summaryrefslogtreecommitdiff
path: root/gnu/services
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/services')
-rw-r--r--gnu/services/databases.scm1
-rw-r--r--gnu/services/guix.scm161
-rw-r--r--gnu/services/monitoring.scm187
-rw-r--r--gnu/services/pm.scm16
-rw-r--r--gnu/services/sound.scm3
-rw-r--r--gnu/services/web.scm2
-rw-r--r--gnu/services/xorg.scm2
7 files changed, 301 insertions, 71 deletions
diff --git a/gnu/services/databases.scm b/gnu/services/databases.scm
index 39225a4bd6..15a2036037 100644
--- a/gnu/services/databases.scm
+++ b/gnu/services/databases.scm
@@ -55,6 +55,7 @@
postgresql-configuration-file
postgresql-configuration-log-directory
postgresql-configuration-data-directory
+ postgresql-configuration-extension-packages
postgresql-service
postgresql-service-type
diff --git a/gnu/services/guix.scm b/gnu/services/guix.scm
index df5fa13bea..dc9bd8ad68 100644
--- a/gnu/services/guix.scm
+++ b/gnu/services/guix.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2019 Christopher Baines <mail@cbaines.net>
+;;; Copyright © 2019, 2020, 2021, 2022 Christopher Baines <mail@cbaines.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -107,7 +107,22 @@
guix-data-service-getmail-idle-mailboxes
guix-data-service-commits-getmail-retriever-configuration
- guix-data-service-type))
+ guix-data-service-type
+
+ nar-herder-service-type
+ nar-herder-configuration
+ nar-herder-configuration?
+ nar-herder-configuration-package
+ nar-herder-configuration-user
+ nar-herder-configuration-group
+ nar-herder-configuration-mirror
+ nar-herder-configuration-database
+ nar-herder-configuration-database-dump
+ nar-herder-configuration-host
+ nar-herder-configuration-port
+ nar-herder-configuration-storage
+ nar-herder-configuration-storage-limit
+ nar-herder-configuration-storage-nar-removal-criteria))
;;;; Commentary:
;;;
@@ -728,3 +743,145 @@ ca-certificates.crt file in the system profile."
(guix-data-service-configuration))
(description
"Run an instance of the Guix Data Service.")))
+
+
+;;;
+;;; Nar Herder
+;;;
+
+(define-record-type* <nar-herder-configuration>
+ nar-herder-configuration make-nar-herder-configuration
+ nar-herder-configuration?
+ (package nar-herder-configuration-package
+ (default nar-herder))
+ (user nar-herder-configuration-user
+ (default "nar-herder"))
+ (group nar-herder-configuration-group
+ (default "nar-herder"))
+ (mirror nar-herder-configuration-mirror
+ (default #f))
+ (database nar-herder-configuration-database
+ (default "/var/lib/nar-herder/nar_herder.db"))
+ (database-dump nar-herder-configuration-database-dump
+ (default "/var/lib/nar-herder/nar_herder_dump.db"))
+ (host nar-herder-configuration-host
+ (default "127.0.0.1"))
+ (port nar-herder-configuration-port
+ (default 8734))
+ (storage nar-herder-configuration-storage
+ (default #f))
+ (storage-limit nar-herder-configuration-storage-limit
+ (default "none"))
+ (storage-nar-removal-criteria
+ nar-herder-configuration-storage-nar-removal-criteria
+ (default '()))
+ (ttl nar-herder-configuration-ttl
+ (default #f))
+ (negative-ttl nar-herder-configuration-negative-ttl
+ (default #f)))
+
+
+(define (nar-herder-shepherd-services config)
+ (match-record config <nar-herder-configuration>
+ (package user group
+ mirror
+ database database-dump
+ host port
+ storage storage-limit storage-nar-removal-criteria
+ ttl negative-ttl)
+
+ (unless (or mirror storage)
+ (error "nar-herder: mirror or storage must be set"))
+
+ (list
+ (shepherd-service
+ (documentation "Nar Herder")
+ (provision '(nar-herder))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package
+ "/bin/nar-herder")
+ "run-server"
+ "--pid-file=/var/run/nar-herder/pid"
+ #$(string-append "--port=" (number->string port))
