[bug#29425] [PATCH 3/6] services: prosody: Adapt to Prosody 0.10.0.

["Clément Lassieur" <clement@lassieur.org>]

* doc/guix.texi (Messaging Services): Add "mam" as a module example.  Document
'prosodyctl check'.  Replace 'prosodyctl cert request' with 'prosodyctl cert
import'.  Regenerate it.
* gnu/services/messaging.scm (serialize-module-list): Remove "posix" from the
default modules list because it is now automatically loaded.
(ssl-configuration)[key, certificate]: Remove them because they are now
automatically located.  Fix their docstrings.
(%default-modules-enabled): Add "carbons" and "blocklist".
(prosody-configuration)[certificates]: Set default directory from which
certificates/keys will be automatically located.
---
 doc/guix.texi              | 28 +++++++++++++++++++---------
 gnu/services/messaging.scm | 19 ++++++++++++++-----
 2 files changed, 33 insertions(+), 14 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 4f8453ebf..05aca9186 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -13835,7 +13835,7 @@ record as in this example:
 @example
 (service prosody-service-type
          (prosody-configuration
-          (modules-enabled (cons "groups" %default-modules-enabled))
+          (modules-enabled (cons "groups" "mam" %default-modules-enabled))
           (int-components
            (list
             (int-component-configuration
@@ -13856,10 +13856,15 @@ By default, Prosody does not need much configuration.  Only one
 @code{virtualhosts} field is needed: it specifies the domain you wish
 Prosody to serve.
 
-Prosodyctl will help you generate X.509 certificates and keys:
+You can perform various sanity checks on the generated configuration
+with the @code{prosodyctl check} command.
+
+Prosodyctl will also help you to import certificates from the
+@code{letsencrypt} directory so that the @code{prosody} user can access
+them.  See @url{https://prosody.im/doc/letsencrypt}.
 
 @example
-prosodyctl cert request example.net
+prosodyctl --root cert import /etc/letsencrypt/live
 @end example
 
 The available configuration parameters follow.  Each parameter
@@ -13898,6 +13903,13 @@ paths in order.  See @url{http://prosody.im/doc/plugins_directory}.
 Defaults to @samp{()}.
 @end deftypevr
 
+@deftypevr {@code{prosody-configuration} parameter} file-name certificates
+Every virtual host and component needs a certificate so that clients and
+servers can securely verify its identity.  Prosody will automatically load
+certificates/keys from the directory specified here.
+Defaults to @samp{"/etc/prosody/certs"}.
+@end deftypevr
+
 @deftypevr {@code{prosody-configuration} parameter} string-list admins
 This is a list of accounts that are admins for the server.  Note that you
 must create the accounts separately.  See @url{http://prosody.im/doc/admins} and
@@ -13950,14 +13962,12 @@ Available @code{ssl-configuration} fields are:
 This determines what handshake to use.
 @end deftypevr
 
-@deftypevr {@code{ssl-configuration} parameter} file-name key
-Path to your private key file, relative to @code{/etc/prosody}.
-Defaults to @samp{"/etc/prosody/certs/key.pem"}.
+@deftypevr {@code{ssl-configuration} parameter} maybe-file-name key
+Path to your private key file.
 @end deftypevr
 
-@deftypevr {@code{ssl-configuration} parameter} file-name certificate
-Path to your certificate file, relative to @code{/etc/prosody}.
-Defaults to @samp{"/etc/prosody/certs/cert.pem"}.
+@deftypevr {@code{ssl-configuration} parameter} maybe-file-name certificate
+Path to your certificate file.
 @end deftypevr
 
 @deftypevr {@code{ssl-configuration} parameter} file-name capath
diff --git a/gnu/services/messaging.scm b/gnu/services/messaging.scm
index 715d6181f..526ad5a41 100644
--- a/gnu/services/messaging.scm
+++ b/gnu/services/messaging.scm
@@ -160,7 +160,7 @@
 (define (module-list? val)
   (string-list? val))
 (define (serialize-module-list field-name val)
-  (serialize-string-list field-name (cons "posix" val)))
+  (serialize-string-list field-name val))
 (define-maybe module-list)
 
 (define (file-name? val)
@@ -203,12 +203,12 @@ just joined the room."))
    "This determines what handshake to use.")
 
   (key
-   (file-name "/etc/prosody/certs/key.pem")
-   "Path to your private key file, relative to @code{/etc/prosody}.")
+   (maybe-file-name 'disabled)
+   "Path to your private key file.")
 
   (certificate
-   (file-name "/etc/prosody/certs/cert.pem")
-   "Path to your certificate file, relative to @code{/etc/prosody}.")
+   (maybe-file-name 'disabled)
+   "Path to your certificate file.")
 
   (capath
    (file-name "/etc/ssl/certs")
@@ -271,7 +271,9 @@ can create such a file with:
     "tls"
     "dialback"
     "disco"
+    "carbons"
     "private"
+    "blocklist"
     "vcard"
     "version"
     "uptime"
@@ -321,6 +323,13 @@ can create such a file with:
 paths in order.  See @url{http://prosody.im/doc/plugins_directory}."
      global)
 
+    (certificates
+     (file-name "/etc/prosody/certs")
+     "Every virtual host and component needs a certificate so that clients and
+servers can securely verify its identity.  Prosody will automatically load
+certificates/keys from the directory specified here."
+     global)
+
     (admins
      (string-list '())
      "This is a list of accounts that are admins for the server.  Note that you
-- 
2.15.0