Merge branch 'master' into core-updates
[jackhill/guix/guix.git] / gnu / services / cups.scm
1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2016 Andy Wingo <wingo@pobox.com>
3 ;;;
4 ;;; This file is part of GNU Guix.
5 ;;;
6 ;;; GNU Guix is free software; you can redistribute it and/or modify it
7 ;;; under the terms of the GNU General Public License as published by
8 ;;; the Free Software Foundation; either version 3 of the License, or (at
9 ;;; your option) any later version.
10 ;;;
11 ;;; GNU Guix is distributed in the hope that it will be useful, but
12 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
13 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 ;;; GNU General Public License for more details.
15 ;;;
16 ;;; You should have received a copy of the GNU General Public License
17 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
18
19 (define-module (gnu services cups)
20 #:use-module (gnu services)
21 #:use-module (gnu services shepherd)
22 #:use-module (gnu services configuration)
23 #:use-module (gnu system shadow)
24 #:use-module (gnu packages admin)
25 #:use-module (gnu packages cups)
26 #:use-module (gnu packages tls)
27 #:use-module (guix packages)
28 #:use-module (guix records)
29 #:use-module (guix gexp)
30 #:use-module (ice-9 match)
31 #:use-module ((srfi srfi-1) #:select (append-map))
32 #:export (cups-service-type
33 cups-configuration
34 opaque-cups-configuration
35
36 files-configuration
37 policy-configuration
38 location-access-control
39 operation-access-control
40 method-access-control))
41
42 ;;; Commentary:
43 ;;;
44 ;;; Service defininition for the CUPS printing system.
45 ;;;
46 ;;; Code:
47
48 (define %cups-accounts
49 (list (user-group (name "lp") (system? #t))
50 (user-group (name "lpadmin") (system? #t))
51 (user-account
52 (name "lp")
53 (group "lp")
54 (system? #t)
55 (comment "System user for invoking printing helper programs")
56 (home-directory "/var/empty")
57 (shell (file-append shadow "/sbin/nologin")))))
58
59 (define (multiline-string-list? val)
60 (and (list? val)
61 (and-map (lambda (x)
62 (and (string? x) (not (string-index x #\space))))
63 val)))
64 (define (serialize-multiline-string-list field-name val)
65 (for-each (lambda (str) (serialize-field field-name str)) val))
66
67 (define (space-separated-symbol-list? val)
68 (and (list? val) (and-map symbol? val)))
69 (define (serialize-space-separated-symbol-list field-name val)
70 (serialize-field field-name (string-join (map symbol->string val) " ")))
71
72 (define (non-negative-integer? val)
73 (and (exact-integer? val) (not (negative? val))))
74 (define (serialize-non-negative-integer field-name val)
75 (serialize-field field-name val))
76
77 (define-syntax define-enumerated-field-type
78 (lambda (x)
79 (define (id-append ctx . parts)
80 (datum->syntax ctx (apply symbol-append (map syntax->datum parts))))
81 (syntax-case x ()
82 ((_ name (option ...))
83 #`(begin
84 (define (#,(id-append #'name #'name #'?) x)
85 (memq x '(option ...)))
86 (define (#,(id-append #'name #'serialize- #'name) field-name val)
87 (serialize-field field-name val)))))))
88
89 (define-enumerated-field-type access-log-level
90 (config actions all))
91 (define-enumerated-field-type browse-local-protocols
92 (all dnssd none))
93 (define-enumerated-field-type default-auth-type
94 (Basic Negotiate))
95 (define-enumerated-field-type default-encryption
96 (Never IfRequested Required))
97 (define-enumerated-field-type error-policy
98 (abort-job retry-job retry-this-job stop-printer))
99 (define-enumerated-field-type log-level
100 (none emerg alert crit error warn notice info debug debug2))
101 (define-enumerated-field-type log-time-format
102 (standard usecs))
103 (define-enumerated-field-type server-tokens
104 (None ProductOnly Major Minor Minimal OS Full))
105 (define-enumerated-field-type method
106 (DELETE GET HEAD OPTIONS POST PUT TRACE))
107 (define-enumerated-field-type sandboxing
108 (relaxed strict))
109
110 (define (method-list? val)
111 (and (list? val) (and-map method? val)))
112 (define (serialize-method-list field-name val)
113 (serialize-field field-name (string-join (map symbol->string val) " ")))
114
115 (define (host-name-lookups? val)
116 (memq val '(#f #t 'double)))
117 (define (serialize-host-name-lookups field-name val)
118 (serialize-field field-name
119 (match val (#f "No") (#t "Yes") ('double "Double"))))
120
121 (define (host-name-list-or-*? x)
122 (or (eq? x '*)
123 (and (list? x) (and-map string? x))))
124 (define (serialize-host-name-list-or-* field-name val)
125 (serialize-field field-name (match val
126 ('* '*)
127 (names (string-join names " ")))))
128
129 (define (boolean-or-non-negative-integer? x)
130 (or (boolean? x) (non-negative-integer? x)))
131 (define (serialize-boolean-or-non-negative-integer field-name x)
132 (if (boolean? x)
133 (serialize-boolean field-name x)
134 (serialize-non-negative-integer field-name x)))
135
136 (define (ssl-options? x)
137 (and (list? x)
138 (and-map (lambda (elt) (memq elt '(AllowRC4 AllowSSL3))) x)))
139 (define (serialize-ssl-options field-name val)
140 (serialize-field field-name
141 (match val
142 (() "None")
143 (opts (string-join (map symbol->string opts) " ")))))
144
145 (define (serialize-access-control x)
146 (display x)
147 (newline))
148 (define (serialize-access-control-list field-name val)
149 (for-each serialize-access-control val))
150 (define (access-control-list? val)
151 (and (list? val) (and-map string? val)))
152
153 (define-configuration operation-access-control
154 (operations
155 (space-separated-symbol-list '())
156 "IPP operations to which this access control applies.")