+ #$(string-append "--host=" host)
+ #$@(if mirror
+ (list (string-append "--mirror=" mirror))
+ '())
+ #$(string-append "--database=" database)
+ #$(string-append "--database-dump=" database-dump)
+ #$@(if storage
+ (list (string-append "--storage=" storage))
+ '())
+ #$(string-append "--storage-limit="
+ (if (number? storage-limit)
+ (number->string storage-limit)
+ storage-limit))
+ #$@(map (lambda (criteria)
+ (string-append
+ "--storage-nar-removal-criteria="
+ (match criteria
+ ((k . v) (simple-format #f "~A=~A" k v))
+ (str str))))
+ storage-nar-removal-criteria)
+ #$@(if ttl
+ (list (string-append "--ttl=" ttl))
+ '())
+ #$@(if negative-ttl
+ (list (string-append "--negative-ttl=" negative-ttl))
+ '()))
+ #:user #$user
+ #:group #$group
+ #:pid-file "/var/run/nar-herder/pid"
+ #:environment-variables
+ `(,(string-append
+ "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
+ "LC_ALL=en_US.utf8")
+ #:log-file "/var/log/nar-herder/server.log"))
+ (stop #~(make-kill-destructor))))))
+
+(define (nar-herder-activation config)
+ #~(begin
+ (use-modules (guix build utils))
+
+ (define %user
+ (getpw #$(nar-herder-configuration-user
+ config)))
+
+ (chmod "/var/lib/nar-herder" #o755)
+
+ (mkdir-p "/var/log/nar-herder")
+
+ ;; Allow writing the PID file
+ (mkdir-p "/var/run/nar-herder")
+ (chown "/var/run/nar-herder"
+ (passwd:uid %user)
+ (passwd:gid %user))))
+
+(define (nar-herder-account config)
+ (match-record config <nar-herder-configuration>
+ (user group)
+ (list (user-group
+ (name group)
+ (system? #t))
+ (user-account
+ (name user)
+ (group group)
+ (system? #t)
+ (comment "Nar Herder user")
+ (home-directory "/var/lib/nar-herder")
+ (shell (file-append shadow "/sbin/nologin"))))))
+
+(define nar-herder-service-type
+ (service-type
+ (name 'nar-herder)
+ (extensions
+ (list
+ (service-extension shepherd-root-service-type
+ nar-herder-shepherd-services)
+ (service-extension activation-service-type
+ nar-herder-activation)
+ (service-extension account-service-type
+ nar-herder-account)))
+ (description
+ "Run a Nar Herder server.")))
diff --git a/gnu/services/monitoring.scm b/gnu/services/monitoring.scm
index f15450eed5..92c49c513b 100644
--- a/gnu/services/monitoring.scm
+++ b/gnu/services/monitoring.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2018 Sou Bunnbu <iyzsong@member.fsf.org>
;;; Copyright © 2018, 2019 Gábor Boskovits <boskovits@gmail.com>
;;; Copyright © 2018, 2019, 2020 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2022 Marius Bakke <marius@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -211,13 +212,16 @@ Prometheus.")
#\-))))
(define (serialize-field field-name val)
- (format #t "~a=~a~%" (uglify-field-name field-name) val))
+ #~(format #f "~a=~a~%" #$(uglify-field-name field-name) #$val))
(define (serialize-number field-name val)
(serialize-field field-name (number->string val)))
(define (serialize-list field-name val)
- (if (null? val) "" (serialize-field field-name (string-join val ","))))
+ #~(if (null? '#$val)
+ ""
+ #$(serialize-field field-name (string-join val ","))))
+
(define (serialize-string field-name val)
(if (and (string? val) (string=? val ""))
@@ -232,12 +236,12 @@ Prometheus.")
(define include-files? list?)
(define (serialize-include-files field-name val)
- (if (null? val) "" (for-each (cut serialize-field 'include <>) val)))
+ #~(string-append #$@(map (cut serialize-field 'include <>) val)))
(define extra-options? string?)
(define (serialize-extra-options field-name val)
- (if (null? val) "" (display val)))
+ #~(if (= 0 (string-length #$val)) "" #$(format #f "~a~%" val)))
(define (nginx-server-configuration-list? val)
(and (list? val) (and-map nginx-server-configuration? val)))
@@ -320,13 +324,9 @@ configuration file."))
