* gnu/services/pam-mount.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (PAM Mount Service): New subsection.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/sysctl.scm (sysctl-shepherd-service): Adjust shepherd
service to use the 'one-shot?' keyword. Remove 'stop' command. Remove
'respawn' option.
* gnu/services/networking.scm (pagekite-service-type): New service type.
(<pagekite-configuration>): New record type.
(pagekite-shepherd-service): New procedure.
* doc/guix.texi (Networking Services): Document it.
* gnu/services/dns.scm (<knot-resolver-configuration>): New record type.
(knot-resolver-activation, knot-resolver-shpherd-services): New procedures.
(%knot-resolver-accounts, %kresd.conf, knot-resolver-service-type): New
variables.
* doc/guix.texi (DNS Services): Document it.
* gnu/services/web.scm (<nginx-configuration>): Add modules field.
(nginx-configuration-modules): New field accessor.
(emit-load-module): New procedure.
(default-nginx-config): Add support for the modules field.
* doc/guix.texi (NGINX): Document it.
* gnu/services/virtualization.scm (libvirt-shepherd-service): Add sbin to
the PATH variable, as ip binary is installed there.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This typically halves the number of entries in
/etc/dbus-1/system-local.conf.
* gnu/services/dbus.scm (dbus-configuration-directory)[build](directives):
New macro.
(services->sxml): Use it.
Fixes <https://bugs.gnu.org/37911>.
Reported by Jack Hill <jackhill@jackhill.us>.
Sometime between 1.1.8 and 1.4.3, 'colord' moved had its
'org.freedesktop.ColorManager.conf' file moved from
"etc/dbus-1/system.d" to "share/dbus-1/system.d". Adjust to this
change.
* gnu/services/dbus.scm (dbus-configuration-directory): Add an
'includedir' directive for DIR/share/dbus-1/system.d.
Fixes issue #37504 (see: https://bugs.gnu.org/37504).
The bug was caused by the fact that destructuring an <ntp-configuration>
record using match would bind the 'servers' field without using the
compatibility accessor.
* gnu/services/networking.scm (ntp-shepherd-service): Replace `match-lambda'
by distinct `lambda' and `match' calls, so that the 'servers' field can be
generated by applying the `ntp-configuration-servers' procedure to the
configuration object.
* gnu/services/networking.scm (ntp-server->string): Use the textual
representation of the values as printed by 'display' rather than 'write', to
avoid inserting double quotes in the generated config.
* tests/networking.scm (%ntp-server-sample): Add a comment and make one of the
options a string, to exercise the fix.
("ntp-server->string"): Move the expected value to the first argument.
("ntp configuration servers deprecated form"): Likewise.
("openntpd generated config string ends with a newline"): Likewise.
* gnu/services/audio.scm (<mpd-output>): New record type.
(<mpd-configuration>)[outputs]: New field.
(mpd-output, mpd-output?, mpd-output->string): New procedures.
(mpd-config->file): Use mpd-output->string.
* doc/guix.texi (Audio Services): Document mpd-output fields.
This is a followup to commit 62c2217570.
* gnu/services/base.scm (agetty-shepherd-service)[start]: Wrap un
'with-imported-modules'. This fixes a build error when TTY is true
("no code for module (gnu build linux-boot)").
Unlike gdm-service-type, sddm-service-type cannot be configured in an
operating-system configuration by simply adding (service
sddm-service-type). This adds the default SDDM configuration just like
GDM does..
* gnu/services/sddm.scm (sddm-service-type)[default-value]: New field.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/desktop.scm (xfce-desktop-service-type): Add
xfce4-power-manager to polkit-service-type service extension via
new procedure 'xfce-polkit-settings'.
Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
Previously, on startup, we'd see:
dbus: Unknown username nm-openconnect in message bus configuration file
This fixes it.
* gnu/services/networking.scm (network-manager-accounts): New procedure.
(network-manager-service-type): Extend 'account-service-type'.
* gnu/packages/gnome.scm (network-manager-openconnect)[properties]: Add
'user-accounts'.
This reduces resident memory for PID 1 from 29.8MiB to 28.7MiB right
after boot on a bare-bones system (x86_64-linux).
* gnu/services/shepherd.scm (scm->go): New procedure.
(shepherd-configuration-file)[config]: Call it and use 'load-compiled'
instead of 'primitive-load'.
Partly fixes <https://bugs.gnu.org/37501>.
Reported by Marius Bakke <mbakke@fastmail.com>.
* gnu/services/base.scm (urandom-seed-shepherd-service): In 'start'
method, add calls to 'add-to-entropy-count'.
