Commit graph

304 commits

Author SHA1 Message Date
Ludovic Courtès
4df584aeac
services: static-networking: Sanitize <network-address> values.
This makes sure users do not mistakenly configuring a network with "/0"
as its netmask.

* gnu/services/base.scm (assert-valid-address): New procedure.
(<network-address>)[value]: Add it as 'sanitize'.
2021-12-20 16:21:40 +01:00
Ludovic Courtès
5967aee398
services: Define '%loopback-static-networking'.
* gnu/services/base.scm (%loopback-static-networking): New variable.
(%base-services): Use it.
* gnu/system/hurd.scm (%base-services/hurd): Use it.
* gnu/system/install.scm (%installation-services): Use it.
* doc/guix.texi (Networking Setup): Document it.
2021-12-12 23:20:50 +01:00
Ludovic Courtès
1644f4f1f8
services: Define '%qemu-static-networking'.
* gnu/services/base.scm (%qemu-static-networking): New variable.
* gnu/system/hurd.scm (%base-services/hurd): Use it.
* doc/guix.texi (Networking Setup): Document it.
2021-12-12 23:20:49 +01:00
Ludovic Courtès
223f1b1eb3
services: static-networking: Change interface to mimic netlink.
* gnu/services/base.scm (<static-networking>)[interface, ip, netmask]
[gateway]: Remove.
[addresses, links, routes]: New fields.
[requirement]: Default to '(udev).
(<network-address>, <network-link>, <network-route>): New record types.
(ensure-no-separate-netmask, %ensure-no-separate-netmask): Remove.
(ipv6-address?, cidr->netmask, ip+netmask->cidr)
(network-set-up/hurd, network-tear-down/hurd)
(network-set-up/linux, network-tear-down/linux)
(static-networking->hurd-pfinet-options): New procedures.
(static-networking-shepherd-service): New procedure.
(static-networking-shepherd-services): Rewrite in terms of the above.
(static-networking-service): Deprecate.  Adjust to new
'static-networking' API.
(%base-services): Likewise.
* gnu/system/install.scm (%installation-services): Likewise.
* gnu/system/hurd.scm (%base-services/hurd): Likewise, and separate
'loopback' from 'networking'.
* gnu/build/hurd-boot.scm (set-hurd-device-translators): Remove
"servers/socket/2".
* gnu/tests/networking.scm (run-openvswitch-test)["networking has
started on ovs0"]: Check for 'networking instead of 'networking-ovs0,
which is no longer provided.
* doc/guix.texi (Networking Setup): Document the new interface.  Remove
documentation of 'static-networking-service'.
(Virtualization Services): Change Ganeti example to use the new
interface.
2021-12-12 23:20:49 +01:00
Ludovic Courtès
0cc742b261
services: static-networking: Use Guile-Netlink on GNU/Linux.
* gnu/services/base.scm (static-networking-shepherd-service): Define
'set-up-via-ioctl', 'tear-down-via-ioctl', 'set-up-via-netlink',
'tear-down-via-netlink', and 'helpers' and use them in 'start' and
'stop'.  Add (ip *) modules to 'modules'.
2021-12-12 23:20:49 +01:00
Tobias Geerinckx-Rice
892f1b7273
services: Accept <inferior-package>s in lieu of <package>s.
* gnu/services/authentication.scm (fprintd-configuration)
(nslcd-configuration): Substitute file-like objects for package ones.
* gnu/services/cgit.scm (cgit-configuration, opaque-cgit-configuration):
Likewise.
* gnu/services/cups.scm (package-list?, cups-configuration): Likewise.
* gnu/services/dns.scm (verify-knot-configuration)
(ddclient-configuration): Likewise.
* gnu/services/docker.scm (docker-configuration): Likewise.
* gnu/services/file-sharing.scm (transmission-daemon-configuration): Likewise.
* gnu/services/getmail.scm (getmail-configuration): Likewise.
* gnu/services/mail.scm (dovecot-configuration)
(opaque-dovecot-configuration): Likewise.
* gnu/services/messaging.scm (prosody-configuration)
(opaque-prosody-configuration): Likewise.
* gnu/services/monitoring.scm (zabbix-server-configuration)
(zabbix-agent-configuration): Likewise.
* gnu/services/networking.scm (opendht-configuration): Likewise.
* gnu/services/pm.scm (tlp-configuration): Likewise.
* gnu/services/telephony.scm (jami-configuration): Likewise.
* gnu/services/virtualization.scm (libvirt-configuration)
(qemu-guest-agent-configuration): Likewise.
* gnu/services/vpn.scm (openvpn-client-configuration): Likewise.
2021-11-30 01:08:55 +01:00
Josselin Poiret
d48b404cf5
gnu: system: Make old-style swap use default flags.
* gnu/services/base.scm (swap-service-type): Use default flags (0) if
SWAP is not a new-style <swap-space> record.

Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
2021-11-23 19:02:34 +01:00
Josselin Poiret
0831dfab75
system: Add swap flags.
* gnu/system/file-systems.scm (swap-space)[priority, discard?]: Add
them.
* guix/build/syscalls.scm (SWAP_FLAG_PREFER, SWAP_FLAG_PRIO_MASK,
SWAP_FLAG_PRIO_SHIFT, SWAP_FLAG_DISCARD): Add them.
* gnu/build/file-systems.scm (swap-space->flags-bit-mask): Add it.
* gnu/services/base.scm (swap-service-type): Use it.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-11-23 10:24:27 +01:00
Josselin Poiret
133a61ae26
system: Rework swap space support, add dependencies.
* gnu/system/file-systems.scm (swap-space): Add it.
* gnu/system.scm (operating-system)[swap-devices]: Update comment.
* gnu/services/base.scm (swap-space->shepherd-service-name,
swap-deprecated->shepherd-service-name, swap->shepherd-service-name):
Add them.
* gnu/services/base.scm (swap-service-type, swap-service): Use the new
records.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-11-23 10:24:27 +01:00
Maxim Cournoyer
8ad6624b96
services: base: Honor file-system-create-mount-point? at all times.
Fixes <https://issues.guix.gnu.org/40158>.

* gnu/services/base.scm (file-system-shepherd-service): Update doc.  Return a
shepherd service for the mount point when either MOUNT? or CREATE? is true.
[start]: Only mount when MOUNT? is true.
(file-system-shepherd-services): Also consider file systems with
create-mount-point? set to #t.
2021-08-29 01:31:52 -04:00
muradm
29883f1130
services: pam-limits: fix limits.conf location
* gnu/services/base.scm: fix limits.conf location

This fixes #49771

Signed-off-by: Julien Lepiller <julien@lepiller.eu>
2021-08-07 17:34:23 +02:00
Brice Waegeneire
92605326ae
services: guix: Use "match-record" in activation.
It's more explicit to specify used fields instead of depending on their
position.

* gnu/services/base.scm (guix-activation): Replace "match" with
  "match-record".
2021-08-04 06:36:50 +02:00
Brice Waegeneire
1beeef6261
services: gpm: Use "make-forkexec-contstructor".
* gnu/services/base.scm (gpm-shepherd-service)[start]: Replace custom
logic with "make-forkexec-constructor".
2021-07-13 07:24:52 +02:00
luhui
fda0959a14
services: kmscon: Add keyboard-layout fields.
* gnu/services/base.scm (<kmscon-configuration>): Add keyboard-layout fields.
* doc/guix.texi (Base Services): Document them.

Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
2021-06-29 19:01:25 +02:00
Jack Hill
2e30e84b64
services: guix: Authorize 'bordeaux.guix.gnu.org.pub' by default.
This follows on from the changes in 4985a42724.

* gnu/services/base.scm (%default-authorized-guix-keys): Add
bordeaux.guix.gnu.org.pub.

Signed-off-by: Christopher Baines <mail@cbaines.net>
2021-06-19 09:32:54 +01:00
Ludovic Courtès
f70c3429ed
services: Remove deprecated service procedures.
These service procedures were deprecated in January 2019, for instance
in commit 65a67bf711.

