From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id sBN/EjmMcGVHAAAAG6o9tA:P1 (envelope-from ) for ; Wed, 06 Dec 2023 15:59:05 +0100 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id sBN/EjmMcGVHAAAAG6o9tA (envelope-from ) for ; Wed, 06 Dec 2023 15:59:05 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id D9D8A60AE5 for ; Wed, 6 Dec 2023 15:59:04 +0100 (CET) Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Seal: i=1; s=key1; d=yhetil.org; t=1701874745; a=rsa-sha256; cv=none; b=O6Z+c98VFGVYumeAuJeXNNAmzYoI1eoLiPh9i4lg9eu44bCO9Bykucy2M833UJapK7Lgk6 YF4uN4bg5597t7llsAsDdp3AhwCyN5sK/ezWIsBPfgad+3v00AAGQpOR6j2b7rELLl41vD 4E8REZRRpseFHrRFs/2+qW01TkzN/XcBxWQk7qh05FyRetSkH/z8n+nnsuhZmxvehhLw8A wW/AzsQJCMZdZVfbovCjdWSwQ3TTgIifKJcHVxuql2GOBwia3Mju1p7xDrgB9aaKa0glEm dZd1aXjjjJYBdHuUPPn7ozOCTTdtVgb2BupcddNzA9bpMpHIv5Z5ffl0bLCPGg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1701874745; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post; bh=AHfwffQfWlchPUaQCdarkMDKOGttjVxnDiwwOka9tm0=; b=aI8KnRNDA7RgHVe87Lqtx9jwy3aFptlfMvLVJdQiJpq+7KbXPnsE3tio2/H7DDrucCcUkp YdggzTPFhgH6EpoiwHrSjtEFXOdo64xFRtWbEefSdM265am11kjG34nnizSmoaEllzWjAQ gIzZaSafxYnt1WdakRMUZDjl/WBZctnMLvnDF93RohzlXcrlk4QG0avDBbn9GwqZ463ats Fx/Ze6RV3F7H3QhMISZRQfcX3y2sY1ZSTpgoWTTADWrDZ0OOkVhOwVwmo4WjqkIdA/uQjl LFBqGSsEOniH/siUxGCJE4tiuKOHMnbksnyHr0LrUG+NC1OxevU6HWb/9x5qHw== Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rAtMS-00040L-Eh; Wed, 06 Dec 2023 09:58:52 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rAtMQ-00040C-GN for guix-patches@gnu.org; Wed, 06 Dec 2023 09:58:50 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rAtMQ-0001Y0-8A for guix-patches@gnu.org; Wed, 06 Dec 2023 09:58:50 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1rAtMb-0005zK-S4 for guix-patches@gnu.org; Wed, 06 Dec 2023 09:59:01 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#61740] [PATCH v3] services: Add rspamd-service-type. (was [bug#61740] [PATCH] services: Add rspamd-service-type.) Resent-From: Bruno Victal Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 06 Dec 2023 14:59:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 61740 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: moreinfo patch To: Saku Laesvuori , Thomas Ieong Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= , 61740@debbugs.gnu.org, Felix Lechner Received: via spool by 61740-submit@debbugs.gnu.org id=B61740.170187471922985 (code B ref 61740); Wed, 06 Dec 2023 14:59:01 +0000 Received: (at 61740) by debbugs.gnu.org; 6 Dec 2023 14:58:39 +0000 Received: from localhost ([127.0.0.1]:40162 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rAtME-0005yf-Qm for submit@debbugs.gnu.org; Wed, 06 Dec 2023 09:58:39 -0500 Received: from smtpmciv2.myservices.hosting ([185.26.107.238]:49592) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rAtMC-0005yV-JU for 61740@debbugs.gnu.org; Wed, 06 Dec 2023 09:58:37 -0500 Received: from mail1.netim.hosting (unknown [185.26.106.173]) by smtpmciv2.myservices.hosting (Postfix) with ESMTP id 517EF20CAF; Wed, 6 Dec 2023 15:58:22 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by mail1.netim.hosting (Postfix) with ESMTP id ADDDF80095; Wed, 6 Dec 2023 15:58:21 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at mail1.netim.hosting Received: from mail1.netim.hosting ([127.0.0.1]) by localhost (mail1-2.netim.hosting [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 22Fg1guxZq_z; Wed, 6 Dec 2023 15:58:21 +0100 (CET) Received: from [192.168.1.116] (unknown [10.192.1.83]) (Authenticated sender: lumen@makinata.eu) by mail1.netim.hosting (Postfix) with ESMTPSA id 908DA80067; Wed, 6 Dec 2023 15:58:20 +0100 (CET) Message-ID: Date: Wed, 6 Dec 2023 14:58:19 +0000 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird From: Bruno Victal References: <87sf7fqi3x.fsf@lease-up.com> Content-Language: en-US In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------8yW2BoaS4L6AF2x2e7I8mTII" X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Scanner: mx13.migadu.com X-Migadu-Spam-Score: -8.24 X-Spam-Score: -8.24 X-Migadu-Queue-Id: D9D8A60AE5 X-TUID: 4lL0DfKAwMcZ This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------8yW2BoaS4L6AF2x2e7I8mTII Content-Type: multipart/mixed; boundary="------------AseMUcHg90az0Qb4pSy8Epmo"; protected-headers="v1" From: Bruno Victal To: Saku Laesvuori , Thomas Ieong Cc: =?UTF-8?Q?Ludovic_Court=C3=A8s?