* gnu/services/base.scm (pam-limits-service-type): For "gdm-password" pam
service, include "limits.conf".
Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
* gnu/services/guix.scm: New file.
* gnu/tests/guix.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add both new files.
* doc/guix.texi (Guix Services): New section documenting the Guix Data
Service.
As defaulting by stderr, along with the shepherd service not directing the
output to a log file makes seeing the output difficult, compared to logging to
syslog.
* gnu/services/virtualization.scm (libvirt-configuration)[log-outputs]: Change
default from "3:stderr" to "3:syslog:libvirtd".
Fixes <https://bugs.gnu.org/37423>.
Reported by Jan <tona_kosmicznego_smiecia@interia.pl>.
* gnu/services/xorg.scm (%gdm-activation): New variable.
(gdm-service-type)[extensions]: Add 'activation-service-type'.
* gnu/services/networking.scm (%default-nftables-ruleset): New variable.
(<nftables-configuration>): New record type.
(nftables-shepherd-service): New procedure.
(nftables-service-type): New service type.
* doc/guix.texi (Networking Services): Document it.
* gnu/services/certbot.scm (certbot-command): Add
--manual-public-ip-logging-ok flag to the certbot command when doing a
manual challenge.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This is a followup to ef640db2f5.
* gnu/services/virtualization.scm (libvirt-shepherd-service): Set
'#:environment-variables' for 'make-forkexec-constructor'.
This reverts commit 903e051a71 to fix
<https://bugs.gnu.org/31365>. The full path of the 'ip' command is already
embedded, and we want to search 'qemu' in PATH.
* gnu/packages/virtualization.scm (libvirt): Remove 'wrap-libvirtd phase. Add
configure flags to run qemu as 'nobody:kvm'.
* gnu/services/virtualization.scm (libvirt-service-type): Add 'qemu' to the
system profile.
This fixes issue #37318 (see: http://bugs.gnu.org/37318).
* gnu/services/networking.scm (openntpd-configuration->string): Rewrite in
order to make the "openntpd configuration generation sanity check" test pass.
See http://debbugs.gnu.org/cgi/bugreport.cgi?bug=37318.
* gnu/services/networking.scm (openntpd-configuration->string): New procedure,
extracted from top of the `openntpd-shepherd-service' to make it testable.
(openntpd-shepherd-service): Adapt following the move of the code to the above
procedure.
* tests/networking.scm: Add a test for the `openntpd-configuration->string'
procedure.
* gnu/services/networking.scm (ntp-server-types): New enum.
(<ntp-server>): New record type.
(ntp-server->string): New procedure.
(%ntp-servers): Define in terms of <htp-server> records. Use the first
entrypoint server as a pool instead of a list of static servers. This is more
resilient since a new server of the pool can be interrogated on every
request. Add the 'iburst' options.
(ntp-configuration-servers): Define a custom accessor that warns but honors
the now deprecated server format.
(<ntp-configuration>): Use it.
(%openntpd-servers): New variable,
(<openntpd-configuration>): Use it, as a pool ('servers' field) instead of a
regular server.
* tests/networking.scm: New file.
* Makefile.am (SCM_TESTS): Register it.
* doc/guix.texi: Update documentation.
Otherwise the following messages would be printed by ntpd:
Sep 2 05:18:21 localhost ntpd[15849]: restrict default: KOD does nothing without LIMITE.
Sep 2 05:18:21 localhost ntpd[15849]: restrict ::: KOD does nothing without LIMITED.
Debian uses the same set of "restrict" keywords (see:
https://sources.debian.org/src/ntp/1:4.2.8p13+dfsg-2/debian/ntp.conf).
* gnu/services/networking.scm (ntp-shepherd-service): Add the 'limited'
keyword to both the IPv4 and IPv6 'restrict' directives.
This is documented as best practice in `man ntpd', and is required to allow
the date to be set correctly when traveling (without having to manually update
the hardware clock in the BIOS/UEFI).
* gnu/services/networking.scm (<ntp-server>)[allow-large-adjustment?]: Set the
default value to #t.
* doc/guix.texi (Networking Services): Update documentation.
This reverts commit 3b38bf141a.
The Guix project discussed this years ago and decided against including
/usr/bin/env. That decision should not be reversed without a wider
discussion.
* gnu/services/cups.scm (error-policy, cups-configuration): Substitute
RETRY-CURRENT-JOB for the obsolete RETRY-THIS-JOB name of this policy.
* doc/guix.texi (Printing Services): Likewise.
* gnu/services/cups.scm (comma-separated-string-list?)
(serialize-comma-separated-string-list): New variables.
