me
/
guix
Archived
1
0
Fork 0
Code

services: configuration: Use *unspecified* instead of 'disabled. 

Use *unspecified* as a marker for field values that have not been set.

Rationale: 'disabled may easily clash with user values for boolean fields, is
confusing (i.e. its meaning is *not* boolean false, but unspecified) and it
also passes silently through the symbol? predicate of a field of type symbol.

* gnu/services/configuration.scm (configuration-missing-default-value):
Renamed from configuration-no-default-value.
(define-maybe-helper): Use *unspecified* instead of 'disabled, and make
the default value optional.
* gnu/home/services/desktop.scm (home-redshift-configuration):
Change (maybe-xyz 'disabled) to maybe-xyz.
* gnu/services/authentication.scm (nslcd-configuration): Likewise.
* gnu/services/cgit.scm (repository-cgit-configuration): Likewise.
* gnu/services/file-sharing.scm (serialize-maybe-string)
(serialize-maybe-file-object): Use 'unspecified?' instead of (eq? val
'disabled).
* gnu/services/messaging.scm (raw-content?): Likewise.
(ssl-configuration): Change (maybe-xyz 'disabled) to maybe-xyz.
(prosody-configuration): Likewise.
* gnu/services/file-sharing.scm (transmission-daemon-configuration):
Likewise.
* gnu/services/messaging.scm (define-all-configurations):
Use *unspecified* instead of 'disabled'.
* gnu/services/networking.scm (opendht-configuration): Likewise.
* gnu/services/pm.scm (tlp-configuration): Likewise.
* gnu/services/telephony.scm (jami-account): Likewise.
(jami-configuration): Likewise.
* gnu/services/vpn.scm (openvpn-client-configuration): Likewise.
* tests/services/configuration.scm ("maybe type, no default")
("maybe type, with default"): New tests.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Attila Lendvai 2022-05-17 13:39:28 +02:00 committed by Ludovic Courtès
parent e11517052b
commit 8cb1a49a39
No known key found for this signature in database
GPG Key ID: 090B11993D9AEBB5
11 changed files with 148 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
gnu/home/services/desktop.scm
View File

@ -91,26 +91,26 @@ queried for location information.")
"Nighttime color temperature (kelvins).") "Nighttime color temperature (kelvins).")
(daytime-brightness (daytime-brightness
(maybe-inexact-number 'disabled) maybe-inexact-number
"Daytime screen brightness, between 0.1 and 1.0.") "Daytime screen brightness, between 0.1 and 1.0.")
(nighttime-brightness (nighttime-brightness
(maybe-inexact-number 'disabled) maybe-inexact-number
"Nighttime screen brightness, between 0.1 and 1.0.") "Nighttime screen brightness, between 0.1 and 1.0.")
(latitude (latitude
(maybe-inexact-number 'disabled) maybe-inexact-number
"Latitude, when @code{location-provider} is @code{'manual}.") "Latitude, when @code{location-provider} is @code{'manual}.")
(longitude (longitude
(maybe-inexact-number 'disabled) maybe-inexact-number
"Longitude, when @code{location-provider} is @code{'manual}.") "Longitude, when @code{location-provider} is @code{'manual}.")
(dawn-time (dawn-time
(maybe-string 'disabled) maybe-string
"Custom time for the transition from night to day in the "Custom time for the transition from night to day in the
morning---@code{\"HH:MM\"} format. When specified, solar elevation is not morning---@code{\"HH:MM\"} format. When specified, solar elevation is not
used to determine the daytime/nighttime period.") used to determine the daytime/nighttime period.")
(dusk-time (dusk-time
(maybe-string 'disabled) maybe-string
"Likewise, custom time for the transition from day to night in the "Likewise, custom time for the transition from day to night in the
evening.") evening.")

