2016-09-07 19:20:43 -04:00
|
|
|
|
;;; GNU Guix --- Functional package management for GNU
|
|
|
|
|
;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
|
2023-01-02 12:05:24 -05:00
|
|
|
|
;;; Copyright © 2016-2023 Ludovic Courtès <ludo@gnu.org>
|
2020-04-29 03:34:01 -04:00
|
|
|
|
;;; Copyright © 2020 Brice Waegeneire <brice@waegenei.re>
|
2023-01-02 12:05:24 -05:00
|
|
|
|
;;; Copyright © 2023 Giacomo Leidi <goodoldpaul@autistici.org>
|
2016-09-07 19:20:43 -04:00
|
|
|
|
;;;
|
|
|
|
|
;;; This file is part of GNU Guix.
|
|
|
|
|
;;;
|
|
|
|
|
;;; GNU Guix is free software; you can redistribute it and/or modify it
|
|
|
|
|
;;; under the terms of the GNU General Public License as published by
|
|
|
|
|
;;; the Free Software Foundation; either version 3 of the License, or (at
|
|
|
|
|
;;; your option) any later version.
|
|
|
|
|
;;;
|
|
|
|
|
;;; GNU Guix is distributed in the hope that it will be useful, but
|
|
|
|
|
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
;;; GNU General Public License for more details.
|
|
|
|
|
;;;
|
2018-11-07 11:24:35 -05:00
|
|
|
|
;;; You should have received a copy of the GNU General Public License
|
2016-09-07 19:20:43 -04:00
|
|
|
|
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
|
|
(define-module (gnu services admin)
|
|
|
|
|
#:use-module (gnu packages admin)
|
2023-07-05 04:19:15 -04:00
|
|
|
|
#:use-module ((gnu packages base)
|
2023-08-22 04:20:11 -04:00
|
|
|
|
#:select (canonical-package findutils coreutils sed))
|
2020-07-22 14:21:21 -04:00
|
|
|
|
#:use-module (gnu packages certs)
|
|
|
|
|
#:use-module (gnu packages package-management)
|
2016-09-07 19:20:43 -04:00
|
|
|
|
#:use-module (gnu services)
|
2023-07-05 04:19:15 -04:00
|
|
|
|
#:use-module (gnu services configuration)
|
2016-09-07 19:20:43 -04:00
|
|
|
|
#:use-module (gnu services mcron)
|
|
|
|
|
#:use-module (gnu services shepherd)
|
2023-07-05 05:49:34 -04:00
|
|
|
|
#:use-module (gnu system accounts)
|
|
|
|
|
#:use-module ((gnu system shadow) #:select (account-service-type))
|
2023-07-05 04:19:15 -04:00
|
|
|
|
#:use-module ((guix store) #:select (%store-prefix))
|
2016-09-07 19:20:43 -04:00
|
|
|
|
#:use-module (guix gexp)
|
2020-07-22 14:21:21 -04:00
|
|
|
|
#:use-module (guix modules)
|
2016-09-07 19:20:43 -04:00
|
|
|
|
#:use-module (guix packages)
|
|
|
|
|
#:use-module (guix records)
|
|
|
|
|
#:use-module (srfi srfi-1)
|
2023-07-05 04:19:15 -04:00
|
|
|
|
#:use-module (ice-9 match)
|
2017-06-08 14:12:38 -04:00
|
|
|
|
#:use-module (ice-9 vlist)
|
2016-09-07 19:20:43 -04:00
|
|
|
|
#:export (%default-rotations
|
|
|
|
|
%rotated-files
|
2017-06-08 14:12:38 -04:00
|
|
|
|
|
|
|
|
|
log-rotation
|
|
|
|
|
log-rotation?
|
|
|
|
|
log-rotation-frequency
|
|
|
|
|
log-rotation-files
|
|
|
|
|
log-rotation-options
|
|
|
|
|
log-rotation-post-rotate
|
2022-07-31 17:35:27 -04:00
|
|
|
|
%default-log-rotation-options
|
2017-06-08 14:12:38 -04:00
|
|
|
|
|
2016-09-07 19:20:43 -04:00
|
|
|
|
rottlog-configuration
|
|
|
|
|
rottlog-configuration?