(cups-configuration)[browse-dns-sd-sub-types]: New field.
* doc/guix.texi (Printing Services): Document it.
* gnu/services/cuirass.scm (<cuirass-configuration>): Add web-log-file field.
(cuirass-shepherd-service): Read it and use it.
* doc/guix.texi (Continuous Integration): Document it.
…except for ‘AllowDH’, which makes no sense on GNU TLS systems.
* gnu/services/cups.scm (ssl-options?): Validate ‘DenyCBC’ and
‘DenyTLS1.0’.
* doc/guix.texi (Printing Services): Document them both.
Extends the dbus service when vpn plugins are enabled.
* gnu/services/networking.scm (network-manager-service-type): Load vpn plugins
when extending dbus service.
This changes to 'peer' authentication for local socket connections,
and password-based authentication for local network connections.
* gnu/services/databases.scm (%default-postgres-hba): Change
authentication method.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/networking.scm (%network-manager-activation): Rename to...
(network-manager-activation): ... this and make it a procedure. Make it
create '/var/lib/misc' when using dnsmasq.
(network-manager-service-type): Use it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/networking.scm (usb-modeswitch-service-type): New variable.
(usb-modeswitch-configuration): New variable.
(usb-modeswitch-sh): New procedure.
(usb-modeswitch-configuration->udev-rules): New procedure.
* doc/guix.texi (Networking Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://bugs.gnu.org/36207>.
Reported by Jack Hill <jackhill@jackhill.us>.
* gnu/services/admin.scm: Remove unneeded import of (gnu services
base).
* gnu/services/mcron.scm: Likewise.
This makes it easier to read the output, as it's recorded in a file.
* gnu/services/base.scm (guix-publish-shepherd-service): Add #:log-file to
make-forkexec-constructor.
* gnu/packages/linux.scm (singularity)[source](snippet): Change file
name of setuid helpers in libexec/cli/*.exec.
[arguments]: Remove "--disable-suid".
* gnu/services/docker.scm (%singularity-activation): New variable.
(singularity-setuid-programs): New procedure.
(singularity-service-type): New variable.
* gnu/tests/singularity.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (Miscellaneous Services): Document it.
This is a followup to b8fa86adfc.
* guix/deprecation.scm (warn-about-deprecation): Make public.
* gnu/services/base.scm (<guix-publish-configuration>)[compression]: New
field.
[compression-level]: Default to #f. Add '%' to getter name.
(guix-publish-configuration-compression-level): Define as deprecated.
(default-compression): New procedure.
(guix-publish-shepherd-service)[config->compression-options]: New
procedure.
Use 'match-record' instead of 'match'.
* doc/guix.texi (Base Services): Remove 'compression-level' and document
'compression'.
* gnu/service/web.scm (<patchwork-database-configuration>
<patchwork-settings-module>, <patchwork-configuration>): New record types.
(patchwork-virtualhost): New procedure.
(patchwork-service-type): New variable.
* gnu/tests/web.scm (%test-patchwork): New variable.
* doc/guix.text (Web Services): Document it.
Getmail is a mail retriever written in Python, this commit adds a service-type
to run getmail. I'm looking at this, as it's a convinient way of getting
mailing list messages in to Patchwork.
I initially tried putting this in the (gnu services mail) module, but due to
also trying to use the define-configuration pattern, it conflicted with the
dovecot service.
* gnu/services/getmail.scm: New file.
* gnu/local.mk: Add it.
* gnu/tests/mail.scm (%getmail-os, %test-getmail): New variables.
(run-getmail-test): New procedure.
* gnu/services/sddm.scm (sdm-pam-service): Set uid from CONFIG.
(sdm-autologin-pam-service): Set uid from CONFIG.
(sdm-pam-services): Pass CONFIG to 'sddm-pam-service' and
'sddm-autologin-pam-service'.
* doc/guix.texi (X Window): Adjust 'minimum-uid' documentation.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
This makes it easier to read the output, as it's recorded in a file.
* gnu/services/mcron.scm (mcron-shepherd-services): Add #:log-file to
make-forkexec-constructor.
This partially addresses <https://bugs.gnu.org/35267>.
* gnu/services/xorg.scm (dbus-daemon-wrapper): When available, include
directories from '~/.guix-profile' in the search paths of the D-Bus
daemon.
* gnu/services/mail.scm (dovecot-configuration)[auth-verbose-passwords?]:
Rename to auth-verbose-passwords, and change the type to a string, as this
parameter can take one of three string values.
* doc/guix.texi (Dovecot service): Update the corresponding documentation.