82
gnu/services/authentication.scm
View File

@ -218,7 +218,7 @@
;; Runtime options ;; Runtime options
(threads (threads
(maybe-number 'disabled) maybe-number
"The number of threads to start that can handle requests and perform LDAP "The number of threads to start that can handle requests and perform LDAP
queries. Each thread opens a separate connection to the LDAP server. The queries. Each thread opens a separate connection to the LDAP server. The
default is to start 5 threads.") default is to start 5 threads.")
@ -243,45 +243,45 @@ messages with the specified log level or higher are logged.")
"The list of LDAP server URIs. Normally, only the first server will be "The list of LDAP server URIs. Normally, only the first server will be
used with the following servers as fall-back.") used with the following servers as fall-back.")
(ldap-version (ldap-version
(maybe-string 'disabled) maybe-string
"The version of the LDAP protocol to use. The default is to use the "The version of the LDAP protocol to use. The default is to use the
maximum version supported by the LDAP library.") maximum version supported by the LDAP library.")
(binddn (binddn
(maybe-string 'disabled) maybe-string
"Specifies the distinguished name with which to bind to the directory "Specifies the distinguished name with which to bind to the directory
server for lookups. The default is to bind anonymously.") server for lookups. The default is to bind anonymously.")
(bindpw (bindpw
(maybe-string 'disabled) maybe-string
"Specifies the credentials with which to bind. This option is only "Specifies the credentials with which to bind. This option is only
applicable when used with binddn.") applicable when used with binddn.")
(rootpwmoddn (rootpwmoddn
(maybe-string 'disabled) maybe-string
"Specifies the distinguished name to use when the root user tries to modify "Specifies the distinguished name to use when the root user tries to modify
a user's password using the PAM module.") a user's password using the PAM module.")
(rootpwmodpw (rootpwmodpw
(maybe-string 'disabled) maybe-string
"Specifies the credentials with which to bind if the root user tries to "Specifies the credentials with which to bind if the root user tries to
change a user's password. This option is only applicable when used with change a user's password. This option is only applicable when used with
rootpwmoddn") rootpwmoddn")
;; SASL authentication options ;; SASL authentication options
(sasl-mech (sasl-mech
(maybe-string 'disabled) maybe-string
"Specifies the SASL mechanism to be used when performing SASL "Specifies the SASL mechanism to be used when performing SASL
authentication.") authentication.")
(sasl-realm (sasl-realm
(maybe-string 'disabled) maybe-string
"Specifies the SASL realm to be used when performing SASL authentication.") "Specifies the SASL realm to be used when performing SASL authentication.")
(sasl-authcid (sasl-authcid
(maybe-string 'disabled) maybe-string
"Specifies the authentication identity to be used when performing SASL "Specifies the authentication identity to be used when performing SASL
authentication.") authentication.")
(sasl-authzid (sasl-authzid
(maybe-string 'disabled) maybe-string
"Specifies the authorization identity to be used when performing SASL "Specifies the authorization identity to be used when performing SASL
authentication.") authentication.")
(sasl-canonicalize? (sasl-canonicalize?
(maybe-boolean 'disabled) maybe-boolean
"Determines whether the LDAP server host name should be canonicalised. If "Determines whether the LDAP server host name should be canonicalised. If
this is enabled the LDAP library will do a reverse host name lookup. By this is enabled the LDAP library will do a reverse host name lookup. By
default, it is left up to the LDAP library whether this check is performed or default, it is left up to the LDAP library whether this check is performed or
@ -289,7 +289,7 @@ not.")
;; Kerberos authentication options ;; Kerberos authentication options
(krb5-ccname (krb5-ccname
(maybe-string 'disabled) maybe-string
"Set the name for the GSS-API Kerberos credentials cache.") "Set the name for the GSS-API Kerberos credentials cache.")
;; Search / mapping options ;; Search / mapping options
@ -302,11 +302,11 @@ not.")
default scope is subtree; base scope is almost never useful for name service default scope is subtree; base scope is almost never useful for name service
lookups; children scope is not supported on all servers.") lookups; children scope is not supported on all servers.")
(deref (deref
(maybe-deref-option 'disabled) maybe-deref-option
"Specifies the policy for dereferencing aliases. The default policy is to "Specifies the policy for dereferencing aliases. The default policy is to
never dereference aliases.") never dereference aliases.")
(referrals (referrals
(maybe-boolean 'disabled) maybe-boolean
"Specifies whether automatic referral chasing should be enabled. The "Specifies whether automatic referral chasing should be enabled. The
default behaviour is to chase referrals.") default behaviour is to chase referrals.")
(maps (maps
@ -322,132 +322,132 @@ applies and an LDAP search filter expression.")
;; Timing / reconnect options ;; Timing / reconnect options
(bind-timelimit (bind-timelimit
(maybe-number 'disabled) maybe-number
"Specifies the time limit in seconds to use when connecting to the "Specifies the time limit in seconds to use when connecting to the
directory server. The default value is 10 seconds.") directory server. The default value is 10 seconds.")
(timelimit (timelimit
(maybe-number 'disabled) maybe-number
"Specifies the time limit (in seconds) to wait for a response from the LDAP "Specifies the time limit (in seconds) to wait for a response from the LDAP
server. A value of zero, which is the default, is to wait indefinitely for server. A value of zero, which is the default, is to wait indefinitely for
searches to be completed.") searches to be completed.")
(idle-timelimit (idle-timelimit
(maybe-number 'disabled) maybe-number
"Specifies the period if inactivity (in seconds) after which the con "Specifies the period if inactivity (in seconds) after which the con
nection to the LDAP server will be closed. The default is not to time out nection to the LDAP server will be closed. The default is not to time out
connections.") connections.")
(reconnect-sleeptime (reconnect-sleeptime
(maybe-number 'disabled) maybe-number
"Specifies the number of seconds to sleep when connecting to all LDAP "Specifies the number of seconds to sleep when connecting to all LDAP
servers fails. By default one second is waited between the first failure and servers fails. By default one second is waited between the first failure and
the first retry.") the first retry.")
(reconnect-retrytime (reconnect-retrytime
(maybe-number 'disabled) maybe-number
"Specifies the time after which the LDAP server is considered to be "Specifies the time after which the LDAP server is considered to be
permanently unavailable. Once this time is reached retries will be done only permanently unavailable. Once this time is reached retries will be done only
once per this time period. The default value is 10 seconds.") once per this time period. The default value is 10 seconds.")
;; TLS options ;; TLS options
(ssl (ssl
(maybe-ssl-option 'disabled) maybe-ssl-option
"Specifies whether to use SSL/TLS or not (the default is not to). If "Specifies whether to use SSL/TLS or not (the default is not to). If
'start-tls is specified then StartTLS is used rather than raw LDAP over SSL.") 'start-tls is specified then StartTLS is used rather than raw LDAP over SSL.")
(tls-reqcert (tls-reqcert
(maybe-tls-reqcert-option 'disabled) maybe-tls-reqcert-option
"Specifies what checks to perform on a server-supplied certificate. "Specifies what checks to perform on a server-supplied certificate.
The meaning of the values is described in the ldap.conf(5) manual page.") The meaning of the values is described in the ldap.conf(5) manual page.")
(tls-cacertdir (tls-cacertdir
(maybe-string 'disabled) maybe-string
"Specifies the directory containing X.509 certificates for peer authen "Specifies the directory containing X.509 certificates for peer authen
tication. This parameter is ignored when using GnuTLS.") tication. This parameter is ignored when using GnuTLS.")
(tls-cacertfile (tls-cacertfile
(maybe-string 'disabled) maybe-string
"Specifies the path to the X.509 certificate for peer authentication.") "Specifies the path to the X.509 certificate for peer authentication.")
(tls-randfile (tls-randfile
(maybe-string 'disabled) maybe-string
"Specifies the path to an entropy source. This parameter is ignored when "Specifies the path to an entropy source. This parameter is ignored when
using GnuTLS.") using GnuTLS.")
(tls-ciphers (tls-ciphers
(maybe-string 'disabled) maybe-string
"Specifies the ciphers to use for TLS as a string.") "Specifies the ciphers to use for TLS as a string.")
(tls-cert (tls-cert
(maybe-string 'disabled) maybe-string
"Specifies the path to the file containing the local certificate for client "Specifies the path to the file containing the local certificate for client
TLS authentication.") TLS authentication.")
(tls-key (tls-key
(maybe-string 'disabled) maybe-string
"Specifies the path to the file containing the private key for client TLS "Specifies the path to the file containing the private key for client TLS
authentication.") authentication.")
;; Other options ;; Other options
(pagesize (pagesize
(maybe-number 'disabled) maybe-number
"Set this to a number greater than 0 to request paged results from the LDAP "Set this to a number greater than 0 to request paged results from the LDAP
server in accordance with RFC2696. The default (0) is to not request paged server in accordance with RFC2696. The default (0) is to not request paged
results.") results.")
(nss-initgroups-ignoreusers (nss-initgroups-ignoreusers
(maybe-ignore-users-option 'disabled) maybe-ignore-users-option
"This option prevents group membership lookups through LDAP for the "This option prevents group membership lookups through LDAP for the
specified users. Alternatively, the value 'all-local may be used. With that specified users. Alternatively, the value 'all-local may be used. With that
value nslcd builds a full list of non-LDAP users on startup.") value nslcd builds a full list of non-LDAP users on startup.")
(nss-min-uid (nss-min-uid
(maybe-number 'disabled) maybe-number
"This option ensures that LDAP users with a numeric user id lower than the "This option ensures that LDAP users with a numeric user id lower than the
specified value are ignored.") specified value are ignored.")
(nss-uid-offset (nss-uid-offset
(maybe-number 'disabled) maybe-number
"This option specifies an offset that is added to all LDAP numeric user "This option specifies an offset that is added to all LDAP numeric user
ids. This can be used to avoid user id collisions with local users.") ids. This can be used to avoid user id collisions with local users.")
(nss-gid-offset (nss-gid-offset
(maybe-number 'disabled) maybe-number
"This option specifies an offset that is added to all LDAP numeric group "This option specifies an offset that is added to all LDAP numeric group
ids. This can be used to avoid user id collisions with local groups.") ids. This can be used to avoid user id collisions with local groups.")
(nss-nested-groups (nss-nested-groups
(maybe-boolean 'disabled) maybe-boolean
"If this option is set, the member attribute of a group may point to "If this option is set, the member attribute of a group may point to
another group. Members of nested groups are also returned in the higher level another group. Members of nested groups are also returned in the higher level
group and parent groups are returned when finding groups for a specific user. group and parent groups are returned when finding groups for a specific user.
The default is not to perform extra searches for nested groups.") The default is not to perform extra searches for nested groups.")
(nss-getgrent-skipmembers (nss-getgrent-skipmembers
(maybe-boolean 'disabled) maybe-boolean
"If this option is set, the group member list is not retrieved when looking "If this option is set, the group member list is not retrieved when looking
up groups. Lookups for finding which groups a user belongs to will remain up groups. Lookups for finding which groups a user belongs to will remain
functional so the user will likely still get the correct groups assigned on functional so the user will likely still get the correct groups assigned on
login.") login.")
(nss-disable-enumeration (nss-disable-enumeration
(maybe-boolean 'disabled) maybe-boolean
"If this option is set, functions which cause all user/group entries to be "If this option is set, functions which cause all user/group entries to be
loaded from the directory will not succeed in doing so. This can dramatically loaded from the directory will not succeed in doing so. This can dramatically
reduce LDAP server load in situations where there are a great number of users reduce LDAP server load in situations where there are a great number of users
and/or groups. This option is not recommended for most configurations.") and/or groups. This option is not recommended for most configurations.")
(validnames (validnames
(maybe-string 'disabled) maybe-string
"This option can be used to specify how user and group names are verified "This option can be used to specify how user and group names are verified
within the system. This pattern is used to check all user and group names within the system. This pattern is used to check all user and group names
that are requested and returned from LDAP.") that are requested and returned from LDAP.")
(ignorecase (ignorecase
(maybe-boolean 'disabled) maybe-boolean
"This specifies whether or not to perform searches using case-insensitive "This specifies whether or not to perform searches using case-insensitive
matching. Enabling this could open up the system to authorization bypass matching. Enabling this could open up the system to authorization bypass
vulnerabilities and introduce nscd cache poisoning vulnerabilities which allow vulnerabilities and introduce nscd cache poisoning vulnerabilities which allow
denial of service.") denial of service.")
(pam-authc-ppolicy (pam-authc-ppolicy
(maybe-boolean 'disabled) maybe-boolean
"This option specifies whether password policy controls are requested and "This option specifies whether password policy controls are requested and
handled from the LDAP server when performing user authentication.") handled from the LDAP server when performing user authentication.")
(pam-authc-search (pam-authc-search
(maybe-string 'disabled) maybe-string
"By default nslcd performs an LDAP search with the user's credentials after "By default nslcd performs an LDAP search with the user's credentials after
BIND (authentication) to ensure that the BIND operation was successful. The BIND (authentication) to ensure that the BIND operation was successful. The
default search is a simple check to see if the user's DN exists. A search default search is a simple check to see if the user's DN exists. A search
filter can be specified that will be used instead. It should return at least filter can be specified that will be used instead. It should return at least
one entry.") one entry.")
(pam-authz-search (pam-authz-search
(maybe-string 'disabled) maybe-string
"This option allows flexible fine tuning of the authorisation check that "This option allows flexible fine tuning of the authorisation check that
should be performed. The search filter specified is executed and if any should be performed. The search filter specified is executed and if any
entries match, access is granted, otherwise access is denied.") entries match, access is granted, otherwise access is denied.")
(pam-password-prohibit-message (pam-password-prohibit-message
(maybe-string 'disabled) maybe-string
"If this option is set password modification using pam_ldap will be denied "If this option is set password modification using pam_ldap will be denied
and the specified message will be presented to the user instead. The message and the specified message will be presented to the user instead. The message
can be used to direct the user to an alternative means of changing their can be used to direct the user to an alternative means of changing their

