Commit graph

2065 commits

Author SHA1 Message Date
Ludovic Courtès
ae36d514aa
services: lightdm: Use ‘make-forkexec-constructor’.
* gnu/services/lightdm.scm (lightdm-shepherd-service)[start]: Use
‘make-forkexec-constructor’ directly.

Change-Id: Iaaa8dcde123ea80ce63c09033b681e40ccc589a4
2024-04-28 23:37:24 +02:00
Richard Sent
59bb53823e
services: Add the Guix Home service.
This patch adds a Guix Home service, which allows for configuring/deploying an
operating-system declaration with an associated home-environment.

* gnu/services/guix.scm: Add guix-home-service and guix-home-shepherd-service
* gnu/home/services/shepherd.scm: Don't attempt to launch user shepherd when
the system shepherd runs guix-home-<user>
* doc/guix.texi: Add documentation for guix-home-service
* gnu/tests/guix.scm: Add a test to verify guix-home-service-type is able to
activate a home environment

Change-Id: Ifbcc0878d934aa4abe34bb2123b5081fb432aa8e
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-04-17 12:13:03 +02:00
Ludovic Courtès
91e1a457b5
services: guix: Gracefully handle dangling symlink for ‘machines.scm’.
Previously, if /etc/guix/machines.scm was a dangling symlink, it would
be kept (because ‘file-exists?’ would return #f) and thus the following
‘symlink’ call would throw with EEXIST.

* gnu/services/base.scm (guix-machines-files-installation): Use ‘lstat’
rather than ‘file-exists?’.

Change-Id: I07c7eed842dacabbd19ae2a17ac3e59cf26e46b2
2024-04-06 15:14:58 +02:00
Liliana Marie Prikler
a915a57d91
Merge branch 'gnome-team' 2024-03-30 09:47:43 +01:00
Ludovic Courtès
6b138626e4
services: postgresql: Simplify execution of ‘initdb’.
* gnu/services/databases.scm (postgresql-activation): Replace
‘primitive-exit’ + ‘system*’ with ‘execl’.

Change-Id: I491fd3093f67af59f240438d7d6123e769e4ec1e
2024-03-30 01:01:32 +01:00
Robert Vollmert
ed03a0aa9b
services: postgresql: Don't initdb when directory exists.
* gnu/services/databases.scm (postgresql-activation): Check if
directory exists.

Reviewed-by: Dale Mellor <guix-devel-0brg6b@rdmp.org>
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: Id563a3e8df2cb5b805e64cd8319303c65d308c69
2024-03-30 01:01:32 +01:00
Christopher Baines
b538c1d7b9
services: nar-herder: Add new configuration options.
* gnu/services/guix.scm (nar-herder-configuration-new-ttl,
nar-herder-cached-compression-configuration-unused-removal-duration,
nar-herder-cached-compression-configuration-ttl,
nar-herder-cached-compression-configuration-new-ttl): New procedure.
(nar-herder-shepherd-services): Handle the new options.
* doc/guix.texi (Guix Services): Document the new nar-herder options.

Change-Id: I161e490221a3ce394e32ada685dca27df60638bb
2024-03-25 20:40:22 +00:00
Antero Mejr
883e69cdfd
services: guix: Add ‘channels’ field.
* doc/guix.texi (Base Services): Document
'guix-configuration-channels' field.
(Invoking guix pull): Add cross-reference.
* gnu/services/base.scm (install-channels-file): New procedure.
(guix-configuration): Add channels field.
(guix-activation): Use 'install-channels-file' procedure.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I4d89235bf0bc6dde69984138ccb894b48ace9d76
2024-03-22 11:40:32 +01:00
Ludovic Courtès
a2077e5bee
services: guix-publish: Use ‘make-systemd-constructor’ unconditionally.
The #:lazy-start? parameter was added in the Shepherd 0.10.0, which is
required since commit 477d4f7d24.

* gnu/services/base.scm (guix-publish-shepherd-service): Use
‘make-systemd-constructor’ unconditionally and pass #:lazy-start?.

Change-Id: I95aa079732cd21e32091c7deea2ed2f1bc50f2f2
2024-03-21 17:43:16 +01:00
Ludovic Courtès
6f9d844d2e
services: shepherd: Load each service file in a fresh module.
Fixes <https://issues.guix.gnu.org/67649>.

* gnu/home/services/shepherd.scm (home-shepherd-configuration-file)[config]:
Define ‘make-user-module’.  Call ‘load’ in ‘save-module-excursion’.
* gnu/services/shepherd.scm (shepherd-configuration-file): Likewise.

Reported-by: Attila Lendvai <attila@lendvai.name>
Change-Id: I7df11c81b5bbbf2b24a8daa02502a000e0826fe0
2024-03-21 17:43:15 +01:00
Christopher Baines
8fa0761264
Merge remote-tracking branch 'savannah/master' into gnome-team
Change-Id: Iec8e15b79c6fde516294c2bfcaf8ee3575b1f745
2024-03-20 14:54:26 +00:00
Zheng Junjie
3ea55fada0
services: sddm: Add extension for localed-service-type.
* gnu/services/sddm.scm (sddm-service-type): Add extension for
localed-service-type.
* gnu/services/xorg.scm (xorg-configuration-keyboard-layout): Export it.

Change-Id: I26e6475b733d69f1baf00786e302a3ec6d3c4a74
Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
2024-03-19 18:52:16 +08:00
Carlo Zancanaro
d25620be4c
gnu: services: Add insecure-sasl-mechanisms to prosody configuration.
* gnu/services/messaging.scm (prosody-configuration): Add
insecure-sasl-mechanisms configuration option.
* doc/guix.texi (Messaging Services): Document it.

Change-Id: I8d9e42476ea8ad2f89b143ed4a66b4798e418586
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
2024-03-17 12:53:21 +01:00
Liliana Marie Prikler
2ee5451319
Merge branch 'master' into gnome-team 2024-03-10 00:05:58 +01:00
Ludovic Courtès
9e3061a163
services: virtual-build-machine: Disable substitutes by default.
These are useless when offloading yet were causing problems on systems
where the default substitute servers are unreachable.

