…except for ‘AllowDH’, which makes no sense on GNU TLS systems.
* gnu/services/cups.scm (ssl-options?): Validate ‘DenyCBC’ and
‘DenyTLS1.0’.
* doc/guix.texi (Printing Services): Document them both.
Extends the dbus service when vpn plugins are enabled.
* gnu/services/networking.scm (network-manager-service-type): Load vpn plugins
when extending dbus service.
This changes to 'peer' authentication for local socket connections,
and password-based authentication for local network connections.
* gnu/services/databases.scm (%default-postgres-hba): Change
authentication method.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/networking.scm (%network-manager-activation): Rename to...
(network-manager-activation): ... this and make it a procedure. Make it
create '/var/lib/misc' when using dnsmasq.
(network-manager-service-type): Use it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/networking.scm (usb-modeswitch-service-type): New variable.
(usb-modeswitch-configuration): New variable.
(usb-modeswitch-sh): New procedure.
(usb-modeswitch-configuration->udev-rules): New procedure.
* doc/guix.texi (Networking Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://bugs.gnu.org/36207>.
Reported by Jack Hill <jackhill@jackhill.us>.
* gnu/services/admin.scm: Remove unneeded import of (gnu services
base).
* gnu/services/mcron.scm: Likewise.
This makes it easier to read the output, as it's recorded in a file.
* gnu/services/base.scm (guix-publish-shepherd-service): Add #:log-file to
make-forkexec-constructor.
* gnu/packages/linux.scm (singularity)[source](snippet): Change file
name of setuid helpers in libexec/cli/*.exec.
[arguments]: Remove "--disable-suid".
* gnu/services/docker.scm (%singularity-activation): New variable.
(singularity-setuid-programs): New procedure.
(singularity-service-type): New variable.
* gnu/tests/singularity.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (Miscellaneous Services): Document it.
This is a followup to b8fa86adfc.
* guix/deprecation.scm (warn-about-deprecation): Make public.
* gnu/services/base.scm (<guix-publish-configuration>)[compression]: New
field.
[compression-level]: Default to #f. Add '%' to getter name.
(guix-publish-configuration-compression-level): Define as deprecated.
(default-compression): New procedure.
(guix-publish-shepherd-service)[config->compression-options]: New
procedure.
Use 'match-record' instead of 'match'.
* doc/guix.texi (Base Services): Remove 'compression-level' and document
'compression'.
* gnu/service/web.scm (<patchwork-database-configuration>
<patchwork-settings-module>, <patchwork-configuration>): New record types.
(patchwork-virtualhost): New procedure.
(patchwork-service-type): New variable.
* gnu/tests/web.scm (%test-patchwork): New variable.
* doc/guix.text (Web Services): Document it.
Getmail is a mail retriever written in Python, this commit adds a service-type
to run getmail. I'm looking at this, as it's a convinient way of getting
mailing list messages in to Patchwork.
I initially tried putting this in the (gnu services mail) module, but due to
also trying to use the define-configuration pattern, it conflicted with the
dovecot service.
* gnu/services/getmail.scm: New file.
* gnu/local.mk: Add it.
* gnu/tests/mail.scm (%getmail-os, %test-getmail): New variables.
(run-getmail-test): New procedure.
* gnu/services/sddm.scm (sdm-pam-service): Set uid from CONFIG.
(sdm-autologin-pam-service): Set uid from CONFIG.
(sdm-pam-services): Pass CONFIG to 'sddm-pam-service' and
'sddm-autologin-pam-service'.
* doc/guix.texi (X Window): Adjust 'minimum-uid' documentation.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
This makes it easier to read the output, as it's recorded in a file.
* gnu/services/mcron.scm (mcron-shepherd-services): Add #:log-file to
make-forkexec-constructor.
This partially addresses <https://bugs.gnu.org/35267>.
* gnu/services/xorg.scm (dbus-daemon-wrapper): When available, include
directories from '~/.guix-profile' in the search paths of the D-Bus
daemon.
* gnu/services/mail.scm (dovecot-configuration)[auth-verbose-passwords?]:
Rename to auth-verbose-passwords, and change the type to a string, as this
parameter can take one of three string values.
* doc/guix.texi (Dovecot service): Update the corresponding documentation.
This change makes it possible to add multiple SLiM services to an operating
system configuration by setting the new 'display' and 'vt' fields in their
configurations to different values. Each SLiM service will get its own
authfile, logfile, lockfile, and shepherd service, which will start SLiM on a
different tty.
* gnu/services/xorg.scm: Export slim-configuration-display and
slim-configuration-vt.
(<slim-configuration>)[display, vt]: New fields.
(slim-shepherd-service): Refactor let.
[slim.cfg]: Use new fields for setting display_name, xserver_arguments,
authfile, lockfile, and logfile.
[shepherd-service][provision]: Name the shepherd service according to the
value of 'vt'.
[shepherd-service][start]: Delete the right lockfile.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
The Docker proxy enables inter-container and outside-to-container loopback,
and is required by the Docker registry server.
* gnu/services/docker.scm (docker-configuration)[proxy,
enable-proxy?]: Add fields.
(docker-shepherd-service): Use them.
(serialize-boolean): New function.
Until now 'guix system search bluetooth' would turn up nothing.
* gnu/services/desktop.scm (bluetooth-service-type)
(bluetooth-configuration): Make public.
(bluetooth-service-type)[description]: New field.
Previously setting the slim field in slim-configuration would have no effect.
* gnu/services/xorg.scm (slim-shepherd-service): Remove unused let binding for
slim. Use (slim-configuration-slim config) instead of the default slim.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>