From mboxrd@z Thu Jan 1 00:00:00 1970 From: ng0 Subject: Re: [PATCH 2/2] services: Add tlsdate-service. Date: Mon, 05 Dec 2016 18:23:40 +0000 Message-ID: <877f7emdzn.fsf@we.make.ritual.n0.is> References: <20161205182014.5155-1-ng0@libertad.pw> <20161205182014.5155-3-ng0@libertad.pw> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:47127) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cDxvh-00026x-MU for guix-devel@gnu.org; Mon, 05 Dec 2016 13:23:59 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cDxve-0002Yd-CI for guix-devel@gnu.org; Mon, 05 Dec 2016 13:23:57 -0500 Received: from aibo.runbox.com ([91.220.196.211]:32970) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cDxve-0002YD-0u for guix-devel@gnu.org; Mon, 05 Dec 2016 13:23:54 -0500 Received: from [10.9.9.212] (helo=mailfront12.runbox.com) by bars.runbox.com with esmtp (Exim 4.71) (envelope-from ) id 1cDxvc-0002FZ-QY for guix-devel@gnu.org; Mon, 05 Dec 2016 19:23:52 +0100 Received: from [195.123.209.184] (helo=localhost) by mailfront12.runbox.com with esmtpsa (uid:892961 ) (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) id 1cDxvS-0001sV-V7 for guix-devel@gnu.org; Mon, 05 Dec 2016 19:23:43 +0100 In-Reply-To: <20161205182014.5155-3-ng0@libertad.pw> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org ng0 writes: > * gnu/services/networking.scm (): New record type. > (%tlsdate-accounts): New variables. > (tlsdate-shepherd-service): New procedure. > (tlsdate-service-type): New variable. > * doc/guix.texi (Networking Services): Document it. > --- > doc/guix.texi | 32 +++++++++++++++++ > gnu/services/networking.scm | 84 ++++++++++++++++++++++++++++++++++++++++++++- > 2 files changed, 115 insertions(+), 1 deletion(-) > > diff --git a/doc/guix.texi b/doc/guix.texi > index 4d7f96d90..f6efd040d 100644 > --- a/doc/guix.texi > +++ b/doc/guix.texi > @@ -8594,6 +8594,38 @@ make an initial adjustment of more than 1,000 seconds. > List of host names used as the default NTP servers. > @end defvr > > +@cindex tlsdate > +@deffn {Scheme Procedure} tlsdate-service [#:config (tlsdate-configuration)] > + > +Return a service that runs @command{tlsdate}, a simple TCP based time service. > +The daemon will synchronize the system clock with a server of your > +choice via TCP at boot. > + > +The optional @var{config} argument should be a > +@code{} object, by default it syncs the time with gnu.org. > + > +@end deffn > + > +@deftp {Data Type} tlsdate-configuration > +Data type representing the configuration of tlsdate. > + > +@table @asis > +@item @code{package} (default: @var{tlsdate}) > +Package object of the tlsdate time service. > + > +@item @code{port} (default: @var{'()}) > +Set the port of the remote hostname which should be used. > + > +@item @code{host} (default: @var{"gnu.org"}) > +Set the remote hostname which will be queried. Defaults to @code{gnu.org}. > + > +@item @code{extra-options} (default: @var{'()}) > +Extra options will be passed to @code{tlsdate}, please run > +@command{man tlsdate} for more information. > + > +@end table > +@end deftp > + > @cindex Tor > @deffn {Scheme Procedure} tor-service [@var{config-file}] [#:tor @var{tor}] > Return a service to run the @uref{https://torproject.org, Tor} anonymous > diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm > index d672ecf68..ab19bcb0e 100644 > --- a/gnu/services/networking.scm > +++ b/gnu/services/networking.scm > @@ -3,6 +3,7 @@ > ;;; Copyright © 2015 Mark H Weaver > ;;; Copyright © 2016 Efraim Flashner > ;;; Copyright © 2016 John Darrington > +;;; Copyright © 2016 ng0 > ;;; > ;;; This file is part of GNU Guix. > ;;; > @@ -66,7 +67,13 @@ > wicd-service > network-manager-service > connman-service > - wpa-supplicant-service-type)) > + wpa-supplicant-service-type > + > + tlsdate-service > + tlsdate-configuration > + tlsdate-service-type > + tlsdate-configuration? > + tlsdate-configuration)) > > ;;; Commentary: > ;;; > @@ -360,6 +367,81 @@ make an initial adjustment of more than 1,000 seconds." > > > ;;; > +;;; tlsdate > +;;; > + > +(define-record-type* > + tlsdate-configuration make-tlsdate-configuration > + tlsdate-configuration? > + (package tlsdate-configuration-package > + (default tlsdate)) > + (host tlsdate-configuration-host > + (default "gnu.org")) > + (port tlsdate-configuration-port > + (default #f)) > + (extra-options tlsdate-configuration-extra-options > + (default '()))) > + > +(define %tlsdate-accounts > + (list (user-group (name "tlsdate") (system? #t)) > + (user-account > + (name "tlsdate") > + (group "tlsdate") > + (system? #t) > + (comment "tlsdate daemon user") > + (home-directory "/var/empty") > + (shell (file-append shadow "/sbin/nologin"))))) > + > +(define tlsdate-shepherd-service > + (match-lambda > + (($ > + package host port extra-options) > + (let* ((tlsdate (file-append package "/bin/tlsdate")) > + (command `(,tlsdate > + "-l" ; leap > + "-t" ; timewarp > + ,@(if host > + `(,(string-append > + "-H" " " host)) > + '()) > + ,@(if port > + `(,(string-append > + "-p" " " (number->string port))) > + '()) > + ,@extra-options))) > + (list (shepherd-service > + ;;(provision '(tlsdate)) > + (provision '(ntp)) > + ;; tlsdate needs at least one network interface to be up, hence the > + ;; dependency on 'loopback'. > + (requirement '(user-processes dbus-system loopback syslogd)) ^__ remains from the time where I tried to enable the dbus functionality. I'll send a new patch. > + > + (start #~(make-forkexec-constructor '#$command > + #:user "tlsdate" > + #:group "tlsdate")) > + (stop #~(make-kill-destructor)) > + (documentation "Run the tlsdate service."))))))) > + > +(define tlsdate-service-type > + (service-type > + (name 'tlsdate) > + (extensions > + (list (service-extension shepherd-root-service-type > + tlsdate-shepherd-service) > + (service-extension account-service-type > + (const %tlsdate-accounts)))))) > + > +(define* (tlsdate-service #:key (config (tlsdate-configuration))) > + "Return a service that runs @command{tlsdate}, a simple TCP based > +time service. > + > +The optional @var{config} argument should be a > +@code{} object, by default it querries gnu.org > +for time once at boot." > + (service tlsdate-service-type config)) > + > + > +;;; > ;;; Tor. > ;;; > > -- > 2.11.0 > > -- ♥Ⓐ ng0 | ng0.chaosnet.org