* gnu/services/virtualization.scm (%virtual-build-machine-operating-system):
Add ‘use-substitutes?’ field to ‘guix-configuration’.

Change-Id: I7d5e380a6f2e2d537de43fdb3c550958ed4db255
2024-03-06 23:25:51 +01:00
Liliana Marie Prikler
7bf4ce4582
Merge branch 'master' into gnome-team 2024-02-25 10:28:03 +01:00
Vivien Kraus
06d01c610e
services: gdm: Enable wayland by default.
* gnu/services/xorg.scm (<gdm-configuration>): Change the default value for
wayland? from '#f' to '#t'.

Change-Id: Ic966dfc462b1140894aa6c38c23e229d6252d340
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
2024-02-24 06:36:24 +01:00
Liliana Marie Prikler
96634bb878
services: desktop: Remove unused imports.
These imports were needed for a short time to consider two variants of finding
udev/polkit configuration files.  They are no longer needed, since the
respective procedures use all packages now.

* gnu/services/desktop.scm: Strip use of (guix diagnostics) and (srfi srfi-35).
2024-02-23 21:55:44 +01:00
Liliana Marie Prikler
acaa89ae42
services: Extend polkit capabilities of gnome-desktop-service.
As with our udev extension, this makes it so that all inputs are considered
modulo a new ignorelist.

* gnu/services/desktop.scm (gnome-desktop-configuration): Add
polkit-ignorelist.
(gnome-polkit-settings): Adjust accordingly.
2024-02-23 21:55:44 +01:00
Vivien Kraus
07bfe15383
services: Extend udev capabilities of gnome-desktop-service.
Our udev service is capable of handling both rules and hardware databases.
This patch makes it so that gnome can install any such needed rules or
databases, while also allowing users to supply a list of names to ignore
(via regular expressions).

* gnu/services/desktop.scm (gnome-desktop-configuration): Add udev-ignorelist.
(gnome-udev-resources): Rename to…
(gnome-udev-configuration-files): … this.  Account for udev-ignorelist.
(gnome-desktop-service-type): Adjust accordingly.

Change-Id: I6df4b896652581c42a35ea3ba1e4849ad72d12ef
2024-02-23 21:55:44 +01:00
Liliana Marie Prikler
523f3def65
services: Modularise gnome-desktop-configuration.
* gnu/services/gnome.scm (extract-propagated-inputs): New variable.
(gnome-desktop-configuration): Add ‘core-services’, ‘shell’, ‘utilities’,
and ‘extra-packages’.  Deprecate ‘gnome’.
(gnome-desktop-configuration-core-services, gnome-desktop-configuration-shell)
(gnome-desktop-configuration-utilities)
(gnome-desktop-configuration-extra-packages): Export publicly.
(gnome-udev-rules, gnome-polkit-settings): Adjust accordingly.
(gnome-profile): New variable.
(gnome-desktop-service-type): Adjust accordingly.
2024-02-23 21:55:43 +01:00
Miguel Ángel Moreno
0a7bf792c8
services: Add whoogle-service-type.
* gnu/services/web.scm (whoogle-service-type): New variable.
* doc/guix.texi (Web Services): Document it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-02-20 10:57:16 +01:00
Ludovic Courtès
1cff19d8d4
services: virtual-build-machine: Add ‘configuration’ action.
* gnu/services/virtualization.scm (build-vm-shepherd-services): Add
‘configuration’ action.
* doc/guix.texi (Virtualization Services): Document it.

Change-Id: I4734e096d744b3cda0d523692498a73c0029e188
2024-02-18 15:34:43 +01:00
Ludovic Courtès
cd0dc17e43
services: virtual-build-machine: Add periodic GC job.
* gnu/services/virtualization.scm (%virtual-build-machine-operating-system):
Add ‘periodic-gc’ service.

Change-Id: Id5bde1ee3f8e1e549e231375e776d3201ec9e0b5
2024-02-18 15:34:43 +01:00
Ludovic Courtès
492b3a0c31
services: virtual-build-machine: Use a non-volatile root file system.
This is a followup to e0ade40c2b, which
didn’t have the desired effect.

* gnu/services/virtualization.scm (virtual-build-machine-default-image):
Add ‘volatile-root?’ field.

Change-Id: I1a622f22cdd0f8f83860a6eb4a852518db3b46b7
2024-02-18 15:34:43 +01:00
Ludovic Courtès
4aa2dccd4e
services: virtual-build-machine: Do not offload when service is stopped.
* gnu/services/virtualization.scm (check-vm-availability): Check the
value of ‘live-service-running’.

Change-Id: Iba858ea0fa417d9276e026b72b4b78791932482e
2024-02-18 15:34:42 +01:00
Ludovic Courtès
c1d37d0653
services: block-facebook-hosts: Use proper unroutable addresses.
This is safer and more appropriate than redirecting to localhost.

* gnu/services/networking.scm (%unroutable-ipv4, %unroutable-ipv6): New
variables.
(facebook-host-aliases): Use them.

Change-Id: Idd4b1fec903c52d542d177a52fec1814eded4119
2024-02-18 15:34:42 +01:00
Liliana Marie Prikler
622df12ef3
Merge branch 'master' into gnome-team 2024-02-13 16:11:14 +01:00
Ludovic Courtès
e0ade40c2b
services: virtual-build-machine: Use a larger partition by default.
So far the partition had too little free space.

* gnu/services/virtualization.scm (%default-virtual-build-machine-image-size):
New variable.
(virtual-build-machine-default-image): Define ‘partitions’ field.

Change-Id: Iffe0f316eecad8754d29f8c811cdc4836a818a3f
2024-02-12 12:03:52 +01:00
Ludovic Courtès
15fd5d6c3f
services: virtual-build-machine: Add base file systems to default OS.
This provides /dev/pts and other things that are important for
builds (for example, Python 2.x has ‘openpty’ unit tests that can only
succeed when /dev/pts is available.)

