me
/
guix
Archived
1
0
Fork 0
Commit Graph

70 Commits (832eec2a74c18559e996ffc9dd862cc9d08ea125)

Author SHA1 Message Date
Ludovic Courtès fb61323dba
services: build-vm: Provide only one locale.
* gnu/services/virtualization.scm (%virtual-build-machine-operating-system)
[locale, locale-definitions]: New fields.

Change-Id: Ieb24b3a0c210291d8c04412e4c263b5e377b5704
2024-04-29 22:52:08 +02:00
Ludovic Courtès 9e3061a163
services: virtual-build-machine: Disable substitutes by default.
These are useless when offloading yet were causing problems on systems
where the default substitute servers are unreachable.

* gnu/services/virtualization.scm (%virtual-build-machine-operating-system):
Add ‘use-substitutes?’ field to ‘guix-configuration’.

Change-Id: I7d5e380a6f2e2d537de43fdb3c550958ed4db255
2024-03-06 23:25:51 +01:00
Ludovic Courtès 1cff19d8d4
services: virtual-build-machine: Add ‘configuration’ action.
* gnu/services/virtualization.scm (build-vm-shepherd-services): Add
‘configuration’ action.
* doc/guix.texi (Virtualization Services): Document it.

Change-Id: I4734e096d744b3cda0d523692498a73c0029e188
2024-02-18 15:34:43 +01:00
Ludovic Courtès cd0dc17e43
services: virtual-build-machine: Add periodic GC job.
* gnu/services/virtualization.scm (%virtual-build-machine-operating-system):
Add ‘periodic-gc’ service.

Change-Id: Id5bde1ee3f8e1e549e231375e776d3201ec9e0b5
2024-02-18 15:34:43 +01:00
Ludovic Courtès 492b3a0c31
services: virtual-build-machine: Use a non-volatile root file system.
This is a followup to e0ade40c2b, which
didn’t have the desired effect.

* gnu/services/virtualization.scm (virtual-build-machine-default-image):
Add ‘volatile-root?’ field.

Change-Id: I1a622f22cdd0f8f83860a6eb4a852518db3b46b7
2024-02-18 15:34:43 +01:00
Ludovic Courtès 4aa2dccd4e
services: virtual-build-machine: Do not offload when service is stopped.
* gnu/services/virtualization.scm (check-vm-availability): Check the
value of ‘live-service-running’.

Change-Id: Iba858ea0fa417d9276e026b72b4b78791932482e
2024-02-18 15:34:42 +01:00
Ludovic Courtès e0ade40c2b
services: virtual-build-machine: Use a larger partition by default.
So far the partition had too little free space.

* gnu/services/virtualization.scm (%default-virtual-build-machine-image-size):
New variable.
(virtual-build-machine-default-image): Define ‘partitions’ field.

Change-Id: Iffe0f316eecad8754d29f8c811cdc4836a818a3f
2024-02-12 12:03:52 +01:00
Ludovic Courtès 15fd5d6c3f
services: virtual-build-machine: Add base file systems to default OS.
This provides /dev/pts and other things that are important for
builds (for example, Python 2.x has ‘openpty’ unit tests that can only
succeed when /dev/pts is available.)

* gnu/services/virtualization.scm (%virtual-build-machine-operating-system)
[file-systems]: Add %BASE-FILE-SYSTEMS.

Change-Id: I7d12a4cb491e957bf55e6c5f9dd09c013473ca42
2024-02-12 12:03:52 +01:00
Ludovic Courtès 9edbb2d7a4
services: Add ‘virtual-build-machine’ service.
* gnu/services/virtualization.scm (<virtual-build-machine>): New record type.
(%build-vm-ssh-port, %build-vm-secrets-port, %x86-64-intel-cpu-models):
New variables.
(qemu-cpu-model-for-date, virtual-build-machine-ssh-port)
(virtual-build-machine-secrets-port): New procedures.
(%minimal-vm-syslog-config, %virtual-build-machine-operating-system):
New variables.
(virtual-build-machine-default-image):
(virtual-build-machine-account-name)
(virtual-build-machine-accounts)
(build-vm-shepherd-services)
(initialize-build-vm-substitutes)
(build-vm-activation)
(virtual-build-machine-offloading-ssh-key)
(virtual-build-machine-activation)
(virtual-build-machine-secret-root)
(check-vm-availability)
(build-vm-guix-extension): New procedures.
(initialize-hurd-vm-substitutes): Remove.
(hurd-vm-activation): Rewrite in terms of ‘build-vm-activation’.
* gnu/system/vm.scm (linux-image-startup-command): New procedure.
(operating-system-for-image): Export.
* gnu/tests/virtualization.scm (run-command-over-ssh): New procedure,
extracted from…
(run-childhurd-test): … here.
[test]: Adjust accordingly.
(%build-vm-os): New variable.
(run-build-vm-test): New procedure.
(%test-build-vm): New variable.
* doc/guix.texi (Virtualization Services)[Virtual Build Machines]: New
section.
(Build Environment Setup): Add cross-reference.

