Age | Commit message (Collapse) | Author |
|
ddclient is unmaintained as of 2023-07-04 [1] and this service has been broken
for a while [2]. Remove it rather than shipping a broken service for an
unmaintained program that's unlikely to be fixed.
[1]: <https://github.com/ddclient/ddclient>
[2]: <https://issues.guix.gnu.org/52770>
This reverts commit 8490a8346b5c8207f5798be55bea1de865b0bd42.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
Add 'createAccount?', 'uid' and 'gid' to <postgresql-configuation>.
Unlike other system daemons, the PostgreSQL data directory is typically
meant to persist across 'guix system reconfigure' and once created, you
don't want it's UID or GID to change anymore.
Furthermore, if you want to place the data directory on a network share
and use NFSv4 with idmap, then the 'postgres' user must exist when the
'rpc.idmapd' daemon is launched; prior to mounting the share. And it
needs to be possible to mount the share without configuring PostgreSQL.
With NFSv3, the UID and GID typically needs to match those on the
server.
The added options allow for both of these scenarios:
You can either create the user in (operating-system (users)) completely
independently of the 'postgresql-service-type' (for instance to get your
NFS setup working first prior to configuring your databases) - or "pin"
it's UID / GID values.
* gnu/services/databases.scm (<postgresql-configuration>)[create-account?]
[uid, gid]: New fields.
(%postgresql-accounts): Remove.
(create-postgresql-account): New procedure.
(postgresql-service-type)[extensions]: Use it.
* doc/guix.texi (Database Services): Update accordingly.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/packages/freedesktop.scm (elogind): Update to 252.9.
[source]: Replace elogind-revert-polkit-detection.patch with
elogind-fix-rpath.patch in patches.
[configure-flags]: Add the dbussystemservicedir, dbussessionservicedir,
dbussystemservicedir and dbus-interfaces-dir flags.
[phases] <use-global-hook-directory> Update list of patched files.
<adjust-tests> Update substitutions, and skip the copy_holes test.
[native-inputs]: Add python-jinja2.
[inputs]: Add util-linux:lib.
* gnu/services/desktop.scm (elogind-dbus-service)
<elogind-dbus-service-wrapper>: Add a symlink to elogind's
share/dbus-1/system.d to expose D-Bus policy configurations.
* gnu/tests/desktop.scm (run-elogind-test): Adjust expected result for the new
"linger" value.
* gnu/packages/patches/elogind-revert-polkit-detection.patch: Delete file.
* gnu/packages/patches/elogind-fix-rpath.patch: New file.
* gnu/local.mk (dist_patch_DATA): Update.
Series-to: 64938@debbugs.gnu.org
Series-prefix: elogind-updates
Series-version: 2
Series-changes: 2
- Fix elogind system test
- Install D-Bus policy files in elogind-dbus-service-wrapper
- Remove duplicate 'dbussystemservicedir' configure flag
|
|
Thanks to Bruno Victal "mirai" for cooperating on this patch and for
generously sharing a wealth of insights about Guix services.
Thanks to Jean-Baptiste Note for an early version of this service!
* doc/guix.texi (Linux Services)[Cachefilesd Service]: New heading.
* gnu/services/linux.scm (serialize-string, non-negative-integer?)
(serialize-non-negative-integer, string, non-negative-integer)
(make-option-serializer, make-percentage-threshold-serializer): New
procedures.
(cachefilesd-configuration): New record type.
(cachefilesd-service-type): New variable.
* gnu/tests/cachefilesd.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
Co-authored-by: Bruno Victal <mirai@makinata.eu>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/services/authentication.scm (pam-ldap-pam-service): Use
'file-append' instead of #~(string-append ...).
* gnu/services/base.scm (greetd-pam-service): Likewise.
* gnu/services/kerberos.scm (pam-krb5-pam-service): Likewise.
* gnu/services/pam-mount.scm (pam-mount-pam-service): Likewise.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/services/base.scm (pam-limits-service-type)[pam-extension]: Wrap
into a 'lambda' that takes 'limits-file'. Pass that in the <pam-entry>
'arguments' field. Define 'make-limits-file' and use it.
Remove ETC-SERVICE-TYPE extension.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/services/syncthing.scm (syncthing-shepherd-service): Use the new command line syntax.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/services/databases.scm (postgresql-role): Add more role fields.
