* gnu/services/networking.scm (wpa-supplicant-configuration):
[requirement]: Deprecate, [shepherd-requirement]: New field,
[shepherd-provision]: Extract to a field. Add 'wireless-daemon to it.
* doc/guix.texi (Networking Setup): Document it.
Change-Id: Icc6fdd695e6e96ef168a085524989da639f77cd3
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This is intended as an alternative to dhcp-client-service-type as
isc-dhcp has reached its end-of-life in 2022 (three years ago!),
see #68619 for more details. Long-term, this services is therefore
intended to replace dhcp-client-service-type.
* gnu/services/networking.scm (dhcpcd-service-type): New service.
(dhcpcd-shepherd-service): New procedure.
(dhcpcd-account-service): New variable.
(dhcpcd-config-file): New procedure.
(dhcpcd-configuration): New record type.
(dhcpcd-serialize-list-of-strings, dhcpcd-serialize-boolean)
(dhcpcd-serialize-string): New procedures.
(serialize-field-name): New procedure.
* gnu/tests/networking.scm (run-dhcpcd-test): New procedure.
(%dhcpcd-os, %test-dhcpcd): New variables.
* doc/guix.texi (Networking Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://issues.guix.gnu.org/76315>.
This is more concise and more robust: these ‘waitpid’ calls would
compete with those made by shepherd’s event loop upon SIGCHLD, and they
could hang forever, as illustrated with ‘dhcp-client-service-type’
in <https://issues.guix.gnu.org/76315>.
* gnu/services/databases.scm (postgresql-role-shepherd-service): Use
‘spawn-command’ instead of ‘fork+exec-command’ followed by ‘waitpid’.
* gnu/services/networking.scm (dhcp-client-shepherd-service): Change
‘start’ to use ‘spawn-command’ instead of ‘fork+exec-command’ and
* gnu/services/web.scm (patchwork-django-admin-gexp): Use
‘spawn-command’ instead of ‘primitive-fork’ + ‘waitpid’.
Change-Id: I449290bfa46f8600e6ccdb5a6da990ad0cb7948c
Reported-by: Tomas Volf <~@wolfsden.cz>
Allow users to specify additional configuration files for NetworkManager.
These files will be added to /etc/NetworkManager/conf.d (NetworkManager's
default configuration directory location).
* gnu/services/networking.scm (<network-manager-configuration>)
[extra-configuration-files]: New field.
(network-manager-activation): Honor the new field.
* doc/guix.texi (Networking Setup): Document the new field.
Change-Id: I07479958e4d0aa318328c666a9630b779230b300
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
There doesn't seem to be a reason to force users to write
(service iptables-service-type
(iptables-configuration))
instead of simply
(service iptables-service-type)
This patch provides a default value for the iptables-service-type.
* gnu/services/networking.scm (iptables-service-type): Set default-value.
Change-Id: I93b6c544dfb064c7a0a999549dff61007a38f842
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Pluggable transports are programs that disguise Tor traffic, which
can be useful in case Tor is censored. Pluggable transports
cannot be configured by #:config-file file exclusively because Tor
process is run via 'least-authority-wrapper' and cannot have access
to transport plugin, which is a separate executable (Bug#70302,
Bug#70332).
* doc/guix.texi (Networking Services): Document 'tor-transport-plugin'
data type and 'transport-plugins' option for 'tor-configuration.
* gnu/services/networking.scm: Export
'tor-configuration-transport-plugins', 'tor-transport-plugin',
'tor-transport-plugin?', 'tor-plugin-role',
'tor-plugin-protocol', and 'tor-plugin-program'.
(<tor-configuration>): Add 'transport-plugins' field.
(<tor-transport-plugin>): New variable.
(tor-configuration->torrc): Add content to 'torrc' computed-file.
(tor-shepherd-service): Add file-system-mapping(s).
Change-Id: I1b0319358778c7aee650bc843e021a6803a1cf3a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/networking.scm (<dhcp-client-configuration>)
[version]: New field.
