diff options
Diffstat (limited to 'gnu/services')
-rw-r--r-- | gnu/services/base.scm | 49 | ||||
-rw-r--r-- | gnu/services/databases.scm | 65 | ||||
-rw-r--r-- | gnu/services/dbus.scm | 37 | ||||
-rw-r--r-- | gnu/services/desktop.scm | 129 | ||||
-rw-r--r-- | gnu/services/guix.scm | 78 | ||||
-rw-r--r-- | gnu/services/xorg.scm | 2 |
6 files changed, 295 insertions, 65 deletions
diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 36aa878b73..3f912225a0 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -83,6 +83,7 @@ #:use-module ((gnu build file-systems) #:select (mount-flags->bit-mask swap-space->flags-bit-mask)) + #:autoload (guix channels) (%default-channels channel->code) #:use-module (guix gexp) #:use-module ((guix packages) #:select (package-version)) #:use-module (guix records) @@ -216,6 +217,7 @@ guix-configuration-use-substitutes? guix-configuration-substitute-urls guix-configuration-generate-substitute-key? + guix-configuration-channels guix-configuration-extra-options guix-configuration-log-file guix-configuration-environment @@ -1745,6 +1747,31 @@ archive' public keys, with GUIX." ;; Installed the declared ACL. (symlink #+default-acl acl-file)))) +(define (install-channels-file channels) + "Return a gexp with code to install CHANNELS, a list of channels, in +/etc/guix/channels.scm." + (define channels-file + (scheme-file "channels.scm" + `(list ,@(map channel->code channels)))) + + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + + ;; If channels.scm already exists, move it out of the way. Create a + ;; backup if it's a regular file: it's likely that the user + ;; manually defined it. + (if (file-exists? "/etc/guix/channels.scm") + (if (and (symbolic-link? "/etc/guix/channels.scm") + (store-file-name? (readlink "/etc/guix/channels.scm"))) + (delete-file "/etc/guix/channels.scm") + (rename-file "/etc/guix/channels.scm" + "/etc/guix/channels.scm.bak")) + (mkdir-p "/etc/guix")) + + ;; Installed the declared channels. + (symlink #+channels-file "/etc/guix/channels.scm")))) + (define %default-authorized-guix-keys ;; List of authorized substitute keys. (list (file-append guix "/share/guix/berlin.guix.gnu.org.pub") @@ -1763,13 +1790,14 @@ archive' public keys, with GUIX." ;; If MACHINES-FILE already exists, move it out of the way. ;; Create a backup if it's a regular file: it's likely that the ;; user manually updated it. - (if (file-exists? machines-file) - (if (and (symbolic-link? machines-file) - (store-file-name? (readlink machines-file))) - (delete-file machines-file) - (rename-file machines-file - (string-append machines-file ".bak"))) - (mkdir-p (dirname machines-file))) + (let ((stat (false-if-exception (lstat machines-file)))) + (if stat + (if (and (eq? 'symlink (stat:type stat)) + (store-file-name? (readlink machines-file))) + (delete-file machines-file) + (rename-file machines-file + (string-append machines-file ".bak"))) + (mkdir-p (dirname machines-file)))) ;; Installed the declared machines file. (symlink #+(scheme-file "machines.scm" @@ -1800,6 +1828,8 @@ archive' public keys, with GUIX." (default %default-substitute-urls)) (generate-substitute-key? guix-configuration-generate-substitute-key? (default #t)) ;Boolean + (channels guix-configuration-channels ;file-like + (default %default-channels)) (chroot-directories guix-configuration-chroot-directories ;list of file-like/strings (default '())) (max-silent-time guix-configuration-max-silent-time ;integer @@ -1993,7 +2023,7 @@ proxy of 'guix-daemon'...~%") (define (guix-activation config) "Return the activation gexp for CONFIG." (match-record config <guix-configuration> - (guix generate-substitute-key? authorize-key? authorized-keys) + (guix generate-substitute-key? authorize-key? authorized-keys channels) #~(begin ;; Assume that the store has BUILD-GROUP as its group. We could ;; otherwise call 'chown' here, but the problem is that on a COW overlayfs, @@ -2010,6 +2040,9 @@ proxy of 'guix-daemon'...