From: Remco van 't Veer <remco@remworks.net>
To: 54352@debbugs.gnu.org
Cc: Remco van 't Veer <remco@remworks.net>
Subject: [bug#54352] [PATCH v3] services: dnsmasq: Add more options.
Date: Wed, 23 Mar 2022 08:07:33 +0100 [thread overview]
Message-ID: <20220323070733.5399-1-remco@remworks.net> (raw)
In-Reply-To: <20220312154813.5538-1-remco@remworks.net>
* gnu/services/dns.scm (<dnsmasq-configuration>): Add
forward-private-reverse-lookup?, strict-order? and cpe-id options.
(dnsmasq-shepherd-service): Pass added options to dnsmasq and use
match-record instead of match-lambda.
* doc/guix.texi (Guix Services): Document options added to dnsmasq.
---
Changes from v2 to v3:
* renamed field additional-cpe-id to cpe-id
* improved documentation of cpe-id
* renamed field strict-order? to query-servers-in-order?
doc/guix.texi | 13 +++
gnu/services/dns.scm | 183 ++++++++++++++++++++++++-------------------
2 files changed, 115 insertions(+), 81 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 44b0f9f1ea..e8ef4286be 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -100,6 +100,7 @@ Copyright @copyright{} 2021 Josselin Poiret@*
Copyright @copyright{} 2021 Andrew Tropin@*
Copyright @copyright{} 2021 Sarah Morgensen@*
Copyright @copyright{} 2021 Josselin Poiret@*
+Copyright @copyright{} 2022 Remco van 't Veer@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -28945,6 +28946,14 @@ The file to read the IP address of the upstream nameservers from.
@item @code{no-resolv?} (default: @code{#f})
When true, don't read @var{resolv-file}.
+@item @code{forward-private-reverse-lookup?} (default: @code{#t})
+When false, all reverse lookups for private IP ranges are answered with
+"no such domain" rather than being forwarded upstream.
+
+@item @code{query-servers-in-order?} (default: @code{#f})
+When true, dnsmasq queries the servers in the same order as they appear
+in @var{servers}.
+
@item @code{servers} (default: @code{'()})
Specify IP address of upstream servers directly.
@@ -28974,6 +28983,10 @@ disables caching.
@item @code{negative-cache?} (default: @code{#t})
When false, disable negative caching.
+@item @code{cpe-id} (default: @code{#f})
+If set, add a CPE (Customer-Premises Equipment) identifier to DNS
+queries which are forwarded upstream.
+
@item @code{tftp-enable?} (default: @code{#f})
Whether to enable the built-in TFTP server.
diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm
index 9b8603cc95..a220b33f15 100644
--- a/gnu/services/dns.scm
+++ b/gnu/services/dns.scm
@@ -3,6 +3,7 @@
;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com>
;;; Copyright © 2020 Pierre Langlois <pierre.langlois@gmx.com>
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
+;;; Copyright © 2022 Remco van 't Veer <remco@remworks.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -745,6 +746,12 @@ (define-record-type* <dnsmasq-configuration>
(default "/etc/resolv.conf")) ;string
(no-resolv? dnsmasq-configuration-no-resolv?
(default #f)) ;boolean
+ (forward-private-reverse-lookup?
+ dnsmasq-configuration-forward-private-reverse-lookup?
+ (default #t)) ;boolean
+ (query-servers-in-order?
+ dnsmasq-configuration-query-servers-in-order?
+ (default #f)) ;boolean
(servers dnsmasq-configuration-servers
(default '())) ;list of string
(addresses dnsmasq-configuration-addresses
@@ -752,7 +759,9 @@ (define-record-type* <dnsmasq-configuration>
(cache-size dnsmasq-configuration-cache-size
(default 150)) ;integer
(negative-cache? dnsmasq-configuration-negative-cache?
- (default #t)) ;boolean
+ (default #t)) ;boolean
+ (cpe-id dnsmasq-configuration-cpe-id
+ (default #t)) ;string
(tftp-enable? dnsmasq-configuration-tftp-enable?
(default #f)) ;boolean
(tftp-no-fail? dnsmasq-configuration-tftp-no-fail?
