* gnu/services/networking.scm (%default-nftables-ruleset): New variable.
(<nftables-configuration>): New record type.
(nftables-shepherd-service): New procedure.
(nftables-service-type): New service type.
* doc/guix.texi (Networking Services): Document it.
* .gitignore: Update ignore list.
* Makefile.am (assert-no-store-file-names): Exclude the cookbook.
* bootstrap: Generate po files for cookbook translations.
* doc/guix-cookbook.texi: New file.
* doc/local.mk (info_TEXINFOS): Add it; add a rule to build cookbook
translations.
* po/doc/local.mk (DOC_COOKBOOK_PO_FILES): New variable.
(EXTRA_DIST): Add cookbook pot file and po files.
(doc-po-update-cookbook-%): New target.
(doc-pot-update): Also update cookbook pot file.
(doc-po-update): Also update cookbook po files.
* gnu/services/certbot.scm (certbot-command): Add
--manual-public-ip-logging-ok flag to the certbot command when doing a
manual challenge.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* guix/import/crate.scm (crate->guix-package): Add optional 'version'
argument and honor it.
* guix/scripts/import/crate.scm (guix-import-crate): Assume the first
argument is a spec and destructure it with
'package-name->name+version'. Pass both to 'crate->guix-package'.
* doc/guix.texi (Invoking guix import): Document it.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/networking.scm (ntp-server-types): New enum.
(<ntp-server>): New record type.
(ntp-server->string): New procedure.
(%ntp-servers): Define in terms of <htp-server> records. Use the first
entrypoint server as a pool instead of a list of static servers. This is more
resilient since a new server of the pool can be interrogated on every
request. Add the 'iburst' options.
(ntp-configuration-servers): Define a custom accessor that warns but honors
the now deprecated server format.
(<ntp-configuration>): Use it.
(%openntpd-servers): New variable,
(<openntpd-configuration>): Use it, as a pool ('servers' field) instead of a
regular server.
* tests/networking.scm: New file.
* Makefile.am (SCM_TESTS): Register it.
* doc/guix.texi: Update documentation.
This is documented as best practice in `man ntpd', and is required to allow
the date to be set correctly when traveling (without having to manually update
the hardware clock in the BIOS/UEFI).
* gnu/services/networking.scm (<ntp-server>)[allow-large-adjustment?]: Set the
default value to #t.
* doc/guix.texi (Networking Services): Update documentation.
This is a followup to f8c143a713, which
allows syntax highlighting of @lisp snippets in the HTML output.
* doc/guix.texi, doc/contributing.texi: Use @lisp instead of @example
for all the Scheme snippets.
* gnu/services/cups.scm (error-policy, cups-configuration): Substitute
RETRY-CURRENT-JOB for the obsolete RETRY-THIS-JOB name of this policy.
* doc/guix.texi (Printing Services): Likewise.
* gnu/services/cups.scm (comma-separated-string-list?)
(serialize-comma-separated-string-list): New variables.
(cups-configuration)[browse-dns-sd-sub-types]: New field.
* doc/guix.texi (Printing Services): Document it.
* guix/import/cran.scm (vcs-file?): New procedure.
(download): Support downloading from git.
(fetch-description): Add a clause for the 'git repository type.
(files-match-pattern?): New procedure.
(tarball-files-match-pattern?): Implement in terms of FILES-MATCH-PATTERN?.
(directory-needs-fortran?, directory-needs-zlib?,
directory-needs-pkg-config?): New procedures.
(needs-fortran?, needs-zlib?, needs-pkg-config?): Rename these procedures...
(tarball-needs-fortran?, tarball-needs-zlib?, tarball-needs-pkg-config?):
...to this, and use them.
(file-hash): New procedure.
(description->package): Handle the 'git repository type.
* guix/import/utils.scm (package->definition): Handle package expression
inside of a let.
* guix/scripts/import.scm (guix-import): Handle let expressions.
* doc/guix.texi (Invoking guix import): Document it.
* gnu/services/cuirass.scm (<cuirass-configuration>): Add web-log-file field.
(cuirass-shepherd-service): Read it and use it.
* doc/guix.texi (Continuous Integration): Document it.
…except for ‘AllowDH’, which makes no sense on GNU TLS systems.
* gnu/services/cups.scm (ssl-options?): Validate ‘DenyCBC’ and
‘DenyTLS1.0’.
* doc/guix.texi (Printing Services): Document them both.
Following some discussion with Ludovic (see:
https://lists.gnu.org/archive/html/guix-patches/2019-08/msg00506.html), it is
better advice to generally recommend the use of `program-file' for any usage
of modules, not just for those which define syntax.
* doc/guix.texi (Scheduled Job Execution): Drop the following text: "that
defines syntax (macros)".
* guix/ssh.scm (remote-authorize-signing-key): New variable.
* gnu/machine/ssh.scm (deploy-managed-host): Authorize coordinator's
signing key before any invocations of 'remote-eval'.
(deploy-managed-host): Display an error if a signing key does not exist.
* doc/guix.texi (Invoking guix deploy): Remove section describing manual
signing key authorization.
(Invoking guix deploy): Add section describing the 'authorize?' field.
* doc/guix.texi (Invoking guix deploy): Add section describing
prerequisites for deploying as a non-root user.
* guix/remote.scm (remote-pipe-for-gexp): New optional 'become-command'
argument.
(%remote-eval): New optional 'become-command' argument.
