| Age | Commit message (Collapse) | Author |
|---|
|
The oci-container-configuration supports two user fields: one is the
user, from the host system, under whose authority the OCI-backed
Shepherd service is run; the other is an optional user/UID that can be
passed to the docker run invokation to override the user defined in the
OCI image.
The user from the host system is incorrectly passed to docker run
command, this patches reverts the incorrect behavior and passes the
correct container-user field value.
* gnu/services/docker.scm (oci-container-configuration): Fix the user
passed to the docker run invokation.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/services/web.scm (gmnisrv-service-type): Change the service name to gmnisrv
Change-Id: I1ca46c312db851486313c431fe0454786f0a673e
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* guix/packages.scm (%standard-patch-inputs): Use
‘libc-utf8-locales-for-target’ instead of ‘glibc-utf8-locales’.
* guix/self.scm (%packages): Likewise.
* gnu/home/services/ssh.scm (file-join): Likewise
* gnu/installer.scm (build-compiled-file): Likewise.
* gnu/packages/chromium.scm (ungoogled-chromium/wayland): Likewise.
* gnu/packages/gnome.scm (libgweather4, tracker): Likewise.
* gnu/packages/javascript.scm (js-mathjax): Likewise.
* gnu/packages/package-management.scm (guix, flatpak): Likewise.
* gnu/packages/raspberry-pi.scm (raspi-arm64-chainloader): Likewise.
* gnu/packages/suckless.scm (svkbd): Likewise.
* gnu/services.scm (cleanup-gexp): Likewise.
* gnu/services/base.scm (guix-publish-shepherd-service): Likewise.
* gnu/services/guix.scm (guix-build-coordinator-shepherd-services)
(guix-build-coordinator-agent-shepherd-services): Likewise.
* gnu/services/guix.scm (guix-build-coordinator-queue-builds-shepherd-services):
(guix-data-service-shepherd-services)
(nar-herder-shepherd-services)
(bffe-shepherd-services): Likewise.
* gnu/services/web.scm (anonip-shepherd-service)
(mumi-shepherd-services): Likewise.
* gnu/system/image.scm (system-disk-image, system-iso9660-image)
(system-docker-image, system-tarball-image): Likewise.
* gnu/system/install.scm (%installation-services): Likewise.
* guix/profiles.scm (info-dir-file): Likewise.
(ca-certificate-bundle, profile-derivation): Likewise.
* guix/scripts/pack.scm (store-database, set-utf8-locale): Likewise.
* tests/pack.scm: Likewise.
* tests/profiles.scm ("profile-derivation, cross-compilation"):
Likewise.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Co-authored-by: Christopher Baines <mail@cbaines.net>
Change-Id: I24239f427bcc930c29d2ba5d00dc615960a6c374
|
|
* gnu/services/vnc.scm (xvnc-configuration->command-line-arguments): Omit X
display number when inetd? is #t.
Change-Id: I0fc8e3068f3ae22421e60e96bd40e3b6e477ca99
|
|
Previously, a default name would be used for transient inetd services,
leading to names such as #{5rjnskb6011jgmfmpgp63jp9mh9nkl20-rsync-3274}#.
* gnu/services/rsync.scm (rsync-shepherd-service): Pass #:service-name-stem.
Change-Id: I4d0a4a01e122c6eeaa85f104b083cf7e8709eac3
|
|
* gnu/services/docker.scm (oci-container-configuration): New variable;
(oci-container-shepherd-service): new variable;
(oci-container-service-type): new variable.
* doc/guix.texi (Miscellaneous Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Change-Id: I17cede1975051a9fdd0e0a13b2191d8055266f80
|
|
* gnu/services/admin.scm (<rottlog-configuration>): Rename accessors
rottlog-rottlog to rottlog-configuration-rottlog, rottlog-rc-file to
rottlog-configuration-rc-file, rottlog-rotations to
rottlog-configuration-rotations, rottlog-jobs to rottlog-configuration-jobs.
(rottlog-etc, rottlog-jobs-or-default, rottlog-service-type): Adjust
accordingly.
|
|
Packets for local host IP ranges should be coming only over lo. If that is
not the case, we should drop them. Use iif for the check instead of iifname,
lo is guaranteed to exists, and iif is faster.
* gnu/services/networking.scm (%default-nftables-ruleset): Tighten the rules.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/services/networking.scm (dhcp-client-shepherd-service): Enable -I
flag on dhclient.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/services/cuirass.scm (<cuirass-remote-server-configuration>)[log-expiry]:
New field.
