| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731 |
- ;;; GNU Guix --- Functional package management for GNU
- ;;; Copyright © 2019 Christopher Baines <mail@cbaines.net>
- ;;;
- ;;; This file is part of GNU Guix.
- ;;;
- ;;; GNU Guix is free software; you can redistribute it and/or modify
- ;;; it under the terms of the GNU General Public License as published by
- ;;; the Free Software Foundation, either version 3 of the License, or
- ;;; (at your option) any later version.
- ;;;
- ;;; GNU Guix is distributed in the hope that it will be useful,
- ;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
- ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- ;;; GNU General Public License for more details.
- ;;;
- ;;; You should have received a copy of the GNU General Public License
- ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
- (define-module (gnu services guix)
- #:use-module (srfi srfi-1)
- #:use-module (ice-9 match)
- #:use-module (guix gexp)
- #:use-module (guix records)
- #:use-module (guix packages)
- #:use-module ((gnu packages base)
- #:select (glibc-utf8-locales))
- #:use-module (gnu packages admin)
- #:use-module (gnu packages databases)
- #:use-module (gnu packages web)
- #:use-module (gnu packages guile)
- #:use-module (gnu packages guile-xyz)
- #:use-module (gnu packages package-management)
- #:use-module (gnu services)
- #:use-module (gnu services base)
- #:use-module (gnu services admin)
- #:use-module (gnu services shepherd)
- #:use-module (gnu services getmail)
- #:use-module (gnu system shadow)
- #:export (guix-build-coordinator-configuration
- guix-build-coordinator-configuration?
- guix-build-coordinator-configuration-package
- guix-build-coordinator-configuration-user
- guix-build-coordinator-configuration-group
- guix-build-coordinator-configuration-datastore-uri-string
- guix-build-coordinator-configuration-agent-communication-uri-string
- guix-build-coordinator-configuration-client-communication-uri-string
- guix-build-coordinator-configuration-allocation-strategy
- guix-build-coordinator-configuration-hooks
- guix-build-coordinator-configuration-guile
- guix-build-coordinator-service-type
- guix-build-coordinator-agent-configuration
- guix-build-coordinator-agent-configuration?
- guix-build-coordinator-agent-configuration-package
- guix-build-coordinator-agent-configuration-user
- guix-build-coordinator-agent-configuration-coordinator
- guix-build-coordinator-agent-configuration-authentication
- guix-build-coordinator-agent-configuration-systems
- guix-build-coordinator-agent-configuration-max-parallel-builds
- guix-build-coordinator-agent-configuration-max-1min-load-average
- guix-build-coordinator-agent-configuration-derivation-substitute-urls
- guix-build-coordinator-agent-configuration-non-derivation-substitute-urls
- guix-build-coordinator-agent-password-auth
- guix-build-coordinator-agent-password-auth?
- guix-build-coordinator-agent-password-auth-uuid
- guix-build-coordinator-agent-password-auth-password
- guix-build-coordinator-agent-password-file-auth
- guix-build-coordinator-agent-password-file-auth?
- guix-build-coordinator-agent-password-file-auth-uuid
- guix-build-coordinator-agent-password-file-auth-password-file
- guix-build-coordinator-agent-dynamic-auth
- guix-build-coordinator-agent-dynamic-auth?
- guix-build-coordinator-agent-dynamic-auth-agent-name
- guix-build-coordinator-agent-dynamic-auth-token
- guix-build-coordinator-agent-dynamic-auth-with-file
- guix-build-coordinator-agent-dynamic-auth-with-file?
- guix-build-coordinator-agent-dynamic-auth-with-file-agent-name
- guix-build-coordinator-agent-dynamic-auth-with-file-token-file
- guix-build-coordinator-agent-service-type
- guix-build-coordinator-queue-builds-configuration
- guix-build-coordinator-queue-builds-configuration?
- guix-build-coordinator-queue-builds-configuration-package
- guix-build-coordinator-queue-builds-configuration-user
- guix-build-coordinator-queue-builds-coordinator
- guix-build-coordinator-queue-builds-configuration-systems
- guix-build-coordinator-queue-builds-configuration-system-and-targets
- guix-build-coordinator-queue-builds-configuration-guix-data-service
- guix-build-coordinator-queue-builds-configuration-processed-commits-file
- guix-build-coordinator-queue-builds-service-type
- <guix-data-service-configuration>
- guix-data-service-configuration
- guix-data-service-configuration?
