1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2019, 2020, 2021, 2022 Christopher Baines <mail@cbaines.net>
4 ;;; This file is part of GNU Guix.
6 ;;; GNU Guix is free software; you can redistribute it and/or modify
7 ;;; it under the terms of the GNU General Public License as published by
8 ;;; the Free Software Foundation, either version 3 of the License, or
9 ;;; (at your option) any later version.
11 ;;; GNU Guix is distributed in the hope that it will be useful,
12 ;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
13 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 ;;; GNU General Public License for more details.
16 ;;; You should have received a copy of the GNU General Public License
17 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
19 (define-module (gnu services guix)
20 #:use-module (srfi srfi-1)
21 #:use-module (ice-9 match)
22 #:use-module (guix gexp)
23 #:use-module (guix records)
24 #:use-module (guix packages)
25 #:use-module ((gnu packages base)
26 #:select (glibc-utf8-locales))
27 #:use-module (gnu packages admin)
28 #:use-module (gnu packages databases)
29 #:use-module (gnu packages web)
30 #:use-module (gnu packages guile)
31 #:use-module (gnu packages guile-xyz)
32 #:use-module (gnu packages package-management)
33 #:use-module (gnu services)
34 #:use-module (gnu services base)
35 #:use-module (gnu services admin)
36 #:use-module (gnu services shepherd)
37 #:use-module (gnu services getmail)
38 #:use-module (gnu system shadow)
39 #:export (guix-build-coordinator-configuration
40 guix-build-coordinator-configuration?
41 guix-build-coordinator-configuration-package
42 guix-build-coordinator-configuration-user
43 guix-build-coordinator-configuration-group
44 guix-build-coordinator-configuration-datastore-uri-string
45 guix-build-coordinator-configuration-agent-communication-uri-string
46 guix-build-coordinator-configuration-client-communication-uri-string
47 guix-build-coordinator-configuration-allocation-strategy
48 guix-build-coordinator-configuration-hooks
49 guix-build-coordinator-configuration-guile
51 guix-build-coordinator-service-type
53 guix-build-coordinator-agent-configuration
54 guix-build-coordinator-agent-configuration?
55 guix-build-coordinator-agent-configuration-package
56 guix-build-coordinator-agent-configuration-user
57 guix-build-coordinator-agent-configuration-coordinator
58 guix-build-coordinator-agent-configuration-authentication
59 guix-build-coordinator-agent-configuration-systems
60 guix-build-coordinator-agent-configuration-max-parallel-builds
61 guix-build-coordinator-agent-configuration-max-1min-load-average
62 guix-build-coordinator-agent-configuration-derivation-substitute-urls
63 guix-build-coordinator-agent-configuration-non-derivation-substitute-urls
65 guix-build-coordinator-agent-password-auth
66 guix-build-coordinator-agent-password-auth?
67 guix-build-coordinator-agent-password-auth-uuid
68 guix-build-coordinator-agent-password-auth-password
70 guix-build-coordinator-agent-password-file-auth
71 guix-build-coordinator-agent-password-file-auth?
72 guix-build-coordinator-agent-password-file-auth-uuid
73 guix-build-coordinator-agent-password-file-auth-password-file
75 guix-build-coordinator-agent-dynamic-auth
76 guix-build-coordinator-agent-dynamic-auth?
77 guix-build-coordinator-agent-dynamic-auth-agent-name
78 guix-build-coordinator-agent-dynamic-auth-token
80 guix-build-coordinator-agent-dynamic-auth-with-file
81 guix-build-coordinator-agent-dynamic-auth-with-file?
82 guix-build-coordinator-agent-dynamic-auth-with-file-agent-name
83 guix-build-coordinator-agent-dynamic-auth-with-file-token-file
85 guix-build-coordinator-agent-service-type
87 guix-build-coordinator-queue-builds-configuration
88 guix-build-coordinator-queue-builds-configuration?