12
gnu/services/cgit.scm
View File

@ -241,27 +241,27 @@ is no suitable HEAD.")
(repo-file-object "") (repo-file-object "")
"Override the default @code{email-filter}.") "Override the default @code{email-filter}.")
(enable-commit-graph? (enable-commit-graph?
(maybe-repo-boolean 'disabled) maybe-repo-boolean
"A flag which can be used to disable the global setting "A flag which can be used to disable the global setting
@code{enable-commit-graph?}.") @code{enable-commit-graph?}.")
(enable-log-filecount? (enable-log-filecount?
(maybe-repo-boolean 'disabled) maybe-repo-boolean
"A flag which can be used to disable the global setting "A flag which can be used to disable the global setting
@code{enable-log-filecount?}.") @code{enable-log-filecount?}.")
(enable-log-linecount? (enable-log-linecount?
(maybe-repo-boolean 'disabled) maybe-repo-boolean
"A flag which can be used to disable the global setting "A flag which can be used to disable the global setting
@code{enable-log-linecount?}.") @code{enable-log-linecount?}.")
(enable-remote-branches? (enable-remote-branches?
(maybe-repo-boolean 'disabled) maybe-repo-boolean
"Flag which, when set to @code{#t}, will make cgit display remote "Flag which, when set to @code{#t}, will make cgit display remote
branches in the summary and refs views.") branches in the summary and refs views.")
(enable-subject-links? (enable-subject-links?
(maybe-repo-boolean 'disabled) maybe-repo-boolean
"A flag which can be used to override the global setting "A flag which can be used to override the global setting
@code{enable-subject-links?}.") @code{enable-subject-links?}.")
(enable-html-serving? (enable-html-serving?
(maybe-repo-boolean 'disabled) maybe-repo-boolean
"A flag which can be used to override the global setting "A flag which can be used to override the global setting
@code{enable-html-serving?}.") @code{enable-html-serving?}.")
(hide? (hide?