- guix-data-service-package
- guix-data-service-user
- guix-data-service-group
- guix-data-service-port
- guix-data-service-host
- guix-data-service-getmail-idle-mailboxes
- guix-data-service-commits-getmail-retriever-configuration
- guix-data-service-type))
- ;;;; Commentary:
- ;;;
- ;;; Services specifically related to GNU Guix.
- ;;;
- ;;;; Code:
- (define-record-type* <guix-build-coordinator-configuration>
- guix-build-coordinator-configuration make-guix-build-coordinator-configuration
- guix-build-coordinator-configuration?
- (package guix-build-coordinator-configuration-package
- (default guix-build-coordinator))
- (user guix-build-coordinator-configuration-user
- (default "guix-build-coordinator"))
- (group guix-build-coordinator-configuration-group
- (default "guix-build-coordinator"))
- (database-uri-string
- guix-build-coordinator-configuration-datastore-uri-string
- (default "sqlite:///var/lib/guix-build-coordinator/guix_build_coordinator.db"))
- (agent-communication-uri-string
- guix-build-coordinator-configuration-agent-communication-uri-string
- (default "http://0.0.0.0:8745"))
- (client-communication-uri-string
- guix-build-coordinator-configuration-client-communication-uri-string
- (default "http://127.0.0.1:8746"))
- (allocation-strategy
- guix-build-coordinator-configuration-allocation-strategy
- (default #~basic-build-allocation-strategy))
- (hooks guix-build-coordinator-configuration-hooks
- (default '()))
- (guile guix-build-coordinator-configuration-guile
- (default guile-3.0-latest)))
- (define-record-type* <guix-build-coordinator-agent-configuration>
- guix-build-coordinator-agent-configuration
- make-guix-build-coordinator-agent-configuration
- guix-build-coordinator-agent-configuration?
- (package guix-build-coordinator-agent-configuration-package
- (default guix-build-coordinator))
- (user guix-build-coordinator-agent-configuration-user
- (default "guix-build-coordinator-agent"))
- (coordinator guix-build-coordinator-agent-configuration-coordinator
- (default "http://localhost:8745"))
- (authentication guix-build-coordinator-agent-configuration-authentication)
- (systems guix-build-coordinator-agent-configuration-systems
- (default #f))
- (max-parallel-builds
- guix-build-coordinator-agent-configuration-max-parallel-builds
- (default 1))
- (max-1min-load-average
- guix-build-coordinator-agent-configuration-max-1min-load-average
- (default #f))
- (derivation-substitute-urls
- guix-build-coordinator-agent-configuration-derivation-substitute-urls
- (default #f))
- (non-derivation-substitute-urls
- guix-build-coordinator-agent-configuration-non-derivation-substitute-urls
- (default #f)))
- (define-record-type* <guix-build-coordinator-agent-password-auth>
- guix-build-coordinator-agent-password-auth
- make-guix-build-coordinator-agent-password-auth
- guix-build-coordinator-agent-password-auth?
- (uuid guix-build-coordinator-agent-password-auth-uuid)
- (password guix-build-coordinator-agent-password-auth-password))
- (define-record-type* <guix-build-coordinator-agent-password-file-auth>
- guix-build-coordinator-agent-password-file-auth
- make-guix-build-coordinator-agent-password-file-auth
- guix-build-coordinator-agent-password-file-auth?
- (uuid guix-build-coordinator-agent-password-file-auth-uuid)
- (password-file
- guix-build-coordinator-agent-password-file-auth-password-file))
- (define-record-type* <guix-build-coordinator-agent-dynamic-auth>
- guix-build-coordinator-agent-dynamic-auth
- make-guix-build-coordinator-agent-dynamic-auth
- guix-build-coordinator-agent-dynamic-auth?
- (agent-name guix-build-coordinator-agent-dynamic-auth-agent-name)
- (token guix-build-coordinator-agent-dynamic-auth-token))
- (define-record-type* <guix-build-coordinator-agent-dynamic-auth-with-file>
- guix-build-coordinator-agent-dynamic-auth-with-file
- make-guix-build-coordinator-agent-dynamic-auth-with-file
- guix-build-coordinator-agent-dynamic-auth-with-file?
- (agent-name guix-build-coordinator-agent-dynamic-auth-with-file-agent-name)
- (token-file guix-build-coordinator-agent-dynamic-auth-with-file-token-file))
- (define-record-type* <guix-build-coordinator-queue-builds-configuration>
- guix-build-coordinator-queue-builds-configuration
- make-guix-build-coordinator-queue-builds-configuration
- guix-build-coordinator-queue-builds-configuration?
