diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2017-11-19 15:01:00 +0100 |
|---|---|---|
| committer | Marius Bakke <mbakke@fastmail.com> | 2017-11-19 15:01:00 +0100 |
| commit | 2dd12924cf4a30a96262b6d392fcde58c9f10d4b (patch) | |
| tree | 3f74f5426ff214a02b8f6652f6516979657a7f98 /gnu/services | |
| parent | 259b4f34ba2eaefeafdb7c9f9eb56ee77f16010c (diff) | |
| parent | a93447b89a5b132221072e729d13a3f17391b8c2 (diff) | |
| download | guix-2dd12924cf4a30a96262b6d392fcde58c9f10d4b.tar.gz | |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/services')
| -rw-r--r-- | gnu/services/admin.scm | 6 | ||||
| -rw-r--r-- | gnu/services/audio.scm | 1 | ||||
| -rw-r--r-- | gnu/services/avahi.scm | 7 | ||||
| -rw-r--r-- | gnu/services/base.scm | 12 | ||||
| -rw-r--r-- | gnu/services/ssh.scm | 7 | ||||
| -rw-r--r-- | gnu/services/telephony.scm | 305 | ||||
| -rw-r--r-- | gnu/services/xorg.scm | 9 |
7 files changed, 336 insertions, 11 deletions
diff --git a/gnu/services/admin.scm b/gnu/services/admin.scm index 14452a86c7..64d7ae723c 100644 --- a/gnu/services/admin.scm +++ b/gnu/services/admin.scm @@ -183,6 +183,9 @@ for ROTATION." (define rottlog-service-type (service-type (name 'rottlog) + (description + "Periodically rotate log files using GNU@tie{}Rottlog and GNU@tie{}mcron. +Old log files are removed or compressed according to the configuration.") (extensions (list (service-extension etc-service-type rottlog-etc) (service-extension mcron-service-type rottlog-jobs-or-default) @@ -323,6 +326,9 @@ for ROTATION." (define tailon-service-type (service-type (name 'tailon) + (description + "Run Tailon, a Web application for monitoring, viewing, and searching log +files.") (extensions (list (service-extension shepherd-root-service-type tailon-shepherd-service) diff --git a/gnu/services/audio.scm b/gnu/services/audio.scm index 0a3e9f66bc..6629433780 100644 --- a/gnu/services/audio.scm +++ b/gnu/services/audio.scm @@ -97,6 +97,7 @@ (define mpd-service-type (service-type (name 'mpd) + (description "Run the Music Player Daemon (MPD).") (extensions (list (service-extension shepherd-root-service-type (compose list mpd-shepherd-service)) diff --git a/gnu/services/avahi.scm b/gnu/services/avahi.scm index 29720415fc..d69c89f751 100644 --- a/gnu/services/avahi.scm +++ b/gnu/services/avahi.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -117,6 +117,11 @@ (define avahi-service-type (let ((avahi-package (compose list avahi-configuration-avahi))) (service-type (name 'avahi) + (description + "Run @command{avahi-daemon}, a host and service discovery +daemon that implements the multicast DNS (mDNS) and DNS service +discovery (DNS-SD) protocols. Additionally, extend the C library's name +service switch (NSS) with support for @code{.local} host name resolution.") (extensions (list (service-extension shepherd-root-service-type avahi-shepherd-service) diff --git a/gnu/services/base.scm b/gnu/services/base.scm index b605614ab6..06b2a7d2d8 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -42,7 +42,6 @@ #:use-module (gnu packages bash) #:use-module (gnu packages package-management) #:use-module (gnu packages linux) - #:use-module (gnu packages lsof) #:use-module (gnu packages terminals) #:use-module ((gnu build file-systems) #:select (mount-flags->bit-mask)) @@ -119,7 +118,6 @@ guix-configuration-substitute-urls guix-configuration-extra-options guix-configuration-log-file - guix-configuration-lsof guix-service guix-service-type @@ -1374,8 +1372,6 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) (default '())) (log-file guix-configuration-log-file ;string (default "/var/log/guix-daemon.log")) - (lsof guix-configuration-lsof ;<package> - (default lsof)) (http-proxy guix-http-proxy ;string | #f (default #f)) (tmpdir guix-tmpdir ;string | #f @@ -1392,7 +1388,7 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) use-substitutes? substitute-urls max-silent-time timeout extra-options - log-file lsof http-proxy tmpdir) + log-file http-proxy tmpdir) (list (shepherd-service (documentation "Run the Guix daemon.") (provision '(guix-daemon)) @@ -1409,10 +1405,8 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) "--substitute-urls" #$(string-join substitute-urls) #$@extra-options) - ;; Add 'lsof' (for the GC) to the daemon's $PATH. #:environment-variables - (list (string-append "PATH=" #$lsof "/bin") - #$@(if http-proxy + (list #$@(if http-proxy (list (string-append "http_proxy=" http-proxy)) '()) #$@(if tmpdir @@ -1441,7 +1435,7 @@ failed to register hydra.gnu.org public key: ~a~%" status)))))))) (match config (($ <guix-configuration> guix build-group build-accounts authorize-key? keys) ;; Assume that the store has BUILD-GROUP as its group. We could - ;; otherwise call 'chown' here, but the problem is that on a COW unionfs, + ;; otherwise call 'chown' here, but the problem is that on a COW overlayfs, ;; chown leads to an entire copy of the tree, which is a bad idea. ;; Optionally authorize hydra.gnu.org's key. diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 697bb1b82e..b33ec946c6 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -186,6 +186,9 @@ (define lsh-service-type (service-type (name 'lsh) + (description + "Run the GNU@tie{}lsh secure shell (SSH) daemon, +@command{lshd}.") (extensions (list (service-extension shepherd-root-service-type lsh-shepherd-service) @@ -460,6 +463,8 @@ of user-name/file-like tuples." (define openssh-service-type (service-type (name 'openssh) + (description + "Run the OpenSSH secure shell (SSH) server, @command{sshd}.") (extensions (list (service-extension shepherd-root-service-type openssh-shepherd-service) @@ -543,6 +548,8 @@ of user-name/file-like tuples." (define dropbear-service-type (service-type (name 'dropbear) + (description + "Run the Dropbear secure shell (SSH) server.") (extensions (list (service-extension shepherd-root-service-type dropbear-shepherd-service) diff --git a/gnu/services/telephony.scm b/gnu/services/telephony.scm new file mode 100644 index 0000000000..0a735315b4 --- /dev/null +++ b/gnu/services/telephony.scm @@ -0,0 +1,305 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2017 nee <nee-git@hidamari.blue> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu services telephony) + #:use-module (gnu services) + #:use-module (gnu services shepherd) + #:use-module (gnu system shadow) + #:use-module (gnu packages admin) + #:use-module (gnu packages telephony) + #:use-module (guix records) + #:use-module (guix gexp) + #:use-module (srfi srfi-1) + #:use-module (ice-9 match) + #:export (murmur-configuration + make-murmur-configuration + murmur-configuration? + murmur-configuration-package + murmur-configuration-user + murmur-configuration-group + murmur-configuration-port + murmur-configuration-welcome-text + murmur-configuration-server-password + murmur-configuration-max-users + murmur-configuration-max-user-bandwidth + murmur-configuration-database-file + murmur-configuration-log-file + murmur-configuration-pid-file + murmur-configuration-autoban-attempts + murmur-configuration-autoban-timeframe + murmur-configuration-autoban-time + murmur-configuration-opus-threshold + murmur-configuration-channel-nesting-limit + murmur-configuration-channelname-regex + murmur-configuration-username-regex + murmur-configuration-text-message-length + murmur-configuration-image-message-length + murmur-configuration-cert-required? + murmur-configuration-remember-channel? + murmur-configuration-allow-html? + murmur-configuration-allow-ping? + murmur-configuration-bonjour? + murmur-configuration-send-version? + murmur-configuration-log-days + murmur-configuration-obfuscate-ips? + murmur-configuration-ssl-cert + murmur-configuration-ssl-key + murmur-configuration-ssl-dh-params + murmur-configuration-ssl-ciphers + murmur-configuration-public-registration + murmur-configuration-file + + murmur-public-registration-configuration + make-murmur-public-registration-configuration + murmur-public-registration-configuration? + murmur-public-registration-configuration-name + murmur-public-registration-configuration-url + murmur-public-registration-configuration-password + murmur-public-registration-configuration-hostname + + murmur-service-type)) + +;; https://github.com/mumble-voip/mumble/blob/master/scripts/murmur.ini + +(define-record-type* <murmur-configuration> murmur-configuration + make-murmur-configuration + murmur-configuration? + (package murmur-configuration-package ;<package> + (default mumble)) + (user murmur-configuration-user + (default "murmur")) + (group murmur-configuration-group + (default "murmur")) + (port murmur-configuration-port + (default 64738)) + (welcome-text murmur-configuration-welcome-text + (default "")) + (server-password murmur-configuration-server-password + (default "")) + (max-users murmur-configuration-max-users + (default 100)) + (max-user-bandwidth murmur-configuration-max-user-bandwidth + (default #f)) + (database-file murmur-configuration-database-file + (default "/var/lib/murmur/db.sqlite")) + (log-file murmur-configuration-log-file + (default "/var/log/murmur/murmur.log")) + (pid-file murmur-configuration-pid-file + (default "/var/run/murmur/murmur.pid")) + (autoban-attempts murmur-configuration-autoban-attempts + (default 10)) + (autoban-timeframe murmur-configuration-autoban-timeframe + (default 120)) + (autoban-time murmur-configuration-autoban-time + (default 300)) + (opus-threshold murmur-configuration-opus-threshold + (default 100)) ; integer percent + (channel-nesting-limit murmur-configuration-channel-nesting-limit + (default 10)) + (channelname-regex murmur-configuration-channelname-regex + (default #f)) + (username-regex murmur-configuration-username-regex + (default #f)) + (text-message-length murmur-configuration-text-message-length + (default 5000)) + (image-message-length murmur-configuration-image-message-length + (default (* 128 1024))) ; 128 Kilobytes + (cert-required? murmur-configuration-cert-required? + (default #f)) + (remember-channel? murmur-configuration-remember-channel? + (default #f)) + (allow-html? murmur-configuration-allow-html? + (default #f)) + (allow-ping? murmur-configuration-allow-ping? + (default #f)) + (bonjour? murmur-configuration-bonjour? + (default #f)) + (send-version? murmur-configuration-send-version? + (default #f)) + (log-days murmur-configuration-log-days + (default 31)) + (obfuscate-ips? murmur-obfuscate-ips? + (default #t)) + (ssl-cert murmur-configuration-ssl-cert + (default #f)) + (ssl-key murmur-configuration-ssl-key + (default #f)) + (ssl-dh-params murmur-configuration-ssl-dh-params + (default #f)) + (ssl-ciphers murmur-configuration-ssl-ciphers + (default #f)) + (public-registration murmur-configuration-public-registration + (default #f)) ; <murmur-public-registration-configuration> + (file murmur-configuration-file + (default #f))) + +(define-record-type* <murmur-public-registration-configuration> + murmur-public-registration-configuration + make-murmur-public-registration-configuration + murmur-public-registration-configuration? + (name murmur-public-registration-configuration-name) + (password murmur-public-registration-configuration-password) + (url murmur-public-registration-configuration-url) + (hostname murmur-public-registration-configuration-hostname + (default #f))) + +(define (flatten . lst) + "Return a list that recursively concatenates all sub-lists of LST." + (define (flatten1 head out) + (if (list? head) + (fold-right flatten1 out head) + (cons head out))) + (fold-right flatten1 '() lst)) + +(define (default-murmur-config config) + (match-record + config + <murmur-configuration> + (user port welcome-text server-password max-users max-user-bandwidth + database-file log-file pid-file autoban-attempts autoban-timeframe + autoban-time opus-threshold channel-nesting-limit channelname-regex + username-regex text-message-length image-message-length cert-required? + remember-channel? allow-html? allow-ping? bonjour? send-version? + log-days obfuscate-ips? ssl-cert ssl-key ssl-dh-params ssl-ciphers + public-registration) + (apply mixed-text-file "murmur.ini" + (flatten + "welcometext=" welcome-text "\n" + "port=" (number->string port) "\n" + (if server-password (list "serverpassword=" server-password "\n") '()) + (if max-user-bandwidth (list "bandwidth=" (number->string max-user-bandwidth)) '()) + "users=" (number->string max-users) "\n" + "uname=" user "\n" + "database=" database-file "\n" + "logfile=" log-file "\n" + "pidfile=" pid-file "\n" + (if autoban-attempts (list "autobanAttempts=" (number->string autoban-attempts) "\n") '()) + (if autoban-timeframe (list "autobanTimeframe=" (number->string autoban-timeframe) "\n") '()) + (if autoban-time (list "autobanTime=" (number->string autoban-time) "\n") '()) + (if opus-threshold (list "opusthreshold=" (number->string opus-threshold) "\n") '()) + (if channel-nesting-limit (list "channelnestinglimit=" (number->string channel-nesting-limit) "\n") '()) + (if channelname-regex (list "channelname=" channelname-regex "\n") '()) + (if username-regex (list "username=" username-regex "\n") '()) + (if text-message-length (list "textmessagelength=" (number->string text-message-length) "\n") '()) + (if image-message-length (list "imagemessagelength=" (number->string image-message-length) "\n") '()) + (if log-days (list "logdays=" (number->string log-days) "\n") '()) + "obfuscate=" (if obfuscate-ips? "true" "false") "\n" + "certrequired=" (if cert-required? "true" "false") "\n" + "rememberchannel=" (if remember-channel? "true" "false") "\n" + "allowhtml=" (if allow-html? "true" "false") "\n" + "allowping=" (if allow-ping? "true" "false") "\n" + "bonjour=" (if bonjour? "true" "false") "\n" + "sendversion=" (if send-version? "true" "false") "\n" + (cond ((and ssl-cert ssl-key) + (list + "sslCert=" ssl-cert "\n" + "sslKey=" ssl-key "\n")) + ((or ssl-cert ssl-key) + (error "ssl-cert and ssl-key must both be set" + ssl-cert ssl-key)) + (else '())) + (if ssl-dh-params (list "sslDHParams=" ssl-dh-params) '()) + (if ssl-ciphers (list "sslCiphers=" ssl-ciphers) '()) + + (match public-registration + (#f '()) + (($ <murmur-public-registration-configuration> + name password url hostname) + (if (and (or (not server-password) (string-null? server-password)) + allow-ping?) + (list + "registerName=" name "\n" + "registerPassword=" password "\n" + "registerUrl=" url "\n" + (if hostname + (string-append "registerHostname=" hostname "\n") + "")) + (error "To publicly register your murmur server your server must be publicy visible +and users must be able to join without a password. To fix this set: +(allow-ping? #t) +(server-password \"\") +Or set public-registration to #f")))))))) + +(define (murmur-activation config) + #~(begin + (use-modules (guix build utils)) + (let* ((log-dir (dirname #$(murmur-configuration-log-file config))) + (pid-dir (dirname #$(murmur-configuration-pid-file config))) + (db-dir (dirname #$(murmur-configuration-database-file config))) + (user (getpwnam #$(murmur-configuration-user config))) + (init-dir + (lambda (name dir) + (format #t "creating murmur ~a directory '~a'\n" name dir) + (mkdir-p dir) + (chown dir (passwd:uid user) (passwd:gid user)) + (chmod dir #o700))) + (ini #$(or (murmur-configuration-file config) + (default-murmur-config config)))) + (init-dir "log" log-dir) + (init-dir "pid" pid-dir) + (init-dir "database" db-dir) + + (format #t "murmur: use config file: ~a~%\n" ini) + (format #t "murmur: to set the SuperUser password run: + `~a -ini ~a -readsupw`\n" + #$(file-append (murmur-configuration-package config) + "/bin/murmurd") ini) + #t))) + +(define murmur-accounts + (match-lambda + (($ <murmur-configuration> _ user group) + (list + (user-group + (name group) + (system? #t)) + (user-account + (name user) + (group group) + (system? #t) + (comment "Murmur Daemon") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))))) + +(define (murmur-shepherd-service config) + (list (shepherd-service + (provision '(murmur)) + (documentation "Run the Murmur Mumble server.") + (requirement '(networking)) + (start #~(make-forkexec-constructor + '(#$(file-append (murmur-configuration-package config) + "/bin/murmurd") + "-ini" + #$(or (murmur-configuration-file config) + (default-murmur-config config))) + #:pid-file #$(murmur-configuration-pid-file config))) + (stop #~(make-kill-destructor))))) + +(define murmur-service-type + (service-type (name 'murmur) + (description + "Run the Murmur voice-over-IP (VoIP) server of the Mumble +suite.") + (extensions + (list (service-extension shepherd-root-service-type + murmur-shepherd-service) + (service-extension activation-service-type + murmur-activation) + (service-extension account-service-type + murmur-accounts))) + (default-value (murmur-configuration)))) diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm index 6200fa302a..c5a1a0d423 100644 --- a/gnu/services/xorg.scm +++ b/gnu/services/xorg.scm @@ -573,7 +573,14 @@ makes the good ol' XlockMore usable." #:environment-variables (list (string-append "GDM_X_SERVER=" - #$(gdm-configuration-x-server config)))))) + #$(gdm-configuration-x-server config)) + ;; XXX: GDM requires access to a handful of + ;; programs and components from Gnome (gnome-shell, + ;; dbus, and gnome-session among others). The + ;; following variables only work provided Gnome is + ;; installed. + "XDG_DATA_DIRS=/run/current-system/profile/share" + "PATH=/run/current-system/profile/bin")))) (stop #~(make-kill-destructor)) (respawn? #t)))) |