Due to (now renamed) 'hidden-service' record type not being exported, the only
way Onion services (formely hidden services) could have worked is through the
now deprecated 'tor-hidden-service' procedure.
This commit updates the Tor service documentation, corrects some inconsistently
named accessors in <tor-configuration> record-type, renames and refactors
tor-hidden-service-configuration to tor-onion-service-configuration using
define-configuration and also exports it, allowing Onion services to be
configured directly within a <tor-configuration> record.
Lastly, it also deprecates the 'tor-hidden-service' procedure.
* doc/guix.texi (Networking Services): Substitute mentions of “Hidden services”
with “Onion Services”. Add a Tor Onion service configuration example.
Document <tor-onion-service-configuration>. Remove mention of
'tor-hidden-service' procedure.
* gnu/services/networking.scm: Export tor-configuration-tor,
tor-configuration-config-file, tor-configuration-hidden-services,
tor-configuration-socks-socket-type, tor-configuration-control-socket-path,
tor-onion-service-configuration, tor-onion-service-configuration?,
tor-onion-service-configuration-name, tor-onion-service-configuration-mapping.
(<tor-configuration>)[control-socket?]: Rename accessor.
(<hidden-service>): Replace with …
(<tor-onion-service-configuration>): … this.
(tor-configuration->torrc): Update record-type name.
(tor-activation): Ditto.
(tor-hidden-service-type): Remove variable.
(tor-hidden-service): Deprecate procedure.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Add a new 'proxy' field to openssh-host to allow ProxyCommand or
ProxyJump, but not both, to be configured. Configuring both would cause
the serialization order to determine which one is used. Deprecate the
'proxy-command' field because the 'proxy' field replaces it.
* gnu/home/services/ssh.scm (proxy-jump->string,
proxy-command-or-jump-list?, serialize-proxy-command-or-jump-list,
sanitize-proxy-command): New procedure.
(proxy-jump, proxy-command): New record type.
(openssh-host)[proxy-command]: Mark field as deprecated because OpenSSH
can't have ProxyCommand and ProxyJump configured at the same time.
* doc/guix.texi (Secure Shell): Update to match the changes to the
service.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Rationale: Even though the section 'X.509 Certificates' is part of the
System Configuration chapter, readers might also come here from a
cross-reference when reading about Application Setup on a foreign
distro.
* doc/guix.texi (System Configuration)[X.509 Certificates]: Clarify.
* gnu/home/services/gnupg.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (GNU Privacy Guard): New node.
(Secure Shell): Link to it.
* guix/scripts/environment.scm (show-environment-options-help)
(%options): Add '--nesting'.
(options/resolve-packages): Handle it.
(launch-environment/container): Add #:nesting? and honor it.
[nesting-mappings]: New procedure.
(guix-environment*): Add support for '--nesting'.
* guix/scripts/shell.scm (profile-cached-gc-root): Special-case
'nesting?'.
* tests/guix-environment-container.sh: Test it.
* doc/guix.texi (Invoking guix shell): Document it.
This is to make explicit something which until now had always been implicit.
* doc/contributing.texi (Commit Access): Mention that committers are expected
to employ consensus decision making.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/audio.scm (%mympd-user, %mympd-group)
(mympd-user-sanitizer, mympd-group-sanitizer): New variables.
(mympd-configuration)[user]: Use user-account as value type.
Sanitize via mympd-user-sanitizer.
[group]: Use user-group as value type.
Sanitize via mympd-group-sanitizer.
(mympd-serialize-configuration): Adjust accordingly.
(mympd-accounts): Likewise.
* doc/guix.texi (Audio Services)[myMPD]: Likewise.
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
Deprecate using strings for these fields and prefer user-account
(resp. user-group) instead to avoid duplication within account-service-type.
Fixes#61570 <https://issues.guix.gnu.org/61570>.
* gnu/services/audio.scm (%mpd-user, %mpd-group)
(mpd-serialize-user-account, mpd-serialize-user-group)
(mpd-user-sanitizer, mpd-group-sanitizer): New variables.
(mpd-configuration)[user]: Use user-account as value type.
Sanitize via mpd-user-sanitizer.
[group]: Use user-group as value type.
Sanitize via mpd-group-sanitizer.
