#pragma once #include "types.hh" #include "hash.hh" #include namespace nix { /* Extension of derivations in the Nix store. */ const string drvExtension = ".drv"; /* Abstract syntax of derivations. */ struct DerivationOutput { Path path; string hashAlgo; /* hash used for expected hash computation */ string hash; /* expected hash, may be null */ DerivationOutput() { } DerivationOutput(Path path, string hashAlgo, string hash) { this->path = path; this->hashAlgo = hashAlgo; this->hash = hash; } void parseHashInfo(bool & recursive, HashType & hashType, Hash & hash) const; }; typedef std::map DerivationOutputs; /* For inputs that are sub-derivations, we specify exactly which output IDs we are interested in. */ typedef std::map DerivationInputs; typedef std::map StringPairs; struct Derivation { DerivationOutputs outputs; /* keyed on symbolic IDs */ DerivationInputs inputDrvs; /* inputs that are sub-derivations */ PathSet inputSrcs; /* inputs that are sources */ string platform; Path builder; Strings args; StringPairs env; }; class StoreAPI; /* Write a derivation to the Nix store, and return its path. */ Path writeDerivation(StoreAPI & store, const Derivation & drv, const string & name, bool repair = false); /* Read a derivation from a file. */ Derivation readDerivation(const Path & drvPath); /* Print a derivation. */ string unparseDerivation(const Derivation & drv); /* Check whether a file name ends with the extensions for derivations. */ bool isDerivation(const string & fileName); /* Return true iff this is a fixed-output derivation. */ bool isFixedOutputDrv(const Derivation & drv); Hash hashDerivationModulo(StoreAPI & store, Derivation drv); /* Memoisation of hashDerivationModulo(). */ typedef std::map DrvHashes; extern DrvHashes drvHashes; /* Split a string specifying a derivation and a set of outputs (/nix/store/hash-foo!out1,out2,...) into the derivation path and the outputs. */ typedef std::pair > DrvPathWithOutputs; DrvPathWithOutputs parseDrvPathWithOutputs(const string & s); Path makeDrvPathWithOutputs(const Path & drvPath, const std::set & outputs); bool wantOutput(const string & output, const std::set & wanted); PathSet outputPaths(const Derivation & drv); }
AgeCommit message (Expand)Author
2024-09-03services: certbot: Add certbot-configuration-package to profile....As the manual suggests running a certbot command to view the issued certificates, add it to the profile. * gnu/services/certbot.scm (certbot-service-type): Extend profile-service-type with certbot-configuration-package. Change-Id: I92618597bbdc8d838420b2e0f82de601b0bc609b Signed-off-by: Ludovic Courtès <ludo@gnu.org> Richard Sent
2024-01-31services: certbot: Add one-shot service to renew certificates....* gnu/services/certbot.scm (certbot-renewal-one-shot): New procedure. (certbot-service-type)[extensions]: Add it to shepherd-root extension. (certbot-command): Make connection errors return a different exit code. (certbot-activation): Remove message with certificate renewal instructions. Change-Id: I614ac6214a753dba0396e2385a75926c8355caa1 Signed-off-by: Clément Lassieur <clement@lassieur.org> Carlo Zancanaro
2024-01-31services: certbot: Reload nginx in deploy hook....* gnu/services/certbot.scm (certbot-deploy-hook): Reload nginx. * doc/guix.texi (Certificate services): Remove deploy-hook from example. Change-Id: Ibb10481170a6fda7df72492072b939dd6a6ad176 Signed-off-by: Clément Lassieur <clement@lassieur.org> Carlo Zancanaro
2024-01-31services: certbot: Create self-signed certificates before certbot runs....* gnu/services/certbot.scm (<certificate-configuration>): Add start-self-signed? field. (generate-certificate-gexp): New procedure. (certbot-activation): Generate self-signed certificates when start-self-signed? is #t. * doc/guix.texi (Certificate services): Document start-self-signed?. Change-Id: Icfd85ae0c3e29324acbcde6ba283546cf0e27a1d Signed-off-by: Clément Lassieur <clement@lassieur.org> Carlo Zancanaro
2024-01-31services: certbot: Symlink certificates to /etc/certs....* gnu/services/certbot.scm (certbot-deploy-hook): New procedure. (certbot-command): Pass new deploy hook to certbot. * doc/guix.texi: Replace "letsencrypt/live" with "certs" throughout, except in the certbot deploy-hook description. Change-Id: I2ba5e4903d1e293e566b732a84b07d5a134b697d Signed-off-by: Clément Lassieur <clement@lassieur.org> Carlo Zancanaro
2023-06-18services: certbot: Fix nginx crash when certbot is used without domains....* gnu/services/certbot.scm (certbot-nginx-server-configurations): Don't return a broken nginx-server-configuration with empty server_name when no certificate domains are configured. Instead add a separate server for every certificate, so 0 certificates adds 0 servers. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Reviewed-by: Bruno Victal <mirai@makinata.eu> Saku Laesvuori
2023-01-03services: certbot: Fix broken link....* gnu/services/certbot.scm (certbot-renewal-jobs): Fix broken link. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com> jgart