(remote-eval): New 'become-command' keyword argument.
* guix/ssh.scm (remote-inferior): New optional 'become-command'
argument.
(inferior-remote-eval): New optional 'become-command' argument.
(remote-authorize-signing-key): New optional 'become-command' argument.
* gnu/machine/ssh.scm (machine-become-command): New variable.
(managed-host-remote-eval): Invoke 'remote-eval' with the
'#:become-command' keyword.
(deploy-managed-host): Invoke 'remote-authorize-signing-key' with the
'#:become-command' keyword.
* gnu/machine/ssh.scm (machine-ssh-configuration): Add 'system' field.
(managed-host-remote-eval): Pass 'system' field to 'remote-eval'.
(machine-check-building-for-appropriate-system): New variable.
(check-deployment-sanity): Add call to
'machine-check-building-for-appropriate-system'.
* doc/guix.texi (Invoking guix deploy): Describe new 'system' field.
* guix/ssh.scm (remote-system): New variable.
* guix/remote.scm (remote-eval): Use result of 'remote-system' when
lowering the G-Expression.
(remote-eval): Add 'system' keyword argument.
(trampoline): Return a <program-file> rather than a <scheme-file>.
* gnu/machine.scm (machine-system): Delete variable.
(machine-operating-system): New variable.
All callers changed.
* doc/guix.texi (Invoking guix deploy): Use the
'machine-operating-system' accessor rather than 'machine-system'.
* guix/build/cargo-build-system.scm (generate-all-checksums): New
procedure.
(update-cargo-lock, patch-cargo-checksums): New phases.
(%standard-phases): Add 'update=cargo-lock after 'configure and
'patch-cargo-checksums after 'patch-generated-file-shebangs.
* doc/guix.texi (Build System)[cargo-build-system]: Mention how
Cargo.lock files are handled.
Fixes <https://bugs.gnu.org/36813>.
Reported by Jakob L. Kreuze <zerodaysfordays.sdf.org@sdf.org>.
* guix/gexp.scm (program-file-compiler): Pass #:system and #:target to
'gexp->script'.
(load-path-expression): Add #:system and #:target and honor them.
(gexp->script): Likewise.
* tests/gexp.scm ("program-file #:system"): New test.
* doc/guix.texi (G-Expressions): Adjust accordingly.
Guile-JSON 3.x is incompatible with Guile-JSON 1.x, which we relied on
until now: it maps JSON dictionaries to alists (instead of hash tables),
and JSON arrays to vectors (instead of lists). This commit is about
adjusting all the existing code to this new mapping.
* m4/guix.m4 (GUIX_CHECK_GUILE_JSON): New macro.
* configure.ac: Use it.
* doc/guix.texi (Requirements): Mention the Guile-JSON version.
* guix/git-download.scm (git-fetch)[guile-json]: Use GUILE-JSON-3.
* guix/import/cpan.scm (string->license): Expect vectors instead of
lists.
(module->dist-name): Use 'json-fetch' instead of 'json-fetch-alist'.
(cpan-fetch): Likewise.
* guix/import/crate.scm (crate-fetch): Likewise, and call 'vector->list'
for DEPS.
* guix/import/gem.scm (rubygems-fetch): Likewise.
* guix/import/json.scm (json-fetch-alist): Remove.
* guix/import/pypi.scm (pypi-fetch): Use 'json-fetch' instead of
'json-fetch-alist'.
(latest-source-release, latest-wheel-release): Call 'vector->list' on
RELEASES.
* guix/import/stackage.scm (stackage-lts-info-fetch): Use 'json-fetch'
instead of 'json-fetch-alist'.
(lts-package-version): Use 'vector->list'.
* guix/import/utils.scm (hash-table->alist): Remove.
(alist->package): Pass 'vector->list' on the inputs fields, and default
to the empty vector.
* guix/scripts/import/json.scm (guix-import-json): Remove call to
'hash-table->alist'.
* guix/swh.scm (define-json-reader): Expect pair? or null? instead of
hash-table?.
[extract-field]: Use 'assoc-ref' instead of 'hash-ref'.
(json->branches): Use 'map' instead of 'hash-map->list'.
(json->checksums): Likewise.
(json->directory-entries, origin-visits): Call 'vector->list' on the
result of 'json->scm'.
* tests/import-utils.scm ("alist->package with dependencies"): New test.
* gnu/installer.scm (build-compiled-file)[builder]: Use GUILE-JSON-3.
* gnu/installer.scm (installer-program)[installer-builder]: Likewise.
* gnu/installer/locale.scm (iso639->iso639-languages): Use 'assoc-ref'
instead of 'hash-ref', and pass vectors through 'vector->list'.
(iso3166->iso3166-territories): Likewise.
* gnu/system/vm.scm (system-docker-image)[build]: Use GUILE-JSON-3.
* guix/docker.scm (manifest, config): Adjust for Guile-JSON 3.
* guix/scripts/pack.scm (docker-image)[build]: Use GUILE-JSON-3.
* guix/import/github.scm (fetch-releases-or-tags): Update docstring.
(latest-released-version): Use 'assoc-ref' instead of 'hash-ref'. Pass
the result of 'fetch-releases-or-tags' to 'vector->list'.
* guix/import/launchpad.scm (latest-released-version): Likewise.
* doc/contributing.texi (Building from Git, Running Guix Before It Is
Installed): Make instructions using Guix come first and clarify which code is
an instruction and which is merely an example.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>