From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52247) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fP8So-0004Yy-Ve for guix-patches@gnu.org; Sat, 02 Jun 2018 11:29:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fP8Sk-00025k-Ax for guix-patches@gnu.org; Sat, 02 Jun 2018 11:29:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:51577) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fP8Sk-00025K-6H for guix-patches@gnu.org; Sat, 02 Jun 2018 11:29:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1fP8Sk-00025O-0I for guix-patches@gnu.org; Sat, 02 Jun 2018 11:29:02 -0400 Subject: [bug#31687] [PATCH] services: Add dnsmasq-service-type. Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:52154) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fP8SF-0004Xh-Fp for guix-patches@gnu.org; Sat, 02 Jun 2018 11:28:33 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fP8SA-00017O-Rf for guix-patches@gnu.org; Sat, 02 Jun 2018 11:28:31 -0400 Received: from rezeros.cc ([2001:19f0:7001:2f3e:5400:ff:fe84:e55d]:47066) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fP8SA-0000yp-Di for guix-patches@gnu.org; Sat, 02 Jun 2018 11:28:26 -0400 From: =?UTF-8?Q?=E5=AE=8B=E6=96=87=E6=AD=A6?= Date: Sat, 2 Jun 2018 23:28:14 +0800 Message-Id: <20180602152814.14217-1-iyzsong@member.fsf.org> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 31687@debbugs.gnu.org Cc: =?UTF-8?Q?=E5=AE=8B=E6=96=87=E6=AD=A6?= * gnu/services/dns.scm (dnsmasq-service-type): New variable. (): New record type. (dnsmasq-shepherd-service): New procedure. * doc/guix.texi (DNS Services): Document it. --- doc/guix.texi | 59 ++++++++++++++++++++++++++++++++++++++- gnu/services/dns.scm | 79 +++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 136 insertions(+), 2 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 77bdaa50e..e1353842e 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -16405,7 +16405,11 @@ saved to @code{/etc/letsencrypt/live/@var{name}/privkey.pem}. The @code{(gnu services dns)} module provides services related to the @dfn{domain name system} (DNS). It provides a server service for hosting an @emph{authoritative} DNS server for multiple zones, slave or master. -This service uses @uref{https://www.knot-dns.cz/, Knot DNS}. +This service uses @uref{https://www.knot-dns.cz/, Knot DNS}. And also a +caching and forwarding DNS server for the LAN, which uses +@uref{http://www.thekelleys.org.uk/dnsmasq/doc.html, dnsmasq}. + +@subsubheading Knot Service An example configuration of an authoritative server for two zones, one master and one slave, is: @@ -16800,6 +16804,59 @@ The list of knot-zone-configuration used by this configuration. @end table @end deftp +@subsubheading Dnsmasq Service + +@deffn {Scheme Variable} dnsmasq-service-type +This is the type of the dnsmasq service, whose value should be an +@code{dnsmasq-configuration} object as in this example: + +@example +(service dnsmasq-service-type + (dnsmasq-configuration + (no-resolv? #t) + (servers '("192.168.1.1")))) +@end example +@end deffn + +@deftp {Data Type} dnsmasq-configuration +Data type representing the configuration of dnsmasq. + +@table @asis +@item @code{package} (default: @var{dnsmasq}) +Package object of the dnsmasq server. + +@item @code{no-hosts?} (default: @code{#f}) +When true, don't read the hostnames in /etc/hosts. + +@item @code{port} (default: @code{53}) +The port to listen on. Setting this to zero completely disables DNS +funtion, leaving only DHCP and/or TFTP. + +@item @code{local-service?} (default: @code{#t}) +Accept DNS queries only from hosts whose address is on a local subnet, +ie a subnet for which an interface exists on the server. + +@item @code{listen-addresses} (default: @code{'()}) +Listen on the given IP addresses. + +@item @code{resolv-file} (default: @code{"/etc/resolv.conf"}) +The file to read the IP address of the upstream nameservers from. + +@item @code{no-resolv?} (default: @code{#f}) +When true, don't read @var{resolv-file}. + +@item @code{servers} (default: @code{'()}) +Specify IP address of upstream servers directly. + +@item @code{cache-size} (default: @code{150}) +Set the size of dnsmasq's cache. Setting the cache size to zero +disables caching. + +@item @code{no-negcache?} (default: @code{#f}) +When true, disable negative caching. + +@end table +@end deftp @node VPN Services @subsubsection VPN Services diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm index 673ab1a98..d0913e90e 100644 --- a/gnu/services/dns.scm +++ b/gnu/services/dns.scm @@ -27,6 +27,7 @@ #:use-module (guix records) #:use-module (guix gexp) #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) #:use-module (srfi srfi-34) #:use-module (srfi srfi-35) #:use-module (ice-9 match) @@ -41,7 +42,10 @@ knot-configuration define-zone-entries zone-file - zone-entry)) + zone-entry + + dnsmasq-service-type + dnsmasq-configuration)) ;;; ;;; Knot DNS. @@ -591,3 +595,76 @@ knot-activation) (service-extension account-service-type (const %knot-accounts)))))) + + +;;; +;;; Dnsmasq. +;;; + +(define-record-type* + dnsmasq-configuration make-dnsmasq-configuration + dnsmasq-configuration? + (package dnsmasq-configuration-package + (default dnsmasq)) ;package + (no-hosts? dnsmasq-configuration-no-hosts? + (default #f)) ;boolean + (port dnsmasq-configuration-port + (default 53)) ;integer + (local-service? dnsmasq-configuration-local-service? + (default #t)) ;boolean + (listen-addresses dnsmasq-configuration-listen-address + (default '())) ;list of string + (resolv-file dnsmasq-configuration-resolv-file + (default "/etc/resolv.conf")) ;string + (no-resolv? dnsmasq-configuration-no-resolv? + (default #f)) ;boolean + (servers dnsmasq-configuration-servers + (default '())) ;list of string + (cache-size dnsmasq-configuration-cache-size + (default 150)) ;integer + (no-negcache? dnsmasq-configuration-no-negcache? + (default #f))) ;boolean + +(define dnsmasq-shepherd-service + (match-lambda + (($ package + no-hosts? + port local-service? listen-addresses + resolv-file no-resolv? servers + cache-size no-negcache?) + (shepherd-service + (provision '(dnsmasq)) + (requirement '(networking)) + (documentation "Run the dnsmasq DNS server.") + (start #~(make-forkexec-constructor + '(#$(file-append package "/sbin/dnsmasq") + "--keep-in-foreground" + "--pid-file=/run/dnsmasq.pid" + #$@(if no-hosts? + '("--no-hosts") + '()) + #$(format #f "--port=~a" port) + #$@(if local-service? + '("--local-service") + '()) + #$@(map (cut format #f "--listen-address=~a" <>) + listen-addresses) + #$(format #f "--resolv-file=~a" resolv-file) + #$@(if no-resolv? + '("--no-resolv") + '()) + #$@(map (cut format #f "--server=~a" <>) + servers) + #$(format #f "--cache-size=~a" cache-size) + #$@(if no-negcache? + '("--no-negcache") + '())) + #:pid-file "/run/dnsmasq.pid")) + (stop #~(make-kill-destructor)))))) + +(define dnsmasq-service-type + (service-type + (name 'dnsmasq) + (extensions + (list (service-extension shepherd-root-service-type + (compose list dnsmasq-shepherd-service)))))) -- 2.13.3