|
2023-10-18 10:53:44 -04:00
|
|
|
|
rottlog-configuration-rottlog
|
|
|
|
|
rottlog-configuration-rc-file
|
|
|
|
|
rottlog-configuration-rotations
|
|
|
|
|
rottlog-configuration-jobs
|
2016-09-07 19:20:43 -04:00
|
|
|
|
rottlog-service
|
2020-07-22 14:21:21 -04:00
|
|
|
|
rottlog-service-type
|
|
|
|
|
|
2022-03-31 17:14:39 -04:00
|
|
|
|
log-cleanup-service-type
|
|
|
|
|
log-cleanup-configuration
|
|
|
|
|
log-cleanup-configuration?
|
|
|
|
|
log-cleanup-configuration-directory
|
|
|
|
|
log-cleanup-configuration-expiry
|
|
|
|
|
log-cleanup-configuration-schedule
|
|
|
|
|
|
2023-07-05 04:19:15 -04:00
|
|
|
|
file-database-service-type
|
|
|
|
|
file-database-configuration
|
|
|
|
|
file-database-configuration?
|
|
|
|
|
file-database-configuration-package
|
|
|
|
|
file-database-configuration-schedule
|
|
|
|
|
file-database-configuration-excluded-directories
|
|
|
|
|
%default-file-database-update-schedule
|
|
|
|
|
%default-file-database-excluded-directories
|
|
|
|
|
|
2023-07-05 05:49:34 -04:00
|
|
|
|
package-database-service-type
|
|
|
|
|
package-database-configuration
|
|
|
|
|
package-database-configuration?
|
|
|
|
|
package-database-configuration-package
|
|
|
|
|
package-database-configuration-schedule
|
|
|
|
|
package-database-configuration-method
|
|
|
|
|
package-database-configuration-channels
|
|
|
|
|
|
2020-07-22 14:21:21 -04:00
|
|
|
|
unattended-upgrade-service-type
|
|
|
|
|
unattended-upgrade-configuration
|
|
|
|
|
unattended-upgrade-configuration?
|
2020-08-24 08:52:39 -04:00
|
|
|
|
unattended-upgrade-configuration-operating-system-file
|
2023-01-02 12:05:24 -05:00
|
|
|
|
unattended-upgrade-configuration-operating-system-expression
|
2020-07-22 14:21:21 -04:00
|
|
|
|
unattended-upgrade-configuration-channels
|
|
|
|
|
unattended-upgrade-configuration-schedule
|
|
|
|
|
unattended-upgrade-configuration-services-to-restart
|
|
|
|
|
unattended-upgrade-configuration-system-expiration
|
|
|
|
|
unattended-upgrade-configuration-maximum-duration
|
|
|
|
|
unattended-upgrade-configuration-log-file))
|
2016-09-07 19:20:43 -04:00
|
|
|
|
|
|
|
|
|
;;; Commentary:
|
|
|
|
|
;;;
|
|
|
|
|
;;; This module implements configuration of rottlog by writing
|
|
|
|
|
;;; /etc/rottlog/{rc,hourly|daily|weekly}. Example usage
|
|
|
|
|
;;;
|
|
|
|
|
;;; (mcron-service)
|
2017-06-08 14:12:38 -04:00
|
|
|
|
;;; (service rottlog-service-type)
|
2016-09-07 19:20:43 -04:00
|
|
|
|
;;;
|
|
|
|
|
;;; Code:
|
|
|
|
|
|
2017-06-08 14:12:38 -04:00
|
|
|
|
(define-record-type* <log-rotation> log-rotation make-log-rotation
|
|
|
|
|
log-rotation?
|
|
|
|
|
(files log-rotation-files) ;list of strings
|
|
|
|
|
(frequency log-rotation-frequency ;symbol
|
|
|
|
|
(default 'weekly))
|
|
|
|
|
(post-rotate log-rotation-post-rotate ;#f | gexp
|
|
|
|
|
(default #f))
|
|
|
|
|
(options log-rotation-options ;list of strings
|
2022-07-31 17:35:27 -04:00
|
|
|
|
(default %default-log-rotation-options)))
|
|
|
|
|
|
|
|
|
|
(define %default-log-rotation-options
|
|
|
|
|
;; Default log rotation options: append ".gz" to file names.
|
|
|
|
|
'("storefile @FILENAME.@COMP_EXT"
|
|
|
|
|
"notifempty"))
|
2017-06-08 14:12:38 -04:00
|
|
|
|
|
2016-09-07 19:20:43 -04:00
|
|
|
|
(define %rotated-files
|
2016-10-03 08:39:25 -04:00
|
|
|
|
;; Syslog files subject to rotation.