157 (access-controls
158 (access-control-list '())
159 "Access control directives, as a list of strings. Each string should be one directive, such as \"Order allow,deny\"."))
160
161 (define-configuration method-access-control
162 (reverse?
163 (boolean #f)
164 "If @code{#t}, apply access controls to all methods except the listed
165 methods. Otherwise apply to only the listed methods.")
166 (methods
167 (method-list '())
168 "Methods to which this access control applies.")
169 (access-controls
170 (access-control-list '())
171 "Access control directives, as a list of strings. Each string should be one directive, such as \"Order allow,deny\"."))
172
173 (define (serialize-operation-access-control x)
174 (format #t "<Limit ~a>\n"
175 (string-join (map symbol->string
176 (operation-access-control-operations x)) " "))
177 (serialize-configuration
178 x
179 (filter (lambda (field)
180 (not (eq? (configuration-field-name field) 'operations)))
181 operation-access-control-fields))
182 (format #t "</Limit>\n"))
183
184 (define (serialize-method-access-control x)
185 (let ((limit (if (method-access-control-reverse? x) "LimitExcept" "Limit")))
186 (format #t "<~a ~a>\n" limit
187 (string-join (map symbol->string
188 (method-access-control-methods x)) " "))
189 (serialize-configuration
190 x
191 (filter (lambda (field)
192 (case (configuration-field-name field)
193 ((reverse? methods) #f)
194 (else #t)))
195 method-access-control-fields))
196 (format #t "</~a>\n" limit)))
197
198 (define (operation-access-control-list? val)
199 (and (list? val) (and-map operation-access-control? val)))
200 (define (serialize-operation-access-control-list field-name val)
201 (for-each serialize-operation-access-control val))
202
203 (define (method-access-control-list? val)
204 (and (list? val) (and-map method-access-control? val)))
205 (define (serialize-method-access-control-list field-name val)
206 (for-each serialize-method-access-control val))
207
208 (define-configuration location-access-control
209 (path
210 (file-name (configuration-missing-field 'location-access-control 'path))
211 "Specifies the URI path to which the access control applies.")
212 (access-controls
213 (access-control-list '())
214 "Access controls for all access to this path, in the same format as the
215 @code{access-controls} of @code{operation-access-control}.")
216 (method-access-controls
217 (method-access-control-list '())
218 "Access controls for method-specific access to this path."))
219
220 (define (serialize-location-access-control x)
221 (format #t "<Location ~a>\n" (location-access-control-path x))
222 (serialize-configuration
223 x
224 (filter (lambda (field)
225 (not (eq? (configuration-field-name field) 'path)))
226 location-access-control-fields))
227 (format #t "</Location>\n"))
228
229 (define (location-access-control-list? val)
230 (and (list? val) (and-map location-access-control? val)))
231 (define (serialize-location-access-control-list field-name val)
232 (for-each serialize-location-access-control val))
233
234 (define-configuration policy-configuration
235 (name
236 (string (configuration-missing-field 'policy-configuration 'name))
237 "Name of the policy.")
238 (job-private-access
239 (string "@OWNER @SYSTEM")
240 "Specifies an access list for a job's private values. @code{@@ACL} maps to
241 the printer's requesting-user-name-allowed or requesting-user-name-denied
242 values. @code{@@OWNER} maps to the job's owner. @code{@@SYSTEM} maps to the
243 groups listed for the @code{system-group} field of the @code{files-config}
244 configuration, which is reified into the @code{cups-files.conf(5)} file.
245 Other possible elements of the access list include specific user names, and
246 @code{@@@var{group}} to indicate members of a specific group. The access list
247 may also be simply @code{all} or @code{default}.")
248 (job-private-values
249 (string (string-join '("job-name" "job-originating-host-name"
250 "job-originating-user-name" "phone")))
251 "Specifies the list of job values to make private, or @code{all},
252 @code{default}, or @code{none}.")
253
254 (subscription-private-access
255 (string "@OWNER @SYSTEM")
256 "Specifies an access list for a subscription's private values.
257 @code{@@ACL} maps to the printer's requesting-user-name-allowed or
258 requesting-user-name-denied values. @code{@@OWNER} maps to the job's owner.
259 @code{@@SYSTEM} maps to the groups listed for the @code{system-group} field of
260 the @code{files-config} configuration, which is reified into the
261 @code{cups-files.conf(5)} file. Other possible elements of the access list
262 include specific user names, and @code{@@@var{group}} to indicate members of a
263 specific group. The access list may also be simply @code{all} or
264 @code{default}.")