~%") (substitute-key-authorization authorized-keys guix) #~#f) + ;; ... and /etc/guix/channels.scm... + #$(and channels (install-channels-file channels)) + ;; ... and /etc/guix/machines.scm. #$(if (guix-build-machines config) (guix-machines-files-installation diff --git a/gnu/services/databases.scm b/gnu/services/databases.scm index 580031cb42..fa332d7978 100644 --- a/gnu/services/databases.scm +++ b/gnu/services/databases.scm @@ -235,20 +235,7 @@ host all all ::1/128 md5")) (use-modules (guix build utils) (ice-9 match)) - (let ((user (getpwnam "postgres")) - (initdb (string-append - #$(final-postgresql postgresql - extension-packages) - "/bin/initdb")) - (initdb-args - (append - (if #$locale - (list (string-append "--locale=" #$locale)) - '())))) - ;; Create db state directory. - (mkdir-p #$data-directory) - (chown #$data-directory (passwd:uid user) (passwd:gid user)) - + (let ((user (getpwnam "postgres"))) ;; Create the socket directory. (let ((socket-directory #$(postgresql-config-file-socket-directory config-file))) @@ -261,25 +248,37 @@ host all all ::1/128 md5")) (mkdir-p #$log-directory) (chown #$log-directory (passwd:uid user) (passwd:gid user))) - ;; Drop privileges and init state directory in a new - ;; process. Wait for it to finish before proceeding. - (match (primitive-fork) - (0 - ;; Exit with a non-zero status code if an exception is thrown. - (dynamic-wind - (const #t) - (lambda () - (setgid (passwd:gid user)) - (setuid (passwd:uid user)) - (primitive-exit - (apply system* - initdb - "-D" - #$data-directory - initdb-args))) - (lambda () - (primitive-exit 1)))) - (pid (waitpid pid)))))))) + (unless (file-exists? #$data-directory) + (let ((initdb (string-append + #$(final-postgresql postgresql + extension-packages) + "/bin/initdb")) + (initdb-args + (append + (if #$locale + (list (string-append "--locale=" #$locale)) + '())))) + ;; Create db state directory. + (mkdir-p #$data-directory) + (chown #$data-directory (passwd:uid user) (passwd:gid user)) + + ;; Drop privileges and init state directory in a new + ;; process. Wait for it to finish before proceeding. + (match (primitive-fork) + (0 + ;; Exit with a non-zero status code if an exception is + ;; thrown. + (dynamic-wind + (const #t) + (lambda () + (setgid (passwd:gid user)) + (setuid (passwd:uid user)) + (apply execl initdb + initdb "-D" #$data-directory + initdb-args)) + (lambda () + (primitive-exit 1)))) + (pid (waitpid pid)))))))))) (define postgresql-shepherd-service (match-lambda diff --git a/gnu/services/dbus.scm b/gnu/services/dbus.scm index 5a0c634393..8dee91a3f7 100644 --- a/gnu/services/dbus.scm +++ b/gnu/services/dbus.scm @@ -163,7 +163,7 @@ includes the @code{etc/dbus-1/system.d} directories of each package listed in (group "messagebus") (system? #t) (comment "D-Bus system bus user") - (home-directory "/var/run/dbus") + (home-directory "/run/dbus") (shell (file-append shadow "/sbin/nologin"))))) (define dbus-setuid-programs @@ -186,7 +186,38 @@ includes the @code{etc/dbus-1/system.d} directories of each package listed in (let ((user (getpwnam "messagebus"))) ;; This directory contains the daemon's socket so it must be ;; world-readable. - (mkdir-p/perms "/var/run/dbus" user #o755)) + (mkdir-p/perms "/run/dbus" user #o755)) + + (catch 'system-error + (lambda () + (symlink "/run/dbus" "/var/run/dbus")) + (lambda args + (let ((errno (system-error-errno args))) + (cond + ((= errno EEXIST) + (let ((existing-name + (false-if-exception + (readlink "/var/run/dbus")))) + (unless (equal? existing-name "/run/dbus") + ;; Move the content of /var/run/dbus to /run/dbus, and + ;; retry. + (let ((dir (opendir "/var/run/dbus"))) + (let loop ((next (readdir dir))) + (cond + ((eof-object? next) (closedir dir)) + ((member next '("." "..")) (loop (readdir dir))) + (else + (begin + (rename-file (string-append "/var/run/dbus/" next) + (string-append "/run/dbus/" next)) + (loop (readdir dir))))))) + (rmdir "/var/run/dbus") + (symlink "/run/dbus" "/var/run/dbus")))) + (else + (format (current-error-port) + "Failed to symlink /run/dbus to /var/run/dbus: ~s~%" + (strerror errno)) + (error "cannot create /var/run/dbus")))))) (unless (file-exists? "/etc/machine-id") (format #t "creating /etc/machine-id...