#~(begin
(call-with-output-file #$output
(lambda (port)
- (display "# Generated by 'zabbix-server-service'.\n" port)
- (display #$(with-output-to-string
- (lambda ()
- (serialize-configuration
- config zabbix-server-configuration-fields)))
- port)
- #t)))))
+ (format port "# Generated by 'zabbix-server-service'.~%")
+ (format port #$(serialize-configuration
+ config zabbix-server-configuration-fields)))))))
(define (zabbix-server-activation config)
"Return the activation gexp for CONFIG."
@@ -334,7 +334,6 @@ configuration file."))
#~(begin
(use-modules (guix build utils)
(ice-9 rdelim))
-
(let ((user (getpw #$(zabbix-server-configuration-user config))))
(for-each (lambda (file)
(let ((directory (dirname file)))
@@ -345,25 +344,69 @@ configuration file."))
#$(zabbix-server-configuration-pid-file config)
"/etc/zabbix/maintenance.inc.php"))))))
+(define (zabbix-server-runtime-control-procedure zabbix-server config command)
+ ;; XXX: This is duplicated from mcron; factorize.
+ #~(lambda (_ . args)
+ ;; Run 'zabbix_server' in a pipe so we can explicitly redirect its output
+ ;; to 'current-output-port', which at this stage is bound to the client
+ ;; connection.
+ (let ((pipe (apply open-pipe* OPEN_READ #$zabbix-server
+ "--config" #$config
+ "-R" #$command args)))
+ (let loop ()
+ (match (read-line pipe 'concat)
+ ((? eof-object?)
+ (catch 'system-error
+ (lambda ()
+ (zero? (close-pipe pipe)))
+ (lambda args
+ ;; There's a race with the SIGCHLD handler, which could
+ ;; call 'waitpid' before 'close-pipe' above does. If we
+ ;; get ECHILD, that means we lost the race; in that case, we
+ ;; cannot tell what the exit code was (FIXME).
+ (or (= ECHILD (system-error-errno args))
+ (apply throw args)))))
+ (line
+ (display line)
+ (loop)))))))
+
+;; Provide shepherd actions for common "zabbix_server -R" commands
+;; mainly for a convenient way to use the correct configuration file.
+(define (zabbix-server-actions zabbix-server config)
+ (list (shepherd-action
+ (name 'reload-config-cache)
+ (documentation "Reload the configuration cache.")
+ (procedure (zabbix-server-runtime-control-procedure
+ zabbix-server config "config_cache_reload")))
+ (shepherd-action
+ (name 'reload-snmp-cache)
+ (documentation "Reload SNMP cache.")
+ (procedure (zabbix-server-runtime-control-procedure
+ zabbix-server config "snmp_cache_reload")))))
+
(define (zabbix-server-shepherd-service config)
"Return a <shepherd-service> for Zabbix server with CONFIG."
- (list (shepherd-service
- (provision '(zabbix-server))
- (documentation "Run Zabbix server daemon.")
- (start #~(make-forkexec-constructor
- (list #$(file-append (zabbix-server-configuration-zabbix-server config)
- "/sbin/zabbix_server")
- "--config" #$(zabbix-server-config-file config)
- "--foreground")
- #:user #$(zabbix-server-configuration-user config)
- #:group #$(zabbix-server-configuration-group config)
- #:pid-file #$(zabbix-server-configuration-pid-file config)
- #:environment-variables
- (list "SSL_CERT_DIR=/run/current-system/profile\
+ (let ((zabbix-server
+ (file-append (zabbix-server-configuration-zabbix-server config)
+ "/sbin/zabbix_server"))
+ (config-file (zabbix-server-config-file config)))
+ (list (shepherd-service
+ (provision '(zabbix-server))
+ (documentation "Run the Zabbix server daemon.")
+ (actions (zabbix-server-actions zabbix-server config-file))
+ (start #~(make-forkexec-constructor
+ (list #$zabbix-server
+ "--config" #$config-file
+ "--foreground")
+ #:user #$(zabbix-server-configuration-user config)
+ #:group #$(zabbix-server-configuration-group config)
+ #:pid-file #$(zabbix-server-configuration-pid-file config)
+ #:environment-variables
+ (list "SSL_CERT_DIR=/run/current-system/profile\
/etc/ssl/certs"
- "SSL_CERT_FILE=/run/current-system/profile\
+ "SSL_CERT_FILE=/run/current-system/profile\
/etc/ssl/certs/ca-certificates.crt")))
- (stop #~(make-kill-destructor)))))
+ (stop #~(make-kill-destructor))))))
(define zabbix-server-service-type
(service-type
@@ -431,8 +474,8 @@ configuration file."))
