diff --git a/doc/guix.texi b/doc/guix.texi index 2ec25b21a1..996192c0ea 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -4918,6 +4918,11 @@ Reference Manual}) on @var{port} (37146 by default). This is used primarily for debugging a running @command{guix publish} server. @end table +Enabling @command{guix publish} on a GuixSD system is a one-liner: just +add a call to @code{guix-publish-service} in the @code{services} field +of the @code{operating-system} declaration (@pxref{guix-publish-service, +@code{guix-publish-service}}). + @node Invoking guix challenge @section Invoking @command{guix challenge} @@ -6428,6 +6433,17 @@ Return a service to load console keymap from @var{file} using @command{loadkeys} command. @end deffn +@anchor{guix-publish-service} +@deffn {Scheme Procedure} guix-publish-service [#:guix @var{guix}] @ + [#:port 80] [#:host "localhost"] +Return a service that runs @command{guix publish} listening on @var{host} +and @var{port} (@pxref{Invoking guix publish}). + +This assumes that @file{/etc/guix} already contains a signing key pair as +created by @command{guix archive --generate-key} (@pxref{Invoking guix +archive}). If that is not the case, the service will fail to start. +@end deffn + @node Networking Services @subsubsection Networking Services diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 604416b985..9d495565ad 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -76,6 +76,10 @@ (define-module (gnu services base) guix-configuration? guix-service guix-service-type + guix-publish-configuration + guix-publish-configuration? + guix-publish-service + guix-publish-service-type %base-services)) @@ -705,6 +709,11 @@ (define* (syslog-service #:key (config-file %default-syslog.conf)) reasonable default settings." (service syslog-service-type config-file)) + +;;; +;;; Guix services. +;;; + (define* (guix-build-accounts count #:key (group "guixbuild") (first-uid 30001) @@ -842,6 +851,58 @@ (define* (guix-service #:optional (config %default-guix-configuration)) @var{config}." (service guix-service-type config)) + +(define-record-type* + guix-publish-configuration make-guix-publish-configuration + guix-publish-configuration? + (guix guix-publish-configuration-guix ;package + (default guix)) + (port guix-publish-configuration-port ;number + (default 80)) + (host guix-publish-configuration-host ;string + (default "localhost"))) + +(define guix-publish-dmd-service + (match-lambda + (($ guix port host) + (list (dmd-service + (provision '(guix-publish)) + (requirement '(guix-daemon)) + (start #~(make-forkexec-constructor + (list (string-append #$guix "/bin/guix") + "publish" "-u" "guix-publish" + "-p" #$(number->string port) + (string-append "--listen=" #$host)))) + (stop #~(make-kill-destructor))))))) + +(define %guix-publish-accounts + (list (user-group (name "guix-publish") (system? #t)) + (user-account + (name "guix-publish") + (group "guix-publish") + (system? #t) + (comment "guix publish user") + (home-directory "/var/empty") + (shell #~(string-append #$shadow "/sbin/nologin"))))) + +(define guix-publish-service-type + (service-type (name 'guix-publish) + (extensions + (list (service-extension dmd-root-service-type + guix-publish-dmd-service) + (service-extension account-service-type + (const %guix-publish-accounts)))))) + +(define* (guix-publish-service #:key (guix guix) (port 80) (host "localhost")) + "Return a service that runs @command{guix publish} listening on @var{host} +and @var{port} (@pxref{Invoking guix publish}). + +This assumes that @file{/etc/guix} already contains a signing key pair as +created by @command{guix archive --generate-key} (@pxref{Invoking guix +archive}). If that is not the case, the service will fail to start." + (service guix-publish-service-type + (guix-publish-configuration (guix guix) (port port) (host host)))) + ;;; ;;; Udev.