* gnu/services/databases.scm (<mysql-configuration>): Add AUTO-UPGRADE? field.
(mysql-upgrade-wrapper, mysql-upgrade-shepherd-service,
mysql-shepherd-services): New variables.
(mysql-service-type): Use MYSQL-SHEPHERD-SERVICES instead of
MYSQL-SHEPHERD-SERVICE.
* doc/guix.texi (Database Services): Document the AUTO-UPGRADE? field of
MYSQL-SERVICE-TYPE.
* gnu/tests/databases.scm (run-mysql-test): Test that mysql_upgrade has run.
* gnu/services/databases.scm (mysql-service): Define in terms of DEFINE-DEPRECATED.
* gnu/tests/databases.scm (%mysql-os): Adjust accordingly.
* doc/guix.texi (Database Services): Adjust the MariaDB/MySQL section to
document MYSQL-SERVICE-TYPE instead of MYSQL-SERVICE. While at it, document
the EXTRA-CONTENT field.
‘escpr’ is nice and short, but everyone else calls this package
‘epson-inkjet-printer-escpr’. More importantly, so does upstream.
* gnu/packages/cups.scm (escpr, epson-inkjet-printer-escpr,): Rename
escpr to epson-inkjet-printer-escpr, redefining escpr as
deprecated-package. Adjust all users.
* gnu/services/vpn.scm (openvpn-client-configuration)
(openvpn-server-configuration): Make ca, key an cert fields optional.
* doc/guix.texi (VPN Services): Document the change.
Fixes a regression introduced in
977eb5d023 whereby file system services
would now have a different name.
* gnu/services/base.scm (file-system->shepherd-service-name): Revert
changes introduced in 977eb5d023.
* gnu/services/shepherd.scm (%store-characters): New variable
(shepherd-service-file-name): Map all the characters outside
%STORE-CHARACTERS to #\-.
Fixes <https://bugs.gnu.org/44626>.
Reported by Vagrant Cascadian <vagrant@debian.org>.
* tests/build-utils.scm ("wrap-script, simple case"): Pass
SCRIPT-CONTENTS to 'display' rather than 'format'.
* gnu/services/base.scm (file-system->shepherd-service-name)
[valid-characters, mount-point]: New variables.
Filter out invalid store file name characters from the mount point of
FILE-SYSTEM.
Also change the default configuration to clear on logout, which is the
upstream default.
* gnu/services/base.scm (<mingetty-configuration>): Add 'clear-on-logout?'
field.
(mingetty-shepherd-service): Pass the "--noclear" option to mingetty only if
'clear-on-logout?' is #false.
* doc/guix.texi (Base Services): Document the 'clear-on-logout?' field.
This was unintentionally removed in
00014f7692.
* gnu/services/web.scm (default-nginx-config): Re-introduce processing
of server-names-hash-bucket-size option.
This was unintentionally removed in
00014f7692.
* gnu/services/web.scm (default-nginx-config): Re-introduce processing
of server-names-hash-bucket-size option.
As it doesn't use one.
* gnu/services/guix.scm (guix-build-coordinator-agent-shepherd-services):
Remove #:pid-file.
(guix-build-coordinator-agent-activation): Don't create the /var/run
directory.
As this is needed when substituting derivations.
* gnu/services/guix.scm (guix-build-coordinator-agent-shepherd-services): Set
XDG_CACHE_HOME.
(guix-build-coordinator-agent-activation): Create
/var/cache/guix-build-coordinator-agent.
Until now it would wait for a PID file that'd never come.
* gnu/services/audio.scm (mpd-shepherd-service): Add 'requirement'.
Remove #:pid-file from 'start'.
(mpd-service-activation): Create the ".mpd" directory since that's what
the daemon expects.
Running 'guix system search mpd' would throw a backtrace because the
mpd-shepherd-service service start Gexp contained an unquoted call to
'getpwnam', which would look for a missing 'mpd' user and fail.
* gnu/services/audio.scm (mpd-shepherd-service): gexp-unquote only the
relevant variable rather than the whole expression.
Fixes a bug whereby different users would get different derivations for
the same service.
* gnu/services/base.scm (guix-shepherd-service): In 'start' method, do
not embed (guix config).
This is a followup to ecaa102a58.
* gnu/services/base.scm (<guix-publish-configuration>)[cache-bypass-threshold]:
New field.
(guix-publish-shepherd-service): Honor it.
* gnu/services/base.scm (swap-service-type)[device-lookup, device-name]:
New variables.
Add 'modules' field to 'shepherd-service'. In 'start' and 'stop', use
'device-lookup' to resolve UUIDs and labels.
* doc/guix.texi (operating-system Reference): Adjust accordingly.
This silences a warning from the service at startup.
* gnu/services/dns.scm (knot-resolver-shepherd-services)[start]: Use the "-n"
command-line option to kresd in place of the deprecated "-f 1".
