From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id yNGVAm8abGEuHAEAgWs5BA (envelope-from ) for ; Sun, 17 Oct 2021 14:43:27 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id 4K3xOW4abGH4agAAB5/wlQ (envelope-from ) for ; Sun, 17 Oct 2021 12:43:26 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 5DF3C3BFA for ; Sun, 17 Oct 2021 14:43:22 +0200 (CEST) Received: from localhost ([::1]:60592 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mc5VY-0003aE-JF for larch@yhetil.org; Sun, 17 Oct 2021 08:43:20 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34770) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mc5VH-0003W0-Er for guix-patches@gnu.org; Sun, 17 Oct 2021 08:43:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:60397) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mc5VG-0008Kb-A6 for guix-patches@gnu.org; Sun, 17 Oct 2021 08:43:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mc5VG-0004BH-42 for guix-patches@gnu.org; Sun, 17 Oct 2021 08:43:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#51250] [PATCH] gnu: Add tmate-ssh-server service. Resent-From: itd Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 17 Oct 2021 12:43:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 51250 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 51250@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.163447457016050 (code B ref -1); Sun, 17 Oct 2021 12:43:01 +0000 Received: (at submit) by debbugs.gnu.org; 17 Oct 2021 12:42:50 +0000 Received: from localhost ([127.0.0.1]:43710 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mc5V3-0004An-AA for submit@debbugs.gnu.org; Sun, 17 Oct 2021 08:42:49 -0400 Received: from lists.gnu.org ([209.51.188.17]:35184) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mc5V0-0004Ae-3o for submit@debbugs.gnu.org; Sun, 17 Oct 2021 08:42:47 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34704) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mc5Uz-00030Z-QQ for guix-patches@gnu.org; Sun, 17 Oct 2021 08:42:45 -0400 Received: from mail-out2.in.tum.de ([131.159.0.36]:58778 helo=mail-out2.informatik.tu-muenchen.de) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mc5Uw-0007zr-0Q for guix-patches@gnu.org; Sun, 17 Oct 2021 08:42:45 -0400 Received: from mailrelay1.rbg.tum.de (mailrelay1.in.tum.de [131.159.254.14]) by mail-out2.informatik.tu-muenchen.de (Postfix) with ESMTP id EDDA624006D for ; Sun, 17 Oct 2021 14:42:30 +0200 (CEST) Received: by mailrelay1.rbg.tum.de (Postfix, from userid 112) id EB2ABC3; Sun, 17 Oct 2021 14:42:30 +0200 (CEST) Received: from mailrelay1.rbg.tum.de (localhost [127.0.0.1]) by mailrelay1.rbg.tum.de (Postfix) with ESMTP id 0BF71BA for ; Sun, 17 Oct 2021 14:42:27 +0200 (CEST) Received: from mail.net.in.tum.de (mail.net.in.tum.de [IPv6:2001:4ca0:2001:14:216:3eff:fe52:ed14]) by mailrelay1.rbg.tum.de (Postfix) with ESMTP id 0A81CB7 for ; Sun, 17 Oct 2021 14:42:27 +0200 (CEST) Received: from amnesix.net.in.tum.de (amnesix.net.in.tum.de [131.159.20.238]) by mail.net.in.tum.de (Postfix) with ESMTP id DFFA12825014; Sun, 17 Oct 2021 14:42:26 +0200 (CEST) From: itd Date: Sun, 17 Oct 2021 14:42:25 +0200 Message-ID: <87wnmbddqm.fsf@localhost> MIME-Version: 1.0 Content-Type: text/plain Received-SPF: none client-ip=131.159.0.36; envelope-from=itd@net.in.tum.de; helo=mail-out2.informatik.tu-muenchen.de X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1634474602; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:list-id:list-help:list-unsubscribe:list-subscribe: list-post; bh=gDJNezDuilz51TGxNXyfZWHfCklKP9ChXw5SNJiZwqo=; b=EC3CQJGU7LkFekysJNeZ7+vPOuwBohn/qD+oO2RrA5JghAKruGcSOZ+O0X74rOrbFNGJOZ sJi72SMHBWmtzsqBStVq5JuaFszT8HeaqbVjFkJAuK/tI2VHT+XvQIEfdsBaNiZSdA9e4O B30sJtAQncDE2sROHn8SmlSsVFmEH0WLADJfrwVxmzYoef2XZCrissHw/OrTpCszNXexpg z3g3XNp4ciVCIoCrCntlXy6jtdvDx3sINOfkPiTTES50S1fefwwY6ba+s95Dkri4U/IWBH Tdi5Hv8jH3j669RnqdilfNUU7Wyj0uV/mBkFqd7f+hs70BeBUZsQdqrBaLGODA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1634474602; a=rsa-sha256; cv=none; b=e5dDEqQ29+3fHr4EJvVv5C4GXjYPBKaWHBdy9FQCIvqtpF5i8JQJlr52ZVnBGnfP63ZNuo C0J1ttsLAgaHVj9xxCBGZ2HeUmERAFioMapRJIBxTyPXAkrnK/4R18MGTsBvipUZF/0lKj x9uaHV+UeiLj8BuULE4fsyyXUGwZdNUoKdmO0IbmXUsWMhGv+pFU5DKSHq+nrZ98B3RusB XtbTbund10+SnDIAn0hvdzWqAZYiNlqYu2lGLvThtz36xYQivAfwQVcaDmZw0AjZIyDRwI 5uOdJ1nceZenDqKdtyD55Y/m249mW2okQPiY0DT6zg2G4mWVSUbe6waLehZC3g== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Spam-Score: -2.82 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=tum.de (policy=none); spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Queue-Id: 5DF3C3BFA X-Spam-Score: -2.82 X-Migadu-Scanner: scn1.migadu.com X-TUID: RvqJurr33o1b >From d854af8a68f47439650956505c0129196ed9c7ba Mon Sep 17 00:00:00 2001 * doc/guix.texi: Add tmate-ssh-server documentation. * gnu/packages/ssh.scm (tmate-ssh-server): New variable. * gnu/services/ssh.scm (): New record type. (tmate-ssh-server-service, tmate-ssh-server-service-type): New variable. --- Hi, this adds tmate's server counterpart: tmate-ssh-server. Feedback would be appreciated. Thanks. Best regards itd doc/guix.texi | 58 ++++++++++++++++++++ gnu/packages/ssh.scm | 39 ++++++++++++++ gnu/services/ssh.scm | 123 ++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 219 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index a49abc0554..eec9a9e9bb 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -17664,6 +17664,64 @@ Logging level. @end table @end deftp +@cindex tmate-ssh-server +@deffn {Scheme Variable} tmate-ssh-server-service-type +This is the type for the @uref{https://tmate.io, tmate-ssh-server} program that +runs a @command{tmate} compatible server. @command{tmate-ssh-server} can be run +manually from the command-line by passing arguments to the binary +@command{tmate-ssh-server} from the package @code{tmate-ssh-server}, but it can +also be run as a Guix service. This latter use case is documented here. + +For example, to specify a service running @command{tmate-ssh-server} listening +on IP address 192.0.0.11 and port @code{1022}, add this call to the operating +system's @code{services} field: + +@lisp +(service tmate-ssh-server-service-type + (tmate-ssh-server-configuration (bind-ip "192.0.0.11") (port-number 1022))) +@end lisp +@end deffn + +@deftp {Data Type} tmate-ssh-server-configuration +Data type representing the configuration for @code{tmate-ssh-server-service}. + +@table @asis +@item @code{bind-ip} (default: @var{#f}) +IP address the server should bind to, if any. + +@item @code{hostname} (default: @var{#f}) +Hostname to advertise to clients. If unspecified, defaults to the system's +hostname. + +@item @code{keydir} (default: @var{"/etc/tmate-ssh-server/"}) +Directory in which tmux-ssh-server expects the SSH keys "ssh_host_rsa_key" and +"ssh_host_ed25519_key" with their public counterparts. + +@item @code{port-number} (default: @var{22}) +Port on which @command{tmate-ssh-server} will listen for new connections. + +@item @code{proxy-port-number} (default: @var{#f}) +Port to advertise to clients. + +@item @code{websocket-hostname} (default: @var{#f}) +Hostname to advertise in WebSocket connections. + +@item @code{websocket-port-number} (default: @var{#f}) +Port on which @command{tmate-ssh-server} should accept WebSocket connections. +If unspecified and WebSocket support is enabled, defaults to 4002. + +@item @code{use-websocket?