The uptime/ /proc/loadavg reporting in the Hurd is 1.0 for a machine without
load. This may have been caused by recent SMP work.
* gnu/services/virtualization.scm (hurd-vm-guix-extension): Set
overload-threshold to 1.8 to allow offloading to actually happen.
Change-Id: I2b5be4d8e8d884cba767702f9cdccf91717eb95d
This ensures the unattended upgrade job successfully reboots regardless of the
value for services-to-restart. Previously the mcron service may be restarted
which would halt script execution before the system rebooted.
* gnu/services/admin.scm (unattended-upgrade-mcron-jobs): Do not restart
services when reboot? is #t.
* doc/guix.texi (Unattended Upgrades): Document it.
Change-Id: I8e486a764ec1dc5c3090130cc447a0cc3f5a2e00
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
In order to support more flexibility in Wireguard configuration, ungexp the
configuration fields directly instead of ungexp-splicing a sexp
calculator. This allows for the fields to take arbitrary gexps instead of only
strings which is particularly helpful for the Pre/Post Up/Down commands.
* gnu/services/vpn.scm (wireguard-configuration-file): Ungexp configuration
lists instead of ungexp-splicing the code surrounding them.
* doc/guix.texi (VPN Services)[wireguard]: Document it.
Change-Id: If074cbb78473b6fd34e0e4e990d2ed268001d6c7
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
The syntax from using the private-key field is more convenient than writing a
custom PreUp command (more formatting and preshared keys). Instead of trying
to guess if private-key is/is not a file path, add an option to disable
bootstrapping while still using private-key.
* gnu/services/vpn.scm (<wireguard-configuration>): Add
bootstrap-private-key?.
(wireguard-activation): Check bootstrap-private-key? before bootstrapping.
* doc/guix.texi (VPN Services)[wireguard]: Document it.
Change-Id: I6ba71ad58b26743057a221a54a246369022f83a5
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
Users who retrieve the private-key via a PreUp field need to be able to
disable the default retrieval mechanism.
* gnu/services/vpn.scm (<wireguard-configuration>)[private-key]: Change
comment.
(wireguard-configuration-file): Conditionally serialize private-key.
* gnu/services/vpn.scm (wireguard-activation): Do not create private-key if
the field is #f.
* doc/guix.texi (VPN Services)[wireguard-configuration]: Document it.
Change-Id: Iac419809ae94eb76e97ff1f1749e2f4b3e65bb04
Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
* gnu/services/pm.scm (power-profiles-daemon-shepherd-service): Change indentation.
[requirement]: Add user-processes.
[documentation]: Change name to Power Profiles Daemon.
(power-profiles-daemon-service-type)
[description]: Change name to Power Profiles Daemon.
Change-Id: Ibbd06cf1fbadd812ad3f0eac92b9772e3387f875
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
The configuration file is processed sequentially, which meant that there was
no way to set for example log format shared between the server-blocks, because
the final configuration file would have this order:
...
http {
...
server {
}
...
$extra-content
}
Moving the extra-content before the serialization of server-blocks resolves
this.
* gnu/services/web.scm (default-nginx-config): Move extra-content before
server-blocks.
Change-Id: Ie8286a533dfed575abc58a0f4800706b3ad6adc2
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/databases.scm (postgresql-configuration)[postgresql]:
Unset default.
(postgresql-service-type): Remove default-value.
(postgresql-service): Revert default to postgresql-10 (rationale: We
can remove this service at the same time than postgresql-10, in
something like 6 months to a year).
* doc/guix.texi: Remove postgresql default reference in documentation.
Signed-off-by: Florian Pelz <pelzflorian@pelzflorian.de>
* gnu/services/base.scm (swap-service-type): Do not include 'udev' requirement
for the Hurd. Use system* with "swapon", "swapoff" for the Hurd.
* gnu/system.scm (hurd-default-essential-services): Add swap-services.
* gnu/services/base.scm (swap-service-type):
Change-Id: I1d4d445c614921752dc84aa0dd6ff42cdbf62aa8
This allows us to use %base-services/hurd for services in a Hurd config for a
real machine without removing static-networking.
* gnu/system/hurd.scm (%base-services/hurd): Factor networking out to...
(%base-services+qemu-networking/hurd): ..this new variable.
* gnu/system/examples/bare-hurd.tmpl (%hurd-os): Use it.
* gnu/services/virtualization.scm (%hurd-vm-operating-system): Use it.
* gnu/system/images/hurd.scm (hurd-barebones-os): Use it. Add comment about
QEMU and networking for a real machine.
Change-Id: I777a63410383b9bf8b5740e4513dbc1e9fb0fd41
* gnu/services/web.scm (anonip-shepherd-service): Recreate the input file when
it's not a FIFO.
Fixes: <https://issues.guix.gnu.org/59181>
Change-Id: I8ba87f9fc48ecfd515e34bdee9e2949a2a559f9c
Versions 10 and 11 are unsupported according to
https://www.postgresql.org/support/versioning/
postgresql-10 also has a CVE.
* doc/guix.texi: Change default value of postgresql-service-type's
postgresql field.
* gnu/packages/databases.scm (postresql-10, postgresql-11): Use
define-deprecated/public to warn users.
* gnu/services/databases.scm (postgresql-configuration): Change the
default value of postgresql-configuration-postgresql.
* gnu/tests/guix.scm (%guix-data-service-os): Change the default value
of postgresql.
Signed-off-by: Andreas Enge <andreas@enge.fr>
Change-Id: Ie8744c8e1f246e9b45ff5e29d4e98214de3ca66a
Pluggable transports are programs that disguise Tor traffic, which
can be useful in case Tor is censored. Pluggable transports
cannot be configured by #:config-file file exclusively because Tor
process is run via 'least-authority-wrapper' and cannot have access
to transport plugin, which is a separate executable (Bug#70302,
Bug#70332).
