guix - Wojtek's customized Guix

Age	Commit message (Expand)	Author
2025-03-21	services: openvpn: Allow configuring the `mssfix' option in client.•••This is useful for clients in networks where UDP packet fragmentation doesn't work. * gnu/services/vpn.scm (maybe-mtu?): New variable. (serialize-maybe-mtu): New variable. (openvpn-client-configuration)[mssfix]: New field. Change-Id: I8262a8ac8bda9ea76e7398ba421bba4437732ebe	W. Kosior
2025-03-21	services: openvpn: Allow the client to hardcode DNS servers to use.•••* gnu/services/vpn.scm (%ipv4-regex): New variable. (dhcp-option-dns-list?): New variable. (serialize-dhcp-option-dns-list): New variable. (openvpn-client-configuration)[dns]: New field. Change-Id: Ic4e8184f47bf3f1d5b683c4dc737f6abba8d2f9e	W. Kosior
2025-03-21	services: openvpn: Allow putting arbitrary text server's ccd config.•••* gnu/services/vpn.scm (verbatim-text?): New variable. (serialize-verbatim-text): New variable. (openvpn-ccd-configuration)[opaque-configuration]: New field. Change-Id: I1becf66bb2e41237595e45cd23c20800d3ffe239	W. Kosior
2025-03-21	services: openvpn: Allow OpenVPN client to dictate route(s) it sets.•••* gnu/services/vpn.scm (maybe-ip-mask?): New variable. (serialize-maybe-ip-mask): New variable. (pull-route?): New variable. (serialize-pull-route): New variable. (openvpn-client-configuration)[pull-route?]: New field. (openvpn-client-configuration)[route]: New field. Change-Id: Ief6390e905612420ad249c9ecd80a46caad2e378	W. Kosior
2025-03-21	services: openvpn: Allow using up/down scripts bundled with OpenVPN.•••This is useful for example to pull DNS settings from the server. * gnu/services/vpn.scm (use-up-down-scripts?): New variable. (serialize-use-up-down-scripts): New variable. (make-up-down-config-options): New variable. (make-script-security-cli-options): New variable. (openvpn-client-configuration)[use-up-down-scripts?]: New field. (openvpn-config-file): Serialize that field. (openvpn-shepherd-service): Pass `--script-security' option to daemon. Change-Id: I1141dd0b9bf5956f13cf1552c2718b0a7035fa86	W. Kosior
2025-03-21	gnu: openvpn: Make resolv.conf up/down scripts available.•••* gnu/packages/vpn.scm (openvpn)[arguments]<#:phases>: Add phase to install `client.up' and `client.down' files. Change-Id: Ic6340721ab0ba086d0528fb3e070e3f7ecf2773e	W. Kosior
2025-03-21	services: shepherd: Allow extensions to alter shepherd root config.•••This, in particular, enables system administrator to use a different (modified) shepherd package for the init. * gnu/services/shepherd.scm (shepherd-root-service-type)[extend]: When an extension is a procedure, do not treat it as an extra shepherd service to append. Instead, pass the resulting config through it. Change-Id: I39c394ab0798b7a1f8d373c19becf01c4870d10b	W. Kosior
2025-03-21	services: Allow specifying user and group for knot resolver.•••Kresd used to start as root and create cache files with root ownership before dropping privileges. This made unprivileged kres-cache-gc (in a separate service) fail when trying to read them. The new default is to start both as `knot-resolver', with configuration fields that allow overriding this default. * gnu/services/dns.scm (<knot-resolver-configuration>)[user]: New field. (<knot-resolver-configuration>)[group]: New field. (knot-resolver-shepherd-services): Pass the user&group from config to forkexec constructors. Change-Id: Id06a8eca140fdca14995a03e910f521d5f4636e5	W. Kosior
2025-03-21	gnu: Add tmate-ssh-server.•••* gnu/packages/ssh.scm (tmate-ssh-server): New variable. Change-Id: Idfc1f1d8835c0681fb957b85a142c0888a15fa04	W. Kosior
2025-03-21	services: Update cron service to use `privileged-program' API.•••Uses of deprecated `setuid-program' get replaced with new `privileged-program'. * gnu/services/mcron.scm (cron-daemon-setuid-programs): Use `privileged-program'. (cron-daemon-service-type): Extend `privileged-program-service-type'. Change-Id: I819bf75a0bb23c9b2e97ebcb144ca8adb81a9dde	W. Kosior
2025-03-21	gnu: mcron: Add traditional cron service.•••TODO: write good changelog entry Change-Id: Ib1e8f1afcbaae302eac51883e3b02a1d2c32a89e	W. Kosior