This change makes it possible to add multiple SLiM services to an operating
system configuration by setting the new 'display' and 'vt' fields in their
configurations to different values. Each SLiM service will get its own
authfile, logfile, lockfile, and shepherd service, which will start SLiM on a
different tty.
* gnu/services/xorg.scm: Export slim-configuration-display and
slim-configuration-vt.
(<slim-configuration>)[display, vt]: New fields.
(slim-shepherd-service): Refactor let.
[slim.cfg]: Use new fields for setting display_name, xserver_arguments,
authfile, lockfile, and logfile.
[shepherd-service][provision]: Name the shepherd service according to the
value of 'vt'.
[shepherd-service][start]: Delete the right lockfile.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
The Docker proxy enables inter-container and outside-to-container loopback,
and is required by the Docker registry server.
* gnu/services/docker.scm (docker-configuration)[proxy,
enable-proxy?]: Add fields.
(docker-shepherd-service): Use them.
(serialize-boolean): New function.
Until now 'guix system search bluetooth' would turn up nothing.
* gnu/services/desktop.scm (bluetooth-service-type)
(bluetooth-configuration): Make public.
(bluetooth-service-type)[description]: New field.
Previously setting the slim field in slim-configuration would have no effect.
* gnu/services/xorg.scm (slim-shepherd-service): Remove unused let binding for
slim. Use (slim-configuration-slim config) instead of the default slim.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes a longstanding issue whereby, due to our long fstab that included
pseudo file systems like cgroup mounts, graphical file managers would
display all of these. Initially reported at
<https://lists.gnu.org/archive/html/help-guix/2017-11/msg00084.html>.
* gnu/services/base.scm (file-system-fstab-entries): New procedure.
(file-system-service-type): Use it to extend FSTAB-SERVICE-TYPE.
This hack worked around a defect in the Shepherd 0.5.0 and is no longer
needed.
* gnu/services/shepherd.scm (%containerized-shepherd-service): Remove.
* gnu/system/linux-container.scm (container-essential-services): Don't
use it.
* gnu/services/shepherd.scm (<shepherd-service>)[one-shot?]: New field.
(shepherd-service-file): Pass #:one-shot? to the <service> constructor.
* doc/guix.texi (Shepherd Services): Document it.
* gnu/services/mail.scm (<imap4d-configuration>): New record type.
(imap4d-shepherd-service): New procedure.
(%default-imap4d-config-file, imap4d-service-type): New variables.
* gnu/services/mail.scm (Mail Services): Document it.
* gnu/services/xorg.scm (localed-service-type)[package]: Return the
empty list when the 'keyboard-layout' field is #f.
[compose]: Use 'find' instead of 'first'.
Fixes a bug whereby not extending GDM would lead us to do:
(first '())
in the 'compose' method.
Regression introduced in 305a732a0a.
* gnu/services/xorg.scm (gdm-service-type)[compose]: Handle the case
where EXTENSIONS is empty.
[extend]: Handle the case where XORG-CONFIGURATION is #f.
* gnu/services/xorg.scm (gdm-service-type)[compose, extend]: New fields.
(set-xorg-configuration): New procedure.
* doc/guix.texi (Keyboard Layout): Use it.
(X Window): Document it.
* gnu/system/examples/desktop.tmpl: Add 'keyboard-layout' fields.
This fixes a bug whereby GDM would always switch to US English keyboard
layout regardless to the configured Xorg keyboard layout.
* gnu/services/xorg.scm (<localed-configuration>): New record type.
(localed-dbus-service): New procedure.
(localed-service-type): New variable.
(gdm-service-type): Extend LOCALED-SERVICE-TYPE.
Commit 554b860739 introduces changes to the
slim-configuration record without updating the exported methods.
* gnu/services/xorg.scm: Export slim-configuration-xorg and
slim-configuration-sessreg.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* doc/guix.texi (X Window): Document 'gdm-service-type' and
'gdm-configuration'. Take description of '.desktop' files from the
'slim-service-type' description.
* gnu/services/xorg.scm (gdm-service): Remove outdated comment.
* gnu/services/networking.scm (openvswitch-service-type): Provide
OPENVSWITCH-CONFIGURATION as a default value.
* gnu/tests/networking.scm (%openvswitch-os): Don't configure the service.
* gnu/services/desktop.scm (%desktop-services): Replace
SLIM-SERVICE-TYPE instance with an instance of GDM-SERVICE-TYPE.
* doc/guix.texi (Keyboard Layout): Change example to mention
GDM-SERVICE-TYPE.
(X Window): Mention GDM.
(Desktop Services): Adjust references to SLiM.