* gnu/services/virtualization.scm (%virtual-build-machine-operating-system)
[file-systems]: Add %BASE-FILE-SYSTEMS.

Change-Id: I7d12a4cb491e957bf55e6c5f9dd09c013473ca42
2024-02-12 12:03:52 +01:00
Ludovic Courtès
9edbb2d7a4
services: Add ‘virtual-build-machine’ service.
* gnu/services/virtualization.scm (<virtual-build-machine>): New record type.
(%build-vm-ssh-port, %build-vm-secrets-port, %x86-64-intel-cpu-models):
New variables.
(qemu-cpu-model-for-date, virtual-build-machine-ssh-port)
(virtual-build-machine-secrets-port): New procedures.
(%minimal-vm-syslog-config, %virtual-build-machine-operating-system):
New variables.
(virtual-build-machine-default-image):
(virtual-build-machine-account-name)
(virtual-build-machine-accounts)
(build-vm-shepherd-services)
(initialize-build-vm-substitutes)
(build-vm-activation)
(virtual-build-machine-offloading-ssh-key)
(virtual-build-machine-activation)
(virtual-build-machine-secret-root)
(check-vm-availability)
(build-vm-guix-extension): New procedures.
(initialize-hurd-vm-substitutes): Remove.
(hurd-vm-activation): Rewrite in terms of ‘build-vm-activation’.
* gnu/system/vm.scm (linux-image-startup-command): New procedure.
(operating-system-for-image): Export.
* gnu/tests/virtualization.scm (run-command-over-ssh): New procedure,
extracted from…
(run-childhurd-test): … here.
[test]: Adjust accordingly.
(%build-vm-os): New variable.
(run-build-vm-test): New procedure.
(%test-build-vm): New variable.
* doc/guix.texi (Virtualization Services)[Virtual Build Machines]: New
section.
(Build Environment Setup): Add cross-reference.

Change-Id: I0a47652a583062314020325aedb654f11cb2499c
2024-02-10 23:21:07 +01:00
Ludovic Courtès
f331a667d3
services: secret-service: Make the endpoint configurable.
Until now, the secret service had a hard-coded TCP endpoint on port
1004.  This change lets users specify arbitrary socket addresses.

* gnu/build/secret-service.scm (socket-address->string): New procedure,
taken from Shepherd.
(secret-service-send-secrets): Replace ‘port’ by ‘address’ and adjust
accordingly.
(secret-service-receive-secrets): Likewise.
* gnu/services/virtualization.scm (secret-service-shepherd-services):
Likewise.
(secret-service-operating-system): Add optional ‘address’ parameter and
honor it.  Adjust ‘start’ method accordingly.

Change-Id: I87a9514f1c170dca756ce76083d7182c6ebf6578
2024-02-10 22:59:43 +01:00
Hilton Chain
b896b9102b
services: kernel-module-lodaer: Add udev requirement.
Otherwise, modules will be loaded before udev starts, and load events won't be
handled.

* gnu/services/linux.scm (kernel-module-loader-shepherd-service)[requirement]:
Add 'udev.

Change-Id: Ib65028978f96012604b54b27a56501d4388b0f34
2024-02-05 14:04:15 +08:00
Liliana Marie Prikler
e6c847defb
Merge branch 'master' into gnome-team 2024-02-03 14:39:49 +01:00
Carlo Zancanaro
023c3e0ac4
services: certbot: Add one-shot service to renew certificates.
* gnu/services/certbot.scm (certbot-renewal-one-shot): New procedure.
(certbot-service-type)[extensions]: Add it to shepherd-root extension.
(certbot-command): Make connection errors return a different exit code.
(certbot-activation): Remove message with certificate renewal instructions.

Change-Id: I614ac6214a753dba0396e2385a75926c8355caa1
Signed-off-by: Clément Lassieur <clement@lassieur.org>
2024-01-31 16:54:19 +01:00
Carlo Zancanaro
d4a4b12f0a
services: certbot: Reload nginx in deploy hook.
* gnu/services/certbot.scm (certbot-deploy-hook): Reload nginx.
* doc/guix.texi (Certificate services): Remove deploy-hook from example.

Change-Id: Ibb10481170a6fda7df72492072b939dd6a6ad176
Signed-off-by: Clément Lassieur <clement@lassieur.org>
2024-01-31 16:54:16 +01:00
Carlo Zancanaro
fc0ec9a3cc
services: certbot: Create self-signed certificates before certbot runs.
* gnu/services/certbot.scm (<certificate-configuration>): Add
start-self-signed? field.
(generate-certificate-gexp): New procedure.
(certbot-activation): Generate self-signed certificates when
start-self-signed? is #t.
* doc/guix.texi (Certificate services): Document start-self-signed?.

Change-Id: Icfd85ae0c3e29324acbcde6ba283546cf0e27a1d
Signed-off-by: Clément Lassieur <clement@lassieur.org>
2024-01-31 16:54:12 +01:00
Carlo Zancanaro
a2b1ef903b
services: certbot: Symlink certificates to /etc/certs.
* gnu/services/certbot.scm (certbot-deploy-hook): New procedure.
(certbot-command): Pass new deploy hook to certbot.
* doc/guix.texi: Replace "letsencrypt/live" with "certs" throughout, except in
the certbot deploy-hook description.

Change-Id: I2ba5e4903d1e293e566b732a84b07d5a134b697d
Signed-off-by: Clément Lassieur <clement@lassieur.org>
2024-01-31 16:54:03 +01:00
Attila Lendvai
dde76db33f
services: shepherd: Add respawn-limit and respawn-delay.
* gnu/services/shepherd.scm (<shepherd-service>): Add respawn-limit and
respawn-delay.
(shepherd-service-file): Emit the two values into the shepherd service
constructor form.

