[bug#27364] knot: use seconds for durations

[bug#27364] knot: use seconds for durations

[Julien Lepiller]

[-- Attachment #1: Type: text/plain, Size: 95 bytes --]

Hi,

this patch makes knot-configuration use seconds instead of strings
representing durations.

[-- Attachment #2: 0001-gnu-services-use-seconds-instead-of-duration-strings.patch --]
[-- Type: text/x-patch, Size: 6055 bytes --]

From ed98d817d4993eb48445f0b0942c27f18f3bb1d3 Mon Sep 17 00:00:00 2001
From: Julien Lepiller <julien@lepiller.eu>
Date: Sat, 10 Jun 2017 11:59:18 +0200
Subject: [PATCH] gnu: services: use seconds instead of duration strings.

* gnu/services/dns.scm (zone-file, knot-policy-configuration): Use numbers
instead of duration strings.
(verify-knot-policy-configuration): Fix typo.
* doc/guix.texi (DNS Services): Update documentation.
---
 doc/guix.texi        | 29 ++++++++++++-----------------
 gnu/services/dns.scm | 20 ++++++++++----------
 2 files changed, 22 insertions(+), 27 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 87aaae854..5405f991f 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -13803,26 +13803,21 @@ The serial number of the zone.  As this is used to keep track of changes by
 both slaves and resolvers, it is mandatory that it @emph{never} decreases.
 Always increment it when you make a change in your zone.
 
-@item @code{refresh} (default: @code{"2d"})
-The frequency at which slaves will do a zone transfer.  This value can be
-a number of seconds or a number of some unit between:
-@itemize
-@item m: minute
-@item h: hour
-@item d: day
-@item w: week
-@end itemize
+@item @code{refresh} (default: @code{(* 2 24 3600)})
+The frequency at which slaves will do a zone transfer.  This value is a number
+of seconds.  It can be computed by multiplications or with
+@code{(string->duration)}.
 
-@item @code{retry} (default: @code{"15m"})
+@item @code{retry} (default: @code{(* 15 60)})
 The period after which a slave will retry to contact its master when it fails
 to do so a first time.
 
-@item @code{expiry} (default: @code{"2w"})
+@item @code{expiry} (default: @code{(* 14 24 3600)})
 Default TTL of records.  Existing records are considered correct for at most
 this amount of time.  After this period, resolvers will invalidate their cache
 and check again that it still exists.
 
-@item @code{nx} (default: @code{"1h"})
+@item @code{nx} (default: @code{3600})
 Default TTL of inexistant records.  This delay is usually short because you want
 your new domains to reach everyone quickly.
 
@@ -13925,17 +13920,17 @@ algorithm, but would be unsecure for other algorithms.
 The TTL value for DNSKEY records added into zone apex.  The special
 @code{'default} value means same as the zone SOA TTL.
 
-@item @code{zsk-lifetime} (default: @code{"30d"})
+@item @code{zsk-lifetime} (default: @code{(* 30 24 3600)})
 The period between ZSK publication and the next rollover initiation.
 
-@item @code{propagation-delay} (default: @code{"1d"})
+@item @code{propagation-delay} (default: @code{(* 24 3600)})
 An extra delay added for each key rollover step.  This value should be high
 enough to cover propagation of data from the master server to all slaves.
 
-@item @code{rrsig-lifetime} (default: @code{"14d"})
+@item @code{rrsig-lifetime} (default: @code{(* 14 24 3600)})
 A validity period of newly issued signatures.
 
-@item @code{rrsig-refresh} (default: @code{"7d"})
+@item @code{rrsig-refresh} (default: @code{(* 7 24 3600)})
 A period how long before a signature expiration the signature will be refreshed.
 
 @item @code{nsec3?} (default: @code{#f})
@@ -13948,7 +13943,7 @@ The number of additional times the hashing is performed.
 The length of a salt field in octets, which is appended to the original owner
 name before hashing.
 
-@item @code{nsec3-salt-lifetime} (default: @code{"30d"})
+@item @code{nsec3-salt-lifetime} (default: @code{(* 30 24 3600)})
 The validity period of newly issued salt field.
 
