One-shot Shepherd services required to correctly setup Podman in the
Guix System, are failing to find executables upon boot. This patch
changes the executable references to absolute paths to avoid PATH
lookup.
* gnu/services/containers.scm (cgroups-fs-owner-entrypoint): Hardcode
bash path;
(rootless-podman-cgroups-fs-owner-service): Ditto;
(rootless-podman-fs-entrypoint): Hardcode mount path.
Change-Id: Id6a27cadf51326ce57af93f57809b77e28dbeaef
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/base.scm (syslog-shepherd-service): Separate incorrectly
combined arguments which resulted in an argument like "-f
/etc/syslog.conf" being passed to syslogd, leading it to ignore the
argument and execute without a configuration file. Effects of this
included no log files being written, though the Shepherd service ran
successfully.
Ref: https://issues.guix.gnu.org/70677#4-lineno7
Change-Id: I3dbe00eabd4a10804e554c12e1466483c0b185b7
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/base.scm (syslog-shepherd-service): Change flag for designating
configuration file. The long option is not compatible with rsyslog while the
short is; switch to the short one.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/base.scm (<syslog-configuration>): Add extra-options field.
(syslog-shepherd-service): Use it when running the service.
* doc/guix.texi: Document it.
Change-Id: I540d070b9a9678b45ec9fa28d6fdc761f9b3fd9a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/containers.scm: New file;
(rootless-podman-configuration): new variable;
(rootless-podman-service-subids): new variable;
(rootless-podman-service-accounts): new variable;
(rootless-podman-service-profile): new variable;
(rootless-podman-shepherd-services): new variable;
(rootless-podman-service-etc): new variable;
(rootless-podman-service-type): new variable.
* gnu/local.mk: Test it.
* gnu/local.mk: Add them.
* doc/guix.texi (Miscellaneous Services): Document it.
Change-Id: I041496474c1027da353bd6852f2554a065914d7a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
There doesn't seem to be a reason to force users to write
(service iptables-service-type
(iptables-configuration))
instead of simply
(service iptables-service-type)
This patch provides a default value for the iptables-service-type.
* gnu/services/networking.scm (iptables-service-type): Set default-value.
Change-Id: I93b6c544dfb064c7a0a999549dff61007a38f842
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/xorg.scm (set-xorg-configuration): Update the comment
about platforms with rust support.
Change-Id: I6237ee9d26b5a74fb0d0b6680d3ff827d2a67418
* gnu/services/desktop.scm (desktop-services-for-system): Update the
comment about platforms with rust support.
Change-Id: Ibefa826494e29498870f392c0fec87d606d386ec
The database contains some tables that are effectively used for configuration.
This commit starts to expose these to the guix service, enabling the
configuration to be handled by the service.
* gnu/services/guix.scm (<guix-data-service-configuration>): Add
git-repositories and build-servers.
(guix-data-service-configuration-git-repositories,
guix-data-service-configuration-build-servers): New procedures.
(guix-data-service-shepherd-services): Add new shepherd service to setup the
database.
Change-Id: I519efd9157b60f18c7e80e3bdc92c0e3c5729334
* gnu/services/lightdm.scm
(lightdm-configuration->greeters-config-dir): Rename to...
(lightdm-configuration-directory): ... this, and add the
lightdm-configuration-file.
(lightdm-shepherd-service): Don't pass the configuration file, don't set
XDG_CONFIG_DIRS
(lightdm-etc-service): New procedure.
(lightdm-service-type): Use lightdm-etc-service as the etc-extension.
Change-Id: I982ec1f7bdfd085621f45a8a1e4b175ab481202f
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
For auto-login on systems with elogind, dbus-system needs to be started. This
commit adds ability to express that ordering.
* gnu/services/base.scm (<mingetty-configuration>): Add shepherd-requirement
field.
(mingetty-shepherd-service): Use it.
* doc/guix.texi (Base Services)<mingetty-configuration>: Document it.
Change-Id: Iedbdc4375180740379d561aa193d7c63350d2e7b
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Rename the accessors to ensure all start with `mingetty-configuration-'
prefix. Some were named just `mingetty-$FIELD', instead of
`mingetty-configuration-$FIELD'.
The renaming *is* backwards compatible, since in the define-module's #:export
argument the correct (`mingetty-configuration-$FIELD') were used already and
thus the accessors were not accessible.
* gnu/services/base.scm (<mingetty-configuration>): Rename accessors for
auto-login, login-program, login-pause?, clear-on-logout?.
Change-Id: I4557a82498805ade0b341feda9d33eccc305690f
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Not all aspects of mingetty were configurable, so this commit adds the
additional configuration fields to support that.