Change-Id: I0a47652a583062314020325aedb654f11cb2499c
2024-02-10 23:21:07 +01:00
Ludovic Courtès f331a667d3
services: secret-service: Make the endpoint configurable.
Until now, the secret service had a hard-coded TCP endpoint on port
1004.  This change lets users specify arbitrary socket addresses.

* gnu/build/secret-service.scm (socket-address->string): New procedure,
taken from Shepherd.
(secret-service-send-secrets): Replace ‘port’ by ‘address’ and adjust
accordingly.
(secret-service-receive-secrets): Likewise.
* gnu/services/virtualization.scm (secret-service-shepherd-services):
Likewise.
(secret-service-operating-system): Add optional ‘address’ parameter and
honor it.  Adjust ‘start’ method accordingly.

Change-Id: I87a9514f1c170dca756ce76083d7182c6ebf6578
2024-02-10 22:59:43 +01:00
Ludovic Courtès e863274e67
services: hurd-vm: Leave root password uninitialized when offloading.
Starting with 953c65ffdd, offloading to
the Hurd VM would be enabled by default.  However, ‘root’ had an empty
password so any user on the host could connect to the VM over VNC, log
in as root, and potentially populate the host’s store from there.  This
change fixes that.

* gnu/services/virtualization.scm (operating-system-with-locked-root-account):
New procedure.
(hurd-vm-disk-image)[transform]: Add
‘operating-system-with-locked-root-account’ when offloading.
2023-10-05 23:14:55 +02:00
Ludovic Courtès 953c65ffdd
services: hurd-vm: Implement zero-configuration offloading.
This allows for zero-configuration offloading to a childhurd.

* gnu/services/virtualization.scm (operating-system-with-offloading-account):
New procedure.
(<hurd-vm-configuration>)[offloading?]: New field.
(hurd-vm-disk-image): Define ‘transform’ and use it.
(hurd-vm-activation): Generate SSH key for user ‘offloading’ and add
authorize it via /etc/childhurd/etc/ssh/authorized_keys.d.
(hurd-vm-configuration-offloading-ssh-key)
(hurd-vm-guix-extension): New procedures.
(hurd-vm-service-type): Add GUIX-SERVICE-TYPE extension.
* gnu/tests/virtualization.scm (run-childhurd-test)[import-module?]: New
procedure.
[os]: Add (gnu build install) and its closure to #:import-modules.
[test]: Add “copy-on-write store” and “offloading” tests.
* doc/guix.texi (Virtualization Services): Document it.
2023-10-01 22:58:20 +02:00
Ludovic Courtès c3a19cc2ac
services: hurd-vm: Disable password-based authentication for root.
With offloading to a childhurd is enabled, allowing password-less root
login in the childhurd to anyone amounts to providing write access to
the host’s store to anyone.  Thus, disable password-based root logins in
the childhurd.

* gnu/services/virtualization.scm (%hurd-vm-operating-system): Change
‘permit-root-login’ to 'prohibit-password.
* gnu/tests/virtualization.scm (%childhurd-os): Provide a custom ‘os’
field for ‘hurd-vm-configuration’.
* doc/guix.texi (Virtualization Services): Remove mention of
password-less root login.
2023-10-01 22:58:20 +02:00
Ludovic Courtès bab6434f58
services: hurd-vm: ‘image’ field has to be an <image> record.
* gnu/services/virtualization.scm (<hurd-vm-configuration>)[image]:
Document as being an <image> record.
(hurd-vm-disk-image): Remove call to ‘system-image’.
(hurd-vm-shepherd-service): Add call to ‘system-image’.
* gnu/tests/virtualization.scm (hurd-vm-disk-image-raw): Remove call to
‘system-image’.
* doc/guix.texi (Virtualization Services): Adjust accordingly.
2023-10-01 22:58:19 +02:00
Ludovic Courtès 416933cde5
services: childhurd: Authorize the childhurd’s key on the host.
This partly automates setting up a childhurd for offloading purposes.

