Because it takes too much time and it requires networking.
Thanks to Mathieu Othacehe for suggesting this.
* gnu/services/certbot.scm (certbot-activation): Do not run the renewal
command, copy its path to a fixed location, display it, so that the user can
run the command when they want.
For the default config file representation. This makes it possible to more
easily change the configuration file, and have dynamic content.
* gnu/services/databases.scm (<postgresql-config-file>): New record type.
(%default-postgres-config): Remove this, it's been replaced by the
configuration file.
(<postgresql-configuration>): Alter the default for the config file field.
(postgresql-service): Alter the default value for the config-file parameter.
Many Dovecot utilities compiled with assumption of ‘/etc/dovecot/dovecot.conf’
existence.
* gnu/services/mail.scm (dovecot-shepherd-service): Move config generation.
Invoke ‘dovecot’ without ‘-c’ flag.
(%dovecot-activation): Copy ‘dovecot.conf’ to ‘/etc/dovecot’.
(dovecot-service-type): Make ‘%dovecot-activation’ non-constant.
Previously the KNOWN-FS value used in 'essential-services' would be
incomplete: it would lack all the file systems provided by services that
extend 'file-system-service-type' (/sys/fs/cgroup,
/proc/sys/fs/binfmt_misc, etc.) Consequently, upon shutdown,
'user-processes' would unmount these file systems before their
corresponding service had been stopped; when their corresponding (e.g.,
'file-system-/proc/sys/fs/binfmt_misc') was stopped, its 'umount' call
would fail.
This was harmless in practice, but this patch makes sure things work as
intended and file systems are unmounted in the right order.
* gnu/services/base.scm (file-system-shepherd-services): Instantiate
'user-file-systems' Shepherd service from here.
(user-unmount-service-type, user-unmount-service): Remove.
* gnu/system.scm (essential-services): Remove call to 'user-unmount-service'.
* gnu/system/install.scm (cow-store-service-type): Adjust comment.
* gnu/packages/ntp.scm (openntpd)[arguments]: Add 'configure-flags to
set openntpd daemon's user and localstatedir. Add a custom phase to not
try to create said directory at install time.
* gnu/services/networking.scm (<openntpd-configuration>): New record type.
(openntpd-shepherd-service, openntpd-service-activation): New procedures.
(openntpd-service-type): New variable.
* doc/guix.texi (Networking Services): Add openntpd documentation.
* gnu/packages/databases.scm (<postgresql-configuration>)
[config-file,data-directory]: Add default.
(postgresql-service-type)[default-value]:
Set to (postgresql-configuration).
* doc/guix.texi (Messaging Services): Update accordingly.
* gnu/services/configuration.scm (serialize-configuration,
serialize-maybe-stem, serialize-package): Return strings or string-valued
gexps (these procedures were only used for their side-effects).
* gnu/services/messaging.scm (serialize-field, serialize-field-list,
enclose-quotes, serialize-raw-content, serialize-ssl-configuration,
serialize-virtualhost-configuration-list,
serialize-int-component-configuration-list,
serialize-ext-component-configuration-list,
serialize-virtualhost-configuration, serialize-int-component-configuration,
serialize-ext-component-configuration, serialize-prosody-configuration):
Return strings or string-valued gexps and stop printing.
(prosody-activation): Use SERIALIZE-PROSODY-CONFIGURATION's return value with
MIXED-TEXT-FILE instead of using its output with PLAIN-FILE.
(serialize-non-negative-integer, serialize-non-negative-integer-list): Convert
numbers to strings.
(file-object?, serialize-file-object, file-object-list?,
serialize-file-object-list): New procedures.
(ssl-configuration)[capath, cafile], (prosody-configuration)[plugin-paths,
groups-file]: Replace FILE-NAME with FILE-OBJECT.
* guix/gexp.scm (file-like?): New exported procedure.
The certificate name wasn't displayed if it wasn't being renewed.
* gnu/services/certbot.scm (certbot-command): Print certificate name before
running the associated command.
* doc/guix.texi (Certificate Services): Document <certificate-configuration>,
the change from domains to certificates and the fact that their path is now
derived from their name.
* gnu/services/certbot.scm (<certificate-configuration>): Add and export it.
(certbot-configuration, certbot-command, certbot-activation,
certbot-nginx-server-configurations, certbot-service-type): Replace 'domains'
with 'certificates'.