17
gnu/services/configuration.scm
View File

@ -93,7 +93,7 @@
(define (configuration-missing-field kind field) (define (configuration-missing-field kind field)
(configuration-error (configuration-error
(format #f "~a configuration missing required field ~a" kind field))) (format #f "~a configuration missing required field ~a" kind field)))
(define (configuration-no-default-value kind field) (define (configuration-missing-default-value kind field)
(configuration-error (configuration-error
(format #f "The field `~a' of the `~a' configuration record \ (format #f "The field `~a' of the `~a' configuration record \
does not have a default value" field kind))) does not have a default value" field kind)))
@ -142,7 +142,8 @@ does not have a default value" field kind)))
(id #'stem #'serialize-maybe- #'stem)))) (id #'stem #'serialize-maybe- #'stem))))
#`(begin #`(begin
(define (maybe-stem? val) (define (maybe-stem? val)
(or (eq? val 'disabled) (stem? val))) (or (unspecified? val)
(stem? val)))
#,@(if serialize? #,@(if serialize?
(list #'(define (serialize-maybe-stem field-name val) (list #'(define (serialize-maybe-stem field-name val)
(if (stem? val) (if (stem? val)
@ -170,10 +171,10 @@ does not have a default value" field kind)))
(values #'(field-type def))) (values #'(field-type def)))
((field-type) ((field-type)
(identifier? #'field-type) (identifier? #'field-type)
(values #'(field-type 'disabled))) (values #'(field-type *unspecified*)))
(field-type (field-type
(identifier? #'field-type) (identifier? #'field-type)
(values #'(field-type 'disabled))))) (values #'(field-type *unspecified*)))))
(define (define-configuration-helper serialize? serializer-prefix syn) (define (define-configuration-helper serialize? serializer-prefix syn)
(syntax-case syn () (syntax-case syn ()
@ -219,9 +220,7 @@ does not have a default value" field kind)))
source-properties->location)) source-properties->location))
(innate)) (innate))
#,@(map (lambda (name getter def) #,@(map (lambda (name getter def)
(if (eq? (syntax->datum def) (quote 'undefined)) #`(#,name #,getter (default #,def)))
#`(#,name #,getter)
#`(#,name #,getter (default #,def))))
#'(field ...) #'(field ...)
#'(field-getter ...) #'(field-getter ...)
#'(field-default ...))) #'(field-default ...)))
@ -236,8 +235,8 @@ does not have a default value" field kind)))
(lambda () (lambda ()
(display '#,(id #'stem #'% #'stem)) (display '#,(id #'stem #'% #'stem))
(if (eq? (syntax->datum field-default) (if (eq? (syntax->datum field-default)
'undefined) '*unspecified*)
(configuration-no-default-value (configuration-missing-default-value
'#,(id #'stem #'% #'stem) 'field) '#,(id #'stem #'% #'stem) 'field)
field-default))) field-default)))
(documentation doc)) (documentation doc))

24
gnu/services/file-sharing.scm
View File

@ -115,8 +115,7 @@ type generated and used by Transmission clients, suitable for passing to the
(set! serialize-maybe-string (set! serialize-maybe-string
(lambda (field-name val) (lambda (field-name val)
(serialize-string field-name (serialize-string field-name
(if (and (symbol? val) (if (unspecified? val)
(eq? val 'disabled))
"" ""
val)))) val))))
@ -181,8 +180,7 @@ type generated and used by Transmission clients, suitable for passing to the
(define-maybe file-object) (define-maybe file-object)
(set! serialize-maybe-file-object (set! serialize-maybe-file-object
(lambda (field-name val) (lambda (field-name val)
(if (and (symbol? val) (if (unspecified? val)
(eq? val 'disabled))
(serialize-string field-name "") (serialize-string field-name "")
(serialize-file-object field-name val)))) (serialize-file-object field-name val))))
@ -281,7 +279,7 @@ torrent is being downloaded, then moved to @code{download-dir} once the
torrent is complete. Otherwise, files for all torrents (including those still torrent is complete. Otherwise, files for all torrents (including those still
being downloaded) will be placed in @code{download-dir}.") being downloaded) will be placed in @code{download-dir}.")
(incomplete-dir (incomplete-dir
(maybe-string 'disabled) maybe-string
"The directory in which files from incompletely downloaded torrents will be "The directory in which files from incompletely downloaded torrents will be
held when @code{incomplete-dir-enabled?} is @code{#t}.") held when @code{incomplete-dir-enabled?} is @code{#t}.")
(umask (umask
@ -305,7 +303,7 @@ for new @file{.torrent} files and the torrents they describe added
automatically (and the original files removed, if automatically (and the original files removed, if
@code{trash-original-torrent-files?} is @code{#t}).") @code{trash-original-torrent-files?} is @code{#t}).")
(watch-dir (watch-dir
(maybe-string 'disabled) maybe-string
"The directory to be watched for @file{.torrent} files indicating new "The directory to be watched for @file{.torrent} files indicating new
torrents to be added, when @code{watch-dir-enabled} is @code{#t}.") torrents to be added, when @code{watch-dir-enabled} is @code{#t}.")
(trash-original-torrent-files? (trash-original-torrent-files?
@ -401,11 +399,11 @@ upstream gateway automatically using @acronym{UPnP} and @acronym{NAT-PMP}.")
@code{prefer-unencrypted-connections}, @code{prefer-encrypted-connections} or @code{prefer-unencrypted-connections}, @code{prefer-encrypted-connections} or
@code{require-encrypted-connections}.") @code{require-encrypted-connections}.")
(peer-congestion-algorithm (peer-congestion-algorithm
(maybe-string 'disabled) maybe-string
"The TCP congestion-control algorithm to use for peer connections, "The TCP congestion-control algorithm to use for peer connections,
specified using a string recognized by the operating system in calls to specified using a string recognized by the operating system in calls to
@code{setsockopt} (or set to @code{disabled}, in which case the @code{setsockopt} (or leave it unset, in which case the operating-system
operating-system default is used). default is used).
Note that on GNU/Linux systems, the kernel must be configured to allow Note that on GNU/Linux systems, the kernel must be configured to allow
processes to use a congestion-control algorithm not in the default set; processes to use a congestion-control algorithm not in the default set;
@ -465,7 +463,7 @@ torrent before it is regenerated.")
"When @code{#t}, the daemon will ignore peers mentioned in the blocklist it "When @code{#t}, the daemon will ignore peers mentioned in the blocklist it
has most recently downloaded from @code{blocklist-url}.") has most recently downloaded from @code{blocklist-url}.")
(blocklist-url (blocklist-url
(maybe-string 'disabled) maybe-string
"The URL of a peer blocklist (in @acronym{P2P}-plaintext or eMule "The URL of a peer blocklist (in @acronym{P2P}-plaintext or eMule
@file{.dat} format) to be periodically downloaded and applied when @file{.dat} format) to be periodically downloaded and applied when
@code{blocklist-enabled?} is @code{#t}.") @code{blocklist-enabled?} is @code{#t}.")
@ -564,11 +562,11 @@ which allows remote control of the daemon via its Web interface, the
the side effect of disabling host-name whitelisting (see the side effect of disabling host-name whitelisting (see
@code{rpc-host-whitelist-enabled?}.") @code{rpc-host-whitelist-enabled?}.")
(rpc-username (rpc-username
(maybe-string 'disabled) maybe-string
"The username required by clients to access the @acronym{RPC} interface "The username required by clients to access the @acronym{RPC} interface
when @code{rpc-authentication-required?} is @code{#t}.") when @code{rpc-authentication-required?} is @code{#t}.")
(rpc-password (rpc-password
(maybe-transmission-password-hash 'disabled) maybe-transmission-password-hash
"The password required by clients to access the @acronym{RPC} interface "The password required by clients to access the @acronym{RPC} interface
when @code{rpc-authentication-required?} is @code{#t}. This must be specified when @code{rpc-authentication-required?} is @code{#t}. This must be specified
using a password hash in the format recognized by Transmission clients, either using a password hash in the format recognized by Transmission clients, either
@ -613,7 +611,7 @@ they are added in ``paused'' state.")
@code{script-torrent-done-filename} will be invoked each time a torrent @code{script-torrent-done-filename} will be invoked each time a torrent
completes.") completes.")
(script-torrent-done-filename (script-torrent-done-filename
(maybe-file-object 'disabled) maybe-file-object
"A file name or file-like object specifying a script to run each time a "A file name or file-like object specifying a script to run each time a
torrent completes, when @code{script-torrent-done-enabled?} is @code{#t}.") torrent completes, when @code{script-torrent-done-enabled?} is @code{#t}.")
(scrape-paused-torrents-enabled? (scrape-paused-torrents-enabled?