|
2018-03-22 06:18:26 -04:00
|
|
|
|
'("/var/log/messages" "/var/log/secure" "/var/log/debug"
|
2021-03-29 11:48:52 -04:00
|
|
|
|
"/var/log/maillog" "/var/log/mcron.log"))
|
2016-09-07 19:20:43 -04:00
|
|
|
|
|
|
|
|
|
(define %default-rotations
|
2017-06-08 14:12:38 -04:00
|
|
|
|
(list (log-rotation ;syslog files
|
|
|
|
|
(files %rotated-files)
|
|
|
|
|
|
2022-07-31 12:32:13 -04:00
|
|
|
|
(frequency 'weekly)
|
2022-07-31 17:35:27 -04:00
|
|
|
|
(options `(;; These files are worth keeping for a few weeks.
|
2022-07-31 12:32:13 -04:00
|
|
|
|
"rotate 16"
|
|
|
|
|
;; Run post-rotate once per rotation
|
2020-04-29 03:34:01 -04:00
|
|
|
|
"sharedscripts"
|
2022-07-31 17:35:27 -04:00
|
|
|
|
|
|
|
|
|
,@%default-log-rotation-options))
|
2017-06-08 14:12:38 -04:00
|
|
|
|
;; Restart syslogd after rotation.
|
|
|
|
|
(post-rotate #~(let ((pid (call-with-input-file "/var/run/syslog.pid"
|
|
|
|
|
read)))
|
|
|
|
|
(kill pid SIGHUP))))
|
|
|
|
|
(log-rotation
|
2022-04-08 18:30:40 -04:00
|
|
|
|
(files '("/var/log/guix-daemon.log"))
|
2022-07-31 17:35:27 -04:00
|
|
|
|
(options `("rotate 4" ;don't keep too many of them
|
|
|
|
|
,@%default-log-rotation-options)))))
|
2017-06-08 14:12:38 -04:00
|
|
|
|
|
|
|
|
|
(define (log-rotation->config rotation)
|
|
|
|
|
"Return a string-valued gexp representing the rottlog configuration snippet
|
|
|
|
|
for ROTATION."
|
|
|
|
|
(define post-rotate
|
|
|
|
|
(let ((post (log-rotation-post-rotate rotation)))
|
|
|
|
|
(and post
|
|
|
|
|
(program-file "rottlog-post-rotate.scm" post))))
|
|
|
|
|
|
|
|
|
|
#~(let ((post #$post-rotate))
|
|
|
|
|
(string-append (string-join '#$(log-rotation-files rotation) ",")
|
|
|
|
|
" {"
|
|
|
|
|
#$(string-join (log-rotation-options rotation)
|
|
|
|
|
"\n " 'prefix)
|
|
|
|
|
(if post
|
|
|
|
|
(string-append "\n postrotate\n " post
|
|
|
|
|
"\n endscript\n")
|
|
|
|
|
"")
|
|
|
|
|
"\n}\n")))
|
|
|
|
|
|
|
|
|
|
(define (log-rotations->/etc-entries rotations)
|
|
|
|
|
"Return the list of /etc entries for ROTATIONS, a list of <log-rotation>."
|
|
|
|
|
(define (frequency-file frequency rotations)
|
|
|
|
|
(computed-file (string-append "rottlog." (symbol->string frequency))
|
|
|
|
|
#~(call-with-output-file #$output
|
|
|
|
|
(lambda (port)
|
|
|
|
|
(for-each (lambda (str)
|
|
|
|
|
(display str port))
|
|
|
|
|
(list #$@(map log-rotation->config
|
|
|
|
|
rotations)))))))
|
|
|
|
|
|
|
|
|
|
(let* ((frequencies (delete-duplicates
|
|
|
|
|
(map log-rotation-frequency rotations)))
|
|
|
|
|
(table (fold (lambda (rotation table)
|
|
|
|
|
(vhash-consq (log-rotation-frequency rotation)
|
|
|
|
|
rotation table))
|
|
|
|
|
vlist-null
|
|
|
|
|
rotations)))
|
|
|
|
|
(map (lambda (frequency)
|
|
|
|
|
`(,(symbol->string frequency)
|
|
|
|
|
,(frequency-file frequency
|
|
|
|
|
(vhash-foldq* cons '() frequency table))))
|
|
|
|
|
frequencies)))
|
2016-09-07 19:20:43 -04:00
|
|
|
|
|
|
|
|
|
(define (default-jobs rottlog)
|
|
|
|
|
(list #~(job '(next-hour '(0)) ;midnight
|
2018-10-03 16:44:11 -04:00
|
|
|
|
#$(file-append rottlog "/sbin/rottlog"))
|
2016-09-07 19:20:43 -04:00
|
|
|
|
#~(job '(next-hour '(12)) ;noon
|
2018-10-03 16:44:11 -04:00
|
|
|
|
#$(file-append rottlog "/sbin/rottlog"))))
|
2016-09-07 19:20:43 -04:00
|
|
|
|
|
|
|
|
|
(define-record-type* <rottlog-configuration>
|
|
|
|
|
rottlog-configuration make-rottlog-configuration
|
|
|
|
|
rottlog-configuration?
