This is so that the options supported by the service configuration don't have
to always be changed. Generally though all options should be explicitly
supported and documented, so this is mostly to facilitate experimentation.
* gnu/services/cuirass.scm (<cuirass-configuration>): Add an extra-options
field.
(cuirass-shepherd-service): Pass the extra options to the shepherd servvices.
* doc/guix.texi (Continuous Integration): Document it.
This is so that the options supported by the service configuration don't have
to always be changed. Generally though all options should be explicitly
supported and documented, so this is mostly to facilitate experimentation.
* gnu/services/guix.scm (<guix-data-service-configuration>): Add extra-options
and extra-process-jobs-options to the record type.
(guix-data-service-shepherd-services): Handle these new configuration record
fields.
* doc/guix.texi (Guix Data Service): Document these new options.
* gnu/services/certbot.scm (certbot-configuration): Add server option.
(certbot-command): Use server option.
(certbot-actication): Use server option.
(certbot-nginx-server-configurations): Use server option.
* doc/guix.texi (Certificate Services): Document server option.
Co-authored-by: Tobias Geerinckx-Rice <me@tobias.gr>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://bugs.gnu.org/39708>.
Shepherd doesn't keep track of processes that fork themselves and would
disable the process after restarting it a couple times.
* gnu/services/nfs.scm (nfs-shepherd-services): Invoke rpc.mountd with the
'--foreground' option.
Discussed at <https://bugs.gnu.org/39926>.
* gnu/packages/linux.scm (eudev/btrfs-fix): New variable.
* gnu/services/base.scm (<udev-configuration>)[udev]: Default to it.
(udev-service): Likewise for #:udev.
Fixes <https://bugs.gnu.org/39671>.
* gnu/services/base.scm (udev-shepherd-service)[start] Move or copy
environment variables to 'fork+exec-command' instead of 'setenv'.
Previously, services spawned with 'make-forkexec-constructor' &
co. would all inherit the environment variables of PID 1, which includes
things like 'BOOT_IMAGE'. This change resets it to the bare minimum.
* gnu/services/shepherd.scm (shepherd-configuration-file): Add call to
'default-environment-variables'. Remove 'setenv' call.
Fixes <https://bugs.gnu.org/39402>.
Reported by shtwzrd <shtwzrd@protonmail.com>.
* gnu/services/xorg.scm (xorg-configuration):
Apply a filter over %default-xorg-modules packages, excluding
those for which the %current-system is not among the package's
supported-systems.
This patch makes it possible to use xorg-configuration on systems
other than x86_64 and i686, as without it, xf86-video-intel would
be pulled in on the unsupported architecture and fail.
Signed-off-by: Jakub Kądziołka <kuba@kadziolka.net>
* gnu/services/linux.scm: New file.
* tests/services/linux.scm: Add test.
* Makefile.am (SCM_TESTS): Register test.
* doc/guix.texi (Linux Services): Add a new section and document the new
service and its configuration.
This follows up on commit 0d48690908.
* gnu/services/mail.scm (%default-opensmtpd-config-file): Adapt to ‘new’
≥6.4 grammar.
* gnu/tests/mail.scm (%opensmtpd-os): Likewise.
Change the message-log-syslog and message-log-verbose configuration values to
match the Getmail defaults.
* gnu/services/getmail.scm (getmail-options-configuration): Change defaults
for message-log-syslog and message-log-verbose
* doc/guix.texi (Mail Services): Update the Getmail documentation accordingly.
* gnu/services/getmail.scm (getmail-retriever-configuration): Specify proper
documentation strings for some of the fields.
* doc/guix.texi (Mail Services): Update the documentation accordingly.
* gnu/services/sound.scm (ladspa-configuration): New record.
(ladspa-environment): New procedure.
(ladspa-service-type): New service type.
(pulseaudio-environment): Remove LADSPA_PATH.
* doc/guix.texi: Adjust documentation.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
* gnu/services/sound (pulseaudio-configuration) [daemon-conf]: Disable
flat-volumes, which causes unpleasant experiences to users when applications
inadvertently max out the system volume (e.g. as in #38172).
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
* gnu/services/sound (<pulseaudio-configuration>): New record.
(pulseaudio-etc): New procedure.
(pulseaudio-environment): Add PULSE_CONFIG and PULSE_CLIENTCONFIG.
(pulseaudio-service-type): Update accordingly.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
* gnu/services/nfs.scm (<idmap-configuration>)[verbosity]: New field.
(idmap-configuration-verbosity): New procedure.
(idmap-service-type): Use it.
* doc/guix.texi (Network File System): Document it.
