summary refs log tree commit diff
diff options
context:
space:
mode:
authorMarius Bakke <marius@gnu.org>2020-07-19 09:59:57 +0200
committerMarius Bakke <marius@gnu.org>2020-07-19 14:23:16 +0200
commit41daf1286575f3a1998493c893f6d5a9c5b62de8 (patch)
treec93b58e0866ca0acb532d16b255d36f839893b37
parentc91c132fc42c6e67140b393b963d7ced009f093e (diff)
downloadguix-41daf1286575f3a1998493c893f6d5a9c5b62de8.tar.gz
services: ganeti: Use TLS on the remote API by default.
* gnu/services/ganeti.scm (<ganeti-rapi-configuration>): Set SSL? to #t.
* gnu/tests/ganeti.scm (%ganeti-os): Set SSL? to #f.
* doc/guix.texi (Virtualization Services): Adjust accordingly.
Diffstat
-rw-r--r--doc/guix.texi2
-rw-r--r--gnu/services/ganeti.scm2
-rw-r--r--gnu/tests/ganeti.scm5
3 files changed, 7 insertions, 2 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 2c5c017eea..df37349c4a 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -25497,7 +25497,7 @@ The maximum number of simultaneous client requests to handle.  Further
 connections are allowed, but no responses are sent until enough connections
 have closed.
 
-@item @code{ssl?} (default: @code{#f})
+@item @code{ssl?} (default: @code{#t})
 Whether to use SSL/TLS encryption on the RAPI port.
 
 @item @code{ssl-key} (default: @file{"/var/lib/ganeti/server.pem"})
diff --git a/gnu/services/ganeti.scm b/gnu/services/ganeti.scm
index 80a61818f7..f7d1aeb8da 100644
--- a/gnu/services/ganeti.scm
+++ b/gnu/services/ganeti.scm
@@ -450,7 +450,7 @@ be submitted via this daemon and it schedules and starts them.")))
   (max-clients ganeti-rapi-configuration-max-clients    ;integer
                (default 20))
   (ssl?        ganeti-rapi-configuration-ssl?           ;Boolean
-               (default #f))
+               (default #t))
   (ssl-key     ganeti-rapi-configuration-ssl-key        ;string
                (default "/var/lib/ganeti/server.pem"))
   (ssl-cert    ganeti-rapi-configuration-ssl-cert       ;string
diff --git a/gnu/tests/ganeti.scm b/gnu/tests/ganeti.scm
index 0615edcde4..ff853a7149 100644
--- a/gnu/tests/ganeti.scm
+++ b/gnu/tests/ganeti.scm
@@ -70,6 +70,11 @@
                    (service ganeti-service-type
                             (ganeti-configuration
                              (file-storage-paths '("/srv/ganeti/file-storage"))
+                             (rapi-configuration
+                              (ganeti-rapi-configuration
+                               ;; Disable TLS so we can test the RAPI without
+                               ;; pulling in GnuTLS.
+                               (ssl? #f)))
                              (os %default-ganeti-os))))
              %base-services))))
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-10 23:39:19 +0000