(postgresql-create-roles): Honor it.
* doc/guix.texi (Database Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
The `pam-mount-volumes-service-type' adds additional volumes to the
pam-mount-service-type in addition to any that are already specified in
`pam-mount-rules'.
* doc/guix.texi (PAM Mount Volume Service): add documentation for
`pam-mount-service-type'.
* gnu/services/pam-mount.scm: new file.
* Makefile.am: add pam-mount tests
* tests/services/pam-mount.scm: new tests
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
cgroup v2 is the next generation of the control groups API. This patch
replaces the cgroup v1 file systems with the unified cgroup v2 file
system.
cgroup v2 allows for things like containerd/podman to run rootless
containers and opens guix system up to running things like Kubernetes.
Thanks to Hilton Chain <hako@ultrarare.space> for suggesting the Docker
service change.
* gnu/system/file-systems.scm (%control-groups): Change to a single
"cgroup2" mount point.
* gnu/services/docker.scm (docker-shepherd-service): Trim 'requirement'
field accordingly.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/services/admin.scm (%default-package-database-update-schedule):
New variable.
(<package-database-configuration>): New record type.
(package-database-mcron-jobs): New procedure.
(package-database-service-type): New variable.
* doc/guix.texi (File Search Services): Document it.
|
|
* gnu/services/admin.scm (%default-file-database-update-schedule)
(%default-file-database-excluded-directories): New variables.
(<file-database-configuration>): New record type.
(file-database-mcron-jobs): New procedure.
(file-database-service-type): New variable.
* doc/guix.texi (File Search Services): New node.
|
|
This reverts commit e1070ee16036f6dfb84c44aea4119e4db770356b. Rationale: this
only works with the default 'endpoints'. The 'auto-update?' option should be
sufficient to trigger a database update automatically anyway.
|
|
Relates to <https://issues.guix.gnu.org/63082>.
* gnu/services/audio.scm (mpd-shepherd-service): Create a default .cache
directory. Use mkdir-p/perms and refactor loop. Set the HOME environment
variables.
|
|
Relates to <https://issues.guix.gnu.org/63082>.
* gnu/services/audio.scm (mpd-output) [mixer-type]: Change default value from
"none" to unspecified.
* doc/guix.texi (Audio Services): Regenerate doc.
|
|
* gnu/services/audio.scm: Hide 'delete' on (gnu services) import.
|
|
* gnu/services/audio.scm (mpd-log-rotation): Conditionlize based on the value
of LOG-FILE.
|
|
Rationale: the tristate value was awkward to deal with, the default log file
name was odd (/var/log/mpd/log) and it required special attention to create
the 'mpd' parent directory as root and chowning it to the MPD user. It also
didn't match the default behavior of MPD, which is to log to systemd or syslog
unless a log file is specified.
* gnu/services/audio.scm (mpd-log-file-sanitizer): New procedure.
(mpd-configuration) [log-file]: Remove default maybe value. Add sanitizer.
(mpd-shepherd-service): Validate the log file parent directory exists and has
the right permissions. Conditionally add syslogd to requirements.
(mympd-log-to-sanitizer): New procedure.
(mympd-configuration) [log-to]: Change type to maybe-string. Update doc and
add sanitizer.
(mympd-shepherd-service) [requirement]: Fix to use syslogd. Adjust
accordingly.
[start] Adjust accordingly.
(mympd-log-rotation): Check log-to via maybe-value-set?.
* doc/guix.texi (Audio Services): Update doc.
|
|
* gnu/services/audio.scm (mpd-shepherd-service): Standardize the way the log
file parent and other directories are initialized in the start slot.
(mympd-shepherd-service): Likewise.
|
|
* gnu/services/audio.scm (mpd-configuration) [log-level]: List log-level in
decreasing verbosity order in doc.
* doc/guix.texi (Audio Services): Update doc.
|
|
So that they can be restarted in dependently.
* gnu/services/guix.scm (guix-data-service-shepherd-services): Don't require
the main service from the jobs service.
|
|
The convention to use % as a prefix is for "special" variables rather than
procedures.
* gnu/services/audio.scm (%set-user-group): Rename to...