* gnu/services/nfs.scm (<gss-configuration>, <idmap-configuration>): Fix
indentation.
(<idmap-configuration>): Rename accessor for NFS-UTILS field to
IDMAP-CONFIGURATION-NFS-UTILS.
(idmap-service-type): Use IDMAP-CONFIGURATION-NFS-UTILS.
* gnu/services/sound.scm (pulseaudio-environment): New procedure.
(pulseaudio-service-type): New variable.
* doc/guix.texi (Sound Services): Document it.
In Guile < 2.9.7, autoloading a module would give you access to all its
bindings. In future versions, autoloading a module gives access only to
the listed bindings, as per #:select (see <https://bugs.gnu.org/38895>).
This commit adjusts autoloads to the new semantics, allowing Guix to be
built with Guile 2.9.7/2.9.8.
* guix/build/download.scm <top level>: Remove call to 'module-autoload!'.
(load-gnutls): New procedure.
(tls-wrap): Call it.
* guix/git.scm <top level>: Remove call to 'module-autoload!'.
(load-git-submodules): New procedure.
(update-submodules): Call it instead of 'resolve-interface'.
* gnu/bootloader/grub.scm: Replace #:autoload with #:use-module.
* gnu/packages.scm: Likewise.
* gnu/packages/ssh.scm: Likewise.
* gnu/packages/tex.scm: Likewise.
* gnu/services/cuirass.scm: Likewise.
* gnu/services/mcron.scm: Likewise.
* guix/lint.scm: Augment list of bindings in #:autoload.
* guix/scripts/build.scm: Likewise.
* guix/scripts/gc.scm: Likewise.
* guix/scripts/pack.scm: Likewise.
* guix/scripts/publish.scm: Likewise.
* guix/scripts/pull.scm: Likewise.
* guix/utils.scm: Remove unnecessary #:autoload clauses; replace one
of them with #:use-module.
This solution was kindly provided by Bernard M. Wiedemann.
* gnu/services/base.scm (console-font-service-type): Add ter132n (terminus 132
nomal) font example, for HDPI displays.
* doc/guix.texi (Invoking guix system): Update to `guix system search console'
example output.
* gnu/services/web.scm (%mumi-activation, %mumi-accounts): New variables.
(mumi-shepherd-services): New procedure.
(mumi-service-type): New variable.
* doc/guix.texi (Web Services): Document it.
* gnu/services/desktop.scm: (<gnome-keyring-configuration>): New record type.
(pam-gnome-keyring): New procedure.
(gnome-keyring-service-type): New variable.
* doc/guix.texi (Desktop Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/pam-mount.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (PAM Mount Service): New subsection.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/sysctl.scm (sysctl-shepherd-service): Adjust shepherd
service to use the 'one-shot?' keyword. Remove 'stop' command. Remove
'respawn' option.
* gnu/services/networking.scm (pagekite-service-type): New service type.
(<pagekite-configuration>): New record type.
(pagekite-shepherd-service): New procedure.
* doc/guix.texi (Networking Services): Document it.
* gnu/services/dns.scm (<knot-resolver-configuration>): New record type.
(knot-resolver-activation, knot-resolver-shpherd-services): New procedures.
(%knot-resolver-accounts, %kresd.conf, knot-resolver-service-type): New
variables.
* doc/guix.texi (DNS Services): Document it.
* gnu/services/web.scm (<nginx-configuration>): Add modules field.
(nginx-configuration-modules): New field accessor.
(emit-load-module): New procedure.
(default-nginx-config): Add support for the modules field.
* doc/guix.texi (NGINX): Document it.
* gnu/services/virtualization.scm (libvirt-shepherd-service): Add sbin to
the PATH variable, as ip binary is installed there.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This typically halves the number of entries in
/etc/dbus-1/system-local.conf.
* gnu/services/dbus.scm (dbus-configuration-directory)[build](directives):
New macro.
(services->sxml): Use it.
Fixes <https://bugs.gnu.org/37911>.
Reported by Jack Hill <jackhill@jackhill.us>.
Sometime between 1.1.8 and 1.4.3, 'colord' moved had its
'org.freedesktop.ColorManager.conf' file moved from
"etc/dbus-1/system.d" to "share/dbus-1/system.d". Adjust to this
change.
* gnu/services/dbus.scm (dbus-configuration-directory): Add an
'includedir' directive for DIR/share/dbus-1/system.d.
Fixes issue #37504 (see: https://bugs.gnu.org/37504).
The bug was caused by the fact that destructuring an <ntp-configuration>
record using match would bind the 'servers' field without using the
compatibility accessor.
