X-Git-Url: https://git.hcoop.net/jackhill/guix/guix.git/blobdiff_plain/74288230ea8b2310495dc2739f39ceadcc143fd0..bb124f6e9c0af0a23736f233c2ea2c9c9b4a40a6:/gnu/services/cuirass.scm diff --git a/gnu/services/cuirass.scm b/gnu/services/cuirass.scm index c15a846bad..a50f583807 100644 --- a/gnu/services/cuirass.scm +++ b/gnu/services/cuirass.scm @@ -1,10 +1,14 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2016 Mathieu Lirzin -;;; Copyright © 2016, 2017 Ludovic Courtès +;;; Copyright © 2016, 2017, 2018, 2019, 2020 Ludovic Courtès +;;; Copyright © 2017 Mathieu Othacehe +;;; Copyright © 2017 Jan Nieuwenhuizen +;;; Copyright © 2018, 2019 Ricardo Wurmus +;;; Copyright © 2018 Clément Lassieur ;;; ;;; This file is part of GNU Guix. ;;; -;;; GNU Guix is free software: you can redistribute it and/or modify +;;; GNU Guix is free software; you can redistribute it and/or modify ;;; it under the terms of the GNU General Public License as published by ;;; the Free Software Foundation, either version 3 of the License, or ;;; (at your option) any later version. @@ -21,10 +25,12 @@ #:use-module (guix gexp) #:use-module (guix records) #:use-module (gnu packages admin) - #:autoload (gnu packages ci) (cuirass) + #:use-module (gnu packages ci) + #:use-module (gnu packages version-control) #:use-module (gnu services) #:use-module (gnu services base) #:use-module (gnu services shepherd) + #:use-module (gnu services admin) #:use-module (gnu system shadow) #:export ( cuirass-configuration @@ -46,8 +52,17 @@ (default cuirass)) (log-file cuirass-configuration-log-file ;string (default "/var/log/cuirass.log")) + (web-log-file cuirass-configuration-web-log-file ;string + (default "/var/log/cuirass-web.log")) + (queries-log-file cuirass-configuration-queries-log-file ;string + (default #f)) + (web-queries-log-file + cuirass-configuration-web-queries-log-file ;string + (default #f)) (cache-directory cuirass-configuration-cache-directory ;string (dir-name) (default "/var/cache/cuirass")) + (ttl cuirass-configuration-ttl ;integer + (default (* 30 24 3600))) (user cuirass-configuration-user ;string (default "cuirass")) (group cuirass-configuration-group ;string @@ -55,45 +70,100 @@ (interval cuirass-configuration-interval ;integer (seconds) (default 60)) (database cuirass-configuration-database ;string (file-name) - (default "/var/run/cuirass/cuirass.db")) + (default "/var/lib/cuirass/cuirass.db")) + (port cuirass-configuration-port ;integer (port) + (default 8081)) + (host cuirass-configuration-host ;string + (default "localhost")) (specifications cuirass-configuration-specifications) ;gexp that evaluates to specification-alist (use-substitutes? cuirass-configuration-use-substitutes? ;boolean (default #f)) (one-shot? cuirass-configuration-one-shot? ;boolean - (default #f))) + (default #f)) + (fallback? cuirass-configuration-fallback? ;boolean + (default #f)) + (extra-options cuirass-configuration-extra-options + (default '()))) (define (cuirass-shepherd-service config) "Return a for the Cuirass service with CONFIG." - (and - (cuirass-configuration? config) - (let ((cuirass (cuirass-configuration-cuirass config)) - (cache-directory (cuirass-configuration-cache-directory config)) - (log-file (cuirass-configuration-log-file config)) - (user (cuirass-configuration-user config)) - (group (cuirass-configuration-group config)) - (interval (cuirass-configuration-interval config)) - (database (cuirass-configuration-database config)) - (specs (cuirass-configuration-specifications config)) - (use-substitutes? (cuirass-configuration-use-substitutes? config)) - (one-shot? (cuirass-configuration-one-shot? config))) - (list (shepherd-service - (documentation "Run Cuirass.") - (provision '(cuirass)) - (requirement '(guix-daemon)) - (start #~(make-forkexec-constructor - (list (string-append #$cuirass "/bin/cuirass") - "--cache-directory" #$cache-directory - "--specifications" - #$(scheme-file "cuirass-specs.scm" specs) - "--database" #$database - "--interval" #$(number->string interval) - #$@(if use-substitutes? '("--use-substitutes") '()) - #$@(if one-shot? '("--one-shot") '())) - #:user #$user - #:group #$group - #:log-file #$log-file)) - (stop #~(make-kill-destructor))))))) + (let ((cuirass (cuirass-configuration-cuirass config)) + (cache-directory (cuirass-configuration-cache-directory config)) + (web-log-file (cuirass-configuration-web-log-file config)) + (log-file (cuirass-configuration-log-file config)) + (queries-log-file (cuirass-configuration-queries-log-file config)) + (web-queries-log-file + (cuirass-configuration-web-queries-log-file config)) + (user (cuirass-configuration-user config)) + (group (cuirass-configuration-group config)) + (interval (cuirass-configuration-interval config)) + (database (cuirass-configuration-database config)) + (ttl (cuirass-configuration-ttl