@@ -776,86 +785,98 @@ (define-record-type* <dnsmasq-configuration>
(tftp-unique-root dnsmasq-tftp-unique-root
(default #f))) ;"" or "ip" or "mac"
-(define dnsmasq-shepherd-service
- (match-lambda
- (($ <dnsmasq-configuration> package
- no-hosts?
- port local-service? listen-addresses
- resolv-file no-resolv? servers
- addresses cache-size negative-cache?
- tftp-enable? tftp-no-fail?
- tftp-single-port? tftp-secure?
- tftp-max tftp-mtu tftp-no-blocksize?
- tftp-lowercase? tftp-port-range
- tftp-root tftp-unique-root)
- (shepherd-service
- (provision '(dnsmasq))
- (requirement '(networking))
- (documentation "Run the dnsmasq DNS server.")
- (start #~(make-forkexec-constructor
- '(#$(file-append package "/sbin/dnsmasq")
- "--keep-in-foreground"
- "--pid-file=/run/dnsmasq.pid"
- #$@(if no-hosts?
- '("--no-hosts")
- '())
- #$(format #f "--port=~a" port)
- #$@(if local-service?
- '("--local-service")
- '())
- #$@(map (cut format #f "--listen-address=~a" <>)
- listen-addresses)
- #$(format #f "--resolv-file=~a" resolv-file)
- #$@(if no-resolv?
- '("--no-resolv")
- '())
- #$@(map (cut format #f "--server=~a" <>)
- servers)
- #$@(map (cut format #f "--address=~a" <>)
- addresses)
- #$(format #f "--cache-size=~a" cache-size)
- #$@(if negative-cache?
- '()
- '("--no-negcache"))
- #$@(if tftp-enable?
- '("--enable-tftp")
- '())
- #$@(if tftp-no-fail?
- '("--tftp-no-fail")
- '())
- #$@(if tftp-single-port?
- '("--tftp-single-port")
- '())
- #$@(if tftp-secure?
- '("--tftp-secure?")
- '())
- #$@(if tftp-max
- (list (format #f "--tftp-max=~a" tftp-max))
- '())
- #$@(if tftp-mtu
- (list (format #f "--tftp-mtu=~a" tftp-mtu))
- '())
- #$@(if tftp-no-blocksize?
- '("--tftp-no-blocksize")
- '())
- #$@(if tftp-lowercase?
- '("--tftp-lowercase")
- '())
- #$@(if tftp-port-range
- (list (format #f "--tftp-port-range=~a"
- tftp-port-range))
- '())
- #$@(if tftp-root
- (list (format #f "--tftp-root=~a" tftp-root))
- '())
- #$@(if tftp-unique-root
- (list
- (if (> (length tftp-unique-root) 0)
- (format #f "--tftp-unique-root=~a" tftp-unique-root)
- (format #f "--tftp-unique-root")))
- '()))
- #:pid-file "/run/dnsmasq.pid"))
- (stop #~(make-kill-destructor))))))
+(define (dnsmasq-shepherd-service config)
+ (match-record config <dnsmasq-configuration>
+ (package
+ no-hosts?
+ port local-service? listen-addresses
+ resolv-file no-resolv?
+ forward-private-reverse-lookup? query-servers-in-order?
+ servers addresses
+ cache-size negative-cache?
+ cpe-id
+ tftp-enable? tftp-no-fail?
+ tftp-single-port? tftp-secure?
+ tftp-max tftp-mtu tftp-no-blocksize?
+ tftp-lowercase? tftp-port-range
+ tftp-root tftp-unique-root)
+ (shepherd-service
+ (provision '(dnsmasq))
+ (requirement '(networking))
+ (documentation "Run the dnsmasq DNS server.")
+ (start #~(make-forkexec-constructor
+ '(#$(file-append package "/sbin/dnsmasq")
+ "--keep-in-foreground"
+ "--pid-file=/run/dnsmasq.pid"
+ #$@(if no-hosts?
+ '("--no-hosts")
+ '())
+ #$(format #f "--port=~a" port)
+ #$@(if local-service?