~%") @@ -210,7 +241,7 @@ includes the @code{etc/dbus-1/system.d} directories of each package listed in '(#:environment-variables '("DBUS_VERBOSE=1") #:log-file "/var/log/dbus-daemon.log") '()) - #:pid-file "/var/run/dbus/pid")) + #:pid-file "/run/dbus/pid")) (stop #~(make-kill-destructor))))))) (define dbus-root-service-type diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index 5b79fbcda1..02a7802d58 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -37,6 +37,7 @@ #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (gnu services base) + #:use-module (gnu services configuration) #:use-module (gnu services dbus) #:use-module (gnu services avahi) #:use-module (gnu services xorg) @@ -60,6 +61,7 @@ #:use-module (gnu packages kde) #:use-module (gnu packages kde-frameworks) #:use-module (gnu packages kde-plasma) + #:use-module (gnu packages pulseaudio) #:use-module (gnu packages xfce) #:use-module (gnu packages avahi) #:use-module (gnu packages xdisorg) @@ -79,6 +81,7 @@ #:use-module (guix ui) #:use-module (guix utils) #:use-module (guix gexp) + #:use-module (guix modules) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) #:use-module (ice-9 format) @@ -139,6 +142,11 @@ gnome-desktop-configuration gnome-desktop-configuration? + gnome-desktop-configuration-core-services + gnome-desktop-configuration-shell + gnome-desktop-configuration-utilities + gnome-desktop-configuration-extra-packages + gnome-desktop-configuration-udev-ignorelist gnome-desktop-service gnome-desktop-service-type @@ -1382,11 +1390,45 @@ rules.") ;;; GNOME desktop service. ;;; -(define-record-type* <gnome-desktop-configuration> gnome-desktop-configuration - make-gnome-desktop-configuration - gnome-desktop-configuration? - (gnome gnome-desktop-configuration-gnome - (default gnome))) +(define-maybe/no-serialization package) + +(define (extract-propagated-inputs package) + ;; Drop input labels. Attempt to support outputs. + (map + (match-lambda + ((_ (? package? pkg)) pkg) + ((_ (? package? pkg) output) (list pkg output))) + (package-propagated-inputs package))) + +(define-configuration/no-serialization gnome-desktop-configuration + (core-services + (list-of-packages (extract-propagated-inputs gnome-meta-core-services)) + "A list of packages that the GNOME Shell and applications may rely on.") + (shell + (list-of-packages (extract-propagated-inputs gnome-meta-core-shell)) + "A list of packages that constitute the GNOME Shell, without applications.") + (utilities + (list-of-packages (extract-propagated-inputs gnome-meta-core-utilities)) + "A list of packages that serve as applications to use on top of the \ +GNOME Shell.") + (gnome (maybe-package) "Deprecated. Do not use.") + (extra-packages + (list-of-packages (extract-propagated-inputs gnome-essential-extras)) + "A list of GNOME-adjacent packages to also include. This field is intended +for users to add their own packages to their GNOME experience. Note, that it +already includes some packages that are considered essential by some (most?) +GNOME users.") + (udev-ignorelist + (list-of-strings '()) + "A list of regular expressions denoting udev rules or hardware file names +provided by any package that should not be installed. By default, every udev +rule and hardware file specified by any package referenced in the other fields +are installed.") + (polkit-ignorelist + (list-of-strings '()) + "A list of regular expressions denoting polkit rules provided by any package +that should not be installed. By