From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id aFm2I3Y5Cl/lOwAA0tVLHw (envelope-from ) for ; Sat, 11 Jul 2020 22:13:10 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id SJW3H3Y5Cl+9OQAAB5/wlQ (envelope-from ) for ; Sat, 11 Jul 2020 22:13:10 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id E37E39400B7 for ; Sat, 11 Jul 2020 22:13:09 +0000 (UTC) Received: from localhost ([::1]:36166 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1juNk4-0000J6-Tt for larch@yhetil.org; Sat, 11 Jul 2020 18:13:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:52776) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1juNjy-0000Iv-Qb for guix-patches@gnu.org; Sat, 11 Jul 2020 18:13:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:33470) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1juNjy-0006mi-HV for guix-patches@gnu.org; Sat, 11 Jul 2020 18:13:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1juNjy-0004MK-DD for guix-patches@gnu.org; Sat, 11 Jul 2020 18:13:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#41803] [PATCH] Yggdrasil package and accompanying shepherd service (mesh network) Resent-From: Julien Lepiller Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 11 Jul 2020 22:13:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 41803 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: raingloom Cc: 41803@debbugs.gnu.org Received: via spool by 41803-submit@debbugs.gnu.org id=B41803.159450553816703 (code B ref 41803); Sat, 11 Jul 2020 22:13:02 +0000 Received: (at 41803) by debbugs.gnu.org; 11 Jul 2020 22:12:18 +0000 Received: from localhost ([127.0.0.1]:45015 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1juNjF-0004LL-Rg for submit@debbugs.gnu.org; Sat, 11 Jul 2020 18:12:18 -0400 Received: from lepiller.eu ([89.234.186.109]:42308) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1juNjD-0004LC-UJ for 41803@debbugs.gnu.org; Sat, 11 Jul 2020 18:12:16 -0400 Received: from lepiller.eu (localhost [127.0.0.1]) by lepiller.eu (OpenSMTPD) with ESMTP id 8f234531; Sat, 11 Jul 2020 22:12:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=lepiller.eu; h=date:from :to:cc:subject:message-id:in-reply-to:references:mime-version :content-type:content-transfer-encoding; s=dkim; bh=DRHwTj+06JQl jgvoFBlGcpPR2lIun8tK8Di8g8EFPhI=; b=PCr1cO9lFWmF4d8KxGvyje4bpLgJ 8M6sFhBKVAjDVtHz68/cAZ3zX+lsl9kYxJ1XJDEBZ9P+GeK6AlnEhZAoMSoAzgsj YqTSMIf4sbNOTSHyyvCFUiDwSTPxm4JYQN5DpuiCLHagC7Ldk9XxqClM7DmBj55z oOJ24jnCKQeWYHop5ilUGSa2hh119g8a1LnxJsXjrOWbs0hZMqX1zWOJVl46g2Z/ 59qyQuU5mrBZFMnBGMRr7e+B+Nl5hDGsJqr7vCeiZnnIsdScauFLAuw6Ws43ovkj jBbbfelcLkAqg+hBiumhDT9ETNQLnb+iSb/X9EbQ/B9Jev2fGt/NePvnSw== Received: by lepiller.eu (OpenSMTPD) with ESMTPSA id d8a0930c (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Sat, 11 Jul 2020 22:12:13 +0000 (UTC) Date: Sun, 12 Jul 2020 00:12:06 +0200 From: Julien Lepiller Message-ID: <20200712001206.760aee62@tachikoma.lepiller.eu> In-Reply-To: <20200611155656.7ece9c24@riseup.net> References: <20200611155656.7ece9c24@riseup.net> X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; x86_64-unknown-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -1.0 (-) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=lepiller.eu header.s=dkim header.b=PCr1cO9l; dmarc=fail reason="SPF not aligned (relaxed)" header.from=lepiller.eu (policy=none); spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: 0.09 X-TUID: E0mftBNela5F Le Thu, 11 Jun 2020 15:56:56 +0200, raingloom a =C3=A9crit : > from: https://yggdrasil-network.github.io/ > "Yggdrasil is an early-stage implementation of a fully end-to-end > encrypted IPv6 network." >=20 > I spent the last few days packaging it and now it's in a state where I > think it's usable. >=20 > The configuration can include private keys, so that part should NOT go > in the operating system config, because it would get stored in the > world-readable Guix store. Nix works around this by merging the > generated config with a JSON file and sending it to yggdrasil over its > stdin. >=20 > I chose not to do that because I couldn't figure out how to open a > service's stdin and because I think the way I did it is much more > elegant in the long run. >=20 > The package is lightly patched to take not one but two config files, > and it simply merges them internally. The patch is completely > backwards compatible and unobtrusive. It took me about an hour to > write and debug and most of that was just figuring out Go's syntax > and type system. I will try to get upstream to accept it, or > implement similar functionality. >=20 > Still TODO: > documenting the service as an info page. >=20 > The gist of using it is: > 1. look at example operating system > 2. see yggdrasil -genconf -json for config options > (3.) optional: save output as /etc/yggdrasil-secret.conf > (4.) chmod 600 /etc/yggdrasil-secret.conf > (5.) delete everything but the signing and encryption keys > 6. add peers as needed, or set autoconf? to #t to connect through a > local peer >=20 > It seems to work fine. I could connect to open peers from one > machine and another one could auto-configure itself to connect through > the first one over the LAN. It's pretty nifty. Hi, this is more of a quick review. First patch LGTM. You should split every package you add in the second patch in separate patches. Also the commit message should say "new variable", no need to say it's public. You left a comment about the license for go-github-com-gologme-log. Have you contacted upstream to tell them about that, what was their reaction? I think the fact that the readme says bsd implies the intention is that it is free software, but better safe than sorry. Otherwise, these packages lgtm. In the third patch again, the commit message should say "new variable". You should not use the past tense either, so "Add it". Is the licenes lgpl3, or lgpl3+? Not a go programmer, so I'm not reading the patch, but I'm trusting you that it works :) For the fourth patch, I don't think you need to list new private variables in the commit message, nor new dependencies. Only list public variables, as "New variables". As you noted, could you add something about it to the manual? In the system example, should Yggdrasil really be installed in the system profile? If so, I think you can add a profile-service-type extension to the service so the package is automatically available. Then you don't need to specify the package in the os configuration, and it ensures you install the same package (declared in the service configuration) for the service and in the system. Thanks for working on this!