(cuirass-shepherd-service): Honor it.
* doc/guix.texi (Continuous Integration): Document it.
|
|
* gnu/services/base.scm (<network-link>): Add mac-address field. Set
type field to #f by default, so it won't be mandatory. network-link
without a type will be used for existing interfaces.
(assert-network-link-mac-address, mac-address?): Add sanitizer. Allow
valid mac-address or #f.
(assert-network-link-type): Add sanitizer. Allow symbol or #f.
* gnu/services/base.scm (network-set-up/linux,
network-tear-down/linux): Adapt to new structure.
* doc/guix.texi (Networking Setup): Document it.
* gnu/tests/networking.scm (run-static-networking-advanced-test): New
variable.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/services/configuration.scm (list-of-packages?, list-of-symbols?): New
predicate.
* gnu/services/audio.scm (list-of-symbol?): Remove.
* gnu/services/telephony.scm (string-list?): Remove.
(serialize-string-list): Rename to …
(serialize-list-of-strings): … this.
(account-fingerprint-list?, jami-account-list?): Use list-of.
* doc/guix.texi: Update it.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
|
* gnu/services/linux.scm (serialize-fstrim-configuration): Refactor to use
base-transducer.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
|
Introduces 'base-transducer', a SRFI-171 based transducer that can be used as a
starting point for writing custom configuration record serializing procedures.
This also fixes the symbol maybe-value serialization test case.
* gnu/services/configuration.scm (empty-serializer?): New predicate.
(base-transducer, tfilter-maybe-value): New procedure.
(serialize-configuration): Adapt to use base-transducer.
* gnu/services/telephony.scm (jami-account->alist): Use transducers to skip
fields that are unserializable or whose field maybe-value is unset.
* tests/services/configuration.scm: Remove test-expect-fail.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
|
* gnu/services/configuration.scm
(define-configuration-helper, normalize-extra-args): Use #f instead of %unset-value.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
|
Starting with 953c65ffdd43c02c934518fb7a1c68542584b223, offloading to
the Hurd VM would be enabled by default. However, ‘root’ had an empty
password so any user on the host could connect to the VM over VNC, log
in as root, and potentially populate the host’s store from there. This
change fixes that.
* gnu/services/virtualization.scm (operating-system-with-locked-root-account):
New procedure.
(hurd-vm-disk-image)[transform]: Add
‘operating-system-with-locked-root-account’ when offloading.
|
|
This a avoids a Guile warning about the name collision with (guix build
utils). The warning was introduced by commit
e0e85f2b2396c69d078caad9bd8e1a0fddf33a4a.
* gnu/services/mcron.scm (mcron-shepherd-services): Hide ‘mkdir-p’.
|
|
* gnu/services/mcron.scm (mcron-shepherd-services): Do not #:select
‘%user-log-dir’ from (shepherd support) since it’s missing in the
Shepherd 0.8, which is still used on GNU/Hurd.
|
|
* gnu/packages/ci.scm (cuirass): Update to 797b26a.
* gnu/services/cuirass.scm (cuirass-activation): Create /var/run/cuirass.
|
|
This allows for zero-configuration offloading to a childhurd.
* gnu/services/virtualization.scm (operating-system-with-offloading-account):
New procedure.
(<hurd-vm-configuration>)[offloading?]: New field.
(hurd-vm-disk-image): Define ‘transform’ and use it.
(hurd-vm-activation): Generate SSH key for user ‘offloading’ and add
authorize it via /etc/childhurd/etc/ssh/authorized_keys.d.
(hurd-vm-configuration-offloading-ssh-key)
(hurd-vm-guix-extension): New procedures.
(hurd-vm-service-type): Add GUIX-SERVICE-TYPE extension.
* gnu/tests/virtualization.scm (run-childhurd-test)[import-module?]: New
procedure.
[os]: Add (gnu build install) and its closure to #:import-modules.
[test]: Add “copy-on-write store” and “offloading” tests.
* doc/guix.texi (Virtualization Services): Document it.
|
|
With offloading to a childhurd is enabled, allowing password-less root
login in the childhurd to anyone amounts to providing write access to
the host’s store to anyone. Thus, disable password-based root logins in
the childhurd.
* gnu/services/virtualization.scm (%hurd-vm-operating-system): Change
‘permit-root-login’ to 'prohibit-password.
* gnu/tests/virtualization.scm (%childhurd-os): Provide a custom ‘os’
field for ‘hurd-vm-configuration’.
* doc/guix.texi (Virtualization Services): Remove mention of
password-less root login.
|
|
* gnu/services/virtualization.scm (<hurd-vm-configuration>)[image]:
Document as being an <image> record.
(hurd-vm-disk-image): Remove call to ‘system-image’.
(hurd-vm-shepherd-service): Add call to ‘system-image’.
* gnu/tests/virtualization.scm (hurd-vm-disk-image-raw): Remove call to
‘system-image’.
* doc/guix.texi (Virtualization Services): Adjust accordingly.
|
|
This partly automates setting up a childhurd for offloading purposes.
* gnu/services/virtualization.scm (authorize-guest-substitutes-on-host):
New procedure.
(hurd-vm-activation): Use it.
|
|
* gnu/services/base.scm (guix-machines-files-installation): New
procedure.
(<guix-configuration>)[build-machines]: New field.
(guix-activation): Call ‘ guix-machines-files-installation’.
(<guix-extension>)[build-machines]: New field.
(guix-extension-merge): Handle it.
(guix-service-type)[extend]: Likewise.
* doc/guix.texi (Daemon Offload Setup): Add note linking to
‘guix-configuration’.
(Base Services): Document ‘build-machines’ field of <guix-configuration>
and of <guix-extension>.
(Virtualization Services): Add ‘hurd-vm’ anchor.
|
|
Fixes a bug introduced in 0dd293b4d9095137c9952e16ca951f887b7e7018
whereby guix-daemon on GNU/Hurd would have ‘GUIX_LOCPATH’ set to the
“wrong” locale data (2.35 instead of 2.37).
Consequently, it would fail to setlocale(3) and calls to
‘std::stoi’ (when reading the output of ‘guix authenticate’) would
throw, leading to this error message of guix-daemon:
unexpected build daemon error: stoi
This would manifest when sending store items to a childhurd:
$ guix copy --to=localhost:10022 sed
guix copy: sending 1 store item (1 MiB) to 'localhost'...
guix copy: error: unknown error while sending files over SSH
The “unknown error” is the ‘stoi’ exception.
This commit fixes that, but for the ‘guix-daemon’ service only.
* gnu/services/base.scm (guix-shepherd-service)[locales]: New variable.
Use it instead of ‘glibc-utf8-locales’.
|
|
* gnu/services/virtualization.scm (%hurd-vm-operating-system): Remove
‘port-number’ from ‘openssh-configuration’.
(hurd-vm-net-options): Change 2222 to 22 in port forwarding.
|
|
* gnu/services/networking.scm (nftables-shepherd-service)[actions]: New field.
|
|
Fixes <https://issues.guix.gnu.org/66053>.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service)[vm-command]:
Use ‘qemu-system-x86_64’.
|
|
This is a followup to 04f71edb73205d0bb82404de28a70ae17b897429.
* gnu/services/networking.scm (<dhcp-client-configuration>)[shepherd-provision]:
Fix accessor name.
|
|
* gnu/services/networking.scm (<dhcp-client-configuration>)[shepherd-provision]:
New field.
(dhcp-client-shepherd-service): Honor it.
* doc/guix.texi (Networking Setup): Document it.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
|
|
Sometimes `syncthing-service-type' fails during startup because it tries
to read configuration files from the user's home directory:
Failure on home directory: mkdir /home/xyz/.config: permission denied
This patch adds `user-processes' to the shepherd service requirements to
ensure that `user-homes' is fired before `syncthing' tries to read data
from the home directory.
* gnu/services/syncthing.scm (syncthing-shepherd-service): add
`user-processes' to requirements
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
Rather than hardcoding a particular guile in the service definition.
* gnu/services/guix.scm (bffe-shepherd-services): Use guile from the package.
* gnu/packages/package-management.scm (bffe)[inputs]: Remove unnecessary
guile-next input.
|
|
This is intended to replace the functionality of the Guix Build Coordinator
queue builds script, and also provide a web interface for build farms.
* gnu/services/guix.scm (<bffe-configuration>): New record type.
(bffe-configuration, bffe-configuration?,
bffe-configuration-package,
bffe-configuration-user,
bffe-configuration-group,
bffe-configuration-arguments
bffe-configuration-extra-environment-variables): New procedures.