* gnu/services/avahi.scm (avahi-service): Remove.
* gnu/services/base.scm (console-keymap, guix-service)
(guix-publish-service, gpm-service, urandom-seed-service): Remove.
* gnu/services/desktop.scm (upower-service, colord-service): Remove.
* gnu/services/mcron.scm (mcron-service): Remove.
* gnu/services/messaging.scm (bitlbee-service): Remove.
* gnu/services/networking.scm (dhcp-client-service, ntp-service)
(tor-service): Remove.
* gnu/services/xorg.scm (slim-service, gdm-service): Remove.
2021-06-14 18:35:17 +02:00
Ludovic Courtès
58beda0121
services: guix-publish: Add zstd compression by default.
That way, the default config with (advertises? #t) and without a cache
will offer zstd-compressed substitutes, which should lead to much higher
throughput than gzip.

* gnu/services/base.scm (default-compression): When
'guix-publish-configuration-cache' returns true, use higher level
compression ratios.  Add "zstd".
* doc/guix.texi (Base Services): Mention zstd.
2021-04-03 22:08:33 +02:00
qblade
aa03d32eb1
services: kmscon: Add font-engine and font-size fields.
* gnu/services/base.scm (<kmscon-configuration>): Add font-engine and
font-size fields.
(kmscon-service-type): Honor them.
* doc/guix.texi (Base Services): Document them.
2021-04-01 13:40:09 +02:00
Leo Famulari
898489f48e
services: Enable "protected hardlinks" and "protected symlinks" by default.
References:

https://sysctl-explorer.net/fs/protected_hardlinks/
https://sysctl-explorer.net/fs/protected_symlinks/

* gnu/services/sysctl.scm (%default-sysctl-settings): New public variable.
(<sysctl-configuration>): Use %default-sysctl-settings as the default value.
* gnu/services/base.scm (%base-services): Add sysctl-service-type.
* doc/guix.texi (Miscellaneous Services): Document the new defaults.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-03-18 12:17:33 +01:00
Ludovic Courtès
0d22fc8d36
services: shepherd: 'shepherd-service-type' requires documentation.
* gnu/services/shepherd.scm (shepherd-service-type): Require a
'description' form.
* gnu/services/base.scm (root-file-system-service-type)
(rngd-service-type, host-name-service-type):
(virtual-terminal-service-type, console-keymap-service-type)
(syslog-service-type, swap-service-type)
(kmscon-service-type): Add description.
* gnu/services/networking.scm (dhcp-client-service-type): Likewise.
* gnu/system/install.scm (cow-store-service-type): Likewise.
* gnu/system/linux-container.scm (dummy-networking-service-type):
Likewise.
* gnu/system/mapped-devices.scm (device-mapping-service-type):
Likewise.
* tests/guix-system.sh: Likewise.
2021-01-13 22:24:18 +01:00
Ludovic Courtès
d88ff09ea3
services: 'references-file' depends on Guile-Gcrypt.
Regression introduced in 6a060ff27f.

Reported by clone11 on #guix.