(define (zabbix-agent-account config)
"Return the user accounts and user groups for CONFIG."
- (let ((zabbix-user "zabbix")
- (zabbix-group "zabbix"))
+ (let ((zabbix-user (zabbix-agent-configuration-user config))
+ (zabbix-group (zabbix-agent-configuration-group config)))
(list (user-group (name zabbix-group) (system? #t))
(user-account
(name zabbix-user)
@@ -465,13 +508,9 @@ configuration file."))
#~(begin
(call-with-output-file #$output
(lambda (port)
- (display "# Generated by 'zabbix-agent-service'.\n" port)
- (display #$(with-output-to-string
- (lambda ()
- (serialize-configuration
- config zabbix-agent-configuration-fields)))
- port)
- #t)))))
+ (format port "# Generated by 'zabbix-agent-service'.~%")
+ (format port #$(serialize-configuration
+ config zabbix-agent-configuration-fields)))))))
(define (zabbix-agent-shepherd-service config)
"Return a <shepherd-service> for Zabbix agent with CONFIG."
@@ -490,7 +529,9 @@ configuration file."))
(list "SSL_CERT_DIR=/run/current-system/profile\
/etc/ssl/certs"
"SSL_CERT_FILE=/run/current-system/profile\
-/etc/ssl/certs/ca-certificates.crt")))
+/etc/ssl/certs/ca-certificates.crt"
+ "PATH=/run/setuid-programs:\
+/run/current-system/profile/bin:/run/current-system/profile/sbin")))
(stop #~(make-kill-destructor)))))
(define zabbix-agent-service-type
@@ -526,15 +567,25 @@ fastcgi_param PHP_VALUE \"post_max_size = 16M
")))))))
(listen '("80"))))
+(define (zabbix-front-end-nginx-extension config)
+ (match config
+ (($ <zabbix-front-end-configuration> _ server nginx)
+ (if (null? nginx)
+ (list
+ (nginx-server-configuration
+ (inherit %zabbix-front-end-configuration-nginx)
+ (root #~(string-append #$server:front-end "/share/zabbix/php"))))
+ nginx))))
+
(define-configuration zabbix-front-end-configuration
- ;; TODO: Specify zabbix front-end package.
- ;; (zabbix-
- ;; (file-like zabbix-front-end)
- ;; "The zabbix-front-end package.")
+ (zabbix-server
+ (file-like zabbix-server)
+ "The Zabbix server package to use.")
(nginx
- (nginx-server-configuration-list
- (list %zabbix-front-end-configuration-nginx))
- "NGINX configuration.")
+ (list '())
+ "List of @ref{nginx-server-configuration,@code{nginx-server-configuration}}
+blocks for the Zabbix front-end. When empty, a default that listens on port 80
+is used.")
(db-host
(string "localhost")
"Database host name.")
@@ -577,33 +628,35 @@ $DB['SERVER'] = '" db-host "';
$DB['PORT'] = '" (number->string db-port) "';
$DB['DATABASE'] = '" db-name "';
$DB['USER'] = '" db-user "';
-$DB['PASSWORD'] = '" (let ((file (location-file %location))
- (line (location-line %location))
- (column (location-column %location)))
- (if (string-null? db-password)
- (if (string-null? db-secret-file)
- (raise (make-compound-condition
- (condition
- (&message
- (message
- (format #f "no '~A' or '~A' field in your '~A' record"
- 'db-secret-file 'db-password
- 'zabbix-front-end-configuration))))
- (condition
- (&error-location
- (location %location)))))
- (string-trim-both
- (with-input-from-file db-secret-file
- read-string)))
- (begin
- (display-hint (format #f (G_ "~a:~a:~a: ~a:
+$DB['PASSWORD'] = " (let ((file (location-file %location))
+ (line (location-line %location))
+ (column (location-column %location)))
+ (if (string-null? db-password)
+ (if (string-null? db-secret-file)
+ (raise (make-compound-condition
+ (condition
+ (&message
+ (message
+ (format #f "no '~A' or '~A' field in your '~A' record"
+ 'db-secret-file 'db-password
+ 'zabbix-front-end-configuration))))
+ (condition
+ (&error-location
+ (location %location)))))
+ (string-append "trim(file_get_contents('"
+ db-secret-file "'));\n"))
+ (begin
+ (display-hint (format #f (G_ "~a:~a:~a: ~a:
Consider using @code{db-secret-file} instead of @code{db-password} for better
security.") file line column 'zabbix-front-end-configuration))
- db-password))) "';
-
+ (format #f "'~a';~%" db-password))))
+ "
// Schema name. Used for IBM DB2 and PostgreSQL.