* gnu/services/networking.scm (ntp-shepherd-service): Replace `match-lambda'
by distinct `lambda' and `match' calls, so that the 'servers' field can be
generated by applying the `ntp-configuration-servers' procedure to the
configuration object.
* gnu/services/networking.scm (ntp-server->string): Use the textual
representation of the values as printed by 'display' rather than 'write', to
avoid inserting double quotes in the generated config.
* tests/networking.scm (%ntp-server-sample): Add a comment and make one of the
options a string, to exercise the fix.
("ntp-server->string"): Move the expected value to the first argument.
("ntp configuration servers deprecated form"): Likewise.
("openntpd generated config string ends with a newline"): Likewise.
* gnu/services/audio.scm (<mpd-output>): New record type.
(<mpd-configuration>)[outputs]: New field.
(mpd-output, mpd-output?, mpd-output->string): New procedures.
(mpd-config->file): Use mpd-output->string.
* doc/guix.texi (Audio Services): Document mpd-output fields.
This is a followup to commit 62c2217570.
* gnu/services/base.scm (agetty-shepherd-service)[start]: Wrap un
'with-imported-modules'. This fixes a build error when TTY is true
("no code for module (gnu build linux-boot)").
Unlike gdm-service-type, sddm-service-type cannot be configured in an
operating-system configuration by simply adding (service
sddm-service-type). This adds the default SDDM configuration just like
GDM does..
* gnu/services/sddm.scm (sddm-service-type)[default-value]: New field.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/desktop.scm (xfce-desktop-service-type): Add
xfce4-power-manager to polkit-service-type service extension via
new procedure 'xfce-polkit-settings'.
Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
Previously, on startup, we'd see:
dbus: Unknown username nm-openconnect in message bus configuration file
This fixes it.
* gnu/services/networking.scm (network-manager-accounts): New procedure.
(network-manager-service-type): Extend 'account-service-type'.
* gnu/packages/gnome.scm (network-manager-openconnect)[properties]: Add
'user-accounts'.
This reduces resident memory for PID 1 from 29.8MiB to 28.7MiB right
after boot on a bare-bones system (x86_64-linux).
* gnu/services/shepherd.scm (scm->go): New procedure.
(shepherd-configuration-file)[config]: Call it and use 'load-compiled'
instead of 'primitive-load'.
Partly fixes <https://bugs.gnu.org/37501>.
Reported by Marius Bakke <mbakke@fastmail.com>.
* gnu/services/base.scm (urandom-seed-shepherd-service): In 'start'
method, add calls to 'add-to-entropy-count'.
* gnu/services/base.scm (pam-limits-service-type): For "gdm-password" pam
service, include "limits.conf".
Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
* gnu/services/guix.scm: New file.
* gnu/tests/guix.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add both new files.
* doc/guix.texi (Guix Services): New section documenting the Guix Data
Service.
As defaulting by stderr, along with the shepherd service not directing the
output to a log file makes seeing the output difficult, compared to logging to
syslog.
* gnu/services/virtualization.scm (libvirt-configuration)[log-outputs]: Change
default from "3:stderr" to "3:syslog:libvirtd".
Fixes <https://bugs.gnu.org/37423>.
Reported by Jan <tona_kosmicznego_smiecia@interia.pl>.
* gnu/services/xorg.scm (%gdm-activation): New variable.
(gdm-service-type)[extensions]: Add 'activation-service-type'.
* gnu/services/networking.scm (%default-nftables-ruleset): New variable.
(<nftables-configuration>): New record type.
(nftables-shepherd-service): New procedure.
(nftables-service-type): New service type.
* doc/guix.texi (Networking Services): Document it.
* gnu/services/certbot.scm (certbot-command): Add
--manual-public-ip-logging-ok flag to the certbot command when doing a
manual challenge.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This is a followup to ef640db2f5.
* gnu/services/virtualization.scm (libvirt-shepherd-service): Set
'#:environment-variables' for 'make-forkexec-constructor'.
This reverts commit 903e051a71 to fix
<https://bugs.gnu.org/31365>. The full path of the 'ip' command is already
embedded, and we want to search 'qemu' in PATH.
* gnu/packages/virtualization.scm (libvirt): Remove 'wrap-libvirtd phase. Add
configure flags to run qemu as 'nobody:kvm'.
* gnu/services/virtualization.scm (libvirt-service-type): Add 'qemu' to the
system profile.
This fixes issue #37318 (see: http://bugs.gnu.org/37318).
* gnu/services/networking.scm (openntpd-configuration->string): Rewrite in
order to make the "openntpd configuration generation sanity check" test pass.
See http://debbugs.gnu.org/cgi/bugreport.cgi?bug=37318.