2025-03-21	gnu: gmnisrv: Fix config loading.•••* gnu/packages/web.scm (gmnisrv)[arguments]<#:phases>: Patch hostname handling in `src/config.c'. Change-Id: Ic79591eb45d63732d0d786a2c9994c60c9b84934	Wojtek Kosior
2025-03-21	gnu: gmnisrv: Use Gexp.•••* gnu/packages/web.scm (gmnisrv)[arguments]: Use G-Expression. Change-Id: Ib8d9379e8b2a3940b8a5297622247a3c7a0454ca	Wojtek Kosior
2025-03-21	services: Add epicyon-service-type.•••* gnu/services/web.scm (define-module): Use `util-linux' from `(gnu packages linux)'. [#:export]: Export new service type as well as configuration constructor, predicate and getters. (<epicyon-configuration>): New variable. (epicyon-activation): New procedure. (%epicyon-passwd): New variable. (%ensure-epicyon-overlay-unmounted): New variable. (epicyon-shepherd-services): New procedure. (epicyon-service-type): New variable. Change-Id: I9e786594b75b588099d3b9f6b0ab5663903c9db4	W. Kosior
2025-03-21	gnu: Add epicyon.•••* gnu/packages/python-web.scm (define-module): Use `(gnu packages imagemagick)' and `(gnu packages/photo)' modules. (epicyon): New variable. Change-Id: I736cb955038659ee7c88fc2f3e1da198e3c9f70f	W. Kosior
2025-03-21	gnu: Add python-django-timezone-field.•••* gnu/packages/django.scm (python-django-timezone-field): New variable. Change-Id: I3f500a7a088f0311df4962391bdc692d710176e4	W. Kosior
2025-03-21	services: ldap: Increase pid file timeout for 389-ds.•••* gnu/services/ldap.scm (directory-server-shepherd-service): Add `#:pid-file-timeout 30`. Change-Id: Ie7b3a7c7347b53d4e3629ef2de53c3a76f6751c0	Wojtek Kosior
2025-03-21	services: ldap: Fix exported name.•••* gnu/services/ldap.scm (use-modules): Export `backend-userroot-configuration' instead of non-existent `backend-configuration'. Change-Id: I07c6d1c777bc42fa4afc3f23dc9d36080beb5bbc	Wojtek Kosior
2025-03-21	gnu modsecurity: Add ModSecurity Web Application Firewall.•••This commit adds the "httpd-modsecurity" package with ModSecurity2. It comes in 2 variants: one using older pcre with tests enabled and one with pcre2 but non-working tests. The latter is exported from the module. There's also a definition for "libmodsecurity" package containing the library part of ModSecurity3. No http server-specific connectors for it are packaged in this commit, though. * gnu/local.mk (GNU_SYSTEM_MODULES): Add `modsecurity.scm'. * gnu/packages/modsecurity.scm: New file. Change-Id: Ida54a64c52383ff217be067322f3d1c6ea4da020	W. Kosior
2025-03-21	gnu: minetest-worldedit: Disable tests.•••* gnu/packages/minetest.scm (minetest-worldedit)[arguments]: Add field. Change-Id: Ie76c7f137a2fed05b24fd05be83c133f446b0b6b	W. Kosior
2025-03-21	home: services: Add localhost-repo-server.•••* gnu/home/services/vcs.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Record 'home/services/vcs.scm'. Change-Id: I37d3c1dacc26eb31b9b7ec434ed760c7cf84cc32	Wojtek Kosior
2025-03-21	gnu: Add guile-srfi-247.•••* gnu/packages/guile-xyz.scm (guile-srfi-247): New variable. Change-Id: Ie9f2ca90b58efab64b5795eea4d243a512471327	W. Kosior
2025-03-21	gnu: Add guile-cantius.•••* gnu/packages/guile-xyz.scm (guile-cantius): New variable. Change-Id: Iccc7385ae5c3f762f53705c8ebe876f7ad08da00	Wojtek Kosior
2025-03-21	gnu: Add guile-de-paul-records.•••* gnu/packages/guile-xyz.scm (guile-de-paul-records): New variable. Change-Id: I869c65666f83aedec7a34809b66396798e62e2cf	Wojtek Kosior
2025-03-21	gnu: Add guile-myra-test-utils.•••* gnu/packages/guile-xyz.scm (guile-myra-test-utils): New variable. Change-Id: I20ae86fa5fab953524786bffefa3cac9703128df	Wojtek Kosior
2025-03-21	gnu: Add lawrence-bolierplate.•••* gnu/packages/autotools.scm (lawrence-boilerplate): New variable. Change-Id: Ib29e2ef3165ee151226ac4d4bc41ec5b51df8038	Wojtek Kosior