* gnu/services/virtualization.scm (authorize-guest-substitutes-on-host):
New procedure.
(hurd-vm-activation): Use it.
2023-10-01 22:58:19 +02:00
Ludovic Courtès 81d46ef989
services: hurd-vm: Use the default SSH port number.
* gnu/services/virtualization.scm (%hurd-vm-operating-system): Remove
‘port-number’ from ‘openssh-configuration’.
(hurd-vm-net-options): Change 2222 to 22 in port forwarding.
2023-10-01 22:58:19 +02:00
Ludovic Courtès 5e0ae26846
services: hurd-vm: Use ‘qemu-system-x86_64’.
Fixes <https://issues.guix.gnu.org/66053>.

* gnu/services/virtualization.scm (hurd-vm-shepherd-service)[vm-command]:
Use ‘qemu-system-x86_64’.
2023-09-18 23:14:00 +02:00
Janneke Nieuwenhuizen 09657f3ee7
services: childhurd: Bump default qemu memory to 2048MB.
When booting with pci-arbiter and rumpdisk and using 1024MB of memory for
qemu, booting hangs, or seems to hang, at the end of the rumpdisk boot
messages.  At least 1200MB is required, currently.

* gnu/services/virtualization.scm (<hurd-vm-configuration>)[memory-size]: Bump
to 2048.
* gnu/system/examples/bare-hurd.tmpl: Suggest using 2048 here too.  Update
example `guix system image' and "qemu" command lines too.

Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
2023-07-13 18:59:02 +02:00
Josselin Poiret 612399df3e
services: libvirt: Add requirement on dbus.
* gnu/services/virtualization.scm (libvirt-shepherd-service): Add requirement
on dbus.
2023-07-07 21:14:10 +02:00
Ludovic Courtès c27479a739
services: qemu-guest-agent: Add dependency on udev.
Fixes <https://issues.guix.gnu.org/64057>.

* gnu/services/virtualization.scm (qemu-guest-agent-shepherd-service):
Add 'requirement' field.

Reported-by: Yann Dupont <yann.dupont@univ-nantes.fr>
2023-06-16 00:14:52 +02:00
Efraim Flashner c1ffe2f21b
service: qemu-binfmt: Remove broken qemu targets.
* gnu/services.virtualization.scm (%qemu-platforms): Remove %i486,
%aarch64be.
2023-05-09 17:27:49 +03:00
Efraim Flashner 0584f5b489
services: qemu-binfmt: Add more targets.
* gnu/services/virtualization.scm (%i486, %sparc64, %aarch64be, %xtensa,
%xtensaeb, %microblaze, %microblazeel, %or1k, %hexagon, %loongson64):
New variables.
(%armeb): Correct family field.
(%qemu-platforms): Add them.
2023-05-04 22:28:56 +03:00
Leo Nikkilä d072bcebbf
gnu: Fix copyright line.
This is a follow-up to commit 9ad311ec15.

* gnu/packages/virtualization.scm: Remove copyright line.
* gnu/services/virtualization.scm: Add copyright line.

Signed-off-by: Christopher Baines <mail@cbaines.net>
2022-11-20 12:00:04 +00:00
Leo Nikkilä 9ad311ec15
services: qemu-binfmt: Add x86_64 QEMU target.
* gnu/services/virtualization.scm (%x86_64): New variable.
(%qemu-platforms) Add it.

Signed-off-by: Christopher Baines <mail@cbaines.net>
2022-11-07 20:51:25 +01:00
Ludovic Courtès 32583c8c20
services: secret-service: Inherit from the original 'guix-configuration'.
Reported by zamfofex.

Regression introduced in 2bac6ea177.

* gnu/services/virtualization.scm (secret-service-operating-system):
Add 'inherit' keyword for 'guix-configuration'.
2022-09-13 00:31:04 +02:00
Oleg Pykhalov 8eeadc8cb8
services: libvirt: Fix listen TCP.
* gnu/services/virtualization.scm (libvirt-shepherd-service): Add '--listen'
argument if 'listen-tcp?' is true.
2022-09-09 23:50:55 +03:00
Timotej Lazar ee199cd3ba
services: qemu-guest-agent: Fix arguments to qemu-ga.
Fix the check for empty device path. Do not use --daemonize, since that is
handled by make-forkexec-constructor. Drop the --pidfile option which is
unused without --daemonize.