Change-Id: I54408e8fb4bcc0956d9610771bf5c566fdc2914c
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2024-01-28 22:50:49 +01:00
Ludovic Courtès
96c2186a08
services: cuirass: Depend on ‘user-processes’.
* gnu/services/cuirass.scm (cuirass-shepherd-service)
(cuirass-remote-worker-shepherd-service): Add ‘user-processes’ to the
‘requirement’ field.

Change-Id: Iba087bfd8aaa9b1ef54bcc77d855adc136e18644
2024-01-24 23:28:38 +01:00
Ludovic Courtès
94abfccde9
services: cuirass: Add ‘configuration’ action.
* gnu/services/cuirass.scm (cuirass-shepherd-service): Add ‘actions’
field to ‘cuirass’ Shepherd service.

Change-Id: I7feaeebcb89fcd9a1fdbc63f0337e0d63b697793
2024-01-24 23:28:37 +01:00
muradm
1bdeec5d66
services: connman: Add 'connman-general-configuration'.
Currently connman has no main.conf as specified in 'man 5 connman.conf' which
would allow setting NetworkInterfaceBalcklist and other useful options.

This patch adds connman-general-configuration, serializes it and
passes to connmad with --config= flag.

All configuration fields are 'maybe-*' deliberately, to not disturb current
users and not require supporting configuration changes for connmand.

* gnu/services/networking.scm (<connman-general-configuration>): New
configuration record to represent main.conf for connmand.
(<connman-configuration>)[general-configuration]: New field.
(connman-shepherd-service): Honor it.
*doc/guix.texi (Networking Services): Add generated configuration.

Change-Id: I5d78f49e8b2d5e0b3cbd7b8b604e8a254b6397e8
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2024-01-22 09:51:32 -05:00
Liliana Marie Prikler
1682264fda
Merge branch 'master' into gnome-team 2024-01-14 17:23:44 +01:00
Christopher Baines
75a63e2a2e
gnu: guix-build-coordinator: Update to 0-94.c4c4f5a.
This also switches to use guile-next, which includes important fixes to
invalid unicode handling with suspendable ports, which is necessary for the
agent.

* gnu/packages/package-management.scm (guix-build-coordinator): Update to
0-94.c4c4f5a.
* gnu/services/guix.scm: Use guile-next for the coordinator service.

Change-Id: I853539a612fd0b41a6c63069c6291b3f42e5cdee
2024-01-12 12:06:56 +00:00
Ludovic Courtès
3eac1c82f7
services: bitlbee: Use ‘make-inetd-constructor’ unconditionally.
This construct was introduced in Shepherd 0.9.0.

* gnu/services/messaging.scm (bitlbee-shepherd-service): Use
‘make-inetd-constructor’ unconditionally.

Change-Id: Id1b79077d60609c7f95439ee0d097dfe6e66dd2e
2024-01-08 23:14:46 +01:00
Ludovic Courtès
477d4f7d24
services: shepherd: Use the 0.10.x GOOPS-less interface.
* gnu/services/shepherd.scm (%default-modules): Remove (oop goops).
(shepherd-service-file): Use (service …) instead of (make <service> …).
Use ‘actions’ instead of ‘make-actions’.
(scm->go): Remove use of (oop goops).
(shepherd-configuration-file): Pass ‘register-services’ a list.
Use ‘start-in-the-background’ unconditionally.

Change-Id: I0ad1ba32e339c56ee31e59f160b53d3581277d97
2024-01-08 23:14:46 +01:00
Ludovic Courtès
6c561e7593
services: openssh: Add dependency on ‘networking’.
* gnu/services/ssh.scm (openssh-shepherd-service): Add ‘networking’ to
‘requirement’.

Change-Id: I14c48fe40cce86810a544de6bb7f925bc360653a
2024-01-08 23:14:45 +01:00
Liliana Marie Prikler
2cbb1a6e1e
Merge branch 'master' into gnome-team 2024-01-07 18:31:32 +01:00
Vivien Kraus
0831c72df6
gnu: dbus-service: only symlink /run/dbus the first time
Due to an error in the nesting of S-Expressions, the re-linking of
/var/run/dbus to /run/dbus would occur even if it was already a
correct symlink.  It should only happen if the symlink is different.

* gnu/services/dbus.scm (dbus-activation): Adjust accordingly.

Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
2024-01-07 17:11:02 +01:00
Feng Shu
65af293c37
services: xorg: ‘dbus-daemon-wrapper’ handles Home profile.
* gnu/services/xorg.scm (dbus-daemon-wrapper): Handle Home profile.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: Ib2f2330b7ea017ddf33d636de71aaa1c316808cb
2024-01-05 17:28:54 +01:00
Ludovic Courtès
d5724111ea
daemon: Change default ‘timeout’ and ‘max-silent-time’ values.
Having a timeout seems generally preferable as it makes sure build slots
are not kept busy for no good reason (few package builds, if any, are
expected to exceed these values).

* nix/libstore/globals.cc (Settings::Settings): Change ‘maxSilentTime’
and ‘buildTimeout’.
* gnu/services/base.scm (<guix-configuration>)[max-silent-time]
[timeout]: Change default values.
* doc/guix.texi (Invoking guix-daemon, Base Services): Adjust
accordingly.

Change-Id: I25c50893f3f7fcca451b8f093d9d4d1a15fa58d8
2024-01-05 17:27:21 +01:00
Ludovic Courtès
4e431fda5f
services: shepherd: Remove ‘dynamic-wind’ in ‘call-with-*-file’.
Fixes <https://issues.guix.gnu.org/64653>.

The ‘dynamic-wind’ was causing files to be closed prematurely when
leaving the dynamic extent of PROC for instance via a delimited
continuation, using Fibers (that ‘dynamic-wind’ call was also
semantically incorrect in the first place).

* gnu/services/shepherd.scm (shepherd-configuration-file)
[config](call-with-file): Remove.
(call-with-input-file, call-with-output-file): Rewrite in terms of
‘call-with-port’.

Change-Id: Ica8af71a04f525a15be99985552063cb98cd6ee8
2024-01-05 17:27:20 +01:00
Connor Clark
2f642b6023
services: docker: Add config-file option.
* gnu/services/docker.scm (docker-configuration)[config-file] Add file-like
field.
* doc/guix.texi (Docker Service): Add information about config-file.

Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
2024-01-03 15:32:01 +01:00
Liliana Marie Prikler
1cd97066c2
Merge branch 'master' into gnome-team 2024-01-01 21:56:00 +01:00
David Thompson
7722da6fa5
services: laminar: Add configuration option for supplementary groups.
* gnu/services/ci (<laminar-configuration>)[supplemental-groups]: New field.
(laminar-shepherd-service): Exec laminard with supplementary groups.
(laminar-account): Add supplementary groups to laminar user.
* doc/guix.texi (Laminar): Document new configuration field.

Change-Id: Iebfdbb58ea8c6dfa22bb8f64f6463e3ad133d2f9
2023-12-28 11:02:56 -05:00
Liliana Marie Prikler
24d4d6fdd6
Merge branch 'master' into gnome-team 2023-12-20 00:05:21 +01:00
Christopher Baines
e3faf52c92
services: guix: Move GUIX_LOCPATH handling to packages.
I think this might be better than handling it in the service. I'm seeing
locale issues on the hurd which I hope this will address.

* gnu/packages/package-management.scm (guix-build-coordinator,
guix-build-coordinator/agent-only):
* gnu/services/guix.scm (guix-build-coordinator-shepherd-services,
guix-build-coordinator-agent-shepherd-services):

Change-Id: I07ca424f434854176326a19177dc5573d53b59c2
2023-12-22 16:41:44 +00:00
Christopher Baines
cbe64c316d
services: guix: Remove guix-build-coordinator-queue-builds service.
This has been effectively replaced by the bffe.

* gnu/services/guix.scm (<guix-data-service-configuration>): Remove record
type.
(guix-build-coordinator-queue-builds-shepherd-services,
guix-build-coordinator-queue-builds-activation,
guix-build-coordinator-queue-builds-account): Remove procedures
(guix-build-coordinator-queue-builds-service-type): Remove service type.

Change-Id: I2a233fb10b12cc9bfddebaa35928b25c243f82a2
2023-12-22 16:41:42 +00:00
Ludovic Courtès
3d6583727e
services: Remove unnecessary references to (gnu build shepherd).
* gnu/services/databases.scm (memcached-shepherd-service): Remove
‘with-imported-modules’ form and ‘modules’ field.
* gnu/services/security-token.scm (pcscd-shepherd-service): Remove
‘with-imported-modules’ form.
* gnu/services/web.scm (hpcguix-web-shepherd-service): Likewise.

Change-Id: Ieb817508f1751e0c1ff551a0e078789a4a813c1c
2023-12-22 00:31:41 +01:00
Ludovic Courtès
62a08abea7
services: jami: Use ‘least-authority-wrapper’.
* gnu/services/telephony.scm (jami-configuration->command-line-arguments)
[wrapper]: New procedure.
Use it.
(jami-shepherd-services): In ‘start’ method of ‘jami’ service, use
‘fork+exec-command’ instead of ‘make-forkexec-constructor/container’.
Remove use of (gnu build shepherd).

Change-Id: Ic71c0c88477d92bf137d9d0a5832bae8721cc210
2023-12-22 00:31:41 +01:00
Ludovic Courtès
8bd1c14997
services: jami-dbus-session: Use ‘least-authority-wrapper’.
* gnu/services/telephony.scm (jami-shepherd-services): Use
‘least-authority-wrapper’ for ‘dbus-daemon’.  Use ‘fork+exec-command’
instead of ‘make-forkexec-constructor/container’ in the ‘start’ method’.
Remove reference to (gnu build shepherd).

Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Change-Id: I9d9f8de6ecea77950000ff64aa8c8d097dc028a0
2023-12-22 00:31:41 +01:00
Ludovic Courtès
d3ffa06a4d
services: bitlbee: Remove use of ‘make-forkexec-constructor/container’.
This will only affect systems running Shepherd < 0.9.0, which was
released in August 2022.

* gnu/services/messaging.scm (bitlbee-shepherd-service): Remove
‘with-imported-modules’ and ‘modules’ field.  Use
‘make-forkexec-constructor’ instead of
‘make-forkexec-constructor/container’ when ‘make-inetd-constructor’ is
missing.

Change-Id: I35a0487bccaee4799ad0d81388d540e5c7891f7e
2023-12-22 00:31:41 +01:00
Ludovic Courtès
bcad46cde6
services: pagekite: Add ‘configuration’ action.
* gnu/services/networking.scm (pagekite-shepherd-service): Add ‘actions’
field.

Change-Id: I04daa846d505b0700b574a82472ecd99b492d7c4
2023-12-22 00:31:41 +01:00
Ludovic Courtès
43acd98e41
services: pagekite: Use ‘least-authority-wrapper’.
* gnu/services/networking.scm (pagekite-shepherd-service): Define
‘config-file’ and ‘mappings’; define ‘pagekite’ in terms of
‘least-authority-wrapper’.  Remove now-unneeded ‘with-imported-modules’
form and ‘modules’ field.  Use ‘make-forkexec-constructor’ instead of
‘make-forkexec-constructor/container’.

Change-Id: I7c6c6266785f6a0f81a69d85f070779a0d6edd91
2023-12-22 00:31:40 +01:00
Thomas Ieong
b681e339fa
services: Add rspamd-service-type.
* gnu/services/mail.scm (rspamd-service-type): New variable.
* gnu/tests/mail.scm (%test-rspamd): New variable.
* doc/guix.texi: Document it.

Co-authored-by: Saku Laesvuori <saku@laesvuori.fi>
Change-Id: I7196643f087ffe9fc91aab231b69d5ed8dc9d198
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-12-14 23:12:24 +01:00
Ludovic Courtès
4017555367
services: hpcguix-web: Add ‘configuration’ action.
* gnu/services/web.scm (hpcguix-web-shepherd-service): Define
‘config-file’ and use it.  Add ‘actions’ field.