89 guix-build-coordinator-queue-builds-configuration-package
90 guix-build-coordinator-queue-builds-configuration-user
91 guix-build-coordinator-queue-builds-coordinator
92 guix-build-coordinator-queue-builds-configuration-systems
93 guix-build-coordinator-queue-builds-configuration-system-and-targets
94 guix-build-coordinator-queue-builds-configuration-guix-data-service
95 guix-build-coordinator-queue-builds-configuration-processed-commits-file
97 guix-build-coordinator-queue-builds-service-type
99 <guix-data-service-configuration>
100 guix-data-service-configuration
101 guix-data-service-configuration?
102 guix-data-service-package
103 guix-data-service-user
104 guix-data-service-group
105 guix-data-service-port
106 guix-data-service-host
107 guix-data-service-getmail-idle-mailboxes
108 guix-data-service-commits-getmail-retriever-configuration
110 guix-data-service-type
112 nar-herder-service-type
113 nar-herder-configuration
114 nar-herder-configuration?
115 nar-herder-configuration-package
116 nar-herder-configuration-user
117 nar-herder-configuration-group
118 nar-herder-configuration-mirror
119 nar-herder-configuration-database
120 nar-herder-configuration-database-dump
121 nar-herder-configuration-host
122 nar-herder-configuration-port
123 nar-herder-configuration-storage
124 nar-herder-configuration-storage-limit
125 nar-herder-configuration-storage-nar-removal-criteria
126 nar-herder-configuration-log-level))
130 ;;; Services specifically related to GNU Guix.
134 (define-record-type* <guix-build-coordinator-configuration>
135 guix-build-coordinator-configuration make-guix-build-coordinator-configuration
136 guix-build-coordinator-configuration?
137 (package guix-build-coordinator-configuration-package
138 (default guix-build-coordinator))
139 (user guix-build-coordinator-configuration-user
140 (default "guix-build-coordinator"))
141 (group guix-build-coordinator-configuration-group
142 (default "guix-build-coordinator"))
144 guix-build-coordinator-configuration-datastore-uri-string
145 (default "sqlite:///var/lib/guix-build-coordinator/guix_build_coordinator.db"))
146 (agent-communication-uri-string
147 guix-build-coordinator-configuration-agent-communication-uri-string
148 (default "http://0.0.0.0:8745"))
149 (client-communication-uri-string
150 guix-build-coordinator-configuration-client-communication-uri-string
151 (default "http://127.0.0.1:8746"))
153 guix-build-coordinator-configuration-allocation-strategy
154 (default #~basic-build-allocation-strategy))
155 (hooks guix-build-coordinator-configuration-hooks
157 (guile guix-build-coordinator-configuration-guile
158 (default guile-3.0-latest)))
160 (define-record-type* <guix-build-coordinator-agent-configuration>
161 guix-build-coordinator-agent-configuration
162 make-guix-build-coordinator-agent-configuration
163 guix-build-coordinator-agent-configuration?
164 (package guix-build-coordinator-agent-configuration-package
165 (default guix-build-coordinator/agent-only))
166 (user guix-build-coordinator-agent-configuration-user
167 (default "guix-build-coordinator-agent"))
168 (coordinator guix-build-coordinator-agent-configuration-coordinator
169 (default "http://localhost:8745"))
170 (authentication guix-build-coordinator-agent-configuration-authentication)
171 (systems guix-build-coordinator-agent-configuration-systems
174 guix-build-coordinator-agent-configuration-max-parallel-builds
176 (max-1min-load-average
177 guix-build-coordinator-agent-configuration-max-1min-load-average
179 (derivation-substitute-urls
180 guix-build-coordinator-agent-configuration-derivation-substitute-urls
182 (non-derivation-substitute-urls
183 guix-build-coordinator-agent-configuration-non-derivation-substitute-urls
186 (define-record-type* <guix-build-coordinator-agent-password-auth>
187 guix-build-coordinator-agent-password-auth
188 make-guix-build-coordinator-agent-password-auth
189 guix-build-coordinator-agent-password-auth?
190 (uuid guix-build-coordinator-agent-password-auth-uuid)
191 (password guix-build-coordinator-agent-password-auth-password))
193 (define-record-type* <guix-build-coordinator-agent-password-file-auth>
194 guix-build-coordinator-agent-password-file-auth
195 make-guix-build-coordinator-agent-password-file-auth
196 guix-build-coordinator-agent-password-file-auth?