265 (subscription-private-values
266 (string (string-join '("notify-events" "notify-pull-method"
267 "notify-recipient-uri" "notify-subscriber-user-name"
268 "notify-user-data")
269 " "))
270 "Specifies the list of job values to make private, or @code{all},
271 @code{default}, or @code{none}.")
272
273 (access-controls
274 (operation-access-control-list '())
275 "Access control by IPP operation."))
276
277 (define (serialize-policy-configuration x)
278 (format #t "<Policy ~a>\n" (policy-configuration-name x))
279 (serialize-configuration
280 x
281 (filter (lambda (field)
282 (not (eq? (configuration-field-name field) 'name)))
283 policy-configuration-fields))
284 (format #t "</Policy>\n"))
285
286 (define (policy-configuration-list? x)
287 (and (list? x) (and-map policy-configuration? x)))
288 (define (serialize-policy-configuration-list field-name x)
289 (for-each serialize-policy-configuration x))
290
291 (define (log-location? x)
292 (or (file-name? x)
293 (eq? x 'stderr)
294 (eq? x 'syslog)))
295 (define (serialize-log-location field-name x)
296 (if (string? x)
297 (serialize-file-name field-name x)
298 (serialize-field field-name x)))
299
300 (define-configuration files-configuration
301 (access-log
302 (log-location "/var/log/cups/access_log")
303 "Defines the access log filename. Specifying a blank filename disables
304 access log generation. The value @code{stderr} causes log entries to be sent
305 to the standard error file when the scheduler is running in the foreground, or
306 to the system log daemon when run in the background. The value @code{syslog}
307 causes log entries to be sent to the system log daemon. The server name may
308 be included in filenames using the string @code{%s}, as in
309 @code{/var/log/cups/%s-access_log}.")
310 (cache-dir
311 (file-name "/var/cache/cups")
312 "Where CUPS should cache data.")
313 (config-file-perm
314 (string "0640")
315 "Specifies the permissions for all configuration files that the scheduler
316 writes.
317
318 Note that the permissions for the printers.conf file are currently masked to
319 only allow access from the scheduler user (typically root). This is done
320 because printer device URIs sometimes contain sensitive authentication
321 information that should not be generally known on the system. There is no way
322 to disable this security feature.")
323 ;; Not specifying data-dir and server-bin options as we handle these
324 ;; manually. For document-root, the CUPS package has that path
325 ;; preconfigured.
326 (error-log
327 (log-location "/var/log/cups/error_log")
328 "Defines the error log filename. Specifying a blank filename disables
329 access log generation. The value @code{stderr} causes log entries to be sent
330 to the standard error file when the scheduler is running in the foreground, or
331 to the system log daemon when run in the background. The value @code{syslog}
332 causes log entries to be sent to the system log daemon. The server name may
333 be included in filenames using the string @code{%s}, as in
334 @code{/var/log/cups/%s-error_log}.")
335 (fatal-errors
336 (string "all -browse")
337 "Specifies which errors are fatal, causing the scheduler to exit. The kind
338 strings are:
339 @table @code
340 @item none
341 No errors are fatal.
342 @item all
343 All of the errors below are fatal.
344 @item browse
345 Browsing initialization errors are fatal, for example failed connections to
346 the DNS-SD daemon.
347 @item config
348 Configuration file syntax errors are fatal.
349 @item listen
350 Listen or Port errors are fatal, except for IPv6 failures on the loopback or
351 @code{any} addresses.
352 @item log
353 Log file creation or write errors are fatal.
354 @item permissions
355 Bad startup file permissions are fatal, for example shared TLS certificate and
356 key files with world-read permissions.
357 @end table")
358 (file-device?
359 (boolean #f)
360 "Specifies whether the file pseudo-device can be used for new printer
361 queues. The URI @url{file:///dev/null} is always allowed.")
362 (group
363 (string "lp")
364 "Specifies the group name or ID that will be used when executing external
365 programs.")
366 (log-file-perm
367 (string "0644")
368 "Specifies the permissions for all log files that the scheduler writes.")
369 (page-log
370 (log-location "/var/log/cups/page_log")
371 "Defines the page log filename. Specifying a blank filename disables
372 access log generation. The value @code{stderr} causes log entries to be sent
373 to the standard error file when the scheduler is running in the foreground, or
374 to the system log daemon when run in the background. The value @code{syslog}
375 causes log entries to be sent to the system log daemon. The server name may
376 be included in filenames using the string @code{%s}, as in
377 @code{/var/log/cups/%s-page_log}.")
378 (remote-root
379 (string "remroot")
380 "Specifies the username that is associated with unauthenticated accesses by
381 clients claiming to be the root user. The default is @code{remroot}.")
382 (request-root
383 (file-name "/var/spool/cups")
384 "Specifies the directory that contains print jobs and other HTTP request
385 data.")
386 (sandboxing
387 (sandboxing 'strict)
388 "Specifies the level of security sandboxing that is applied to print
389 filters, backends, and other child processes of the scheduler; either
390 @code{relaxed} or @code{strict}. This directive is currently only
391 used/supported on macOS.")
