A path to a file containing parameters for Diffie-Hellman key exchange. You
|
||||
can create such a file with:
|
||||
@code{openssl dhparam -out /etc/prosody/certs/dh-2048.pem 2048}")
|
||||
|
||||
(curve
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Curve for Elliptic curve Diffie-Hellman. Prosody's default is
|
||||
@samp{\"secp384r1\"}.")
|
||||
|
||||
(verifyext
|
||||
(maybe-string-list 'disabled)
|
||||
maybe-string-list
|
||||
"A list of \"extra\" verification options.")
|
||||
|
||||
(password
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Password for encrypted private keys."))
|
||||
(define (serialize-ssl-configuration field-name val)
|
||||
#~(format #f "ssl = {\n~a};\n"
|
||||
|
@ -473,12 +474,12 @@ by the Prosody service. See @url{https://prosody.im/doc/logging}."
|
|||
global)
|
||||
|
||||
(http-max-content-size
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
(maybe-non-negative-integer *unspecified*)
|
||||
"Maximum allowed size of the HTTP body (in bytes)."
|
||||
common)
|
||||
|
||||
(http-external-url
|
||||
(maybe-string 'disabled)
|
||||
(maybe-string *unspecified*)
|
||||
"Some modules expose their own URL in various ways. This URL is built
|
||||
from the protocol, host and port used. If Prosody sits behind a proxy, the
|
||||
public URL will be @code{http-external-url} instead. See
|
||||
|
@ -555,7 +556,7 @@ support. To add an external component, you simply fill the hostname field. See
|
|||
int-component)
|
||||
|
||||
(mod-muc
|
||||
(maybe-mod-muc-configuration 'disabled)
|
||||
(maybe-mod-muc-configuration *unspecified*)
|
||||
"Multi-user chat (MUC) is Prosody's module for allowing you to create
|
||||
hosted chatrooms/conferences for XMPP users.
|
||||
|
||||
|
@ -572,7 +573,7 @@ See also @url{https://prosody.im/doc/modules/mod_muc}."
|
|||
ext-component)
|
||||
|
||||
(raw-content
|
||||
(maybe-raw-content 'disabled)
|
||||
(maybe-raw-content *unspecified*)
|
||||
"Raw content that will be added to the configuration file."
|
||||
common)))
|
||||
|
||||
|
|
|
@ -771,17 +771,17 @@ logging is disabled.")
|
|||
"The node host name that is used to make the first connection to the
|
||||
network. A specific port value can be provided by appending the @code{:PORT}
|
||||
suffix. By default, it uses the Jami bootstrap nodes, but any host can be
|
||||
specified here. It's also possible to disable bootstrapping by setting this
|
||||
to the @code{'disabled} symbol.")
|
||||
specified here. It's also possible to disable bootstrapping by explicitly
|
||||
setting this field to the @code{*unspecified*} value.")
|
||||
(port
|
||||
(maybe-number 4222)
|
||||
"The UDP port to bind to. When set to @code{'disabled}, an available port
|
||||
is automatically selected.")
|
||||
"The UDP port to bind to. When set to @code{*unspecified*}, an available
|
||||
port is automatically selected.")
|
||||
(proxy-server-port
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"Spawn a proxy server listening on the specified port.")
|
||||
(proxy-server-port-tls
|
||||
(maybe-number 'disabled)
|
||||
maybe-number
|
||||
"Spawn a proxy server listening to TLS connections on the specified
|
||||
port."))
|
||||
|
||||
|
|
|
@ -114,55 +114,55 @@ before syncing on AC.")
|
|||
"Same as @code{max-lost-work-secs-on-ac} but on BAT mode.")
|
||||
|
||||
(cpu-scaling-governor-on-ac
|
||||
(maybe-space-separated-string-list 'disabled)
|
||||
maybe-space-separated-string-list
|
||||
"CPU frequency scaling governor on AC mode. With intel_pstate
|
||||
driver, alternatives are powersave and performance. With acpi-cpufreq driver,
|
||||
alternatives are ondemand, powersave, performance and conservative.")