(set-user-group): ... this.
|
|
* gnu/services/audio.scm (mpd-user-sanitizer, %mympd-user): Remove extraneous
group field, already inherited.
(%mpd-user, %mympd-user): Clarify %lazy-group explanatory comment. Fix
indentation.
|
|
* gnu/services/audio.scm (mpd-shepherd-service): Register a new update action.
* doc/guix.texi (Audio Services): Document it.
|
|
* gnu/services/audio.scm (mpd-configuration) [auto-update?]: New field.
* doc/guix.texi (Audio Services): Update doc.
|
|
* gnu/services/vpn.scm (wireguard-shepherd-service) [actions]: New field.
|
|
Previously, the generated config file would contain arbitrary whitespace that
made it look ugly.
* gnu/services/vpn.scm (<wireguard-configuration>) [dns]: Change default value
from #f to '().
(wireguard-configuration-file): Use match-record. Format each line
individually, assembling the lines at the end to avoid extraneous white space.
* doc/guix.texi (VPN Services): Update doc.
|
|
* gnu/services/vpn.scm (<wireguard-configuration>)
[monitor-ips?, monitor-ips-internal]: New fields.
* gnu/services/vpn.scm (define-with-source): New syntax.
(wireguard-service-name, strip-port/maybe)
(ipv4-address?, ipv6-address?, host-name?)
(endpoint-host-names): New procedure.
(wireguard-monitoring-jobs): Likewise.
(wireguard-service-type): Register it.
* tests/services/vpn.scm: New file.
* Makefile.am (SCM_TESTS): Register it.
* doc/guix.texi (VPN Services): Update doc.
Reviewed-by: Bruno Victal <mirai@makinata.eu>
|
|
* gnu/services/herd.scm (current-service): New procedure, mostly reusing the
existing current-services.
(current-services): Implement in terms of the above procedure.
|
|
As suggested by Sergey Bugaev on bug-hurd
https://lists.gnu.org/archive/html/bug-hurd/2023-05//msg00455.html
* gnu/services/base.scm (static-networking->hurd-pfinet-options): Use
/DEV/ethX. Use long options for settrans.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
|
|
When booting with pci-arbiter and rumpdisk and using 1024MB of memory for
qemu, booting hangs, or seems to hang, at the end of the rumpdisk boot
messages. At least 1200MB is required, currently.
* gnu/services/virtualization.scm (<hurd-vm-configuration>)[memory-size]: Bump
to 2048.
* gnu/system/examples/bare-hurd.tmpl: Suggest using 2048 here too. Update
example `guix system image' and "qemu" command lines too.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
|
|
This follows up on commit 16d77b31c5024e9288dfd2f25f8eb6d0114a342c.
* gnu/services/cgit.scm (cgit-configuration): Use extant
repository-cgit-configuration variable name.
|
|
* gnu/services/virtualization.scm (libvirt-shepherd-service): Add requirement
on dbus.
|
|
* gnu/packages/gnome.scm (gnome): Remove gnome-boxes from propagated-inputs,
since it is no longer a Core App in 42.
|
|
* gnu/services/web.scm (nginx-php-location): Only pass existing PHP files
to the back end. Mitigate httpoxy vulnerability.
|
|
Without this a user's pam-limits-service-type configuration does not have an
effect when using lightdm.
* gnu/services/base.scm (pam-limits-service-type): Add "lightdm" to the list.
|
|
Fixes <https://issues.guix.gnu.org/63979>.
* gnu/services/shepherd.scm (validate-provision): New procedure.
(<shepherd-service>)[provision]: Use it.
Co-authored-by: Bruno Victal <mirai@makinata.eu>
|
|
* gnu/services/dict.scm (dicod-shepherd-service): Remove
the (= 1 (length interfaces)) restriction by adding one endpoint per
interface.
|
|
* gnu/services/certbot.scm (certbot-nginx-server-configurations):
Don't return a broken nginx-server-configuration with empty server_name
when no certificate domains are configured. Instead add a separate
server for every certificate, so 0 certificates adds 0 servers.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Reviewed-by: Bruno Victal <mirai@makinata.eu>
|
|
Fixes <https://issues.guix.gnu.org/64057>.
* gnu/services/virtualization.scm (qemu-guest-agent-shepherd-service):
Add 'requirement' field.