* gnu/services/virtualization.scm (qemu-guest-agent-shepherd-service): Modify
command arguments.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-08-09 17:15:40 +02:00
Ludovic Courtès 9d7248cd87
services: Add missing 'description' fields.
* gnu/services/databases.scm (postgresql-service-type)[description]: New field.
(memcached-service-type)[description]: New field.
(mysql-service-type)[description]: New field.
(redis-service-type)[description]: New field.
* gnu/services/desktop.scm (geoclue-service-type)[description]: New
field.
(udisks-service-type)[description]: New field.
(elogind-service-type)[description]: New field.
(account-service-type)[description]: New field.
* gnu/services/kerberos.scm (krb5-service-type)[description]: New field.
(pam-krb5-service-type)[description]: New field.
* gnu/services/lirc.scm (lirc-service-type)[description]: New field.
* gnu/services/mail.scm (dovecot-service-type)[description]: New field.
(opensmtpd-service-type)[description]: New field.
(mail-aliases-service-type)[description]: New field.
(exim-service-type)[description]: New field.
* gnu/services/monitoring.scm (zabbix-server-service-type)[description]:
New field.
(zabbix-agent-service-type)[description]: New field.
* gnu/services/nfs.scm (rpcbind-service-type)[description]: New field.
(pipefs-service-type)[description]: New field.
(gss-service-type)[description]: New field.
(idmap-service-type)[description]: New field.
* gnu/services/spice.scm (spice-vdagent-service-type)[description]: New field.
* gnu/services/sysctl.scm (sysctl-service-type)[description]: New field.
* gnu/services/virtualization.scm (libvirt-service-type)[description]:
New field.
(virtlog-service-type)[description]: New field.
* gnu/services/vpn.scm (openvpn-server-service-type)[description]: New field.
(openvpn-client-service-type)[description]: New field.
(wireguard-service-type)[description]: New field.
* gnu/services/web.scm (httpd-service-type)[description]: New field.
(fcgiwrap-service-type)[description]: New field.
(agate-service-type)[description]: New field.
[name]: Fix.
2022-04-29 18:07:16 +02:00
Ludovic Courtès 2bac6ea177
services: secret-service: Do not generate SSH and Guix key pairs.
The justification about the order of activation snippets given in the
comment had been obsolete since
39e3b4b7ce.

Lately, running the activation snippets for "ssh-keygen -A" and "guix
archive --generate-key" would take a little bit too long, thereby
preventing the childhurd from starting on time.

* gnu/services/virtualization.scm (secret-service-operating-system):
Clear 'generate-host-keys?' and 'generate-substitute-key?'.
2022-03-10 23:46:51 +01:00
Ludovic Courtès 01821914e2
services: qemu-guest-agent: Fix implementation.
Previously, by accessing the raw <qemu-guest-agent-configuration>
fields, 'qemu' would match the first field, which is the '%location'
field, not the 'qemu' field.

It would seem this bug has always been present since the addition of the
'location' field in d132d9f96b predates
the addition of 'qemu-guest-agent-service-type' in
f634a0baab.

Fixes <https://issues.guix.gnu.org/54041>.
Reported by Ricardo Wurmus <rekado@elephly.net>.