392 (server-keychain
393 (file-name "/etc/cups/ssl")
394 "Specifies the location of TLS certificates and private keys. CUPS will
395 look for public and private keys in this directory: a @code{.crt} files for
396 PEM-encoded certificates and corresponding @code{.key} files for PEM-encoded
397 private keys.")
398 (server-root
399 (file-name "/etc/cups")
400 "Specifies the directory containing the server configuration files.")
401 (sync-on-close?
402 (boolean #f)
403 "Specifies whether the scheduler calls fsync(2) after writing configuration
404 or state files.")
405 (system-group
406 (space-separated-string-list '("lpadmin" "wheel" "root"))
407 "Specifies the group(s) to use for @code{@@SYSTEM} group authentication.")
408 (temp-dir
409 (file-name "/var/spool/cups/tmp")
410 "Specifies the directory where temporary files are stored.")
411 (user
412 (string "lp")
413 "Specifies the user name or ID that is used when running external
414 programs."))
415
416 (define (serialize-files-configuration field-name val)
417 #f)
418
419 (define (environment-variables? vars)
420 (space-separated-string-list? vars))
421 (define (serialize-environment-variables field-name vars)
422 (unless (null? vars)
423 (serialize-space-separated-string-list field-name vars)))
424
425 (define (package-list? val)
426 (and (list? val) (and-map package? val)))
427 (define (serialize-package-list field-name val)
428 #f)
429
430 (define-configuration cups-configuration
431 (cups
432 (package cups)
433 "The CUPS package.")
434 (extensions
435 (package-list (list cups-filters))
436 "Drivers and other extensions to the CUPS package.")
437 (files-configuration
438 (files-configuration (files-configuration))
439 "Configuration of where to write logs, what directories to use for print
440 spools, and related privileged configuration parameters.")
441 (access-log-level
442 (access-log-level 'actions)
443 "Specifies the logging level for the AccessLog file. The @code{config}
444 level logs when printers and classes are added, deleted, or modified and when
445 configuration files are accessed or updated. The @code{actions} level logs
446 when print jobs are submitted, held, released, modified, or canceled, and any
447 of the conditions for @code{config}. The @code{all} level logs all
448 requests.")
449 (auto-purge-jobs?
450 (boolean #f)
451 "Specifies whether to purge job history data automatically when it is no
452 longer required for quotas.")
453 (browse-local-protocols
454 (browse-local-protocols 'dnssd)
455 "Specifies which protocols to use for local printer sharing.")
456 (browse-web-if?
457 (boolean #f)
458 "Specifies whether the CUPS web interface is advertised.")
459 (browsing?
460 (boolean #f)
461 "Specifies whether shared printers are advertised.")
462 (classification
463 (string "")
464 "Specifies the security classification of the server.
465 Any valid banner name can be used, including \"classified\", \"confidential\",
466 \"secret\", \"topsecret\", and \"unclassified\", or the banner can be omitted
467 to disable secure printing functions.")
468 (classify-override?
469 (boolean #f)
470 "Specifies whether users may override the classification (cover page) of
471 individual print jobs using the @code{job-sheets} option.")
472 (default-auth-type
473 (default-auth-type 'Basic)
474 "Specifies the default type of authentication to use.")
475 (default-encryption
476 (default-encryption 'Required)
477 "Specifies whether encryption will be used for authenticated requests.")
478 (default-language
479 (string "en")
480 "Specifies the default language to use for text and web content.")
481 (default-paper-size
482 (string "Auto")
483 "Specifies the default paper size for new print queues. @samp{\"Auto\"}
484 uses a locale-specific default, while @samp{\"None\"} specifies there is no
485 default paper size. Specific size names are typically @samp{\"Letter\"} or
486 @samp{\"A4\"}.")
487 (default-policy
488 (string "default")
489 "Specifies the default access policy to use.")
490 (default-shared?
491 (boolean #t)
492 "Specifies whether local printers are shared by default.")
493 (dirty-clean-interval
494 (non-negative-integer 30)
495 "Specifies the delay for updating of configuration and state files, in
496 seconds. A value of 0 causes the update to happen as soon as possible,
497 typically within a few milliseconds.")
498 (error-policy
499 (error-policy 'stop-printer)
500 "Specifies what to do when an error occurs. Possible values are
501 @code{abort-job}, which will discard the failed print job; @code{retry-job},
502 which will retry the job at a later time; @code{retry-this-job}, which retries
503 the failed job immediately; and @code{stop-printer}, which stops the
504 printer.")
505 (filter-limit
506 (non-negative-integer 0)
507 "Specifies the maximum cost of filters that are run concurrently, which can
508 be used to minimize disk, memory, and CPU resource problems. A limit of 0
509 disables filter limiting. An average print to a non-PostScript printer needs
510 a filter limit of about 200. A PostScript printer needs about half
511 that (100). Setting the limit below these thresholds will effectively limit
512 the scheduler to printing a single job at any time.")
513 (filter-nice
514 (non-negative-integer 0)
515 "Specifies the scheduling priority of filters that are run to print a job.
