* [bug#41018] [PATCH] gnu: Add AutoSSH service.
@ 2020-05-02 9:19 pinoaffe
2020-05-02 13:47 ` Oleg Pykhalov
` (3 more replies)
0 siblings, 4 replies; 8+ messages in thread
From: pinoaffe @ 2020-05-02 9:19 UTC (permalink / raw)
To: 41018
* doc/guix.texi: Add documentation.
* gnu/services/ssh.scm (<autossh-configuration>): New record type.
(mpd-service-type): New service type.
---
doc/guix.texi | 75 +++++++++++++++++++++++++++++
gnu/services/ssh.scm | 109 ++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 183 insertions(+), 1 deletion(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index c571010bc8..f88859c584 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -78,6 +78,7 @@ Copyright @copyright{} 2020 Jack Hill@*
Copyright @copyright{} 2020 Naga Malleswari@*
Copyright @copyright{} 2020 Brice Waegeneire@*
Copyright @copyright{} 2020 R Veera Kumar@*
+Copyright @copyright{} 2020 pinoaffe@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -14378,6 +14379,80 @@ Whether to enable password-based authentication.
@end table
@end deftp
+@deffn {Scheme Procedure} autossh-service [@var{config}]
+Run the AutoSSH service with the given @var{config},
+a @code{<autossh-configuration>} object.
+
+AutoSSH is a program that runs a copy of @code{ssh} and monitors it,
+restarting it as necessary should it die or stop passing traffic.
+AutoSSH can be run manually from the commandline by passing arguments
+to the binary @code{autossh} from the package @code{autossh},
+but it can also be run as a guix service. This latter usecase is documented here.
+
+AutoSSH can be used to forward local traffic to a remote machine using an SSH tunnel,
+and it respects the @file{~/.ssh/config} of the user it is run as.
+
+For example, to specify a service running autossh as the user @code{pino}
+and forwarding all local connections to port @code{8081} to @code{remote:8081}
+using an SSH tunnel, add this call to the operating system's @code{services} field:
+
+@lisp
+(autossh (autossh-configuration
+ (user "pino")
+ (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
+@end lisp
+@end deffn
+
+@deftp {Data Type} autossh-configuration
+This data type represents the configuration of an AutoSSH service.
+
+@table @asis
+
+@item @code{user} (default @code{"autossh"})
+The user as which the AutoSSH service is to be run.
+This assumes that the specified user exists.
+
+@item @code{poll} (default @code{600})
+Specifies the connection poll time in seconds.
+
+@item @code{first-poll} (default @code{#f})
+Specifies how long autossh waits before the first connection test in seconds.
+After this first test, polling is resumed at the pace defined in @code{poll}.
+When set to @code{#f}, the first poll is not treated specially and
+will also use the connection poll specified in @code{poll}
+
+@item @code{gate-time} (default @code{30})
+Specifies (in seconds) how long an SSH connection must be active
+before it is considered successful.
+
+@item @code{log-level} (default @code{1})
+The log level, corresponding to the levels used by syslog
+(so @code{0} is the most silent while @code{7} is the chattiest.)
+
+@item @code{max-start} (default @code{#f})
+The maximum number of times SSH may be (re)started before AutoSSH exits.
+When set to @code{#f}, no maximum is configured and AutoSSH may restart indefinitely.
+
+@item @code{message} (default @code{""})
+The message to append to the echo message sent when testing connections.
+
+@item @code{port} (default @code{"0"})
+The ports used for monitoring the connection. When set to @code{"0"},
+monitoring is disabled. When set to @code{"n"} where @code{n} is a positive integer,
+ports @code{n} and @code{n+1} are used for monitoring the connection, such that
+port @code{n} is the base monitoring port and @code{n+1} is the echo port.
+When set to @code{"n:m"} where @code{n} and @code{m} are positive integers,
+the ports @code{n} and @code{n+1} are used for monitoring the connection, such
+that port @code{n} is the base monitoring port and @code{m} is the echo port.
+
+@item @code{ssh-options} (default @code{'()})
+The list of commandline arguments to pass to ssh when it is run.