(certbot-nginx-server-configurations): Use only one nginx-server-configuration
and use all certificate domains as the server-name.
* gnu/services/xorg.scm (slim-shepherd-service): Use SESSREG to register X11
session.
* doc/guix.texi (slim-configuration): Document new field "sessreg".
This reverts to the behavior of avahi-daemon prior to Avahi 0.7 (commit
550f4509ac).
* gnu/services/avahi.scm (<avahi-configuration>)[publish-workstation?]:
New field.
(configuration-file): Honor it.
* gnu/services/avahi.scm (%avahi-activation, avahi-shepherd-service):
Use /run/avahi-daemon/ instead of /var/run/avahi-daemon/. This was the
case since the switch to Avahi 0.7 (commit
550f4509ac).
This works around <https://bugs.gnu.org/30396>.
Reported by George myglc2 Clemmer <myglc2@gmail.com>.
* gnu/packages/avahi.scm (nss-mdns-0.10): New variable.
* gnu/services/avahi.scm (avahi-service-type): Use it.
This simplifies OS configuration: users no longer need to be aware of
what a given service depends on.
See the discussion at
<https://lists.gnu.org/archive/html/guix-devel/2018-01/msg00114.html>.
* gnu/services.scm (missing-target-error): New procedure.
(service-back-edges): Use it.
(instantiate-missing-services): New procedure.
* gnu/system.scm (operating-system-services): Call
'instantiate-missing-services'.
* tests/services.scm ("instantiate-missing-services")
("instantiate-missing-services, no default value"): New tests.
* gnu/services/version-control.scm (cgit-service-type)[extensions]: Add
FCGIWRAP-SERVICE-TYPE.
* gnu/tests/version-control.scm (%cgit-os): Remove NGINX-SERVICE-TYPE
and FCGIWRAP-SERVICE-TYPE instances.
* doc/guix.texi (Log Rotation): Remove 'mcron-service-type' in example.
(Miscellaneous Services): Remove 'nginx-service-type' and
'fcgiwrap-service-type' in Cgit example.
Suggested by atw on #guix.
* gnu/services/shepherd.scm (shepherd-service-file): Use 'scheme-file'
instead of 'gexp->file'.
(shepherd-configuration-file): Likewise, and adjust to non-monadic
style.
(shepherd-boot-gexp): Adjust accordingly.
* guix/scripts/system.scm (upgrade-shepherd-services): Use
'lower-object' in addition to 'shepherd-service-file'.
* gnu/services/base.scm (<guix-configuration>)[chroot-directories]: New
field.
(guix-shepherd-service): Honor it.
(references-file): New procedure.
(guix-service-type)[compose, extend]: New fields.
* gnu/services/desktop.scm (<mate-desktop-configuration>,
mate-desktop-service-type): New variable.
(mate-desktop-service): New public variable.
* doc/guix.texi (Desktop Services): Document the service.
Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>
* gnu/services/base.scm (urandom-seed-service-type)[default-value]: New
field.
(urandom-seed-service): Mark as deprecated.
(%base-services): Use URANDOM-SEED-SERVICE-TYPE directly.
* gnu/services/base.scm (%base-services):
* doc/guix.texi (Base Services): Document 'urandom-seed-service-type'
instead of 'urandom-seed-service'.
This ensures that 'urandom-seed' is started before programs that rely on
sources of randomness.
Fixes <https://bugs.gnu.org/29773>.
Reported by Leo Famulari <leo@famulari.name>.
* gnu/services/base.scm (urandom-seed-shepherd-service): Change
'requirement' to (file-systems).
(urandom-seed-service-type): Extend USER-PROCESSES-SERVICE-TYPE.
* gnu/services/base.scm (user-processes-shepherd-service): New
procedure, taken from former 'user-processes-service-type'. Add
REQUIREMENTS argument; remove GRACE-DELAY argument.
(user-processes-service-type): Redefine in terms of 'service-type'.
(user-processes-service): Remove.
(file-system-service-type): Extend USER-PROCESSES-SERVICE-TYPE.
* gnu/system.scm (essential-services): Use USER-PROCESSES-SERVICE-TYPE
directly.
* gnu/services/base.scm (urandom-seed-shepherd-service): Try to read from
'/dev/hwrng' at boot, as a supplement to any saved random seed.
* doc/guix.texi (Base Services): Document the new feature.
Quote the list of hosts, to avoid generating a broken job definition.