516 The nice value ranges from 0, the highest priority, to 19, the lowest
517 priority.")
518 ;; Add this option if the package is built with Kerberos support.
519 ;; (gss-service-name
520 ;; (string "http")
521 ;; "Specifies the service name when using Kerberos authentication.")
522 (host-name-lookups
523 (host-name-lookups #f)
524 "Specifies whether to do reverse lookups on connecting clients.
525 The @code{double} setting causes @code{cupsd} to verify that the hostname
526 resolved from the address matches one of the addresses returned for that
527 hostname. Double lookups also prevent clients with unregistered addresses
528 from connecting to your server. Only set this option to @code{#t} or
529 @code{double} if absolutely required.")
530 ;; Add this option if the package is built with launchd/systemd support.
531 ;; (idle-exit-timeout
532 ;; (non-negative-integer 60)
533 ;; "Specifies the length of time to wait before shutting down due to
534 ;; inactivity. Note: Only applicable when @code{cupsd} is run on-demand
535 ;; (e.g., with @code{-l}).")
536 (job-kill-delay
537 (non-negative-integer 30)
538 "Specifies the number of seconds to wait before killing the filters and
539 backend associated with a canceled or held job.")
540 (job-retry-interval
541 (non-negative-integer 30)
542 "Specifies the interval between retries of jobs in seconds. This is
543 typically used for fax queues but can also be used with normal print queues
544 whose error policy is @code{retry-job} or @code{retry-current-job}.")
545 (job-retry-limit
546 (non-negative-integer 5)
547 "Specifies the number of retries that are done for jobs. This is typically
548 used for fax queues but can also be used with normal print queues whose error
549 policy is @code{retry-job} or @code{retry-current-job}.")
550 (keep-alive?
551 (boolean #t)
552 "Specifies whether to support HTTP keep-alive connections.")
553 (keep-alive-timeout
554 (non-negative-integer 30)
555 "Specifies how long an idle client connection remains open, in seconds.")
556 (limit-request-body
557 (non-negative-integer 0)
558 "Specifies the maximum size of print files, IPP requests, and HTML form
559 data. A limit of 0 disables the limit check.")
560 (listen
561 (multiline-string-list '("localhost:631" "/var/run/cups/cups.sock"))
562 "Listens on the specified interfaces for connections. Valid values are of
563 the form @var{address}:@var{port}, where @var{address} is either an IPv6
564 address enclosed in brackets, an IPv4 address, or @code{*} to indicate all
565 addresses. Values can also be file names of local UNIX domain sockets. The
566 Listen directive is similar to the Port directive but allows you to restrict
567 access to specific interfaces or networks.")
568 (listen-back-log
569 (non-negative-integer 128)
570 "Specifies the number of pending connections that will be allowed. This
571 normally only affects very busy servers that have reached the MaxClients
572 limit, but can also be triggered by large numbers of simultaneous connections.
573 When the limit is reached, the operating system will refuse additional
574 connections until the scheduler can accept the pending ones.")
575 (location-access-controls
576 (location-access-control-list
577 (list (location-access-control
578 (path "/")
579 (access-controls '("Order allow,deny"
580 "Allow localhost")))
581 (location-access-control
582 (path "/admin")
583 (access-controls '("Order allow,deny"
584 "Allow localhost")))
585 (location-access-control
586 (path "/admin/conf")
587 (access-controls '("Order allow,deny"
588 "AuthType Basic"
589 "Require user @SYSTEM"
590 "Allow localhost")))))
591 "Specifies a set of additional access controls.")
592 (log-debug-history
593 (non-negative-integer 100)
594 "Specifies the number of debugging messages that are retained for logging
595 if an error occurs in a print job. Debug messages are logged regardless of
596 the LogLevel setting.")
597 (log-level
598 (log-level 'info)
599 "Specifies the level of logging for the ErrorLog file. The value
600 @code{none} stops all logging while @code{debug2} logs everything.")
601 (log-time-format
602 (log-time-format 'standard)
603 "Specifies the format of the date and time in the log files. The value
604 @code{standard} logs whole seconds while @code{usecs} logs microseconds.")
605 (max-clients
606 (non-negative-integer 100)
607 "Specifies the maximum number of simultaneous clients that are allowed by
608 the scheduler.")
609 (max-clients-per-host
610 (non-negative-integer 100)
611 "Specifies the maximum number of simultaneous clients that are allowed from
612 a single address.")
613 (max-copies
614 (non-negative-integer 9999)
615 "Specifies the maximum number of copies that a user can print of each
616 job.")
617 (max-hold-time
618 (non-negative-integer 0)
619 "Specifies the maximum time a job may remain in the @code{indefinite} hold
620 state before it is canceled. A value of 0 disables cancellation of held
621 jobs.")
622 (max-jobs
623 (non-negative-integer 500)
624 "Specifies the maximum number of simultaneous jobs that are allowed. Set
625 to 0 to allow an unlimited number of jobs.")
626 (max-jobs-per-printer
627 (non-negative-integer 0)
628 "Specifies the maximum number of simultaneous jobs that are allowed per
629 printer. A value of 0 allows up to MaxJobs jobs per printer.")