* gnu/services/base.scm (<mingetty-configuration>): Add delay, print-issue,
print-hostname, nice, working-directory, root-directory fields.
(mingetty-shepherd-service): Use the new fields.
(define-module)<#:export>: Export the new accessors.
* doc/guix.texi (Base Services)<mingetty-configuration>: Document the
additional field.
Change-Id: I4557a82498805ade0b341feda9d33eccc305690f
The uptime/ /proc/loadavg reporting in the Hurd is 1.0 for a machine without
load. This may have been caused by recent SMP work.
* gnu/services/virtualization.scm (hurd-vm-guix-extension): Set
overload-threshold to 1.8 to allow offloading to actually happen.
Change-Id: I2b5be4d8e8d884cba767702f9cdccf91717eb95d
This ensures the unattended upgrade job successfully reboots regardless of the
value for services-to-restart. Previously the mcron service may be restarted
which would halt script execution before the system rebooted.
* gnu/services/admin.scm (unattended-upgrade-mcron-jobs): Do not restart
services when reboot? is #t.
* doc/guix.texi (Unattended Upgrades): Document it.
Change-Id: I8e486a764ec1dc5c3090130cc447a0cc3f5a2e00
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
In order to support more flexibility in Wireguard configuration, ungexp the
configuration fields directly instead of ungexp-splicing a sexp
calculator. This allows for the fields to take arbitrary gexps instead of only
strings which is particularly helpful for the Pre/Post Up/Down commands.
* gnu/services/vpn.scm (wireguard-configuration-file): Ungexp configuration
lists instead of ungexp-splicing the code surrounding them.
* doc/guix.texi (VPN Services)[wireguard]: Document it.
Change-Id: If074cbb78473b6fd34e0e4e990d2ed268001d6c7
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
The syntax from using the private-key field is more convenient than writing a
custom PreUp command (more formatting and preshared keys). Instead of trying
to guess if private-key is/is not a file path, add an option to disable
bootstrapping while still using private-key.
* gnu/services/vpn.scm (<wireguard-configuration>): Add
bootstrap-private-key?.
(wireguard-activation): Check bootstrap-private-key? before bootstrapping.
* doc/guix.texi (VPN Services)[wireguard]: Document it.
Change-Id: I6ba71ad58b26743057a221a54a246369022f83a5
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
Users who retrieve the private-key via a PreUp field need to be able to
disable the default retrieval mechanism.
* gnu/services/vpn.scm (<wireguard-configuration>)[private-key]: Change
comment.
(wireguard-configuration-file): Conditionally serialize private-key.
* gnu/services/vpn.scm (wireguard-activation): Do not create private-key if
the field is #f.
* doc/guix.texi (VPN Services)[wireguard-configuration]: Document it.
Change-Id: Iac419809ae94eb76e97ff1f1749e2f4b3e65bb04
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
* gnu/services/pm.scm (power-profiles-daemon-shepherd-service): Change indentation.
[requirement]: Add user-processes.
[documentation]: Change name to Power Profiles Daemon.
(power-profiles-daemon-service-type)
[description]: Change name to Power Profiles Daemon.
Change-Id: Ibbd06cf1fbadd812ad3f0eac92b9772e3387f875
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
The configuration file is processed sequentially, which meant that there was
no way to set for example log format shared between the server-blocks, because
the final configuration file would have this order:
...
http {
...
server {
}
...
$extra-content
}
Moving the extra-content before the serialization of server-blocks resolves
this.
* gnu/services/web.scm (default-nginx-config): Move extra-content before
server-blocks.
Change-Id: Ie8286a533dfed575abc58a0f4800706b3ad6adc2
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/databases.scm (postgresql-configuration)[postgresql]:
Unset default.
(postgresql-service-type): Remove default-value.
(postgresql-service): Revert default to postgresql-10 (rationale: We
can remove this service at the same time than postgresql-10, in
something like 6 months to a year).
* doc/guix.texi: Remove postgresql default reference in documentation.
Signed-off-by: Florian Pelz <pelzflorian@pelzflorian.de>
* gnu/services/base.scm (swap-service-type): Do not include 'udev' requirement
for the Hurd. Use system* with "swapon", "swapoff" for the Hurd.
* gnu/system.scm (hurd-default-essential-services): Add swap-services.
* gnu/services/base.scm (swap-service-type):
Change-Id: I1d4d445c614921752dc84aa0dd6ff42cdbf62aa8
This allows us to use %base-services/hurd for services in a Hurd config for a
real machine without removing static-networking.
* gnu/system/hurd.scm (%base-services/hurd): Factor networking out to...