* gnu/services/virtualization.scm (qemu-guest-agent-shepherd-service):
Use accessors for <qemu-guest-agent-configuration>.
2022-02-18 14:14:39 +01:00
Ludovic Courtès 39e3b4b7ce
services: secret-service: Turn into a Shepherd service.
* gnu/services/virtualization.scm (secret-service-activation): Remove.
(secret-service-shepherd-services): New procedure.
(secret-service-type)[extensions]: Remove ACTIVATION-SERVICE-TYPE
extension.  Add SHEPHERD-ROOT-SERVICE-TYPE and
USER-PROCESSES-SERVICE-TYPE extensions.
* gnu/build/secret-service.scm (delete-file*): New procedure.
(secret-service-receive-secrets): Use it.
2021-12-12 23:20:49 +01:00
Tobias Geerinckx-Rice 892f1b7273
services: Accept <inferior-package>s in lieu of <package>s.
* gnu/services/authentication.scm (fprintd-configuration)
(nslcd-configuration): Substitute file-like objects for package ones.
* gnu/services/cgit.scm (cgit-configuration, opaque-cgit-configuration):
Likewise.
* gnu/services/cups.scm (package-list?, cups-configuration): Likewise.
* gnu/services/dns.scm (verify-knot-configuration)
(ddclient-configuration): Likewise.
* gnu/services/docker.scm (docker-configuration): Likewise.
* gnu/services/file-sharing.scm (transmission-daemon-configuration): Likewise.
* gnu/services/getmail.scm (getmail-configuration): Likewise.
* gnu/services/mail.scm (dovecot-configuration)
(opaque-dovecot-configuration): Likewise.
* gnu/services/messaging.scm (prosody-configuration)
(opaque-prosody-configuration): Likewise.
* gnu/services/monitoring.scm (zabbix-server-configuration)
(zabbix-agent-configuration): Likewise.
* gnu/services/networking.scm (opendht-configuration): Likewise.
* gnu/services/pm.scm (tlp-configuration): Likewise.
* gnu/services/telephony.scm (jami-configuration): Likewise.
* gnu/services/virtualization.scm (libvirt-configuration)
(qemu-guest-agent-configuration): Likewise.
* gnu/services/vpn.scm (openvpn-client-configuration): Likewise.
2021-11-30 01:08:55 +01:00
Timotej Lazar f634a0baab
services: Add qemu-guest-agent service.
* gnu/services/virtualization.scm (<qemu-guest-agent-configuration>): New
record.
(qemu-guest-agent-shepherd-service): New procedure.
(qemu-guest-agent-service-type): New variable.
* doc/guix.texi (Virtualization Services): Document it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-11-12 23:41:44 +01:00
Brice Waegeneire 4dc17cd54e
services: libvirt: Change unix-sock-group default.
When accessing libvrtd remotely, polkit can't be used unless you are
logged as root.  Instead allow libvirt groups member access to the
control socket.

* gnu/services/virtualization.scm (libvirt-configuration)
[unix-sock-group]: Change default from "root" to "libvirt".
2021-09-04 09:19:46 +02:00
Brice Waegeneire d0fcce8baf
services: libvirt: Add qemu field.
* gnu/services/virtualization.scm (libvirt-configuration): Add 'qemu'
field.
(libvirt-service-type): Replace 'qemu' package with the one specified in
the service configuration.
2021-09-04 09:19:42 +02:00
Ludovic Courtès 1037211d1b
services: hurd-vm: Use the new 'targets' field of <bootloader-configuration>.
* gnu/services/virtualization.scm (%hurd-vm-operating-system): Use
'targets' instead of 'target' for the 'bootloader-configuration' field.
2021-08-30 14:24:14 +02:00
Efraim Flashner 9734da36f2
services: Remove i486 qemu target.
The i486 target has been removed from qemu since at least 5.2.0.

* gnu/services/virtualization.scm (%i486): Remove variable.
(%qemu-platforms): Remove it.
2021-08-29 09:50:11 +03:00
Ludovic Courtès 2ea2bca1dd
services: qemu-binfmt: Preserve argv[0] by default.
Previously, argv[0] would be replaced by the absolute file name of the
executable.  This could cause discrepancies, for example in the
Coreutils test suite: <https://issues.guix.gnu.org/49485>.

* gnu/services/virtualization.scm (<qemu-platform>)[flags]: Default to "FP".
2021-07-10 00:24:59 +02:00
Maxim Cournoyer 77c2f4e206
services/qemu-binfmt: Use the F flag and the static output of QEMU.
Fixes <https://issues.guix.gnu.org/36117>.

Before this change, the 'binfmt_misc' entries registered for QEMU would not be
usable in container contexts outside of guix-daemon (without manually bind
mounting file names).

For example:

$ docker run --rm arm32v7/debian true
standard_init_linux.go:207: exec user process caused "no such file or directory"

After this change, any container can make use of the QEMU binfmt_misc
registrations, as their corresponding QEMU static binaries are fully
pre-loaded by the kernel.

* gnu/services/virtualization.scm (<qemu-platform>): Define using
'define-record-type*'.
[flags]: New field, which defaults to "F" (fix binary).
(%i386, %i486, %alpha, %arm, %armeb, %sparc, %sparc32plus, %ppc, %ppc64)
(%ppc64le, %m68k, %mips, %mipsel, %mipsn32, %mipsn32el, %mips64, %mips64el)
(%riscv32, %riscv64, %sh4, %sh4eb, %s390x, %aarch64, %hppa): Adjust.
(qemu-binfmt-guix-chroot): Remove variable.
(qemu-binfmt-service-type): Remove the qemu-binfmt-guix-chroot extension.
* gnu/services/qemu-binfmt (qemu-platform->binfmt):  Use the static output of
QEMU.
* doc/contributing.texi (Submitting Patches): Update doc.
* doc/guix.texi (Virtualization Services): Update doc.
2021-03-15 18:00:35 -04:00
Stefan d4f5ea502d
services: qemu-binfmt: 'guix-support?' defaults to #t.
* gnu/services/virtualization.scm (qemu-binfmt-service-type)[guix-support?]:
Change the default from #f to #t.
* doc/guix.texi (Transparent Emulation with QEMU): Change the default of
‘guix-support?’ from #f to #t.  Describe the implication of setting it to #f.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2021-01-16 22:38:17 +01:00
Jan (janneke) Nieuwenhuizen 5b785b2a62
services: hurd-vm: Respect hurd-vm-configuration's disk-size.
This is a follow-up to commit 859b362f81.