(mpd-shepherd-service): Adjust accordingly.
(mpd-accounts): Likewise.
* doc/guix.texi (Audio Services)[Music Player Daemon]: Likewise.
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
This changes the 'custom-serializer' field into a generic
'extra-args' field that can be extended to support new literals.
Within extra-args, the literals 'sanitizer' and 'serializer' allow
for user-defined sanitization and serialization procedures respectively.
The 'empty-serializer' was also added as a literal to be used as before.
To prevent confusion between the new “explicit” style of specifying
a sanitizer, and the old “implicit” style, the latter has been
deprecated, and a warning is issued if it is encountered.
* gnu/services/configuration.scm (define-configuration-helper):
Rename 'custom-serializer' to 'extra-args'. Add support for literals
'sanitizer', 'serializer' and 'empty-serializer'. Rename procedure
'field-sanitizer' to 'default-field-sanitizer' to avoid syntax clash.
Only define default field sanitizers if user-defined ones are absent.
(normalize-extra-args): New variable.
(<configuration-field>)[sanitizer]: New field.
* doc/guix.texi (Complex Configurations): Document the newly added
literals.
* tests/services/configuration.scm: Add tests for the new literals.
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
These variables are necessary for PulseAudio to work properly out-of-the-box
for 'non-interactive' users.
* doc/guix.texi (Audio Services): Update environment-variables field description for
mpd-configuration data type.
* gnu/services/audio.scm (mpd-configuration)[environment-variables]: Set
PULSE_CLIENTCONFIG and PULSE_CONFIG environment variables to the system-wide
PulseAudio configuration.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* doc/guix.texi (Packages with Multiple Outputs): Provide an example of
selecting a package's output in Scheme.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
This was reported by a user in #guix. It's at least necessary for /sys, to
have the /sys/firmware/efivars location available insinde the chroot when
using an UEFI system.
* doc/guix.texi (Chrooting into an existing system): Replace --bind argument
with --rbind
Suggested-by: Josselin Poiret <dev@jpoiret.xyz>
* gnu/home/services/ssh.scm (home-ssh-agent-environment-variables): New
procedure.
(home-ssh-agent-service-type): Use it as ahome-environment-service type
extension.
* doc/guix.texi (Secure Shell): Remove advice about, and examples of setting
SSH_AUTH_SOCK.
Suggested by mirai via IRC, see also
https://issues.guix.gnu.org/60634
* doc/guix.texi (Build Systems) (Secure Shell) (Messaging Home
Services) (Media Home Services): Use @defvar instead of @defvr for Scheme
variables.
This is a followup to 2c2f382e75, which
inadvertently pulled in (shepherd support) on the host side.
* gnu/home/services/ssh.scm (<home-ssh-agent-configuration>)[socket-directory]:
Change value to a gexp.
(home-ssh-agent-services): Change 'socket-file' and 'command' to a
gexp. Add 'modules' field to 'shepherd-service'.
* doc/guix.texi (Secure Shell): Adjust accordingly.
* gnu/home/services/media.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* po/guix/POTFILES.in: Likewise.
* doc/guix.texi (Media Home Services): Document it in new subsection.
* gnu/home/services/messaging.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* po/guix/POTFILES.in: Likewise.
* doc/guix.texi (Messaging Home Services): Document it in new subsection.
* gnu/home/services/ssh.scm: (<home-ssh-agent-configuration>): New type.
(home-ssh-agent-services): New procedure.
(home-ssh-agent-service-type): New variable.
* doc/guix.texi (Secure Shell): Document it.
The primary motivation is to support things like:
guix build guix --with-input=guile=guile-next
without triggering a rebuild of (@@ (gnu packages commencement)
guile-final) and similar things.
It is also consistent with package name resolution on the command line:
a package that cannot be named cannot be replaced.
* guix/packages.scm (package-input-rewriting/spec)[rewrite]: When P is
hidden, return it as-is.
* tests/packages.scm ("package-input-rewriting/spec, hidden package"):
New test.
* doc/guix.texi (Defining Package Variants): Update.
(Package Transformation Options): Update '--with-input' example.
The Name Service Switch service is configured in operating-system.
* doc/guix.texi (Desktop Services): Fix incorrect description for %desktop-services.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>