+ '("--local-service")
+ '())
+ #$@(map (cut format #f "--listen-address=~a" <>)
+ listen-addresses)
+ #$(format #f "--resolv-file=~a" resolv-file)
+ #$@(if no-resolv?
+ '("--no-resolv")
+ '())
+ #$@(if forward-private-reverse-lookup?
+ '()
+ '("--bogus-priv"))
+ #$@(if query-servers-in-order?
+ '("--strict-order")
+ '())
+ #$@(map (cut format #f "--server=~a" <>)
+ servers)
+ #$@(map (cut format #f "--address=~a" <>)
+ addresses)
+ #$(format #f "--cache-size=~a" cache-size)
+ #$@(if negative-cache?
+ '()
+ '("--no-negcache"))
+ #$@(if cpe-id
+ (list (format #f "--add-cpe-id=~a" cpe-id))
+ '())
+ #$@(if tftp-enable?
+ '("--enable-tftp")
+ '())
+ #$@(if tftp-no-fail?
+ '("--tftp-no-fail")
+ '())
+ #$@(if tftp-single-port?
+ '("--tftp-single-port")
+ '())
+ #$@(if tftp-secure?
+ '("--tftp-secure?")
+ '())
+ #$@(if tftp-max
+ (list (format #f "--tftp-max=~a" tftp-max))
+ '())
+ #$@(if tftp-mtu
+ (list (format #f "--tftp-mtu=~a" tftp-mtu))
+ '())
+ #$@(if tftp-no-blocksize?
+ '("--tftp-no-blocksize")
+ '())
+ #$@(if tftp-lowercase?
+ '("--tftp-lowercase")
+ '())
+ #$@(if tftp-port-range
+ (list (format #f "--tftp-port-range=~a"
+ tftp-port-range))
+ '())
+ #$@(if tftp-root
+ (list (format #f "--tftp-root=~a" tftp-root))
+ '())
+ #$@(if tftp-unique-root
+ (list
+ (if (> (length tftp-unique-root) 0)
+ (format #f "--tftp-unique-root=~a" tftp-unique-root)
+ (format #f "--tftp-unique-root")))
+ '()))
+ #:pid-file "/run/dnsmasq.pid"))
+ (stop #~(make-kill-destructor)))))
(define (dnsmasq-activation config)
#~(begin
--
2.34.0
next prev parent reply other threads:[~2022-03-23 7:08 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-12 15:48 [bug#54352] [PATCH] services: dnsmasq: Add more options Remco van 't Veer
2022-03-19 10:54 ` Ludovic Courtès
2022-03-20 11:42 ` Remco van 't Veer
2022-03-20 11:44 ` [bug#54352] [PATCH v2] " Remco van 't Veer
2022-03-20 11:56 ` Maxime Devos
2022-03-20 12:22 ` Remco van 't Veer
2022-03-20 12:30 ` Maxime Devos
2022-03-20 13:04 ` Remco van 't Veer
2022-03-21 15:22 ` [bug#54352] [PATCH] " Ludovic Courtès
2022-03-21 18:36 ` Maxime Devos
2022-03-22 7:36 ` Remco van 't Veer
2022-03-22 10:02 ` Ludovic Courtès
2022-03-23 7:09 ` Remco van 't Veer
2022-03-20 12:31 ` [bug#54352] [PATCH v2] " Maxime Devos
2022-03-20 12:58 ` Remco van 't Veer
2022-03-20 12:32 ` Maxime Devos
2022-03-20 12:57 ` Remco van 't Veer
2022-03-20 13:16 ` Maxime Devos
2022-03-22 7:54 ` Remco van 't Veer
2022-03-20 12:36 ` Maxime Devos
2022-03-20 13:15 ` Remco van 't Veer
2022-03-20 13:17 ` Maxime Devos
2022-03-22 7:48 ` Remco van 't Veer
2022-03-20 13:20 ` Maxime Devos
2022-03-22 7:40 ` Remco van 't Veer
2022-03-23 7:07 ` Remco van 't Veer [this message]
2022-03-24 11:22 ` bug#54352: [PATCH] " Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220323070733.5399-1-remco@remworks.net \
--to=remco@remworks.net \
--cc=54352@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.