+Options @code{-f} and @code{-M ....} are reserved for AutoSSH
+and may cause undefined behaviour.
+
+@end table
+@end deftp
+
@defvr {Scheme Variable} %facebook-host-aliases
This variable contains a string for use in @file{/etc/hosts}
(@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index d2dbb8f80d..ec0150b3a2 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2020 pinoaffe <pinoaffe@airmail.cc>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -45,7 +46,12 @@
dropbear-configuration
dropbear-configuration?
dropbear-service-type
- dropbear-service))
+ dropbear-service
+
+ autossh-configuration
+ autossh-configuration?
+ autossh-service-type
+ autossh-service))
;;; Commentary:
;;;
@@ -628,4 +634,105 @@ daemon} with the given @var{config}, a @code{<dropbear-configuration>}
object."
(service dropbear-service-type config))
+\f
+;;;
+;;; AutoSSH.
+;;;
+
+
+(define-record-type* <autossh-configuration>
+ autossh-configuration make-autossh-configuration
+ autossh-configuration?
+ (user autossh-configuration-user
+ (default "autossh"))
+ (poll autossh-configuration-poll
+ (default 600))
+ (first-poll autossh-configuration-first-poll
+ (default #f))
+ (gate-time autossh-configuration-gate-time
+ (default 30))
+ (log-level autossh-configuration-log-level
+ (default 1))
+ (max-start autossh-configuration-max-start
+ (default #f))
+ (message autossh-configuration-message
+ (default ""))
+ (port autossh-configuration-port
+ (default "0"))
+ (ssh-options autossh-configuration-ssh-options
+ (default '())))
+
+(define (autossh-file-name config file)
+ "Return a path in /var/run/autossh/ that is writable
+ by @code{user} from @code{config}."
+ (string-append "/var/run/autossh/"
+ (autossh-configuration-user config)
+ "/" file))
+
+(define (autossh-shepherd-service config)
+ (shepherd-service
+ (documentation "Automatically set up ssh connections (and keep them alive).")
+ (provision '(autossh))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append autossh "/bin/autossh")
+ #$@(autossh-configuration-ssh-options config))
+ #:user #$(autossh-configuration-user config)
+ #:group (passwd:gid (getpw #$(autossh-configuration-user config)))
+ #:pid-file #$(autossh-file-name config "pid")
+ #:log-file #$(autossh-file-name config "log")
+ #:environment-variables
+ '(#$(string-append "AUTOSSH_PIDFILE="
+ (autossh-file-name config "pid"))
+ #$(string-append "AUTOSSH_LOGFILE="
+ (autossh-file-name config "log"))
+ #$(string-append "AUTOSSH_POLL="
+ (number->string
+ (autossh-configuration-poll config)))
+ #$(string-append "AUTOSSH_FIRST_POLL="
+ (number->string
+ (or
+ (autossh-configuration-first-poll config)
+ (autossh-configuration-poll config))))
+ #$(string-append "AUTOSSH_GATETIME="
+ (number->string
+ (autossh-configuration-gate-time config)))
+ #$(string-append "AUTOSSH_LOGLEVEL="
+ (number->string
+ (autossh-configuration-log-level config)))
+ #$(string-append "AUTOSSH_MAXSTART="
+ (number->string
+ (or (autossh-configuration-max-start config)
+ -1)))
+ #$(string-append "AUTOSSH_MESSAGE="
+ (autossh-configuration-message config))
+ #$(string-append "AUTOSSH_PORT="
+ (autossh-configuration-port config)))))
+ (stop #~(make-kill-destructor))))
+
+(define (autossh-service-activation config)
+ (with-imported-modules '((guix build utils))
+ #~(begin
+ (use-modules (guix build utils))
+ (define %user
+ (getpw #$(autossh-configuration-user config)))
+ (let ((directory #$(autossh-file-name config "")))
+ (mkdir-p directory)
+ (chown directory (passwd:uid %user) (passwd:gid %user))))))
+
+(define autossh-service-type
+ (service-type
+ (name 'autossh)
+ (description "Automatically set up ssh connections (and keep them alive).")