(%base-services+qemu-networking/hurd): ..this new variable.
* gnu/system/examples/bare-hurd.tmpl (%hurd-os): Use it.
* gnu/services/virtualization.scm (%hurd-vm-operating-system): Use it.
* gnu/system/images/hurd.scm (hurd-barebones-os): Use it. Add comment about
QEMU and networking for a real machine.
Change-Id: I777a63410383b9bf8b5740e4513dbc1e9fb0fd41
* gnu/services/web.scm (anonip-shepherd-service): Recreate the input file when
it's not a FIFO.
Fixes: <https://issues.guix.gnu.org/59181>
Change-Id: I8ba87f9fc48ecfd515e34bdee9e2949a2a559f9c
Versions 10 and 11 are unsupported according to
https://www.postgresql.org/support/versioning/
postgresql-10 also has a CVE.
* doc/guix.texi: Change default value of postgresql-service-type's
postgresql field.
* gnu/packages/databases.scm (postresql-10, postgresql-11): Use
define-deprecated/public to warn users.
* gnu/services/databases.scm (postgresql-configuration): Change the
default value of postgresql-configuration-postgresql.
* gnu/tests/guix.scm (%guix-data-service-os): Change the default value
of postgresql.
Signed-off-by: Andreas Enge <andreas@enge.fr>
Change-Id: Ie8744c8e1f246e9b45ff5e29d4e98214de3ca66a
Pluggable transports are programs that disguise Tor traffic, which
can be useful in case Tor is censored. Pluggable transports
cannot be configured by #:config-file file exclusively because Tor
process is run via 'least-authority-wrapper' and cannot have access
to transport plugin, which is a separate executable (Bug#70302,
Bug#70332).
* doc/guix.texi (Networking Services): Document 'tor-transport-plugin'
data type and 'transport-plugins' option for 'tor-configuration.
* gnu/services/networking.scm: Export
'tor-configuration-transport-plugins', 'tor-transport-plugin',
'tor-transport-plugin?', 'tor-plugin-role',
'tor-plugin-protocol', and 'tor-plugin-program'.
(<tor-configuration>): Add 'transport-plugins' field.
(<tor-transport-plugin>): New variable.
(tor-configuration->torrc): Add content to 'torrc' computed-file.
(tor-shepherd-service): Add file-system-mapping(s).
Change-Id: I1b0319358778c7aee650bc843e021a6803a1cf3a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/configuration.scm (generate-documentation): Filter for all
configurations associated with each field-name.
* doc/guix.texi (Complex Configurations): Describe use case for multiple
field-names.
Change-Id: I6d1e7b8858231aa05fda884b31a9bd0a48f07293
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/games.scm (joycond-service-type): Also extend the udev service
with the configured joycond package.
* doc/guix.texi (Game Services): Update documentation.
Change-Id: I9f7fb0da5cfc1f8a7e8bb5f2ce7161e5e66b2f5e
* gnu/services/networking.scm (<dhcp-client-configuration>)
[version]: New field.
(dhcp-client-shepherd-service): Use 'match-record' instead of various
accessors. Honor the new 'version field'. Include the version the PID file
name when a non-default version is used.
* doc/guix.texi (Networking Setup) <dhcp-client-configuration>
[version]: Document it.
Change-Id: I6236ae160967c95fe7a2c1785821cc9b0c183e77
Previously, when being stopped, the ‘user-file-systems’ service would
attempt to unmount / and /dev, which was bound to fail. This was
harmless, apart from a couple of lines in /var/log/messages, but it was
wrong.
* gnu/services/base.scm (file-system-shepherd-services)[user-unmount]:
Remove “/” and “/dev” from the list of file systems subject to
unmounting.
Change-Id: Ieb68fe46c114909a64d54f885c94a9d7cd61f5e0
* gnu/services/guix.scm (<guix-build-coordinator-agent-configuration>)
[max-parallel-builds, max-parallel-uploads]: Set default to #f.
(guix-build-coordinator-agent-shepherd-services): Check for
max-parallel-builds.
* doc/guix.texi (Guix Services): Adapt the documentation.
If set to #f, the default values are now taken as the defaults of the
guix-build-coordinator-agent command.
Change-Id: Ide6dde0e88aa0dc851b6295095f414ca2ddc72ac
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail>
* gnu/services/desktop.scm (desktop-services-for-system): Extend
PRIVILEGED-PROGRAM-SERVICE-TYPE rather than SETUID-PROGRAM-SERVICE-TYPE
and use the totally new FILE-LIKE->SETUID-PROGRAM.
Change-Id: Ia8cac67c8234657332390794a41d91e60f788d90