default, every polkit rule added by any package +referenced in the other fields are installed.")) (define (gnome-package gnome name) "Return the package NAME among the GNOME package inputs. NAME can be a @@ -1398,31 +1440,84 @@ denote the spice-gtk input of the gnome-boxes input of the GNOME meta-package." "Return the package NAMES among the GNOME package inputs." (map (cut gnome-package gnome <>) names)) -(define (gnome-udev-rules config) - "Return the list of GNOME dependencies that provide udev rules." - (let ((gnome (gnome-desktop-configuration-gnome config))) - (gnome-packages gnome '("gnome-settings-daemon")))) +(define (gnome-udev-configuration-files config) + "Return the GNOME udev rules and hardware files as computed from its +dependencies by filtering out the ignorelist." + (list + (computed-file + "gnome-udev-configurations" + (with-imported-modules + (source-module-closure '((guix build utils) + (guix build union))) + #~(begin + (use-modules (guix build utils) + (guix build union)) + ;; If rules.d or hwdb.d is not a proper directory but a symlink, + ;; then it will not be possible to delete individual files in this + ;; directory. + (union-build #$output + (search-path-as-list + (list "lib/udev" "libexec/udev") + (list #$@(gnome-profile config))) + #:create-all-directories? #t) + (for-each + (lambda (pattern) + (for-each + delete-file-recursively + (find-files #$output pattern))) + (list #$@(gnome-desktop-configuration-udev-ignorelist config)))))))) (define (gnome-polkit-settings config) "Return the list of GNOME dependencies that provide polkit actions and rules." - (let ((gnome (gnome-desktop-configuration-gnome config))) - (gnome-packages gnome - '("gnome-settings-daemon" - "gnome-control-center" - "gnome-system-monitor" - "gvfs")))) + (list + (computed-file + "gnome-polkit-settings" + (with-imported-modules + (source-module-closure '((guix build utils) + (guix build union))) + #~(let ((output (string-append #$output "/share/polkit-1"))) + (use-modules (guix build utils) + (guix build union)) + (mkdir-p (dirname output)) + (union-build output + (search-path-as-list + (list "share/polkit-1") + (list #$@(gnome-profile config))) + #:create-all-directories? #t) + (for-each + (lambda (pattern) + (for-each + delete-file-recursively + (find-files output pattern))) + (list #$@(gnome-desktop-configuration-polkit-ignorelist config)))))))) + +(define (gnome-profile config) + "Return a list of packages propagated through CONFIG." + (append + (gnome-desktop-configuration-core-services config) + (gnome-desktop-configuration-shell config) + (gnome-desktop-configuration-utilities config) + (let ((gnome-meta (gnome-desktop-configuration-gnome config))) + (if (maybe-value-set? gnome-meta) + (begin + (warning + (gnome-desktop-configuration-source-location config) + (G_ "Using a meta-package for gnome-desktop is discouraged.~%")) + (list gnome-meta)) + (list))) + (gnome-desktop-configuration-extra-packages config))) (define gnome-desktop-service-type (service-type (name 'gnome-desktop) (extensions (list (service-extension udev-service-type - gnome-udev-rules) + gnome-udev-configuration-files) (service-extension polkit-service-type gnome-polkit-settings) (service-extension profile-service-type - (compose list gnome-desktop-configuration-gnome)))) + gnome-profile))) (default-value (gnome-desktop-configuration)) (description "Run the GNOME desktop environment."))) diff --git a/gnu/services/guix.scm b/gnu/services/guix.scm index c438da531c..96f5ecaac0 100644 --- a/gnu/services/guix.scm +++ b/gnu/services/guix.