| Age | Commit message (Expand) | Author |
|---|
| 4 days | Allow unauthorized `guix pull`...Change-Id: I470115f3d1f092bfba3d9d9989ff0e614ea2d0c2
HEADkoszko | W. Kosior |
| 4 days | services: openvpn: Allow client to pull DNS settings from server....* gnu/services/vpn.scm (pull-dns?): New variable.
(serialize-pull-dns): New variable.
(make-up-down-config-options): New variable.
(make-script-security-cli-options): New variable.
(openvpn-client-configuration)[pull-dns?]: New field.
(openvpn-config-file): Serialize that field.
(openvpn-shepherd-service): Pass `--script-security' option to daemon.
Change-Id: I1141dd0b9bf5956f13cf1552c2718b0a7035fa86
| W. Kosior |
| 4 days | gnu: openvpn: Make resolv.conf up/down scripts available....* gnu/packages/vpn.scm (openvpn)[arguments]<#:phases>: Add phase to install
`client.up' and `client.down' files.
Change-Id: Ic6340721ab0ba086d0528fb3e070e3f7ecf2773e
| W. Kosior |
| 4 days | services: Allow specifying user and group for knot resolver....Kresd used to start as root and create cache files with root ownership before
dropping privileges. This made unprivileged kres-cache-gc (in a separate
service) fail when trying to read them. The new default is to start both as
`knot-resolver', with configuration fields that allow overriding this default.
* gnu/services/dns.scm (<knot-resolver-configuration>)[user]: New field.
(<knot-resolver-configuration>)[group]: New field.
(knot-resolver-shepherd-services): Pass the user&group from config to forkexec
constructors.
Change-Id: Id06a8eca140fdca14995a03e910f521d5f4636e5
| W. Kosior |
| 4 days | gnu: Add tmate-ssh-server....* gnu/packages/ssh.scm (tmate-ssh-server): New variable.
Change-Id: Idfc1f1d8835c0681fb957b85a142c0888a15fa04
| W. Kosior |
| 4 days | services: Update cron service to use `privileged-program' API....Uses of deprecated `setuid-program' get replaced with new
`privileged-program'.
* gnu/services/mcron.scm (cron-daemon-setuid-programs): Use
`privileged-program'.
(cron-daemon-service-type): Extend `privileged-program-service-type'.
Change-Id: I819bf75a0bb23c9b2e97ebcb144ca8adb81a9dde
| W. Kosior |
| 4 days | gnu: mcron: Add traditional cron service....TODO: write good changelog entry
Change-Id: Ib1e8f1afcbaae302eac51883e3b02a1d2c32a89e
| W. Kosior |
| 4 days | gnu: gmnisrv: Fix config loading....* gnu/packages/web.scm (gmnisrv)[arguments]<#:phases>: Patch hostname handling
in `src/config.c'.
Change-Id: Ic79591eb45d63732d0d786a2c9994c60c9b84934
| Wojtek Kosior |
| 4 days | gnu: gmnisrv: Use Gexp....* gnu/packages/web.scm (gmnisrv)[arguments]: Use G-Expression.
Change-Id: Ib8d9379e8b2a3940b8a5297622247a3c7a0454ca
| Wojtek Kosior |
| 4 days | services: Add epicyon-service-type....* gnu/services/web.scm (define-module): Use `util-linux' from `(gnu packages
linux)'.
[#:export]: Export new service type as well as configuration constructor,
predicate and getters.
(<epicyon-configuration>): New variable.
(epicyon-activation): New procedure.
(%epicyon-passwd): New variable.
(%ensure-epicyon-overlay-unmounted): New variable.
(epicyon-shepherd-services): New procedure.
(epicyon-service-type): New variable.
Change-Id: I9e786594b75b588099d3b9f6b0ab5663903c9db4
| W. Kosior |
| 4 days | gnu: Add epicyon....* gnu/packages/python-web.scm (define-module): Use `(gnu packages
imagemagick)' and `(gnu packages/photo)' modules.
(epicyon): New variable.
Change-Id: I736cb955038659ee7c88fc2f3e1da198e3c9f70f
| W. Kosior |
| 4 days | gnu: Add python-django-timezone-field....* gnu/packages/django.scm (python-django-timezone-field): New variable.
