From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:470:142:3::10]:42636)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1iTMvZ-0007Gl-0A
 for guix-patches@gnu.org; Sat, 09 Nov 2019 04:21:06 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1iTMvX-0003R3-DZ
 for guix-patches@gnu.org; Sat, 09 Nov 2019 04:21:04 -0500
Received: from debbugs.gnu.org ([209.51.188.43]:39362)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1iTMvX-0003Qw-AV
 for guix-patches@gnu.org; Sat, 09 Nov 2019 04:21:03 -0500
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1iTMvX-000770-56
 for guix-patches@gnu.org; Sat, 09 Nov 2019 04:21:03 -0500
Subject: [bug#38145] [PATCH 3/3] services: Add knot-resolver-service-type.
Resent-Message-ID: <handler.38145.B38145.157329122027227@debbugs.gnu.org>
From: =?UTF-8?Q?=E5=AE=8B=E6=96=87=E6=AD=A6?= <iyzsong@member.fsf.org>
Date: Sat,  9 Nov 2019 17:19:56 +0800
Message-Id: <20191109091956.6922-3-iyzsong@member.fsf.org>
In-Reply-To: <20191109091956.6922-1-iyzsong@member.fsf.org>
References: <20191109091956.6922-1-iyzsong@member.fsf.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: 38145@debbugs.gnu.org
Cc: =?UTF-8?Q?=E5=AE=8B=E6=96=87=E6=AD=A6?= <iyzsong@member.fsf.org>

* gnu/services/dns.scm (<knot-resolver-configuration>): New record type.
(knot-resolver-activation, knot-resolver-shpherd-services): New procedures.
(%knot-resolver-accounts, %kresd.conf, knot-resolver-service-type): New
variables.
* doc/guix.texi (DNS Services): Document it.
---
 doc/guix.texi        | 38 ++++++++++++++++++++
 gnu/services/dns.scm | 86 ++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 124 insertions(+)

diff --git a/doc/guix.texi b/doc/guix.texi
index 27cb31dde5..5ad259c46e 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -21085,6 +21085,44 @@ The list of knot-zone-configuration used by this configuration.
 @end table
 @end deftp
 
+@subsubheading Knot Resolver Service
+
+@deffn {Scheme Variable} knot-resolver-service-type
+This this the type of the knot resolver service, whose value should be
+an @code{knot-resolver-configuration} object as in this example:
+
+@lisp
+(service knot-resolver-service-type
+         (knot-resolver-configuration
+           (kresd-config-file (plain-file "kresd.conf" "
+net.listen('192.168.0.1', 5353)
+user('knot-resolver', 'knot-resolver')
+modules = @{ 'hints > iterate', 'stats', 'predict' @}
+cache.size = 100 * MB
+"))))
+@end lisp
+
+For more information, refer its @url{https://knot-resolver.readthedocs.org/en/stable/daemon.html#configuration, manual}.
+@end deffn
+
+@deftp {Data Type} knot-resolver-configuration
+Data type representing the configuration of knot-resolver.
+
+@table @asis
+@item @code{package} (default: @var{knot-resolver})
+Package object of the knot DNS resolver.
+
+@item @code{kresd-config-file} (default: %kresd.conf)
+File-like object of the kresd configuration file to use, by default it
+will listen on @code{127.0.0.1} and @code{::1}.
+
+@item @code{garbage-collection-interval} (default: 1000)
+Number of milliseconds for @code{kres-cache-gc} to periodically trim the cache.
+
+@end table
+@end deftp
+
+
 @subsubheading Dnsmasq Service
 
 @deffn {Scheme Variable} dnsmasq-service-type
diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm
index 5f37cb0782..43b6261c07 100644
--- a/gnu/services/dns.scm
+++ b/gnu/services/dns.scm
@@ -45,6 +45,9 @@
             zone-file
             zone-entry
 
+            knot-resolver-service-type
+            knot-resolver-configuration
+
             dnsmasq-service-type
             dnsmasq-configuration
 
@@ -638,6 +641,89 @@
                                            (const %knot-accounts))))))
 
 
+;;;
+;;; Knot Resolver.
+;;;
+
+(define-record-type* <knot-resolver-configuration>
+  knot-resolver-configuration
+  make-knot-resolver-configuration
+  knot-resolver-configuration?
+  (package knot-resolver-configuration-package
+           (default knot-resolver))
+  (kresd-config-file knot-resolver-kresd-config-file
+                     (default %kresd.conf))
+  (garbage-collection-interval knot-resolver-garbage-collection-interval
+                               (default 1000)))
+
+(define %kresd.conf
+  (plain-file "kresd.conf" "-- -*- mode: lua -*-
+net = { '127.0.0.1', '::1' }
+user('knot-resolver', 'knot-resolver')
+modules = { 'hints > iterate', 'stats', 'predict' }
+cache.size = 100 * MB
+"))
+
+(define %knot-resolver-accounts
+  (list (user-group
+         (name "knot-resolver")
+         (system? #t))
+        (user-account
+         (name "knot-resolver")
+         (group "knot-resolver")
+         (system? #t)
+         (home-directory "/var/cache/knot-resolver")
+         (shell (file-append shadow "/sbin/nologin")))))
+
+(define (knot-resolver-activation config)
+  #~(begin
+      (use-modules (guix build utils))
+      (let ((rundir "/var/cache/knot-resolver")
+            (owner (getpwnam "knot-resolver")))
+        (mkdir-p rundir)
+        (chown rundir (passwd:uid owner) (passwd:gid owner)))))
+
+(define knot-resolver-shepherd-services
+  (match-lambda
+    (($ <knot-resolver-configuration> package
+                                      kresd-config-file
+                                      garbage-collection-interval)
+     (list
+      (shepherd-service
+       (provision '(kresd))
+       (requirement '(networking))
+       (documentation "Run the Knot Resolver daemon.")
+       (start #~(make-forkexec-constructor
+                 '(#$(file-append package "/sbin/kresd")
+                   "-c" #$kresd-config-file "-f" "1"
+                   "/var/cache/knot-resolver")))
+       (stop #~(make-kill-destructor)))
+      (shepherd-service
+       (provision '(kres-cache-gc))
+       (requirement '(user-processes))
+       (documentation "Run the Knot Resolver Garbage Collector daemon.")
+       (start #~(make-forkexec-constructor
+                 '(#$(file-append package "/sbin/kres-cache-gc")
+                   "-d" #$(number->string garbage-collection-interval)
+                   "-c" "/var/cache/knot-resolver")
+                 #:user "knot-resolver"
+                 #:group "knot-resolver"))
+       (stop #~(make-kill-destructor)))))))
+
+(define knot-resolver-service-type
+  (service-type
+   (name 'knot-resolver)
+   (extensions
+    (list (service-extension shepherd-root-service-type
+                             knot-resolver-shepherd-services)
+          (service-extension activation-service-type
+                             knot-resolver-activation)
+          (service-extension account-service-type
+                             (const %knot-resolver-accounts))))
+   (default-value (knot-resolver-configuration))
+   (description "Run the Knot DNS Resolver.")))
+
+
 ;;;
 ;;; Dnsmasq.
 ;;;
-- 
2.19.2