From mboxrd@z Thu Jan 1 00:00:00 1970 From: contact.ng0@cryptolab.net Subject: [PATCH] gnu: services: Add gnunet-service. Date: Wed, 18 Jan 2017 16:50:35 +0000 Message-ID: <20170118165035.4142-2-contact.ng0@cryptolab.net> References: <20170118165035.4142-1-contact.ng0@cryptolab.net> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:50060) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cTtQs-0006s5-Ha for guix-devel@gnu.org; Wed, 18 Jan 2017 11:50:00 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cTtQo-0004hM-Ig for guix-devel@gnu.org; Wed, 18 Jan 2017 11:49:58 -0500 Received: from aibo.runbox.com ([91.220.196.211]:50486) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cTtQo-0004gp-6V for guix-devel@gnu.org; Wed, 18 Jan 2017 11:49:54 -0500 Received: from [10.9.9.211] (helo=mailfront11.runbox.com) by bars.runbox.com with esmtp (Exim 4.71) (envelope-from ) id 1cTtQm-00055h-UN for guix-devel@gnu.org; Wed, 18 Jan 2017 17:49:53 +0100 In-Reply-To: <20170118165035.4142-1-contact.ng0@cryptolab.net> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org Cc: ng0 From: ng0 --- doc/guix.texi | 36 +++++++++++++ gnu/services/networking.scm | 126 +++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 161 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index a212666af..3e2e50ed9 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -9043,6 +9043,42 @@ Boolean values @var{ipv4?} and @var{ipv6?} determine whether to use IPv4/IPv6 sockets. @end deffn +@cindex GNUnet +@cindex gnunet +@subsubheading GNUnet Service + +@deffn {Scheme Variable} gnunet-service-type +This is the type of the @uref{https://gnunet.org, GNUnet} +service, whose value should be an @code{gnunet-configuration} object +as in this example: + +@example +(service gnunet-service-type + (gnunet-configuration + (config-file (local-file "./gnunet.conf")))) +@end example +@end deffn + +@deftp {Data Type} gnunet-configuration +Data type representing the configuration of GNUnet. + +@table @asis +@item @code{package} (default: @var{gnunet}) +Package object of the GNUnet service. + +@item @code{config-file} (default: @var{%default-gnunet-file}) +File-like object of the GNUnet configuration file to use. For NAT is +assumes by default that you are behind a NAT (@var{BEHIND_NAT = YES}) +and enables UPNP (@var{ENABLE_UPNP = YES}). +The hostlist is configured with the options @var{-b} (bootstrap using +configured hostlist servers) and @var{-e} (enable learning advertised hostlists). +Read the configuration files in @var{"~/.guix-profile/share/gnunet/config.d/"} +for more information. These files also set the defaults when you don't set +any explicit values to override them. + +@end table +@end deftp + @node X Window @subsubsection X Window diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index ac011f128..a9a03ce40 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -3,6 +3,7 @@ ;;; Copyright © 2015 Mark H Weaver ;;; Copyright © 2016 Efraim Flashner ;;; Copyright © 2016 John Darrington +;;; Copyright © 2017 ng0 ;;; ;;; This file is part of GNU Guix. ;;; @@ -27,6 +28,7 @@ #:use-module (gnu system pam) #:use-module (gnu packages admin) #:use-module (gnu packages connman) + #:use-module (gnu packages gnunet) #:use-module (gnu packages linux) #:use-module (gnu packages tor) #:use-module (gnu packages messaging) @@ -66,7 +68,12 @@ wicd-service network-manager-service connman-service - wpa-supplicant-service-type)) + wpa-supplicant-service-type + + gnunet-configuration + gnunet-configuration? + gnunet-service-type + %default-gnunet-config-file)) ;;; Commentary: ;;; @@ -786,4 +793,121 @@ configure networking." (service-extension dbus-root-service-type list) (service-extension profile-service-type list))))) + +;;; GNUnet +;;; +;;; + +(define-record-type* + gnunet-configuration make-gnunet-configuration + gnunet-configuration? + (package gnunet-configuration-package + (default gnunet)) + (config-file gnunet-configuration-config-file + (default %default-gnunet-config-file))) + +(define %default-gnunet-config-file + (plain-file "gnunet.conf" " +[PATHS] +SERVICEHOME = /var/lib/gnunet +GNUNET_CONFIG_HOME = /var/lib/gnunet + +[arm] +SYSTEM_ONLY = YES +USER_ONLY = NO + +[nat] +BEHIND_NAT = YES +ENABLE_UPNP = YES + +[hostlist] +OPTIONS = -b -e +")) + +(define gnunet-shepherd-service + (match-lambda + (($ package config-file) + (list (shepherd-service + (provision '(gnunet)) + (requirement '(user-processes loopback networking)) + (documentation "Run the GNUnet service.") + (start + (let ((gnunet + (file-append package "/lib/gnunet/libexec/gnunet-service-arm"))) + #~(make-forkexec-constructor + (list #$gnunet "-c" #$config-file) + #:pid-file "/var/run/gnunet.pid" + #:user "gnunet" + #:group "gnunet" + #:log-file "/var/lib/gnunet/gnunet.log"))) + (stop + #~(make-kill-destructor))))))) + +(define %gnunet-accounts + (list (user-group + (name "gnunetdns") + (system? #t)) + (user-group + (name "gnunet") + (system? #t)) + (user-account + (name "gnunet") + (group "gnunet") + (system? #t) + (comment "GNUnet system user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))) + +(define gnunet-activation + (match-lambda + (($ package config-file) + (let ((gnunet + (file-append package "/lib/gnunet/libexec/gnunet-service-arm"))) + #~(begin + (use-modules (guix build utils)) + (define %user (getpw "gnunet")) + (mkdir-p "/var/lib/gnunet/") + (chown "/var/lib/gnunet" (passwd:uid %user) (passwd:gid %user)) + ;;(chmod "/var/lib/gnunet/" #o755) + (mkdir-p "/var/lib/gnunet/.local/share/gnunet") + (mkdir-p "/var/lib/gnunet/.cache/gnunet") + (mkdir-p "/var/lib/gnunet/hostlist") + (mkdir-p "/var/lib/gnunet/.config/gnunet") + (chown "/var/lib/gnunet/.local/share/gnunet" (passwd:uid %user) (passwd:gid %user)) + (chown "/var/lib/gnunet/.cache/gnunet" (passwd:uid %user) (passwd:gid %user)) + (chown "/var/lib/gnunet/hostlist" (passwd:uid %user) (passwd:gid %user)) + ;;(chown "/var/lib/gnunet/gnunet.conf" (passwd:uid %user) (passwd:gid %user)) + (chown "/var/lib/gnunet/.config/gnunet" (passwd:uid %user) (passwd:gid %user))))))) + ;;(chmod "/var/lib/gnunet/.config/gnunet" #o755) + ;;(chmod "/var/lib/gnunet/.cache/gnunet" #o755) + ;;(chmod "/var/lib/gnunet/.local/share/gnunet" #o755)))))) + +;; SUID_ROOT_HELPERS="exit nat-server nat-client transport-bluetooth transport-wlan vpn" +;; set chmod u+s for those above. +;; chmodown_execbin ${libexec}/gnunet-helper-dns 4750 root:gnunetdns +;; chmodown_execbin ${libexec}/gnunet-service-dns 2750 gnunet:gnunetdns +(define gnunet-setuid-programs + (match-lambda + (($ package) + (list (file-append package "/lib/gnunet/libexec/gnunet-helper-exit") + (file-append package "/lib/gnunet/libexec/gnunet-helper-nat-server") + (file-append package "/lib/gnunet/libexec/gnunet-helper-nat-client") + (file-append package "/lib/gnunet/libexec/gnunet-helper-transport-bluetooth") + (file-append package "/lib/gnunet/libexec/gnunet-helper-transport-wlan") + (file-append package "/lib/gnunet/libexec/gnunet-helper-vpn"))))) + +(define gnunet-service-type + (service-type + (name 'gnunet) + (extensions (list (service-extension account-service-type + (const %gnunet-accounts)) + (service-extension activation-service-type + gnunet-activation) + (service-extension profile-service-type + (compose list gnunet-configuration-package)) + (service-extension setuid-program-service-type + gnunet-setuid-programs) + (service-extension shepherd-root-service-type + gnunet-shepherd-service))))) + ;;; networking.scm ends here -- 2.11.0