* gnu/services/networking.scm (openntpd-configuration->string): New procedure,
extracted from top of the `openntpd-shepherd-service' to make it testable.
(openntpd-shepherd-service): Adapt following the move of the code to the above
procedure.
* tests/networking.scm: Add a test for the `openntpd-configuration->string'
procedure.
* gnu/services/networking.scm (ntp-server-types): New enum.
(<ntp-server>): New record type.
(ntp-server->string): New procedure.
(%ntp-servers): Define in terms of <htp-server> records. Use the first
entrypoint server as a pool instead of a list of static servers. This is more
resilient since a new server of the pool can be interrogated on every
request. Add the 'iburst' options.
(ntp-configuration-servers): Define a custom accessor that warns but honors
the now deprecated server format.
(<ntp-configuration>): Use it.
(%openntpd-servers): New variable,
(<openntpd-configuration>): Use it, as a pool ('servers' field) instead of a
regular server.
* tests/networking.scm: New file.
* Makefile.am (SCM_TESTS): Register it.
* doc/guix.texi: Update documentation.
Otherwise the following messages would be printed by ntpd:
Sep 2 05:18:21 localhost ntpd[15849]: restrict default: KOD does nothing without LIMITE.
Sep 2 05:18:21 localhost ntpd[15849]: restrict ::: KOD does nothing without LIMITED.
Debian uses the same set of "restrict" keywords (see:
https://sources.debian.org/src/ntp/1:4.2.8p13+dfsg-2/debian/ntp.conf).
* gnu/services/networking.scm (ntp-shepherd-service): Add the 'limited'
keyword to both the IPv4 and IPv6 'restrict' directives.
This is documented as best practice in `man ntpd', and is required to allow
the date to be set correctly when traveling (without having to manually update
the hardware clock in the BIOS/UEFI).
* gnu/services/networking.scm (<ntp-server>)[allow-large-adjustment?]: Set the
default value to #t.
* doc/guix.texi (Networking Services): Update documentation.
This reverts commit 3b38bf141a.
The Guix project discussed this years ago and decided against including
/usr/bin/env. That decision should not be reversed without a wider
discussion.
* gnu/services/cups.scm (error-policy, cups-configuration): Substitute
RETRY-CURRENT-JOB for the obsolete RETRY-THIS-JOB name of this policy.
* doc/guix.texi (Printing Services): Likewise.
* gnu/services/cups.scm (comma-separated-string-list?)
(serialize-comma-separated-string-list): New variables.
(cups-configuration)[browse-dns-sd-sub-types]: New field.
* doc/guix.texi (Printing Services): Document it.
* gnu/services/cuirass.scm (<cuirass-configuration>): Add web-log-file field.
(cuirass-shepherd-service): Read it and use it.
* doc/guix.texi (Continuous Integration): Document it.
…except for ‘AllowDH’, which makes no sense on GNU TLS systems.
* gnu/services/cups.scm (ssl-options?): Validate ‘DenyCBC’ and
‘DenyTLS1.0’.
* doc/guix.texi (Printing Services): Document them both.
Extends the dbus service when vpn plugins are enabled.
* gnu/services/networking.scm (network-manager-service-type): Load vpn plugins
when extending dbus service.
This changes to 'peer' authentication for local socket connections,
and password-based authentication for local network connections.
* gnu/services/databases.scm (%default-postgres-hba): Change
authentication method.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/networking.scm (%network-manager-activation): Rename to...
(network-manager-activation): ... this and make it a procedure. Make it
create '/var/lib/misc' when using dnsmasq.
(network-manager-service-type): Use it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/networking.scm (usb-modeswitch-service-type): New variable.
(usb-modeswitch-configuration): New variable.
(usb-modeswitch-sh): New procedure.
(usb-modeswitch-configuration->udev-rules): New procedure.
* doc/guix.texi (Networking Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://bugs.gnu.org/36207>.
Reported by Jack Hill <jackhill@jackhill.us>.
* gnu/services/admin.scm: Remove unneeded import of (gnu services
base).
* gnu/services/mcron.scm: Likewise.
This makes it easier to read the output, as it's recorded in a file.
* gnu/services/base.scm (guix-publish-shepherd-service): Add #:log-file to
make-forkexec-constructor.
* gnu/packages/linux.scm (singularity)[source](snippet): Change file
name of setuid helpers in libexec/cli/*.exec.
[arguments]: Remove "--disable-suid".
* gnu/services/docker.scm (%singularity-activation): New variable.
(singularity-setuid-programs): New procedure.
(singularity-service-type): New variable.
* gnu/tests/singularity.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (Miscellaneous Services): Document it.