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ (compose list autossh-shepherd-service))
+ (service-extension activation-service-type
+ autossh-service-activation)))
+ (default-value (autossh-configuration))))
+
+(define* (autossh-service #:optional (config (autossh-configuration)))
+ "Run autossh with the given @var{config}, a @code{<autossh-configuration>}
+object."
+ (service autossh-service-type config))
+
;;; ssh.scm ends here
--
2.26.2
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [bug#41018] [PATCH] gnu: Add AutoSSH service.
2020-05-02 9:19 [bug#41018] [PATCH] gnu: Add AutoSSH service pinoaffe
@ 2020-05-02 13:47 ` Oleg Pykhalov
2020-05-03 15:13 ` pinoaffe
` (2 subsequent siblings)
3 siblings, 0 replies; 8+ messages in thread
From: Oleg Pykhalov @ 2020-05-02 13:47 UTC (permalink / raw)
To: pinoaffe; +Cc: 41018
[-- Attachment #1.1: Type: text/plain, Size: 1784 bytes --]
Hi,
Thank you for the patch!
pinoaffe <pinoaffe@airmail.cc> writes:
> * doc/guix.texi: Add documentation.
> * gnu/services/ssh.scm (<autossh-configuration>): New record type.
> (mpd-service-type): New service type.
> ---
> doc/guix.texi | 75 +++++++++++++++++++++++++++++
> gnu/services/ssh.scm | 109 ++++++++++++++++++++++++++++++++++++++++++-
> 2 files changed, 183 insertions(+), 1 deletion(-)
>
> diff --git a/doc/guix.texi b/doc/guix.texi
> index c571010bc8..f88859c584 100644
> --- a/doc/guix.texi
> +++ b/doc/guix.texi
[…]
> +@lisp
> +(autossh (autossh-configuration
> + (user "pino")
> + (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
> +@end lisp
> +@end deffn
--8<---------------cut here---------------start------------->8---
(service autossh-service-type
(autossh-configuration
(user "pino")
(ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
--8<---------------cut here---------------end--------------->8---
[…]
> diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
> index d2dbb8f80d..ec0150b3a2 100644
> --- a/gnu/services/ssh.scm
> +++ b/gnu/services/ssh.scm
[…]
> +(define (autossh-service-activation config)
> + (with-imported-modules '((guix build utils))
> + #~(begin
> + (use-modules (guix build utils))
> + (define %user
> + (getpw #$(autossh-configuration-user config)))
> + (let ((directory #$(autossh-file-name config "")))
> + (mkdir-p directory)
> + (chown directory (passwd:uid %user) (passwd:gid %user))))))
I cannot start the service in a testing vm because of log file is owner
by root. The following fixes this.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: Type: text/x-patch, Size: 828 bytes --]
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index ec0150b3a2..c111437b1a 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -715,9 +715,12 @@ object."
(use-modules (guix build utils))
(define %user
(getpw #$(autossh-configuration-user config)))
- (let ((directory #$(autossh-file-name config "")))
+ (let* ((directory #$(autossh-file-name config ""))
+ (log (string-append directory "/log")))
(mkdir-p directory)
- (chown directory (passwd:uid %user) (passwd:gid %user))))))
+ (chown directory (passwd:uid %user) (passwd:gid %user))
+ (call-with-output-file log (const #t))
+ (chown log (passwd:uid %user) (passwd:gid %user))))))
(define autossh-service-type
(service-type
[-- Attachment #1.3: Type: text/plain, Size: 63 bytes --]
Also, why don't you put the log in /var/log directory?
Oleg.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [bug#41018] [PATCH] gnu: Add AutoSSH service.
2020-05-02 9:19 [bug#41018] [PATCH] gnu: Add AutoSSH service pinoaffe
2020-05-02 13:47 ` Oleg Pykhalov
@ 2020-05-03 15:13 ` pinoaffe
2020-05-03 15:52 ` Oleg Pykhalov
2020-05-04 15:56 ` [bug#41018] [PATCH v2] " pinoaffe
2020-05-05 7:31 ` [bug#41018] [PATCH v2 try 2] " pinoaffe
3 siblings, 1 reply; 8+ messages in thread
From: pinoaffe @ 2020-05-03 15:13 UTC (permalink / raw)
To: go.wigust; +Cc: 41018
> I cannot start the service in a testing vm because of log file is
> owner by root. The following fixes this.