} (default: @var{#f}) +Enable support for WebSocket connections. WebSocket connections are required +for named @command{tmate} sessions. + +@item @code{verbose-output?} (default: @var{#f}) +If set, increases the output verbosity of @command{tmux-ssh-server}. +@command{tmate-ssh-server}'s output will be logged in +"/var/log/tmate-ssh-server.log". + +@end table +@end deftp + @defvr {Scheme Variable} %facebook-host-aliases This variable contains a string for use in @file{/etc/hosts} (@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm index 4e217888fd..c66e3e3e83 100644 --- a/gnu/packages/ssh.scm +++ b/gnu/packages/ssh.scm @@ -47,6 +47,7 @@ #:use-module (gnu packages guile) #:use-module (gnu packages hurd) #:use-module (gnu packages libedit) + #:use-module (gnu packages libevent) #:use-module (gnu packages linux) #:use-module (gnu packages logging) #:use-module (gnu packages m4) @@ -63,6 +64,8 @@ #:use-module (gnu packages python-web) #:use-module (gnu packages python-xyz) #:use-module (gnu packages readline) + #:use-module (gnu packages serialization) + #:use-module (gnu packages ssh) #:use-module (gnu packages texinfo) #:use-module (gnu packages tls) #:use-module (gnu packages xorg) @@ -931,3 +934,39 @@ Ed25519 keys. @item Modern browsers are supported. @end itemize") (license license:expat))) + +(define-public tmate-ssh-server + ;; Last tag is a bit dated and appeared to be incompatible with Guix's tmate. + ;; See also: https://github.com/tmate-io/tmate-ssh-server/issues/89 + (let ((commit "befd49f4e8dbf43b5e80d515727a27bb67b38d56") + (revision "0")) + (package + (name "tmate-ssh-server") + (version (git-version "2.3.0" revision commit)) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/tmate-io/tmate-ssh-server") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 "0v2kxi9nqga9w8qwc3s2miix304dxgi5ima0zmn2w6fjzz2x84jd")))) + (build-system gnu-build-system) + (native-inputs `(("autoconf" ,autoconf) + ("automake" ,automake) + ("libevent" ,libevent) + ("libssh" ,libssh) + ("msgpack" ,msgpack) + ("ncurses" ,ncurses) + ("pkg-config" ,%pkg-config))) + (home-page "https://tmate.io/") + ;; TRANSLATORS: synopsis and description are similar to tmate's. It might + ;; make sense to reuse that translation. + (synopsis "Server part for @command{tmate}, a terminal sharing application") + (description "@command{tmate-ssh-server} provides the server part of +@command{tmate}. @command{tmate} is a terminal sharing application that allows +you to share your terminal with other users over the Internet. @command{tmate} +is a fork of @command{tmux}.") + (license ;; COPYING: ISC for README/CHANGES/FAQ/TODO; README: project is MIT + (list license:expat license:isc))))) diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index a018052eeb..5c7ce20c43 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -60,7 +60,12 @@ webssh-configuration webssh-configuration? webssh-service-type - %webssh-configuration-nginx)) + %webssh-configuration-nginx + + tmate-ssh-server-configuration + tmate-ssh-server-configuration? + tmate-ssh-server-service-type + tmate-ssh-server-service)) ;;; Commentary: ;;; @@ -868,4 +873,120 @@ object." (description "Run the webssh."))) + +;;; +;;; tmate-ssh-server +;;; + +(define-record-type* + tmate-ssh-server-configuration make-tmate-ssh-server-configuration + tmate-ssh-server-configuration? + (tmate-ssh-server tmate-ssh-server-configuration-tmate-ssh-server + (default tmate-ssh-server)) + ;; String + ;; IP to bind to. + (bind-ip