(dhcp-client-shepherd-service): Use 'match-record' instead of various
accessors. Honor the new 'version field'. Include the version the PID file
name when a non-default version is used.
* doc/guix.texi (Networking Setup) <dhcp-client-configuration>
[version]: Document it.
Change-Id: I6236ae160967c95fe7a2c1785821cc9b0c183e77
* gnu/services/networking.scm (dhcp-client-configuration) [config-file]: New
field.
(dhcp-client-configuration-config-file): New accessor.
(dhcp-client-shepherd-service): Use the config file when invoking
dhclient if supplied.
* doc/guix.texi: Document it.
Change-Id: I286de4ddf59c5e606bf1fe0a7510570869e62b1a
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
This is safer and more appropriate than redirecting to localhost.
* gnu/services/networking.scm (%unroutable-ipv4, %unroutable-ipv6): New
variables.
(facebook-host-aliases): Use them.
Change-Id: Idd4b1fec903c52d542d177a52fec1814eded4119
Currently connman has no main.conf as specified in 'man 5 connman.conf' which
would allow setting NetworkInterfaceBalcklist and other useful options.
This patch adds connman-general-configuration, serializes it and
passes to connmad with --config= flag.
All configuration fields are 'maybe-*' deliberately, to not disturb current
users and not require supporting configuration changes for connmand.
* gnu/services/networking.scm (<connman-general-configuration>): New
configuration record to represent main.conf for connmand.
(<connman-configuration>)[general-configuration]: New field.
(connman-shepherd-service): Honor it.
*doc/guix.texi (Networking Services): Add generated configuration.
Change-Id: I5d78f49e8b2d5e0b3cbd7b8b604e8a254b6397e8
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* gnu/services/networking.scm (pagekite-shepherd-service): Define
‘config-file’ and ‘mappings’; define ‘pagekite’ in terms of
‘least-authority-wrapper’. Remove now-unneeded ‘with-imported-modules’
form and ‘modules’ field. Use ‘make-forkexec-constructor’ instead of
‘make-forkexec-constructor/container’.
Change-Id: I7c6c6266785f6a0f81a69d85f070779a0d6edd91
Packets for local host IP ranges should be coming only over lo. If that is
not the case, we should drop them. Use iif for the check instead of iifname,
lo is guaranteed to exists, and iif is faster.
* gnu/services/networking.scm (%default-nftables-ruleset): Tighten the rules.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Due to (now renamed) 'hidden-service' record type not being exported, the only
way Onion services (formely hidden services) could have worked is through the
now deprecated 'tor-hidden-service' procedure.
This commit updates the Tor service documentation, corrects some inconsistently
named accessors in <tor-configuration> record-type, renames and refactors
tor-hidden-service-configuration to tor-onion-service-configuration using
define-configuration and also exports it, allowing Onion services to be
configured directly within a <tor-configuration> record.
Lastly, it also deprecates the 'tor-hidden-service' procedure.
* doc/guix.texi (Networking Services): Substitute mentions of “Hidden services”
with “Onion Services”. Add a Tor Onion service configuration example.
Document <tor-onion-service-configuration>. Remove mention of
'tor-hidden-service' procedure.
* gnu/services/networking.scm: Export tor-configuration-tor,
tor-configuration-config-file, tor-configuration-hidden-services,
tor-configuration-socks-socket-type, tor-configuration-control-socket-path,
tor-onion-service-configuration, tor-onion-service-configuration?,
tor-onion-service-configuration-name, tor-onion-service-configuration-mapping.
(<tor-configuration>)[control-socket?]: Rename accessor.
(<hidden-service>): Replace with …
(<tor-onion-service-configuration>): … this.
(tor-configuration->torrc): Update record-type name.
(tor-activation): Ditto.
(tor-hidden-service-type): Remove variable.
(tor-hidden-service): Deprecate procedure.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Fixes <https://issues.guix.gnu.org/62409>.
* gnu/services/networking.scm (network-manager-shepherd-service): Set the
LINUX_MODULE_DIRECTORY environment variable.