* gnu/services/base.scm (references-file): Wrap gexp in 'with-extensions'.
2020-12-15 22:29:55 +01:00
Ludovic Courtès
f066e65713
services: guix-publish: Depend on 'avahi-daemon' when needed.
* gnu/services/base.scm (guix-publish-shepherd-service): Add
'user-processes' to 'requirement'.  When ADVERTISE? is true, also add
'avahi-daemon'.
2020-12-09 14:13:32 +01:00
Mathieu Othacehe
e461d3b750
service: Add shepherd discover action.
* gnu/services/base.scm (shepherd-discover-action): New procedure,
(guix-shepherd-service)[<actions>]: add it,
[<start>]: honor it.
* doc/guix.texi (Invoking guix-daemon): Document it.
2020-12-07 10:39:21 +01:00
Mathieu Othacehe
79f9dee3c4
Use substitute servers on the local network.
* guix/scripts/discover.scm: New file.
* Makefile.am (MODULES): Add it.
* nix/nix-daemon/guix-daemon.cc (options): Add "discover" option,
(parse-opt): parse it,
(main): start "guix discover" process when the option is set.
* guix/scripts/substitute.scm (%local-substitute-urls): New variable,
(substitute-urls): add it.
* gnu/services/base.scm (<guix-configuration>): Add "discover?"
field,
(guix-shepherd-service): honor it.
* doc/guix.texi (Invoking guix-daemon): Document "discover" option,
(Base Services): ditto.
2020-11-29 15:08:26 +01:00
Mathieu Othacehe
276e494b2a
publish: Add advertising support.
* guix/scripts/publish.scm (%options): Add "--advertise" option.
(show-help): Document it.
(service-name): New procedure,
(publish-service-type): new variable.
(run-publish-server): Add "advertise?" and "port" parameters. Use them to publish
the server using Avahi.
(guix-publish): Pass the "advertise?" option to "run-publish-server".
* gnu/services/base.scm (<guix-publish-configuration>): Add "advertise?"
field.
(guix-publish-shepherd-service): Honor it.
2020-11-29 15:08:26 +01:00
Mikhail Tsykalov
788df2ecd6
mapped-devices: Allow target to be list of strings.
* gnu/system/mapped-devices.scm (<mapped-device>): Rename constructor to
%mapped-device.
[target]: Remove field.
[targets]: New field. Adjust users.
(mapped-device-compatibility-helper, mapped-device): New macros.
(mapped-device-target): New deprecated procedure.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2020-11-26 00:05:39 +01:00
Maxim Cournoyer
182ea66f6f
Merge branch 'version-1.2.0' into master. 2020-11-20 09:46:57 -05:00
Marius Bakke
0a47ff9f9f
services: base: Re-export %default-substitute-urls from (guix store).
* gnu/services/base.scm: Export %DEFAULT-SUBSTITUTE-URLS.
2020-11-18 22:37:17 +01:00
Tobias Geerinckx-Rice
a45f8223e1
Merge remote-tracking branch 'upstream/version-1.2.0' 2020-11-18 18:07:57 +01:00
Ludovic Courtès
37b98e8cca
services: shepherd: Map all the invalid store characters to dash.
Fixes a regression introduced in
977eb5d023 whereby file system services
would now have a different name.

* gnu/services/base.scm (file-system->shepherd-service-name): Revert
changes introduced in 977eb5d023.
* gnu/services/shepherd.scm (%store-characters): New variable
(shepherd-service-file-name): Map all the characters outside
%STORE-CHARACTERS to #\-.
2020-11-18 11:13:49 +01:00
Maxim Cournoyer
129b9b16d9
Merge remote-tracking branch 'origin/version-1.2.0' into master
Conflicts:
	gnu/packages/bioinformatics.scm

The python-pysam package fixed in master was kept instead of the update done
in the version-1.2.0 branch.
2020-11-17 18:00:28 -05:00
Marius Bakke
6cad3f6966
services: mingetty: Export configuration accessors.
* gnu/services/base: Export configuration accessors for mingetty.
2020-11-16 19:08:36 +01:00
Ludovic Courtès
977eb5d023
Properly deal with build directories containing '~'.
Fixes <https://bugs.gnu.org/44626>.
Reported by Vagrant Cascadian <vagrant@debian.org>.

* tests/build-utils.scm ("wrap-script, simple case"): Pass
SCRIPT-CONTENTS to 'display' rather than 'format'.
* gnu/services/base.scm (file-system->shepherd-service-name)
[valid-characters, mount-point]: New variables.
Filter out invalid store file name characters from the mount point of
FILE-SYSTEM.
2020-11-16 11:21:42 +01:00
Mark H Weaver
e3ae313478
gnu: mingetty-shepherd-service: Make 'clear-on-logout' configurable.
Also change the default configuration to clear on logout, which is the
upstream default.

* gnu/services/base.scm (<mingetty-configuration>): Add 'clear-on-logout?'
field.
(mingetty-shepherd-service): Pass the "--noclear" option to mingetty only if
'clear-on-logout?' is #false.
* doc/guix.texi (Base Services): Document the 'clear-on-logout?' field.
2020-11-11 00:21:22 -05:00
Ludovic Courtès
f7d0a63dda
services: guix: Do not embed the host (guix config).
Fixes a bug whereby different users would get different derivations for
the same service.