Thanks, I'll submit a modified patch
> Also, why don't you put the log in /var/log directory?
No particular reason, I simply replicated behavior I saw in some other
services. Should I change this?
^ permalink raw reply [flat|nested] 8+ messages in thread
* [bug#41018] [PATCH] gnu: Add AutoSSH service.
2020-05-03 15:13 ` pinoaffe
@ 2020-05-03 15:52 ` Oleg Pykhalov
0 siblings, 0 replies; 8+ messages in thread
From: Oleg Pykhalov @ 2020-05-03 15:52 UTC (permalink / raw)
To: pinoaffe; +Cc: 41018
[-- Attachment #1: Type: text/plain, Size: 542 bytes --]
pinoaffe <pinoaffe@airmail.cc> writes:
>> I cannot start the service in a testing vm because of log file is
>> owner by root. The following fixes this.
> Thanks, I'll submit a modified patch
OK, then I could push it to master.
>> Also, why don't you put the log in /var/log directory?
> No particular reason, I simply replicated behavior I saw in some other
> services. Should I change this?
Depending on how much those logs are useful. I don't know. I'm OK with
either /var/run or /var/log, but /var/run will be removed after reboot.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* [bug#41018] [PATCH v2] gnu: Add AutoSSH service.
2020-05-02 9:19 [bug#41018] [PATCH] gnu: Add AutoSSH service pinoaffe
2020-05-02 13:47 ` Oleg Pykhalov
2020-05-03 15:13 ` pinoaffe
@ 2020-05-04 15:56 ` pinoaffe
2020-05-04 22:49 ` Oleg Pykhalov
2020-05-05 7:31 ` [bug#41018] [PATCH v2 try 2] " pinoaffe
3 siblings, 1 reply; 8+ messages in thread
From: pinoaffe @ 2020-05-04 15:56 UTC (permalink / raw)
To: 41018
* doc/guix.texi: Add documentation.
* gnu/services/ssh.scm (<autossh-configuration>): New record type.
(mpd-service-type): New service type.
---
doc/guix.texi | 75 +++++++++++++++++++++++++++++
gnu/services/ssh.scm | 112 ++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 186 insertions(+), 1 deletion(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index c571010bc8..f88859c584 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -78,6 +78,7 @@ Copyright @copyright{} 2020 Jack Hill@*
Copyright @copyright{} 2020 Naga Malleswari@*
Copyright @copyright{} 2020 Brice Waegeneire@*
Copyright @copyright{} 2020 R Veera Kumar@*
+Copyright @copyright{} 2020 pinoaffe@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -14378,6 +14379,80 @@ Whether to enable password-based authentication.
@end table
@end deftp
+@deffn {Scheme Procedure} autossh-service [@var{config}]
+Run the AutoSSH service with the given @var{config},
+a @code{<autossh-configuration>} object.
+
+AutoSSH is a program that runs a copy of @code{ssh} and monitors it,
+restarting it as necessary should it die or stop passing traffic.
+AutoSSH can be run manually from the commandline by passing arguments
+to the binary @code{autossh} from the package @code{autossh},
+but it can also be run as a guix service. This latter usecase is documented here.
+
+AutoSSH can be used to forward local traffic to a remote machine using an SSH tunnel,
+and it respects the @file{~/.ssh/config} of the user it is run as.
+
+For example, to specify a service running autossh as the user @code{pino}
+and forwarding all local connections to port @code{8081} to @code{remote:8081}
+using an SSH tunnel, add this call to the operating system's @code{services} field:
+
+@lisp
+(autossh (autossh-configuration
+ (user "pino")
+ (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
+@end lisp
+@end deffn
+
+@deftp {Data Type} autossh-configuration
+This data type represents the configuration of an AutoSSH service.