config)) + (port (cuirass-configuration-port config)) + (host (cuirass-configuration-host config)) + (specs (cuirass-configuration-specifications config)) + (use-substitutes? (cuirass-configuration-use-substitutes? config)) + (one-shot? (cuirass-configuration-one-shot? config)) + (fallback? (cuirass-configuration-fallback? config)) + (extra-options (cuirass-configuration-extra-options config))) + (list (shepherd-service + (documentation "Run Cuirass.") + (provision '(cuirass)) + (requirement '(guix-daemon networking)) + (start #~(make-forkexec-constructor + (list (string-append #$cuirass "/bin/cuirass") + "--cache-directory" #$cache-directory + "--specifications" + #$(scheme-file "cuirass-specs.scm" specs) + "--database" #$database + "--ttl" #$(string-append (number->string ttl) "s") + "--interval" #$(number->string interval) + #$@(if queries-log-file + (list (string-append "--log-queries=" + queries-log-file)) + '()) + #$@(if use-substitutes? '("--use-substitutes") '()) + #$@(if one-shot? '("--one-shot") '()) + #$@(if fallback? '("--fallback") '()) + #$@extra-options) + + #:environment-variables + (list "GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt" + (string-append "GIT_EXEC_PATH=" #$git + "/libexec/git-core")) + + #:user #$user + #:group #$group + #:log-file #$log-file)) + (stop #~(make-kill-destructor))) + (shepherd-service + (documentation "Run Cuirass web interface.") + (provision '(cuirass-web)) + (requirement '(guix-daemon networking)) + (start #~(make-forkexec-constructor + (list (string-append #$cuirass "/bin/cuirass") + "--cache-directory" #$cache-directory + "--specifications" + #$(scheme-file "cuirass-specs.scm" specs) + "--database" #$database + "--ttl" #$(string-append (number->string ttl) "s") + "--web" + "--port" #$(number->string port) + "--listen" #$host + "--interval" #$(number->string interval) + #$@(if web-queries-log-file + (list (string-append "--log-queries=" + web-queries-log-file)) + '()) + #$@(if use-substitutes? '("--use-substitutes") '()) + #$@(if fallback? '("--fallback") '()) + #$@extra-options) + + #:user #$user + #:group #$group + #:log-file #$web-log-file)) + (stop #~(make-kill-destructor)))))) (define (cuirass-account config) "Return the user accounts and user groups for CONFIG." @@ -107,14 +177,18 @@ (group cuirass-group) (system? #t) (comment "Cuirass privilege separation user") - (home-directory (string-append "/var/run/" cuirass-user)) - (shell #~(string-append #$shadow "/sbin/nologin")))))) + (home-directory (string-append "/var/lib/" cuirass-user)) + (shell (file-append shadow "/sbin/nologin")))))) (define (cuirass-activation config) "Return the activation code for CONFIG." (let ((cache (cuirass-configuration-cache-directory config)) (db (dirname (cuirass-configuration-database config))) (user (cuirass-configuration-user config)) + (log "/var/log/cuirass") + (queries-log-file (cuirass-configuration-queries-log-file config)) + (web-queries-log-file + (cuirass-configuration-web-queries-log-file config)) (group (cuirass-configuration-group config))) (with-imported-modules '((guix build utils)) #~(begin @@ -122,11 +196,39 @@ (mkdir-p #$cache) (mkdir-p #$db) + (mkdir-p #$log) (let ((uid (passwd:uid (getpw #$user))) (gid (group:gid (getgr #$group)))) (chown #$cache uid gid) - (chown #$db uid gid)))))) + (chown #$db uid gid) + (chown #$log uid gid) + + (let ((queries-log-file #$queries-log-file)) + (when queries-log-file + (call-with-output-file queries-log-file (const #t)) + (chown #$queries-log-file uid gid))) + + (let ((web-queries-log-file #$web-queries-log-file)) + (when web-queries-log-file + (call-with-output-file web-queries-log-file (const #t)) + (chown web-queries-log-file uid gid)))))))) + +(define (cuirass-log-rotations config) + "Return the list of log rotations that corresponds to CONFIG." + (let ((queries-log-file (cuirass-configuration-queries-log-file config)) + (web-queries-log-file + (cuirass-configuration-web-queries-log-file config))) + (list (log-rotation + (files `(,(cuirass-configuration-log-file config) + ,@(if queries-log-file + (list queries-log-file) + '()) + ,@(if web-queries-log-file + (list web-queries-log-file) + '()))) + (frequency 'weekly) + (options '("rotate 40")))))) ;worth keeping (define cuirass-service-type (service-type @@ -135,7 +237,10 @@ (list (service-extension profile-service-type ;for 'info cuirass' (compose list cuirass-configuration-cuirass)) + (service-extension rottlog-service-type cuirass-log-rotations) (service-extension activation-service-type cuirass-activation) (service-extension shepherd-root-service-type cuirass-shepherd-service) - (service-extension account-service-type cuirass-account))))) + (service-extension account-service-type cuirass-account))) + (description + "Run the Cuirass continuous integration service.")))