[PATCH] git-service

[PATCH] git-service

[ng0]

[PATCH] gnu: services: Add git-service.

Right now, this service does not work (vm does not build) when I try to build the vm
with "./pre-inst-env guix system vm ../testvm-git.scm", where ../testvm-git is a file I will append in the 2nd follow-up message.

[PATCH] gnu: services: Add git-service.

[ng0]

* gnu/services/version-control.scm: New file, create it.
(git-service): New Procedures.
(git-service-type): New variable.
* doc/guix.texi (Services)(Version Control): New section.
---
 doc/guix.texi                    |  38 ++++++++-
 gnu/local.mk                     |   1 +
 gnu/services/version-control.scm | 162 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 200 insertions(+), 1 deletion(-)
 create mode 100644 gnu/services/version-control.scm

diff --git a/doc/guix.texi b/doc/guix.texi
index 7352ea9..fe53d08 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -7795,6 +7795,7 @@ declaration.
 * Web Services::                Web servers.
 * Network File System::         NFS related services.
 * Miscellaneous Services::      Other services.
+* Version Control::             Git and others.
 @end menu
 
 @node Base Services
@@ -11586,7 +11587,6 @@ If it is @code{#f} then the daemon will use the host's fully qualified domain na
 @node Miscellaneous Services
 @subsubsection Miscellaneous Services
 
-
 @cindex lirc
 @subsubheading Lirc Service
 
@@ -11673,6 +11673,42 @@ A @code{<dicod-database>} object serving the GNU Collaborative International
 Dictonary of English using the @code{gcide} package.
 @end defvr
 
+@node Version Control
+@subsubsection Version Control
+
+The @code{(gnu services version-control)} module provides the following services:
+
+@deffn {Scheme Procedure} git-service [#:git @var{git}] @
+       [#:base-directory "/var/git/repositories"] @
+       [#:user-directory? #f ""] [#:port 9418] @
+       [#:directory? #f ""] [#:max-connections 32] @
+       [#:pid-file? #t "/var/run/git-daemon.pid"]
+
+Return a service to run the @uref{https://git-scm.com, Git} daemon, a really simple
+TCP Git service which exposes local repositories for anonymous remote access.
+
+The git daemon runs as the @code{git} unprivileged user.  It is started with
+the fixed parameters @code{--syslog}, @code{--reuseaddr} and
+@code{"--no-informative-errors"}.
+You can pass the parameter @var{base-directory}, which remaps all the directory
+requests as relative to the given directory.  If you run git-service with
+@var{base-directory "/var/git/repositories"} on example.com, then if you later try
+to pull @code{git://example.com/hello.git}, git-service will interpret the directory
+as @code{/var/git/repositories/hello.git}.
+@var{max-connections} sets the maximum number of concurrent clients, it defaults to 32.
+Set it to 0 for no limit.
+@var{user-directory} allows allows ~user notation to be used in requests. When
+specified with no parameter, requests to @code{git://host/~alice/foo} is taken as a
+request to access @code{foo} repository in the home directory of user @code{alice}.
+If @var{user-directory "path"} is specified, the same request is taken as a request
+to access @code{path/foo} repository in the home directory of user @code{alice}.
+The parameter @var{directory "foo"} adds the directory "foo" and its subdirectories
+to the whitelist of allowed directories.
+Furthermore git-service takes the parameter @var{port}, which defaults to 9418.
+Run @command{man git daemon} for information about the options.
+
+@end deffn
+
 @node Setuid Programs
 @subsection Setuid Programs
 