37
gnu/services/messaging.scm
View File

@ -76,6 +76,7 @@
(lambda (field target) (lambda (field target)
(and (memq (syntax->datum target) `(common ,arg)) field))) (and (memq (syntax->datum target) `(common ,arg)) field)))
(syntax-case stx () (syntax-case stx ()
;; TODO Also handle (field-type) form, without a default.
((_ stem (field (field-type def) doc target) ...) ((_ stem (field (field-type def) doc target) ...)
(with-syntax (((new-field-type ...) (with-syntax (((new-field-type ...)
(map (lambda (field-type target) (map (lambda (field-type target)
@ -89,7 +90,7 @@
((new-def ...) ((new-def ...)
(map (lambda (def target) (map (lambda (def target)
(if (eq? 'common (syntax->datum target)) (if (eq? 'common (syntax->datum target))
#''disabled def)) #'*unspecified* def))
#'(def ...) #'(target ...))) #'(def ...) #'(target ...)))
((new-doc ...) ((new-doc ...)
(map (lambda (doc target) (map (lambda (doc target)
@ -199,7 +200,7 @@
(define-maybe file-object-list) (define-maybe file-object-list)
(define (raw-content? val) (define (raw-content? val)
(not (eq? val 'disabled))) (not (unspecified? val)))
(define (serialize-raw-content field-name val) (define (serialize-raw-content field-name val)
val) val)
(define-maybe raw-content) (define-maybe raw-content)
@ -227,15 +228,15 @@ just joined the room."))
(define-configuration ssl-configuration (define-configuration ssl-configuration
(protocol (protocol
(maybe-string 'disabled) maybe-string
"This determines what handshake to use.") "This determines what handshake to use.")
(key (key
(maybe-file-name 'disabled) maybe-file-name
"Path to your private key file.") "Path to your private key file.")
(certificate (certificate
(maybe-file-name 'disabled) maybe-file-name
"Path to your certificate file.") "Path to your certificate file.")
(capath (capath
@ -244,48 +245,48 @@ just joined the room."))
trust when verifying the certificates of remote servers.") trust when verifying the certificates of remote servers.")
(cafile (cafile
(maybe-file-object 'disabled) maybe-file-object
"Path to a file containing root certificates that you wish Prosody to trust. "Path to a file containing root certificates that you wish Prosody to trust.
Similar to @code{capath} but with all certificates concatenated together.") Similar to @code{capath} but with all certificates concatenated together.")
(verify (verify
(maybe-string-list 'disabled) maybe-string-list
"A list of verification options (these mostly map to OpenSSL's "A list of verification options (these mostly map to OpenSSL's
@code{set_verify()} flags).") @code{set_verify()} flags).")
(options (options
(maybe-string-list 'disabled) maybe-string-list
"A list of general options relating to SSL/TLS. These map to OpenSSL's "A list of general options relating to SSL/TLS. These map to OpenSSL's
@code{set_options()}. For a full list of options available in LuaSec, see the @code{set_options()}. For a full list of options available in LuaSec, see the
LuaSec source.") LuaSec source.")
(depth (depth
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"How long a chain of certificate authorities to check when looking for a "How long a chain of certificate authorities to check when looking for a
trusted root certificate.") trusted root certificate.")
(ciphers (ciphers
(maybe-string 'disabled) maybe-string
"An OpenSSL cipher string. This selects what ciphers Prosody will offer to "An OpenSSL cipher string. This selects what ciphers Prosody will offer to
clients, and in what order.") clients, and in what order.")
(dhparam (dhparam
(maybe-file-name 'disabled) maybe-file-name
"A path to a file containing parameters for Diffie-Hellman key exchange. You "A path to a file containing parameters for Diffie-Hellman key exchange. You
can create such a file with: can create such a file with:
@code{openssl dhparam -out /etc/prosody/certs/dh-2048.pem 2048}") @code{openssl dhparam -out /etc/prosody/certs/dh-2048.pem 2048}")
(curve (curve
(maybe-string 'disabled) maybe-string
"Curve for Elliptic curve Diffie-Hellman. Prosody's default is "Curve for Elliptic curve Diffie-Hellman. Prosody's default is
@samp{\"secp384r1\"}.") @samp{\"secp384r1\"}.")
(verifyext (verifyext
(maybe-string-list 'disabled) maybe-string-list
"A list of \"extra\" verification options.") "A list of \"extra\" verification options.")
(password (password
(maybe-string 'disabled) maybe-string
"Password for encrypted private keys.")) "Password for encrypted private keys."))
(define (serialize-ssl-configuration field-name val) (define (serialize-ssl-configuration field-name val)
#~(format #f "ssl = {\n~a};\n" #~(format #f "ssl = {\n~a};\n"
@ -473,12 +474,12 @@ by the Prosody service. See @url{https://prosody.im/doc/logging}."
global) global)
(http-max-content-size (http-max-content-size
(maybe-non-negative-integer 'disabled) (maybe-non-negative-integer *unspecified*)
"Maximum allowed size of the HTTP body (in bytes)." "Maximum allowed size of the HTTP body (in bytes)."
common) common)
(http-external-url (http-external-url
(maybe-string 'disabled) (maybe-string *unspecified*)
"Some modules expose their own URL in various ways. This URL is built "Some modules expose their own URL in various ways. This URL is built
from the protocol, host and port used. If Prosody sits behind a proxy, the from the protocol, host and port used. If Prosody sits behind a proxy, the
public URL will be @code{http-external-url} instead. See public URL will be @code{http-external-url} instead. See
@ -555,7 +556,7 @@ support. To add an external component, you simply fill the hostname field. See
int-component) int-component)
(mod-muc (mod-muc
(maybe-mod-muc-configuration 'disabled) (maybe-mod-muc-configuration *unspecified*)
"Multi-user chat (MUC) is Prosody's module for allowing you to create "Multi-user chat (MUC) is Prosody's module for allowing you to create
hosted chatrooms/conferences for XMPP users. hosted chatrooms/conferences for XMPP users.
@ -572,7 +573,7 @@ See also @url{https://prosody.im/doc/modules/mod_muc}."
ext-component) ext-component)
(raw-content (raw-content
(maybe-raw-content 'disabled) (maybe-raw-content *unspecified*)
"Raw content that will be added to the configuration file." "Raw content that will be added to the configuration file."
common))) common)))