2025-03-21	system: Allow adding elsewhere-defined system users to extra groups.•••* gnu/system.scm (define-module): Export `operating-system-extra-groups`. (<operating-system>)[extra-groups]: New field. (operating-system-default-essential-services): Also pass extra groups to account-service. (hurd-default-essential-services): Same here. * gnu/system/accounts.scm (define-module): Use (ice-9 vlist), (srfi srfi-8) and (srfi srfi-26). Export `user-extra-groups`* and `merge-extra-groups-data`. (<user-extra-groups>): New record type. (user-account-extend): New procedure. (merge-extra-groups-data): New procedure. * gnu/system/shadow.scm (define-module): Re-export `user-extra-groups`*. (account-service-type)[extend]: Handle <user-extra-groups> records, move field intializer upward to be able to use `compose`. Change-Id: I3f489ac794d342267b7627db1d28315ea4b69db2	Wojtek Kosior
2025-03-21	services: Add overlayfs-service-type.•••The `overlayfs-service-type` allows overlay filesystems to be automatically mounted upon boot and reconfiguration. * gnu/services/overlayfs.scm: New file. * gnu/local.ml (GNU_SYSTEM_MODULES): Add it. Change-Id: I94bb3e3a29648faa354931f3c1cebc5947ab1d5c	Wojtek Kosior
2025-03-21	services: certbot: Facilitate granting key read access to groups.•••* gnu/services/certbot.scm (certificate-configuration)[key-read-group]: New field. (certbot-deploy-hook): Ensure requested group has the right access. (certbot-command): Pass the requested group to `certbot-deploy-hook'. (set-key-access-gexp): New procedure. (generate-certificate-gexp) Ensure the requested group has the right access. Change-Id: Ia46454a7d2b042cfb682d1d8a7e04aebbc9c19da	W. Kosior
2025-03-21	services: certbot: Allow it to be used without Nginx.•••* gnu/services/certbot.scm (define-module)[#:export]: Add `certbot-sans-nginx-service-type'. (certbot-configuration)[service-reload]: Add field. (certbot-configuration)[service-requirement]: Add field. (certbot-deploy-hook): Reload requested services rather than hardcoded Nginx. (certbot-command): Pass services to reload to `certbot-deploy-hook'. (certbot-renewal-one-shot): Pass depended services to Shepherd as configured instead of passing hardcoded Nginx. (certbot-sans-nginx-service-type): New variable. (certbot-service-type): Avoid code duplication by inheriting from the above service type. Change-Id: Ic833f24989bbcdcbbc273f9c8eae4c56992aafa0	Wojtek Kosior
2025-03-21	services: Add snakeoil-service-type.•••The `snakeoil-service-type' generates self-issued certificates for use by various system daemons. * gnu/services/ca.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. Change-Id: I57bbe51f43958c0f2f437d81645ce44f9a68470b	Wojtek Kosior
2025-03-21	services: exim: Allow configuring a periodic queue runner.•••The runner now by default runs every 5 minutes. Previously it didn't run at all which pretty much crippled Exim's functionality. * gnu/services/mail.scm (<exim-configuration>)[queue-period]: New field. (exim-shepherd-service): Pass period (unless disabled) with Exim's `-q' option and remove the verbosity flag. Change-Id: Ia8f25d93543b761e1a058c30f2f6ddf11943aa57	W. Kosior
2025-03-21	services: Update Exim service to use `privileged-program' API.•••Uses of deprecated `setuid-program' get replaced with new `privileged-program'. * gnu/services/mail.scm (exim-setuids): Call `privileged-program' record constructor macro. (exim-service-type): Extend `privileged-program-service-type' Change-Id: Idb00e45ddcc50a37303dc50fe1feef73a109f219	W. Kosior
2025-03-21	gnu: exim: Use /etc/exim.conf as the default config file.•••* gnu/packages/mail.scm (exim)[arguments]<#:phases>['symlink-config-file]: New phase. Change-Id: I1be49e4a042b42e38ebff8aeff0e9cfc8724456b	Wojtek Kosior