+
+@table @asis
+
+@item @code{user} (default @code{"autossh"})
+The user as which the AutoSSH service is to be run.
+This assumes that the specified user exists.
+
+@item @code{poll} (default @code{600})
+Specifies the connection poll time in seconds.
+
+@item @code{first-poll} (default @code{#f})
+Specifies how long autossh waits before the first connection test in seconds.
+After this first test, polling is resumed at the pace defined in @code{poll}.
+When set to @code{#f}, the first poll is not treated specially and
+will also use the connection poll specified in @code{poll}
+
+@item @code{gate-time} (default @code{30})
+Specifies (in seconds) how long an SSH connection must be active
+before it is considered successful.
+
+@item @code{log-level} (default @code{1})
+The log level, corresponding to the levels used by syslog
+(so @code{0} is the most silent while @code{7} is the chattiest.)
+
+@item @code{max-start} (default @code{#f})
+The maximum number of times SSH may be (re)started before AutoSSH exits.
+When set to @code{#f}, no maximum is configured and AutoSSH may restart indefinitely.
+
+@item @code{message} (default @code{""})
+The message to append to the echo message sent when testing connections.
+
+@item @code{port} (default @code{"0"})
+The ports used for monitoring the connection. When set to @code{"0"},
+monitoring is disabled. When set to @code{"n"} where @code{n} is a positive integer,
+ports @code{n} and @code{n+1} are used for monitoring the connection, such that
+port @code{n} is the base monitoring port and @code{n+1} is the echo port.
+When set to @code{"n:m"} where @code{n} and @code{m} are positive integers,
+the ports @code{n} and @code{n+1} are used for monitoring the connection, such
+that port @code{n} is the base monitoring port and @code{m} is the echo port.
+
+@item @code{ssh-options} (default @code{'()})
+The list of commandline arguments to pass to ssh when it is run.
+Options @code{-f} and @code{-M ....} are reserved for AutoSSH
+and may cause undefined behaviour.
+
+@end table
+@end deftp
+
@defvr {Scheme Variable} %facebook-host-aliases
This variable contains a string for use in @file{/etc/hosts}
(@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index d2dbb8f80d..c111437b1a 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2020 pinoaffe <pinoaffe@airmail.cc>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -45,7 +46,12 @@
dropbear-configuration
dropbear-configuration?
dropbear-service-type
- dropbear-service))
+ dropbear-service
+
+ autossh-configuration
+ autossh-configuration?
+ autossh-service-type
+ autossh-service))
;;; Commentary:
;;;
@@ -628,4 +634,108 @@ daemon} with the given @var{
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [bug#41018] [PATCH v2] gnu: Add AutoSSH service.
2020-05-04 15:56 ` [bug#41018] [PATCH v2] " pinoaffe
@ 2020-05-04 22:49 ` Oleg Pykhalov
0 siblings, 0 replies; 8+ messages in thread
From: Oleg Pykhalov @ 2020-05-04 22:49 UTC (permalink / raw)
To: pinoaffe; +Cc: 41018
[-- Attachment #1: Type: text/plain, Size: 1636 bytes --]
pinoaffe <pinoaffe@airmail.cc> writes:
> * doc/guix.texi: Add documentation.
> * gnu/services/ssh.scm (<autossh-configuration>): New record type.
> (mpd-service-type): New service type.
> ---
> doc/guix.texi | 75 +++++++++++++++++++++++++++++
> gnu/services/ssh.scm | 112 ++++++++++++++++++++++++++++++++++++++++++-
> 2 files changed, 186 insertions(+), 1 deletion(-)
[…]
> ;;; Commentary:
> ;;;
> @@ -628,4 +634,108 @@ daemon} with the given @var{
The patch is truncated on the hunk above. Could you resend it, please?
Also not related, just for to notice you. I receive delivery errors
from Gmail to your email address:
--8<---------------cut here---------------start------------->8---
** Delivery incomplete **
There was a temporary problem delivering your message to
pinoaffe@airmail.cc. Gmail will retry for 47 more hours. You'll be
notified if the delivery fails permanently.