Change-Id: I3f500a7a088f0311df4962391bdc692d710176e4
| W. Kosior |
| 4 days | services: ldap: Increase pid file timeout for 389-ds....* gnu/services/ldap.scm (directory-server-shepherd-service): Add
`#:pid-file-timeout 30`.
Change-Id: Ie7b3a7c7347b53d4e3629ef2de53c3a76f6751c0
| Wojtek Kosior |
| 4 days | services: ldap: Fix exported name....* gnu/services/ldap.scm (use-modules): Export `backend-userroot-configuration'
instead of non-existent `backend-configuration'.
Change-Id: I07c6d1c777bc42fa4afc3f23dc9d36080beb5bbc
| Wojtek Kosior |
| 4 days | build: Fix doc generation in VPATH builds....* po/doc/local.mk: For every target make sure destination directory beneath
$(top_builddir) exists. Don't write files beneath $(top_srcdir).
* doc/local.mk: ditto.
Change-Id: I18898edbf228fdf944646a72d278c3fc5daeafe4
| W. Kosior |
| 4 days | build: Fix `make dist'-specific targets in VPATH builds....* Makefile.am (gen-ChangeLog): Look for .git in `$(top_srcdir)'.
(gen-AUTHORS): Look for .git in `$(top_srcdir)'.
Change-Id: Ib6d78f08f8791d2f8e1758614d21c41f04a39b0a
| Wojtek Kosior |
| 4 days | home: services: Add localhost-repo-server....* gnu/home/services/vcs.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Record 'home/services/vcs.scm'.
Change-Id: I37d3c1dacc26eb31b9b7ec434ed760c7cf84cc32
| Wojtek Kosior |
| 4 days | gnu: Add guile-cantius....* gnu/packages/guile-xyz.scm (guile-cantius): New variable.
Change-Id: Iccc7385ae5c3f762f53705c8ebe876f7ad08da00
| Wojtek Kosior |
| 4 days | gnu: Add guile-de-paul-records....* gnu/packages/guile-xyz.scm (guile-de-paul-records): New variable.
Change-Id: I869c65666f83aedec7a34809b66396798e62e2cf
| Wojtek Kosior |
| 4 days | gnu: Add guile-myra-test-utils....* gnu/packages/guile-xyz.scm (guile-myra-test-utils): New variable.
Change-Id: I20ae86fa5fab953524786bffefa3cac9703128df
| Wojtek Kosior |
| 4 days | gnu: Add lawrence-bolierplate....* gnu/packages/autotools.scm (lawrence-boilerplate): New variable.
Change-Id: Ib29e2ef3165ee151226ac4d4bc41ec5b51df8038
| Wojtek Kosior |
| 4 days | system: Allow adding elsewhere-defined system users to extra groups....* gnu/system.scm (define-module): Export `operating-system-extra-groups`.
(<operating-system>)[extra-groups]: New field.
(operating-system-default-essential-services): Also pass extra groups to
account-service.
(hurd-default-essential-services): Same here.
* gnu/system/accounts.scm (define-module): Use (ice-9 vlist), (srfi srfi-8)
and (srfi srfi-26). Export `user-extra-groups`* and `merge-extra-groups-data`.
(<user-extra-groups>): New record type.
(user-account-extend): New procedure.
(merge-extra-groups-data): New procedure.
* gnu/system/shadow.scm (define-module): Re-export `user-extra-groups`*.
(account-service-type)[extend]: Handle <user-extra-groups> records, move field
intializer upward to be able to use `compose`.
Change-Id: I3f489ac794d342267b7627db1d28315ea4b69db2
| Wojtek Kosior |
| 4 days | services: Add overlayfs-service-type....The `overlayfs-service-type` allows overlay filesystems to be automatically
mounted upon boot and reconfiguration.
* gnu/services/overlayfs.scm: New file.
* gnu/local.ml (GNU_SYSTEM_MODULES): Add it.
Change-Id: I94bb3e3a29648faa354931f3c1cebc5947ab1d5c
| Wojtek Kosior |
| 4 days | services: certbot: Facilitate granting key read access to groups....* gnu/services/certbot.scm (certificate-configuration)[key-read-group]: New
field.
(certbot-deploy-hook): Ensure requested group has the right access.