= , Felix Lechner , 61740@debbugs.gnu.org Message-ID: Subject: Re: [bug#61740] [PATCH v3] services: Add rspamd-service-type. (was [bug#61740] [PATCH] services: Add rspamd-service-type.) References: <87sf7fqi3x.fsf@lease-up.com> In-Reply-To: --------------AseMUcHg90az0Qb4pSy8Epmo Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi Saku, Some comments: > +(define (directory-tree? xs) > + (match xs > + (((file-name file-like) ...) > + (and (every string? file-name) > + (every file-like? file-like))) > + (_ #f))) You can express this more compactly as: --8<---------------cut here---------------start------------->8--- (define directory-tree? (match-lambda ((((? string?) (? file-like?)) ...) #t) (_ #f))) --8<---------------cut here---------------end--------------->8--- > + (user > + (string "rspamd") > + "The user to run rspamd as.") > + (group > + (string "rspamd") > + "The group to run rspamd as.") How about using user-account and user-group records instead? (see vnstat-service-type for an example) > + (pid-file > + (string "/var/run/rspamd/rspamd.pid") > + "Where to store the PID file.") Is it useful to expose this? > + (insecure? > + (boolean #f) > + "Ignore running workers as privileged users (insecure).") To me it seems redundant to restate =E2=80=9C(insecure)=E2=80=9D in the d= escription. > + (make-forkexec-constructor > + (list #$rspamd "-c" #$config-file I'd prefer the long-name --config over the shorter ones here. > + "--var" (string-append "LOCAL_CONFDIR=3D" = #$local-confdir) Curiously I don't see this listed in the 'rspamd' manpage although it is on the 'rspamadm' one. Can you confirm whether this works and if so, report to upstream that their docs are missing this? > + (service-extension profile-service-type > + (compose list rspamd-configuration-package)) What's the motivation for adding the rspamd package to the profile? > +(define %rspamd-os > + (simple-operating-system > + (service dhcp-client-service-type) > + (service rspamd-service-type))) Is 'dhcp-client-service-type' needed for this system test? I haven't tested it but it looks unnecessary to me. > + ;; Check that we can access the web ui > + (test-equal "http-get" > + 200 > + (begin > + (let-values (((response text) > + (http-get "http://localhost:22668/" > + #:decode-body? #t))) > + (response-code response)))) IMO if you're only interested in the HTTP response code a http-head is the better option, unless the program handles those requests differently. Also, since 'text' isn't used you can simplify this to: --8<---------------cut here---------------start------------->8--- ;; Don't forget to remove the unused (srfi srfi-11) import. (test-equal "Web UI is accessible" 200 (response-code (http-head "http://localhost:22668/"))) --8<---------------cut here---------------end--------------->8--- > + (test-assert "rspamd pid ready" > + (marionette-eval > + '(file-exists? "/var/run/rspamd/rspamd.pid") > + marionette)) There's a procedure dedicated for this: --8<---------------cut here---------------start------------->8--- (test-assert "rspamd pid ready" (wait-for-file #$(rspamd-configuration-pid-file (rspamd-configuration))= marionette))) --8<---------------cut here---------------end--------------->8--- Note: I used (rspamd-configuration) since it you're using the default rspamd-configuration value here. > +(define %test-rspamd > + (system-test > + (name "rspamd") > + (description "Send an email to a running rspamd server.") > + (value (run-rspamd-test)))) I'd change the description to something like "Basic rspamd service test."= as the current one is misleading. --=20 Furthermore, I consider that nonfree software must be eradicated. Cheers, Bruno. --------------AseMUcHg90az0Qb4pSy8Epmo-- --------------8yW2BoaS4L6AF2x2e7I8mTII Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQTAPCseV0HOaN0YFheobOGDL+spVQUCZXCMCwAKCRCobOGDL+sp VeKvAQDccYdL2rmGJnj7eEkhYCeONz7dcyx8F0nnFkLNMp7YBgD7B5cht2FmR0vg jeUNJLu4aXZUDFwyB3/eoA6Mi1PQxw0= =Knj7 -----END PGP SIGNATURE----- --------------8yW2BoaS4L6AF2x2e7I8mTII--