 @end table
diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm
index 2ed7b9e22..673ab1a98 100644
--- a/gnu/services/dns.scm
+++ b/gnu/services/dns.scm
@@ -99,13 +99,13 @@
   (serial  zone-file-serial
            (default 1))
   (refresh zone-file-refresh
-           (default "2d"))
+           (default (* 2 24 3600)))
   (retry   zone-file-retry
-           (default "15m"))
+           (default (* 15 60)))
   (expiry  zone-file-expiry
-           (default "2w"))
+           (default (* 2 7 24 3600)))
   (nx      zone-file-nx
-           (default "1h")))
+           (default 3600)))
 (define-record-type* <knot-keystore-configuration>
   knot-keystore-configuration make-knot-keystore-configuration
   knot-keystore-configuration?
@@ -136,13 +136,13 @@
   (dnskey-ttl           knot-policy-configuration-dnskey-ttl
                         (default 'default))
   (zsk-lifetime         knot-policy-configuration-zsk-lifetime
-                        (default "30d"))
+                        (default (* 30 24 3600)))
   (propagation-delay    knot-policy-configuration-propagation-delay
-                        (default "1d"))
+                        (default (* 24 3600)))
   (rrsig-lifetime       knot-policy-configuration-rrsig-lifetime
-                        (default "14d"))
+                        (default (* 14 24 3600)))
   (rrsig-refresh        knot-policy-configuration-rrsig-refresh
-                        (default "7d"))
+                        (default (* 7 24 3600)))
   (nsec3?               knot-policy-configuration-nsec3?
                         (default #f))
   (nsec3-iterations     knot-policy-configuration-nsec3-iterations
@@ -150,7 +150,7 @@
   (nsec3-salt-length    knot-policy-configuration-nsec3-salt-length
                         (default 8))
   (nsec3-salt-lifetime  knot-policy-configuration-nsec3-salt-lifetime
-                        (default "30d")))
+                        (default (* 30 24 3600))))
 
 (define-record-type* <knot-zone-configuration>
   knot-zone-configuration make-knot-zone-configuration
@@ -248,7 +248,7 @@
           (error-out "backend must be one of: 'pem or 'pkcs11")))
 
 (define (verify-knot-policy-configuration policy)
-  (unless (knot-keystore-configuration? policy)
+  (unless (knot-policy-configuration? policy)
     (error-out "policies must be a list of only knot-policy-configuration."))
   (let ((id (knot-policy-configuration-id policy)))
     (unless (and (string? id) (not (equal? id "")))
-- 
2.13.1

[bug#27364] knot: use seconds for durations

[Ludovic Courtès]

Julien Lepiller <julien@lepiller.eu> skribis:

> From ed98d817d4993eb48445f0b0942c27f18f3bb1d3 Mon Sep 17 00:00:00 2001
> From: Julien Lepiller <julien@lepiller.eu>
> Date: Sat, 10 Jun 2017 11:59:18 +0200
> Subject: [PATCH] gnu: services: use seconds instead of duration strings.
>
> * gnu/services/dns.scm (zone-file, knot-policy-configuration): Use numbers
> instead of duration strings.
> (verify-knot-policy-configuration): Fix typo.
> * doc/guix.texi (DNS Services): Update documentation.

Perfect, thank you!

Ludo’.

bug#27364: knot: use seconds for durations

[Julien Lepiller]

Le Thu, 15 Jun 2017 10:07:53 +0200,
ludo@gnu.org (Ludovic Courtès) a écrit :

> Julien Lepiller <julien@lepiller.eu> skribis:
> 
> > From ed98d817d4993eb48445f0b0942c27f18f3bb1d3 Mon Sep 17 00:00:00
> > 2001 From: Julien Lepiller <julien@lepiller.eu>
> > Date: Sat, 10 Jun 2017 11:59:18 +0200
> > Subject: [PATCH] gnu: services: use seconds instead of duration
> > strings.
> >
> > * gnu/services/dns.scm (zone-file, knot-policy-configuration): Use
> > numbers instead of duration strings.
> > (verify-knot-policy-configuration): Fix typo.
> > * doc/guix.texi (DNS Services): Update documentation.  
> 
> Perfect, thank you!
> 
> Ludo’.

Pushed as f3853a259b9b0588f6ae4f32c5c56a77ab096e86