- (package guix-build-coordinator-queue-builds-configuration-package
- (default guix-build-coordinator))
- (user guix-build-coordinator-queue-builds-configuration-user
- (default "guix-build-coordinator-queue-builds"))
- (coordinator guix-build-coordinator-queue-builds-coordinator
- (default "http://localhost:8746"))
- (systems guix-build-coordinator-queue-builds-configuration-systems
- (default #f))
- (systems-and-targets
- guix-build-coordinator-queue-builds-configuration-system-and-targets
- (default #f))
- (guix-data-service
- guix-build-coordinator-queue-builds-configuration-guix-data-service
- (default "https://data.guix.gnu.org"))
- (processed-commits-file
- guix-build-coordinator-queue-builds-configuration-processed-commits-file
- (default "/var/cache/guix-build-coordinator-queue-builds/processed-commits")))
- (define* (make-guix-build-coordinator-start-script database-uri-string
- allocation-strategy
- pid-file
- guix-build-coordinator-package
- #:key
- agent-communication-uri-string
- client-communication-uri-string
- (hooks '())
- (guile guile-3.0))
- (program-file
- "start-guix-build-coordinator"
- (with-extensions (cons guix-build-coordinator-package
- ;; This is a poorly constructed Guile load path,
- ;; since it contains things that aren't Guile
- ;; libraries, but it means that the Guile libraries
- ;; needed for the Guix Build Coordinator don't need
- ;; to be individually specified here.
- (append
- (map second (package-inputs
- guix-build-coordinator-package))
- (map second (package-propagated-inputs
- guix-build-coordinator-package))))
- #~(begin
- (use-modules (srfi srfi-1)
- (ice-9 match)
- (web uri)
- (prometheus)
- (guix-build-coordinator hooks)
- (guix-build-coordinator datastore)
- (guix-build-coordinator build-allocator)
- (guix-build-coordinator coordinator))
- (setvbuf (current-output-port) 'line)
- (setvbuf (current-error-port) 'line)
- (simple-format #t "starting the guix-build-coordinator:\n ~A\n"
- (current-filename))
- (let* ((metrics-registry (make-metrics-registry
- #:namespace
- "guixbuildcoordinator"))
- (datastore (database-uri->datastore
- #$database-uri-string
- #:metrics-registry metrics-registry))
- (hooks
- (list #$@(map (match-lambda
- ((name . hook-gexp)
- #~(cons '#$name #$hook-gexp)))
- hooks)))
- (hooks-with-defaults
- `(,@hooks
- ,@(remove (match-lambda
- ((name . _) (assq-ref hooks name)))
- %default-hooks)))
- (build-coordinator (make-build-coordinator
- #:datastore datastore
- #:hooks hooks-with-defaults
- #:metrics-registry metrics-registry
- #:allocation-strategy #$allocation-strategy)))
- (run-coordinator-service
- build-coordinator
- #:update-datastore? #t
- #:pid-file #$pid-file
- #:agent-communication-uri (string->uri
- #$agent-communication-uri-string)
- #:client-communication-uri (string->uri
- #$client-communication-uri-string)))))
- #:guile guile))
- (define (guix-build-coordinator-shepherd-services config)
- (match-record config <guix-build-coordinator-configuration>
- (package user group database-uri-string
- agent-communication-uri-string
- client-communication-uri-string
- allocation-strategy
- hooks
- guile)
- (list
- (shepherd-service
- (documentation "Guix Build Coordinator")
- (provision '(guix-build-coordinator))
- (requirement '(networking))
- (start #~(make-forkexec-constructor
- (list #$(make-guix-build-coordinator-start-script
- database-uri-string
- allocation-strategy
- "/var/run/guix-build-coordinator/pid"
- package
- #:agent-communication-uri-string
- agent-communication-uri-string
- #:client-communication-uri-string
- client-communication-uri-string
- #:hooks hooks
- #:guile guile))
- #:user #$user
- #:group #$group
- #:pid-file "/var/run/guix-build-coordinator/pid"
- ;; Allow time for migrations to run
- #:pid-file-timeout 60
- #:environment-variables
- `(,(string-append
- "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
- "LC_ALL=en_US.utf8"
- "PATH=/run/current-system/profile/bin") ; for hooks
- #:log-file "/var/log/guix-build-coordinator/coordinator.log"))
- (stop #~(make-kill-destructor))))))
- (define (guix-build-coordinator-activation config)
- #~(begin
- (use-modules (guix build utils))
- (define %user
- (getpw #$(guix-build-coordinator-configuration-user
- config)))
- (chmod "/var/lib/guix-build-coordinator" #o755)
- (mkdir-p "/var/log/guix-build-coordinator")
- ;; Allow writing the PID file
- (mkdir-p "/var/run/guix-build-coordinator")