The response from the remote server was:
454 4.7.0 TLS not available due to local problem
Reporting-MTA: dns; googlemail.com
Received-From-MTA: dns; go.wigust@gmail.com
Arrival-Date: Sun, 03 May 2020 08:52:44 -0700 (PDT)
X-Original-Message-ID: <871ro1kocb.fsf@gmail.com>
Final-Recipient: rfc822; pinoaffe@airmail.cc
Action: delayed
Status: 4.7.0
Remote-MTA: dns; mx1.cock.li. (37.120.193.125, the server for the domain airmail.cc.)
Diagnostic-Code: smtp; 454 4.7.0 TLS not available due to local problem
Last-Attempt-Date: Mon, 04 May 2020 09:44:16 -0700 (PDT)
Will-Retry-Until: Wed, 06 May 2020 08:52:44 -0700 (PDT)
--8<---------------cut here---------------end--------------->8---
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* [bug#41018] [PATCH v2 try 2] gnu: Add AutoSSH service.
2020-05-02 9:19 [bug#41018] [PATCH] gnu: Add AutoSSH service pinoaffe
` (2 preceding siblings ...)
2020-05-04 15:56 ` [bug#41018] [PATCH v2] " pinoaffe
@ 2020-05-05 7:31 ` pinoaffe
2020-05-05 12:33 ` Oleg Pykhalov
3 siblings, 1 reply; 8+ messages in thread
From: pinoaffe @ 2020-05-05 7:31 UTC (permalink / raw)
To: 41018
* doc/guix.texi: Add documentation.
* gnu/services/ssh.scm (<autossh-configuration>): New record type.
(mpd-service-type): New service type.
---
doc/guix.texi | 75 +++++++++++++++++++++++++++++
gnu/services/ssh.scm | 112 ++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 186 insertions(+), 1 deletion(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index c571010bc8..f88859c584 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -78,6 +78,7 @@ Copyright @copyright{} 2020 Jack Hill@*
Copyright @copyright{} 2020 Naga Malleswari@*
Copyright @copyright{} 2020 Brice Waegeneire@*
Copyright @copyright{} 2020 R Veera Kumar@*
+Copyright @copyright{} 2020 pinoaffe@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -14378,6 +14379,80 @@ Whether to enable password-based authentication.
@end table
@end deftp
+@deffn {Scheme Procedure} autossh-service [@var{config}]
+Run the AutoSSH service with the given @var{config},
+a @code{<autossh-configuration>} object.
+
+AutoSSH is a program that runs a copy of @code{ssh} and monitors it,
+restarting it as necessary should it die or stop passing traffic.
+AutoSSH can be run manually from the commandline by passing arguments
+to the binary @code{autossh} from the package @code{autossh},
+but it can also be run as a guix service. This latter usecase is documented here.
+
+AutoSSH can be used to forward local traffic to a remote machine using an SSH tunnel,
+and it respects the @file{~/.ssh/config} of the user it is run as.
+
+For example, to specify a service running autossh as the user @code{pino}
+and forwarding all local connections to port @code{8081} to @code{remote:8081}
+using an SSH tunnel, add this call to the operating system's @code{services} field:
+
+@lisp
+(autossh (autossh-configuration
+ (user "pino")
+ (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
+@end lisp
+@end deffn
+
+@deftp {Data Type} autossh-configuration
+This data type represents the configuration of an AutoSSH service.
+
+@table @asis
+
+@item @code{user} (default @code{"autossh"})
+The user as which the AutoSSH service is to be run.
+This assumes that the specified user exists.
+
+@item @code{poll} (default @code{600})
+Specifies the connection poll time in seconds.
+
+@item @code{first-poll} (default @code{#f})
+Specifies how long autossh waits before the first connection test in seconds.
+After this first test, polling is resumed at the pace defined in @code{poll}.
+When set to @code{#f}, the first poll is not treated specially and
+will also use the connection poll specified in @code{poll}
+
+@item @code{gate-time} (default @code{30})
+Specifies (in seconds) how long an SSH connection must be active
+before it is considered successful.
