This is a followup to ecaa102a58.
* gnu/services/base.scm (<guix-publish-configuration>)[cache-bypass-threshold]:
New field.
(guix-publish-shepherd-service): Honor it.
* gnu/services/base.scm (swap-service-type)[device-lookup, device-name]:
New variables.
Add 'modules' field to 'shepherd-service'. In 'start' and 'stop', use
'device-lookup' to resolve UUIDs and labels.
* doc/guix.texi (operating-system Reference): Adjust accordingly.
This silences a warning from the service at startup.
* gnu/services/dns.scm (knot-resolver-shepherd-services)[start]: Use the "-n"
command-line option to kresd in place of the deprecated "-f 1".
Signed-off-by: Leo Famulari <leo@famulari.name>
* gnu/services/web.scm (<gmnisrv-configuration>): New record type.
(%default-gmnisrv-config-file): New variable.
(%gmnisrv-accounts, %gmnisrv-activation): New variables.
(gmnisrv-shepherd-service): New procedure.
(gmnisrv-service-type): New variable.
* doc/guix.texi (Web Services): Document it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/web.scm (hpcguix-web-shepherd-service): Change
XDG_CACHE_HOME to /var/cache/guix/web. Previously, the authentication
code would try to write to /var/cache/guix/authentication, which would
fail.
Fixes <https://bugs.gnu.org/39819>.
Reported by Maxim Cournoyer <maxim.cournoyer@gmail.com>.
* gnu/services/base.scm (substitute-key-authorization): Symlink
DEFAULT-ACL to /etc/guix/acl unconditionally. Add code to optionally
back up /etc/guix/acl if it was possibly modified by hand.
* doc/guix.texi (Base Services): Clarify the effect of setting
'authorize-keys?' to true. Mention the backup. Give an example showing
how to authorize substitutes from another server.
This means the package is usable as a library, which is useful when using the
procedures to send requests to the Guix Build Coordinator.
* gnu/packages/package-management.scm (guix-build-coordinator)[inputs]: Move
guile inputs to propagated inputs.
[propagated-inputs]: Receive some inputs.
* gnu/services/guix.scm (make-guix-build-coordinator-start-script): Adjust the
start script to include propagated inputs.
The underscore is now handled in the guile prometheus library.
* gnu/services/guix.scm (make-guix-build-coordinator-start-script): Remove the
underscore from the end of the metrics namespace.
Otherwise the logging is garbled.
* gnu/services/guix.scm (make-guix-build-coordinator-start-script): Configure
line output buffering for stdout and stderr.
As this allows hooks to use the system profile, if that's desired.
* gnu/services/guix.scm (guix-build-coordinator-shepherd-services): Set PATH
to include the system profile.
Currently, if the postgresql package major version changes, this is going to
break the service upon upgrade, because PostgreSQL will reject the data files
from the differing major version of the service.
Because it's important to either keep running a particular major version, or
intentionally upgrade, I think the configuration would be better with no
default. I think this is also going to be helpful when trying to assist users
upgrading PostgreSQL.
* gnu/services/databases.scm (<postgresql-configuration>): Remove default for
postgresql.
(postgresql-service-type): Remove the default value.
* gnu/tests/databases.scm (%postgresql-os): Update accordingly.
* gnu/tests/guix.scm (%guix-data-service-os): Update accordingly.
* gnu/tests/monitoring.scm (%zabbix-os): Update accordingly.
* gnu/tests/web.scm (patchwork-os): Update accordingly.
* doc/guix.texi (PostgreSQL): Update accordingly.
Using the service type directly is a better approach, making it easier to
configure the service.
* gnu/services/databases.scm (postgresql-service): Deprecate this procedure.
* doc/guix.texi (PostgreSQL): Update the documentation for the use of (service
postgresql-service-type).
This commit fixes error 'time="2020-10-16T…" level=error msg="Handler for POST
/v1.40/containers/…/start returned error: failed to start shim: exec:
\"containerd-shim\": executable file not found in $PATH: unknown"'.
* gnu/services/docker.scm
(containerd-shepherd-service): Add "containerd-shim" to PATH.
This matches up with changes in the Guix Data Service to not use the
normalized codeset.
* gnu/services/guix.scm (guix-data-service-shepherd-services): Change the
LC_ALL codeset to UTF-8.
Fixes: <https://issues.guix.gnu.org/43760>.
* gnu/services/cuirass.scm (cuirass-activation): Do not create
queries-log-file and web-queries-log-file if the corresponding config file are
unset.
Fixes <https://issues.guix.info/39670>.
Combined with commit def6e2ae46, this allows unprivileged users to mount file
systems marked with the "user" option. It adds less than 4 MiB to the closure
of the lightweight-desktop.tmpl operating system template.
* gnu/services/desktop.scm (%desktop-services): Extend the
setuid-program-service-type service with the 'mount.nfs' and 'mount.nfs-3g'
programs.
Reported-by: Nathan Dehnel <ncdehnel@gmail.com>
* gnu/services/ssh.scm:
(<webssh-configuration>): New record type.
(%webssh-configuration-nginx, webssh-service-type): New variables.
(webssh-account, webssh-activation, webssh-shepherd-service): New procedures.
* doc/guix.texi: Document this.
This is a follow-up to commit d692ebf980.
* gnu/services/virtualization.scm (%hurd-vm-accounts)[supplementary-groups]:
Add ’kvm’.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service): Use #:group
"kvm"
This allows the client running on the host to know when it's actually
connect to the server running in the guest. Failing that, the client
would connect right away to QEMU and send secrets even though the server
is not running yet in the guest, which is unreliable.
* gnu/build/secret-service.scm (secret-service-send-secrets): Add
#:handshake-timeout. Read from SOCK an initial message from the
server. Return #f on error.
(secret-service-receive-secrets): Send 'secret-service-server' message
to the client. Close SOCK upon timeout.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service): 'start'
method returns #f when 'secret-service-send-secrets' returns #f.
* gnu/services/virtualization.scm (initialize-hurd-vm-substitutes)
(hurd-vm-activation): New procedures.
(hurd-vm-service-type)[extensions]: Add ACTIVATION-SERVICE-TYPE
extension.
* doc/guix.texi (Transparent Emulation with QEMU): Mention GNU/Hurd.
(The Hurd in a Virtual Machine): Explain which files are automatically
installed and mention offloading.
This change allows a childhurd to run within Guix System in a VM.
* gnu/services/virtualization.scm (hurd-vm-shepherd-service)[vm-command]:
Stage the 'file-exists?' call.
Until qemu was running as "root", which is unnecessary.
* gnu/services/virtualization.scm (%hurd-vm-accounts): New variable.
(hurd-vm-service-type)[extensions]: Add ACCOUNT-SERVICE-TYPE extension.
* gnu/services/desktop.scm <elogind-configuration>: Add an
handle-lid-switch-external-power field, mapping to the
HandleLidSwitchExternalPower logind.conf setting.
* doc/guix.texi (Desktop Services): ‘Document’ it.
* gnu/services/cuirass.scm (<cuirass-configuration>)[web-queries-log-file]:
New field.
(cuirass-shepherd-service): Honor it.
(cuirass-log-rotations): If defined, add the web queries log file to the log
rotation.
* gnu/services/cuirass.scm (<cuirass-configuration>)[queries-log-file]: New
field.
(cuirass-shepherd-service): Honor it.
(cuirass-log-rotations): If defined, add the queries log file to the log
rotation.