tmate-ssh-server-configuration-bind-ip + (default #f)) + ;; String + ;; Hostname. + (hostname tmate-ssh-server-configuration-hostname + (default #f)) + ;; String + ;; Directory containing the SSH keys. + (keydir tmate-ssh-server-configuration-keydir + (default "/etc/tmate-ssh-server/")) + ;; Integer + ;; Port to listen on. + (port-number tmate-ssh-server-configuration-port-number + (default 22)) + ;; Integer + ;; Proxy port to listen on. + (proxy-port-number tmate-ssh-server-configuration-proxy-port-number + (default #f)) + ;; String + ;; Websocket hostname. + (websocket-hostname tmate-ssh-server-configuration-websocket-hostname + (default #f)) + ;; Integer + ;; Websocket port to listen on. + (websocket-port-number tmate-ssh-server-configuration-websocket-port-number + (default #f)) + ;; Boolean + ;; Use websocket. + (use-websocket? tmate-ssh-server-configuration-use-websocket? + (default #f)) + ;; Boolean + ;; Increase output verbosity. + (verbose-output? tmate-ssh-server-configuration-verbose-output? + (default #f))) + +(define (tmate-ssh-server-activation config) + "Return the activation gexp for CONFIG." + #~(begin + (use-modules (guix build utils)) + (mkdir-p "/etc/tmate-ssh-server"))) + +(define (tmate-ssh-server-shepherd-service config) + "Return a for tmate-ssh-server with CONFIG." + (define tmate-ssh-server + (tmate-ssh-server-configuration-tmate-ssh-server config)) + + (define tmate-ssh-server-command + #~(list (string-append #$tmate-ssh-server "/bin/tmate-ssh-server") + #$@(if (tmate-ssh-server-configuration-bind-ip config) + (list "-b" (tmate-ssh-server-configuration-bind-ip config)) + '()) + #$@(if (tmate-ssh-server-configuration-hostname config) + (list "-h" (tmate-ssh-server-configuration-hostname config)) + '()) + "-k" #$(tmate-ssh-server-configuration-keydir config) + #$@(if (tmate-ssh-server-configuration-port-number config) + (list "-p" (number->string + (tmate-ssh-server-configuration-port-number config))) + '()) + #$@(if (tmate-ssh-server-configuration-proxy-port-number config) + (list "-q" (number->string + (tmate-ssh-server-configuration-proxy-port-number config))) + '()) + #$@(if (tmate-ssh-server-configuration-websocket-hostname config) + (list "-w" (tmate-ssh-server-configuration-websocket-hostname config)) + '()) + #$@(if (tmate-ssh-server-configuration-websocket-port-number config) + (list "-z" (number->string + (tmate-ssh-server-configuration-websocket-port-number config))) + '()) + #$@(if (tmate-ssh-server-configuration-use-websocket? config) + '("-x") + '()) + #$@(if (tmate-ssh-server-configuration-verbose-output? config) + '("-v") + '()))) + + (define requires + '(networking)) + + (list (shepherd-service + (documentation "tmate SSH server.") + (requirement requires) + (provision '(tmate-daemon)) + (start #~(make-forkexec-constructor #$tmate-ssh-server-command + #:log-file "/var/log/tmate-ssh-server.log")) + (stop #~(make-kill-destructor))))) + +(define tmate-ssh-server-service-type + (service-type (name 'tmate-ssh-server) + (description + "Run the tmate secure shell (SSH) server.") + (extensions + (list (service-extension shepherd-root-service-type + tmate-ssh-server-shepherd-service) + (service-extension activation-service-type + tmate-ssh-server-activation))) + (default-value (tmate-ssh-server-configuration)))) + +(define* (tmate-ssh-server-service #:optional (config (tmate-ssh-server-configuration))) + "Run the @uref{https://tmate.io/,tmate SSH daemon} with the given @var{config}, +a @code{} object." + (service tmate-ssh-server-service-type config)) + ;;; ssh.scm ends here base-commit: 258a27eea9aab4f8af995f95743ccd264b5efcb5 -- 2.30.2