This allows substitutes to be downloaded from unauthorized servers, as
long as they advertise the same hash and references as one of the
authorized servers.
* guix/scripts/substitute.scm (assert-valid-narinfo): Remove.
(valid-narinfo?): Add #:verbose?. Handle each case of
'signature-case'.
(equivalent-narinfo?): New procedure.
(lookup-narinfos/diverse): Add 'authorized?' parameter and honor it.
[select-hit]: New procedure.
(lookup-narinfo): Add 'authorized?' parameter and pass it.
(process-query): Adjust callers accordingly.
(process-substitution): Remove call to 'assert-valid-narinfo'. Check
whether 'lookup-narinfo' returns true and call 'leave' if not.
* tests/substitute.scm (%main-substitute-directory)
(%alternate-substitute-directory): New variables.
(call-with-narinfo): Make 'narinfo-directory' a parameter. Call
'mkdir-p' to create it. Change unwind handler to check whether
CACHE-DIRECTORY exists before deleting it.
(with-narinfo*): New macro.
("substitute, no signature")
("substitute, invalid hash")
("substitute, unauthorized key"): Change expected error message to "no
valid substitute".
("substitute, unauthorized narinfo comes first")
("substitute, unsigned narinfo comes first")
("substitute, first narinfo is unsigned and has wrong hash")
("substitute, first narinfo is unsigned and has wrong refs")
("substitute, unsigned narinfo comes first")
("substitute, two invalid narinfos"): New tests.
* doc/guix.texi (Substitutes): Explain the new behavior.
* gnu/services/desktop.scm (bluetooth-configuration): New record.
(bluetooth-shepherd-service): Use it.
(bluetooth-directory): New method.
(bluetooth-service-type): Use it to extend the etc-service-type service.
(bluetooth-service): Add `auto-enable?' parameter.
* doc/guix.texi (Desktop Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Discussed at
<https://lists.gnu.org/archive/html/guix-devel/2017-08/msg00277.html>.
* gnu/services/desktop.scm (%desktop-services): Remove call to
'wicd-service'. Add instances of NETWORK-MANAGER-SERVICE-TYPE and
WPA-SUPPLICANT-SERVICE-TYPE.
* doc/guix.texi (Networking Services): Document
'network-manager-service-type' as being part of '%desktop-services'.
(Desktop Services): Replace Wicd with NM.
Since MPD switches user, the pid-file must be in a writable dir. This
is now always /var/run/mpd/(user)/pid.
* gnu/services/audio.scm (mpd-service-type): Add a activation-service
extension.
(<mpd-configuration>)[pid-file]: Remove.
(mpd-service): Rename to...
(mpd-shepherd-service): ... this.
(mpd-file-name, mpd-service-activation): New procedure.
* doc/guix.texi (Audio Services): Document the changes.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/bootloader.scm (<bootloader-configuration>): Deprecate "device" field in
favor of "target" field. This is mostly a renaming but also a generalization
to support UEFI targets being paths to a mounted partition instead of a device
name.
* gnu/system/examples/bare-bones.tmpl:
* gnu/system/examples/desktop.tmpl:
* gnu/system/examples/lightweight-desktop.tmpl:
* gnu/system/examples/vm-image.tmpl:
* gnu/system/install.scm:
* gnu/tests.scm:
* gnu/tests/install.scm:
* gnu/tests/nfs.scm:
* tests/system.scm: Adapt all invocations of bootloader-configuration.
* guix/scripts/system.scm (perform-action): Rename device argument to
bootloader-target.
(process-action): Adapt caller.
* doc/guix.texi (Proceeding with the Installation):
* doc/guix.texi (Bootloader Configuration): Update documentation.
* gnu/services/virtualization.scm: New file.
* doc/guix.texi (Virtualization Services): Document it.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
Signed-off-by: Christopher Baines <mail@cbaines.net>
Now that the service-type has a default value, and configuration record is
accessible.
* gnu/services/web.scm (nginx-service): Remove procedure.
* doc/guix.texi (Web Services): Update and improve NGinx documentation.
* doc/guix.texi: Add documentation.
* gnu/services/audio.scm (<mpd-configuration>): New record type.
(mpd-service-type): New service type.
* gnu/tests/audio.scm: New file.
* gnu/local.mk: Add new files.
Signed-off-by: Christopher Baines <mail@cbaines.net>
This is overly specific, as this section now includes the documentation for
Redis, which is not an SQL database.
* doc/guix.texi: Change database services description.
Tailon 1.3.0 (upgraded from 1.1.1) adds support for HTTP authentication.
* gnu/services/admin.scm (<tailon-configuration-file>): Add http-auth and
users configuration values.