|
2023-10-18 10:53:44 -04:00
|
|
|
|
(rottlog rottlog-configuration-rottlog ;file-like
|
2016-09-07 19:20:43 -04:00
|
|
|
|
(default rottlog))
|
2023-10-18 10:53:44 -04:00
|
|
|
|
(rc-file rottlog-configuration-rc-file ;file-like
|
2016-09-07 19:20:43 -04:00
|
|
|
|
(default (file-append rottlog "/etc/rc")))
|
2023-10-18 10:53:44 -04:00
|
|
|
|
(rotations rottlog-configuration-rotations ;list of <log-rotation>
|
2016-09-07 19:20:43 -04:00
|
|
|
|
(default %default-rotations))
|
2023-10-18 10:53:44 -04:00
|
|
|
|
(jobs rottlog-configuration-jobs ;list of <mcron-job>
|
2016-09-07 19:20:43 -04:00
|
|
|
|
(default #f)))
|
|
|
|
|
|
|
|
|
|
(define (rottlog-etc config)
|
2017-06-08 14:12:38 -04:00
|
|
|
|
`(("rottlog"
|
|
|
|
|
,(file-union "rottlog"
|
2023-10-18 10:53:44 -04:00
|
|
|
|
(cons `("rc" ,(rottlog-configuration-rc-file config))
|
2017-06-08 14:12:38 -04:00
|
|
|
|
(log-rotations->/etc-entries
|
2023-10-18 10:53:44 -04:00
|
|
|
|
(rottlog-configuration-rotations config)))))))
|
2016-09-07 19:20:43 -04:00
|
|
|
|
|
|
|
|
|
(define (rottlog-jobs-or-default config)
|
2023-10-18 10:53:44 -04:00
|
|
|
|
(or (rottlog-configuration-jobs config)
|
|
|
|
|
(default-jobs (rottlog-configuration-rottlog config))))
|
2016-09-07 19:20:43 -04:00
|
|
|
|
|
|
|
|
|
(define rottlog-service-type
|
|
|
|
|
(service-type
|
|
|
|
|
(name 'rottlog)
|
2017-11-05 09:29:52 -05:00
|
|
|
|
(description
|
|
|
|
|
"Periodically rotate log files using GNU@tie{}Rottlog and GNU@tie{}mcron.
|
|
|
|
|
Old log files are removed or compressed according to the configuration.")
|
2016-09-07 19:20:43 -04:00
|
|
|
|
(extensions (list (service-extension etc-service-type rottlog-etc)
|
|
|
|
|
(service-extension mcron-service-type
|
2016-10-03 08:48:01 -04:00
|
|
|
|
rottlog-jobs-or-default)
|
|
|
|
|
|
|
|
|
|
;; Add Rottlog to the global profile so users can access
|
|
|
|
|
;; the documentation.
|
|
|
|
|
(service-extension profile-service-type
|
2023-10-18 10:53:44 -04:00
|
|
|
|
(compose list rottlog-configuration-rottlog))))
|
2017-06-08 14:23:08 -04:00
|
|
|
|
(compose concatenate)
|
|
|
|
|
(extend (lambda (config rotations)
|
|
|
|
|
(rottlog-configuration
|
|
|
|
|
(inherit config)
|
2023-10-18 10:53:44 -04:00
|
|
|
|
(rotations (append (rottlog-configuration-rotations config)
|
2017-06-08 14:23:08 -04:00
|
|
|
|
rotations)))))
|
2017-04-15 18:06:43 -04:00
|
|
|
|
(default-value (rottlog-configuration))))
|
2016-09-07 19:20:43 -04:00
|
|
|
|
|
2022-03-31 17:14:39 -04:00
|
|
|
|
|
|
|
|
|
;;;
|
|
|
|
|
;;; Build log removal.