(certbot-command): Pass the requested group to `certbot-deploy-hook'.
(set-key-access-gexp): New procedure.
(generate-certificate-gexp) Ensure the requested group has the right access.
Change-Id: Ia46454a7d2b042cfb682d1d8a7e04aebbc9c19da
| W. Kosior |
| 4 days | services: certbot: Allow it to be used without Nginx....* gnu/services/certbot.scm (define-module)[#:export]: Add
`certbot-sans-nginx-service-type'.
(certbot-configuration)[service-reload]: Add field.
(certbot-configuration)[service-requirement]: Add field.
(certbot-deploy-hook): Reload requested services rather than hardcoded Nginx.
(certbot-command): Pass services to reload to `certbot-deploy-hook'.
(certbot-renewal-one-shot): Pass depended services to Shepherd as configured
instead of passing hardcoded Nginx.
(certbot-sans-nginx-service-type): New variable.
(certbot-service-type): Avoid code duplication by inheriting from the above
service type.
Change-Id: Ic833f24989bbcdcbbc273f9c8eae4c56992aafa0
| Wojtek Kosior |
| 4 days | services: Add snakeoil-service-type....The `snakeoil-service-type' generates self-issued certificates for use by
various system daemons.
* gnu/services/ca.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
Change-Id: I57bbe51f43958c0f2f437d81645ce44f9a68470b
| Wojtek Kosior |
| 4 days | services: Update Exim service to use `privileged-program' API....Uses of deprecated `setuid-program' get replaced with new
`privileged-program'.
* gnu/services/mail.scm (exim-setuids): Call `privileged-program' record
constructor macro.
(exim-service-type): Extend `privileged-program-service-type'
Change-Id: Idb00e45ddcc50a37303dc50fe1feef73a109f219
| W. Kosior |
| 4 days | gnu: exim: Use /etc/exim.conf as the default config file....* gnu/packages/mail.scm (exim)[arguments]<#:phases>['symlink-config-file]: New
phase.
Change-Id: I1be49e4a042b42e38ebff8aeff0e9cfc8724456b
| Wojtek Kosior |
| 4 days | services: Support running Exim with setuid/setgid....In a typical configuration, Exim binary is setuid root and the Exim daemon
process listens for connections under a non-root system account (usually
`exim`). Upon receiving a message, it forks into a child process which
re-executes the binary to regain privileges and deliver the mail to its
destination (e.g. a Maildir inside user's home directory).
Besides the setuid binary itself, such setup also requires the Exim
configuration file to live at the path Exim considers safe. It defaults to
/etc/exim.conf and changing it requires rebuilding the Exim daemon. If a
configuration at unsafe path is used instead, Exim drops its privileges before
reading it and becomes unable to perform certain kinds of email delivery.
* gnu/services/mail.scm (<exim-configuration>)[setuid-user]: New field.
(<exim-configuration>)[setgid-group]: New field.
(exim-computed-config-file): Delete variable.
(exim-shepherd-service)[start]: Use Exim's default config at /etc/exim.conf.
(exim-activation): Atomically put Exim's current config at /etc/exim.conf and
verify its syntactic correctness.
(exim-setuids): New variable.
(exim-service-type)[extensions]: Extend `setuid-program-service-type`.
Change-Id: Ie6153baac80180d3d48f6b5a6959895df06aef0b
| Wojtek Kosior |
| 4 days | gnu: exim: Enable Maildir delivery format....* gnu/packages/mail.scm (exim)[arguments]<#:phases>['configure]: Set
`SUPPORT_MAILDIR` config option to "yes".
Change-Id: Ibb2b0bcd5b4a790eedfdc12f794a43625cb88250
| Wojtek Kosior |
| 4 days | gnu: exim: Set `exim` as the default user....* gnu/packages/mail.scm (exim)[arguments]<#:phases>['configure]: Configure
Exim to resolve uid/gid of `exim` in runtime and prevent install script from
failing.
Change-Id: I2571d6e5a4d4aca534ed6bdfaa3832b1ec69c1d5
| Wojtek Kosior |
| 4 days | services: Allow cgit footer text to be passed as a file-like object....* gnu/services/cgit.scm (cgit-configuration)[footer]: Specify type as
`file-object`.