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2019, 2020, 2021, 2022 Christopher Baines <mail@cbaines.net> +;;; Copyright © 2024 Andrew Tropin <andrew@trop.in> ;;; ;;; This file is part of GNU Guix. ;;; @@ -101,6 +102,8 @@ guix-data-service-type + guix-home-service-type + nar-herder-service-type nar-herder-configuration nar-herder-configuration? @@ -688,6 +691,41 @@ ca-certificates.crt file in the system profile." ;;; +;;; Guix Home Service +;;; + +(define (guix-home-shepherd-service config) + (map (match-lambda + ((user he) + (shepherd-service + (documentation "Activate Guix Home.") + (requirement '(user-processes)) + (provision (list (symbol-append 'guix-home- (string->symbol user)))) + (one-shot? #t) + (auto-start? #t) + (start #~(make-forkexec-constructor + '(#$(file-append he "/activate")) + #:user #$user + #:environment-variables + (list (string-append "HOME=" (passwd:dir (getpw #$user))) + "GUIX_SYSTEM_IS_RUNNING_HOME_ACTIVATE=t") + #:group (group:name (getgrgid (passwd:gid (getpw #$user)))))) + (stop #~(make-kill-destructor))))) + config)) + +(define guix-home-service-type + (service-type + (name 'guix-home) + (description "Sets up Guix Home for the specified user accounts.") + (extensions (list (service-extension + shepherd-root-service-type + guix-home-shepherd-service))) + (compose concatenate) + (extend append) + (default-value '()))) + + +;;; ;;; Nar Herder ;;; @@ -719,6 +757,8 @@ ca-certificates.crt file in the system profile." (default '())) (ttl nar-herder-configuration-ttl (default #f)) + (new-ttl nar-herder-configuration-new-ttl + (default #f)) (negative-ttl nar-herder-configuration-negative-ttl (default #f)) (log-level nar-herder-configuration-log-level @@ -750,14 +790,22 @@ ca-certificates.crt file in the system profile." (default #f)) (directory-max-size nar-herder-cached-compression-configuration-directory-max-size - (default #f))) + (default #f)) + (unused-removal-duration + nar-herder-cached-compression-configuration-unused-removal-duration + (default #f)) + (ttl nar-herder-cached-compression-configuration-ttl + (default #f)) + (new-ttl nar-herder-cached-compression-configuration-new-ttl + (default #f))) (define (nar-herder-shepherd-services config) (define (cached-compression-configuration->options cached-compression) (match-record cached-compression <nar-herder-cached-compression-configuration> - (type level directory directory-max-size) + (type level directory directory-max-size + unused-removal-duration ttl new-ttl) `(,(simple-format #f "--enable-cached-compression=~A~A" type @@ -775,6 +823,27 @@ ca-certificates.crt file in the system profile." (simple-format #f "--cached-compression-directory-max-size=~A=~A" type directory-max-size)) + '()) + ,@(if unused-removal-duration + (list + (simple-format + #f "--cached-compression-unused-removal-duration=~A=~A" + type + unused-removal-duration)) + '()) + ,@(if ttl + (list + (simple-format + #f "--cached-compression-ttl=~A=~A" + type + ttl)) + '()) + ,@(if new-ttl + (list + (simple-format + #f "--cached-compression-new-ttl=~A=~A" + type + new-ttl)) '())))) (match-record config <nar-herder-configuration> @@ -783,7 +852,7 @@ ca-certificates.crt file in the system profile." database database-dump host port storage storage-limit storage-nar-removal-criteria - ttl negative-ttl log-level + ttl new-ttl negative-ttl log-level cached-compressions cached-compression-min-uses cached-compression-workers cached-compression-nar-source extra-environment-variables) @@ -825,6 +894,9 @@ ca-certificates.crt file in the system profile." #$@(if ttl (list (string-append "--ttl=" ttl)) '()) + #$@(if new-ttl + (list (string-append "--new-ttl=" new-ttl)) + '()) #$@(if negative-ttl (list (string-append "--negative-ttl=" negative-ttl)) '()) diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm index b86e2d3c5b..26902c0568 100644 --- a/gnu/services/xorg.scm +++ b/gnu/services/xorg.scm @@ -1048,7 +1048,7 @@ argument."))) (default (xinitrc))) (xdmcp? gdm-configuration-xdmcp? (default #f)) - (wayland? gdm-configuration-wayland? (default #f)) + (wayland? gdm-configuration-wayland? (default #t)) (wayland-session gdm-configuration-wayland-session (default gdm-wayland-session-wrapper))) |