Change-Id: I085df403270039ede3c13f21a5d60682c7510e2e
2023-12-14 23:12:24 +01:00
Saku Laesvuori
59d65f66c5
services: guix: Allow gexps evaluating to a list of build-machines.
* gnu/services/base.scm (guix-machines-files-installation): Handle
machines being a mixed list of build-machines and lists of
build-machines.
* doc/guix.texi (Base Services): Document it.

Change-Id: Ie404562ca0b564413233c3a624046da831893dc3
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2023-12-14 23:12:24 +01:00
Liliana Marie Prikler
4c323c2f83
Merge branch 'master' into HEAD
Change-Id: I3f5d121162d98ef2ae61a62c4da3b0fd19d864e8
2023-12-03 07:20:53 +01:00
Janneke Nieuwenhuizen
b0715d7cd2
gnu: Use ‘libc-utf8-locales-for-target’.
* guix/packages.scm (%standard-patch-inputs): Use
‘libc-utf8-locales-for-target’ instead of ‘glibc-utf8-locales’.
* guix/self.scm (%packages): Likewise.
* gnu/home/services/ssh.scm (file-join): Likewise
* gnu/installer.scm (build-compiled-file): Likewise.
* gnu/packages/chromium.scm (ungoogled-chromium/wayland): Likewise.
* gnu/packages/gnome.scm (libgweather4, tracker): Likewise.
* gnu/packages/javascript.scm (js-mathjax): Likewise.
* gnu/packages/package-management.scm (guix, flatpak): Likewise.
* gnu/packages/raspberry-pi.scm (raspi-arm64-chainloader): Likewise.
* gnu/packages/suckless.scm (svkbd): Likewise.
* gnu/services.scm (cleanup-gexp): Likewise.
* gnu/services/base.scm (guix-publish-shepherd-service): Likewise.
* gnu/services/guix.scm (guix-build-coordinator-shepherd-services)
(guix-build-coordinator-agent-shepherd-services): Likewise.
* gnu/services/guix.scm (guix-build-coordinator-queue-builds-shepherd-services):
(guix-data-service-shepherd-services)
(nar-herder-shepherd-services)
(bffe-shepherd-services): Likewise.
* gnu/services/web.scm (anonip-shepherd-service)
(mumi-shepherd-services): Likewise.
* gnu/system/image.scm (system-disk-image, system-iso9660-image)
(system-docker-image, system-tarball-image): Likewise.
* gnu/system/install.scm (%installation-services): Likewise.
* guix/profiles.scm (info-dir-file): Likewise.
(ca-certificate-bundle, profile-derivation): Likewise.
* guix/scripts/pack.scm (store-database, set-utf8-locale): Likewise.
* tests/pack.scm: Likewise.
* tests/profiles.scm ("profile-derivation, cross-compilation"):
Likewise.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Co-authored-by: Christopher Baines <mail@cbaines.net>
Change-Id: I24239f427bcc930c29d2ba5d00dc615960a6c374
2023-12-02 12:25:45 +01:00
Liliana Marie Prikler
72e886328c
Merge branch 'master' into gnome-team
Change-Id: I88d3789460d1a89917451d80405d89a2824006ac
2023-11-04 07:43:44 +01:00
Liliana Marie Prikler
e38d6a9c2f
Merge branch 'master' into gnome-team
Change-Id: Ib6f55bebef2fb235fa59fd5442102a3e0ace3191
2023-10-23 21:09:49 +02:00
Vivien Kraus
498db4de1f
gnu: udev-service-type: accept hardware description file extensions.
The udev-configuration record now has a hardware field.

The contents of the /etc/udev directory now includes hwdb.bin, which is
computed when the system is instanciated (prior to system activation).  The
hardware description files used to generate hwdb.bin are not installed in
/etc, because they are not required at run-time.

The documentation has been reworked so as to explain why creating udev rules
or hardware needs helper functions for configuration or extension.

* gnu/services/base.scm (udev-hardware): New function.
(file->udev-hardware): New function.
(udev-hardware-service): New function.
(udev-etc): Add hwdb.d and hwdb.bin.
(module): Export udev-hardware, file->udev-hardware, and udev-hardware-service.
(<udev-configuration>): Add the native-udev field.
(udev-service-type) [extend]: Populate the hardware field.
* doc/guix.texi (Base Services)[udev-service-type]: Explain configuration and
extension values.
* doc/guix.texi (Base Services)[udev-hardware]: Document it.
[udev-hardware-service]: Same.
* doc/guix.texi (Base Services)[udev-configuration]: Document the native-udev
field.
2023-10-10 21:59:25 +02:00
Vivien Kraus
95400e5c15
services: udev: Make udev-rule helper functions generic.
* gnu/services/base.scm (udev-configurations-union): New function.
(udev-configuration-file): New function, use file->udev-configuration-file.
(file->udev-configuration-file): New function.
(udev-rules-union): Use udev-configurations-union.
(udev-rule): Use udev-configuration-file.
(file->udev-rule): Use file->udev-configuration-file.
2023-10-10 21:59:25 +02:00
Vivien Kraus
c2c29eb1b4
services: udev: Rewrite udev-rule to use file->udev-rule.
* gnu/services/base.scm (udev-rule): Use file->udev-rule.
2023-10-10 21:59:24 +02:00
Vivien Kraus
6c2a6033b4
gnu: dbus-service: Make the session bus available under /run/dbus.
According to https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3101, glib
now searches for the session bus socket in runstatedir. The dbus service must
thus have its socket in /run/dbus.

For interoperability with the dbus standard, /run/dbus is also symlinked to
/var/run/dbus.

* gnu/services/dbus.scm (dbus-activation): Symlink /run/dbus to /var/run/dbus.
(%dbus-accounts): Run dbus in /run/dbus.
(dbus-root-service-type): Save the pid file in /run/dbus.

Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
2023-10-09 21:51:29 +02:00
Bruno Victal
00a28bc435
services: configuration: Add some commonly used predicates.
* gnu/services/configuration.scm (list-of-packages?, list-of-symbols?): New
predicate.
* gnu/services/audio.scm (list-of-symbol?): Remove.
* gnu/services/telephony.scm (string-list?): Remove.
(serialize-string-list): Rename to …
(serialize-list-of-strings): … this.
(account-fingerprint-list?, jami-account-list?): Use list-of.
* doc/guix.texi: Update it.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2023-10-07 12:41:06 -04:00
Bruno Victal
dd65564db0
services: fstrim-service-type: Serialize with SRFI-171 transducers.
* gnu/services/linux.scm (serialize-fstrim-configuration): Refactor to use
base-transducer.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2023-10-07 12:41:05 -04:00
Bruno Victal
a7994ed58d
services: configuration: Use transducers within serialize-configuration.
Introduces 'base-transducer', a SRFI-171 based transducer that can be used as a
starting point for writing custom configuration record serializing procedures.

This also fixes the symbol maybe-value serialization test case.

* gnu/services/configuration.scm (empty-serializer?): New predicate.
(base-transducer, tfilter-maybe-value): New procedure.
(serialize-configuration): Adapt to use base-transducer.

* gnu/services/telephony.scm (jami-account->alist): Use transducers to skip
fields that are unserializable or whose field maybe-value is unset.

* tests/services/configuration.scm: Remove test-expect-fail.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2023-10-07 12:41:05 -04:00
Bruno Victal
1b29e5db8f
services: configuration: Simplify normalize-extra-args.
* gnu/services/configuration.scm
(define-configuration-helper, normalize-extra-args): Use #f instead of %unset-value.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2023-10-07 12:41:04 -04:00
Ludovic Courtès
e863274e67
services: hurd-vm: Leave root password uninitialized when offloading.
Starting with 953c65ffdd, offloading to
the Hurd VM would be enabled by default.  However, ‘root’ had an empty
password so any user on the host could connect to the VM over VNC, log
in as root, and potentially populate the host’s store from there.  This
change fixes that.

* gnu/services/virtualization.scm (operating-system-with-locked-root-account):
New procedure.
(hurd-vm-disk-image)[transform]: Add
‘operating-system-with-locked-root-account’ when offloading.
2023-10-05 23:14:55 +02:00
Ludovic Courtès
a0818d0236
services: mcron: Hide ‘mkdir-p’ from (shepherd support).
This a avoids a Guile warning about the name collision with (guix build
utils).  The warning was introduced by commit
e0e85f2b23.

* gnu/services/mcron.scm (mcron-shepherd-services): Hide ‘mkdir-p’.
2023-10-05 23:14:55 +02:00
David Thompson
dce3672f5a
services: xvnc: Do not specify display number when using inetd.
* gnu/services/vnc.scm (xvnc-configuration->command-line-arguments): Omit X
display number when inetd? is #t.

Change-Id: I0fc8e3068f3ae22421e60e96bd40e3b6e477ca99
2023-11-27 10:55:51 -05:00
Ludovic Courtès
da2dc98185
services: rsync: Provide a prettier Shepherd inetd service name.
Previously, a default name would be used for transient inetd services,
leading to names such as #{5rjnskb6011jgmfmpgp63jp9mh9nkl20-rsync-3274}#.

* gnu/services/rsync.scm (rsync-shepherd-service): Pass #:service-name-stem.

Change-Id: I4d0a4a01e122c6eeaa85f104b083cf7e8709eac3
2023-11-26 23:34:48 +01:00
Giacomo Leidi
267786721b
services: Add oci-container-service-type.
* gnu/services/docker.scm (oci-container-configuration): New variable;
(oci-container-shepherd-service): new variable;
(oci-container-service-type): new variable.
* doc/guix.texi (Miscellaneous Services): Document it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I17cede1975051a9fdd0e0a13b2191d8055266f80
2023-11-23 12:56:42 +01:00
Tomas Volf
82f9e5ac97
services: nftables: Tighten the default rules.
Packets for local host IP ranges should be coming only over lo.  If that is
not the case, we should drop them.  Use iif for the check instead of iifname,
lo is guaranteed to exists, and iif is faster.

* gnu/services/networking.scm (%default-nftables-ruleset): Tighten the rules.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-10-20 00:33:26 +02:00
Ludovic Courtès
e0e85f2b23
services: mcron: Do not #:select ‘%user-log-dir’.
* gnu/services/mcron.scm (mcron-shepherd-services): Do not #:select
‘%user-log-dir’ from (shepherd support) since it’s missing in the
Shepherd 0.8, which is still used on GNU/Hurd.
2023-10-02 17:17:07 +02:00
Ludovic Courtès
3b71b2dca7
gnu: cuirass: Update to 797b26a.
* gnu/packages/ci.scm (cuirass): Update to 797b26a.
* gnu/services/cuirass.scm (cuirass-activation): Create /var/run/cuirass.
2023-10-02 11:07:14 +02:00
Ludovic Courtès
953c65ffdd
services: hurd-vm: Implement zero-configuration offloading.
This allows for zero-configuration offloading to a childhurd.

* gnu/services/virtualization.scm (operating-system-with-offloading-account):
New procedure.
(<hurd-vm-configuration>)[offloading?]: New field.
(hurd-vm-disk-image): Define ‘transform’ and use it.
(hurd-vm-activation): Generate SSH key for user ‘offloading’ and add
authorize it via /etc/childhurd/etc/ssh/authorized_keys.d.
(hurd-vm-configuration-offloading-ssh-key)
(hurd-vm-guix-extension): New procedures.
(hurd-vm-service-type): Add GUIX-SERVICE-TYPE extension.
* gnu/tests/virtualization.scm (run-childhurd-test)[import-module?]: New
procedure.
[os]: Add (gnu build install) and its closure to #:import-modules.
[test]: Add “copy-on-write store” and “offloading” tests.
* doc/guix.texi (Virtualization Services): Document it.
2023-10-01 22:58:20 +02:00
Ludovic Courtès
c3a19cc2ac
services: hurd-vm: Disable password-based authentication for root.
With offloading to a childhurd is enabled, allowing password-less root
login in the childhurd to anyone amounts to providing write access to
the host’s store to anyone.  Thus, disable password-based root logins in
the childhurd.