197 (uuid guix-build-coordinator-agent-password-file-auth-uuid)
199 guix-build-coordinator-agent-password-file-auth-password-file))
201 (define-record-type* <guix-build-coordinator-agent-dynamic-auth>
202 guix-build-coordinator-agent-dynamic-auth
203 make-guix-build-coordinator-agent-dynamic-auth
204 guix-build-coordinator-agent-dynamic-auth?
205 (agent-name guix-build-coordinator-agent-dynamic-auth-agent-name)
206 (token guix-build-coordinator-agent-dynamic-auth-token))
208 (define-record-type* <guix-build-coordinator-agent-dynamic-auth-with-file>
209 guix-build-coordinator-agent-dynamic-auth-with-file
210 make-guix-build-coordinator-agent-dynamic-auth-with-file
211 guix-build-coordinator-agent-dynamic-auth-with-file?
212 (agent-name guix-build-coordinator-agent-dynamic-auth-with-file-agent-name)
213 (token-file guix-build-coordinator-agent-dynamic-auth-with-file-token-file))
215 (define-record-type* <guix-build-coordinator-queue-builds-configuration>
216 guix-build-coordinator-queue-builds-configuration
217 make-guix-build-coordinator-queue-builds-configuration
218 guix-build-coordinator-queue-builds-configuration?
219 (package guix-build-coordinator-queue-builds-configuration-package
220 (default guix-build-coordinator))
221 (user guix-build-coordinator-queue-builds-configuration-user
222 (default "guix-build-coordinator-queue-builds"))
223 (coordinator guix-build-coordinator-queue-builds-coordinator
224 (default "http://localhost:8746"))
225 (systems guix-build-coordinator-queue-builds-configuration-systems
228 guix-build-coordinator-queue-builds-configuration-system-and-targets
231 guix-build-coordinator-queue-builds-configuration-guix-data-service
232 (default "https://data.guix.gnu.org"))
233 (processed-commits-file
234 guix-build-coordinator-queue-builds-configuration-processed-commits-file
235 (default "/var/cache/guix-build-coordinator-queue-builds/processed-commits")))
237 (define* (make-guix-build-coordinator-start-script database-uri-string
240 guix-build-coordinator-package
242 agent-communication-uri-string
243 client-communication-uri-string
247 "start-guix-build-coordinator"
248 (with-extensions (cons guix-build-coordinator-package
249 ;; This is a poorly constructed Guile load path,
250 ;; since it contains things that aren't Guile
251 ;; libraries, but it means that the Guile libraries
252 ;; needed for the Guix Build Coordinator don't need
253 ;; to be individually specified here.
255 (map second (package-inputs
256 guix-build-coordinator-package))
257 (map second (package-propagated-inputs
258 guix-build-coordinator-package))))
260 (use-modules (srfi srfi-1)
264 (guix-build-coordinator hooks)
265 (guix-build-coordinator datastore)
266 (guix-build-coordinator build-allocator)
267 (guix-build-coordinator coordinator))
269 (setvbuf (current-output-port) 'line)
270 (setvbuf (current-error-port) 'line)
272 (simple-format #t "starting the guix-build-coordinator:\n ~A\n"
274 (let* ((metrics-registry (make-metrics-registry
276 "guixbuildcoordinator"))
277 (datastore (database-uri->datastore
278 #$database-uri-string
279 #:metrics-registry metrics-registry))
281 (list #$@(map (match-lambda
283 #~(cons '#$name #$hook-gexp)))
287 ,@(remove (match-lambda
288 ((name . _) (assq-ref hooks name)))
290 (build-coordinator (make-build-coordinator
291 #:datastore datastore
292 #:hooks hooks-with-defaults
293 #:metrics-registry metrics-registry
294 #:allocation-strategy #$allocation-strategy)))
296 (run-coordinator-service
298 #:update-datastore? #t
299 #:pid-file #$pid-file
300 #:agent-communication-uri (string->uri
301 #$agent-communication-uri-string)
302 #:client-communication-uri (string->uri
303 #$client-communication-uri-string)))))
306 (define (guix-build-coordinator-shepherd-services config)
307 (match-record config <guix-build-coordinator-configuration>
