guix/gnu/services, branch koszko Wojtek's customized Guix https://git.koszko.org/guix/atom?h=koszko 2025-05-26T12:07:29Z services: openvpn: Allow configuring the `mssfix' option in client. 2025-05-26T12:07:29Z W. Kosior koszko@koszko.org 2025-03-21T08:50:55Z urn:sha1:6315fd97c890d7babf60b2bde1844f78b5c60d11 This is useful for clients in networks where UDP packet fragmentation doesn't work. * gnu/services/vpn.scm (maybe-mtu?): New variable. (serialize-maybe-mtu): New variable. (openvpn-client-configuration)[mssfix]: New field. Change-Id: I8262a8ac8bda9ea76e7398ba421bba4437732ebe services: openvpn: Allow the client to hardcode DNS servers to use. 2025-05-26T12:07:29Z W. Kosior koszko@koszko.org 2025-03-04T16:25:02Z urn:sha1:0ba7acf648e77b33150260d4e0e1db974a4447df * gnu/services/vpn.scm (%ipv4-regex): New variable. (dhcp-option-dns-list?): New variable. (serialize-dhcp-option-dns-list): New variable. (openvpn-client-configuration)[dns]: New field. Change-Id: Ic4e8184f47bf3f1d5b683c4dc737f6abba8d2f9e services: openvpn: Allow putting arbitrary text server's ccd config. 2025-05-26T12:07:29Z W. Kosior koszko@koszko.org 2025-02-17T11:27:08Z urn:sha1:aa5224cb3e7265cfb42bf739ebec7f9aa6f72d1c * gnu/services/vpn.scm (verbatim-text?): New variable. (serialize-verbatim-text): New variable. (openvpn-ccd-configuration)[opaque-configuration]: New field. Change-Id: I1becf66bb2e41237595e45cd23c20800d3ffe239 services: openvpn: Allow OpenVPN client to dictate route(s) it sets. 2025-05-26T12:07:29Z W. Kosior koszko@koszko.org 2025-02-17T11:25:32Z urn:sha1:25bef3d8ca0cfd03f2c4f7846162ca42956831ec * gnu/services/vpn.scm (maybe-ip-mask?): New variable. (serialize-maybe-ip-mask): New variable. (pull-route?): New variable. (serialize-pull-route): New variable. (openvpn-client-configuration)[pull-route?]: New field. (openvpn-client-configuration)[route]: New field. Change-Id: Ief6390e905612420ad249c9ecd80a46caad2e378 services: openvpn: Allow using up/down scripts bundled with OpenVPN. 2025-05-26T12:07:29Z W. Kosior koszko@koszko.org 2024-09-20T10:20:02Z urn:sha1:330fa06c0240101c67bfd974bf6a3e81e8aad2bd This is useful for example to pull DNS settings from the server. * gnu/services/vpn.scm (use-up-down-scripts?): New variable. (serialize-use-up-down-scripts): New variable. (make-up-down-config-options): New variable. (make-script-security-cli-options): New variable. (openvpn-client-configuration)[use-up-down-scripts?]: New field. (openvpn-config-file): Serialize that field. (openvpn-shepherd-service): Pass `--script-security' option to daemon. Change-Id: I1141dd0b9bf5956f13cf1552c2718b0a7035fa86 services: shepherd: Allow extensions to alter shepherd root config. 2025-05-26T12:07:28Z W. Kosior koszko@koszko.org 2025-02-17T11:35:07Z urn:sha1:ada6a31a83e9adad4fc55bdd176fbddd556fec2e This, in particular, enables system administrator to use a different (modified) shepherd package for the init. * gnu/services/shepherd.scm (shepherd-root-service-type)[extend]: When an extension is a procedure, do not treat it as an extra shepherd service to append. Instead, pass the resulting config through it. Change-Id: I39c394ab0798b7a1f8d373c19becf01c4870d10b services: Allow specifying user and group for knot resolver. 2025-05-26T12:07:28Z W. Kosior koszko@koszko.org 2024-09-04T18:50:17Z urn:sha1:f73d53f17beeabb5b327e7735cae79a0cd2216ff Kresd used to start as root and create cache files with root ownership before dropping privileges. This made unprivileged kres-cache-gc (in a separate service) fail when trying to read them. The new default is to start both as `knot-resolver', with configuration fields that allow overriding this default. * gnu/services/dns.scm (<knot-resolver-configuration>)[user]: New field. (<knot-resolver-configuration>)[group]: New field. (knot-resolver-shepherd-services): Pass the user&group from config to forkexec constructors. Change-Id: Id06a8eca140fdca14995a03e910f521d5f4636e5 services: Update cron service to use `privileged-program' API. 2025-05-26T12:07:27Z W. Kosior koszko@koszko.org 2024-09-04T18:43:07Z urn:sha1:2ba93846b7db2ef446ea8d7a660f7d853f7e60d4 Uses of deprecated `setuid-program' get replaced with new `privileged-program'. * gnu/services/mcron.scm (cron-daemon-setuid-programs): Use `privileged-program'. (cron-daemon-service-type): Extend `privileged-program-service-type'. Change-Id: I819bf75a0bb23c9b2e97ebcb144ca8adb81a9dde gnu: mcron: Add traditional cron service. 2025-05-26T12:07:27Z W. Kosior koszko@koszko.org 2024-05-26T22:52:23Z urn:sha1:4dc69657aafa5374596266ce1adfacc805753e9a TODO: write good changelog entry Change-Id: Ib1e8f1afcbaae302eac51883e3b02a1d2c32a89e services: Add epicyon-service-type. 2025-05-26T12:07:25Z W. Kosior koszko@koszko.org 2024-07-13T10:11:19Z urn:sha1:b8cad0f63633baa783d0017297696c4f7ac27f92 * gnu/services/web.scm (define-module): Use `util-linux' from `(gnu packages linux)'. [#:export]: Export new service type as well as configuration constructor, predicate and getters. (<epicyon-configuration>): New variable. (epicyon-activation): New procedure. (%epicyon-passwd): New variable. (%ensure-epicyon-overlay-unmounted): New variable. (epicyon-shepherd-services): New procedure. (epicyon-service-type): New variable. Change-Id: I9e786594b75b588099d3b9f6b0ab5663903c9db4