* gnu/services/base.scm (guix-shepherd-service): In 'start' method, do
not embed (guix config).
2020-11-05 00:07:45 +01:00
Ludovic Courtès
2b2ab7796a
services: guix-publish: Add 'cache-bypass-threshold' field.
This is a followup to ecaa102a58.

* gnu/services/base.scm (<guix-publish-configuration>)[cache-bypass-threshold]:
New field.
(guix-publish-shepherd-service): Honor it.
2020-10-30 12:31:18 +01:00
Ludovic Courtès
81c3dd9cad
services: swap: Allow for UUIDs and file system labels.
* gnu/services/base.scm (swap-service-type)[device-lookup, device-name]:
New variables.
Add 'modules' field to 'shepherd-service'.  In 'start' and 'stop', use
'device-lookup' to resolve UUIDs and labels.
* doc/guix.texi (operating-system Reference): Adjust accordingly.
2020-10-30 01:14:21 +01:00
Ludovic Courtès
3b6e4e5fd0
services: guix: Make /etc/guix/acl really declarative by default.
Fixes <https://bugs.gnu.org/39819>.
Reported by Maxim Cournoyer <maxim.cournoyer@gmail.com>.

* gnu/services/base.scm (substitute-key-authorization): Symlink
DEFAULT-ACL to /etc/guix/acl unconditionally.  Add code to optionally
back up /etc/guix/acl if it was possibly modified by hand.
* doc/guix.texi (Base Services): Clarify the effect of setting
'authorize-keys?' to true.  Mention the backup.  Give an example showing
how to authorize substitutes from another server.
2020-10-25 01:06:10 +02:00
Ludovic Courtès
d367a7f3d0
services: guix: Generate key pair if needed during activation.
* gnu/services/base.scm (guix-activation): Invoke "guix archive
--generate-key".
* doc/guix.texi (Invoking guix archive)
(Invoking guix deploy): Mention that 'guix-service-type' takes care of
generating the key pair.
2020-09-29 21:56:27 +02:00
Mathieu Othacehe
1a0da8b4f3
services: base: Improve container related comments.
* gnu/services/base.scm (guix-shepherd-service): Clarify the usage of a
container for guix-daemon.
2020-09-21 10:48:16 +02:00
Mathieu Othacehe
8ce6f4dc28
installer: Run the installation inside a container.
When the store overlay is mounted, other processes such as kmscon, udev
and guix-daemon may open files from the store, preventing the
underlying install support from being umounted. See:
https://lists.gnu.org/archive/html/guix-devel/2018-12/msg00161.html.

To avoid this situation, mount the store overlay inside a container,
and run the installation from within that container.

* gnu/build/shepherd.scm (fork+exec-command/container): New procedure.
* gnu/services/base.scm (guix-shepherd-service): Support an optional PID
argument passed to the "start" method. If that argument is passed, ensure that
guix-daemon enters the given PID MNT namespace by using
fork+exec-command/container procedure.
* gnu/installer/final.scm (umount-cow-store): Remove it,
(install-system): run the installation from within a container.
* gnu/installer/newt/final.scm (run-install-shell): Remove the display hack.
2020-09-02 17:05:23 +02:00
Mathieu Othacehe
dac7dd1b0b
Remove "guile-zlib" extension when unused.
This is a follow-up of 755f365b02.

As (zlib) is autoloaded in (gnu build linux-modules), "guile-zlib" is needed
as an extension only when it is effectively used.

* gnu/installer.scm (installer-program): Remove "guile-zlib" from the extensions.
* gnu/machine/ssh.scm (machine-check-initrd-modules): Ditto.
* gnu/services.scm (activation-script): Ditto.
* gnu/services/base.scm (default-serial-port): Ditto,
(agetty-shepherd-service): ditto,
(udev-service-type): ditto.
* gnu/system/image.scm (gcrypt-sqlite3&co): Ditto.
* gnu/system/shadow.scm (account-shepherd-service): Ditto.
2020-08-25 12:39:11 +02:00
Mathieu Othacehe
755f365b02
linux-libre: Support module compression.
This commit adds support for GZIP compression for linux-libre kernel
modules. The initrd modules are kept uncompressed as the initrd is already
compressed as a whole.