308 (package user group database-uri-string
309 agent-communication-uri-string
310 client-communication-uri-string
316 (documentation "Guix Build Coordinator")
317 (provision '(guix-build-coordinator))
318 (requirement '(networking))
319 (start #~(make-forkexec-constructor
320 (list #$(make-guix-build-coordinator-start-script
323 "/var/run/guix-build-coordinator/pid"
325 #:agent-communication-uri-string
326 agent-communication-uri-string
327 #:client-communication-uri-string
328 client-communication-uri-string
333 #:pid-file "/var/run/guix-build-coordinator/pid"
334 ;; Allow time for migrations to run
335 #:pid-file-timeout 60
336 #:environment-variables
338 "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
340 "PATH=/run/current-system/profile/bin") ; for hooks
341 #:log-file "/var/log/guix-build-coordinator/coordinator.log"))
342 (stop #~(make-kill-destructor))))))
344 (define (guix-build-coordinator-activation config)
346 (use-modules (guix build utils))
349 (getpw #$(guix-build-coordinator-configuration-user
352 (chmod "/var/lib/guix-build-coordinator" #o755)
354 (mkdir-p "/var/log/guix-build-coordinator")
356 ;; Allow writing the PID file
357 (mkdir-p "/var/run/guix-build-coordinator")
358 (chown "/var/run/guix-build-coordinator"
360 (passwd:gid %user))))
362 (define (guix-build-coordinator-account config)
363 (match-record config <guix-build-coordinator-configuration>
372 (comment "Guix Build Coordinator user")
373 (home-directory "/var/lib/guix-build-coordinator")
374 (shell (file-append shadow "/sbin/nologin"))))))
376 (define guix-build-coordinator-service-type
378 (name 'guix-build-coordinator)
381 (service-extension shepherd-root-service-type
382 guix-build-coordinator-shepherd-services)
383 (service-extension activation-service-type
384 guix-build-coordinator-activation)
385 (service-extension account-service-type
386 guix-build-coordinator-account)))
388 (guix-build-coordinator-configuration))
390 "Run an instance of the Guix Build Coordinator.")))
392 (define (guix-build-coordinator-agent-shepherd-services config)
393 (match-record config <guix-build-coordinator-agent-configuration>
394 (package user coordinator authentication max-parallel-builds
395 max-1min-load-average
396 derivation-substitute-urls non-derivation-substitute-urls
400 (documentation "Guix Build Coordinator Agent")
401 (provision '(guix-build-coordinator-agent))
402 (requirement '(networking))
403 (start #~(make-forkexec-constructor
404 (list #$(file-append package "/bin/guix-build-coordinator-agent")
405 #$(string-append "--coordinator=" coordinator)
406 #$@(match authentication
407 (($ <guix-build-coordinator-agent-password-auth>
409 #~(#$(string-append "--uuid=" uuid)
410 #$(string-append "--password=" password)))
411 (($ <guix-build-coordinator-agent-password-file-auth>
413 #~(#$(string-append "--uuid=" uuid)
414 #$(string-append "--password-file="
416 (($ <guix-build-coordinator-agent-dynamic-auth>
418 #~(#$(string-append "--name=" agent-name)
419 #$(string-append "--dynamic-auth-token=" token)))
421 <guix-build-coordinator-agent-dynamic-auth-with-file>
422 agent-name token-file)
423 #~(#$(string-append "--name=" agent-name)
424 #$(string-append "--dynamic-auth-token-file="
426 #$(simple-format #f "--max-parallel-builds=~A"
428 #$@(if max-1min-load-average
429 #~(#$(simple-format #f "--max-1min-load-average=~A"
430 max-1min-load-average))
432 #$@(if derivation-substitute-urls
434 "--derivation-substitute-urls="
435 (string-join derivation-substitute-urls " ")))
437 #$@(if non-derivation-substitute-urls
439 "--non-derivation-substitute-urls="
440 (string-join non-derivation-substitute-urls " ")))
442 #$@(map (lambda (system)
443 (string-append "--system=" system))
446 #:environment-variables
448 "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