|
|
|
|
|
;;;
|
|
|
|
|
|
|
|
|
|
(define-record-type* <log-cleanup-configuration>
|
|
|
|
|
log-cleanup-configuration make-log-cleanup-configuration
|
|
|
|
|
log-cleanup-configuration?
|
|
|
|
|
(directory log-cleanup-configuration-directory) ;string
|
|
|
|
|
(expiry log-cleanup-configuration-expiry ;integer (seconds)
|
|
|
|
|
(default (* 6 30 24 3600)))
|
|
|
|
|
(schedule log-cleanup-configuration-schedule ;string or gexp
|
|
|
|
|
(default "30 12 01,08,15,22 * *")))
|
|
|
|
|
|
|
|
|
|
(define (log-cleanup-program directory expiry)
|
|
|
|
|
(program-file "delete-old-logs"
|
|
|
|
|
(with-imported-modules '((guix build utils))
|
|
|
|
|
#~(begin
|
|
|
|
|
(use-modules (guix build utils))
|
|
|
|
|
|
|
|
|
|
(let* ((now (car (gettimeofday)))
|
|
|
|
|
(logs (find-files #$directory
|
|
|
|
|
(lambda (file stat)
|
|
|
|
|
(> (- now (stat:mtime stat))
|
|
|
|
|
#$expiry)))))
|
|
|
|
|
(format #t "deleting ~a log files from '~a'...~%"
|
|
|
|
|
(length logs) #$directory)
|
|
|
|
|
(for-each delete-file logs))))))
|
|
|
|
|
|
|
|
|
|
(define (log-cleanup-mcron-jobs configuration)
|
|
|
|
|
(match-record configuration <log-cleanup-configuration>
|
|
|
|
|
(directory expiry schedule)
|
|
|
|
|
(list #~(job #$schedule
|
|
|
|
|
#$(log-cleanup-program directory expiry)))))
|
|
|
|
|
|
|
|
|
|
(define log-cleanup-service-type
|
|
|
|
|
(service-type
|
|
|
|
|
(name 'log-cleanup)
|
|
|
|
|
(extensions
|
|
|
|
|
(list (service-extension mcron-service-type
|
|
|
|
|
log-cleanup-mcron-jobs)))
|
|
|
|
|
(description
|
|
|
|
|
"Periodically delete old log files.")))
|
|
|
|
|
|
2023-07-05 04:19:15 -04:00
|
|
|
|
|
|
|
|
|
;;;
|
|
|
|
|
;;; File databases.
|
|
|
|
|
;;;
|
|
|
|
|
|
|
|
|
|
(define %default-file-database-update-schedule
|
|
|
|
|
;; Default mcron schedule for the periodic 'updatedb' job: once every
|
|
|
|
|
;; Sunday.
|
|
|
|
|
"10 23 * * 0")
|
|
|
|
|
|
|
|
|
|
(define %default-file-database-excluded-directories
|
2023-08-22 05:00:25 -04:00
|
|
|
|
;; Regexps of directories excluded from the 'locate' database.
|
2023-07-05 04:19:15 -04:00
|
|
|
|
(list (%store-prefix)
|
|
|
|
|
"/tmp" "/var/tmp" "/var/cache" ".*/\\.cache"
|
|
|
|
|
"/run/udev"))
|
|
|
|
|
|
|
|
|
|
(define (string-or-gexp? obj)
|
|
|
|
|
(or (string? obj) (gexp? obj)))
|
|
|
|
|
|
|
|
|
|
(define string-list?
|
|
|
|
|
(match-lambda
|
|
|
|
|
(((? string?) ...) #t)
|
|
|
|
|
(_ #f)))
|
|
|
|
|
|
|
|
|
|
(define-configuration/no-serialization file-database-configuration
|
|
|
|
|
(package
|
|
|
|
|
(file-like (let-system (system target)
|
|
|
|
|
;; Unless we're cross-compiling, avoid pulling a second copy
|
|
|
|
|
;; of findutils.
|
|
|
|
|
(if target
|
|
|
|
|
findutils
|
|
|
|
|
(canonical-package findutils))))
|
|
|
|
|
"The GNU@tie{}Findutils package from which the @command{updatedb} command
|
|
|
|
|
is taken.")
|
|
|
|
|
(schedule
|
|
|
|
|
(string-or-gexp %default-file-database-update-schedule)
|
|
|
|
|
"String or G-exp denoting an mcron schedule for the periodic
|
|
|
|
|
@command{updatedb} job (@pxref{Guile Syntax,,, mcron, GNU@tie{}mcron}).")
