summary refs log tree commit diff
diff options
context:
space:
mode:
authorChristopher Baines <mail@cbaines.net>2017-07-26 12:18:06 +0100
committerChristopher Baines <mail@cbaines.net>2017-08-09 23:50:31 +0100
commit91fdc8a574cccecd55d042bc1f76ab7f7d3adced (patch)
tree33f3bfb525124978683088b316042ddf73d762f7
parentf2d8e7f720c92dfb0f49d61f7b66d45e3e63e4cd (diff)
downloadguix-91fdc8a574cccecd55d042bc1f76ab7f7d3adced.tar.gz
services: Update the Tailon service for Tailon 1.3.0.
Tailon 1.3.0 (upgraded from 1.1.1) adds support for HTTP authentication.

* gnu/services/admin.scm (<tailon-configuration-file>): Add http-auth and
  users configuration values.
  (tailon-configuration-file-http-auth, tailon-configuration-file-users): New
  procedures.
  (tailon-configuration-file-compiler): Add support for the http-auth and
  users configuration options.
* doc/guix.texi (Monitoring Services): Document authentication for Tailon.
-rw-r--r--doc/guix.texi18
-rw-r--r--gnu/services/admin.scm24
2 files changed, 37 insertions, 5 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index e4903be831..c7787e4a8e 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -13774,6 +13774,24 @@ Initial line wrapping state in the web interface. Set to @code{#t} to
 initially wrap lines (the default), or to @code{#f} to initially not
 wrap lines.
 
+@item @code{http-auth} (default: @code{#f})
+HTTP authentication type to use. Set to @code{#f} to disable
+authentication (the default). Supported values are @code{"digest"} or
+@code{"basic"}.
+
+@item @code{users} (default: @code{#f})
+If HTTP authentication is enabled (see @code{http-auth}), access will be
+restricted to the credentials provided here. To configure users, use a
+list of pairs, where the first element of the pair is the username, and
+the 2nd element of the pair is the password.
+
+@example
+(tailon-configuration-file
+  (http-auth "basic")
+  (users     '(("user1" . "password1")
+               ("user2" . "password2"))))
+@end example
+
 @end table
 @end deftp
 
diff --git a/gnu/services/admin.scm b/gnu/services/admin.scm
index 19169427c0..e24aebae2c 100644
--- a/gnu/services/admin.scm
+++ b/gnu/services/admin.scm
@@ -59,8 +59,8 @@
             tailon-configuration-file-tail-lines
             tailon-configuration-file-allowed-commands
             tailon-configuration-file-debug?
-            tailon-configuration-file-wrap-lines
-
+            tailon-configuration-file-http-auth
+            tailon-configuration-file-users
 
             <tailon-configuration>
             tailon-configuration
@@ -224,7 +224,11 @@ for ROTATION."
   (debug?                  tailon-configuration-file-debug?
                            (default #f))
   (wrap-lines              tailon-configuration-file-wrap-lines
-                           (default #t)))
+                           (default #t))
+  (http-auth               tailon-configuration-file-http-auth
+                           (default #f))
+  (users                   tailon-configuration-file-users
+                           (default #f)))
 
 (define (tailon-configuration-files-string files)
   (string-append
@@ -254,7 +258,7 @@ for ROTATION."
     (($ <tailon-configuration-file> files bind relative-root
                                     allow-transfers? follow-names?
                                     tail-lines allowed-commands debug?
-                                    wrap-lines)
+                                    wrap-lines http-auth users)
      (text-file
       "tailon-config.yaml"
       (string-concatenate
@@ -273,7 +277,17 @@ for ROTATION."
                                         (string-join allowed-commands ", ")
                                         "]"))
           ,@(if debug? '(("debug" . "true")) '())
-          ("wrap-lines" . ,(if wrap-lines "true" "false")))))))))
+          ("wrap-lines" . ,(if wrap-lines "true" "false"))
+          ("http-auth" . ,http-auth)
+          ("users" . ,(if users
+                          (string-concatenate
+                           (cons "\n"
+                                 (map (match-lambda
+                                       ((user . pass)
+                                        (string-append
+                                         "  " user ":" pass)))
+                                      users)))
+                          #f)))))))))
 
 (define-record-type* <tailon-configuration>
   tailon-configuration make-tailon-configuration