449 ;; XDG_CACHE_HOME is used by Guix when caching narinfo files
450 "XDG_CACHE_HOME=/var/cache/guix-build-coordinator-agent"
452 #:log-file "/var/log/guix-build-coordinator/agent.log"))
453 (stop #~(make-kill-destructor))))))
455 (define (guix-build-coordinator-agent-activation config)
457 (use-modules (guix build utils))
460 (getpw #$(guix-build-coordinator-agent-configuration-user
463 (mkdir-p "/var/log/guix-build-coordinator")
465 ;; Create a cache directory for storing narinfo files if downloaded
466 (mkdir-p "/var/cache/guix-build-coordinator-agent")
467 (chown "/var/cache/guix-build-coordinator-agent"
469 (passwd:gid %user))))
471 (define (guix-build-coordinator-agent-account config)
473 (name (guix-build-coordinator-agent-configuration-user config))
476 (comment "Guix Build Coordinator agent user")
477 (home-directory "/var/empty")
478 (shell (file-append shadow "/sbin/nologin")))))
480 (define guix-build-coordinator-agent-service-type
482 (name 'guix-build-coordinator-agent)
485 (service-extension shepherd-root-service-type
486 guix-build-coordinator-agent-shepherd-services)
487 (service-extension activation-service-type
488 guix-build-coordinator-agent-activation)
489 (service-extension account-service-type
490 guix-build-coordinator-agent-account)))
492 "Run a Guix Build Coordinator agent.")))
494 (define (guix-build-coordinator-queue-builds-shepherd-services config)
495 (match-record config <guix-build-coordinator-queue-builds-configuration>
496 (package user coordinator systems systems-and-targets
497 guix-data-service processed-commits-file)
500 (documentation "Guix Build Coordinator queue builds from Guix Data Service")
501 (provision '(guix-build-coordinator-queue-builds))
502 (requirement '(networking))
504 #~(make-forkexec-constructor
508 "/bin/guix-build-coordinator-queue-builds-from-guix-data-service")
509 #$(string-append "--coordinator=" coordinator)
510 #$@(map (lambda (system)
511 (string-append "--system=" system))
513 #$@(map (match-lambda
515 (string-append "--system-and-target=" system "=" target)))
516 (or systems-and-targets '()))
517 #$@(if guix-data-service
518 #~(#$(string-append "--guix-data-service=" guix-data-service))
520 #$@(if processed-commits-file
521 #~(#$(string-append "--processed-commits-file="
522 processed-commits-file))
525 #:environment-variables
527 "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
529 #:log-file "/var/log/guix-build-coordinator/queue-builds.log"))
530 (stop #~(make-kill-destructor))))))
532 (define (guix-build-coordinator-queue-builds-activation config)
534 (use-modules (guix build utils))
537 (getpw #$(guix-build-coordinator-queue-builds-configuration-user
540 (mkdir-p "/var/log/guix-build-coordinator")
542 ;; Allow writing the processed commits file
543 (mkdir-p "/var/cache/guix-build-coordinator-queue-builds")
544 (chown "/var/cache/guix-build-coordinator-queue-builds"
546 (passwd:gid %user))))
548 (define (guix-build-coordinator-queue-builds-account config)
550 (name (guix-build-coordinator-queue-builds-configuration-user config))
553 (comment "Guix Build Coordinator queue-builds user")
554 (home-directory "/var/empty")
555 (shell (file-append shadow "/sbin/nologin")))))
557 (define guix-build-coordinator-queue-builds-service-type
559 (name 'guix-build-coordinator-queue-builds)
562 (service-extension shepherd-root-service-type
563 guix-build-coordinator-queue-builds-shepherd-services)
564 (service-extension activation-service-type
565 guix-build-coordinator-queue-builds-activation)
566 (service-extension account-service-type
567 guix-build-coordinator-queue-builds-account)))
569 "Run the guix-build-coordinator-queue-builds-from-guix-data-service
572 This is a script to assist in having the Guix Build Coordinator build
573 derivations stored in an instance of the Guix Data Service.")))