12
gnu/services/networking.scm
View File

@ -771,17 +771,17 @@ logging is disabled.")
"The node host name that is used to make the first connection to the "The node host name that is used to make the first connection to the
network. A specific port value can be provided by appending the @code{:PORT} network. A specific port value can be provided by appending the @code{:PORT}
suffix. By default, it uses the Jami bootstrap nodes, but any host can be suffix. By default, it uses the Jami bootstrap nodes, but any host can be
specified here. It's also possible to disable bootstrapping by setting this specified here. It's also possible to disable bootstrapping by explicitly
to the @code{'disabled} symbol.") setting this field to the @code{*unspecified*} value.")
(port (port
(maybe-number 4222) (maybe-number 4222)
"The UDP port to bind to. When set to @code{'disabled}, an available port "The UDP port to bind to. When set to @code{*unspecified*}, an available
is automatically selected.") port is automatically selected.")
(proxy-server-port (proxy-server-port
(maybe-number 'disabled) maybe-number
"Spawn a proxy server listening on the specified port.") "Spawn a proxy server listening on the specified port.")
(proxy-server-port-tls (proxy-server-port-tls
(maybe-number 'disabled) maybe-number
"Spawn a proxy server listening to TLS connections on the specified "Spawn a proxy server listening to TLS connections on the specified
port.")) port."))