+
+@item @code{log-level} (default @code{1})
+The log level, corresponding to the levels used by syslog
+(so @code{0} is the most silent while @code{7} is the chattiest.)
+
+@item @code{max-start} (default @code{#f})
+The maximum number of times SSH may be (re)started before AutoSSH exits.
+When set to @code{#f}, no maximum is configured and AutoSSH may restart indefinitely.
+
+@item @code{message} (default @code{""})
+The message to append to the echo message sent when testing connections.
+
+@item @code{port} (default @code{"0"})
+The ports used for monitoring the connection. When set to @code{"0"},
+monitoring is disabled. When set to @code{"n"} where @code{n} is a positive integer,
+ports @code{n} and @code{n+1} are used for monitoring the connection, such that
+port @code{n} is the base monitoring port and @code{n+1} is the echo port.
+When set to @code{"n:m"} where @code{n} and @code{m} are positive integers,
+the ports @code{n} and @code{n+1} are used for monitoring the connection, such
+that port @code{n} is the base monitoring port and @code{m} is the echo port.
+
+@item @code{ssh-options} (default @code{'()})
+The list of commandline arguments to pass to ssh when it is run.
+Options @code{-f} and @code{-M ....} are reserved for AutoSSH
+and may cause undefined behaviour.
+
+@end table
+@end deftp
+
@defvr {Scheme Variable} %facebook-host-aliases
This variable contains a string for use in @file{/etc/hosts}
(@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index d2dbb8f80d..c111437b1a 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2020 pinoaffe <pinoaffe@airmail.cc>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -45,7 +46,12 @@
dropbear-configuration
dropbear-configuration?
dropbear-service-type
- dropbear-service))
+ dropbear-service
+
+ autossh-configuration
+ autossh-configuration?
+ autossh-service-type
+ autossh-service))
;;; Commentary:
;;;
@@ -628,4 +634,108 @@ daemon} with the given @var{config}, a @code{<dropbear-configuration>}
object."
(service dropbear-service-type config))
+\f
+;;;
+;;; AutoSSH.
+;;;
+
+
+(define-record-type* <autossh-configuration>
+ autossh-configuration make-autossh-configuration
+ autossh-configuration?
+ (user autossh-configuration-user
+ (default "autossh"))
+ (poll autossh-configuration-poll
+ (default 600))
+ (first-poll autossh-configuration-first-poll
+ (default #f))
+ (gate-time autossh-configuration-gate-time
+ (default 30))
+ (log-level autossh-configuration-log-level
+ (default 1))
+ (max-start autossh-configuration-max-start
+ (default #f))
+ (message autossh-configuration-message
+ (default ""))
+ (port autossh-configuration-port
+ (default "0"))
+ (ssh-options autossh-configuration-ssh-options
+ (default '())))
+
+(define (autossh-file-name config file)
+ "Return a path in /var/run/autossh/ that is writable
+ by @code{user} from @code{config}."
+ (string-append "/var/run/autossh/"
+ (autossh-configuration-user config)
+ "/" file))
+
+(define (autossh-shepherd-service config)
+ (shepherd-service
+ (documentation "Automatically set up ssh connections (and keep them alive).")