* gnu/services/certbot.scm (certbot-renewal-jobs): Quote the hosts when
passing them in to the job gexp.
As this is less prone to mistakes than match.
* gnu/services/web.scm (default-nginx-config, nginx-activation,
nginx-shepherd-service): Switch from using match-lambda to match-record.
The nginx service can fail to start if the server names hash bucket size is
too small, which can happen on some systems, and when using QEMU, depending on
the CPU.
* gnu/services/web.scm (<nginx-configuration>): Add
server-names-hash-bucket-size and server-names-hash-bucket-max-size.
(default-nginx-config): Add support for the new hash bucket size parameters.
(nginx-service, nginx-activation): Pass the new hash bucket size parameters
through to the default-nginx-config procedure.
* doc/guix.texi (Web Services): Document the new hash bucket size parameters.
If nginx is configured with a ssl-certificate file, and ssl-certificate-key,
it will fail to start unless these exist. To avoid this happening, change the
default to #f.
* gnu/services/web.scm (<nginx-server-configuration>)
[ssl-certificate,ssl-certificate-key]: Set the defaults to #f.
* gnu/tests/web.scm (%nginx-servers): Remove redundant
nginx-server-configuration fields.
* doc/guix.texi (Web Services): Update examples and documentation.
Erroring here prevents doing things like building a system using nginx on a
different machine from where it's intended to be deployed, or creating
containers and VMs that use the ssl-certificate parts of the nginx
configuration, without also getting these files to exist.
* gnu/services/web.scm (emit-nginx-server-config): Don't error on missing ssl
related files.
This is more robust, faster, and incidentally gets rid of remaining
"error in the finalization thread: Bad file descriptor" messages.
* gnu/services/base.scm (unicode-start): Rewrite to use 'tcgetattr' and
'tcsetattr'.
(console-font-shepherd-services)[start]: Add 'loop' to check whether
DEVICE is ready. Tolerate EX_OSERR return from 'setfont'.
[modules]: New field.
Reported by Christopher Baines <mail@cbaines.net>
at <https://lists.gnu.org/archive/html/guix-devel/2017-12/msg00058.html>.
* gnu/services/ssh.scm (<openssh-configuration>)[%auto-start?]: New
field.
(openssh-shepherd-service): Honor it.
* gnu/system/install.scm (%installation-services): Set '%auto-start?' to
#f for openssh-service-type.
Fixes a regression introduced in
65c0f43649 in the case where users provide
~/.xsession and SESSION is #f.
* gnu/services/xorg.scm (xinitrc): In the XSESSION-FILE case, check
whether SESSION is #f.
* doc/guix.texi (Version Control Services): Add documentation on the HTTP
backend for git.
* gnu/services/version-control.scm (<git-http-configuration>): New data type.
(git-http-nginx-location-configuration): New helper function.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/xorg.scm (xinitrc)[builder](system-profile)
(user-profile): New variables.
(xsession-command, find-session): New procedures.
When FALLBACK-SESSION is #f, find a valid session at run time.
* doc/guix.texi (X Window): Adjust accordingly, and insist that one
or more window managers must be installed.
* gnu/services/xorg.scm (<slim-configuration>): Provide default values
for all fields.
(slim-service-type)[default-value]: New field.
* doc/guix.texi (X Window): Remove 'slim-service' documentation.
Document 'slim-service-type' and 'slim-configuration'.
* gnu/services/desktop.scm (%desktop-services): Use 'slim-service-type'.
* gnu/services/xorg.scm (%default-xorg-fonts): New variable.
(xorg-configuration-file): Add #:modules and #:fonts. Rewrite to return
a 'computed-file' that honors MODULES and FONTS.
(xorg-wrapper): Pass #:modules to 'xorg-configuration-file'.
(xorg-start-command): Add #:fonts. Pass #:fonts and #:modules to
'xorg-configuration-file'.
* doc/guix.texi (X Window): Adjust documentation of 'xorg-start-command'
and 'xorg-configuration-file'.
* doc/guix.texi (Messaging Services): Regenerate it.
* gnu/services/configuration.scm (show-default?): Check VAL rather than DEFAULT.
* gnu/services/messaging.scm (show-default?): Check VAL rather than DEFAULT.
(prosody-configuration)[modules-enabled]: Remove default value from docstring.
* gnu/services/desktop.scm (%udisks-activation): New variable.
