When you want to invoke wg-quick yourself, for example from a script,
this procedure is useful to produce the configuration file for it.
* gnu/services/vpn.scm (define-module)<#:export>:
Add wireguard-configuration-file.
Change-Id: Ifab8a9d731de19d2943517bf18c156a56fea4cca
Signed-off-by: Nguyễn Gia Phong <cnx@loang.net>
* gnu/services/web.scm (sogogi-service-type): New services.
(sogogi-serialize-section, sogogi-serialize-field)
(sogogi-serialize-string, sogogi-serialize-list-of-strings)
(sogogi-serialize-sogogi-user, sogogi-serialize-sogogi-location)
(sogogi-serialize-list-of-sogogi-user): New procedures.
(sogogi-user, sogogi-location)
(sogogi-configuration): New record types.
(sogogi-account-service): New variable.
(sogogi-config-file, sogogi-shepherd-service): New procedures.
* gnu/tests/web.scm (%test-sogogi): Add tests for the service.
* doc/guix.texi (Web Services): Document it.
Change-Id: I5cc6dd84d6c7c8d5d13b685853b19c5d433ed7e5
* gnu/services/dbus.scm (rtkit-service-type): New variable.
(rtkit-configuration): New record.
Change-Id: I5078cb5032824c7799e7d26962911bbc67527562
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
There was one level of parentheses too much, leading to errors when the script
was invoked due to trying to apply e.g., 0 or #t. So either use begin, or
strip one level, as appropriate.
* gnu/services/power.scm (apcupsd-event-handlers): Fix all G-expressions.
Signed-off-by: Andreas Enge <andreas@enge.fr>
* gnu/services/desktop.scm (plasma-udev-configurations): New variable.
(plasma-desktop-service-type): Extend udev-service-type with it.
Change-Id: Ifcf08c731b1173c9c811b22744072538e4df7e36
* gnu/services/messaging.scm (%default-soju-shepherd-requirement): New
variable.
(soju-ssl-certificate): New configuration record.
(soju-database): New configuration record.
(soju-configuration): New configuration record.
(serialize-soju-configuration,soju-activation,soju-accounts,
soju-shepherd-services): New procedures.
(soju-service-type): New service.
(serialize-ngircd-configuration): Reformat.
(pounce-configuration): Reformat.
* doc/guix.texi: Document the new soju service.
* gnu/tests/messaging.scm: Test the new soju service.
Change-Id: I6223ecac1aaaab76bd75461851ffe4cec0678118
* gnu/services/linux.scm
(tuned-configuration,tuned-settings,tuned-ppd-settings): New
configuration records.
(tuned-file-systems,tuned-activation,tuned-shepherd-services,
tuned-kernel-modules): New procedures.
(tuned-service-type): New service type.
* doc/guix.texi: Add service documentation.
Change-Id: I6c8d54c23175c2ea133d99965641c548fb1d6452
* gnu/services/virtualization.scm (%libvirt-activation): Activate
default libvirt network configuration file.
* gnu/tests/virtualization.scm (run-libvirt-test): Drop network
definition test and replace it with a test checking that the default
network is inactive by default.
Change-Id: I03b6314a390c6d93ebf886d7033867ff5cacad74
* gnu/services/upnp.scm (readymedia-activation): For home services, if the
media directory paths are relative, create it in the user's home directory.
* doc/guix.texi (Miscellaneous Services)[DLNA/UPnP Services]: Update doc.
Change-Id: I39176320d6c33c56c5b80ad9e67e989ee41565da
* gnu/services/web.scm
(<gunicorn-configuration>, <gunicorn-app>): New records.
(unix-socket?, unix-socket-path, gunicorn-activation,
gunicorn-shepherd-services): New procedures.
(gunicorn-service-type): New variable.
* doc/guix.texi (Web Services): Document the new service.
Co-authored-by: Arun Isaac <arunisaac@systemreboot.net>
Change-Id: I3aa970422e6a5d31158b798b1061e6928ad2160b
Signed-off-by: jgart <jgart@dismail.de>
Dockerfile's ENTRYPOINT statement supports also a list of strings. This
patch implements this behavior for oci-container-configuration.
* oci/services/containers.scm (string-or-list-of-strings?): New
procedure.
(oci-container-configuration)[entrypoint]: Change field type to
maybe-string-or-list-of-strings.
(oci-container-configuration->options): Use it.
* doc/guix.texi: Document it.
Change-Id: I1c94dec79c9f4b2324225810a7926be251bfd795
Reviewed-by: Owen T. Heisler <writer@owenh.net>
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
This commit allows oci-image records to be directly compiled to tarballs
file names when ungexeped, by means of a gexp compiler. It is supposed
to make the usage of oci-images in gexp smoother.
* oci/services/containers.scm (lower-manifest): Reformat and derive
tarball name from the image reference.
(lower-oci-image-state): Drop procedure and merge with lower-oci-image.
