mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-12 14:16:55 -05:00
services: prosody: Adapt to Prosody 0.10.0.
* doc/guix.texi (Messaging Services): Add "mam" as a module example. Document 'prosodyctl check'. Replace 'prosodyctl cert request' with 'prosodyctl cert import'. Regenerate it. * gnu/services/messaging.scm (serialize-module-list): Remove "posix" from the default modules list because it is now automatically loaded. (ssl-configuration)[key, certificate]: Remove them because they are now automatically located. Fix their docstrings. (%default-modules-enabled): Add "carbons" and "blocklist". (prosody-configuration)[certificates]: Set default directory from which certificates/keys will be automatically located.
This commit is contained in:
Clément Lassieur
parent
3ba501083d
commit
5cc6dcd734
2 changed files with 33 additions and 14 deletions
|
|
@ -13899,7 +13899,7 @@ record as in this example:
|
||||||
@example
|
@example
|
||||||
(service prosody-service-type
|
(service prosody-service-type
|
||||||
(prosody-configuration
|
(prosody-configuration
|
||||||
(modules-enabled (cons "groups" %default-modules-enabled))
|
(modules-enabled (cons "groups" "mam" %default-modules-enabled))
|
||||||
(int-components
|
(int-components
|
||||||
(list
|
(list
|
||||||
(int-component-configuration
|
(int-component-configuration
|
||||||
|
|
@ -13920,10 +13920,15 @@ By default, Prosody does not need much configuration. Only one
|
||||||
@code{virtualhosts} field is needed: it specifies the domain you wish
|
@code{virtualhosts} field is needed: it specifies the domain you wish
|
||||||
Prosody to serve.
|
Prosody to serve.
|
||||||
|
|
||||||
Prosodyctl will help you generate X.509 certificates and keys:
|
You can perform various sanity checks on the generated configuration
|
||||||
|
with the @code{prosodyctl check} command.
|
||||||
|
|
||||||
|
Prosodyctl will also help you to import certificates from the
|
||||||
|
@code{letsencrypt} directory so that the @code{prosody} user can access
|
||||||
|
them. See @url{https://prosody.im/doc/letsencrypt}.
|
||||||
|
|
||||||
@example
|
@example
|
||||||
prosodyctl cert request example.net
|
prosodyctl --root cert import /etc/letsencrypt/live
|
||||||
@end example
|
@end example
|
||||||
|
|
||||||
The available configuration parameters follow. Each parameter
|
The available configuration parameters follow. Each parameter
|
||||||
|
|
@ -13962,6 +13967,13 @@ paths in order. See @url{http://prosody.im/doc/plugins_directory}.
|
||||||
Defaults to @samp{()}.
|
Defaults to @samp{()}.
|
||||||
@end deftypevr
|
@end deftypevr
|
||||||
|
|
||||||
|
@deftypevr {@code{prosody-configuration} parameter} file-name certificates
|
||||||
|
Every virtual host and component needs a certificate so that clients and
|
||||||
|
servers can securely verify its identity. Prosody will automatically load
|
||||||
|
certificates/keys from the directory specified here.
|
||||||
|
Defaults to @samp{"/etc/prosody/certs"}.
|
||||||
|
@end deftypevr
|
||||||
|
|
||||||
@deftypevr {@code{prosody-configuration} parameter} string-list admins
|
@deftypevr {@code{prosody-configuration} parameter} string-list admins
|
||||||
This is a list of accounts that are admins for the server. Note that you
|
This is a list of accounts that are admins for the server. Note that you
|
||||||
must create the accounts separately. See @url{http://prosody.im/doc/admins} and
|
must create the accounts separately. See @url{http://prosody.im/doc/admins} and
|
||||||
|
|
@ -14014,14 +14026,12 @@ Available @code{ssl-configuration} fields are:
|
||||||
This determines what handshake to use.
|
This determines what handshake to use.
