From 41daf1286575f3a1998493c893f6d5a9c5b62de8 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sun, 19 Jul 2020 09:59:57 +0200 Subject: services: ganeti: Use TLS on the remote API by default. * gnu/services/ganeti.scm (): Set SSL? to #t. * gnu/tests/ganeti.scm (%ganeti-os): Set SSL? to #f. * doc/guix.texi (Virtualization Services): Adjust accordingly. --- doc/guix.texi | 2 +- gnu/services/ganeti.scm | 2 +- gnu/tests/ganeti.scm | 5 +++++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 2c5c017eea..df37349c4a 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -25497,7 +25497,7 @@ The maximum number of simultaneous client requests to handle. Further connections are allowed, but no responses are sent until enough connections have closed. -@item @code{ssl?} (default: @code{#f}) +@item @code{ssl?} (default: @code{#t}) Whether to use SSL/TLS encryption on the RAPI port. @item @code{ssl-key} (default: @file{"/var/lib/ganeti/server.pem"}) diff --git a/gnu/services/ganeti.scm b/gnu/services/ganeti.scm index 80a61818f7..f7d1aeb8da 100644 --- a/gnu/services/ganeti.scm +++ b/gnu/services/ganeti.scm @@ -450,7 +450,7 @@ be submitted via this daemon and it schedules and starts them."))) (max-clients ganeti-rapi-configuration-max-clients ;integer (default 20)) (ssl? ganeti-rapi-configuration-ssl? ;Boolean - (default #f)) + (default #t)) (ssl-key ganeti-rapi-configuration-ssl-key ;string (default "/var/lib/ganeti/server.pem")) (ssl-cert ganeti-rapi-configuration-ssl-cert ;string diff --git a/gnu/tests/ganeti.scm b/gnu/tests/ganeti.scm index 0615edcde4..ff853a7149 100644 --- a/gnu/tests/ganeti.scm +++ b/gnu/tests/ganeti.scm @@ -70,6 +70,11 @@ (service ganeti-service-type (ganeti-configuration (file-storage-paths '("/srv/ganeti/file-storage")) + (rapi-configuration + (ganeti-rapi-configuration + ;; Disable TLS so we can test the RAPI without + ;; pulling in GnuTLS. + (ssl? #f))) (os %default-ganeti-os)))) %base-services)))) -- cgit 1.4.1