Change-Id: Id5790bbdb5e09204b653bc54e1b9b60afe5a2ee0
| Wojtek Kosior |
| 4 days | services: Export cgit config serialization procedure....This procedure alone is useful when deploying cgit under HTTP server other
than Nginx or when deploying multiple cgit instances on a single host.
* gnu/services/cgit.scm (define-module): Export
`serialize-cgit-configuration`.
Change-Id: Ia21c5debbd54a156df703d84694c945e851cd55c
| Wojtek Kosior |
| 4 days | gexp: Allow used modules to be specified declaratively for gexps....This change allows specifying a gexp's dependence on arbitrary `use-modules:'
clauses. A top-level gexp no longer needs to know whan modules all its nested
gexps need.
* guix/gexp.scm (define-module)[#:export]: Export `with-used-modules'.
(<gexp>)[used-modules]: Add field.
(gexp-with-hidden-inputs): Pass used modules to altered gexp object.
(gexp-used-modules): New procedure.
(gexp->derivation)[add-modules]: Pass used modules to altered gexp object.
(current-used-modules): New syntax parameter.
(with-used-modules): New syntax transformer.
(gexp): Include used modules in new gexp object.
(wrap-with-used-modules): New procedure.
(input-tuples->gexp): Include empty used modules list in new gexp object.
(outputs->gexp): Ditto.
(sexp->gexp): Ditto.
(gexp->script): Add appropriate `use-modules' form to generated file.
(gexp->file): Ditto.
[gexp-to-write]: New nested procedure.
Change-Id: I8241a9092b162da24301d2ef25bb03e9dd40c2ed
| W. Kosior |
| 7 days | Personalize the README....Change-Id: I18e2ba1eafedd42fcc06c4eba6e41b20bb57967b
| Wojtek Kosior |
| 7 days | gnu: python-clingo: Build from sources....* gnu/packages/potassco.scm (clingo)[source]: Also delete
“libpyclingo/_clingo.c”.
(python-clingo)[#:phases]: Add ‘generate-sources’. Remove ‘fix-failing-tests’.
Signed-off-by: jgart <jgart@dismail.de>
| Liliana Marie Prikler |
| 7 days | gnu: distrobox: Update to 1.8.1.2....* gnu/packages/containers.scm (distrobox): Update to 1.8.1.2.
Change-Id: I5f4da5bae3e1307a2c2efcad6b4f8d526d9a6481
| jgart |
| 7 days | gnu: Add annextimelog....* gnu/packages/task-management.scm (annextimelog): New variable.
Change-Id: I7adf4263422fdb1edcb5dfc878cb1decb529c27e
Signed-off-by: Sharlatan Hellseher <sharlatanus@gmail.com>
| Matthias Riße |
| 7 days | news: Add entry about disable the kernel's EFI pstore backend....* etc/news.scm: Add entry.
Change-Id: I2ea14a87abfed7157d74913c7e918c289cf6b9af
| Leo Famulari |
| 7 days | news: Add entry for linux-libre 6.13....* etc/news.scm: Add entry.
Change-Id: I0e02007cc085e52a1c98627b921d6d946435ae67
| Leo Famulari |
| 7 days | gnu: MPD: Update to 0.23.17....* gnu/packages/mpd.scm (mpd): Update to 0.23.17.
Change-Id: Ie5d884b0d56d4d3661b889e8414417da0340b85e
| Leo Famulari |
| 7 days | gnu: system: Disable EFI pstore backend by default...Disabling the EFI pstore backend is expected to reduce the chances of unaware
users running into issues with UEFI and failing to boot their Guix Systems.
This commit disables one of the backends for the persistent storage driver
'pstore' in the Linux kernel. In particular, we disable the backend which stores
the data in EFI variable storage in UEFI NVRAM.
More information about the pstore system:
https://www.kernel.org/doc/Documentation/ABI/testing/pstore
https://docs.kernel.org/admin-guide/pstore-blk.html
https://blogs.oracle.com/linux/post/pstore-linux-kernel-persistent-storage-file-system
This change reduces writes to UEFI to reduce the chances of it wearing out or
malfunctioning for other reasons, with the goal of preventing situations where
the EFI variable storage is full and cannot take new variables. This is known to
cause "Could not prepare Boot variable: No space left on device" errors on
computers with some UEFI implementations which are susceptible to such problems,
typically on relatively older machines. The user is confronted by the issue at
the later stages of Guix system reconfiguration, when the new boot entry is
created. It may be difficult to recover from because the exact cause depends on
UEFI. Sometimes it is enough to remove dumps from efivars, but sometimes the
storage will remain full permanently with no way to reclaim space.
