[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
03/04: services: ganeti: Use TLS on the remote API by default.
From: |
guix-commits |
Subject: |
03/04: services: ganeti: Use TLS on the remote API by default. |
Date: |
Sun, 19 Jul 2020 08:42:44 -0400 (EDT) |
mbakke pushed a commit to branch master
in repository guix.
commit 41daf1286575f3a1998493c893f6d5a9c5b62de8
Author: Marius Bakke <marius@gnu.org>
AuthorDate: Sun Jul 19 09:59:57 2020 +0200
services: ganeti: Use TLS on the remote API by default.
* gnu/services/ganeti.scm (<ganeti-rapi-configuration>): Set SSL? to #t.
* gnu/tests/ganeti.scm (%ganeti-os): Set SSL? to #f.
* doc/guix.texi (Virtualization Services): Adjust accordingly.
---
doc/guix.texi | 2 +-
gnu/services/ganeti.scm | 2 +-
gnu/tests/ganeti.scm | 5 +++++
3 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 2c5c017..df37349 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -25497,7 +25497,7 @@ The maximum number of simultaneous client requests to
handle. Further
connections are allowed, but no responses are sent until enough connections
have closed.
-@item @code{ssl?} (default: @code{#f})
+@item @code{ssl?} (default: @code{#t})
Whether to use SSL/TLS encryption on the RAPI port.
@item @code{ssl-key} (default: @file{"/var/lib/ganeti/server.pem"})
diff --git a/gnu/services/ganeti.scm b/gnu/services/ganeti.scm
index 80a6181..f7d1aeb 100644
--- a/gnu/services/ganeti.scm
+++ b/gnu/services/ganeti.scm
@@ -450,7 +450,7 @@ be submitted via this daemon and it schedules and starts
them.")))
(max-clients ganeti-rapi-configuration-max-clients ;integer
(default 20))
(ssl? ganeti-rapi-configuration-ssl? ;Boolean
- (default #f))
+ (default #t))
(ssl-key ganeti-rapi-configuration-ssl-key ;string
(default "/var/lib/ganeti/server.pem"))
(ssl-cert ganeti-rapi-configuration-ssl-cert ;string
diff --git a/gnu/tests/ganeti.scm b/gnu/tests/ganeti.scm
index 0615edc..ff853a7 100644
--- a/gnu/tests/ganeti.scm
+++ b/gnu/tests/ganeti.scm
@@ -70,6 +70,11 @@
(service ganeti-service-type
(ganeti-configuration
(file-storage-paths '("/srv/ganeti/file-storage"))
+ (rapi-configuration
+ (ganeti-rapi-configuration
+ ;; Disable TLS so we can test the RAPI without
+ ;; pulling in GnuTLS.
+ (ssl? #f)))
(os %default-ganeti-os))))
%base-services))))