|
|
|
|
|
(excluded-directories
|
|
|
|
|
(string-list %default-file-database-excluded-directories)
|
2023-08-22 05:00:25 -04:00
|
|
|
|
"List of regular expressions of directories to ignore when building the
|
|
|
|
|
file database. By default, this includes @file{/tmp} and @file{/gnu/store};
|
|
|
|
|
the latter should instead be indexed by @command{guix locate} (@pxref{Invoking
|
|
|
|
|
guix locate}). This list is passed to the @option{--prunepaths} option of
|
2023-07-05 04:19:15 -04:00
|
|
|
|
@command{updatedb} (@pxref{Invoking updatedb,,, find, GNU@tie{}Findutils})."))
|
|
|
|
|
|
|
|
|
|
(define (file-database-mcron-jobs configuration)
|
|
|
|
|
(match-record configuration <file-database-configuration>
|
|
|
|
|
(package schedule excluded-directories)
|
|
|
|
|
(let ((updatedb (program-file
|
|
|
|
|
"updatedb"
|
2023-08-22 04:20:11 -04:00
|
|
|
|
#~(begin
|
|
|
|
|
;; 'updatedb' is a shell script that expects various
|
|
|
|
|
;; commands in $PATH.
|
|
|
|
|
(setenv "PATH"
|
|
|
|
|
(string-append #$package "/bin:"
|
|
|
|
|
#$(canonical-package coreutils)
|
|
|
|
|
"/bin:"
|
|
|
|
|
#$(canonical-package sed)
|
|
|
|
|
"/bin"))
|
|
|
|
|
(execl #$(file-append package "/bin/updatedb")
|
|
|
|
|
"updatedb"
|
|
|
|
|
#$(string-append "--prunepaths="
|
|
|
|
|
(string-join
|
|
|
|
|
excluded-directories)))))))
|
2023-07-05 04:19:15 -04:00
|
|
|
|
(list #~(job #$schedule #$updatedb)))))
|
|
|
|
|
|
|
|
|
|
(define file-database-service-type
|
|
|
|
|
(service-type
|
|
|
|
|
(name 'file-database)
|
|
|
|
|
(extensions (list (service-extension mcron-service-type
|
|
|
|
|
file-database-mcron-jobs)))
|
|
|
|
|
(description
|
|
|
|
|
"Periodically update the file database used by the @command{locate} command,
|
|
|
|
|
which lets you search for files by name. The database is created by running
|
|
|
|
|
the @command{updatedb} command.")
|
|
|
|
|
(default-value (file-database-configuration))))
|
|
|
|
|
|
2023-07-05 05:49:34 -04:00
|
|
|
|
(define %default-package-database-update-schedule
|
|
|
|
|
;; Default mcron schedule for the periodic 'guix locate --update' job: once
|
|
|
|
|
;; every Monday.
|
|
|
|
|
"10 23 * * 1")
|
|
|
|
|
|
|
|
|
|
(define-configuration/no-serialization package-database-configuration
|
|
|
|
|
(package (file-like guix)
|
|
|
|
|
"The Guix package to use.")
|
|
|
|
|
(schedule (string-or-gexp
|
|
|
|
|
%default-package-database-update-schedule)
|
|
|
|
|
"String or G-exp denoting an mcron schedule for the periodic
|
|
|
|
|
@command{guix locate --update} job (@pxref{Guile Syntax,,, mcron,
|
|
|
|
|
GNU@tie{}mcron}).")
|
|
|
|
|
(method (symbol 'store)
|
|
|
|
|
"Indexing method for @command{guix locate}. The default value,
|
|
|
|
|
@code{'store}, yields a more complete database but is relatively expensive in
|
|
|
|
|
terms of CPU and input/output.")
|
|
|
|
|
(channels (gexp #~%default-channels)
|
|
|
|
|
"G-exp denoting the channels to use when updating the database
|
|
|
|
|
(@pxref{Channels})."))
|
|
|
|
|
|
|
|
|
|
(define (package-database-mcron-jobs configuration)
|
|
|
|
|
(match-record configuration <package-database-configuration>
|
|
|
|
|
(package schedule method channels)
|
|
|
|
|
(let ((channels (scheme-file "channels.scm" channels)))
|
|
|
|
|
(list #~(job #$schedule
|
|
|
|
|
;; XXX: The whole thing's running as "root" just because it
|
|
|
|
|
;; needs write access to /var/cache/guix/locate.
