Re: personal communications server

[Julien Lepiller]

Le 6 août 2019 23:48:29 GMT+02:00, address@hidden a écrit :
>> I don't think we need the bash scripts, only services. From what I
>read,
>> we could provide a simple file like this and let users choose their
>> services:
>>
>> (define domain "mydomain.org")
>> ; and other common configuration options
>> …
>> (operating-system
>>   …
>>   (services
>>    (cons*
>>     ;; Uncomment for email
>>     ;(dovecot-service …)
>>     …
>>     ;; Uncomment for cgit
>>     ; (cgit-service …)
>>     …
>>     )))
>>
>> And then, you have a base with sane defaults for a defined purpose,
>but
>> can still tweak and change things.
>
>I like this.
>
>The users could also be included on this configuration. I am not sure
>if
>users on the system are used also as users of the different services.
>
>It would be nice to have something that would avoid configuration file
>errors. Maybe some test that would review syntax on Emacs.
>
>Maybe the best would be that each service would be run by a different
>user
>in order to make the system more secure.
>
>Just ideas.
>Q

It's already the case in guix: for instance, we have a mariadb that runs under 
the mariadb user. The service definition itself extends the list of system 
users, so as a user it's completely transparent and you can't make a mistake.

Since most services use a scheme wrapper to define their configuration, it's 
easy to check parameters to ensure the configuration will work. It's not done 
in every service, and not complete, but it's doable, not only for this project, 
but for any guix user. You should really go check the manual on services :)