(udisks-service-type)[extensions]: Extend the activation service type with
%udisks-activation.
* doc/guix.texi (Messaging Services): Add "mam" as a module example. Document
'prosodyctl check'. Replace 'prosodyctl cert request' with 'prosodyctl cert
import'. Regenerate it.
* gnu/services/messaging.scm (serialize-module-list): Remove "posix" from the
default modules list because it is now automatically loaded.
(ssl-configuration)[key, certificate]: Remove them because they are now
automatically located. Fix their docstrings.
(%default-modules-enabled): Add "carbons" and "blocklist".
(prosody-configuration)[certificates]: Set default directory from which
certificates/keys will be automatically located.
* gnu/services/dict.scm (dicod-shepherd-service): Add
'with-imported-modules' form and 'modules' field. Use
'make-forkexec-constructor/container' instead of
'make-forkexec-constructor'.
This is a followup to b8f59cdc20e9d83ce63523ef917e95fcee07f134:
'list-runtime-roots' no longer depends on 'lsof'.
* gnu/services/base.scm (<guix-configuration>)[lsof]: Remove.
(guix-shepherd-service): Adjust accordingly.
* doc/guix.texi (Base Services): Adjust accordingly.
* gnu/system.scm (%base-packages): Remove LSOF.
While not an optimal solution (see comment), this makes GDM functional.
* gnu/services/xorg.scm (gdm-shepherd-service): Set PATH and XDG_DATA_DIRS
environment variables.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This function allows passing a file-like object to the udev service.
* gnu/services/base.scm (file->udev-rule): New function.
* doc/guix.texi (Base Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This should allow more operations such as changing the system date and
time via the Control Center (reported at
<https://lists.gnu.org/archive/html/help-guix/2016-09/msg00059.html>),
performing "file operations" via gvfs, and interacting with processes
using the System Monitor.
* gnu/services/desktop.scm (gnome-polkit-settings): New procedure.
(gnome-desktop-service-type): Use it in POLKIT-SERVICE-TYPE extension.
* gnu/build/file-systems.scm (mount-file-system): Rename 'spec' to 'fs'
and assume it's a <file-system>.
* gnu/build/linux-boot.scm (boot-system): Assume MOUNTS is a list of
<file-system> and adjust accordingly.
* gnu/build/linux-container.scm (mount-file-systems): Remove
'file-system->spec' call.
* gnu/services/base.scm (file-system-shepherd-service): Add
'spec->file-system' call. Add (gnu system file-systems) to 'modules'.
* gnu/system/linux-initrd.scm (raw-initrd): Use (gnu system
file-systems). Add 'spec->file-system' call for #:mounts.
* gnu/services/web.scm (<nginx-server-configuration>): Add
nginx-server-configuration-try-files.
(emit-nginx-server-config): Use it.
* doc/guix.texi (Web Services): Document it.
* gnu/services/xorg.scm (xorg-configuration-file): Add drivers path from
xorg-server. This includes the modesetting driver.
Signed-off-by: Andy Wingo <wingo@igalia.com>
* gnu/services/desktop.scm (bluetooth-configuration): New record.
(bluetooth-shepherd-service): Use it.
(bluetooth-directory): New method.
(bluetooth-service-type): Use it to extend the etc-service-type service.
(bluetooth-service): Add `auto-enable?' parameter.
* doc/guix.texi (Desktop Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Discussed at
<https://lists.gnu.org/archive/html/guix-devel/2017-08/msg00277.html>.
* gnu/services/desktop.scm (%desktop-services): Remove call to
'wicd-service'. Add instances of NETWORK-MANAGER-SERVICE-TYPE and
WPA-SUPPLICANT-SERVICE-TYPE.
* doc/guix.texi (Networking Services): Document
'network-manager-service-type' as being part of '%desktop-services'.
(Desktop Services): Replace Wicd with NM.
Since MPD switches user, the pid-file must be in a writable dir. This
is now always /var/run/mpd/(user)/pid.
* gnu/services/audio.scm (mpd-service-type): Add a activation-service
extension.
(<mpd-configuration>)[pid-file]: Remove.
(mpd-service): Rename to...
(mpd-shepherd-service): ... this.
(mpd-file-name, mpd-service-activation): New procedure.
* doc/guix.texi (Audio Services): Document the changes.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/virtualization.scm: New file.
* doc/guix.texi (Virtualization Services): Document it.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
Signed-off-by: Christopher Baines <mail@cbaines.net>
Fixes a regression introduced in
0642838b2e.