(oci-image-compiler): Implement in terms of lower-oci-image.
(oci-image-loader): Drop call to lower-oci-image and directly ungexp the
oci-image record.
Change-Id: I1755585a10294ad94c8025e7c35d454319174efc
Reviewed-by: Owen T. Heisler <writer@owenh.net>
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
* gnu/services/upnp.scm (%readymedia-default-pid-directory): New variable.
(%readymedia-pid-file): New procedure.
(readymedia-shepherd-service)[start]: Start with the pid file.
(readymedia-activation): Create the pid directory.
* gnu/tests/upnp.scm (run-readymedia-test): Test the pid directory and file.
Merges: https://codeberg.org/guix/guix/pulls/1007
Change-Id: I454a89d25afe0e9bb0414645b1e4594afdf89058
Signed-off-by: Giacomo Leidi <therewasa@fishinthecalculator.me>
* gnu/services/upnp.scm (%readymedia-default-log-directory): Remove variable.
(%readymedia-default-log-file): New procedure.
(%readymedia-default-cache-directory): Turn it into a procedure.
(<readymedia-configuration>)[log-directory]: Remove field.
[log-file]: New field.
[cache-directory]: Set to %readymedia-default-cache-directory.
(readymedia-configuration->config-file): Remove "user" and "log_dir" fields.
(readymedia-shepherd-service)[modules]: Add (shepherd support).
[start]: Do not map the log-directory. For home services, do not wrap the
program with least-authority-wrapper.
(readymedia-activation): Do not create the log-directory.
* gnu/home/services/upnp.scm (%readymedia-cache-file, %readymedia-cache-path,
%readymedia-log-path): Remove variables.
(run-readymedia-test): Use the procedures properly. Do not test the
log directory. Test the log file.
* doc/guix.texi (Miscellaneous Services)[DLNA/UPnP Services]: Update doc.
Change-Id: I97d84b5287c374ddb26a495f20a36f986b0c142d
Signed-off-by: Giacomo Leidi <therewasa@fishinthecalculator.me>
The implementation of postgresql-role's password up until now relied on
spawining a subshell reading the password file and passing its content
via command line to a psql process which would create users and set
passwords. This allowed a (fast) attacker to eavesdrop, via the kernel
command line facility, the password while they were read,
without having the permissions required for reading the password
file.
This new implementation reads passwords directly from password files
into the Guile process, temporarily stores them in query files living in
a memory backed file system and deletes the query files after executing
them. It also makes sure to turn off logging of commands for the
duration of the password setting transaction, so passwords don't get
leaked to system logs through misconfiguration.
* gnu/services/databases.scm (%postgresql-role-runtime-dir): New
variable.
(postgresql-create-roles): Rework the way passwords are set to avoid
leaking them through subshells and command lines.
(%postgresql-role-file-systems): New variable.
(postgresql-role-service-type): Add file-system-service-type extension
point.
Change-Id: I52406d1d24f5d163081b5c21d3e1760fc0b67a1e
* gnu/services/web.scm (go-webdav-service-type): New service.
(go-webdav-account-service): New variable.
(go-webdav-shepherd-service): New procedures.
* gnu/tests/web.scm (%test-go-webdav): Add tests for the service.
* doc/guix.texi (Web Services): Document it.
Signed-off-by: Danny Milosavljevic <dannym@friendly-machines.com>
* gnu/services/base.scm (assert-network-route-scope): New procedure.
(<network-route>)[scope]: New field.
(network-set-up/linux)[route-scope->constant]: New procedure.
Use it to pass #:scope to ‘route-add’.
* doc/guix.texi (Networking Setup): Document it.
Fixes: guix/guix#4175
Reported-by: Christopher Baines <mail@cbaines.net>
Change-Id: I24399eca6e691d63fa3d01be564060a3d693d650
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Merges: #5507
* gnu/services/base.scm (assert-network-link-mac-address): Change error
message string to conform to standards.
(assert-network-link-type): Change to ‘define-with-syntax-properties’ since
previously it would reject a non-literal symbol. Adjust message string.
Change-Id: I0a8b9d7512ca7567f9d60eb15ad6fb4e05020e48
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/xorg.scm (gdm-shepherd-service)
[start] <#:environment-variables>: Add system profile to XDG_DATA_DIRS so that
we can use fonts installed in it.
Change-Id: Idd11fe0a5d5d57db5459a5c2a9471d1bf640a6ef
* gnu/services/desktop.scm
(desktop-services-for-system): Use gdm on all 64-bit systems.
* gnu/services/xorg.scm (set-xorg-configuration): Adapt to
desktop-services-for-system change.
* gnu/system/examples/desktop.tmpl: Determine the support of Gnome by checking
for supported package.
Fixes: #5388
Change-Id: I0d512a7c31188cea0335e66f00a6d65ae59d09a4
Signed-off-by: Rutherther <rutherther@ditigal.xyz>