$DB['SCHEMA'] = '';
+// Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
+$DB['DOUBLE_IEEE754'] = true;
+
$ZBX_SERVER = '" zabbix-host "';
$ZBX_SERVER_PORT = '" (number->string zabbix-port) "';
$ZBX_SERVER_NAME = '';
@@ -637,7 +690,7 @@ $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
(list (service-extension activation-service-type
zabbix-front-end-activation)
(service-extension nginx-service-type
- zabbix-front-end-configuration-nginx)
+ zabbix-front-end-nginx-extension)
;; Make sure php-fpm is instantiated.
(service-extension php-fpm-service-type
(const #t))))
diff --git a/gnu/services/pm.scm b/gnu/services/pm.scm
index d91f2b69ce..3da3c0b961 100644
--- a/gnu/services/pm.scm
+++ b/gnu/services/pm.scm
@@ -253,6 +253,22 @@ default, performance, powersave.")
(string "powersave")
"Same as @code{pcie-aspm-ac} but on BAT mode.")
+ (start-charge-thresh-bat0
+ (maybe-non-negative-integer 'disabled)
+ "Percentage when battery 0 should begin charging.")
+
+ (stop-charge-thresh-bat0
+ (maybe-non-negative-integer 'disabled)
+ "Percentage when battery 0 should stop charging.")
+
+ (start-charge-thresh-bat1
+ (maybe-non-negative-integer 'disabled)
+ "Percentage when battery 1 should begin charging.")
+
+ (stop-charge-thresh-bat1
+ (maybe-non-negative-integer 'disabled)
+ "Percentage when battery 1 should stop charging.")
+
(radeon-power-profile-on-ac
(string "high")
"Radeon graphics clock speed level. Alternatives are
diff --git a/gnu/services/sound.scm b/gnu/services/sound.scm
index 1217223a0c..03e62a1e36 100644
--- a/gnu/services/sound.scm
+++ b/gnu/services/sound.scm
@@ -159,7 +159,8 @@ ctl.!default {
(extensions
(list (service-extension session-environment-service-type
pulseaudio-environment)
- (service-extension etc-service-type pulseaudio-etc)))
+ (service-extension etc-service-type pulseaudio-etc)
+ (service-extension udev-service-type (const (list pulseaudio)))))
(default-value (pulseaudio-configuration))
(description "Configure PulseAudio sound support.")))
diff --git a/gnu/services/web.scm b/gnu/services/web.scm
index e5cc6343b5..3fe58d98e6 100644
--- a/gnu/services/web.scm
+++ b/gnu/services/web.scm
@@ -1519,6 +1519,8 @@ ALLOWED_HOSTS = [
allowed-hosts))
"]
+DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
+
DEFAULT_FROM_EMAIL = '" #$default-from-email "'
SERVER_EMAIL = DEFAULT_FROM_EMAIL
NOTIFICATION_FROM_EMAIL = DEFAULT_FROM_EMAIL
diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm
index a5e1a1471d..d6dfb07425 100644
--- a/gnu/services/xorg.scm
+++ b/gnu/services/xorg.scm
@@ -975,7 +975,7 @@ the GNOME desktop environment.")
(list (shepherd-service
(documentation "Xorg display server (GDM)")
(provision '(xorg-server))
- (requirement '(dbus-system user-processes host-name udev))
+ (requirement '(dbus-system user-processes host-name udev elogind))
(start #~(lambda ()
(fork+exec-command
(list #$(file-append (gdm-configuration-gdm config)
generated by cgit v1.2.3 (git 2.50.1) at 2025-08-10 19:57:18 +0000