- (chown "/var/run/guix-build-coordinator"
- (passwd:uid %user)
- (passwd:gid %user))))
- (define (guix-build-coordinator-account config)
- (match-record config <guix-build-coordinator-configuration>
- (user group)
- (list (user-group
- (name group)
- (system? #t))
- (user-account
- (name user)
- (group group)
- (system? #t)
- (comment "Guix Build Coordinator user")
- (home-directory "/var/lib/guix-build-coordinator")
- (shell (file-append shadow "/sbin/nologin"))))))
- (define guix-build-coordinator-service-type
- (service-type
- (name 'guix-build-coordinator)
- (extensions
- (list
- (service-extension shepherd-root-service-type
- guix-build-coordinator-shepherd-services)
- (service-extension activation-service-type
- guix-build-coordinator-activation)
- (service-extension account-service-type
- guix-build-coordinator-account)))
- (default-value
- (guix-build-coordinator-configuration))
- (description
- "Run an instance of the Guix Build Coordinator.")))
- (define (guix-build-coordinator-agent-shepherd-services config)
- (match-record config <guix-build-coordinator-agent-configuration>
- (package user coordinator authentication max-parallel-builds
- max-1min-load-average
- derivation-substitute-urls non-derivation-substitute-urls
- systems)
- (list
- (shepherd-service
- (documentation "Guix Build Coordinator Agent")
- (provision '(guix-build-coordinator-agent))
- (requirement '(networking))
- (start #~(make-forkexec-constructor
- (list #$(file-append package "/bin/guix-build-coordinator-agent")
- #$(string-append "--coordinator=" coordinator)
- #$@(match authentication
- (($ <guix-build-coordinator-agent-password-auth>
- uuid password)
- #~(#$(string-append "--uuid=" uuid)
- #$(string-append "--password=" password)))
- (($ <guix-build-coordinator-agent-password-file-auth>
- uuid password-file)
- #~(#$(string-append "--uuid=" uuid)
- #$(string-append "--password-file="
- password-file)))
- (($ <guix-build-coordinator-agent-dynamic-auth>
- agent-name token)
- #~(#$(string-append "--name=" agent-name)
- #$(string-append "--dynamic-auth-token=" token)))
- (($
- <guix-build-coordinator-agent-dynamic-auth-with-file>
- agent-name token-file)
- #~(#$(string-append "--name=" agent-name)
- #$(string-append "--dynamic-auth-token-file="
- token-file))))
- #$(simple-format #f "--max-parallel-builds=~A"
- max-parallel-builds)
- #$@(if max-1min-load-average
- #~(#$(simple-format #f "--max-1min-load-average=~A"
- max-1min-load-average))
- #~())
- #$@(if derivation-substitute-urls
- #~(#$(string-append
- "--derivation-substitute-urls="
- (string-join derivation-substitute-urls " ")))
- #~())
- #$@(if non-derivation-substitute-urls
- #~(#$(string-append
- "--non-derivation-substitute-urls="
- (string-join non-derivation-substitute-urls " ")))
- #~())
- #$@(map (lambda (system)
- (string-append "--system=" system))
- (or systems '())))
- #:user #$user
- #:environment-variables
- `(,(string-append
- "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
- ;; XDG_CACHE_HOME is used by Guix when caching narinfo files
- "XDG_CACHE_HOME=/var/cache/guix-build-coordinator-agent"
- "LC_ALL=en_US.utf8")
- #:log-file "/var/log/guix-build-coordinator/agent.log"))
- (stop #~(make-kill-destructor))))))
- (define (guix-build-coordinator-agent-activation config)
- #~(begin
- (use-modules (guix build utils))
- (define %user
- (getpw #$(guix-build-coordinator-agent-configuration-user
- config)))
- (mkdir-p "/var/log/guix-build-coordinator")
- ;; Create a cache directory for storing narinfo files if downloaded
- (mkdir-p "/var/cache/guix-build-coordinator-agent")
- (chown "/var/cache/guix-build-coordinator-agent"
- (passwd:uid %user)
- (passwd:gid %user))))
- (define (guix-build-coordinator-agent-account config)
- (list (user-account
- (name (guix-build-coordinator-agent-configuration-user config))
- (group "nogroup")
- (system? #t)
- (comment "Guix Build Coordinator agent user")
- (home-directory "/var/empty")
- (shell (file-append shadow "/sbin/nologin")))))
- (define guix-build-coordinator-agent-service-type
- (service-type
- (name 'guix-build-coordinator-agent)
- (extensions
- (list
- (service-extension shepherd-root-service-type
- guix-build-coordinator-agent-shepherd-services)
- (service-extension activation-service-type
- guix-build-coordinator-agent-activation)
- (service-extension account-service-type
- guix-build-coordinator-agent-account)))
- (description
- "Run a Guix Build Coordinator agent.")))