* gnu/services/virtualization.scm (%hurd-vm-operating-system): Change
‘permit-root-login’ to 'prohibit-password.
* gnu/tests/virtualization.scm (%childhurd-os): Provide a custom ‘os’
field for ‘hurd-vm-configuration’.
* doc/guix.texi (Virtualization Services): Remove mention of
password-less root login.
2023-10-01 22:58:20 +02:00
Ludovic Courtès
bab6434f58
services: hurd-vm: ‘image’ field has to be an <image> record.
* gnu/services/virtualization.scm (<hurd-vm-configuration>)[image]:
Document as being an <image> record.
(hurd-vm-disk-image): Remove call to ‘system-image’.
(hurd-vm-shepherd-service): Add call to ‘system-image’.
* gnu/tests/virtualization.scm (hurd-vm-disk-image-raw): Remove call to
‘system-image’.
* doc/guix.texi (Virtualization Services): Adjust accordingly.
2023-10-01 22:58:19 +02:00
Ludovic Courtès
416933cde5
services: childhurd: Authorize the childhurd’s key on the host.
This partly automates setting up a childhurd for offloading purposes.

* gnu/services/virtualization.scm (authorize-guest-substitutes-on-host):
New procedure.
(hurd-vm-activation): Use it.
2023-10-01 22:58:19 +02:00
Ludovic Courtès
aa40b085dc
services: guix: Support declarative offloading setup.
* gnu/services/base.scm (guix-machines-files-installation): New
procedure.
(<guix-configuration>)[build-machines]: New field.
(guix-activation): Call ‘ guix-machines-files-installation’.
(<guix-extension>)[build-machines]: New field.
(guix-extension-merge): Handle it.
(guix-service-type)[extend]: Likewise.
* doc/guix.texi (Daemon Offload Setup): Add note linking to
‘guix-configuration’.
(Base Services): Document ‘build-machines’ field of <guix-configuration>
and of <guix-extension>.
(Virtualization Services): Add ‘hurd-vm’ anchor.
2023-10-01 22:58:19 +02:00
Ludovic Courtès
21deb89e28
services: guix: Use the right locale package on GNU/Hurd.
Fixes a bug introduced in 0dd293b4d9
whereby guix-daemon on GNU/Hurd would have ‘GUIX_LOCPATH’ set to the
“wrong” locale data (2.35 instead of 2.37).

Consequently, it would fail to setlocale(3) and calls to
‘std::stoi’ (when reading the output of ‘guix authenticate’) would
throw, leading to this error message of guix-daemon:

  unexpected build daemon error: stoi

This would manifest when sending store items to a childhurd:

  $ guix copy --to=localhost:10022 sed
  guix copy: sending 1 store item (1 MiB) to 'localhost'...
  guix copy: error: unknown error while sending files over SSH

The “unknown error” is the ‘stoi’ exception.

This commit fixes that, but for the ‘guix-daemon’ service only.

* gnu/services/base.scm (guix-shepherd-service)[locales]: New variable.
Use it instead of ‘glibc-utf8-locales’.
2023-10-01 22:58:19 +02:00
Ludovic Courtès
81d46ef989
services: hurd-vm: Use the default SSH port number.
* gnu/services/virtualization.scm (%hurd-vm-operating-system): Remove
‘port-number’ from ‘openssh-configuration’.
(hurd-vm-net-options): Change 2222 to 22 in port forwarding.
2023-10-01 22:58:19 +02:00
Marius Bakke
4163c617b8
services: nftables: Add 'configuration' action.
* gnu/services/networking.scm (nftables-shepherd-service)[actions]: New field.
2023-09-22 01:29:18 +08:00
Ludovic Courtès
5e0ae26846
services: hurd-vm: Use ‘qemu-system-x86_64’.
Fixes <https://issues.guix.gnu.org/66053>.

* gnu/services/virtualization.scm (hurd-vm-shepherd-service)[vm-command]:
Use ‘qemu-system-x86_64’.
2023-09-18 23:14:00 +02:00
Ludovic Courtès
fc3a53525a
services: dhcp-client: Fix name of the provision accessor.
This is a followup to 04f71edb73.

* gnu/services/networking.scm (<dhcp-client-configuration>)[shepherd-provision]:
Fix accessor name.
2023-09-17 16:29:19 +02:00
Alexey Abramov
04f71edb73
services: dhcp-client-configuration: Allow provision override.
* gnu/services/networking.scm (<dhcp-client-configuration>)[shepherd-provision]:
New field.
(dhcp-client-shepherd-service): Honor it.
* doc/guix.texi (Networking Setup): Document it.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2023-09-17 15:31:03 +02:00
Adam Maleszka
944c1b62a1
services: syncthing: Ensure that service runs after mounting home directories.
Sometimes `syncthing-service-type' fails during startup because it tries
to read configuration files from the user's home directory:

Failure on home directory: mkdir /home/xyz/.config: permission denied

This patch adds `user-processes' to the shepherd service requirements to
ensure that `user-homes' is fired before `syncthing' tries to read data
from the home directory.

* gnu/services/syncthing.scm (syncthing-shepherd-service): add
`user-processes' to requirements

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-09-17 15:31:03 +02:00
Lilah Tascheter
489abccd5f
services: dhcp-client-service-type: Support DDNS.
* gnu/services/networking.scm (dhcp-client-shepherd-service): Enable -I
  flag on dhclient.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2023-10-14 22:41:43 +02:00