* gnu/services/virtualization.scm (hurd-vm-disk-image): Use diks-size from
config to set image's size.
2021-01-14 20:18:09 +01:00
Ludovic Courtès 859b362f81
services: hurd-vm: Avoid circular dependency with (gnu system images hurd).
* gnu/services/virtualization.scm (hurd-vm-disk-image): Use
'lookup-image-type-by-name' instead of referring to 'hurd-disk-image'
from (gnu system images hurd).
2020-12-07 12:48:26 +01:00
Ludovic Courtès 3b6e4e5fd0
services: guix: Make /etc/guix/acl really declarative by default.
Fixes <https://bugs.gnu.org/39819>.
Reported by Maxim Cournoyer <maxim.cournoyer@gmail.com>.

* gnu/services/base.scm (substitute-key-authorization): Symlink
DEFAULT-ACL to /etc/guix/acl unconditionally.  Add code to optionally
back up /etc/guix/acl if it was possibly modified by hand.
* doc/guix.texi (Base Services): Clarify the effect of setting
'authorize-keys?' to true.  Mention the backup.  Give an example showing
how to authorize substitutes from another server.
2020-10-25 01:06:10 +02:00
Ludovic Courtès cf197bff6a
services: hurd-vm: Add 'gdb-minimal' to the default OS.
* gnu/services/virtualization.scm (%hurd-vm-operating-system)[packages]:
New field.
2020-10-09 23:59:14 +02:00
Jan (janneke) Nieuwenhuizen 04a459a069
services: hurd-vm: Add childhurd user to kvm group.
This is a follow-up to commit d692ebf980.

* gnu/services/virtualization.scm (%hurd-vm-accounts)[supplementary-groups]:
Add ’kvm’.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service): Use #:group
"kvm"
2020-09-30 12:30:28 +02:00
Mathieu Othacehe 2f1f7b6667
services: virtualization: Use a compressed qcow2 hurd disk-image.
* gnu/services/virtualization.scm (hurd-vm-disk-image): Use 'compressed-qcow2
format.
2020-09-30 10:47:58 +02:00
Ludovic Courtès 59261a22f9
services: secret-service: Add initial client/server handshake.
This allows the client running on the host to know when it's actually
connect to the server running in the guest.  Failing that, the client
would connect right away to QEMU and send secrets even though the server
is not running yet in the guest, which is unreliable.

* gnu/build/secret-service.scm (secret-service-send-secrets): Add
 #:handshake-timeout.  Read from SOCK an initial message from the
server.  Return #f on error.
(secret-service-receive-secrets): Send 'secret-service-server' message
to the client.  Close SOCK upon timeout.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service): 'start'
method returns #f when 'secret-service-send-secrets' returns #f.
2020-09-29 21:56:27 +02:00
Ludovic Courtès e352706ad3
services: secret-service: Move instance last in the list of services.
* gnu/services/virtualization.scm (secret-service-operating-system): Add
the SECRET-SERVICE-TYPE instance to the end of the list.
2020-09-29 21:56:27 +02:00
Ludovic Courtès 1edb7c7eec
services: hurd-vm: Pass "-no-reboot" when spawning the Hurd VM.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service)[vm-command]:
Add "--no-reboot".
2020-09-29 21:56:27 +02:00
Ludovic Courtès 37283f9f3e
services: hurd-vm: Initialize the guest's SSH/Guix keys at activation time.
* gnu/services/virtualization.scm (initialize-hurd-vm-substitutes)
(hurd-vm-activation): New procedures.
(hurd-vm-service-type)[extensions]: Add ACTIVATION-SERVICE-TYPE
extension.
* doc/guix.texi (Transparent Emulation with QEMU): Mention GNU/Hurd.
(The Hurd in a Virtual Machine): Explain which files are automatically
installed and mention offloading.
2020-09-29 21:56:27 +02:00