|
||||
|
||||
(cpu-scaling-governor-on-bat
|
||||
(maybe-space-separated-string-list 'disabled)
|
||||
maybe-space-separated-string-list
|
||||
"Same as @code{cpu-scaling-governor-on-ac} but on BAT mode.")
|
||||
|
||||
(cpu-scaling-min-freq-on-ac
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Set the min available frequency for the scaling governor on AC.")
|
||||
|
||||
(cpu-scaling-max-freq-on-ac
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Set the max available frequency for the scaling governor on AC.")
|
||||
|
||||
(cpu-scaling-min-freq-on-bat
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Set the min available frequency for the scaling governor on BAT.")
|
||||
|
||||
(cpu-scaling-max-freq-on-bat
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Set the max available frequency for the scaling governor on BAT.")
|
||||
|
||||
(cpu-min-perf-on-ac
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Limit the min P-state to control the power dissipation of the CPU,
|
||||
in AC mode. Values are stated as a percentage of the available performance.")
|
||||
|
||||
(cpu-max-perf-on-ac
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Limit the max P-state to control the power dissipation of the CPU,
|
||||
in AC mode. Values are stated as a percentage of the available performance.")
|
||||
|
||||
(cpu-min-perf-on-bat
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Same as @code{cpu-min-perf-on-ac} on BAT mode.")
|
||||
|
||||
(cpu-max-perf-on-bat
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Same as @code{cpu-max-perf-on-ac} on BAT mode.")
|
||||
|
||||
(cpu-boost-on-ac?
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"Enable CPU turbo boost feature on AC mode.")
|
||||
|
||||
(cpu-boost-on-bat?
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"Same as @code{cpu-boost-on-ac?} on BAT mode.")
|
||||
|
||||
(sched-powersave-on-ac?
|
||||
|
@ -179,7 +179,7 @@ used under light load conditions.")
|
|||
"Enable Linux kernel NMI watchdog.")
|
||||
|
||||
(phc-controls
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"For Linux kernels with PHC patch applied, change CPU voltages.
|
||||
An example value would be @samp{\"F:V F:V F:V F:V\"}.")
|
||||
|
||||
|
@ -205,16 +205,16 @@ performance, normal, powersave.")
|
|||
"Same as @code{disk-apm-bat} but on BAT mode.")
|
||||
|
||||
(disk-spindown-timeout-on-ac
|
||||
(maybe-space-separated-string-list 'disabled)
|
||||
maybe-space-separated-string-list
|
||||
"Hard disk spin down timeout. One value has to be specified for
|
||||
each declared hard disk.")
|
||||
|
||||
(disk-spindown-timeout-on-bat
|
||||
(maybe-space-separated-string-list 'disabled)
|
||||
maybe-space-separated-string-list
|
||||
"Same as @code{disk-spindown-timeout-on-ac} but on BAT mode.")
|
||||
|
||||
(disk-iosched
|
||||
(maybe-space-separated-string-list 'disabled)
|
||||
maybe-space-separated-string-list
|
||||
"Select IO scheduler for disk devices. One value has to be specified
|
||||
for each declared hard disk. Example alternatives are cfq, deadline and noop.")
|
||||
|
||||
|
@ -228,16 +228,16 @@ min_power, medium_power, max_performance.")
|
|||
"Same as @code{sata-linkpwr-ac} but on BAT mode.")
|
||||
|
||||
(sata-linkpwr-blacklist
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Exclude specified SATA host devices for link power management.")
|
||||
|
||||
(ahci-runtime-pm-on-ac?
|
||||
(maybe-on-off-boolean 'disabled)
|
||||
maybe-on-off-boolean
|
||||
"Enable Runtime Power Management for AHCI controller and disks
|
||||
on AC mode.")
|
||||
|
||||
(ahci-runtime-pm-on-bat?
|
||||
(maybe-on-off-boolean 'disabled)
|
||||
maybe-on-off-boolean
|
||||
"Same as @code{ahci-runtime-pm-on-ac} on BAT mode.")
|
||||
|
||||
(ahci-runtime-pm-timeout
|
||||
|
@ -254,19 +254,19 @@ default, performance, powersave.")
