;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2023 Janneke Nieuwenhuizen <janneke@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu home services messaging)
  #:use-module (srfi srfi-26)
  #:use-module (gnu home services)
  #:use-module (gnu home services shepherd)
  #:use-module (gnu packages messaging)
  #:use-module (gnu services configuration)
  #:use-module (gnu services shepherd)
  #:use-module (guix records)
  #:use-module (guix gexp)
  #:export (home-znc-configuration
            home-znc-service-type))

;;;
;;; Znc.
;;;
(define-record-type* <home-znc-configuration>
  home-znc-configuration make-home-znc-configuration
  home-znc-configuration?
  (znc           home-znc-znc           ;string
                 (default znc))
  (extra-options home-znc-extra-options ;list of string
                 (default '())))

(define (home-znc-services config)
  "Return a <shepherd-service> for znc with CONFIG."
  (match-record config <home-znc-configuration>
    (znc extra-options)
    (let* ((znc (file-append znc "/bin/znc"))
           (command #~'(#$znc "--foreground" #$@extra-options))
           (log-file #~(string-append %user-log-dir "/znc.log")))
      (list (shepherd-service
             (documentation "Run the znc IRC bouncer.")
             (provision '(znc))
             (modules '((shepherd support)))      ;for '%user-log-dir'
             (start #~(make-forkexec-constructor #$command
                                                 #:log-file #$log-file))
             (stop #~(make-kill-destructor)))))))

(define home-znc-service-type
  (service-type
   (name 'home-znc)
   (default-value (home-znc-configuration))
   (extensions
    (list (service-extension home-shepherd-service-type
                             home-znc-services)))
   (description
    "Install and configure @command{znc}, an @acronym{IRC, Internet Relay
Chat} bouncer, as a Shepherd service.")))
hor</th></tr>
<tr><td><span title='2022-12-23 20:20:06 +0100'>2022-12-23</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=afaeb657b118e6998342110deab8c8110b824417'>etc: SELinux: Allow init process to setattr on profile directories.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in: Add rule.
</span></span></td><td>Ricardo Wurmus</td></tr>
<tr><td><span title='2022-12-23 20:20:06 +0100'>2022-12-23</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=4a134ed32e69ba888d988d2ed924a1531a54551b'>etc: SELinux: Allow daemon to search run state directories.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in: Import types init_var_run_t and
system_dbusd_var_run_t; add rules.
</span></span></td><td>Ricardo Wurmus</td></tr>
<tr><td><span title='2022-12-23 20:20:06 +0100'>2022-12-23</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=f28d792719abb82cc920486e6d6f14eacc44370c'>etc: SELinux: Label guix-daemon executable in profile.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in: Add file rule for "guix-daemon" in current-guix
profile.
</span></span></td><td>Ricardo Wurmus</td></tr>
<tr><td><span title='2022-01-26 09:31:45 +0100'>2022-01-26</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=bbc2fb0d52128c85c92251ed36d8063b3dcf3c3a'>etc: Remove redundant SELinux permissions block.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in (guix_daemon): Consolidate two blocks adding
sock_file permissions on guix_daemon_conf_t.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2022-01-24 11:28:14 +0100'>2022-01-24</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=98e74d520a30d1ed7d7b47d4f1d9afadefc699e3'>etc: Add more SELinux permissions for the daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in (guix_daemon): Permit write on guix_daemon_conf_t
sock_file, necessary for garbage collection.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2021-05-22 19:53:17 +0200'>2021-05-22</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=35bd94a49257bbadcb3ca25342e5c1ec33f438f0'>etc: Add more SELinux permissions for the daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in (guix_daemon): Add more permissions, necessary for
garbage collection.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-12-10 23:48:42 +0100'>2020-12-10</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=d677f3d6231d352fdb65b70f67d85fb5744e912c'>etc: Add more SELinux permissions for the daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in (guix_daemon): Permit file write, getattr, link and
unlink for the guix_daemon_exec_t type.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-11-27 21:33:59 +0100'>2020-11-27</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=1807632393d0723f3085c457517965c32715717a'>etc: Add more SELinux permissions for the daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in (guix_daemon): Permit more operations required for
various build jobs.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-11-26 00:31:47 +0100'>2020-11-26</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=402ebffe195890c9826cfa7519034dd12a48ae6a'>etc: Add more SELinux permissions for the daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in (guix_daemon): Permit file appending, setattr,
read/write UDP sockets, access to tmpfs and hugetlbfs, and connecting to
PostgreSQL.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-11-25 23:24:52 +0100'>2020-11-25</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=d64e0261d0007413a795c4cf01f9d06b170da3f5'>etc: Add more SELinux permissions for the daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>This is needed for some package test suites.

* etc/guix-daemon.cil.in (guix_daemon): Permit unix_dgram_socket operations.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-11-15 16:08:47 +0100'>2020-11-15</span></td><td><a href='/guix/commit/etc/guix-daemon.cil.in?id=62343288ef6dc56027d268ef773ae699a4bbb76d'>etc: Updates for the guix-daemon SELinux policy.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-daemon.cil.in (guix_daemon): Specify more permissions for
guix-daemon to account for daemon updates and newer SELinux.

I can't promise that this is a complete list of everything that guix-daemon
needs, but it's probably most of them. It can search for, install, upgrade,
and remove packages, create virtual machines and containers, update itself,
and so on.

Signed-off-by: Marius Bakke &lt;marius@gnu.org&gt;
</span></span></td><td>Daniel Brooks</td></tr>