Signed-off-by: Leo Famulari <leo@famulari.name>
* gnu/services/web.scm (<gmnisrv-configuration>): New record type.
(%default-gmnisrv-config-file): New variable.
(%gmnisrv-accounts, %gmnisrv-activation): New variables.
(gmnisrv-shepherd-service): New procedure.
(gmnisrv-service-type): New variable.
* doc/guix.texi (Web Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/web.scm (hpcguix-web-shepherd-service): Change
XDG_CACHE_HOME to /var/cache/guix/web. Previously, the authentication
code would try to write to /var/cache/guix/authentication, which would
fail.
Fixes <https://bugs.gnu.org/39819>.
Reported by Maxim Cournoyer <maxim.cournoyer@gmail.com>.
* gnu/services/base.scm (substitute-key-authorization): Symlink
DEFAULT-ACL to /etc/guix/acl unconditionally. Add code to optionally
back up /etc/guix/acl if it was possibly modified by hand.
* doc/guix.texi (Base Services): Clarify the effect of setting
'authorize-keys?' to true. Mention the backup. Give an example showing
how to authorize substitutes from another server.
This means the package is usable as a library, which is useful when using the
procedures to send requests to the Guix Build Coordinator.
* gnu/packages/package-management.scm (guix-build-coordinator)[inputs]: Move
guile inputs to propagated inputs.
[propagated-inputs]: Receive some inputs.
* gnu/services/guix.scm (make-guix-build-coordinator-start-script): Adjust the
start script to include propagated inputs.
The underscore is now handled in the guile prometheus library.
* gnu/services/guix.scm (make-guix-build-coordinator-start-script): Remove the
underscore from the end of the metrics namespace.
Otherwise the logging is garbled.
* gnu/services/guix.scm (make-guix-build-coordinator-start-script): Configure
line output buffering for stdout and stderr.
As this allows hooks to use the system profile, if that's desired.
* gnu/services/guix.scm (guix-build-coordinator-shepherd-services): Set PATH
to include the system profile.
Currently, if the postgresql package major version changes, this is going to
break the service upon upgrade, because PostgreSQL will reject the data files
from the differing major version of the service.
Because it's important to either keep running a particular major version, or
intentionally upgrade, I think the configuration would be better with no
default. I think this is also going to be helpful when trying to assist users
upgrading PostgreSQL.
* gnu/services/databases.scm (<postgresql-configuration>): Remove default for
postgresql.
(postgresql-service-type): Remove the default value.
* gnu/tests/databases.scm (%postgresql-os): Update accordingly.
* gnu/tests/guix.scm (%guix-data-service-os): Update accordingly.
* gnu/tests/monitoring.scm (%zabbix-os): Update accordingly.
* gnu/tests/web.scm (patchwork-os): Update accordingly.
* doc/guix.texi (PostgreSQL): Update accordingly.
Using the service type directly is a better approach, making it easier to
configure the service.
* gnu/services/databases.scm (postgresql-service): Deprecate this procedure.
* doc/guix.texi (PostgreSQL): Update the documentation for the use of (service
postgresql-service-type).
This commit fixes error 'time="2020-10-16T…" level=error msg="Handler for POST
/v1.40/containers/…/start returned error: failed to start shim: exec:
\"containerd-shim\": executable file not found in $PATH: unknown"'.
* gnu/services/docker.scm
(containerd-shepherd-service): Add "containerd-shim" to PATH.
This matches up with changes in the Guix Data Service to not use the
normalized codeset.
* gnu/services/guix.scm (guix-data-service-shepherd-services): Change the
LC_ALL codeset to UTF-8.
Fixes: <https://issues.guix.gnu.org/43760>.
* gnu/services/cuirass.scm (cuirass-activation): Do not create
queries-log-file and web-queries-log-file if the corresponding config file are
unset.
Fixes <https://issues.guix.info/39670>.
Combined with commit def6e2ae46, this allows unprivileged users to mount file
systems marked with the "user" option. It adds less than 4 MiB to the closure
of the lightweight-desktop.tmpl operating system template.
* gnu/services/desktop.scm (%desktop-services): Extend the
setuid-program-service-type service with the 'mount.nfs' and 'mount.nfs-3g'
programs.
Reported-by: Nathan Dehnel <ncdehnel@gmail.com>
* gnu/services/ssh.scm:
(<webssh-configuration>): New record type.
(%webssh-configuration-nginx, webssh-service-type): New variables.
(webssh-account, webssh-activation, webssh-shepherd-service): New procedures.
* doc/guix.texi: Document this.
This is a follow-up to commit d692ebf980.
