From mboxrd@z Thu Jan 1 00:00:00 1970 From: ng0 Subject: [PATCH 2/2] services: Add tlsdate-service. Date: Mon, 5 Dec 2016 18:31:01 +0000 Message-ID: <20161205183101.5937-3-ng0@libertad.pw> References: <877f7emdzn.fsf@we.make.ritual.n0.is> <20161205183101.5937-1-ng0@libertad.pw> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:49398) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cDy39-0005Lz-RN for guix-devel@gnu.org; Mon, 05 Dec 2016 13:31:41 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cDy38-0005oT-6O for guix-devel@gnu.org; Mon, 05 Dec 2016 13:31:39 -0500 Received: from aibo.runbox.com ([91.220.196.211]:33653) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cDy37-0005ny-UX for guix-devel@gnu.org; Mon, 05 Dec 2016 13:31:38 -0500 Received: from [10.9.9.210] (helo=mailfront10.runbox.com) by bars.runbox.com with esmtp (Exim 4.71) (envelope-from ) id 1cDy36-00008W-PL for guix-devel@gnu.org; Mon, 05 Dec 2016 19:31:36 +0100 In-Reply-To: <20161205183101.5937-1-ng0@libertad.pw> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org * gnu/services/networking.scm (): New record type. (%tlsdate-accounts): New variables. (tlsdate-shepherd-service): New procedure. (tlsdate-service-type): New variable. * doc/guix.texi (Networking Services): Document it. --- doc/guix.texi | 32 +++++++++++++++++ gnu/services/networking.scm | 84 ++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 115 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index 4d7f96d90..f6efd040d 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -8594,6 +8594,38 @@ make an initial adjustment of more than 1,000 seconds. List of host names used as the default NTP servers. @end defvr +@cindex tlsdate +@deffn {Scheme Procedure} tlsdate-service [#:config (tlsdate-configuration)] + +Return a service that runs @command{tlsdate}, a simple TCP based time service. +The daemon will synchronize the system clock with a server of your +choice via TCP at boot. + +The optional @var{config} argument should be a +@code{} object, by default it syncs the time with gnu.org. + +@end deffn + +@deftp {Data Type} tlsdate-configuration +Data type representing the configuration of tlsdate. + +@table @asis +@item @code{package} (default: @var{tlsdate}) +Package object of the tlsdate time service. + +@item @code{port} (default: @var{'()}) +Set the port of the remote hostname which should be used. + +@item @code{host} (default: @var{"gnu.org"}) +Set the remote hostname which will be queried. Defaults to @code{gnu.org}. + +@item @code{extra-options} (default: @var{'()}) +Extra options will be passed to @code{tlsdate}, please run +@command{man tlsdate} for more information. + +@end table +@end deftp + @cindex Tor @deffn {Scheme Procedure} tor-service [@var{config-file}] [#:tor @var{tor}] Return a service to run the @uref{https://torproject.org, Tor} anonymous diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index d672ecf68..52a899b8f 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2015 Mark H Weaver ;;; Copyright © 2016 Efraim Flashner ;;; Copyright © 2016 John Darrington +;;; Copyright © 2016 ng0 ;;; ;;; This file is part of GNU Guix. ;;; @@ -66,7 +67,13 @@ wicd-service network-manager-service connman-service - wpa-supplicant-service-type)) + wpa-supplicant-service-type + + tlsdate-service + tlsdate-configuration + tlsdate-service-type + tlsdate-configuration? + tlsdate-configuration)) ;;; Commentary: ;;; @@ -360,6 +367,81 @@ make an initial adjustment of more than 1,000 seconds." ;;; +;;; tlsdate +;;; + +(define-record-type* + tlsdate-configuration make-tlsdate-configuration + tlsdate-configuration? + (package tlsdate-configuration-package + (default tlsdate)) + (host tlsdate-configuration-host + (default "gnu.org")) + (port tlsdate-configuration-port + (default #f)) + (extra-options tlsdate-configuration-extra-options + (default '()))) + +(define %tlsdate-accounts + (list (user-group (name "tlsdate") (system? #t)) + (user-account + (name "tlsdate") + (group "tlsdate") + (system? #t) + (comment "tlsdate daemon user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))) + +(define tlsdate-shepherd-service + (match-lambda + (($ + package host port extra-options) + (let* ((tlsdate (file-append package "/bin/tlsdate")) + (command `(,tlsdate + "-l" ; leap + "-t" ; timewarp + ,@(if host + `(,(string-append + "-H" " " host)) + '()) + ,@(if port + `(,(string-append + "-p" " " (number->string port))) + '()) + ,@extra-options))) + (list (shepherd-service + ;;(provision '(tlsdate)) + (provision '(ntp)) + ;; tlsdate needs at least one network interface to be up, hence the + ;; dependency on 'loopback'. + (requirement '(user-processes loopback syslogd)) + + (start #~(make-forkexec-constructor '#$command + #:user "tlsdate" + #:group "tlsdate")) + (stop #~(make-kill-destructor)) + (documentation "Run the tlsdate service."))))))) + +(define tlsdate-service-type + (service-type + (name 'tlsdate) + (extensions + (list (service-extension shepherd-root-service-type + tlsdate-shepherd-service) + (service-extension account-service-type + (const %tlsdate-accounts)))))) + +(define* (tlsdate-service #:key (config (tlsdate-configuration))) + "Return a service that runs @command{tlsdate}, a simple TCP based +time service. + +The optional @var{config} argument should be a +@code{} object, by default it querries gnu.org +for time once at boot." + (service tlsdate-service-type config)) + + +;;; ;;; Tor. ;;; -- 2.11.0