Reported-by: Yann Dupont <yann.dupont@univ-nantes.fr>
|
|
Fixes <https://issues.guix.gnu.org/63516>.
* gnu/services/base.scm (network-set-up/linux): Add call to
'wait-for-link'.
|
|
screen-locker-service-type by default does both define PAM entry
and make program setuid binary. Normally both methods are
mutually exclusive, if binary has setuid set it does not really
needs PAM, otherway around also similar, if PAM is enabled
binary should not relay on setuid.
Recent swaylock package now compiled with PAM support. When PAM
support is compiled in, swaylock rejects executing if binary is
also setuid program.
This change turns screen-locker-configuration from strict
PAM AND setuid to more flexible PAM AND/OR setuid. Allowing
swaylock to be configured properly while supporting other
screen locker preferences.
* gnu/services/xorg.scm (screen-locker-configuration): Switch from
define-record-type to define-configuration.
[using-pam?]: New field to control PAM entry existence.
[using-setuid?]: New field to control setuid binary existence.
(screen-locker-pam-services): Should not make unix-pam-service if
using-pam? is set to #f.
(screen-locker-setuid-programs): Should not make program setuid
program if using-setuid? is set to #f.
(screen-locker-generate-doc): Internal function to generate
configuration documentation.
(screen-locker-service): Adapt to new screen-locker-configuration.
* gnu/services/desktop.scm (desktop-services-for-system): Adapt to
new screen-locker-configuration.
* doc/guix.texi: Reflect new changes to screen-locker-configuration.
Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
|
|
This allows us to get rid of the "eval root" actions, which in turn
would lead to confusing "Evaluating user expression" messages.
Fixes <https://issues.guix.gnu.org/55857>.
* gnu/services/herd.scm (resolve-transients): In 'values', avoid
'eval-there' call when UNRESOLVED is empty.
|
|
Previously, with shepherd 0.10.0, guix-daemon would start quickly,
possibly before avahi-daemon is running. Consequently, its "guix
discover" child process would exit immediately with a warning saying
"Avahi daemon is not running".
* gnu/services/base.scm (guix-shepherd-service): When DISCOVER? is true,
add 'avahi-daemon' to 'requirement'.
|
|
Fixes <https://issues.guix.gnu.org/63198>.
Have the CUPS service extend pam-root-service-type providing minimal
configuration to authenticate users. Since PAM authentication is provided,
the regular cups package can be used as default instead of the minimal,
PAM-lacking variant.
* gnu/services/cups.scm (cups-configuration)
[cups]: Replace cups-minimal with cups.
[allow-empty-password?]: PAM service configuration permitting empty passwords.
(opaque-cups-configuration): Likewise.
(cups-pam-service): New procedure.
(cups-service-type): Extend pam-root-service-type with cups-pam-service.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
|
That way, per-connection transient services such as 'sshd-123' inherit
dependencies of their "parent" ('sshd' in this example), which is more
consistent than not depending on anything.
* gnu/services/dict.scm (dicod-shepherd-service): Pass #:requirements to
'make-inetd-constructor'.
* gnu/services/messaging.scm (bitlbee-shepherd-service): Likewise.
* gnu/services/ssh.scm (openssh-shepherd-service): Likewise.
* gnu/services/vnc.scm (xvnc-shepherd-service): Likewise.
|
|
* gnu/services/base.scm (%root-file-system-shepherd-service): In 'stop'
method, remove reference to 'stop-logging'. That procedure is gone in
Shepherd 0.10.0, leading to an unbound-variable exception.
Additionally, calling is unnecessary since 0.4.0, where shepherd logs to
syslog (thus the open file descriptor is not backed by an on-disk file).
|
|
This is a followup to 57e731c358d000f614fbda23654cae6a5e79df80.
* gnu/services/base.scm (agetty-shepherd-service): Change 'stop' method
to return #f immediately when the running value is 'idle.
|
|
* gnu/services/rsync.scm (rsync-shepherd-service) Wrap rsync command in a
least-authority-wrapper.
Reviewed-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/services/rsync.scm (rsync-shepherd-service): Use make-inetd-constructor
if available in start slot.
* gnu/tests/rsync.scm (run-rsync-test): Delete "PID file" test.
Reviewed-by: Ludovic Courtès <ludo@gnu.org>
|