|
|
|
|
|
(string-append #$(file-append package "/bin/guix")
|
|
|
|
|
" time-machine -C " #$channels
|
|
|
|
|
" -- locate --update --method="
|
|
|
|
|
#$(symbol->string method)))))))
|
|
|
|
|
|
|
|
|
|
(define package-database-service-type
|
|
|
|
|
(service-type
|
|
|
|
|
(name 'package-database)
|
|
|
|
|
(extensions (list (service-extension mcron-service-type
|
|
|
|
|
package-database-mcron-jobs)))
|
|
|
|
|
(description
|
|
|
|
|
"Periodically update the package database used by the @code{guix locate} command,
|
|
|
|
|
which lets you search for packages that provide a given file.")
|
|
|
|
|
(default-value (package-database-configuration))))
|
|
|
|
|
|
2020-07-22 14:21:21 -04:00
|
|
|
|
|
|
|
|
|
;;;
|
|
|
|
|
;;; Unattended upgrade.
|
|
|
|
|
;;;
|
|
|
|
|
|
|
|
|
|
(define-record-type* <unattended-upgrade-configuration>
|
|
|
|
|
unattended-upgrade-configuration make-unattended-upgrade-configuration
|
|
|
|
|
unattended-upgrade-configuration?
|
2020-08-24 08:52:39 -04:00
|
|
|
|
(operating-system-file unattended-upgrade-operating-system-file
|
|
|
|
|
(default "/run/current-system/configuration.scm"))
|
2023-01-02 12:05:24 -05:00
|
|
|
|
(operating-system-expression unattended-upgrade-operating-system-expression
|
|
|
|
|
(default #f))
|
2020-07-22 14:21:21 -04:00
|
|
|
|
(schedule unattended-upgrade-configuration-schedule
|
|
|
|
|
(default "30 01 * * 0"))
|
|
|
|
|
(channels unattended-upgrade-configuration-channels
|
|
|
|
|
(default #~%default-channels))
|
|
|
|
|
(services-to-restart unattended-upgrade-configuration-services-to-restart
|
|
|
|
|
(default '(mcron)))
|
|
|
|
|
(system-expiration unattended-upgrade-system-expiration
|
|
|
|
|
(default (* 3 30 24 3600)))
|
|
|
|
|
(maximum-duration unattended-upgrade-maximum-duration
|
|
|
|
|
(default 3600))
|
|
|
|
|
(log-file unattended-upgrade-configuration-log-file
|
|
|
|
|
(default %unattended-upgrade-log-file)))
|
|
|
|
|
|
|
|
|
|
(define %unattended-upgrade-log-file
|
|
|
|
|
"/var/log/unattended-upgrade.log")
|
|
|
|
|
|
|
|
|
|
(define (unattended-upgrade-mcron-jobs config)
|
|
|
|
|
(define channels
|
|
|
|
|
(scheme-file "channels.scm"
|
|
|
|
|
(unattended-upgrade-configuration-channels config)))
|
|
|
|
|
|
|
|
|
|
(define log
|
|
|
|
|
(unattended-upgrade-configuration-log-file config))
|
|
|
|
|
|
|
|
|
|
(define services
|
|
|
|
|
(unattended-upgrade-configuration-services-to-restart config))
|
|
|
|
|
|
|
|
|
|
(define expiration
|
|
|
|
|
(unattended-upgrade-system-expiration config))
|
|
|
|
|
|
2020-08-24 08:52:39 -04:00
|
|
|
|
(define config-file
|
|
|
|
|
(unattended-upgrade-operating-system-file config))
|
|
|
|
|
|
2023-01-02 12:05:24 -05:00
|
|
|
|
(define expression
|
|
|
|
|
(unattended-upgrade-operating-system-expression config))
|
|
|
|
|
|
|
|
|
|
(define arguments
|
|
|
|
|
(if expression
|
|
|
|
|
#~(list "-e" (object->string '#$expression))
|
|
|
|
|
#~(list #$config-file)))
|
|
|
|
|
|
2020-07-22 14:21:21 -04:00
|
|
|
|
(define code
|
|
|
|
|
(with-imported-modules (source-module-closure '((guix build utils)
|
|
|
|
|
(gnu services herd)))
|
|
|
|
|
#~(begin
|
|
|
|
|
(use-modules (guix build utils)
|
|
|
|
|
(gnu services herd)
|
|
|
|
|
(srfi srfi-19)
|
|
|
|
|
(srfi srfi-34))
|
|
|
|
|
|
|
|
|
|
(define log
|
|
|
|
|
(open-file #$log "a0"))
|
|
|
|
|
|
|
|
|
|
(define (timestamp)
|
|
|
|
|
(date->string (time-utc->date (current-time time-utc))
|
|
|
|
|
"[~4]"))
|
|
|
|
|
|
|
|
|
|
(define (alarm-handler . _)
|
|
|
|
|
(format #t "~a time is up, aborting upgrade~%"
|
|
|
|
|
(timestamp))
|
|
|
|
|
(exit 1))
|
|
|
|
|
|
|
|
|
|
;; 'guix time-machine' needs X.509 certificates to authenticate the
|
|
|
|
|
;; Git host.