54
gnu/services/pm.scm
View File

@ -114,55 +114,55 @@ before syncing on AC.")
"Same as @code{max-lost-work-secs-on-ac} but on BAT mode.") "Same as @code{max-lost-work-secs-on-ac} but on BAT mode.")
(cpu-scaling-governor-on-ac (cpu-scaling-governor-on-ac
(maybe-space-separated-string-list 'disabled) maybe-space-separated-string-list
"CPU frequency scaling governor on AC mode. With intel_pstate "CPU frequency scaling governor on AC mode. With intel_pstate
driver, alternatives are powersave and performance. With acpi-cpufreq driver, driver, alternatives are powersave and performance. With acpi-cpufreq driver,
alternatives are ondemand, powersave, performance and conservative.") alternatives are ondemand, powersave, performance and conservative.")
(cpu-scaling-governor-on-bat (cpu-scaling-governor-on-bat
(maybe-space-separated-string-list 'disabled) maybe-space-separated-string-list
"Same as @code{cpu-scaling-governor-on-ac} but on BAT mode.") "Same as @code{cpu-scaling-governor-on-ac} but on BAT mode.")
(cpu-scaling-min-freq-on-ac (cpu-scaling-min-freq-on-ac
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Set the min available frequency for the scaling governor on AC.") "Set the min available frequency for the scaling governor on AC.")
(cpu-scaling-max-freq-on-ac (cpu-scaling-max-freq-on-ac
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Set the max available frequency for the scaling governor on AC.") "Set the max available frequency for the scaling governor on AC.")
(cpu-scaling-min-freq-on-bat (cpu-scaling-min-freq-on-bat
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Set the min available frequency for the scaling governor on BAT.") "Set the min available frequency for the scaling governor on BAT.")
(cpu-scaling-max-freq-on-bat (cpu-scaling-max-freq-on-bat
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Set the max available frequency for the scaling governor on BAT.") "Set the max available frequency for the scaling governor on BAT.")
(cpu-min-perf-on-ac (cpu-min-perf-on-ac
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Limit the min P-state to control the power dissipation of the CPU, "Limit the min P-state to control the power dissipation of the CPU,
in AC mode. Values are stated as a percentage of the available performance.") in AC mode. Values are stated as a percentage of the available performance.")
(cpu-max-perf-on-ac (cpu-max-perf-on-ac
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Limit the max P-state to control the power dissipation of the CPU, "Limit the max P-state to control the power dissipation of the CPU,
in AC mode. Values are stated as a percentage of the available performance.") in AC mode. Values are stated as a percentage of the available performance.")
(cpu-min-perf-on-bat (cpu-min-perf-on-bat
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Same as @code{cpu-min-perf-on-ac} on BAT mode.") "Same as @code{cpu-min-perf-on-ac} on BAT mode.")
(cpu-max-perf-on-bat (cpu-max-perf-on-bat
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Same as @code{cpu-max-perf-on-ac} on BAT mode.") "Same as @code{cpu-max-perf-on-ac} on BAT mode.")
(cpu-boost-on-ac? (cpu-boost-on-ac?
(maybe-boolean 'disabled) maybe-boolean
"Enable CPU turbo boost feature on AC mode.") "Enable CPU turbo boost feature on AC mode.")
(cpu-boost-on-bat? (cpu-boost-on-bat?
(maybe-boolean 'disabled) maybe-boolean
"Same as @code{cpu-boost-on-ac?} on BAT mode.") "Same as @code{cpu-boost-on-ac?} on BAT mode.")
(sched-powersave-on-ac? (sched-powersave-on-ac?
@ -179,7 +179,7 @@ used under light load conditions.")
"Enable Linux kernel NMI watchdog.") "Enable Linux kernel NMI watchdog.")
(phc-controls (phc-controls
(maybe-string 'disabled) maybe-string
"For Linux kernels with PHC patch applied, change CPU voltages. "For Linux kernels with PHC patch applied, change CPU voltages.
An example value would be @samp{\"F:V F:V F:V F:V\"}.") An example value would be @samp{\"F:V F:V F:V F:V\"}.")
@ -205,16 +205,16 @@ performance, normal, powersave.")
"Same as @code{disk-apm-bat} but on BAT mode.") "Same as @code{disk-apm-bat} but on BAT mode.")
(disk-spindown-timeout-on-ac (disk-spindown-timeout-on-ac
(maybe-space-separated-string-list 'disabled) maybe-space-separated-string-list
"Hard disk spin down timeout. One value has to be specified for "Hard disk spin down timeout. One value has to be specified for
each declared hard disk.") each declared hard disk.")
(disk-spindown-timeout-on-bat (disk-spindown-timeout-on-bat
(maybe-space-separated-string-list 'disabled) maybe-space-separated-string-list
"Same as @code{disk-spindown-timeout-on-ac} but on BAT mode.") "Same as @code{disk-spindown-timeout-on-ac} but on BAT mode.")
(disk-iosched (disk-iosched
(maybe-space-separated-string-list 'disabled) maybe-space-separated-string-list
"Select IO scheduler for disk devices. One value has to be specified "Select IO scheduler for disk devices. One value has to be specified
for each declared hard disk. Example alternatives are cfq, deadline and noop.") for each declared hard disk. Example alternatives are cfq, deadline and noop.")
@ -228,16 +228,16 @@ min_power, medium_power, max_performance.")
"Same as @code{sata-linkpwr-ac} but on BAT mode.") "Same as @code{sata-linkpwr-ac} but on BAT mode.")
(sata-linkpwr-blacklist (sata-linkpwr-blacklist
(maybe-string 'disabled) maybe-string
"Exclude specified SATA host devices for link power management.") "Exclude specified SATA host devices for link power management.")
(ahci-runtime-pm-on-ac? (ahci-runtime-pm-on-ac?
(maybe-on-off-boolean 'disabled) maybe-on-off-boolean
"Enable Runtime Power Management for AHCI controller and disks "Enable Runtime Power Management for AHCI controller and disks
on AC mode.") on AC mode.")
(ahci-runtime-pm-on-bat? (ahci-runtime-pm-on-bat?
(maybe-on-off-boolean 'disabled) maybe-on-off-boolean
"Same as @code{ahci-runtime-pm-on-ac} on BAT mode.") "Same as @code{ahci-runtime-pm-on-ac} on BAT mode.")
(ahci-runtime-pm-timeout (ahci-runtime-pm-timeout
@ -254,19 +254,19 @@ default, performance, powersave.")
"Same as @code{pcie-aspm-ac} but on BAT mode.") "Same as @code{pcie-aspm-ac} but on BAT mode.")
(start-charge-thresh-bat0 (start-charge-thresh-bat0
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Percentage when battery 0 should begin charging.") "Percentage when battery 0 should begin charging.")
(stop-charge-thresh-bat0 (stop-charge-thresh-bat0
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Percentage when battery 0 should stop charging.") "Percentage when battery 0 should stop charging.")
(start-charge-thresh-bat1 (start-charge-thresh-bat1
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Percentage when battery 1 should begin charging.") "Percentage when battery 1 should begin charging.")
(stop-charge-thresh-bat1 (stop-charge-thresh-bat1
(maybe-non-negative-integer 'disabled) maybe-non-negative-integer
"Percentage when battery 1 should stop charging.") "Percentage when battery 1 should stop charging.")
(radeon-power-profile-on-ac (radeon-power-profile-on-ac
@ -346,7 +346,7 @@ on and auto.")
blacklisted ones.") blacklisted ones.")
(runtime-pm-blacklist (runtime-pm-blacklist
(maybe-space-separated-string-list 'disabled) maybe-space-separated-string-list
"Exclude specified PCI(e) device addresses from Runtime Power Management.") "Exclude specified PCI(e) device addresses from Runtime Power Management.")
(runtime-pm-driver-blacklist (runtime-pm-driver-blacklist
@ -359,7 +359,7 @@ Runtime Power Management.")
"Enable USB autosuspend feature.") "Enable USB autosuspend feature.")
(usb-blacklist (usb-blacklist
(maybe-string 'disabled) maybe-string
"Exclude specified devices from USB autosuspend.") "Exclude specified devices from USB autosuspend.")
(usb-blacklist-wwan? (usb-blacklist-wwan?
@ -367,12 +367,12 @@ Runtime Power Management.")
"Exclude WWAN devices from USB autosuspend.") "Exclude WWAN devices from USB autosuspend.")
(usb-whitelist (usb-whitelist
(maybe-string 'disabled) maybe-string
"Include specified devices into USB autosuspend, even if they are "Include specified devices into USB autosuspend, even if they are
already excluded by the driver or via @code{usb-blacklist-wwan?}.") already excluded by the driver or via @code{usb-blacklist-wwan?}.")
(usb-autosuspend-disable-on-shutdown? (usb-autosuspend-disable-on-shutdown?
(maybe-boolean 'disabled) maybe-boolean
"Enable USB autosuspend before shutdown.") "Enable USB autosuspend before shutdown.")
(restore-device-state-on-startup? (restore-device-state-on-startup?