* doc/guix.texi (Networking Services): Document 'tor-transport-plugin'
data type and 'transport-plugins' option for 'tor-configuration.
* gnu/services/networking.scm: Export
'tor-configuration-transport-plugins', 'tor-transport-plugin',
'tor-transport-plugin?', 'tor-plugin-role',
'tor-plugin-protocol', and 'tor-plugin-program'.
(<tor-configuration>): Add 'transport-plugins' field.
(<tor-transport-plugin>): New variable.
(tor-configuration->torrc): Add content to 'torrc' computed-file.
(tor-shepherd-service): Add file-system-mapping(s).
Change-Id: I1b0319358778c7aee650bc843e021a6803a1cf3a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/configuration.scm (generate-documentation): Filter for all
configurations associated with each field-name.
* doc/guix.texi (Complex Configurations): Describe use case for multiple
field-names.
Change-Id: I6d1e7b8858231aa05fda884b31a9bd0a48f07293
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/games.scm (joycond-service-type): Also extend the udev service
with the configured joycond package.
* doc/guix.texi (Game Services): Update documentation.
Change-Id: I9f7fb0da5cfc1f8a7e8bb5f2ce7161e5e66b2f5e
* gnu/services/networking.scm (<dhcp-client-configuration>)
[version]: New field.
(dhcp-client-shepherd-service): Use 'match-record' instead of various
accessors. Honor the new 'version field'. Include the version the PID file
name when a non-default version is used.
* doc/guix.texi (Networking Setup) <dhcp-client-configuration>
[version]: Document it.
Change-Id: I6236ae160967c95fe7a2c1785821cc9b0c183e77
Previously, when being stopped, the ‘user-file-systems’ service would
attempt to unmount / and /dev, which was bound to fail. This was
harmless, apart from a couple of lines in /var/log/messages, but it was
wrong.
* gnu/services/base.scm (file-system-shepherd-services)[user-unmount]:
Remove “/” and “/dev” from the list of file systems subject to
unmounting.
Change-Id: Ieb68fe46c114909a64d54f885c94a9d7cd61f5e0
* gnu/services/guix.scm (<guix-build-coordinator-agent-configuration>)
[max-parallel-builds, max-parallel-uploads]: Set default to #f.
(guix-build-coordinator-agent-shepherd-services): Check for
max-parallel-builds.
* doc/guix.texi (Guix Services): Adapt the documentation.
If set to #f, the default values are now taken as the defaults of the
guix-build-coordinator-agent command.
Change-Id: Ide6dde0e88aa0dc851b6295095f414ca2ddc72ac
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail>
* gnu/services/desktop.scm (desktop-services-for-system): Extend
PRIVILEGED-PROGRAM-SERVICE-TYPE rather than SETUID-PROGRAM-SERVICE-TYPE
and use the totally new FILE-LIKE->SETUID-PROGRAM.
Change-Id: Ia8cac67c8234657332390794a41d91e60f788d90
* gnu/system/privilege.scm (file-like->setuid-program): New public
procedure.
* gnu/system/setuid.scm: Re-export it for compatibility.
(file-like->setuid-program): Remove this old version.
* gnu/services/docker.scm (singularity-setuid-programs): Use it (again).
* gnu/services/desktop.scm (enlightenment-privileged-programs): Likewise.
Change-Id: I8e41144438677a15cdadb3063651dbc780715497
Previously, the “running value” of the ‘host-name’ service would
be #<unspecified>. This change makes it more pleasing to the eye.
* gnu/services/base.scm (host-name-service-type): ‘start’ returns NAME.
Change-Id: I38b8320e43639b6623475871ca6fbad3a459eb59
As the manual suggests running a certbot command to view the issued
certificates, add it to the profile.
* gnu/services/certbot.scm (certbot-service-type): Extend profile-service-type
with certbot-configuration-package.
Change-Id: I92618597bbdc8d838420b2e0f82de601b0bc609b
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Without this fix, deploying `home-mcron-service-type' will strip user's PATH
variable from it's environment. This means that, programs such as `notmuch',
which use hooks which usually invoke `notmuch' from path, would need to be
updated with full paths; which makes it very inconvenient to use.
* gnu/services/mcron.scm (mcron-shepherd-services): respect user PATH variable.
Change-Id: I104aa0a818ad6c3266b2b8f73a9609bfb36e314d
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/mail.scm (opensmtpd-set-gids): Migrate to
PRIVILEGED-PROGRAM from SETUID-PROGRAM…
(opensmtpd-service-type): … and to PRIVILEGED-PROGRAM-SERVICE-TYPE
from SETUID-PROGRAM-SERVICE-TYPE.
Change-Id: Ide434aa480ea3316c971c58898088d72b5b6671f
Fixed the issue described here:
https://lists.gnu.org/archive/html/help-guix/2024-01/msg00034.html
Fix `syncthing-shepherd-service` failing to guess the correct `HOME`
environment variable when it's `<syncthing-configuration>` does not have a
value for the `home` or `user` fields.
* gnu/services/syncthing.scm (syncthing-shepherd-service): Change ‘HOME’
value in #:environment-variables argument.
Change-Id: I102bfe5feba1ebb349a0cde1c987c0c10ebbab7a
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu/services/desktop.scm (<elogind-configuration>): Allow actions to be set
to 'suspend-then-hibernate'. Add configuration for 'hibernate-delay-seconds'
and 'suspend-estimation-seconds'.
* doc/guix.texi (Desktop Services): Add documentation for
'hibernate-delay-seconds' and 'suspend-estimation-seconds'.
Change-Id: Icf788fcc88451aa6174a608fbed309961b847430
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