|
|
|
|
|
(setenv "SSL_CERT_DIR"
|
|
|
|
|
#$(file-append nss-certs "/etc/ssl/certs"))
|
|
|
|
|
|
|
|
|
|
;; Make sure the upgrade doesn't take too long.
|
|
|
|
|
(sigaction SIGALRM alarm-handler)
|
|
|
|
|
(alarm #$(unattended-upgrade-maximum-duration config))
|
|
|
|
|
|
2020-08-24 16:59:43 -04:00
|
|
|
|
;; Redirect stdout/stderr to LOG to save the output of 'guix' below.
|
|
|
|
|
(redirect-port log (current-output-port))
|
|
|
|
|
(redirect-port log (current-error-port))
|
|
|
|
|
|
|
|
|
|
(format #t "~a starting upgrade...~%" (timestamp))
|
|
|
|
|
(guard (c ((invoke-error? c)
|
|
|
|
|
(report-invoke-error c)))
|
2023-01-02 12:05:24 -05:00
|
|
|
|
(apply invoke #$(file-append guix "/bin/guix")
|
|
|
|
|
"time-machine" "-C" #$channels
|
|
|
|
|
"--" "system" "reconfigure" #$arguments)
|
2020-08-24 16:59:43 -04:00
|
|
|
|
|
|
|
|
|
;; 'guix system delete-generations' fails when there's no
|
|
|
|
|
;; matching generation. Thus, catch 'invoke-error?'.
|
|
|
|
|
(guard (c ((invoke-error? c)
|
|
|
|
|
(report-invoke-error c)))
|
|
|
|
|
(invoke #$(file-append guix "/bin/guix")
|
|
|
|
|
"system" "delete-generations"
|
|
|
|
|
#$(string-append (number->string expiration)
|
|
|
|
|
"s")))
|
|
|
|
|
|
|
|
|
|
(format #t "~a restarting services...~%" (timestamp))
|
|
|
|
|
(for-each restart-service '#$services)
|
|
|
|
|
|
|
|
|
|
;; XXX: If 'mcron' has been restarted, perhaps this isn't
|
|
|
|
|
;; reached.
|
|
|
|
|
(format #t "~a upgrade complete~%" (timestamp))))))
|
2020-07-22 14:21:21 -04:00
|
|
|
|
|
|
|
|
|
(define upgrade
|
|
|
|
|
(program-file "unattended-upgrade" code))
|
|
|
|
|
|
|
|
|
|
(list #~(job #$(unattended-upgrade-configuration-schedule config)
|
|
|
|
|
#$upgrade)))
|
|
|
|
|
|
|
|
|
|
(define (unattended-upgrade-log-rotations config)
|
|
|
|
|
(list (log-rotation
|
|
|
|
|
(files
|
|
|
|
|
(list (unattended-upgrade-configuration-log-file config))))))
|
|
|
|
|
|
|
|
|
|
(define unattended-upgrade-service-type
|
|
|
|
|
(service-type
|
|
|
|
|
(name 'unattended-upgrade)
|
|
|
|
|
(extensions
|
|
|
|
|
(list (service-extension mcron-service-type
|
|
|
|
|
unattended-upgrade-mcron-jobs)
|
|
|
|
|
(service-extension rottlog-service-type
|
|
|
|
|
unattended-upgrade-log-rotations)))
|
|
|
|
|
(description
|
|
|
|
|
"Periodically upgrade the system from the current configuration.")
|
|
|
|
|
(default-value (unattended-upgrade-configuration))))
|
|
|
|
|
|
2016-09-07 19:20:43 -04:00
|
|
|
|
;;; admin.scm ends here
|