diff --git a/gnu/local.mk b/gnu/local.mk
index 7112451..8769671 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -415,6 +415,7 @@ GNU_SYSTEM_MODULES =				\
   %D%/services/sddm.scm				\
   %D%/services/spice.scm				\
   %D%/services/ssh.scm				\
+  %D%/services/version-control.scm              \
   %D%/services/web.scm				\
   %D%/services/xorg.scm				\
 						\
diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
new file mode 100644
index 0000000..8fa22a1
--- /dev/null
+++ b/gnu/services/version-control.scm
@@ -0,0 +1,162 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu services version-control)
+  #:use-module (gnu services)
+  #:use-module (gnu services base)
+  #:use-module (gnu services shepherd)
+  #:use-module (gnu system shadow)
+  #:use-module (gnu packages version-control)
+  #:use-module (gnu packages admin)
+  #:use-module (guix records)
+  #:use-module (guix gexp)
+  #:use-module (srfi srfi-1)
+  #:use-module (ice-9 match)
+  #:export (git-service
+            git-service-type
+            git-configuration
+            git-configuration?
+            git-configuration-git
+            git-configuration-port
+            git-configuration-base-directory
+            git-configuration-pid-file
+            git-configuration-max-connections
+            git-configuration-user-directory
+            git-configuration-directory))
+
+;;; Commentary:
+;;;
+;;; Version Control related services.
+;;;
+;;; Code:
+
+\f
+;;;
+;;; git
+;;;
+
+(define-record-type* <git-configuration> git-configuration
+  make-git-configuration
+  git-configuration?
+  (git              git-configuration-git  ;package
+                    (default git))
+  (pid-file?        git-configuration-pid-file) ;string
+  (base-directory   git-configuration-base-directory) ;string
+  (user-directory?  git-configuration-user-directory) ;string
+  (directory?       git-configuration-directory) ;string
+  (max-connections  git-configuration-max-connections) ;number
+  (port             git-configuration-port)) ;number
+
+(define (git-shepherd-service config)
+  "Return a <shepherd-service> for git with CONFIG."
+  (define git (git-configuration-git config))
+
+  (define git-command
+    #~(list
+       (string-append #$git "/bin/git") "daemon" "--syslog" "--user=git"
+       "--group=git" "--no-informative-errors" "--reuseaddr"
+       ;; A directory to add to the whitelist of allowed directories. Unless
+       ;; --strict-paths is specified this will also include subdirectories of
+       ;; each named directory.
+       ;; --directory
+       ;; TODO: Add the option to add multiple occurences of --directory
+       (if (git-configuration-directory? config)
+           (string-append "--directory=" #$(git-configuration-directory config))
+           "")
+       ;; --interpolated-path=<pathtemplate>
+       ;; To support virtual hosting, an interpolated path template can be used to
+       ;; dynamically construct alternate paths. The template supports %H for the target
+       ;; hostname as supplied by the client but converted to all lowercase,
+       ;; %CH for the canonical hostname, %IP for the server’s IP address,
+       ;; %P for the port number, and %D for the absolute path of the named repository.
+       ;; After interpolation, the path is validated against the directory whitelist.
+
+       ;; --listen=<host_or_ipaddr>
+       ;; Listen on a specific IP address or hostname. IP addresses can be either an IPv4
+       ;; address or an IPv6 address if supported. If IPv6 is not supported, then
+       ;; --listen=hostname is also not supported and --listen must be given an IPv4 address.
+       ;; Can be given more than once. Incompatible with --inetd option.
+
+       ;; Maximum number of concurrent clients, defaults to 32. Set it to zero for no limit.
+       (string-append "--max-connections=" #$(number->string
+                                              (git-configuration-max-connections config)))
+
+       ;; --user-path, --user-path=<path>
+       ;; Allow ~user notation to be used in requests. When specified with no parameter,
+       ;; requests to git://host/~alice/foo is taken as a request to access foo repository
+       ;; in the home directory of user alice. If --user-path=path is specified, the same
+       ;; request is taken as a request to access path/foo repository in the home
+       ;; directory of user alice.
+       (if (git-configuration-user-directory? config)
+           "--user-path" "")
+
+       ;; Save the process id in file.
+       (if (git-configuration-pid-file? config)
+           (string-append "--pid-file=" #$(git-configuration-pid-file config))
+           "")
+       (string-append "--port=" #$(number->string (git-configuration-port config)))
+       (string-append "--base-path=" #$(git-configuration-base-directory config))))
+
+  (define requires '(networking syslogd))
+
+  (list (shepherd-service
+         (documentation "Git daemon server for git repositories")
+         (requirement requires)
+         (provision '(git))
+         (start #~(make-forkexec-constructor #$git-command))
+         (stop #~(make-kill-destructor)))))
+
+(define %git-accounts
+  ;; User account and groups for git-daemon.
+  (list (user-group
+         (name "git")
+         (system? #t))
+        (user-account
+         (name "git")
+         (system? #t)
+         (group "git")
+         (comment "Shepherd created user for the git-daemon service")
+         ;; (home-directory "/var/empty")
+         (home-directory "/var/git")
+         ;;(shell #~(string-append #$shadow "/sbin/nologin")))))
+         (shell #~(string-append #$shadow "/bin/git-shell")))))
+
+(define (git-activation config)
+  "Return the activation GEXP for CONFIG."
+  #~(begin
+      (use-modules (guix build utils))
+      (let ((user (getpwnam "git")))
+        (mkdir-p (dirname #$(git-configuration-pid-file config)))
+        (mkdir-p (dirname #$(git-configuration-base-directory config)))
+        (chown (dirname #$(git-configuration-base-directory config))
+               (passwd:uid user) (passwd:gid user)))))
+
+(define git-service-type
+  (service-type (name 'git)
+   (extensions
+    (list (service-extension shepherd-root-service-type
+                             git-shepherd-service)
+          (service-extension activation-service-type
+                             git-activation)))))
+
+(define* (git-service #:key (config (git-configuration)))
+  "Return a service that runs @url{https://git-scm.org,git} as a daemon.
+The daemon will listen on the port specified in @var{port}.
+In addition, @var{base-path} specifies the path which will repositories
+which can be exported by adding 'git-daemon-export-ok' files to them."
+  (service git-service-type config))
-- 
2.10.2

Re: [PATCH] git-service

[ng0]

[-- Attachment #1: Type: text/plain, Size: 333 bytes --]

ng0 <ng0@we.make.ritual.n0.is> writes:

> [PATCH] gnu: services: Add git-service.
>
> Right now, this service does not work (vm does not build) when I try to build the vm
> with "./pre-inst-env guix system vm ../testvm-git.scm", where ../testvm-git is a file I will append in the 2nd follow-up message.
>
>

Appended testvm-git.scm.

[-- Attachment #2: testvm-git.scm --]
[-- Type: application/octet-stream, Size: 1707 bytes --]

;; bare bones, no X11 server.
(use-modules (gnu) (gnu system nss))
(use-service-modules networking ssh version-control dbus avahi)
(use-package-modules certs suckless admin xorg)
(use-package-modules tor emacs version-control avahi ssh)

(operating-system
  (host-name "testvm")
  (timezone "UTC")
  (locale "en_US.UTF-8")

  (bootloader (grub-configuration (device "/dev/sda")))
  (file-systems
   (list (file-system
          (mount-point "/")
          (device "dummy")
          (type "dummy"))
         %binary-format-file-system))

  (users (list (user-account
                (name "bobthecrashtestdummy")
                (comment "")
                (group "users")
                (supplementary-groups '("wheel" "netdev"
                                        "audio" "video"))
                (home-directory "/home/bobthecrashtestdummy")
                (password ""))))

  (services (cons* (console-keymap-service "de")
;;                   (static-networking-service "eth0" "10.0.2.10"
;;                                              #:name-servers '("10.0.2.3")
                   ;;                                              #:gateway "10.0.2.2")
                   (dhcp-client-service)
                   (git-service)
                   (dropbear-service (dropbear-configuration
                                      (port-number 22)
                                      (allow-empty-passwords? #t)))
                   %base-services))

  (pam-services
   (base-pam-services #:allow-empty-passwords? #t))

  (packages (cons* git st sudo
                   avahi findutils grep which xmodmap
                   tcpdump
                   openssh
                   %base-packages)))

[PATCH] gnu: services: Add git-service.

[宋文武]

From: ng0 <ng0@we.make.ritual.n0.is>

* gnu/services/version-control.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (Misellaneous Services)(Version Control): New section.

Co-authored-by: 宋文武 <iyzsong@member.fsf.org>
---
 doc/guix.texi                    |  61 +++++++++++++++++
 gnu/local.mk                     |   1 +
 gnu/services/version-control.scm | 141 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 203 insertions(+)
 create mode 100644 gnu/services/version-control.scm

diff --git a/doc/guix.texi b/doc/guix.texi
index 7352ea9..9353a4c 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -11673,6 +11673,67 @@ A @code{<dicod-database>} object serving the GNU Collaborative International
 Dictonary of English using the @code{gcide} package.
 @end defvr
 
+@subsubsection Version Control
+
+The @code{(gnu services version-control)} module provides the following services:
+
+@subsubheading Git daemon service
+
+@deffn {Scheme Procedure} git-daemon-service [#:config (git-daemon-configuration)]
+
+Return a service that runs @command{git daemon}, a simple TCP server to
+expose repositiories over the Git protocol for annoymous access.
+
+The optional @var{config} argument should be a
+@code{<git-daemon-configuration>} object, by default it allows read-only
+access to exported@footnote{By creating the magic file
+"git-daemon-export-ok" in the repository directory.} repositories under
+@file{/srv/git}.
+
+@end deffn
+
+@deftp {Data Type} git-daemon-configuration
+Data type representing the configuration of git-demon.
+
+@table @asis
+@item @code{package} (default: @var{git})
+Package object of the Git distributed version control system.
+
+@item @code{export-all?} (default: @var{#f})
+Whether to allow access for all Git repositories, even if they do not
+have the @file{git-daemon-export-ok} file.
+
+@item @code{base-path} (default: @file{/srv/git})
+Whether to remap all the path requests as relative to the given path.
+If you run git daemon with @var{(base-path "/srv/git")} on example.com,
+then if you later try to pull @code{git://example.com/hello.git}, git
+daemon will interpret the path as @code{/srv/git/hello.git}.
+
+@item @code{user-path} (default: @var{#f})
+Whether to allow @code{~user} notation to be used in requests.  When
+specified with empty string, requests to @code{git://host/~alice/foo} is
+taken as a request to access @code{foo} repository in the home directory
+of user @code{alice}.  If @var{(user-path "path")} is specified, the
+same request is taken as a request to access @code{path/foo} repository
+in the home directory of user @code{alice}.
+
+@item @code{listen} (default: @var{'()})
+Whether to listen on specific IP addresses or hostnames, defaults to
+all.
+
+@item @code{port} (default: @var{#f})
+Whether to listen on an alternative port, which defaults to 9418.
+
+@item @code{whitelist} (default: @var{'()})
+If not empty, only allow access to this list of directories.
+
+@item @code{extra-options} (default: @var{'()})
+Extra options will be passed to @code{git daemon}, please run
+@command{man git-daemon} for more information.
+
+@end table
+@end deftp
+
 @node Setuid Programs
 @subsection Setuid Programs
 
diff --git a/gnu/local.mk b/gnu/local.mk
index 7112451..8769671 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -415,6 +415,7 @@ GNU_SYSTEM_MODULES =				\
   %D%/services/sddm.scm				\
   %D%/services/spice.scm				\
   %D%/services/ssh.scm				\
+  %D%/services/version-control.scm              \
   %D%/services/web.scm				\
   %D%/services/xorg.scm				\
 						\
diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
new file mode 100644
index 0000000..65bdefb
--- /dev/null
+++ b/gnu/services/version-control.scm
@@ -0,0 +1,141 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;; Copyright © 2016 Sou Bunnbu <iyzsong@member.fsf.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu services version-control)
+  #:use-module (gnu services)
+  #:use-module (gnu services base)
+  #:use-module (gnu services shepherd)
+  #:use-module (gnu system shadow)
+  #:use-module (gnu packages version-control)
+  #:use-module (gnu packages admin)
+  #:use-module (guix records)
+  #:use-module (guix gexp)
+  #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-26)
+  #:use-module (ice-9 match)
+  #:export (git-daemon-service
+            git-daemon-service-type
+            git-daemon-configuration
+            git-daemon-configuration?))
+
+;;; Commentary:
+;;;
+;;; Version Control related services.
+;;;
+;;; Code:
+
+\f
+;;;
+;;; Git daemon.
+;;;
+
+(define-record-type* <git-daemon-configuration>
+  git-daemon-configuration
+  make-git-daemon-configuration
+  git-daemon-configuration?
+  (package          git-daemon-configuration-package        ;package
+                    (default git))
+  (export-all?      git-daemon-configuration-export-all     ;boolean
+                    (default #f))
+  (base-path        git-daemon-configuration-base-path      ;string | #f
+                    (default "/srv/git"))
+  (user-path        git-daemon-configuration-user-path      ;string | #f
+                    (default #f))
+  (listen           git-daemon-configuration-listen         ;list of string
+                    (default '()))
+  (port             git-daemon-configuration-port           ;number | #f
+                    (default #f))
+  (whitelist        git-daemon-configuration-whitelist      ;list of string
+                    (default '()))
+  (extra-options    git-daemon-configuration-extra-options  ;list of string
+                    (default '())))
+
+(define git-daemon-shepherd-service
+  (match-lambda
+    (($ <git-daemon-configuration>
+        package export-all? base-path user-path
+        listen port whitelist extra-options)
+     (let* ((git     (file-append package "/bin/git"))
+            (command `(,git
+                       "daemon" "--syslog" "--reuseaddr"
+                       ,@(if export-all?
+                             '("--export-all")
+                             '())
+                       ,@(if base-path
+                             `(,(string-append "--base-path=" base-path))
+                             '())
+                       ,@(if user-path
+                             `(,(string-append "--user-path=" user-path))
+                             '())
+                       ,@(map (cut string-append "--listen=" <>) listen)
+                       ,@(if port
+                             `(,(string-append
+                                 "--port=" (number->string port)))
+                             '())
+                       ,@extra-options
+                       ,@whitelist)))
+       (list (shepherd-service
+              (documentation "Git daemon server")
+              (requirement '(networking))
+              (provision '(git-daemon))
+              (start #~(make-forkexec-constructor '#$command
+                                                  #:user "git-daemon"
+                                                  #:group "git-daemon"))
+              (stop #~(make-kill-destructor))))))))
+
+(define %git-daemon-accounts
+  ;; User account and group for git-daemon.
+  (list (user-group
+         (name "git-daemon")
+         (system? #t))
+        (user-account
+         (name "git-daemon")
+         (system? #t)
+         (group "git-daemon")
+         (comment "Git daemon user")
+         (home-directory "/var/empty")
+         (shell (file-append shadow "/sbin/nologin")))))
+
+(define (git-daemon-activation config)
+  "Return the activation gexp for git-daemon using CONFIG."
+  (let ((base-path (git-daemon-configuration-base-path config)))
+    #~(begin
+        (use-modules (guix build utils))
+        ;; Create the 'base-path' directory when it's not '#f'.
+        (and=> #$base-path mkdir-p))))
+
+(define git-daemon-service-type
+  (service-type
+   (name 'git-daemon)
+   (extensions
+    (list (service-extension shepherd-root-service-type
+                             git-daemon-shepherd-service)
+          (service-extension account-service-type
+                             (const %git-daemon-accounts))
+          (service-extension activation-service-type
+                             git-daemon-activation)))))
+
+(define* (git-daemon-service #:key (config (git-daemon-configuration)))
+  "Return a service that runs @command{git daemon}, a simple TCP server to
+expose repositories over the Git protocol for annoymous access.
+
+The optional @var{config} argument should be a
+@code{<git-daemon-configuration>} object, by default it allows read-only
+access to exported repositories under @file{/srv/git}."
+  (service git-daemon-service-type config))
-- 
2.10.0

Re: [PATCH] gnu: services: Add git-service.

[宋文武]

ng0 <ng0@we.make.ritual.n0.is> writes:

> * gnu/services/version-control.scm: New file, create it.
> (git-service): New Procedures.
> (git-service-type): New variable.
> * doc/guix.texi (Services)(Version Control): New section.

Hi, I make and send a new patch based on yours, which rename
'git-service' to 'git-daemon-service', and put most documentation to the
'git-daemon-configuration' part.

I tested it with the default configuration and 'user-path', it works
fine!  I'd like it to deprecated yours, what do you think?

Thanks!

Re: [PATCH] gnu: services: Add git-service.

[Mathieu Lirzin]

Hello,

宋文武 <iyzsong@member.fsf.org> writes:

> From: ng0 <ng0@we.make.ritual.n0.is>
>
> * gnu/services/version-control.scm: New file.
> * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
> * doc/guix.texi (Misellaneous Services)(Version Control): New section.

but I find this notation confusing, since "Version Control" belongs to
"Miscellaneous Services".  @node identifiers are unique, so it is
reasonable to refers to them with '()', and use '<>' for their parts as
suggested by GCS:

  https://www.gnu.org/prep/standards/html_node/Indicating-the-Part-Changed.html#Indicating-the-Part-Changed

Thanks.

-- 
Mathieu Lirzin

Re: [PATCH] gnu: services: Add git-service.

[Mathieu Lirzin]

Mathieu Lirzin <mthl@gnu.org> writes:

> 宋文武 <iyzsong@member.fsf.org> writes:
>
>> From: ng0 <ng0@we.make.ritual.n0.is>
>>
>> * gnu/services/version-control.scm: New file.
>> * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
>> * doc/guix.texi (Misellaneous Services)(Version Control): New section.
>
> but I find this notation confusing, since "Version Control" belongs to
  ^^^
Please ignore this "but" that shouldn't be here.

-- 
Mathieu Lirzin

Re: [PATCH] gnu: services: Add git-service.

[宋文武]

Mathieu Lirzin <mthl@gnu.org> writes:

> Mathieu Lirzin <mthl@gnu.org> writes:
>
>> 宋文武 <iyzsong@member.fsf.org> writes:
>>
>>> From: ng0 <ng0@we.make.ritual.n0.is>
>>>
>>> * gnu/services/version-control.scm: New file.
>>> * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
>>> * doc/guix.texi (Misellaneous Services)(Version Control): New section.
>>
>> but I find this notation confusing, since "Version Control" belongs to
>   ^^^
> Please ignore this "but" that shouldn't be here.

Thanks!  I'll change it to '[Version Control]'.

Re: [PATCH] gnu: services: Add git-service.

[ng0]

宋文武 <iyzsong@member.fsf.org> writes:

> From: ng0 <ng0@we.make.ritual.n0.is>
>
> * gnu/services/version-control.scm: New file.
> * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
> * doc/guix.texi (Misellaneous Services)(Version Control): New section.
>
> Co-authored-by: 宋文武 <iyzsong@member.fsf.org>

Thanks! As reply to the mssage you've sent before this one: I'm
okay with the changes. My intention with the services I'm working
on is to learn and improve my knowledge on how service for Guix
are written and work.

> ---
>  doc/guix.texi                    |  61 +++++++++++++++++
>  gnu/local.mk                     |   1 +
>  gnu/services/version-control.scm | 141 +++++++++++++++++++++++++++++++++++++++
>  3 files changed, 203 insertions(+)
>  create mode 100644 gnu/services/version-control.scm
>
> diff --git a/doc/guix.texi b/doc/guix.texi
> index 7352ea9..9353a4c 100644
> --- a/doc/guix.texi
> +++ b/doc/guix.texi
> @@ -11673,6 +11673,67 @@ A @code{<dicod-database>} object serving the GNU Collaborative International
>  Dictonary of English using the @code{gcide} package.
>  @end defvr
>  
> +@subsubsection Version Control
> +
> +The @code{(gnu services version-control)} module provides the following services:
> +
> +@subsubheading Git daemon service
> +
> +@deffn {Scheme Procedure} git-daemon-service [#:config (git-daemon-configuration)]
> +
> +Return a service that runs @command{git daemon}, a simple TCP server to
> +expose repositiories over the Git protocol for annoymous access.
> +
> +The optional @var{config} argument should be a
> +@code{<git-daemon-configuration>} object, by default it allows read-only
> +access to exported@footnote{By creating the magic file
> +"git-daemon-export-ok" in the repository directory.} repositories under
> +@file{/srv/git}.
> +
> +@end deffn
> +
> +@deftp {Data Type} git-daemon-configuration
> +Data type representing the configuration of git-demon.

Typo, it should be "git-daemon".

> +
> +@table @asis
> +@item @code{package} (default: @var{git})
> +Package object of the Git distributed version control system.
> +
> +@item @code{export-all?} (default: @var{#f})
> +Whether to allow access for all Git repositories, even if they do not
> +have the @file{git-daemon-export-ok} file.
> +
> +@item @code{base-path} (default: @file{/srv/git})

Why /srv ? Will the other services (mail, web, etc) use /srv
aswell or do they use /var ? I used /var/git because of /var/www
and iirc this is also in the upstream documentation.

> +Whether to remap all the path requests as relative to the given path.
> +If you run git daemon with @var{(base-path "/srv/git")} on example.com,
> +then if you later try to pull @code{git://example.com/hello.git}, git
> +daemon will interpret the path as @code{/srv/git/hello.git}.
> +
> +@item @code{user-path} (default: @var{#f})
> +Whether to allow @code{~user} notation to be used in requests.  When
> +specified with empty string, requests to @code{git://host/~alice/foo} is
> +taken as a request to access @code{foo} repository in the home directory
> +of user @code{alice}.  If @var{(user-path "path")} is specified, the
> +same request is taken as a request to access @code{path/foo} repository
> +in the home directory of user @code{alice}.
> +
> +@item @code{listen} (default: @var{'()})
> +Whether to listen on specific IP addresses or hostnames, defaults to
> +all.
> +
> +@item @code{port} (default: @var{#f})
> +Whether to listen on an alternative port, which defaults to 9418.
> +
> +@item @code{whitelist} (default: @var{'()})
> +If not empty, only allow access to this list of directories.
> +
> +@item @code{extra-options} (default: @var{'()})
> +Extra options will be passed to @code{git daemon}, please run
> +@command{man git-daemon} for more information.

Ah, nice. So you basically ended up with what I wanted in the
first revision of the git-service.
Documentation looks good to me except this one question about
location, and the one typo.

> +
> +@end table
> +@end deftp
> +
>  @node Setuid Programs
>  @subsection Setuid Programs
>  
> diff --git a/gnu/local.mk b/gnu/local.mk
> index 7112451..8769671 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -415,6 +415,7 @@ GNU_SYSTEM_MODULES =				\
>    %D%/services/sddm.scm				\
>    %D%/services/spice.scm				\
>    %D%/services/ssh.scm				\
> +  %D%/services/version-control.scm              \
>    %D%/services/web.scm				\
>    %D%/services/xorg.scm				\
>  						\
> diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
> new file mode 100644
> index 0000000..65bdefb
> --- /dev/null
> +++ b/gnu/services/version-control.scm
> @@ -0,0 +1,141 @@
> +;;; GNU Guix --- Functional package management for GNU
> +;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
> +;;; Copyright © 2016 Sou Bunnbu <iyzsong@member.fsf.org>
> +;;;
> +;;; This file is part of GNU Guix.
> +;;;
> +;;; GNU Guix is free software; you can redistribute it and/or modify it
> +;;; under the terms of the GNU General Public License as published by
> +;;; the Free Software Foundation; either version 3 of the License, or (at
> +;;; your option) any later version.
> +;;;
> +;;; GNU Guix is distributed in the hope that it will be useful, but
> +;;; WITHOUT ANY WARRANTY; without even the implied warranty of
> +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> +;;; GNU General Public License for more details.
> +;;;
> +;;; You should have received a copy of the GNU General Public License
> +;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
> +
> +(define-module (gnu services version-control)
> +  #:use-module (gnu services)
> +  #:use-module (gnu services base)
> +  #:use-module (gnu services shepherd)
> +  #:use-module (gnu system shadow)
> +  #:use-module (gnu packages version-control)
> +  #:use-module (gnu packages admin)
> +  #:use-module (guix records)
> +  #:use-module (guix gexp)
> +  #:use-module (srfi srfi-1)
> +  #:use-module (srfi srfi-26)
> +  #:use-module (ice-9 match)
> +  #:export (git-daemon-service
> +            git-daemon-service-type
> +            git-daemon-configuration
> +            git-daemon-configuration?))
> +
> +;;; Commentary:
> +;;;
> +;;; Version Control related services.
> +;;;
> +;;; Code:
> +
> +\f
> +;;;
> +;;; Git daemon.
> +;;;
> +
> +(define-record-type* <git-daemon-configuration>
> +  git-daemon-configuration
> +  make-git-daemon-configuration
> +  git-daemon-configuration?
> +  (package          git-daemon-configuration-package        ;package
> +                    (default git))
> +  (export-all?      git-daemon-configuration-export-all     ;boolean
> +                    (default #f))
> +  (base-path        git-daemon-configuration-base-path      ;string | #f
> +                    (default "/srv/git"))
> +  (user-path        git-daemon-configuration-user-path      ;string | #f
> +                    (default #f))
> +  (listen           git-daemon-configuration-listen         ;list of string
> +                    (default '()))
> +  (port             git-daemon-configuration-port           ;number | #f
> +                    (default #f))
> +  (whitelist        git-daemon-configuration-whitelist      ;list of string
> +                    (default '()))
> +  (extra-options    git-daemon-configuration-extra-options  ;list of string
> +                    (default '())))
> +
> +(define git-daemon-shepherd-service
> +  (match-lambda
> +    (($ <git-daemon-configuration>
> +        package export-all? base-path user-path
> +        listen port whitelist extra-options)
> +     (let* ((git     (file-append package "/bin/git"))
> +            (command `(,git
> +                       "daemon" "--syslog" "--reuseaddr"
> +                       ,@(if export-all?
> +                             '("--export-all")
> +                             '())
> +                       ,@(if base-path
> +                             `(,(string-append "--base-path=" base-path))
> +                             '())
> +                       ,@(if user-path
> +                             `(,(string-append "--user-path=" user-path))
> +                             '())
> +                       ,@(map (cut string-append "--listen=" <>) listen)
> +                       ,@(if port
> +                             `(,(string-append
> +                                 "--port=" (number->string port)))
> +                             '())
> +                       ,@extra-options
> +                       ,@whitelist)))
> +       (list (shepherd-service
> +              (documentation "Git daemon server")
> +              (requirement '(networking))
> +              (provision '(git-daemon))
> +              (start #~(make-forkexec-constructor '#$command
> +                                                  #:user "git-daemon"
> +                                                  #:group "git-daemon"))
> +              (stop #~(make-kill-destructor))))))))
> +
> +(define %git-daemon-accounts
> +  ;; User account and group for git-daemon.
> +  (list (user-group
> +         (name "git-daemon")
> +         (system? #t))
> +        (user-account
> +         (name "git-daemon")
> +         (system? #t)
> +         (group "git-daemon")
> +         (comment "Git daemon user")
> +         (home-directory "/var/empty")
> +         (shell (file-append shadow "/sbin/nologin")))))

Why? I think it should have a home (/var/git (or whereever else))
and use the git-shell so that the ssh functionality is enabled,
which can be used for minimal servers, so you don't actually need
to add the git account.
It's also expected that the name is "git" for this reason and not
"git-daemon".
iirc this affects more software than just git-daemon, every scm
which does not ship its own git daemon uses "git-daemon" by git
upstream. It's reasonable not to break with expectations (and
keep the name short) and give it the name "git", group-name could
be anything though.

> +
> +(define (git-daemon-activation config)
> +  "Return the activation gexp for git-daemon using CONFIG."
> +  (let ((base-path (git-daemon-configuration-base-path config)))
> +    #~(begin
> +        (use-modules (guix build utils))
> +        ;; Create the 'base-path' directory when it's not '#f'.
> +        (and=> #$base-path mkdir-p))))
> +
> +(define git-daemon-service-type
> +  (service-type
> +   (name 'git-daemon)
> +   (extensions
> +    (list (service-extension shepherd-root-service-type
> +                             git-daemon-shepherd-service)
> +          (service-extension account-service-type
> +                             (const %git-daemon-accounts))
> +          (service-extension activation-service-type
> +                             git-daemon-activation)))))
> +
> +(define* (git-daemon-service #:key (config (git-daemon-configuration)))
> +  "Return a service that runs @command{git daemon}, a simple TCP server to
> +expose repositories over the Git protocol for annoymous access.
> +
> +The optional @var{config} argument should be a
> +@code{<git-daemon-configuration>} object, by default it allows read-only
> +access to exported repositories under @file{/srv/git}."
> +  (service git-daemon-service-type config))

Simple, easy to understand. Thanks for fixing my initial work up.

Re: [PATCH] gnu: services: Add git-service.

[宋文武]

ng0 <ng0@we.make.ritual.n0.is> writes:

>> [...]
>> +
>> +@deftp {Data Type} git-daemon-configuration
>> +Data type representing the configuration of git-demon.
>
> Typo, it should be "git-daemon".
>

OK.
>> +
>> +@table @asis
>> +@item @code{package} (default: @var{git})
>> +Package object of the Git distributed version control system.
>> +
>> +@item @code{export-all?} (default: @var{#f})
>> +Whether to allow access for all Git repositories, even if they do not
>> +have the @file{git-daemon-export-ok} file.
>> +
>> +@item @code{base-path} (default: @file{/srv/git})
>
> Why /srv ? Will the other services (mail, web, etc) use /srv
> aswell or do they use /var ? I used /var/git because of /var/www
> and iirc this is also in the upstream documentation.
>

it's for serving files to public, our nginx-service use '/srv/http' too.

> [...]
>
> Ah, nice. So you basically ended up with what I wanted in the
> first revision of the git-service.
> Documentation looks good to me except this one question about
> location, and the one typo.

Cool, thanks for your work and feedback!

>> [...]
>> +(define %git-daemon-accounts
>> +  ;; User account and group for git-daemon.
>> +  (list (user-group
>> +         (name "git-daemon")
>> +         (system? #t))
>> +        (user-account
>> +         (name "git-daemon")
>> +         (system? #t)
>> +         (group "git-daemon")
>> +         (comment "Git daemon user")
>> +         (home-directory "/var/empty")
>> +         (shell (file-append shadow "/sbin/nologin")))))
>
> Why? I think it should have a home (/var/git (or whereever else))
> and use the git-shell so that the ssh functionality is enabled,
> which can be used for minimal servers, so you don't actually need
> to add the git account.
> It's also expected that the name is "git" for this reason and not
> "git-daemon".
> iirc this affects more software than just git-daemon, every scm
> which does not ship its own git daemon uses "git-daemon" by git
> upstream. It's reasonable not to break with expectations (and
> keep the name short) and give it the name "git", group-name could
> be anything though.
>

Um, the git-daemon really has nothing to do with git-shell and ssh
access.  If I have ssh service running, I can access all the
repositories the login user can access without git-daemon.  If I want
annoymous ssh access, I can add a 'git' user using 'git-shell', which
rely the exist ssh service, so I leave it..  hope it make sense.


Thanks!

Re: [PATCH] gnu: services: Add git-service.

[ng0]

iyzsong@member.fsf.org (宋文武) writes:

> ng0 <ng0@we.make.ritual.n0.is> writes:
>
>>> [...]
>>> +
>>> +@deftp {Data Type} git-daemon-configuration
>>> +Data type representing the configuration of git-demon.
>>
>> Typo, it should be "git-daemon".
>>
>
> OK.
>>> +
>>> +@table @asis
>>> +@item @code{package} (default: @var{git})
>>> +Package object of the Git distributed version control system.
>>> +
>>> +@item @code{export-all?} (default: @var{#f})
>>> +Whether to allow access for all Git repositories, even if they do not
>>> +have the @file{git-daemon-export-ok} file.
>>> +
>>> +@item @code{base-path} (default: @file{/srv/git})
>>
>> Why /srv ? Will the other services (mail, web, etc) use /srv
>> aswell or do they use /var ? I used /var/git because of /var/www
>> and iirc this is also in the upstream documentation.
>>
>
> it's for serving files to public, our nginx-service use '/srv/http' too.

That's okay for me then.

>> [...]
>>
>> Ah, nice. So you basically ended up with what I wanted in the
>> first revision of the git-service.
>> Documentation looks good to me except this one question about
>> location, and the one typo.
>
> Cool, thanks for your work and feedback!
>
>>> [...]
>>> +(define %git-daemon-accounts
>>> +  ;; User account and group for git-daemon.
>>> +  (list (user-group
>>> +         (name "git-daemon")
>>> +         (system? #t))
>>> +        (user-account
>>> +         (name "git-daemon")
>>> +         (system? #t)
>>> +         (group "git-daemon")
>>> +         (comment "Git daemon user")
>>> +         (home-directory "/var/empty")
>>> +         (shell (file-append shadow "/sbin/nologin")))))
>>
>> Why? I think it should have a home (/var/git (or whereever else))
>> and use the git-shell so that the ssh functionality is enabled,
>> which can be used for minimal servers, so you don't actually need
>> to add the git account.
>> It's also expected that the name is "git" for this reason and not
>> "git-daemon".
>> iirc this affects more software than just git-daemon, every scm
>> which does not ship its own git daemon uses "git-daemon" by git
>> upstream. It's reasonable not to break with expectations (and
>> keep the name short) and give it the name "git", group-name could
>> be anything though.
>>
>
> Um, the git-daemon really has nothing to do with git-shell and ssh
> access.  If I have ssh service running, I can access all the
> repositories the login user can access without git-daemon.  If I want
> annoymous ssh access, I can add a 'git' user using 'git-shell', which
> rely the exist ssh service, so I leave it..  hope it make sense.
>
>
> Thanks!
>

Okay, I can understand this. If there should be the need to
change this, we can always apply it later.

Looks good to me, just the one typo which can be fixed before
applying. I will build a vm with this later to verify that it
works, but in theory it should just work.

-- 
♥Ⓐ  ng0  | ng0.chaosnet.org

Re: [PATCH] gnu: services: Add git-service.

[ng0]

ng0 <ng0@we.make.ritual.n0.is> writes:

> Looks good to me, just the one typo which can be fixed before
> applying. I will build a vm with this later to verify that it
> works, but in theory it should just work.

I have problems testing this. Any system configuration I tried so
far silently fails, does not get build, nothing happens not even
an error message.
Even after make clean and bootstraping again etc.
./pre-inst-env guix system vm ~/configgit.scm
For vm-image it is the same.

Do you have a configuration I could test to use it with?
-- 
♥Ⓐ  ng0  | ng0.chaosnet.org