+ (provision '(autossh))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append autossh "/bin/autossh")
+ #$@(autossh-configuration-ssh-options config))
+ #:user #$(autossh-configuration-user config)
+ #:group (passwd:gid (getpw #$(autossh-configuration-user config)))
+ #:pid-file #$(autossh-file-name config "pid")
+ #:log-file #$(autossh-file-name config "log")
+ #:environment-variables
+ '(#$(string-append "AUTOSSH_PIDFILE="
+ (autossh-file-name config "pid"))
+ #$(string-append "AUTOSSH_LOGFILE="
+ (autossh-file-name config "log"))
+ #$(string-append "AUTOSSH_POLL="
+ (number->string
+ (autossh-configuration-poll config)))
+ #$(string-append "AUTOSSH_FIRST_POLL="
+ (number->string
+ (or
+ (autossh-configuration-first-poll config)
+ (autossh-configuration-poll config))))
+ #$(string-append "AUTOSSH_GATETIME="
+ (number->string
+ (autossh-configuration-gate-time config)))
+ #$(string-append "AUTOSSH_LOGLEVEL="
+ (number->string
+ (autossh-configuration-log-level config)))
+ #$(string-append "AUTOSSH_MAXSTART="
+ (number->string
+ (or (autossh-configuration-max-start config)
+ -1)))
+ #$(string-append "AUTOSSH_MESSAGE="
+ (autossh-configuration-message config))
+ #$(string-append "AUTOSSH_PORT="
+ (autossh-configuration-port config)))))
+ (stop #~(make-kill-destructor))))
+
+(define (autossh-service-activation config)
+ (with-imported-modules '((guix build utils))
+ #~(begin
+ (use-modules (guix build utils))
+ (define %user
+ (getpw #$(autossh-configuration-user config)))
+ (let* ((directory #$(autossh-file-name config ""))
+ (log (string-append directory "/log")))
+ (mkdir-p directory)
+ (chown directory (passwd:uid %user) (passwd:gid %user))
+ (call-with-output-file log (const #t))
+ (chown log (passwd:uid %user) (passwd:gid %user))))))
+
+(define autossh-service-type
+ (service-type
+ (name 'autossh)
+ (description "Automatically set up ssh connections (and keep them alive).")
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ (compose list autossh-shepherd-service))
+ (service-extension activation-service-type
+ autossh-service-activation)))
+ (default-value (autossh-configuration))))
+
+(define* (autossh-service #:optional (config (autossh-configuration)))
+ "Run autossh with the given @var{config}, a @code{<autossh-configuration>}
+object."
+ (service autossh-service-type config))
+
;;; ssh.scm ends here
--
2.26.2
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [bug#41018] [PATCH v2 try 2] gnu: Add AutoSSH service.
2020-05-05 7:31 ` [bug#41018] [PATCH v2 try 2] " pinoaffe
@ 2020-05-05 12:33 ` Oleg Pykhalov
0 siblings, 0 replies; 8+ messages in thread
From: Oleg Pykhalov @ 2020-05-05 12:33 UTC (permalink / raw)
To: pinoaffe; +Cc: 41018, 41018-done
[-- Attachment #1: Type: text/plain, Size: 1221 bytes --]
pinoaffe <pinoaffe@airmail.cc> writes:
> * doc/guix.texi: Add documentation.
> * gnu/services/ssh.scm (<autossh-configuration>): New record type.
> (mpd-service-type): New service type.
> ---
Not mpd-service-type. :-) Changed to:
--8<---------------cut here---------------start------------->8---
gnu: Add AutoSSH service.
* gnu/services/ssh.scm (<autossh-configuration>): New record type.
(autossh-service-type): New variable.
(autossh-service-activation, autossh-file-name): New procedures.
* doc/guix.texi (Networking Services): Document this.
--8<---------------cut here---------------end--------------->8---
[…]
> +@lisp
> +(autossh (autossh-configuration
> + (user "pino")
> + (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
> +@end lisp
> +@end deffn
…
> +(define* (autossh-service #:optional (config (autossh-configuration)))
> + "Run autossh with the given @var{config}, a @code{<autossh-configuration>}
> +object."
> + (service autossh-service-type config))
> +
Procedures like this ‘autossh-service’ are deprecated. I removed it and
updated documentation accordingly. Pushed to master with those changes.
Oleg.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2020-05-05 12:33 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-02 9:19 [bug#41018] [PATCH] gnu: Add AutoSSH service pinoaffe
2020-05-02 13:47 ` Oleg Pykhalov
2020-05-03 15:13 ` pinoaffe
2020-05-03 15:52 ` Oleg Pykhalov
2020-05-04 15:56 ` [bug#41018] [PATCH v2] " pinoaffe
2020-05-04 22:49 ` Oleg Pykhalov
2020-05-05 7:31 ` [bug#41018] [PATCH v2 try 2] " pinoaffe
2020-05-05 12:33 ` Oleg Pykhalov
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.