|
||||||
@end deftypevr
|
@end deftypevr
|
||||||
|
|
||||||
@deftypevr {@code{ssl-configuration} parameter} file-name key
|
@deftypevr {@code{ssl-configuration} parameter} maybe-file-name key
|
||||||
Path to your private key file, relative to @code{/etc/prosody}.
|
Path to your private key file.
|
||||||
Defaults to @samp{"/etc/prosody/certs/key.pem"}.
|
|
||||||
@end deftypevr
|
@end deftypevr
|
||||||
|
|
||||||
@deftypevr {@code{ssl-configuration} parameter} file-name certificate
|
@deftypevr {@code{ssl-configuration} parameter} maybe-file-name certificate
|
||||||
Path to your certificate file, relative to @code{/etc/prosody}.
|
Path to your certificate file.
|
||||||
Defaults to @samp{"/etc/prosody/certs/cert.pem"}.
|
|
||||||
@end deftypevr
|
@end deftypevr
|
||||||
|
|
||||||
@deftypevr {@code{ssl-configuration} parameter} file-name capath
|
@deftypevr {@code{ssl-configuration} parameter} file-name capath
|
||||||
|
|
|
||||||
|
|
@ -160,7 +160,7 @@ (define-maybe string-list)
|
||||||
(define (module-list? val)
|
(define (module-list? val)
|
||||||
(string-list? val))
|
(string-list? val))
|
||||||
(define (serialize-module-list field-name val)
|
(define (serialize-module-list field-name val)
|
||||||
(serialize-string-list field-name (cons "posix" val)))
|
(serialize-string-list field-name val))
|
||||||
(define-maybe module-list)
|
(define-maybe module-list)
|
||||||
|
|
||||||
(define (file-name? val)
|
(define (file-name? val)
|
||||||
|
|
@ -203,12 +203,12 @@ (define-configuration ssl-configuration
|
||||||
"This determines what handshake to use.")
|
"This determines what handshake to use.")
|
||||||
|
|
||||||
(key
|
(key
|
||||||
(file-name "/etc/prosody/certs/key.pem")
|
(maybe-file-name 'disabled)
|
||||||
"Path to your private key file, relative to @code{/etc/prosody}.")
|
"Path to your private key file.")
|
||||||
|
|
||||||
(certificate
|
(certificate
|
||||||
(file-name "/etc/prosody/certs/cert.pem")
|
(maybe-file-name 'disabled)
|
||||||
"Path to your certificate file, relative to @code{/etc/prosody}.")
|
"Path to your certificate file.")
|
||||||
|
|
||||||
(capath
|
(capath
|
||||||
(file-name "/etc/ssl/certs")
|
(file-name "/etc/ssl/certs")
|
||||||
|
|
@ -271,7 +271,9 @@ (define %default-modules-enabled
|
||||||
"tls"
|
"tls"
|
||||||
"dialback"
|
"dialback"
|
||||||
"disco"
|
"disco"
|
||||||
|
"carbons"
|
||||||
"private"
|
"private"
|
||||||
|
"blocklist"
|
||||||
"vcard"
|
"vcard"
|
||||||
"version"
|
"version"
|
||||||
"uptime"
|
"uptime"
|
||||||
|
|
@ -321,6 +323,13 @@ (define-all-configurations prosody-configuration
|
||||||
paths in order. See @url{http://prosody.im/doc/plugins_directory}."
|
paths in order. See @url{http://prosody.im/doc/plugins_directory}."
|
||||||
global)
|
global)
|
||||||
|
|
||||||
|
(certificates
|
||||||
|
(file-name "/etc/prosody/certs")
|
||||||
|
"Every virtual host and component needs a certificate so that clients and
|
||||||
|
servers can securely verify its identity. Prosody will automatically load
|
||||||
|
certificates/keys from the directory specified here."
|
||||||
|
global)
|
||||||
|
|
||||||
(admins
|
(admins
|
||||||
(string-list '())
|
(string-list '())
|
||||||
"This is a list of accounts that are admins for the server. Note that you
|
"This is a list of accounts that are admins for the server. Note that you
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue