From mboxrd@z Thu Jan 1 00:00:00 1970 From: Julien Lepiller Subject: Re: personal communications server Date: Wed, 07 Aug 2019 09:00:41 +0200 Message-ID: References: <43325349a6b00be70521039c3b5c3618@riseup.net> <878ss7z56s.fsf@elephly.net> <4156d7f891f3a2a531d19897be2e8c29.squirrel@sm.riseup.net> <48F6139B-2078-4F2C-8ACC-45DC464E4CE5@lepiller.eu> <6c155c97ee82a33f962788b887cda397.squirrel@sm.riseup.net> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:58146) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hvFwM-00029O-6l for help-guix@gnu.org; Wed, 07 Aug 2019 03:00:55 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hvFwL-0001q3-4P for help-guix@gnu.org; Wed, 07 Aug 2019 03:00:54 -0400 Received: from lepiller.eu ([2a00:5884:8208::1]:54570) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hvFwK-0001oR-It for help-guix@gnu.org; Wed, 07 Aug 2019 03:00:53 -0400 In-Reply-To: <6c155c97ee82a33f962788b887cda397.squirrel@sm.riseup.net> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org Sender: "Help-Guix" To: help-guix@gnu.org, quiliro@riseup.net Le 6 ao=C3=BBt 2019 23:48:29 GMT+02:00, quiliro@riseup=2Enet a =C3=A9crit : >> I don't think we need the bash scripts, only services=2E From what I >read, >> we could provide a simple file like this and let users choose their >> services: >> >> (define domain "mydomain=2Eorg") >> ; and other common configuration options >> =E2=80=A6 >> (operating-system >> =E2=80=A6 >> (services >> (cons* >> ;; Uncomment for email >> ;(dovecot-service =E2=80=A6) >> =E2=80=A6 >> ;; Uncomment for cgit >> ; (cgit-service =E2=80=A6) >> =E2=80=A6 >> ))) >> >> And then, you have a base with sane defaults for a defined purpose, >but >> can still tweak and change things=2E > >I like this=2E > >The users could also be included on this configuration=2E I am not sure >if >users on the system are used also as users of the different services=2E > >It would be nice to have something that would avoid configuration file >errors=2E Maybe some test that would review syntax on Emacs=2E > >Maybe the best would be that each service would be run by a different >user >in order to make the system more secure=2E > >Just ideas=2E >Q It's already the case in guix: for instance, we have a mariadb that runs u= nder the mariadb user=2E The service definition itself extends the list of = system users, so as a user it's completely transparent and you can't make a= mistake=2E Since most services use a scheme wrapper to define their configuration, it= 's easy to check parameters to ensure the configuration will work=2E It's n= ot done in every service, and not complete, but it's doable, not only for t= his project, but for any guix user=2E You should really go check the manual= on services :)