* gnu/services/virtualization.scm (%hurd-vm-accounts)[supplementary-groups]:
Add ’kvm’.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service): Use #:group
"kvm"
This allows the client running on the host to know when it's actually
connect to the server running in the guest. Failing that, the client
would connect right away to QEMU and send secrets even though the server
is not running yet in the guest, which is unreliable.
* gnu/build/secret-service.scm (secret-service-send-secrets): Add
#:handshake-timeout. Read from SOCK an initial message from the
server. Return #f on error.
(secret-service-receive-secrets): Send 'secret-service-server' message
to the client. Close SOCK upon timeout.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service): 'start'
method returns #f when 'secret-service-send-secrets' returns #f.
* gnu/services/virtualization.scm (initialize-hurd-vm-substitutes)
(hurd-vm-activation): New procedures.
(hurd-vm-service-type)[extensions]: Add ACTIVATION-SERVICE-TYPE
extension.
* doc/guix.texi (Transparent Emulation with QEMU): Mention GNU/Hurd.
(The Hurd in a Virtual Machine): Explain which files are automatically
installed and mention offloading.
This change allows a childhurd to run within Guix System in a VM.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service)[vm-command]:
Stage the 'file-exists?' call.
Until qemu was running as "root", which is unnecessary.
* gnu/services/virtualization.scm (%hurd-vm-accounts): New variable.
(hurd-vm-service-type)[extensions]: Add ACCOUNT-SERVICE-TYPE extension.
* gnu/services/desktop.scm <elogind-configuration>: Add an
handle-lid-switch-external-power field, mapping to the
HandleLidSwitchExternalPower logind.conf setting.
* doc/guix.texi (Desktop Services): ‘Document’ it.
* gnu/services/cuirass.scm (<cuirass-configuration>)[web-queries-log-file]:
New field.
(cuirass-shepherd-service): Honor it.
(cuirass-log-rotations): If defined, add the web queries log file to the log
rotation.
* gnu/services/cuirass.scm (<cuirass-configuration>)[queries-log-file]: New
field.
(cuirass-shepherd-service): Honor it.
(cuirass-log-rotations): If defined, add the queries log file to the log
rotation.
The userland proxy option does not properly disable the userland proxy when
set to false. Docker defaults to enabling the userland proxy if the option is
unset on the command line.
* gnu/services/docker.scm (docker-shepherd-service): Properly handle the
'enable-proxy?' option.
Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
This commit follows a404716d41.
* gnu/services/docker.scm
(docker-configuration)[docker-cli]: New record field.
(docker-service-type): Use this.
* doc/guix.texi (Miscellaneous Services)[Docker Service]: Document this.
This reverts commit bcfe0f0c1e for now.
It breaks most current use(r)s of the Dovecot service and needs to be
combined with an extra modules configuration field of some kind.
See <https://issues.guix.gnu.org/43347>.
* gnu/services/mail.scm (serialize-space-separated-string-list): Protocols
might have custom settings, which are not supported by other protocols. To
prevent dovecot/services from crashing, serialize settings that hold non-empty
values only.
Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
* gnu/services/web.scm: (<php-fpm-configuration>)[php-ini-file]: New record field.
(php-fpm-shepherd-service): Use it.
* doc/guix.texi (Web Services): Document it.
* gnu/services/mail.scm (%dovecot-activation): Link the location with multiple
plugins (dovecot-pigeonhole, etc), to a place where dovecot can find them.
* gnu/services/mail.scm (dovecot-configuration): Use the symlink.
Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
When the store overlay is mounted, other processes such as kmscon, udev
and guix-daemon may open files from the store, preventing the
underlying install support from being umounted. See:
https://lists.gnu.org/archive/html/guix-devel/2018-12/msg00161.html.
To avoid this situation, mount the store overlay inside a container,
and run the installation from within that container.
* gnu/build/shepherd.scm (fork+exec-command/container): New procedure.
* gnu/services/base.scm (guix-shepherd-service): Support an optional PID
argument passed to the "start" method. If that argument is passed, ensure that
guix-daemon enters the given PID MNT namespace by using
fork+exec-command/container procedure.
* gnu/installer/final.scm (umount-cow-store): Remove it,
(install-system): run the installation from within a container.
* gnu/installer/newt/final.scm (run-install-shell): Remove the display hack.
* gnu/services/virtualization.scm (secret-service-operating-system): New
procedure.
(hurd-vm-disk-image): Use it to ensure a Childhurd always includes the
secret-service.
(%hurd-vm-operating-system): Remove secret-service.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/virtualization.scm (%hurd-vm-operating-system): Add
secret-service.
(hurd-vm-shepherd-service): Use it to install secrets.
* doc/guix.texi (The Hurd in a Virtual Machine): Document it.
This adds a "secret-service" that can be added to a Childhurd VM to receive
out-of-band secrets (keys) sent from the host.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/virtualization.scm (secret-service-activation): New procedure.
(secret-service-type): New variable.
* gnu/build/secret-service.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.