Merge remote-tracking branch 'origin/master' into core-updates-frozen.

author: Mathieu Othacehe <othacehe@gnu.org> 2021-10-12 16:50:47 +0000
committer: Mathieu Othacehe <othacehe@gnu.org> 2021-10-12 17:46:23 +0000
commit: a1eca979fb8da842e73c42f4f53be29b169810f2 (patch)
tree: 681c7283e412bb8a29c2531c4408b49c3e184764 /etc/guix-gc.service.in
parent: 48d86a9ec6d8d2e97da2299ea41a03ef4cdaab83 (diff)
parent: 371aa5777a3805a3886f3feea5f1960fe3fe4219 (diff)
download: guix-patches-a1eca979fb8da842e73c42f4f53be29b169810f2.tar
guix-patches-a1eca979fb8da842e73c42f4f53be29b169810f2.tar.gz
1 files changed, 20 insertions, 0 deletions
diff --git a/etc/guix-gc.service.in b/etc/guix-gc.service.in
new file mode 100644
index 0000000000..2f1ca6584b
--- /dev/null
+++ b/etc/guix-gc.service.in
@@ -0,0 +1,20 @@
+# This is a "service unit file" for the systemd init system to perform a
+# one-shot 'guix gc' operation.  It is meant to be triggered by a timer.
+# Drop it in /etc/systemd/system or similar together with 'guix-gc.timer'
+# to set it up.
+
+[Unit]
+Description=Discard unused Guix store items
+
+[Service]
+Type=oneshot
+# Customize the 'guix gc' arguments to fit your needs.
+ExecStart=@localstatedir@/guix/profiles/per-user/root/current-guix/bin/guix gc -d 1m -F 10G
+PrivateDevices=yes
+PrivateNetwork=yes
+PrivateUsers=no
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+ProtectControlGroups=yes
+MemoryDenyWriteExecute=yes
+SystemCallFilter=@default @file-system @basic-io @system-service
author	Mathieu Othacehe <othacehe@gnu.org>	2021-10-12 16:50:47 +0000
committer	Mathieu Othacehe <othacehe@gnu.org>	2021-10-12 17:46:23 +0000
commit	a1eca979fb8da842e73c42f4f53be29b169810f2 (patch)
tree	681c7283e412bb8a29c2531c4408b49c3e184764 /etc/guix-gc.service.in
parent	48d86a9ec6d8d2e97da2299ea41a03ef4cdaab83 (diff)
parent	371aa5777a3805a3886f3feea5f1960fe3fe4219 (diff)
download	guix-patches-a1eca979fb8da842e73c42f4f53be29b169810f2.tar guix-patches-a1eca979fb8da842e73c42f4f53be29b169810f2.tar.gz