From: ludo@gnu.org (Ludovic Courtès)
To: Julien Lepiller <julien@lepiller.eu>
Cc: guix-devel@gnu.org
Subject: Re: [PATCH 2/2] gnu: Add openvpn service.
Date: Fri, 13 Jan 2017 18:58:18 +0100 [thread overview]
Message-ID: <87bmvarged.fsf@gnu.org> (raw)
In-Reply-To: <20170112175714.3855-2-julien@lepiller.eu> (Julien Lepiller's message of "Thu, 12 Jan 2017 18:57:14 +0100")
Julien Lepiller <julien@lepiller.eu> skribis:
> * gnu/services/vpn.scm: New file.
> * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
> * doc/guix.texi (VPN Services): New section.
Woow, neat!
Overall LGTM! The following comments are about cosmetic issues, but I
think it’s best to get them right.
> +@node VPN Services
> +@subsubsection VPN Services
> +@cindex VPN
> +
> +The @code{(gnu services vpn)} module provides the following sevices:
Please provide a few sentences of context and index entries, like:
@cindex VPN (virtual private network)
@cindex virtual private network (VPN)
The @code{(gnu services vpn)} module provides services related to
@dfn{virtual private networks} (VPNs). It provides a @emph{client}
service---allowing your machine to connect to a VPN, as well as
@emph{server} functionality---where your machine hosts a VPN. Both
use @uref{https://openvpn.net/, OpenVPN}.
> +@deffn {Scheme Procedure} openvpn-client-service @
> + [#:config (openvpn-client-configuration)]
> +
> +Return a service that runs @var{openvpn}, a VPN daemon, as a client.
@command{openvpn} (or @command{openvpnd}, whatever it’s called), or
OpenVPN. @var is for variables.
> +@deffn {Scheme Procedure} openvpn-server-service @
> + [#:config (openvpn-server-configuration)]
> +
> +Return a service that runs @var{openvpn}, a VPN daemon, as a server.
Ditto.
> + openvpn-ccd-configuration
> + generate-openvpn-client-documentation
> + generate-openvpn-server-documentation
> +))
No hanging parens please. :-)
> +(define (uglify-field-name name)
> + (match name
> + ('verbosity "verb")
> + (_ (let ((str (symbol->string name)))
> + (if (string-suffix? "?" str)
> + (substring str 0 (1- (string-length str)))
> + str)))))
The indentation is off in several places. Could you run:
./etc/indent-code.el gnu/services/vpn.scm
(You need to have ‘emacs’ or ‘emacs-minimal’ installed but this is
non-interactive.)
> +(define (create-ccd-directory val)
> + (let ((files (map (lambda (ccd)
> + (list (openvpn-ccd-configuration-name ccd)
> + (with-output-to-string
> + (lambda ()
> + (serialize-configuration
> + ccd openvpn-ccd-configuration-fields)))))
Please add a docstring. It’s not obvious what’s happening here.
> + val)))
> + (computed-file "ccd"
> + (with-imported-modules '((guix build utils))
> + #~(begin
> + (use-modules (guix build utils))
> + (mkdir-p #$output)
> + (for-each
> + (lambda (ccd)
> + (call-with-output-file (string-append #$output "/" (car ccd))
> + (lambda (port) (display (car (cdr ccd)) port))))
> + '#$files))))))
Please use ‘match’ instead of (car (cdr ccd)):
(lambda (port)
(match ccd
((_ (thing _ ...))
(display thing port))))
Of course you can use an identifier more descriptive than ‘thing’. ;-)
> + (server-ipv6
> + (cidr6 #f)
> + "A CIDR notation specifying the ipv6 subnet inside the virtual network.")
It would be ideal if you could expand “CIDR” the first type.
Also, in comments and docstrings in the whole file (and thus in
guix.texi):
s/ipv6/IPv6/
s/udp/UDP/
s/tcp/TCP/
s/diffie-hellman/Diffie-Hellman/
s/Openvpn/OpenVPN/
> +(define (openvpn-shepherd-service role)
> + (lambda (config)
> + (let* ((config-file (openvpn-config-file role config))
> + ; #$(serialize-configuration config
> + ; (match role
> + ; ('server openvpn-server-configuration-fields)
> + ; ('client openvpn-client-configuration-fields)))))
Please remove the comment.
> + (start #~(make-forkexec-constructor
> + (list (string-append #$openvpn "/sbin/openvpn")
> + "--writepid" #$pid-file "--config" #$config-file
> + "--daemon")))
Add #:pid-file #$pid-file, so that shepherd does the right thing.
> +(define %openvpn-activation
> + #~(begin
> + (mkdir-p "/var/run/openvpn")))
‘begin’ can be omitted.
Could you send an updated patch?
Besides, could you think of a system test that would allow us to test
both services? Perhaps a single config that has both the OpenVPN server
and client running? Thoughts?
Thank you!
Ludo’.
next prev parent reply other threads:[~2017-01-13 17:58 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-12 17:57 [PATCH 1/2] gnu: openvpn: Update to 2.4.0 Julien Lepiller
2017-01-12 17:57 ` [PATCH 2/2] gnu: Add openvpn service Julien Lepiller
2017-01-13 17:58 ` Ludovic Courtès [this message]
2017-01-14 13:39 ` Julien Lepiller
2017-01-14 21:16 ` Ludovic Courtès
2017-01-15 18:25 ` Alex Kost
2017-01-15 22:11 ` Ludovic Courtès
2017-01-16 19:32 ` Alex Kost
2017-01-19 11:51 ` Ludovic Courtès
2017-01-19 19:01 ` Alex Kost
2017-01-20 13:45 ` Ludovic Courtès
2017-01-14 22:07 ` Hartmut Goebel
2017-01-13 17:29 ` [PATCH 1/2] gnu: openvpn: Update to 2.4.0 Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87bmvarged.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=guix-devel@gnu.org \
--cc=julien@lepiller.eu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).