2025-03-21	services: Support running Exim with setuid/setgid.•••In a typical configuration, Exim binary is setuid root and the Exim daemon process listens for connections under a non-root system account (usually `exim`). Upon receiving a message, it forks into a child process which re-executes the binary to regain privileges and deliver the mail to its destination (e.g. a Maildir inside user's home directory). Besides the setuid binary itself, such setup also requires the Exim configuration file to live at the path Exim considers safe. It defaults to /etc/exim.conf and changing it requires rebuilding the Exim daemon. If a configuration at unsafe path is used instead, Exim drops its privileges before reading it and becomes unable to perform certain kinds of email delivery. * gnu/services/mail.scm (<exim-configuration>)[setuid-user]: New field. (<exim-configuration>)[setgid-group]: New field. (exim-computed-config-file): Delete variable. (exim-shepherd-service)[start]: Use Exim's default config at /etc/exim.conf. (exim-activation): Atomically put Exim's current config at /etc/exim.conf and verify its syntactic correctness. (exim-setuids): New variable. (exim-service-type)[extensions]: Extend `setuid-program-service-type`. Change-Id: Ie6153baac80180d3d48f6b5a6959895df06aef0b	Wojtek Kosior
2025-03-21	gnu: exim: Enable Maildir delivery format.•••* gnu/packages/mail.scm (exim)[arguments]<#:phases>['configure]: Set `SUPPORT_MAILDIR` config option to "yes". Change-Id: Ibb2b0bcd5b4a790eedfdc12f794a43625cb88250	Wojtek Kosior
2025-03-21	gnu: exim: Set `exim` as the default user.•••* gnu/packages/mail.scm (exim)[arguments]<#:phases>['configure]: Configure Exim to resolve uid/gid of `exim` in runtime and prevent install script from failing. Change-Id: I2571d6e5a4d4aca534ed6bdfaa3832b1ec69c1d5	Wojtek Kosior
2025-03-21	services: Allow cgit footer text to be passed as a file-like object.•••* gnu/services/cgit.scm (cgit-configuration)[footer]: Specify type as `file-object`. Change-Id: Id5790bbdb5e09204b653bc54e1b9b60afe5a2ee0	Wojtek Kosior
2025-03-21	services: Export cgit config serialization procedure.•••This procedure alone is useful when deploying cgit under HTTP server other than Nginx or when deploying multiple cgit instances on a single host. * gnu/services/cgit.scm (define-module): Export `serialize-cgit-configuration`. Change-Id: Ia21c5debbd54a156df703d84694c945e851cd55c	Wojtek Kosior
2025-03-07	gnu: Add r-intrees.•••* gnu/packages/cran.scm (r-intrees): New variable. Change-Id: Ia26bd283593ab4c6422e9e4e920b643e04bf5712	Spencer King
2025-03-07	gnu: Add sickle.•••* gnu/packages/bioinformatics.scm (sickle): New variable. Change-Id: Ib74974b0ee887753d6ead5b5b388e7163abb11f8	Navid Afkhami
2025-03-07	gnu: guile-next: Update to 3.0.10-1.402e0df.•••* gnu/packages/guile.scm (guile-next): Update to 3.0.10-1.402e0df. Change-Id: I935fd081de1b6f230a672efe4b0346d446b7acc9	Zheng Junjie
2025-03-07	gnu: Add llvm-20.•••* gnu/packages/llvm.scm (%llvm-monorepo-hashes): Add entry for llvm-20. (%llvm-patches): Add entry for llvm-20. (llvm-20, clang-runtime-20, clang-20, libomp-20, clang-toolchain-20): New variables. Change-Id: Ia49a4829f73f17dd78933838470ca70241927102	Zheng Junjie
2025-03-07	gnu: emacs-org-node: Fix build.•••* gnu/packages/emacs-xyz.scm (emacs-org-node)[propagated-inputs]: Add emacs-magit. Change-Id: I7fb021edf994eead9663eb56b2e4ec83320cafe5	Nicolas Goaziou
2025-03-07	gnu: emacs-pythonic: Fix build.•••* gnu/packages/emacs-xyz.scm (emacs-pythonic): Fix hash. Change-Id: I5ea7e7a80b295fc6a15d07d73b5320cadcde355a	Nicolas Goaziou
2025-03-07	gnu: emacs-speed-type: Fix build.•••* gnu/packages/emacs-xyz.scm (emacs-speed-type)[native-inputs]: Add emacs-dash. Change-Id: Iffa57980758cecc83624aac1090479cbd593db33	Nicolas Goaziou
2025-03-07	gnu: astromenace: Update to 1.4.3.•••* gnu/packages/games.scm (astromenace): Update to 1.4.3. Change-Id: Iaaed11f0a5471f2483ac53a32efd5e48ebff1484	Nicolas Goaziou
2025-03-07	gnu: asymptote: Update to 3.01.•••* gnu/packages/plotutils.scm (asymptote): Update to 3.01. [arguments]<#:phases>: Use dynamic GC library. [native-inputs]: Remove autoconf, Add autoconf-2.71. Change-Id: Ia2a3759c411f35cae4169c148427ef48f9e5c683	Nicolas Goaziou
2025-03-07	gnu: node-bootstrap: Remove riscv64-linux from supported-systems.•••* gnu/packages/node.scm (node-bootstrap)[supported-systems]: New field. (node-lts)[supported-system]: Restore the default. Change-Id: Ia2eb1b18298e6bdb088b3d9d8fa4c395b690253f	Efraim Flashner
2025-03-07	gnu: xournalpp: Update to 1.2.6.•••* gnu/packages/pdf.scm (xournalpp): Update to 1.2.6. Change-Id: If028b917ff0a42dc8ff5be11796ea3d18b18557e	Nicolas Goaziou