- (define (guix-build-coordinator-queue-builds-shepherd-services config)
- (match-record config <guix-build-coordinator-queue-builds-configuration>
- (package user coordinator systems systems-and-targets
- guix-data-service processed-commits-file)
- (list
- (shepherd-service
- (documentation "Guix Build Coordinator queue builds from Guix Data Service")
- (provision '(guix-build-coordinator-queue-builds))
- (requirement '(networking))
- (start
- #~(make-forkexec-constructor
- (list
- #$(file-append
- package
- "/bin/guix-build-coordinator-queue-builds-from-guix-data-service")
- #$(string-append "--coordinator=" coordinator)
- #$@(map (lambda (system)
- (string-append "--system=" system))
- (or systems '()))
- #$@(map (match-lambda
- ((system . target)
- (string-append "--system-and-target=" system "=" target)))
- (or systems-and-targets '()))
- #$@(if guix-data-service
- #~(#$(string-append "--guix-data-service=" guix-data-service))
- #~())
- #$@(if processed-commits-file
- #~(#$(string-append "--processed-commits-file="
- processed-commits-file))
- #~()))
- #:user #$user
- #:environment-variables
- `(,(string-append
- "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
- "LC_ALL=en_US.utf8")
- #:log-file "/var/log/guix-build-coordinator/queue-builds.log"))
- (stop #~(make-kill-destructor))))))
- (define (guix-build-coordinator-queue-builds-activation config)
- #~(begin
- (use-modules (guix build utils))
- (define %user
- (getpw #$(guix-build-coordinator-queue-builds-configuration-user
- config)))
- (mkdir-p "/var/log/guix-build-coordinator")
- ;; Allow writing the processed commits file
- (mkdir-p "/var/cache/guix-build-coordinator-queue-builds")
- (chown "/var/cache/guix-build-coordinator-queue-builds"
- (passwd:uid %user)
- (passwd:gid %user))))
- (define (guix-build-coordinator-queue-builds-account config)
- (list (user-account
- (name (guix-build-coordinator-queue-builds-configuration-user config))
- (group "nogroup")
- (system? #t)
- (comment "Guix Build Coordinator queue-builds user")
- (home-directory "/var/empty")
- (shell (file-append shadow "/sbin/nologin")))))
- (define guix-build-coordinator-queue-builds-service-type
- (service-type
- (name 'guix-build-coordinator-queue-builds)
- (extensions
- (list
- (service-extension shepherd-root-service-type
- guix-build-coordinator-queue-builds-shepherd-services)
- (service-extension activation-service-type
- guix-build-coordinator-queue-builds-activation)
- (service-extension account-service-type
- guix-build-coordinator-queue-builds-account)))
- (description
- "Run the guix-build-coordinator-queue-builds-from-guix-data-service
- script.
- This is a script to assist in having the Guix Build Coordinator build
- derivations stored in an instance of the Guix Data Service.")))
- �
- ;;;
- ;;; Guix Data Service
- ;;;
- (define-record-type* <guix-data-service-configuration>
- guix-data-service-configuration make-guix-data-service-configuration
- guix-data-service-configuration?
- (package guix-data-service-package
- (default guix-data-service))
- (user guix-data-service-configuration-user
- (default "guix-data-service"))
- (group guix-data-service-configuration-group
- (default "guix-data-service"))
- (port guix-data-service-port
- (default 8765))
- (host guix-data-service-host
- (default "127.0.0.1"))
- (getmail-idle-mailboxes
- guix-data-service-getmail-idle-mailboxes
- (default #f))
- (commits-getmail-retriever-configuration
- guix-data-service-commits-getmail-retriever-configuration
- (default #f))
- (extra-options guix-data-service-extra-options
- (default '()))
- (extra-process-jobs-options
- guix-data-service-extra-process-jobs-options
- (default '())))
- (define (guix-data-service-profile-packages config)
- "Return the guix-data-service package, this will populate the
- ca-certificates.crt file in the system profile."
