From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([209.51.188.92]:42168)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hJH7A-0002Zl-15
	for guix-patches@gnu.org; Wed, 24 Apr 2019 08:35:05 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hJH78-0000c4-Lb
	for guix-patches@gnu.org; Wed, 24 Apr 2019 08:35:03 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:41722)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1hJH78-0000bW-HB
	for guix-patches@gnu.org; Wed, 24 Apr 2019 08:35:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hJH77-0000q8-W9
	for guix-patches@gnu.org; Wed, 24 Apr 2019 08:35:02 -0400
Subject: [bug#35329] [PATCH] gnu: knot-service: Add includes field in
	configuration.
Resent-Message-ID: <handler.35329.B35329.15561092703187@debbugs.gnu.org>
From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
References: <20190419212255.20209-1-julien@lepiller.eu>
Date: Wed, 24 Apr 2019 14:34:15 +0200
In-Reply-To: <20190419212255.20209-1-julien@lepiller.eu> (Julien Lepiller's
	message of "Fri, 19 Apr 2019 23:22:55 +0200")
Message-ID: <87wojjd1ko.fsf@gnu.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Julien Lepiller <julien@lepiller.eu>
Cc: 35329@debbugs.gnu.org

Julien Lepiller <julien@lepiller.eu> skribis:

> * gnu/services/dns.scm (knot-configuration): Add includes field.
> (verify-knot-configuration): Check includes content.
> (knot-config-file): Serialize includes.
> * doc/guix.texi (DNS Services): Document it.

[...]

> +@item @code{includes} (default: @code{'()})
> +A list of strings or file-like objects denoting other files that must be
> +included at the top of the configuration file.  This is especially useful
                                                 ^
I=E2=80=99d make a new paragraph here.

> +for including key configuration from outside the store, since keys should
> +not be readable by every user.  It can also be used to add configuration
> +not supported by this interface.

What about:

  @cindex secrets, Knot service
  This can be used to manage secrets out-of-band.  For example, secret
  keys may be stored in an out-of-band file not managed by Guix, and
  thus not visible in @file{/gnu/store}---e.g., you could store secret
  key configuration in @file{/etc/knot/secrets.conf} and add this file
  to the @code{includes} list.

  It can also be used [=E2=80=A6]

LGTM!

Thanks,
LUdo=E2=80=99.