From ea3c876afc31d8b86e3ecba776fdfb3bd82ce9c1 Mon Sep 17 00:00:00 2001 From: JEAN-FRANCOIS GUILLAUME Date: Thu, 24 Nov 2022 15:00:33 +0100 Subject: [PATCH] rework and reformating of services --- glicid/services/authentication.scm | 6 +- glicid/services/cuirass.scm | 723 ++++++++++++++--------------- glicid/services/file-systems.scm | 101 ++-- glicid/services/networking.scm | 165 +++---- glicid/services/openldap.scm | 122 ++--- glicid/services/parallel.scm | 42 +- glicid/services/rc-local.scm | 90 ++-- 7 files changed, 548 insertions(+), 701 deletions(-) diff --git a/glicid/services/authentication.scm b/glicid/services/authentication.scm index bfdff3b..3c92f24 100644 --- a/glicid/services/authentication.scm +++ b/glicid/services/authentication.scm @@ -18,14 +18,14 @@ sssd-configuration make-sssd-configuration sssd-configuration? (sssd-pkg sssd-pkg (default sssd)) - (sssd-conf sssd-conf (default "/etc/sssd/sssd.conf")) + (sssd-config-file sssd-config-file (default "/etc/sssd/sssd.conf")) (sssd-logger sssd-logger (default "stderr")) (sssd-debug-level sssd-debug-level (default "3")) (log-file log-file (default "/var/log/sssd/sssd.log"))) (define sssd-service (match-lambda - (($ sssd-pkg sssd-conf sssd-logger sssd-debug-level log-file) + (($ sssd-pkg sssd-config-file sssd-logger sssd-debug-level log-file) (list (shepherd-service (provision '(sssd)) @@ -36,7 +36,7 @@ (list #$(file-append sssd-pkg "/sbin/sssd") "-i" - "-c" #$sssd-conf + "-c" #$sssd-config-file "--logger" #$sssd-logger "-d" #$sssd-debug-level ) diff --git a/glicid/services/cuirass.scm b/glicid/services/cuirass.scm index 2151664..3217a4f 100644 --- a/glicid/services/cuirass.scm +++ b/glicid/services/cuirass.scm @@ -1,430 +1,397 @@ -;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2016 Mathieu Lirzin -;;; Copyright © 2016, 2017, 2018, 2019, 2020, 2021 Ludovic Courtès -;;; Copyright © 2017, 2020 Mathieu Othacehe -;;; Copyright © 2017 Jan Nieuwenhuizen -;;; Copyright © 2018, 2019 Ricardo Wurmus -;;; Copyright © 2018 Clément Lassieur -;;; -;;; This file is part of GNU Guix. -;;; -;;; GNU Guix is free software; you can redistribute it and/or modify -;;; it under the terms of the GNU General Public License as published by -;;; the Free Software Foundation, either version 3 of the License, or -;;; (at your option) any later version. -;;; -;;; GNU Guix is distributed in the hope that it will be useful, -;;; but WITHOUT ANY WARRANTY; without even the implied warranty of -;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -;;; GNU General Public License for more details. -;;; -;;; You should have received a copy of the GNU General Public License -;;; along with GNU Guix. If not, see . - (define-module (glicid services cuirass) - #:use-module (guix channels) - #:use-module (guix gexp) - #:use-module (guix records) - #:use-module (guix store) - #:use-module (guix utils) - #:use-module (gnu packages admin) - #:use-module (gnu packages ci) - #:use-module (gnu packages databases) - #:use-module (gnu packages version-control) - #:use-module (gnu services) - #:use-module (gnu services base) - #:use-module (gnu services databases) - #:use-module (gnu services shepherd) - #:use-module (gnu services admin) - #:use-module (gnu system shadow) - #:use-module (srfi srfi-1) - #:use-module (ice-9 match) - #:export (cuirass-remote-server-configuration - cuirass-remote-server-configuration? + #:use-module (guix channels) + #:use-module (guix gexp) + #:use-module (guix records) + #:use-module (guix store) + #:use-module (guix utils) + #:use-module (gnu packages admin) + #:use-module (gnu packages ci) + #:use-module (gnu packages databases) + #:use-module (gnu packages version-control) + #:use-module (gnu services) + #:use-module (gnu services base) + #:use-module (gnu services databases) + #:use-module (gnu services shepherd) + #:use-module (gnu services admin) + #:use-module (gnu system shadow) + #:use-module (srfi srfi-1) + #:use-module (ice-9 match) + #:export (cuirass-remote-server-configuration + cuirass-remote-server-configuration? - cuirass-configuration - cuirass-configuration? - cuirass-service-type + cuirass-configuration + cuirass-configuration? + cuirass-service-type - cuirass-remote-worker-configuration - cuirass-remote-worker-configuration? - cuirass-remote-worker-service-type)) + cuirass-remote-worker-configuration + cuirass-remote-worker-configuration? + cuirass-remote-worker-service-type)) -;;;; Commentary: -;;; -;;; This module implements a service that to run instances of Cuirass, a -;;; continuous integration tool. -;;; -;;;; Code: - -(define %cuirass-default-database - "dbname=cuirass") +(define %cuirass-default-database "dbname=cuirass") (define-record-type* - cuirass-remote-server-configuration make-cuirass-remote-server-configuration - cuirass-remote-server-configuration? - (backend-port cuirass-remote-server-configuration-backend-port ;int - (default 5555)) - (log-port cuirass-remote-server-configuration-log-port ;int - (default 5556)) - (publish-port cuirass-remote-server-configuration-publish-port ;int - (default 5557)) - (log-file cuirass-remote-server-log-file ;string - (default "/var/log/cuirass-remote-server.log")) - (cache cuirass-remote-server-configuration-cache ;string - (default "/var/cache/cuirass/remote/")) - (publish? cuirass-remote-server-configuration-publish? ;boolean - (default #t)) - (trigger-url cuirass-remote-server-trigger-url ;string - (default #f)) - (public-key cuirass-remote-server-configuration-public-key ;string - (default #f)) - (private-key cuirass-remote-server-configuration-private-key ;string - (default #f))) + cuirass-remote-server-configuration make-cuirass-remote-server-configuration + cuirass-remote-server-configuration? + (backend-port cuirass-remote-server-configuration-backend-port ;int + (default 5555)) + (log-port cuirass-remote-server-configuration-log-port ;int + (default 5556)) + (publish-port cuirass-remote-server-configuration-publish-port ;int + (default 5557)) + (log-file cuirass-remote-server-log-file ;string + (default "/var/log/cuirass-remote-server.log")) + (cache cuirass-remote-server-configuration-cache ;string + (default "/var/cache/cuirass/remote/")) + (publish? cuirass-remote-server-configuration-publish? ;boolean + (default #t)) + (trigger-url cuirass-remote-server-trigger-url ;string + (default #f)) + (public-key cuirass-remote-server-configuration-public-key ;string + (default #f)) + (private-key cuirass-remote-server-configuration-private-key ;string + (default #f))) (define-record-type* - cuirass-configuration make-cuirass-configuration - cuirass-configuration? - (cuirass cuirass-configuration-cuirass ;file-like - (default cuirass)) - (log-file cuirass-configuration-log-file ;string - (default "/var/log/cuirass.log")) - (web-log-file cuirass-configuration-web-log-file ;string - (default "/var/log/cuirass-web.log")) - (cache-directory cuirass-configuration-cache-directory ;string (dir-name) - (default "/var/cache/cuirass")) - (user cuirass-configuration-user ;string - (default "cuirass")) - (group cuirass-configuration-group ;string - (default "cuirass")) - (interval cuirass-configuration-interval ;integer (seconds) - (default 60)) - (parameters cuirass-configuration-parameters ;string - (default #f)) - (remote-server cuirass-configuration-remote-server - (default #f)) - (database cuirass-configuration-database ;string - (default %cuirass-default-database)) - (port cuirass-configuration-port ;integer (port) - (default 8081)) - (host cuirass-configuration-host ;string - (default "localhost")) - (specifications cuirass-configuration-specifications) - ;gexp that evaluates to specification-alist - (use-substitutes? cuirass-configuration-use-substitutes? ;boolean - (default #f)) - (one-shot? cuirass-configuration-one-shot? ;boolean - (default #f)) - (fallback? cuirass-configuration-fallback? ;boolean - (default #f)) - (extra-options cuirass-configuration-extra-options - (default '())) - (http-proxy cuirass-configuration-http-proxy ;string - (default "")) - (https-proxy cuirass-configuration-https-proxy ;string - (default "")) - ) + cuirass-configuration make-cuirass-configuration + cuirass-configuration? + (cuirass cuirass-configuration-cuirass ;file-like + (default cuirass)) + (log-file cuirass-configuration-log-file ;string + (default "/var/log/cuirass.log")) + (web-log-file cuirass-configuration-web-log-file ;string + (default "/var/log/cuirass-web.log")) + (cache-directory cuirass-configuration-cache-directory ;string (dir-name) + (default "/var/cache/cuirass")) + (user cuirass-configuration-user ;string + (default "cuirass")) + (group cuirass-configuration-group ;string + (default "cuirass")) + (interval cuirass-configuration-interval ;integer (seconds) + (default 60)) + (parameters cuirass-configuration-parameters ;string + (default #f)) + (remote-server cuirass-configuration-remote-server + (default #f)) + (database cuirass-configuration-database ;string + (default %cuirass-default-database)) + (port cuirass-configuration-port ;integer (port) + (default 8081)) + (host cuirass-configuration-host ;string + (default "localhost")) + (specifications cuirass-configuration-specifications) + ;gexp that evaluates to specification-alist + (use-substitutes? cuirass-configuration-use-substitutes? ;boolean + (default #f)) + (one-shot? cuirass-configuration-one-shot? ;boolean + (default #f)) + (fallback? cuirass-configuration-fallback? ;boolean + (default #f)) + (extra-options cuirass-configuration-extra-options + (default '())) + (http-proxy cuirass-configuration-http-proxy ;string + (default "")) + (https-proxy cuirass-configuration-https-proxy ;string + (default "")) + ) (define (cuirass-shepherd-service config) "Return a for the Cuirass service with CONFIG." - (let ((cuirass (cuirass-configuration-cuirass config)) - (cache-directory (cuirass-configuration-cache-directory config)) - (web-log-file (cuirass-configuration-web-log-file config)) - (log-file (cuirass-configuration-log-file config)) - (user (cuirass-configuration-user config)) - (group (cuirass-configuration-group config)) - (interval (cuirass-configuration-interval config)) - (parameters (cuirass-configuration-parameters config)) - (remote-server (cuirass-configuration-remote-server config)) - (database (cuirass-configuration-database config)) - (port (cuirass-configuration-port config)) - (host (cuirass-configuration-host config)) - (specs (cuirass-configuration-specifications config)) + (let ((cuirass (cuirass-configuration-cuirass config)) + (cache-directory (cuirass-configuration-cache-directory config)) + (web-log-file (cuirass-configuration-web-log-file config)) + (log-file (cuirass-configuration-log-file config)) + (user (cuirass-configuration-user config)) + (group (cuirass-configuration-group config)) + (interval (cuirass-configuration-interval config)) + (parameters (cuirass-configuration-parameters config)) + (remote-server (cuirass-configuration-remote-server config)) + (database (cuirass-configuration-database config)) + (port (cuirass-configuration-port config)) + (host (cuirass-configuration-host config)) + (specs (cuirass-configuration-specifications config)) (use-substitutes? (cuirass-configuration-use-substitutes? config)) - (one-shot? (cuirass-configuration-one-shot? config)) - (fallback? (cuirass-configuration-fallback? config)) - (extra-options (cuirass-configuration-extra-options config)) - (http-proxy (cuirass-configuration-http-proxy config)) - (https-proxy (cuirass-configuration-https-proxy config))) + (one-shot? (cuirass-configuration-one-shot? config)) + (fallback? (cuirass-configuration-fallback? config)) + (extra-options (cuirass-configuration-extra-options config)) + (http-proxy (cuirass-configuration-http-proxy config)) + (https-proxy (cuirass-configuration-https-proxy config))) `(,(shepherd-service - (documentation "Run Cuirass.") - (provision '(cuirass)) - (requirement '(guix-daemon postgres postgres-roles networking)) - (start #~(make-forkexec-constructor - (list (string-append #$cuirass "/bin/cuirass") - "register" - "--cache-directory" #$cache-directory - "--specifications" - #$(scheme-file "cuirass-specs.scm" specs) - "--database" #$database - "--interval" #$(number->string interval) - #$@(if parameters + (documentation "Run Cuirass.") + (provision '(cuirass)) + (requirement '(guix-daemon postgres postgres-roles networking)) + (start #~(make-forkexec-constructor + (list (string-append #$cuirass "/bin/cuirass") + "register" + "--cache-directory" #$cache-directory + "--specifications" + #$(scheme-file "cuirass-specs.scm" specs) + "--database" #$database + "--interval" #$(number->string interval) + #$@(if parameters (list (string-append - "--parameters=" - parameters)) + "--parameters=" + parameters)) '()) - #$@(if remote-server '("--build-remote") '()) - #$@(if use-substitutes? '("--use-substitutes") '()) - #$@(if one-shot? '("--one-shot") '()) - #$@(if fallback? '("--fallback") '()) - #$@extra-options) + #$@(if remote-server '("--build-remote") '()) + #$@(if use-substitutes? '("--use-substitutes") '()) + #$@(if one-shot? '("--one-shot") '()) + #$@(if fallback? '("--fallback") '()) + #$@extra-options) - #:environment-variables - (list - "GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt" - (string-append "GIT_EXEC_PATH=" #$git "/libexec/git-core") - (string-append "http_proxy=" #$http-proxy) - (string-append "https_proxy=" #$http-proxy) - ;"http_proxy=http://proxy-upgrade.univ-nantes.prive:3128/" - ;"https_proxy=http://proxy-upgrade.univ-nantes.prive:3128/" - ) + #:environment-variables + (list + "GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt" + (string-append "GIT_EXEC_PATH=" #$git "/libexec/git-core") + (string-append "http_proxy=" #$http-proxy) + (string-append "https_proxy=" #$http-proxy) + ;"http_proxy=http://proxy-upgrade.univ-nantes.prive:3128/" + ;"https_proxy=http://proxy-upgrade.univ-nantes.prive:3128/" + ) - #:user #$user - #:group #$group - #:log-file #$log-file)) - (stop #~(make-kill-destructor))) - ,(shepherd-service - (documentation "Run Cuirass web interface.") - (provision '(cuirass-web)) - (requirement '(cuirass)) - (start #~(make-forkexec-constructor - (list (string-append #$cuirass "/bin/cuirass") - "web" - "--database" #$database - "--listen" #$host - "--port" #$(number->string port) - #$@(if parameters - (list (string-append - "--parameters=" - parameters)) - '()) - #$@extra-options) + #:user #$user + #:group #$group + #:log-file #$log-file)) + (stop #~(make-kill-destructor))) + ,(shepherd-service + (documentation "Run Cuirass web interface.") + (provision '(cuirass-web)) + (requirement '(cuirass)) + (start #~(make-forkexec-constructor + (list (string-append #$cuirass "/bin/cuirass") + "web" + "--database" #$database + "--listen" #$host + "--port" #$(number->string port) + #$@(if parameters + (list (string-append + "--parameters=" + parameters)) + '()) + #$@extra-options) - #:user #$user - #:group #$group - #:log-file #$web-log-file)) - (stop #~(make-kill-destructor))) - ,@(if remote-server - (match-record remote-server - (backend-port publish-port log-file cache publish? - trigger-url public-key private-key) - (list - (shepherd-service - (documentation "Run Cuirass remote build server.") - (provision '(cuirass-remote-server)) - (requirement '(avahi-daemon cuirass)) - (start #~(make-forkexec-constructor - (list (string-append #$cuirass "/bin/cuirass") - "remote-server" - (string-append "--database=" #$database) - (string-append "--cache=" #$cache) - (string-append "--user=" #$user) - #$@(if backend-port - (list (string-append - "--backend-port=" - (number->string backend-port))) - '()) - #$@(if publish-port - (list (string-append - "--publish-port=" - (number->string publish-port))) - '()) - #$@(if parameters - (list (string-append - "--parameters=" - parameters)) - '()) - #$@(if trigger-url - (list - (string-append - "--trigger-substitute-url=" - trigger-url)) - '()) - #$@(if publish? - '() - (list "--no-publish")) - #$@(if public-key - (list - (string-append "--public-key=" - public-key)) - '()) - #$@(if private-key - (list - (string-append "--private-key=" - private-key)) - '())) - #:environment-variables - (list - "GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt" - (string-append "GIT_EXEC_PATH=" #$git "/libexec/git-core") - (string-append "http_proxy=" #$http-proxy) - (string-append "https_proxy=" #$http-proxy) - ) - #:log-file #$log-file)) - (stop #~(make-kill-destructor))))) - '())))) + #:user #$user + #:group #$group + #:log-file #$web-log-file)) + (stop #~(make-kill-destructor))) + ,@(if remote-server + (match-record remote-server + (backend-port publish-port log-file cache publish? + trigger-url public-key private-key) + (list + (shepherd-service + (documentation "Run Cuirass remote build server.") + (provision '(cuirass-remote-server)) + (requirement '(avahi-daemon cuirass)) + (start #~(make-forkexec-constructor + (list (string-append #$cuirass "/bin/cuirass") + "remote-server" + (string-append "--database=" #$database) + (string-append "--cache=" #$cache) + (string-append "--user=" #$user) + #$@(if backend-port + (list (string-append + "--backend-port=" + (number->string backend-port))) + '()) + #$@(if publish-port + (list (string-append + "--publish-port=" + (number->string publish-port))) + '()) + #$@(if parameters + (list (string-append + "--parameters=" + parameters)) + '()) + #$@(if trigger-url + (list + (string-append + "--trigger-substitute-url=" + trigger-url)) + '()) + #$@(if publish? + '() + (list "--no-publish")) + #$@(if public-key + (list + (string-append "--public-key=" + public-key)) + '()) + #$@(if private-key + (list + (string-append "--private-key=" + private-key)) + '())) + #:environment-variables + (list + "GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt" + (string-append "GIT_EXEC_PATH=" #$git "/libexec/git-core") + (string-append "http_proxy=" #$http-proxy) + (string-append "https_proxy=" #$http-proxy) + ) + #:log-file #$log-file)) + (stop #~(make-kill-destructor))))) + '())))) (define (cuirass-account config) "Return the user accounts and user groups for CONFIG." - (let ((cuirass-user (cuirass-configuration-user config)) + (let ((cuirass-user (cuirass-configuration-user config)) (cuirass-group (cuirass-configuration-group config))) (list (user-group - (name cuirass-group) - (system? #t)) + (name cuirass-group) + (system? #t)) (user-account - (name cuirass-user) - (group cuirass-group) - (system? #t) - (comment "Cuirass privilege separation user") - (home-directory (string-append "/var/lib/" cuirass-user)) - (shell (file-append shadow "/sbin/nologin")))))) + (name cuirass-user) + (group cuirass-group) + (system? #t) + (comment "Cuirass privilege separation user") + (home-directory (string-append "/var/lib/" cuirass-user)) + (shell (file-append shadow "/sbin/nologin")))))) (define (cuirass-postgresql-role config) (let ((user (cuirass-configuration-user config))) (list (postgresql-role - (name user) - (create-database? #t))))) + (name user) + (create-database? #t))))) (define (cuirass-activation config) "Return the activation code for CONFIG." - (let* ((cache (cuirass-configuration-cache-directory config)) - (remote-server (cuirass-configuration-remote-server config)) - (remote-cache (and remote-server - (cuirass-remote-server-configuration-cache - remote-server))) - (user (cuirass-configuration-user config)) - (log "/var/log/cuirass") - (profile (string-append "/var/guix/profiles/per-user/" user)) - (roots (string-append profile "/cuirass")) - (group (cuirass-configuration-group config))) + (let* ((cache (cuirass-configuration-cache-directory config)) + (remote-server (cuirass-configuration-remote-server config)) + (remote-cache (and remote-server + (cuirass-remote-server-configuration-cache + remote-server))) + (user (cuirass-configuration-user config)) + (log "/var/log/cuirass") + (profile (string-append "/var/guix/profiles/per-user/" user)) + (roots (string-append profile "/cuirass")) + (group (cuirass-configuration-group config))) (with-imported-modules '((guix build utils)) - #~(begin - (use-modules (guix build utils)) + #~(begin + (use-modules (guix build utils)) - (mkdir-p #$cache) - (mkdir-p #$log) - (mkdir-p #$roots) + (mkdir-p #$cache) + (mkdir-p #$log) + (mkdir-p #$roots) - (when #$remote-cache - (mkdir-p #$remote-cache)) + (when #$remote-cache + (mkdir-p #$remote-cache)) - (let ((uid (passwd:uid (getpw #$user))) - (gid (group:gid (getgr #$group)))) - (chown #$cache uid gid) - (chown #$log uid gid) - (chown #$roots uid gid) - (chown #$profile uid gid) + (let ((uid (passwd:uid (getpw #$user))) + (gid (group:gid (getgr #$group)))) + (chown #$cache uid gid) + (chown #$log uid gid) + (chown #$roots uid gid) + (chown #$profile uid gid) - (when #$remote-cache - (chown #$remote-cache uid gid))))))) + (when #$remote-cache + (chown #$remote-cache uid gid))))))) (define (cuirass-log-rotations config) "Return the list of log rotations that corresponds to CONFIG." (list (log-rotation - (files (list (cuirass-configuration-log-file config) - (cuirass-configuration-web-log-file config))) - (frequency 'weekly) - (options '("rotate 40"))))) ;worth keeping + (files (list (cuirass-configuration-log-file config) + (cuirass-configuration-web-log-file config))) + (frequency 'weekly) + (options '("rotate 40"))))) ;worth keeping (define cuirass-service-type (service-type - (name 'cuirass) - (extensions - (list - (service-extension profile-service-type ;for 'info cuirass' - (compose list cuirass-configuration-cuirass)) - (service-extension rottlog-service-type cuirass-log-rotations) - (service-extension activation-service-type cuirass-activation) - (service-extension shepherd-root-service-type cuirass-shepherd-service) - (service-extension account-service-type cuirass-account) - ;; Make sure postgresql and postgresql-role are instantiated. - (service-extension postgresql-service-type (const #t)) - (service-extension postgresql-role-service-type - cuirass-postgresql-role))) - (description - "Run the Cuirass continuous integration service."))) + (name 'cuirass) + (extensions + (list + (service-extension profile-service-type ;for 'info cuirass' + (compose list cuirass-configuration-cuirass)) + (service-extension rottlog-service-type cuirass-log-rotations) + (service-extension activation-service-type cuirass-activation) + (service-extension shepherd-root-service-type cuirass-shepherd-service) + (service-extension account-service-type cuirass-account) + ;; Make sure postgresql and postgresql-role are instantiated. + (service-extension postgresql-service-type (const #t)) + (service-extension postgresql-role-service-type + cuirass-postgresql-role))) + (description + "Run the Cuirass continuous integration service."))) (define-record-type* - cuirass-remote-worker-configuration make-cuirass-remote-worker-configuration - cuirass-remote-worker-configuration? - (cuirass cuirass-remote-worker-configuration-cuirass ;file-like - (default cuirass)) - (workers cuirass-remote-worker-workers ;int - (default 1)) - (server cuirass-remote-worker-server ;string - (default #f)) - (systems cuirass-remote-worker-systems ;list - (default (list (%current-system)))) - (log-file cuirass-remote-worker-log-file ;string - (default "/var/log/cuirass-remote-worker.log")) - (publish-port cuirass-remote-worker-configuration-publish-port ;int - (default 5558)) - (substitute-urls cuirass-remote-worker-configuration-substitute-urls - (default %default-substitute-urls)) ;list of strings - (public-key cuirass-remote-worker-configuration-public-key ;string - (default #f)) - (private-key cuirass-remote-worker-configuration-private-key ;string - (default #f))) + cuirass-remote-worker-configuration make-cuirass-remote-worker-configuration + cuirass-remote-worker-configuration? + (cuirass cuirass-remote-worker-configuration-cuirass ;file-like + (default cuirass)) + (workers cuirass-remote-worker-workers ;int + (default 1)) + (server cuirass-remote-worker-server ;string + (default #f)) + (systems cuirass-remote-worker-systems ;list + (default (list (%current-system)))) + (log-file cuirass-remote-worker-log-file ;string + (default "/var/log/cuirass-remote-worker.log")) + (publish-port cuirass-remote-worker-configuration-publish-port ;int + (default 5558)) + (substitute-urls cuirass-remote-worker-configuration-substitute-urls + (default %default-substitute-urls)) ;list of strings + (public-key cuirass-remote-worker-configuration-public-key ;string + (default #f)) + (private-key cuirass-remote-worker-configuration-private-key ;string + (default #f))) (define (cuirass-remote-worker-shepherd-service config) "Return a for the Cuirass remote worker service with -CONFIG." + CONFIG." (match-record config - (cuirass workers server systems log-file publish-port - substitute-urls public-key private-key) - (list (shepherd-service - (documentation "Run Cuirass remote build worker.") - (provision '(cuirass-remote-worker)) - (requirement '(avahi-daemon guix-daemon networking)) - (start #~(make-forkexec-constructor - (list (string-append #$cuirass "/bin/cuirass") - "remote-worker" - (string-append "--workers=" - #$(number->string workers)) - #$@(if server - (list (string-append "--server=" server)) - '()) - #$@(if systems - (list (string-append - "--systems=" - (string-join systems ","))) - '()) - #$@(if publish-port - (list (string-append - "--publish-port=" - (number->string publish-port))) - '()) - #$@(if substitute-urls - (list (string-append - "--substitute-urls=" - (string-join substitute-urls))) - '()) - #$@(if public-key - (list - (string-append "--public-key=" - public-key)) - '()) - #$@(if private-key - (list - (string-append "--private-key=" - private-key)) - '())) - #:environment-variables - (list - "GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt" - (string-append "GIT_EXEC_PATH=" #$git "/libexec/git-core") - (string-append "http_proxy=" #$http-proxy) - (string-append "https_proxy=" #$http-proxy) - ) - #:log-file #$log-file)) - (stop #~(make-kill-destructor)))))) + (cuirass workers server systems log-file publish-port + substitute-urls public-key private-key) + (list (shepherd-service + (documentation "Run Cuirass remote build worker.") + (provision '(cuirass-remote-worker)) + (requirement '(avahi-daemon guix-daemon networking)) + (start #~(make-forkexec-constructor + (list (string-append #$cuirass "/bin/cuirass") + "remote-worker" + (string-append "--workers=" + #$(number->string workers)) + #$@(if server + (list (string-append "--server=" server)) + '()) + #$@(if systems + (list (string-append + "--systems=" + (string-join systems ","))) + '()) + #$@(if publish-port + (list (string-append + "--publish-port=" + (number->string publish-port))) + '()) + #$@(if substitute-urls + (list (string-append + "--substitute-urls=" + (string-join substitute-urls))) + '()) + #$@(if public-key + (list + (string-append "--public-key=" + public-key)) + '()) + #$@(if private-key + (list + (string-append "--private-key=" + private-key)) + '())) + #:environment-variables + (list + "GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt" + (string-append "GIT_EXEC_PATH=" #$git "/libexec/git-core") + (string-append "http_proxy=" #$http-proxy) + (string-append "https_proxy=" #$http-proxy) + ) + #:log-file #$log-file)) + (stop #~(make-kill-destructor)))))) (define cuirass-remote-worker-service-type (service-type - (name 'cuirass-remote-worker) - (extensions - (list - (service-extension shepherd-root-service-type - cuirass-remote-worker-shepherd-service))) - (description - "Run the Cuirass remote build worker service."))) + (name 'cuirass-remote-worker) + (extensions (list + (service-extension shepherd-root-service-type + cuirass-remote-worker-shepherd-service))) + (description "Run the Cuirass remote build worker service."))) diff --git a/glicid/services/file-systems.scm b/glicid/services/file-systems.scm index cce4abc..cb96352 100644 --- a/glicid/services/file-systems.scm +++ b/glicid/services/file-systems.scm @@ -1,73 +1,50 @@ (define-module (glicid services file-systems) - #:use-module (gnu services) - #:use-module (gnu services shepherd) - #:use-module (guix) - #:use-module (guix gexp) - #:use-module (guix records) - #:use-module (ice-9 match) - #:use-module (gnu packages file-systems) - #:export ( - %default-autofs-conf - autofs-configuration - autofs-configuration? - autofs-service - autofs-service-type - ) -) - + #:use-module (gnu services) + #:use-module (gnu services shepherd) + #:use-module (guix) + #:use-module (guix gexp) + #:use-module (guix records) + #:use-module (ice-9 match) + #:use-module (gnu packages file-systems) + #:export ( + %default-autofs-conf + autofs-configuration + autofs-configuration? + autofs-service + autofs-service-type + )) (define %default-autofs-conf (plain-file "autofs" " - # Empty file as we do nothing by default - ") -) + # Empty file as we do nothing by default + ")) -(define-record-type* +(define-record-type* + autofs-configuration make-autofs-configuration autofs-configuration? - (autofs autofs-configuration-autofs - (default autofs) - ) - (config-file autofs-config-file - (default %default-autofs-conf) - ) - (log-file autofs-log-file - (default "/var/log/autofs.log") - ) -) + (autofs-pkg autofs-pkg (default autofs)) + (autofs-config-file autofs-config-file (default %default-autofs-conf)) + (log-file autofs-log-file (default "/var/log/autofs.log"))) (define autofs-service (match-lambda - (($ autofs config-file log-file) - (list - (shepherd-service - (provision '(autofs) ) - (documentation "Run autofs.") - (requirement '(user-processes)) - (respawn? #t) - (start #~(make-forkexec-constructor - (list - #$(file-append autofs "/sbin/automount") - "-d" "-f" - ) - #:log-file #$log-file - )) - (stop #~(make-kill-destructor)) - ) - ) - ) - ) -) + (($ autofs-pkg autofs-config-file log-file) + (list + (shepherd-service + (provision '(autofs)) + (documentation "Run autofs.") + (requirement '(user-processes)) + (respawn? #t) + (start #~(make-forkexec-constructor + (list + #$(file-append autofs-pkg "/sbin/automount") "-d" "-f") + #:log-file #$log-file + )) + (stop #~(make-kill-destructor))))))) (define autofs-service-type - (service-type (name 'autofs) - (extensions - (list ( - service-extension - shepherd-root-service-type - autofs-service - )) - ) - (description "Run autofs") - ) -) - + (service-type + (name 'autofs) + (extensions (list + (service-extension shepherd-root-service-type autofs-service))) + (description "Run autofs"))) diff --git a/glicid/services/networking.scm b/glicid/services/networking.scm index 1e90e99..a97b6fd 100644 --- a/glicid/services/networking.scm +++ b/glicid/services/networking.scm @@ -1,98 +1,72 @@ (define-module (glicid services networking) - #:use-module (gnu packages bash) - #:use-module (gnu packages networking) - #:use-module (gnu services) - #:use-module (gnu services shepherd) - #:use-module (gnu system shadow) - #:use-module (guix) - #:use-module (guix records) - #:use-module (ice-9 match) - #: export ( - squid-configuration - squid-configuration? - squid-shepherd-service - squid-service-type - ) -) + #:use-module (gnu packages bash) + #:use-module (gnu packages networking) + #:use-module (gnu services) + #:use-module (gnu services shepherd) + #:use-module (gnu system shadow) + #:use-module (guix) + #:use-module (guix records) + #:use-module (ice-9 match) + #: export ( + squid-configuration + squid-configuration? + squid-shepherd-service + squid-service-type + )) -(define-record-type* +(define-record-type* + squid-configuration make-squid-configuration squid-configuration? - (squid squid-configuration-squid - (default squid) + (squid-pkg squid-pkg (default squid)) + (squid-port squid-port (default 3128)) + (squid-loglevel squid-loglevel (default 1)) + (squid-config-file squid-config-file (default (file-append squid "/etc/squid.conf"))) + (pid-file squid-pid-file (default "/var/run/squid/squid.pid")) + (log-file squid-log-file (default "/var/log/squid/squid.log")) ) - (port squid-configuration-port - (default 3128) - ) - (loglevel squid-configuration-loglevel - (default 1) - ) - (pid-file squid-configuration-pid-file - (default "/var/run/squid/squid.pid") - ) - (config-file squid-configuration-config-file - (default (file-append squid "/etc/squid.conf")) - ) - (log-file squid-configuration-log-file - (default "/var/log/squid/squid.log") - ) -) (define squid-shepherd-service (match-lambda - (($ squid port loglevel pid-file config-file log-file) - (list - (shepherd-service - (provision '(squid) ) - (documentation "Run squid.") - (requirement '(user-processes)) - (respawn? #t) - (start #~(make-forkexec-constructor - (list - #$(file-append squid "/sbin/squid") - "-f" #$config-file - ) - #:pid-file #$pid-file - #:log-file #$log-file - #:user (passwd:uid (getpwnam "squid")) - #:group (passwd:gid (getpwnam "squid")) - #:resource-limits '((nofile 16384 16384)) - )) - (stop #~(make-kill-destructor)) - ) - ) - ) - ) -) + (($ squid-pkg squid-port squid-loglevel squid-config-file pid-file log-file) + (list + (shepherd-service + (provision '(squid)) + (documentation "Run squid.") + (requirement '(user-processes)) + (respawn? #t) + (start #~(make-forkexec-constructor + (list + #$(file-append squid-pkg "/sbin/squid") + "-f" #$squid-config-file + ) + #:pid-file #$pid-file + #:log-file #$log-file + #:user (passwd:uid (getpwnam "squid")) + #:group (passwd:gid (getpwnam "squid")) + #:resource-limits '((nofile 16384 16384)))) + (stop #~(make-kill-destructor))))))) (define %squid-activation - (with-imported-modules '((guix build utils)) - #~(begin - (use-modules (guix build utils)) - (define (touch file-name) - (call-with-output-file file-name (const #t)) - ) - (mkdir-p "/var/run/squid") - (mkdir-p "/var/log/squid") - (mkdir-p "/var/cache/squid") - (mkdir-p "/var/spool/squid") - (touch "/var/log/squid/squid.log") - (touch "/var/log/squid/squid_access.log") - (touch "/var/log/squid/squid_cache.log") - (touch "/var/log/squid/squid_cache_store.log") - (chown "/var/run/squid" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) - (chown "/var/cache/squid" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) - (chown "/var/log/squid" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) - (chown "/var/spool/squid" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) - (chown "/var/log/squid/squid.log" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) - (chown "/var/log/squid/squid_access.log" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) - (chown "/var/log/squid/squid_cache.log" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) - (chown "/var/log/squid/squid_cache_store.log" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) - #t - ) - ) -) + #~(begin + (mkdir-p "/var/run/squid") + (mkdir-p "/var/log/squid") + (mkdir-p "/var/cache/squid") + (mkdir-p "/var/spool/squid") + (touch "/var/log/squid/squid.log") + (touch "/var/log/squid/squid_access.log") + (touch "/var/log/squid/squid_cache.log") + (touch "/var/log/squid/squid_cache_store.log") + (chown "/var/run/squid" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) + (chown "/var/cache/squid" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) + (chown "/var/log/squid" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) + (chown "/var/spool/squid" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) + (chown "/var/log/squid/squid.log" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) + (chown "/var/log/squid/squid_access.log" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) + (chown "/var/log/squid/squid_cache.log" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) + (chown "/var/log/squid/squid_cache_store.log" (passwd:uid (getpwnam "squid")) (passwd:gid (getpwnam "squid"))) + #t )) (define %squid-accounts (list @@ -103,20 +77,13 @@ (system? #t) (comment "Squid server user") (home-directory "/var/spool/squid") - (shell (file-append bash "/bin/bash")) - ) - ) -) + (shell (file-append bash "/bin/bash"))))) (define squid-service-type - (service-type (name 'squid) - (extensions - (list - (service-extension shepherd-root-service-type squid-shepherd-service) - (service-extension activation-service-type (const %squid-activation)) - (service-extension account-service-type (const %squid-accounts)) - ) - ) - (description "Run @uref{http://www.squid-cache.org/, squid} community developped Squid software.") - ) -) + (service-type + (name 'squid) + (extensions (list + (service-extension shepherd-root-service-type squid-shepherd-service) + (service-extension activation-service-type (const %squid-activation)) + (service-extension account-service-type (const %squid-accounts)))) + (description "Run @uref{http://www.squid-cache.org/, squid} community developped Squid software."))) diff --git a/glicid/services/openldap.scm b/glicid/services/openldap.scm index 8cd4964..e6d526f 100644 --- a/glicid/services/openldap.scm +++ b/glicid/services/openldap.scm @@ -1,87 +1,59 @@ (define-module (glicid services openldap) - #:use-module (gnu packages openldap) - #:use-module (gnu services) - #:use-module (gnu services shepherd) - #:use-module (guix) - #:use-module (guix records) - #:use-module (ice-9 match) - #: export ( - openldap-configuration - openldap-configuration? - openldap-shepherd-service - openldap-service-type - ) -) + #:use-module (gnu packages openldap) + #:use-module (gnu services) + #:use-module (gnu services shepherd) + #:use-module (guix) + #:use-module (guix records) + #:use-module (ice-9 match) + #: export ( + openldap-configuration + openldap-configuration? + openldap-shepherd-service + openldap-service-type + )) -(define-record-type* +(define-record-type* + openldap-configuration make-openldap-configuration openldap-configuration? - (openldap openldap-configuration-openldap - (default openldap) - ) - (uri openldap-configuration-uri - (default "ldapi:// ldap://") - ) - (logflags openldap-configuration-logflags - (default "0") - ) - (pid-file openldap-configuration-pid-file - (default "/var/run/openldap/slapd.pid") - ) - (config-file openldap-configuration-config-file - (default (file-append openldap "/etc/openldap/slapd.conf")) - ) - (log-file openldap-configuration-log-file - (default "/var/log/slapd.log") - ) -) + (openldap-pkg openldap-pkg (default openldap)) + (uri openldap-uri (default "ldapi:// ldap://")) + (logflags openldap-logflags (default "0")) + (pid-file openldap-pid-file (default "/var/run/openldap/slapd.pid")) + (config-file openldap--config-file (default (file-append openldap "/etc/openldap/slapd.conf"))) + (log-file openldap-log-file (default "/var/log/slapd.log"))) (define openldap-shepherd-service (match-lambda - (($ openldap uri logflags pid-file config-file log-file) - (list - (shepherd-service - (provision '(slapd) ) - (documentation "Run openldap.") - (requirement '(user-processes)) - (respawn? #t) - (start #~(make-forkexec-constructor - (list - #$(file-append openldap "/libexec/slapd") - "-h" #$uri - "-d" #$logflags - "-f" #$config-file - ) - #:pid-file #$pid-file - #:log-file #$log-file - )) - (stop #~(make-kill-destructor)) - ) - ) - ) - ) -) + (($ openldap-pkg uri logflags pid-file config-file log-file) + (list + (shepherd-service + (provision '(slapd)) + (documentation "Run openldap.") + (requirement '(user-processes)) + (respawn? #t) + (start #~(make-forkexec-constructor + (list + #$(file-append openldap "/libexec/slapd") + "-h" #$uri + "-d" #$logflags + "-f" #$config-file + ) + #:pid-file #$pid-file + #:log-file #$log-file )) + (stop #~(make-kill-destructor))))))) (define %openldap-activation - (with-imported-modules '((guix build utils)) - #~(begin - (use-modules (guix build utils)) - (mkdir-p "/var/run/openldap") - (mkdir-p "/var/lib/ldap") - #t - ) - ) -) + #~(begin + (mkdir-p "/var/run/openldap") + (mkdir-p "/var/lib/ldap") + #t )) (define openldap-service-type - (service-type (name 'slapd) - (extensions - (list - (service-extension shepherd-root-service-type openldap-shepherd-service) - (service-extension activation-service-type (const %openldap-activation)) - ) - ) - (description "Run @uref{https://www.openldap.org, Openldap} community developped LDAP software.") - ) -) + (service-type + (name 'slapd) + (extensions (list + (service-extension shepherd-root-service-type openldap-shepherd-service) + (service-extension activation-service-type (const %openldap-activation)))) + (description "Run @uref{https://www.openldap.org, Openldap} community developped LDAP software."))) diff --git a/glicid/services/parallel.scm b/glicid/services/parallel.scm index e8fa7e6..6de1068 100644 --- a/glicid/services/parallel.scm +++ b/glicid/services/parallel.scm @@ -70,12 +70,9 @@ (define munged-service-type (service-type (name 'munged) - (extensions - (list - (service-extension shepherd-root-service-type munged-service) - (service-extension activation-service-type (const %munged-activation)) - ) - ) + (extensions (list + (service-extension shepherd-root-service-type munged-service) + (service-extension activation-service-type (const %munged-activation)) ) ) (description "Run munged"))) ; @@ -150,13 +147,10 @@ (define slurmdbd-service-type (service-type (name 'slurmdbd) - (extensions - (list - (service-extension shepherd-root-service-type slurmdbd-service) - (service-extension activation-service-type (const %slurmdbd-activation)) - (service-extension account-service-type (const %slurm-accounts)) - ) - ) + (extensions (list + (service-extension shepherd-root-service-type slurmdbd-service) + (service-extension activation-service-type (const %slurmdbd-activation)) + (service-extension account-service-type (const %slurm-accounts)) ) ) (description "Run slurmdbd"))) ; @@ -216,13 +210,10 @@ (define slurmctld-service-type (service-type (name 'slurmctld) - (extensions - (list - (service-extension shepherd-root-service-type slurmctld-service) - (service-extension activation-service-type (const %slurmctld-activation)) - (service-extension account-service-type (const %slurm-accounts)) - ) - ) + (extensions (list + (service-extension shepherd-root-service-type slurmctld-service) + (service-extension activation-service-type (const %slurmctld-activation)) + (service-extension account-service-type (const %slurm-accounts)) ) ) (description "Run slurmctld"))) ; @@ -280,11 +271,8 @@ (define slurmd-service-type (service-type (name 'slurmd) - (extensions - (list - (service-extension shepherd-root-service-type slurmd-service) - (service-extension activation-service-type (const %slurmd-activation)) - (service-extension account-service-type (const %slurm-accounts)) - ) - ) + (extensions (list + (service-extension shepherd-root-service-type slurmd-service) + (service-extension activation-service-type (const %slurmd-activation)) + (service-extension account-service-type (const %slurm-accounts)) ) ) (description "Run slurmd"))) diff --git a/glicid/services/rc-local.scm b/glicid/services/rc-local.scm index 8d67a95..0bac40e 100644 --- a/glicid/services/rc-local.scm +++ b/glicid/services/rc-local.scm @@ -1,71 +1,47 @@ (define-module (glicid services rc-local) - #:use-module (gnu services) - #:use-module (gnu services shepherd) - #:use-module (guix) - #:use-module (guix records) - #:use-module (ice-9 match) - #:use-module (gnu packages bash) - #:export ( - %default-rc-local-conf - rc-local-configuration - rc-local-configuration? - rc-local-service - rc-local-service-type - ) -) + #:use-module (gnu services) + #:use-module (gnu services shepherd) + #:use-module (guix) + #:use-module (guix records) + #:use-module (ice-9 match) + #:use-module (gnu packages bash) + #:export ( + %default-rc-local-conf + rc-local-configuration + rc-local-configuration? + rc-local-service + rc-local-service-type)) (define %default-rc-local-conf (plain-file "rc-local" " - # Empty file as we do nothing by default - ") -) + # Empty file as we do nothing by default + ")) -(define-record-type* +(define-record-type* + rc-local-configuration make-rc-local-configuration rc-local-configuration? - (config-file rc-local-config-file - (default %default-rc-local-conf) - ) - (log-file rc-local-log-file - (default "/var/log/rc-local.log") - ) -) + (config-file rc-local-config-file (default %default-rc-local-conf)) + (log-file log-file (default "/var/log/rc-local.log"))) (define rc-local-service (match-lambda (($ config-file log-file) - (list - (shepherd-service - (provision '(rc-local) ) - (documentation "Run rc-local.") - (requirement '(user-processes)) - (respawn? #f) - (one-shot? #t) - (start #~(make-forkexec-constructor - (list - #$(file-append bash "/bin/bash") - "-l" - #$config-file - ) - #:log-file #$log-file - )) - (stop #~(make-kill-destructor)) - ) - ) - ) - ) -) + (list + (shepherd-service + (provision '(rc-local)) + (documentation "Run rc-local.") + (requirement '(user-processes)) + (respawn? #f) + (one-shot? #t) + (start #~(make-forkexec-constructor + (list #$(file-append bash "/bin/bash") "-l" #$config-file) + #:log-file #$log-file )) + (stop #~(make-kill-destructor))))))) (define rc-local-service-type - (service-type (name 'rc-local) - (extensions - (list ( - service-extension - shepherd-root-service-type - rc-local-service - )) - ) - (description "Run a script in a rc-local like form") - ) -) + (service-type + (name 'rc-local) + (extensions (list (service-extension shepherd-root-service-type rc-local-service))) + (description "Run a script in a rc-local like form")))