630 (max-jobs-per-user
631 (non-negative-integer 0)
632 "Specifies the maximum number of simultaneous jobs that are allowed per
633 user. A value of 0 allows up to MaxJobs jobs per user.")
634 (max-job-time
635 (non-negative-integer 10800)
636 "Specifies the maximum time a job may take to print before it is canceled,
637 in seconds. Set to 0 to disable cancellation of \"stuck\" jobs.")
638 (max-log-size
639 (non-negative-integer 1048576)
640 "Specifies the maximum size of the log files before they are rotated, in
641 bytes. The value 0 disables log rotation.")
642 (multiple-operation-timeout
643 (non-negative-integer 300)
644 "Specifies the maximum amount of time to allow between files in a multiple
645 file print job, in seconds.")
646 (page-log-format
647 (string "")
648 "Specifies the format of PageLog lines. Sequences beginning with
649 percent (@samp{%}) characters are replaced with the corresponding information,
650 while all other characters are copied literally. The following percent
651 sequences are recognized:
652
653 @table @samp
654 @item %%
655 insert a single percent character
656 @item %@{name@}
657 insert the value of the specified IPP attribute
658 @item %C
659 insert the number of copies for the current page
660 @item %P
661 insert the current page number
662 @item %T
663 insert the current date and time in common log format
664 @item %j
665 insert the job ID
666 @item %p
667 insert the printer name
668 @item %u
669 insert the username
670 @end table
671
672 A value of the empty string disables page logging. The string @code{%p %u %j
673 %T %P %C %@{job-billing@} %@{job-originating-host-name@} %@{job-name@}
674 %@{media@} %@{sides@}} creates a page log with the standard items.")
675 (environment-variables
676 (environment-variables '())
677 "Passes the specified environment variable(s) to child processes; a list of
678 strings.")
679 (policies
680 (policy-configuration-list
681 (list (policy-configuration
682 (name "default")
683 (access-controls
684 (list
685 (operation-access-control
686 (operations
687 '(Send-Document
688 Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs
689 Cancel-Job Close-Job Cancel-My-Jobs Set-Job-Attributes
690 Create-Job-Subscription Renew-Subscription
691 Cancel-Subscription Get-Notifications
692 Reprocess-Job Cancel-Current-Job Suspend-Current-Job
693 Resume-Job CUPS-Move-Job Validate-Job
694 CUPS-Get-Document))
695 (access-controls '("Require user @OWNER @SYSTEM"
696 "Order deny,allow")))
697 (operation-access-control
698 (operations
699 '(Pause-Printer
700 Cancel-Jobs
701 Resume-Printer Set-Printer-Attributes Enable-Printer
702 Disable-Printer Pause-Printer-After-Current-Job
703 Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer
704 Activate-Printer Restart-Printer Shutdown-Printer
705 Startup-Printer Promote-Job Schedule-Job-After
706 CUPS-Authenticate-Job CUPS-Add-Printer
707 CUPS-Delete-Printer CUPS-Add-Class CUPS-Delete-Class
708 CUPS-Accept-Jobs CUPS-Reject-Jobs CUPS-Set-Default))
709 (access-controls '("AuthType Basic"
710 "Require user @SYSTEM"
711 "Order deny,allow")))
712 (operation-access-control
713 (operations '(All))
714 (access-controls '("Order deny,allow"))))))))
715 "Specifies named access control policies.")
716 #;
717 (port
718 (non-negative-integer 631)
719 "Listens to the specified port number for connections.")
720 (preserve-job-files
721 (boolean-or-non-negative-integer 86400)
722 "Specifies whether job files (documents) are preserved after a job is
723 printed. If a numeric value is specified, job files are preserved for the
724 indicated number of seconds after printing. Otherwise a boolean value applies
725 indefinitely.")
726 (preserve-job-history
727 (boolean-or-non-negative-integer #t)
728 "Specifies whether the job history is preserved after a job is printed.
729 If a numeric value is specified, the job history is preserved for the
730 indicated number of seconds after printing. If @code{#t}, the job history is
731 preserved until the MaxJobs limit is reached.")
732 (reload-timeout
733 (non-negative-integer 30)
734 "Specifies the amount of time to wait for job completion before restarting
735 the scheduler.")
736 (rip-cache
737 (string "128m")
738 "Specifies the maximum amount of memory to use when converting documents into bitmaps for a printer.")
739 (server-admin
740 (string "root@localhost.localdomain")
741 "Specifies the email address of the server administrator.")
742 (server-alias
743 (host-name-list-or-* '*)
744 "The ServerAlias directive is used for HTTP Host header validation when
745 clients connect to the scheduler from external interfaces. Using the special
746 name @code{*} can expose your system to known browser-based DNS rebinding
747 attacks, even when accessing sites through a firewall. If the auto-discovery
748 of alternate names does not work, we recommend listing each alternate name
749 with a ServerAlias directive instead of using @code{*}.")
750 (server-name
751 (string "localhost")
752 "Specifies the fully-qualified host name of the server.")
