From: "Clément Lassieur" <clement@lassieur.org>
To: 29425@debbugs.gnu.org
Subject: [bug#29425] [PATCH 3/6] services: prosody: Adapt to Prosody 0.10.0.
Date: Fri, 24 Nov 2017 17:52:24 +0100 [thread overview]
Message-ID: <20171124165227.5743-3-clement@lassieur.org> (raw)
In-Reply-To: <20171124165227.5743-1-clement@lassieur.org>
* doc/guix.texi (Messaging Services): Add "mam" as a module example. Document
'prosodyctl check'. Replace 'prosodyctl cert request' with 'prosodyctl cert
import'. Regenerate it.
* gnu/services/messaging.scm (serialize-module-list): Remove "posix" from the
default modules list because it is now automatically loaded.
(ssl-configuration)[key, certificate]: Remove them because they are now
automatically located. Fix their docstrings.
(%default-modules-enabled): Add "carbons" and "blocklist".
(prosody-configuration)[certificates]: Set default directory from which
certificates/keys will be automatically located.
---
doc/guix.texi | 28 +++++++++++++++++++---------
gnu/services/messaging.scm | 19 ++++++++++++++-----
2 files changed, 33 insertions(+), 14 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 4f8453ebf..05aca9186 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -13835,7 +13835,7 @@ record as in this example:
@example
(service prosody-service-type
(prosody-configuration
- (modules-enabled (cons "groups" %default-modules-enabled))
+ (modules-enabled (cons "groups" "mam" %default-modules-enabled))
(int-components
(list
(int-component-configuration
@@ -13856,10 +13856,15 @@ By default, Prosody does not need much configuration. Only one
@code{virtualhosts} field is needed: it specifies the domain you wish
Prosody to serve.
-Prosodyctl will help you generate X.509 certificates and keys:
+You can perform various sanity checks on the generated configuration
+with the @code{prosodyctl check} command.
+
+Prosodyctl will also help you to import certificates from the
+@code{letsencrypt} directory so that the @code{prosody} user can access
+them. See @url{https://prosody.im/doc/letsencrypt}.
@example
-prosodyctl cert request example.net
+prosodyctl --root cert import /etc/letsencrypt/live
@end example
The available configuration parameters follow. Each parameter
@@ -13898,6 +13903,13 @@ paths in order. See @url{http://prosody.im/doc/plugins_directory}.
Defaults to @samp{()}.
@end deftypevr
+@deftypevr {@code{prosody-configuration} parameter} file-name certificates
+Every virtual host and component needs a certificate so that clients and
+servers can securely verify its identity. Prosody will automatically load
+certificates/keys from the directory specified here.
+Defaults to @samp{"/etc/prosody/certs"}.
+@end deftypevr
+
@deftypevr {@code{prosody-configuration} parameter} string-list admins
This is a list of accounts that are admins for the server. Note that you
must create the accounts separately. See @url{http://prosody.im/doc/admins} and
@@ -13950,14 +13962,12 @@ Available @code{ssl-configuration} fields are:
This determines what handshake to use.
@end deftypevr
-@deftypevr {@code{ssl-configuration} parameter} file-name key
-Path to your private key file, relative to @code{/etc/prosody}.
-Defaults to @samp{"/etc/prosody/certs/key.pem"}.
+@deftypevr {@code{ssl-configuration} parameter} maybe-file-name key
+Path to your private key file.
@end deftypevr
-@deftypevr {@code{ssl-configuration} parameter} file-name certificate
-Path to your certificate file, relative to @code{/etc/prosody}.
-Defaults to @samp{"/etc/prosody/certs/cert.pem"}.
+@deftypevr {@code{ssl-configuration} parameter} maybe-file-name certificate
+Path to your certificate file.
@end deftypevr
@deftypevr {@code{ssl-configuration} parameter} file-name capath
diff --git a/gnu/services/messaging.scm b/gnu/services/messaging.scm
index 715d6181f..526ad5a41 100644
--- a/gnu/services/messaging.scm
+++ b/gnu/services/messaging.scm
@@ -160,7 +160,7 @@
(define (module-list? val)
(string-list? val))
(define (serialize-module-list field-name val)
- (serialize-string-list field-name (cons "posix" val)))
+ (serialize-string-list field-name val))
(define-maybe module-list)
(define (file-name? val)
@@ -203,12 +203,12 @@ just joined the room."))
"This determines what handshake to use.")
(key
- (file-name "/etc/prosody/certs/key.pem")
- "Path to your private key file, relative to @code{/etc/prosody}.")
+ (maybe-file-name 'disabled)
+ "Path to your private key file.")
(certificate
- (file-name "/etc/prosody/certs/cert.pem")
- "Path to your certificate file, relative to @code{/etc/prosody}.")
+ (maybe-file-name 'disabled)
+ "Path to your certificate file.")
(capath
(file-name "/etc/ssl/certs")
@@ -271,7 +271,9 @@ can create such a file with:
"tls"
"dialback"
"disco"
+ "carbons"
"private"
+ "blocklist"
"vcard"
"version"
"uptime"
@@ -321,6 +323,13 @@ can create such a file with:
paths in order. See @url{http://prosody.im/doc/plugins_directory}."
global)
+ (certificates
+ (file-name "/etc/prosody/certs")
+ "Every virtual host and component needs a certificate so that clients and
+servers can securely verify its identity. Prosody will automatically load
+certificates/keys from the directory specified here."
+ global)
+
(admins
(string-list '())
"This is a list of accounts that are admins for the server. Note that you
--
2.15.0
next prev parent reply other threads:[~2017-11-24 16:53 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-24 16:48 [bug#29425] Prosody patches Clément Lassieur
2017-11-24 16:52 ` [bug#29425] [PATCH 1/6] gnu: Add lua5.1-bitop Clément Lassieur
2017-11-24 16:52 ` [bug#29425] [PATCH 2/6] gnu: prosody: Add lua5.1-bitop to inputs Clément Lassieur
2017-11-24 21:48 ` Ludovic Courtès
2017-11-24 16:52 ` Clément Lassieur [this message]
2017-11-24 21:49 ` [bug#29425] [PATCH 3/6] services: prosody: Adapt to Prosody 0.10.0 Ludovic Courtès
2017-11-25 2:22 ` Clément Lassieur
2017-11-24 16:52 ` [bug#29425] [PATCH 4/6] services: prosody: Add support for http-external-url Clément Lassieur
2017-11-24 21:50 ` Ludovic Courtès
2017-11-24 16:52 ` [bug#29425] [PATCH 5/6] services: prosody: Add support for http-max-content-size Clément Lassieur
2017-11-24 21:50 ` Ludovic Courtès
2017-11-24 16:52 ` [bug#29425] [PATCH 6/6] services: prosody: Allow to add raw content to the config file Clément Lassieur
2017-11-24 21:50 ` Ludovic Courtès
2017-11-24 21:48 ` [bug#29425] [PATCH 1/6] gnu: Add lua5.1-bitop Ludovic Courtès
2017-11-25 2:20 ` [bug#29425] [PATCH] " Clément Lassieur
2017-11-25 16:24 ` Leo Famulari
2017-11-26 14:18 ` Clément Lassieur
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171124165227.5743-3-clement@lassieur.org \
--to=clement@lassieur.org \
--cc=29425@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.