* gnu/services/herd.scm (invoke-action): Explain that we get a list of
results.
(current-services): Expect a list of result and use the first one.
(unload-service, %load-file, eval-there): Likewise.
Now that the service-type has a default value, and configuration record is
accessible.
* gnu/services/web.scm (nginx-service): Remove procedure.
* doc/guix.texi (Web Services): Update and improve NGinx documentation.
This makes it possible to work with the configuration of the NGinx service
programatically.
* gnu/services/web.scm (<nginx-configuration>, <nginx-server-configuration>,
<nginx-upstream-configuration>, <nginx-location-configuration>,
<nginx-named-location-configuration>): Export NGinx related record
types.
(nginx-configuration-*, nginx-server-configuration-*,
nginx-upstream-configuration-*, nginx-location-configuration-*,
nginx-named-location-configuration-*): Export NGinx related record
procedures.
(nginx-configuration): Export NGinx related record macro.
This adds back the previous behaviour of the nginx-service-type, where the
service would check at the time when the configuration is generated if the SSL
certificate and certificate key file exists.
* gnu/services/web.scm (emit-nginx-server-config): Add back check for SSL
related files.
* gnu/services/web.scm (config-domain-strings, config-index-strings): Emit
lists instead of strings.
(emit-nginx-location-config, emit-nginx-server-config)
(emit-nginx-upstream-config): Rename from nginx-location-config,
default-nginx-server-config, and nginx-upstream-config. Emit lists instead of
strings.
(flatten): New helper.
(default-nginx-config): Use flatten helper to write nginx conf. This allows
location configs to reference store values.
Signed-off-by: Christopher Baines <mail@cbaines.net>
Memcached changes to the memcached user from root before writing the PID
file. This means that it must be able to write the PID file as the memcached
user.
To make this work, create the /var/run/memcached directory when the service
starts, make it owned by memcached, and change memcached to write the PID file
to /var/run/memcached/pid.
This wasn't picked up by the system test as the "service running" part was too
permissive, and only failed on an error. Instead, test the response from
calling start-service and check that the PID is a number.
* gnu/services/databases.scm (memcached-activation): New variable.
(memcached-shepherd-service): Change PID file location.
(memcached-service-type): Extend the activation-service-type.
* gnu/tests/databases.scm (run-memcached-test)[test]: Change the "service
running" test to check the response from the shepherd.
* doc/guix.texi: Add documentation.
* gnu/services/audio.scm (<mpd-configuration>): New record type.
(mpd-service-type): New service type.
* gnu/tests/audio.scm: New file.
* gnu/local.mk: Add new files.
Signed-off-by: Christopher Baines <mail@cbaines.net>
Tailon 1.3.0 (upgraded from 1.1.1) adds support for HTTP authentication.
* gnu/services/admin.scm (<tailon-configuration-file>): Add http-auth and
users configuration values.
(tailon-configuration-file-http-auth, tailon-configuration-file-users): New
procedures.
(tailon-configuration-file-compiler): Add support for the http-auth and
users configuration options.
* doc/guix.texi (Monitoring Services): Document authentication for Tailon.
Previously the match expression case for a successful response
(where error is #f) required that the result component contained a list with a
single element.
As far as I see when looking at the responses from the shepherd, this is not
normally the case. Therefore, to avoid treating successful responses as
errors, make the match requirement more permissive, accepting any value.
* gnu/services/herd.scm (invoke-action): Change match condition for ok responses.
* gnu/services/ssh.scm (<openssh-configuration>)[authorized-keys]: New
field.
(authorized-key-directory): New procedure.
(openssh-config-file): Honor 'authorized-keys'.
(openssh-activation): Use 'with-imported-modules'. Make /etc/ssh
755. Create /etc/ssh/authorized_keys.d.
* doc/guix.texi (Networking Services): Document it.
* gnu/services/databases.scm (memcached-service-type, %memcached-accounts):
New variables.
(<memcached-configuration>): New record type.
(memcached-service-type): New procedures.
* gnu/tests/databases.scm: New file.
* doc/guix.texi (Database Services): Document the new memcached service.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add entry for tests/databases.scm.
Works around <https://bugs.gnu.org/26948>.
* gnu/services/base.scm (guix-publish-shepherd-service): Pass
#:environment-variables to 'make-forkexec-constructor'.