* gnu/services/networking.scm (connman-shepherd-service): Make 'networking a
virtual service and set 'connman as its canonical name.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
According to the semantics in [1], 'networking should be a "virtual service"
and NetworkManager its canonical-name. This does not influence
existing services and they should continue to use the 'networking symbol.
One visible change is that 'herd status' doesn't show 'networking' anymore,
instead listing 'NetworkManager' in its place but both symbols are can be used
to start and stop the same service.
Note: Though the symbol NetworkManager doesn't really conform with the overall kebab-case
used throughout Guix, this is intentional as we really want to make it clear that
that the symbol NetworkManager really refers to the software called NetworkManager,
since it's a canonical name here. (rather than risk misleading the user to interpret
the symbol network-manager as a symbol for some unspecific network management software)
[1]: https://www.gnu.org/software/shepherd/manual/html_node/Jump-Start.html
* gnu/services/networking.scm (network-manager-shepherd-service): Make 'networking a
virtual service and set 'NetworkManager as its canonical name.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This is similar to its NetworkManager-wait-online.service systemd counterpart,
with the main difference being that we handle it all in 'networking symbol, rather than
introduce a new 'networking-online symbol. (see discussion #47253)
As a result of this change, with opensmtpd-service-type as an example,
manual 'herd restart smtpd' after system bootups are no longer required
when opensmtpd is configured with a smtpd.conf containing non-loopback interfaces.
(this issue is described in more detail at #60300)
Fixes <https://issues.guix.gnu.org/60300>.
* gnu/services/networking.scm (network-manager-shepherd-service): Await for
NetworkManager to finish starting up.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/networking.scm (<connman-configuration>)
[iwd?]: Use helper to warn deprecated field.
(connman-shepherd-service): Make iwd? a local variable independent from
the deprecated field.
* doc/guix.texi (Networking Setup): Remove mention of iwd? field.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/networking.scm (warn-iwd?-field-deprecation): New procedure,
helper for deprecated field.
(<network-manager-configuration>)[iwd?]: Use helper to warn deprecated field.
(network-manager-shepherd-service): Make iwd? a local variable independent
from the deprecated field.
* doc/guix.texi (Networking Setup): Remove mention of iwd? field.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Note: This also makes wpa-supplicant an optional requirement.
* gnu/services/networking.scm (<network-manager-configuration>)
[shepherd-requirement]: New field.
(network-manager-shepherd-service): Honor it.
(network-manager-configuration-shepherd-requirement): Export accessor.
* doc/guix.texi (Networking Setup): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Deprecates %facebook-host-aliases in favour of using
hosts-service-type service extensions.
* gnu/services/networking.scm
(block-facebook-hosts-service-type): New variable.
(%facebook-host-aliases): Deprecate variable.
* doc/guix.texi: Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/networking.scm (network-manager-configuration)[iwd?]: New
field.
(network-manager-shepherd-service): Add iwd to requirements if needed.
* doc/guix.texi: Add information about iwd? option.
* gnu/services/networking.scm (dhcp-client-configuration): New record
configuration.
(dhcp-client-shepherd-service): Implement a shepher service. Provide a
deprication message for legacy configurations.
(dhcp-client-service-type): Use dhcp-client-shepherd-service.
* doc/guix.texi (Networking Setup): Update.
* po/guix/POTFILES.in: Add 'gnu/services/networking.scm'.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
* gnu/home/services/ssh.scm (serialize-address-family): Use the public API of
the maybe infrastructure.
* gnu/services/file-sharing.scm (serialize-maybe-string): Use maybe-value.
(serialize-maybe-file-object): Use maybe-value-set?.
* gnu/services/getmail.scm (getmail-retriever-configuration): Don't use
internals in unset field declarations.
(getmail-destination-configuration): Ditto.
* gnu/services/messaging.scm (raw-content?): Use maybe-value-set?.
(prosody-configuration): Use %unset-value.
* gnu/services/telephony.scm (jami-shepherd-services): Use maybe-value-set?.
(archive-name->username): Use maybe-value-set?.
* tests/services/configuration.scm ("maybe type, no default"): Use
%unset-value.
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Sergey Trofimov