753 (server-tokens
754 (server-tokens 'Minimal)
755 "Specifies what information is included in the Server header of HTTP
756 responses. @code{None} disables the Server header. @code{ProductOnly}
757 reports @code{CUPS}. @code{Major} reports @code{CUPS 2}. @code{Minor}
758 reports @code{CUPS 2.0}. @code{Minimal} reports @code{CUPS 2.0.0}. @code{OS}
759 reports @code{CUPS 2.0.0 (@var{uname})} where @var{uname} is the output of the
760 @code{uname} command. @code{Full} reports @code{CUPS 2.0.0 (@var{uname})
761 IPP/2.0}.")
762 (set-env
763 (string "variable value")
764 "Set the specified environment variable to be passed to child processes.")
765 (ssl-listen
766 (multiline-string-list '())
767 "Listens on the specified interfaces for encrypted connections. Valid
768 values are of the form @var{address}:@var{port}, where @var{address} is either
769 an IPv6 address enclosed in brackets, an IPv4 address, or @code{*} to indicate
770 all addresses.")
771 (ssl-options
772 (ssl-options '())
773 "Sets encryption options.
774 By default, CUPS only supports encryption using TLS v1.0 or higher using known
775 secure cipher suites. The @code{AllowRC4} option enables the 128-bit RC4
776 cipher suites, which are required for some older clients that do not implement
777 newer ones. The @code{AllowSSL3} option enables SSL v3.0, which is required
778 for some older clients that do not support TLS v1.0.")
779 #;
780 (ssl-port
781 (non-negative-integer 631)
782 "Listens on the specified port for encrypted connections.")
783 (strict-conformance?
784 (boolean #f)
785 "Specifies whether the scheduler requires clients to strictly adhere to the
786 IPP specifications.")
787 (timeout
788 (non-negative-integer 300)
789 "Specifies the HTTP request timeout, in seconds.")
790 (web-interface?
791 (boolean #f)
792 "Specifies whether the web interface is enabled."))
793
794 (define-configuration opaque-cups-configuration
795 (cups
796 (package cups)
797 "The CUPS package.")
798 (extensions
799 (package-list '())
800 "Drivers and other extensions to the CUPS package.")
801 (cupsd.conf
802 (string (configuration-missing-field 'opaque-cups-configuration
803 'cupsd.conf))
804 "The contents of the @code{cupsd.conf} to use.")
805 (cups-files.conf
806 (string (configuration-missing-field 'opaque-cups-configuration
807 'cups-files.conf))
808 "The contents of the @code{cups-files.conf} to use."))
809
810 (define %cups-activation
811 ;; Activation gexp.
812 (with-imported-modules '((guix build utils))
813 #~(begin
814 (define (mkdir-p/perms directory owner perms)
815 (mkdir-p directory)
816 (chown "/var/run/cups" (passwd:uid owner) (passwd:gid owner))
817 (chmod directory perms))
818 (define (build-subject parameters)
819 (string-concatenate
820 (map (lambda (pair)
821 (let ((k (car pair)) (v (cdr pair)))
822 (define (escape-char str chr)
823 (string-join (string-split str chr) (string #\\ chr)))
824 (string-append "/" k "="
825 (escape-char (escape-char v #\=) #\/))))
826 (filter (lambda (pair) (cdr pair)) parameters))))
827 (define* (create-self-signed-certificate-if-absent
828 #:key private-key public-key (owner (getpwnam "root"))
829 (common-name (gethostname))
830 (organization-name "GuixSD")
831 (organization-unit-name "Default Self-Signed Certificate")
832 (subject-parameters `(("CN" . ,common-name)
833 ("O" . ,organization-name)
834 ("OU" . ,organization-unit-name)))
835 (subject (build-subject subject-parameters)))
836 ;; Note that by default, OpenSSL outputs keys in PEM format. This
837 ;; is what we want.
838 (unless (file-exists? private-key)
839 (cond
840 ((zero? (system* (string-append #$openssl "/bin/openssl")
841 "genrsa" "-out" private-key "2048"))
842 (chown private-key (passwd:uid owner) (passwd:gid owner))
843 (chmod private-key #o400))
844 (else
845 (format (current-error-port)
846 "Failed to create private key at ~a.\n" private-key))))
847 (unless (file-exists? public-key)
848 (cond
849 ((zero? (system* (string-append #$openssl "/bin/openssl")
850 "req" "-new" "-x509" "-key" private-key
851 "-out" public-key "-days" "3650"
852 "-batch" "-subj" subject))
853 (chown public-key (passwd:uid owner) (passwd:gid owner))
854 (chmod public-key #o444))
855 (else
856 (format (current-error-port)
857 "Failed to create public key at ~a.\n" public-key)))))
858 (let ((user (getpwnam "lp")))
859 (mkdir-p/perms "/var/run/cups" user #o755)
860 (mkdir-p/perms "/var/spool/cups" user #o755)
861 (mkdir-p/perms "/var/spool/cups/tmp" user #o755)
862 (mkdir-p/perms "/var/log/cups" user #o755)
863 (mkdir-p/perms "/etc/cups" user #o755)
864 (mkdir-p/perms "/etc/cups/ssl" user #o700)
865 ;; This certificate is used for HTTPS connections to the CUPS web
866 ;; interface.