(tailon-configuration-file-http-auth, tailon-configuration-file-users): New
procedures.
(tailon-configuration-file-compiler): Add support for the http-auth and
users configuration options.
* doc/guix.texi (Monitoring Services): Document authentication for Tailon.
* guix/scripts/pull.scm (%snapshot-url, with-environment-variable)
(with-PATH): Remove.
(ensure-guile-git!): New procedure.
(%repository-url): New variable.
(%default-options): Add 'repository-url' and 'ref'.
(show-help, %options): Add '--commit' and '--url'.
(temporary-directory, first-directory, interned-then-deleted)
(unpack): Remove.
(build-from-source): Rename 'tarball' to 'source'. Remove call to
'unpack'.
(build-and-install): Rename 'tarball' to 'source'.
(honor-lets-encrypt-certificates!, report-git-error): New procedures.
(with-git-error-handling): New macro.
(guix-pull)[fetch-tarball]: Remove.
Wrap body in 'with-git-error-handling'. Rewrite to use
'latest-repository-commit'.
* build-aux/build-self.scm (build): Print an error message and exit when
GUILE-GIT is #f.
* doc/guix.texi (Invoking guix pull): Mention Git. Document '--commit'
and '--branch'.
* gnu/services/ssh.scm (<openssh-configuration>)[authorized-keys]: New
field.
(authorized-key-directory): New procedure.
(openssh-config-file): Honor 'authorized-keys'.
(openssh-activation): Use 'with-imported-modules'. Make /etc/ssh
755. Create /etc/ssh/authorized_keys.d.
* doc/guix.texi (Networking Services): Document it.
Suggested by Oleg Pykhalov <go.wigust@gmail.com>.
* doc/guix.texi (Invoking guix system): Give an example of passing
arguments to the 'run-vm.sh' script.
* gnu/services/databases.scm (memcached-service-type, %memcached-accounts):
New variables.
(<memcached-configuration>): New record type.
(memcached-service-type): New procedures.
* gnu/tests/databases.scm: New file.
* doc/guix.texi (Database Services): Document the new memcached service.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add entry for tests/databases.scm.
* doc/guix.texi (Web Services): Add documentation.
* gnu/services/web.scm (<fcgiwrap-configuration>): New record type.
(fcgiwrap-accounts, fcgiwrap-shepherd-service): New service extensions.
(fcgiwrap-service-type): New service type.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/cuirass.scm (<cuirass-configuration>)[fallback?]: New field.
(cuirass-shepherd-service): Take it into account.
* doc/guix.texi (Continuous Integration): Document it.
Suggested by Mark H Weaver <mhw@netris.org>.
* guix/scripts/publish.scm (nar-expiration-time): New procedure.
(render-narinfo/cached): Use it as the #:entry-expiration passed to
'maybe-remove-expired-cache-entries'.
* guix/scripts/system.scm (process-action): Pass file-system-type to ...
(perform-action): ... here. Add new keyword argument. Pass new value to ...
(system-derivation-for-action): ... here. Add new keyword argument.
Pass new value to system-disk-image.
* doc/guix.texi (disk-image): Document new option.
* gnu/build/vm.scm (estimated-partition-size): New procedure.
* gnu/system/vm.scm (expression->derivation-in-linux-vm):
Change #:disk-image-size default to 'guess.
[builder]: When DISK-IMAGE-SIZE is 'guess, use
'estimated-partition-size' and compute and estimate of the image size.
(qemu-image): Likewise.
* guix/build/store-copy.scm (file-size, closure-size): New procedures.
* guix/scripts/system.scm (%default-options): Change 'image-size' to
'guess.
* doc/guix.texi (Building the Installation Image): Remove '--image-size'
flag from example.
(Invoking guix system): Document the image size estimate.
* nix/nix-daemon/guix-daemon.cc (DEFAULT_GUIX_PORT): New macro.
(listen_options): New variable.
(parse_opt): Push back '--listen' options to LISTEN_OPTIONS.
(open_unix_domain_socket, open_inet_socket)
(listening_sockets): New functions.
(main): Use it. Pass SOCKETS to 'run'.
* nix/nix-daemon/nix-daemon.cc (matchUser): Remove.
(SD_LISTEN_FDS_START): Remove.
(acceptConnection): New function.
(daemonLoop): Rewrite to take a vector of file descriptors, to select(2)
on them, and to call 'acceptConnection'.
(run): Change to take a vector of file descriptors.
* tests/guix-daemon.sh: Add test.
* guix/store.scm (%default-guix-port): New variable.
(connect-to-daemon)[connect]: Use it when (uri-port uri) is #f.
* doc/guix.texi (The Store): Mention the default port number.
Ludovic Courtès