577 ;;; Guix Data Service
580 (define-record-type* <guix-data-service-configuration>
581 guix-data-service-configuration make-guix-data-service-configuration
582 guix-data-service-configuration?
583 (package guix-data-service-package
584 (default guix-data-service))
585 (user guix-data-service-configuration-user
586 (default "guix-data-service"))
587 (group guix-data-service-configuration-group
588 (default "guix-data-service"))
589 (port guix-data-service-port
591 (host guix-data-service-host
592 (default "127.0.0.1"))
593 (getmail-idle-mailboxes
594 guix-data-service-getmail-idle-mailboxes
596 (commits-getmail-retriever-configuration
597 guix-data-service-commits-getmail-retriever-configuration
599 (extra-options guix-data-service-extra-options
601 (extra-process-jobs-options
602 guix-data-service-extra-process-jobs-options
605 (define (guix-data-service-profile-packages config)
606 "Return the guix-data-service package, this will populate the
607 ca-certificates.crt file in the system profile."
609 (guix-data-service-package config)))
611 (define (guix-data-service-shepherd-services config)
612 (match-record config <guix-data-service-configuration>
613 (package user group port host extra-options extra-process-jobs-options)
616 (documentation "Guix Data Service web server")
617 (provision '(guix-data-service))
618 (requirement '(postgres networking))
619 (start #~(make-forkexec-constructor
620 (list #$(file-append package
621 "/bin/guix-data-service")
622 "--pid-file=/var/run/guix-data-service/pid"
623 #$(string-append "--port=" (number->string port))
624 #$(string-append "--host=" host)
625 ;; Perform any database migrations when the
626 ;; service is started
632 #:pid-file "/var/run/guix-data-service/pid"
633 ;; Allow time for migrations to run
634 #:pid-file-timeout 60
635 #:environment-variables
637 "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
638 "LC_ALL=en_US.UTF-8")
639 #:log-file "/var/log/guix-data-service/web.log"))
640 (stop #~(make-kill-destructor)))
643 (documentation "Guix Data Service process jobs")
644 (provision '(guix-data-service-process-jobs))
645 (requirement '(postgres
647 ;; Require guix-data-service, as that the database
648 ;; migrations are handled through this service
650 (start #~(make-forkexec-constructor
652 #$(file-append package
653 "/bin/guix-data-service-process-jobs")
654 #$@extra-process-jobs-options)
657 #:environment-variables
658 `("HOME=/var/lib/guix-data-service"
659 "GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt"
661 "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
662 "LC_ALL=en_US.UTF-8")
663 #:log-file "/var/log/guix-data-service/process-jobs.log"))
664 (stop #~(make-kill-destructor))))))
666 (define (guix-data-service-activation config)
668 (use-modules (guix build utils))
670 (define %user (getpw "guix-data-service"))
672 (chmod "/var/lib/guix-data-service" #o755)
674 (mkdir-p "/var/log/guix-data-service")
676 ;; Allow writing the PID file
677 (mkdir-p "/var/run/guix-data-service")
678 (chown "/var/run/guix-data-service"
680 (passwd:gid %user))))
682 (define (guix-data-service-account config)
683 (match-record config <guix-data-service-configuration>
692 (comment "Guix Data Service user")
693 (home-directory "/var/lib/guix-data-service")
694 (shell (file-append shadow "/sbin/nologin"))))))
696 (define (guix-data-service-getmail-configuration config)
698 (($ <guix-data-service-configuration> package user group
702 (($ <guix-data-service-configuration> package user group
704 getmail-idle-mailboxes
705 commits-getmail-retriever-configuration)
707 (getmail-configuration
708 (name 'guix-data-service)
711 (directory "/var/lib/getmail/guix-data-service")
713 (getmail-configuration-file
714 (retriever commits-getmail-retriever-configuration)
716 (getmail-destination-configuration
717 (type "MDA_external")
720 "/bin/guix-data-service-process-branch-updated-email"))))
722 (getmail-options-configuration
726 (idle getmail-idle-mailboxes))))))
728 (define guix-data-service-type
730 (name 'guix-data-service)
733 (service-extension profile-service-type
734 guix-data-service-profile-packages)
735 (service-extension shepherd-root-service-type
736 guix-data-service-shepherd-services)
737 (service-extension activation-service-type
738 guix-data-service-activation)
739 (service-extension account-service-type
740 guix-data-service-account)
741 (service-extension getmail-service-type
742 guix-data-service-getmail-configuration)))
744 (guix-data-service-configuration))
746 "Run an instance of the Guix Data Service.")))