867 (create-self-signed-certificate-if-absent
868 #:private-key "/etc/cups/ssl/localhost.key"
869 #:public-key "/etc/cups/ssl/localhost.crt"
870 #:owner (getpwnam "root")
871 #:common-name (format #f "CUPS service on ~a" (gethostname)))))))
872
873 (define (union-directory name packages paths)
874 (computed-file
875 name
876 (with-imported-modules '((guix build utils))
877 #~(begin
878 (use-modules (guix build utils)
879 (srfi srfi-1))
880 (mkdir #$output)
881 (for-each
882 (lambda (package)
883 (for-each
884 (lambda (path)
885 (for-each
886 (lambda (src)
887 (let* ((tail (substring src (string-length package)))
888 (dst (string-append #$output tail)))
889 (mkdir-p (dirname dst))
890 ;; CUPS currently symlinks in some data from cups-filters
891 ;; to its output dir. Probably we should stop doing this
892 ;; and instead rely only on the CUPS service to union the
893 ;; relevant set of CUPS packages.
894 (if (file-exists? dst)
895 (format (current-error-port) "warning: ~a exists\n" dst)
896 (symlink src dst))))
897 (find-files (string-append package path) #:stat stat)))
898 (list #$@paths)))
899 (list #$@packages))
900 #t))))
901
902 (define (cups-server-bin-directory extensions)
903 "Return the CUPS ServerBin directory, containing binaries for CUPS and all
904 extensions that it uses."
905 (union-directory "cups-server-bin" extensions
906 ;; /bin
907 '("/lib/cups" "/share/ppd" "/share/cups")))
908
909 (define (cups-shepherd-service config)
910 "Return a list of <shepherd-service> for CONFIG."
911 (let* ((cupsd.conf-str
912 (cond
913 ((opaque-cups-configuration? config)
914 (opaque-cups-configuration-cupsd.conf config))
915 (else
916 (with-output-to-string
917 (lambda ()
918 (serialize-configuration config
919 cups-configuration-fields))))))
920 (cups-files.conf-str
921 (cond
922 ((opaque-cups-configuration? config)
923 (opaque-cups-configuration-cups-files.conf config))
924 (else
925 (with-output-to-string
926 (lambda ()
927 (serialize-configuration
928 (cups-configuration-files-configuration config)
929 files-configuration-fields))))))
930 (cups (if (opaque-cups-configuration? config)
931 (opaque-cups-configuration-cups config)
932 (cups-configuration-cups config)))
933 (server-bin
934 (cups-server-bin-directory
935 (cons cups
936 (cond
937 ((opaque-cups-configuration? config)
938 (opaque-cups-configuration-extensions config))
939 (else
940 (cups-configuration-extensions config))))))
941 ;;"SetEnv PATH " server-bin "/bin" "\n"
942 (cupsd.conf
943 (plain-file "cupsd.conf" cupsd.conf-str))
944 (cups-files.conf
945 (mixed-text-file
946 "cups-files.conf"
947 cups-files.conf-str
948 "CacheDir /var/cache/cups\n"
949 "StateDir /var/run/cups\n"
950 "DataDir " server-bin "/share/cups" "\n"
951 "ServerBin " server-bin "/lib/cups" "\n")))
952 (list (shepherd-service
953 (documentation "Run the CUPS print server.")
954 (provision '(cups))
955 (requirement '(networking))
956 (start #~(make-forkexec-constructor
957 (list (string-append #$cups "/sbin/cupsd")
958 "-f" "-c" #$cupsd.conf "-s" #$cups-files.conf)))
959 (stop #~(make-kill-destructor))))))
960
961 (define cups-service-type
962 (service-type (name 'cups)
963 (extensions
964 (list (service-extension shepherd-root-service-type
965 cups-shepherd-service)
966 (service-extension activation-service-type
967 (const %cups-activation))
968 (service-extension account-service-type
969 (const %cups-accounts))))
970
971 ;; Extensions consist of lists of packages (representing CUPS
972 ;; drivers, etc) that we just concatenate.
973 (compose append)
974
975 ;; Add extension packages by augmenting the cups-configuration
976 ;; 'extensions' field.
977 (extend
978 (lambda (config extensions)
979 (cond
980 ((cups-configuration? config)
981 (cups-configuration
982 (inherit config)
983 (extensions
984 (append (cups-configuration-extensions config)
985 extensions))))
986 (else
987 (opaque-cups-configuration
988 (inherit config)
989 (extensions
990 (append (opaque-cups-configuration-extensions config)
991 extensions)))))))))
992
993 ;; A little helper to make it easier to document all those fields.
994 (define (generate-cups-documentation)
995 (generate-documentation
996 `((cups-configuration
997 ,cups-configuration-fields
998 (files-configuration files-configuration)
999 (policies policy-configuration)
1000 (location-access-controls location-access-controls))
1001 (files-configuration ,files-configuration-fields)
1002 (policy-configuration
1003 ,policy-configuration-fields
1004 (operation-access-controls operation-access-controls))
1005 (location-access-controls
1006 ,location-access-control-fields
1007 (method-access-controls method-access-controls))
1008 (operation-access-controls ,operation-access-control-fields)
1009 (method-access-controls ,method-access-control-fields))
1010 'cups-configuration))