The linux-libre kernel also supports XZ compression, but as Guix does not have
any available bindings for now, and the compression time is far more
significant, GZIP seems to be a better option.

* gnu/build/linux-modules.scm (modinfo-section-contents): Use
'call-with-gzip-input-port' to read from a module file using '.gz' extension,
(strip-extension): new procedure,
(dot-ko): adapt to support compression,
(ensure-dot-ko): ditto,
(file-name->module-name): ditto,
(find-module-file): ditto,
(load-linux-module*): ditto,
(module-name->file-name/guess): ditto,
(module-name-lookup): ditto,
(write-module-name-database): ditto,
(write-module-alias-database): ditto,
(write-module-device-database): ditto.
* gnu/installer.scm (installer-program): Add "guile-zlib" to the extensions.
* gnu/machine/ssh.scm (machine-check-initrd-modules): Ditto.
* gnu/services.scm (activation-script): Ditto.
* gnu/services/base.scm (default-serial-port): Ditto,
(agetty-shepherd-service): ditto,
(udev-service-type): ditto.
* gnu/system/image.scm (gcrypt-sqlite3&co): Ditto.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): Add "guile-zlib"
to the extensions and make sure that the initrd only contains
uncompressed module files.
* gnu/system/shadow.scm (account-shepherd-service): Add "guile-zlib" to the
extensions.
* guix/profiles.scm (linux-module-database): Ditto.
2020-08-25 11:53:20 +02:00
Oleg Pykhalov
cc339cd98d
services: base: Export references-file.
* gnu/services/base.scm (references-file): Export procedure.
2020-07-22 22:10:10 +03:00
Marius Bakke
d67826a810
services: Remove obsolete comment.
This TODO was resolved in ea4915a74b.

* gnu/services/base.scm (%default-authorized-guix-keys): Remove TODO comment.
2020-07-12 13:06:41 +02:00
Christopher Lemmer Webber
ea4915a74b
services: guix: Refer to 'berlin.guix.gnu.org.pub'.
Commit 6680880f9b pushes out a new guix
package with a new key location, so we need to update to the new key
in order for systems to build correctly.

* gnu/services/base.scm (%default-authorized-guix-keys): Refer to berlin.guix.gnu.org.pub.
2020-07-11 21:42:04 -04:00
Ludovic Courtès
ec4c404c05
services: guix: Refer to 'berlin.guixsd.org.pub'.
This partly reverts d283bb960f.

* gnu/services/base.scm (%default-authorized-guix-keys): Refer to berlin.guixsd.org.pub.
2020-07-10 11:48:05 +02:00
Ludovic Courtès
d283bb960f
maint: Remove traces of "berlin.guixsd.org".
The guixsd.org domain is no longer advertised since before in 1.0.0
release in May 2019.

* etc/substitutes/berlin.guixsd.org.pub: Rename to...
* etc/substitutes/berlin.guix.gnu.org.pub: ... this.
* etc/substitutes/ci.guix.gnu.org.pub,
etc/substitutes/ci.guix.info.pub: Adjust accordingly.
* gnu/services/base.scm (%default-authorized-guix-keys): Likewise.
* guix/build/download-nar.scm (urls-for-item): Likewise.
* guix/self.scm (miscellaneous-files): Likewise.
* Makefile.am (dist_pkgdata_DATA): Likewise.
2020-07-10 00:11:00 +02:00
Marius Bakke
4bdf4182fe
Merge branch 'core-updates' 2020-05-08 21:40:51 +02:00
Ludovic Courtès
5aa4d2dcf2
Revert "services: syslog: Simplify 'start' method."
This reverts commit 4c0cc7bed3.
Fixes <https://bugs.gnu.org/41116>.
Reported by Alex Sassmannshausen <alex@komputilo.eu>.

The problem is that reconfiguring on a system running Shepherd < 0.8.0
would lead to an error, due to #:file-creation-mask not being supported.
The error is rather harmless: it prevents service upgrade but the system
itself is upgraded.

We can reinstate that commit eventually, once #:file-creation-mask has
become widespread.
2020-05-07 12:55:15 +02:00