753 (define-record-type* <nar-herder-configuration>
754 nar-herder-configuration make-nar-herder-configuration
755 nar-herder-configuration?
756 (package nar-herder-configuration-package
757 (default nar-herder))
758 (user nar-herder-configuration-user
759 (default "nar-herder"))
760 (group nar-herder-configuration-group
761 (default "nar-herder"))
762 (mirror nar-herder-configuration-mirror
764 (database nar-herder-configuration-database
765 (default "/var/lib/nar-herder/nar_herder.db"))
766 (database-dump nar-herder-configuration-database-dump
767 (default "/var/lib/nar-herder/nar_herder_dump.db"))
768 (host nar-herder-configuration-host
769 (default "127.0.0.1"))
770 (port nar-herder-configuration-port
772 (storage nar-herder-configuration-storage
774 (storage-limit nar-herder-configuration-storage-limit
776 (storage-nar-removal-criteria
777 nar-herder-configuration-storage-nar-removal-criteria
779 (ttl nar-herder-configuration-ttl
781 (negative-ttl nar-herder-configuration-negative-ttl
783 (log-level nar-herder-configuration-log-level
787 (define (nar-herder-shepherd-services config)
788 (match-record config <nar-herder-configuration>
791 database database-dump
793 storage storage-limit storage-nar-removal-criteria
794 ttl negative-ttl log-level)
796 (unless (or mirror storage)
797 (error "nar-herder: mirror or storage must be set"))
801 (documentation "Nar Herder")
802 (provision '(nar-herder))
803 (requirement '(networking))
804 (start #~(make-forkexec-constructor
805 (list #$(file-append package
808 "--pid-file=/var/run/nar-herder/pid"
809 #$(string-append "--port=" (number->string port))
810 #$(string-append "--host=" host)
812 (list (string-append "--mirror=" mirror))
814 #$(string-append "--database=" database)
815 #$(string-append "--database-dump=" database-dump)
817 (list (string-append "--storage=" storage))
819 #$(string-append "--storage-limit="
820 (if (number? storage-limit)
821 (number->string storage-limit)
823 #$@(map (lambda (criteria)
825 "--storage-nar-removal-criteria="
827 ((k . v) (simple-format #f "~A=~A" k v))
829 storage-nar-removal-criteria)
831 (list (string-append "--ttl=" ttl))
834 (list (string-append "--negative-ttl=" negative-ttl))
837 (list (simple-format #f "--log-level=~A" log-level))
841 #:pid-file "/var/run/nar-herder/pid"
842 #:environment-variables
844 "GUIX_LOCPATH=" #$glibc-utf8-locales "/lib/locale")
846 #:log-file "/var/log/nar-herder/server.log"))
847 (stop #~(make-kill-destructor))))))
849 (define (nar-herder-activation config)
851 (use-modules (guix build utils))
854 (getpw #$(nar-herder-configuration-user
857 (chmod "/var/lib/nar-herder" #o755)
859 (mkdir-p "/var/log/nar-herder")
861 ;; Allow writing the PID file
862 (mkdir-p "/var/run/nar-herder")
863 (chown "/var/run/nar-herder"
865 (passwd:gid %user))))
867 (define (nar-herder-account config)
868 (match-record config <nar-herder-configuration>
877 (comment "Nar Herder user")
878 (home-directory "/var/lib/nar-herder")
879 (shell (file-append shadow "/sbin/nologin"))))))
881 (define nar-herder-service-type
886 (service-extension shepherd-root-service-type
887 nar-herder-shepherd-services)
888 (service-extension activation-service-type
889 nar-herder-activation)
890 (service-extension account-service-type
891 nar-herder-account)))
893 "Run a Nar Herder server.")))