Users may still enable the backend by changing the option via the kernel
command-line arguments, either in the Guix system configuration or in GRUB.
The above is my summary of what was previously discussed in guix-help mailing
list: <https://lists.gnu.org/archive/html/help-guix/2025-01/msg00173.html>.
* gnu/packages/linux.scm (default-extra-linux-options): Enable the kernel
build-time configuration option CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE.
Change-Id: Id0294fa90ccbf3bacbb55a22aeb4f0a863efe22c
Co-authored-by: Leo Famulari <leo@famulari.name>
| Roman Riabenko |
| 7 days | gnu: Add linux-libre 6.13....* gnu/packages/linux.scm (linux-libre-6.13-version,
linux-libre-6.13-gnu-revision, deblob-scripts-6.13,
linux-libre-6.13-pristine-source, linux-libre-6.13-source,
linux-libre-headers-6.13, linux-libre-6.13): New variables.
(linux-libre-headers-latest): Use linux-libre-headers-6.13.
* gnu/packages/aux-files/linux-libre/6.13-arm.conf,
gnu/packages/aux-files/linux-libre/6.13-arm64.conf,
gnu/packages/aux-files/linux-libre/6.13-i686.conf,
gnu/packages/aux-files/linux-libre/6.13-riscv.conf,
gnu/packages/aux-files/linux-libre/6.13-x86_64.conf: New files.
* Makefile.am (AUX_FILES): Add them.
Change-Id: Ib2acb495eb3bd6c2c2e9e5eebd2e8a1826aeed53
| Leo Famulari |
| 7 days | gnu: linux-libre 5.4: Update to 5.4.290....* gnu/packages/linux.scm (linux-libre-5.4-version): Update to 5.4.290.
(linux-libre-5.4-pristine-source): Update hash.
Change-Id: I1a0e7501bab0747ddb973d5dbca1dc83c048d42e
| Leo Famulari |
| 7 days | gnu: linux-libre 5.10: Update to 5.10.234....* gnu/packages/linux.scm (linux-libre-5.10-version): Update to 5.10.234.
(linux-libre-5.10-pristine-source): Update hash.
Change-Id: Ic6d02a2cc48e4424d9126f43269542e15c4f139a
| Leo Famulari |
| 7 days | gnu: linux-libre 5.15: Update to 5.15.178....* gnu/packages/linux.scm (linux-libre-5.15-version): Update to 5.15.178.
(linux-libre-5.15-pristine-source): Update hash.
Change-Id: If7c556c8ee4829a7e772989dc9be005019e1941f
| Leo Famulari |
| 7 days | gnu: linux-libre 6.1: Update to 6.1.128....* gnu/packages/linux.scm (linux-libre-6.1-version): Update to 6.1.128.
(linux-libre-6.1-pristine-source): Update hash.
Change-Id: Icd8fa4921ce0db9d89d1b33cecc1306e2df67051
| Leo Famulari |
| 7 days | gnu: linux-libre 6.6: Update to 6.6.75....* gnu/packages/linux.scm (linux-libre-6.6-version): Update to 6.6.75.
(linux-libre-6.6-pristine-source): Update hash.
Change-Id: I60a5d3b4241ef3362b6b9656e25768ef6ab0897c
| Leo Famulari |
| 7 days | gnu: linux-libre: Update to 6.12.12....* gnu/packages/linux.scm (linux-libre-6.12-version): Update to 6.12.12.
(linux-libre-6.12-pristine-source): Update hash.
Change-Id: I88fe45f71455e08e100bfe800ec415f2e6566616
| Leo Famulari |
| 7 days | gnu: Add ravanan....* gnu/packages/bioinformatics.scm (ravanan): New variable.
Change-Id: Ib93ea64a3a0313be167dd1cd2f036c72f1c0f138
Signed-off-by: jgart <jgart@dismail.de>
| Arun Isaac |
