summary refs log tree commit diff
path: root/gnu/system
diff options
context:
space:
mode:
authorNikolaos Chatzikonstantinou <nchatz314@gmail.com>2023-09-20 17:13:11 +0300
committerLudovic Courtès <ludo@gnu.org>2023-10-05 23:14:54 +0200
commit2467b7d1fb2927c349f4d96456060a4e6d8fd562 (patch)
tree247f8c26b53b685af9e1a207318a52879896d0e9 /gnu/system
parent7b710836a1c7cb921f54ead64f465bcc5333d076 (diff)
downloadguix-2467b7d1fb2927c349f4d96456060a4e6d8fd562.tar.gz
system: bare-bones: Add comments about nss-cert and NTP service.
TLS errors may be confusing to some users.  Two comments are added: one
comment should help clarify the extra step required for root CA certificates
to be installed, while the other will help users keep their clocks
synchronized, another source of TLS errors due to clock drift.

* gnu/system/examples/bare-bones.tmpl: Add nss-cert and NTP service comments.

Signed-off-by: Nikolaos Chatzikonstantinou <nchatz314@gmail.com>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Diffstat (limited to 'gnu/system')
-rw-r--r--gnu/system/examples/bare-bones.tmpl9
1 files changed, 7 insertions, 2 deletions
diff --git a/gnu/system/examples/bare-bones.tmpl b/gnu/system/examples/bare-bones.tmpl
index 45b4995574..dc6aff5273 100644
--- a/gnu/system/examples/bare-bones.tmpl
+++ b/gnu/system/examples/bare-bones.tmpl
@@ -4,6 +4,9 @@
 
 (use-modules (gnu))
 (use-service-modules networking ssh)
+;; If you want to use HTTPS, you most likely want to include
+;; "certs" in the line below.  Also read the comment about
+;; "nss-certs" later in this file.
 (use-package-modules screen ssh)
 
 (operating-system
@@ -43,10 +46,12 @@
                %base-user-accounts))
 
   ;; Globally-installed packages.
+  ;; Add "nss-certs" for Mozilla's approved CA certs.  You would
+  ;; have to have included "certs" in use-package-modules above.
   (packages (cons screen %base-packages))
 
-  ;; Add services to the baseline: a DHCP client and
-  ;; an SSH server.
+  ;; Add services to the baseline: a DHCP client and an SSH
+  ;; server.  You may wish to add an NTP service here.
   (services (append (list (service dhcp-client-service-type)
                           (service openssh-service-type
                                    (openssh-configuration