- (list
- (guix-data-service-package config)))
- (define (guix-data-service-shepherd-services config)
- (match-record config <guix-data-service-configuration>
- (package user group port host extra-options extra-process-jobs-options)
- (list
- (shepherd-service
- (documentation "Guix Data Service web server")
- (provision '(guix-data-service))
- (requirement '(postgres networking))
- (start #~(make-forkexec-constructor
- (list #$(file-append package
- "/bin/guix-data-service")
- "--pid-file=/var/run/guix-data-service/pid"
- #$(string-append "--port=" (number->string port))
- #$(string-append "--host=" host)
- ;; Perform any database migrations when the
- ;; service is started
- "--update-database"
- #$@extra-options)
- #:user #$user
- #:group #$group
- #:pid-file "/var/run/guix-data-service/pid"
- ;; Allow time for migrations to run
- #:pid-file-timeout 60
- #:environment-variables
- `(,(string-append
- "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
- "LC_ALL=en_US.UTF-8")
- #:log-file "/var/log/guix-data-service/web.log"))
- (stop #~(make-kill-destructor)))
- (shepherd-service
- (documentation "Guix Data Service process jobs")
- (provision '(guix-data-service-process-jobs))
- (requirement '(postgres
- networking
- ;; Require guix-data-service, as that the database
- ;; migrations are handled through this service
- guix-data-service))
- (start #~(make-forkexec-constructor
- (list
- #$(file-append package
- "/bin/guix-data-service-process-jobs")
- #$@extra-process-jobs-options)
- #:user #$user
- #:group #$group
- #:environment-variables
- `("HOME=/var/lib/guix-data-service"
- "GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt"
- ,(string-append
- "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
- "LC_ALL=en_US.UTF-8")
- #:log-file "/var/log/guix-data-service/process-jobs.log"))
- (stop #~(make-kill-destructor))))))
- (define (guix-data-service-activation config)
- #~(begin
- (use-modules (guix build utils))
- (define %user (getpw "guix-data-service"))
- (chmod "/var/lib/guix-data-service" #o755)
- (mkdir-p "/var/log/guix-data-service")
- ;; Allow writing the PID file
- (mkdir-p "/var/run/guix-data-service")
- (chown "/var/run/guix-data-service"
- (passwd:uid %user)
- (passwd:gid %user))))
- (define (guix-data-service-account config)
- (match-record config <guix-data-service-configuration>
- (user group)
- (list (user-group
- (name group)
- (system? #t))
- (user-account
- (name user)
- (group group)
- (system? #t)
- (comment "Guix Data Service user")
- (home-directory "/var/lib/guix-data-service")
- (shell (file-append shadow "/sbin/nologin"))))))
- (define (guix-data-service-getmail-configuration config)
- (match config
- (($ <guix-data-service-configuration> package user group
- port host
- #f #f)
- '())
- (($ <guix-data-service-configuration> package user group
- port host
- getmail-idle-mailboxes
- commits-getmail-retriever-configuration)
- (list
- (getmail-configuration
- (name 'guix-data-service)
- (user user)
- (group group)
- (directory "/var/lib/getmail/guix-data-service")
- (rcfile
- (getmail-configuration-file
- (retriever commits-getmail-retriever-configuration)
- (destination
- (getmail-destination-configuration
- (type "MDA_external")
- (path (file-append
- package
- "/bin/guix-data-service-process-branch-updated-email"))))
- (options
- (getmail-options-configuration
- (read-all #f)
- (delivered-to #f)
- (received #f)))))
- (idle getmail-idle-mailboxes))))))
- (define guix-data-service-type
- (service-type
- (name 'guix-data-service)
- (extensions
- (list
- (service-extension profile-service-type
- guix-data-service-profile-packages)
- (service-extension shepherd-root-service-type
- guix-data-service-shepherd-services)
- (service-extension activation-service-type
- guix-data-service-activation)
- (service-extension account-service-type
- guix-data-service-account)
- (service-extension getmail-service-type
- guix-data-service-getmail-configuration)))
- (default-value
- (guix-data-service-configuration))
- (description
- "Run an instance of the Guix Data Service.")))
|