|
|||
"Same as @code{pcie-aspm-ac} but on BAT mode.")
|
||||
|
||||
(start-charge-thresh-bat0
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Percentage when battery 0 should begin charging.")
|
||||
|
||||
(stop-charge-thresh-bat0
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Percentage when battery 0 should stop charging.")
|
||||
|
||||
(start-charge-thresh-bat1
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Percentage when battery 1 should begin charging.")
|
||||
|
||||
(stop-charge-thresh-bat1
|
||||
(maybe-non-negative-integer 'disabled)
|
||||
maybe-non-negative-integer
|
||||
"Percentage when battery 1 should stop charging.")
|
||||
|
||||
(radeon-power-profile-on-ac
|
||||
|
@ -346,7 +346,7 @@ on and auto.")
|
|||
blacklisted ones.")
|
||||
|
||||
(runtime-pm-blacklist
|
||||
(maybe-space-separated-string-list 'disabled)
|
||||
maybe-space-separated-string-list
|
||||
"Exclude specified PCI(e) device addresses from Runtime Power Management.")
|
||||
|
||||
(runtime-pm-driver-blacklist
|
||||
|
@ -359,7 +359,7 @@ Runtime Power Management.")
|
|||
"Enable USB autosuspend feature.")
|
||||
|
||||
(usb-blacklist
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Exclude specified devices from USB autosuspend.")
|
||||
|
||||
(usb-blacklist-wwan?
|
||||
|
@ -367,12 +367,12 @@ Runtime Power Management.")
|
|||
"Exclude WWAN devices from USB autosuspend.")
|
||||
|
||||
(usb-whitelist
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Include specified devices into USB autosuspend, even if they are
|
||||
already excluded by the driver or via @code{usb-blacklist-wwan?}.")
|
||||
|
||||
(usb-autosuspend-disable-on-shutdown?
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"Enable USB autosuspend before shutdown.")
|
||||
|
||||
(restore-device-state-on-startup?
|
||||
|
|
|
@ -157,7 +157,7 @@ the @samp{root} user (i.e., not in the store), to guard against leaking the
|
|||
secret key material of the Jami account it contains."
|
||||
empty-serializer)
|
||||
(allowed-contacts
|
||||
(maybe-account-fingerprint-list 'disabled)
|
||||
maybe-account-fingerprint-list
|
||||
"The list of allowed contacts for the account, entered as their 40
|
||||
characters long fingerprint. Messages or calls from accounts not in that list
|
||||
will be rejected. When unspecified, the configuration of the account archive
|
||||
|
@ -166,7 +166,7 @@ allowance, which typically defaults to allow any contact to communicate with
|
|||
the account."
|
||||
empty-serializer)
|
||||
(moderators
|
||||
(maybe-account-fingerprint-list 'disabled)
|
||||
maybe-account-fingerprint-list
|
||||
"The list of contacts that should have moderation privileges (to ban, mute,
|
||||
etc. other users) in rendezvous conferences, entered as their 40 characters
|
||||
long fingerprint. When unspecified, the configuration of the account archive
|
||||
|
@ -175,24 +175,24 @@ anyone to moderate."
|
|||
empty-serializer)
|
||||
;; The serializable fields below are to be set with set-account-details.
|
||||
(rendezvous-point?
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"Whether the account should operate in the rendezvous mode. In this mode,
|
||||
all the incoming audio/video calls are mixed into a conference. When left
|
||||
unspecified, the value from the account archive prevails.")
|
||||
(peer-discovery?
|
||||
(maybe-boolean 'disabled)
|
||||
maybe-boolean
|
||||
"Whether peer discovery should be enabled. Peer discovery is used to
|
||||
discover other OpenDHT nodes on the local network, which can be useful to
|
||||
maintain communication between devices on such network even when the
|
||||
connection to the the Internet has been lost. When left unspecified, the
|
||||
value from the account archive prevails.")