(bffe-service-type): New variable.
* gnu/tests/guix.scm (%test-bffe): New variable.
* doc/guix.texi (Guix Services): Document the new service.
|
|
* gnu/services/cgit.scm (cgit-configuration)[root-readme]: Accept
'file-object' instead of only 'string'
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/services/vpn.scm (wireguard-configuration-file): Fix broken format
string.
Signed-off-by: Liliana Marie Prikler <liliana.prikler@gmail.com>
|
|
* gnu/services/networking.scm (openvswitch-shepherd-service)[ovsdb](requirement):
Add user-processes.
|
|
Mostly so that core dumps end up here.
* gnu/services/guix.scm (nar-herder-shepherd-services): Specify a working
directory.
|
|
Mostly so that core dumps end up here.
* gnu/services/guix.scm (guix-data-service-shepherd-services): Specify a
working directory.
|
|
Mostly so that core dumps end up here.
* gnu/services/guix.scm (guix-build-coordinator-shepherd-services): Specify a
working directory.
|
|
This fixes a issue introduced in the previous commit 552d0703776c (services:
mcron: Add module for %user-log-dir.) which made the expression invalid when
using a '() module for the system service.
* gnu/services/mcron.scm (mcron-shepherd-services)[modules]: Use
(shepherd support) unconditionally.
|
|
* gnu/services/mcron.scm (mcron-shepherd-services)[modules]: Add
(shepherd support) for home service.
|
|
* gnu/services/admin.scm (file-database-configuration)[excluded-directories]:
Mention that these are regexps.
(%default-file-database-excluded-directories): Likewise.
* doc/guix.texi (File Search Services): Adjust accordingly.
|
|
Previously 'updatedb' would fail to find 'sed', 'rm', etc.
* gnu/services/admin.scm (file-database-mcron-jobs): Set PATH before
invoking 'updatedb'.
|
|
* gnu/services/linux.scm (earlyoom-service-type)[description]: Tweak.
|
|
Fixes a regression introduced in
9c34b793c10cdb50235b876dea5be700ab5600dc.
* gnu/services/linux.scm (earlyoom-shepherd-service): Move
'user-processes' to 'requirements'.
Reported-by: Attila Lendvai <attila@lendvai.name>
|
|
* gnu/services/guix.scm (guix-build-coordinator-agent-shepherd-services):
Add 'user-processes' requirement.
* gnu/services/linux.scm (earlyoom-shepherd-service): Likewise.
|
|
* gnu/home/services/syncthing.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/services/syncthing.scm (<syncthing-configuration>)[home-service?]:
New field.
Adjust 'provision' and 'requirement' depending on 'home-service?', and
likewise for #:user and #:group.
Use 'filter' + 'negate' instead of 'remove'.
* doc/guix.texi (Networking Services): Add note and cross-reference to
"Networking Home Services".
(Networking Home Services): New node.
|
|
* gnu/home/services/dict.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/services/dict.scm (<dicod-configuration>)[home-service?]: New
field.
(dicod-shepherd-service): Do not map /dev/log when 'home-service?' is
true. Remove 'user-processes' requirement when 'home-service?' is
true.
(dicod-shepherd-service): Set #:user and #:group to #f when
'home-service?' is true.
* doc/guix.texi (Miscellaneous Home Services): New node.
(Miscellaneous Services): Add cross-reference.
|
|
* gnu/services/mcron.scm (list-of-gexps?): Remove.
(<mcron-configuration>): Rewrite using 'define-record-type*'.
[home-service?]: New field.
[log-file]: Make thunked and changed default value.
(mcron-shepherd-services): Honor 'home-service?' and remove use of
'maybe-value-set?'.
(mcron-service-type): Inherit 'home-service?' from CONFIG.
(generate-doc): Remove.
* gnu/home/services/mcron.scm (list-of-gexp?)
(<home-mcron-configuration>, job-files, shepherd-schedule-action)
(home-mcron-shepherd-services, home-mcron-profile)
(home-mcron-extend, generate-doc): Remove.
(home-mcron-configuration): Turn into a macro.
(home-mcron-service-type): Define in terms of
'system->home-service-type'.
<top level>: Add service type mapping.
|
|
* gnu/services/syncthing.scm (syncthing-shepherd-service): Use
'match-record-lambda' instead of 'match-lambda'.
|