22
gnu/services/telephony.scm
View File

@ -157,7 +157,7 @@ the @samp{root} user (i.e., not in the store), to guard against leaking the
secret key material of the Jami account it contains." secret key material of the Jami account it contains."
empty-serializer) empty-serializer)
(allowed-contacts (allowed-contacts
(maybe-account-fingerprint-list 'disabled) maybe-account-fingerprint-list
"The list of allowed contacts for the account, entered as their 40 "The list of allowed contacts for the account, entered as their 40
characters long fingerprint. Messages or calls from accounts not in that list characters long fingerprint. Messages or calls from accounts not in that list
will be rejected. When unspecified, the configuration of the account archive will be rejected. When unspecified, the configuration of the account archive
@ -166,7 +166,7 @@ allowance, which typically defaults to allow any contact to communicate with
the account." the account."
empty-serializer) empty-serializer)
(moderators (moderators
(maybe-account-fingerprint-list 'disabled) maybe-account-fingerprint-list
"The list of contacts that should have moderation privileges (to ban, mute, "The list of contacts that should have moderation privileges (to ban, mute,
etc. other users) in rendezvous conferences, entered as their 40 characters etc. other users) in rendezvous conferences, entered as their 40 characters
long fingerprint. When unspecified, the configuration of the account archive long fingerprint. When unspecified, the configuration of the account archive
@ -175,24 +175,24 @@ anyone to moderate."
empty-serializer) empty-serializer)
;; The serializable fields below are to be set with set-account-details. ;; The serializable fields below are to be set with set-account-details.
(rendezvous-point? (rendezvous-point?
(maybe-boolean 'disabled) maybe-boolean
"Whether the account should operate in the rendezvous mode. In this mode, "Whether the account should operate in the rendezvous mode. In this mode,
all the incoming audio/video calls are mixed into a conference. When left all the incoming audio/video calls are mixed into a conference. When left
unspecified, the value from the account archive prevails.") unspecified, the value from the account archive prevails.")
(peer-discovery? (peer-discovery?
(maybe-boolean 'disabled) maybe-boolean
"Whether peer discovery should be enabled. Peer discovery is used to "Whether peer discovery should be enabled. Peer discovery is used to
discover other OpenDHT nodes on the local network, which can be useful to discover other OpenDHT nodes on the local network, which can be useful to
maintain communication between devices on such network even when the maintain communication between devices on such network even when the
connection to the the Internet has been lost. When left unspecified, the connection to the the Internet has been lost. When left unspecified, the
value from the account archive prevails.") value from the account archive prevails.")
(bootstrap-hostnames (bootstrap-hostnames
(maybe-string-list 'disabled) maybe-string-list
"A list of hostnames or IPs pointing to OpenDHT nodes, that should be used "A list of hostnames or IPs pointing to OpenDHT nodes, that should be used
to initially join the OpenDHT network. When left unspecified, the value from to initially join the OpenDHT network. When left unspecified, the value from
the account archive prevails.") the account archive prevails.")
(name-server-uri (name-server-uri
(maybe-string 'disabled) maybe-string
"The URI of the name server to use, that can be used to retrieve the "The URI of the name server to use, that can be used to retrieve the
account fingerprint for a registered username.")) account fingerprint for a registered username."))
@ -214,7 +214,7 @@ SET-ACCOUNT-DETAILS."
name ((configuration-field-getter field) name ((configuration-field-getter field)
jami-account-object))) jami-account-object)))
;; The define-maybe default serializer produces an ;; The define-maybe default serializer produces an
;; empty string for the 'disabled value. ;; empty string for unspecified values.
(value* (if (string-null? value) (value* (if (string-null? value)
#f #f
value))) value)))
@ -247,7 +247,7 @@ SET-ACCOUNT-DETAILS."
(boolean #f) (boolean #f)
"Whether to force automatic answer to incoming calls.") "Whether to force automatic answer to incoming calls.")
(accounts (accounts
(maybe-jami-account-list 'disabled) maybe-jami-account-list
"A list of Jami accounts to be (re-)provisioned every time the Jami daemon "A list of Jami accounts to be (re-)provisioned every time the Jami daemon
service starts. When providing this field, the account directories under service starts. When providing this field, the account directories under
@file{/var/lib/jami/} are recreated every time the service starts, ensuring a @file{/var/lib/jami/} are recreated every time the service starts, ensuring a
@ -307,7 +307,7 @@ CONFIG, a <jami-configuration> object."
(dbus (jami-configuration-dbus config)) (dbus (jami-configuration-dbus config))
(dbus-daemon (file-append dbus "/bin/dbus-daemon")) (dbus-daemon (file-append dbus "/bin/dbus-daemon"))
(accounts (jami-configuration-accounts config)) (accounts (jami-configuration-accounts config))
(declarative-mode? (not (eq? 'disabled accounts)))) (declarative-mode? (not (unspecified? accounts))))
(with-extensions (list guile-packrat ;used by guile-ac-d-bus (with-extensions (list guile-packrat ;used by guile-ac-d-bus
guile-ac-d-bus guile-ac-d-bus
@ -649,7 +649,7 @@ argument, either a registered username or the fingerprint of the account.")
account-details) account-details)
(let ((username (archive-name->username (let ((username (archive-name->username
archive))) archive)))
(when (not (eq? 'disabled allowed-contacts)) (when (not (unspecified? allowed-contacts))
;; Reject calls from unknown contacts. ;; Reject calls from unknown contacts.
(set-account-details (set-account-details
'(("DHT.PublicInCalls" . "false")) username) '(("DHT.PublicInCalls" . "false")) username)
@ -659,7 +659,7 @@ argument, either a registered username or the fingerprint of the account.")
;; Add allowed ones. ;; Add allowed ones.
(for-each (cut add-contact <> username) (for-each (cut add-contact <> username)
allowed-contacts)) allowed-contacts))
(when (not (eq? 'disabled moderators)) (when (not (unspecified? moderators))
;; Disable the 'AllModerators' property. ;; Disable the 'AllModerators' property.
(set-all-moderators #f username) (set-all-moderators #f username)
;; Remove all moderators. ;; Remove all moderators.

2
gnu/services/vpn.scm
View File

@ -363,7 +363,7 @@ poll/epoll/select prior to the write operation.")
channel to protect against DoS attacks.") channel to protect against DoS attacks.")
(auth-user-pass (auth-user-pass
(maybe-string 'disabled) maybe-string
"Authenticate with server using username/password. The option is a file "Authenticate with server using username/password. The option is a file
containing username/password on 2 lines. Do not use a file-like object as it containing username/password on 2 lines. Do not use a file-like object as it
would be added to the store and readable by any user.") would be added to the store and readable by any user.")

12
tests/services/configuration.scm
View File

@ -136,3 +136,15 @@
(test-assert "maybe value without serialization no procedure bound" (test-assert "maybe value without serialization no procedure bound"
(not (defined? 'serialize-maybe-string))) (not (defined? 'serialize-maybe-string)))
(test-assert "maybe type, no default"
(unspecified?
(config-with-maybe-string/no-serialization-name
(config-with-maybe-string/no-serialization))))
(test-assert "maybe type, with default"
(equal?
"foo"
(config-with-maybe-string/no-serialization-name
(config-with-maybe-string/no-serialization
(name "foo")))))