M doc/guix.texi => doc/guix.texi +19 -9
@@ 13899,7 13899,7 @@ record as in this example:
@example
(service prosody-service-type
(prosody-configuration
- (modules-enabled (cons "groups" %default-modules-enabled))
+ (modules-enabled (cons "groups" "mam" %default-modules-enabled))
(int-components
(list
(int-component-configuration
@@ 13920,10 13920,15 @@ By default, Prosody does not need much configuration. Only one
@code{virtualhosts} field is needed: it specifies the domain you wish
Prosody to serve.
-Prosodyctl will help you generate X.509 certificates and keys:
+You can perform various sanity checks on the generated configuration
+with the @code{prosodyctl check} command.
+
+Prosodyctl will also help you to import certificates from the
+@code{letsencrypt} directory so that the @code{prosody} user can access
+them. See @url{https://prosody.im/doc/letsencrypt}.
@example
-prosodyctl cert request example.net
+prosodyctl --root cert import /etc/letsencrypt/live
@end example
The available configuration parameters follow. Each parameter
@@ 13962,6 13967,13 @@ paths in order. See @url{http://prosody.im/doc/plugins_directory}.
Defaults to @samp{()}.
@end deftypevr
+@deftypevr {@code{prosody-configuration} parameter} file-name certificates
+Every virtual host and component needs a certificate so that clients and
+servers can securely verify its identity. Prosody will automatically load
+certificates/keys from the directory specified here.
+Defaults to @samp{"/etc/prosody/certs"}.
+@end deftypevr
+
@deftypevr {@code{prosody-configuration} parameter} string-list admins
This is a list of accounts that are admins for the server. Note that you
must create the accounts separately. See @url{http://prosody.im/doc/admins} and
@@ 14014,14 14026,12 @@ Available @code{ssl-configuration} fields are:
This determines what handshake to use.
@end deftypevr
-@deftypevr {@code{ssl-configuration} parameter} file-name key
-Path to your private key file, relative to @code{/etc/prosody}.
-Defaults to @samp{"/etc/prosody/certs/key.pem"}.
+@deftypevr {@code{ssl-configuration} parameter} maybe-file-name key
+Path to your private key file.
@end deftypevr
-@deftypevr {@code{ssl-configuration} parameter} file-name certificate
-Path to your certificate file, relative to @code{/etc/prosody}.
-Defaults to @samp{"/etc/prosody/certs/cert.pem"}.
+@deftypevr {@code{ssl-configuration} parameter} maybe-file-name certificate
+Path to your certificate file.
@end deftypevr
@deftypevr {@code{ssl-configuration} parameter} file-name capath
M gnu/services/messaging.scm => gnu/services/messaging.scm +14 -5
@@ 160,7 160,7 @@
(define (module-list? val)
(string-list? val))
(define (serialize-module-list field-name val)
- (serialize-string-list field-name (cons "posix" val)))
+ (serialize-string-list field-name val))
(define-maybe module-list)
(define (file-name? val)
@@ 203,12 203,12 @@ just joined the room."))
"This determines what handshake to use.")
(key
- (file-name "/etc/prosody/certs/key.pem")
- "Path to your private key file, relative to @code{/etc/prosody}.")
+ (maybe-file-name 'disabled)
+ "Path to your private key file.")
(certificate
- (file-name "/etc/prosody/certs/cert.pem")
- "Path to your certificate file, relative to @code{/etc/prosody}.")
+ (maybe-file-name 'disabled)
+ "Path to your certificate file.")
(capath
(file-name "/etc/ssl/certs")
@@ 271,7 271,9 @@ can create such a file with:
"tls"
"dialback"
"disco"
+ "carbons"
"private"
+ "blocklist"
"vcard"
"version"
"uptime"
@@ 321,6 323,13 @@ can create such a file with:
paths in order. See @url{http://prosody.im/doc/plugins_directory}."
global)
+ (certificates
+ (file-name "/etc/prosody/certs")
+ "Every virtual host and component needs a certificate so that clients and
+servers can securely verify its identity. Prosody will automatically load
+certificates/keys from the directory specified here."
+ global)
+
(admins
(string-list '())
"This is a list of accounts that are admins for the server. Note that you