|
||||
(bootstrap-hostnames
|
||||
(maybe-string-list 'disabled)
|
||||
maybe-string-list
|
||||
"A list of hostnames or IPs pointing to OpenDHT nodes, that should be used
|
||||
to initially join the OpenDHT network. When left unspecified, the value from
|
||||
the account archive prevails.")
|
||||
(name-server-uri
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"The URI of the name server to use, that can be used to retrieve the
|
||||
account fingerprint for a registered username."))
|
||||
|
||||
|
@ -214,7 +214,7 @@ SET-ACCOUNT-DETAILS."
|
|||
name ((configuration-field-getter field)
|
||||
jami-account-object)))
|
||||
;; The define-maybe default serializer produces an
|
||||
;; empty string for the 'disabled value.
|
||||
;; empty string for unspecified values.
|
||||
(value* (if (string-null? value)
|
||||
#f
|
||||
value)))
|
||||
|
@ -247,7 +247,7 @@ SET-ACCOUNT-DETAILS."
|
|||
(boolean #f)
|
||||
"Whether to force automatic answer to incoming calls.")
|
||||
(accounts
|
||||
(maybe-jami-account-list 'disabled)
|
||||
maybe-jami-account-list
|
||||
"A list of Jami accounts to be (re-)provisioned every time the Jami daemon
|
||||
service starts. When providing this field, the account directories under
|
||||
@file{/var/lib/jami/} are recreated every time the service starts, ensuring a
|
||||
|
@ -307,7 +307,7 @@ CONFIG, a <jami-configuration> object."
|
|||
(dbus (jami-configuration-dbus config))
|
||||
(dbus-daemon (file-append dbus "/bin/dbus-daemon"))
|
||||
(accounts (jami-configuration-accounts config))
|
||||
(declarative-mode? (not (eq? 'disabled accounts))))
|
||||
(declarative-mode? (not (unspecified? accounts))))
|
||||
|
||||
(with-extensions (list guile-packrat ;used by guile-ac-d-bus
|
||||
guile-ac-d-bus
|
||||
|
@ -649,7 +649,7 @@ argument, either a registered username or the fingerprint of the account.")
|
|||
account-details)
|
||||
(let ((username (archive-name->username
|
||||
archive)))
|
||||
(when (not (eq? 'disabled allowed-contacts))
|
||||
(when (not (unspecified? allowed-contacts))
|
||||
;; Reject calls from unknown contacts.
|
||||
(set-account-details
|
||||
'(("DHT.PublicInCalls" . "false")) username)
|
||||
|
@ -659,7 +659,7 @@ argument, either a registered username or the fingerprint of the account.")
|
|||
;; Add allowed ones.
|
||||
(for-each (cut add-contact <> username)
|
||||
allowed-contacts))
|
||||
(when (not (eq? 'disabled moderators))
|
||||
(when (not (unspecified? moderators))
|
||||
;; Disable the 'AllModerators' property.
|
||||
(set-all-moderators #f username)
|
||||
;; Remove all moderators.
|
||||
|
|
|
@ -363,7 +363,7 @@ poll/epoll/select prior to the write operation.")
|
|||
channel to protect against DoS attacks.")
|
||||
|
||||
(auth-user-pass
|
||||
(maybe-string 'disabled)
|
||||
maybe-string
|
||||
"Authenticate with server using username/password. The option is a file
|
||||
containing username/password on 2 lines. Do not use a file-like object as it
|
||||
would be added to the store and readable by any user.")
|
||||
|
|
|
@ -136,3 +136,15 @@
|
|||
|
||||
(test-assert "maybe value without serialization no procedure bound"
|
||||
(not (defined? 'serialize-maybe-string)))
|
||||
|
||||
(test-assert "maybe type, no default"
|
||||
(unspecified?
|
||||
(config-with-maybe-string/no-serialization-name
|
||||
(config-with-maybe-string/no-serialization))))
|
||||
|
||||
(test-assert "maybe type, with default"
|
||||
(equal?
|
||||
"foo"
|
||||
(config-with-maybe-string/no-serialization-name
|
||||
(config-with-maybe-string/no-serialization
|
||||
(name "foo")))))
|
||||
|
|
Reference in New Issue