From unknown Mon Jun 23 22:06:43 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#32141 <32141@debbugs.gnu.org> To: bug#32141 <32141@debbugs.gnu.org> Subject: Status: [PATCH] services: Add ddclient service. Reply-To: bug#32141 <32141@debbugs.gnu.org> Date: Tue, 24 Jun 2025 05:06:43 +0000 retitle 32141 [PATCH] services: Add ddclient service. reassign 32141 guix-patches submitter 32141 Oleg Pykhalov severity 32141 normal tag 32141 patch thanks From debbugs-submit-bounces@debbugs.gnu.org Fri Jul 13 10:59:26 2018 Received: (at submit) by debbugs.gnu.org; 13 Jul 2018 14:59:26 +0000 Received: from localhost ([127.0.0.1]:59083 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fdzXZ-0006P4-Va for submit@debbugs.gnu.org; Fri, 13 Jul 2018 10:59:26 -0400 Received: from eggs.gnu.org ([208.118.235.92]:49744) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fdzXX-0006Oq-HY for submit@debbugs.gnu.org; Fri, 13 Jul 2018 10:59:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fdzXQ-0000dT-Q8 for submit@debbugs.gnu.org; Fri, 13 Jul 2018 10:59:18 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,FREEMAIL_FROM, T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:48024) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fdzXQ-0000dP-LS for submit@debbugs.gnu.org; Fri, 13 Jul 2018 10:59:16 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:40713) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fdzXO-0004iG-LI for guix-patches@gnu.org; Fri, 13 Jul 2018 10:59:16 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fdzXK-0000c1-KC for guix-patches@gnu.org; Fri, 13 Jul 2018 10:59:14 -0400 Received: from mail-lj1-x233.google.com ([2a00:1450:4864:20::233]:34372) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fdzXK-0000bl-7H for guix-patches@gnu.org; Fri, 13 Jul 2018 10:59:10 -0400 Received: by mail-lj1-x233.google.com with SMTP id f8-v6so7047208ljk.1 for ; Fri, 13 Jul 2018 07:59:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=4x/JMolRTeCRWG0ZstiMhOm/pHDLV1M5SD7BCV0SOYY=; b=CVT13YrHmbGYEIHBw2DWvUyjRESu0ZQUJ156/UZeFVSPK1S+Y097P6qRzvht33pbky F4MJt4H9KFl1JtjYQ0dc2iIrfBABbMe/ewxXHZt8SwvG/38qjF/+UmY6o9NU6lYkmrm+ EKf81dgU8FH/9fIH3mWkmoEtU0yJzsVpb/VtxpNZbxpDERKbpoz02KjhSwvhxokIbuFl 8r/fNLpcguS4rxcry8VFl3m7knRRJUsSvrmH7RQneiI+RrPKcgT/4O5kWoyFZ7k8JI0X +bY+pG3hOYrxt6lqOqY4roDVSFXOiqhszO/qTXDCMZDxXl7ANNr2ygsOuxqEiDjmzCWG dGVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=4x/JMolRTeCRWG0ZstiMhOm/pHDLV1M5SD7BCV0SOYY=; b=miwAiE161EYW8R1ywQtLR06FM9Y6cqCpTMqaQEh+aokQTCWD67lYimzsu5nve91VbA zDqb0sCCG8JQJ06xgC18sC9dg5fMprDDDDB5/ea8ObNcShFjI/X++qJD8DnuOL6wsrwb CbNZxUAI/HohJd9GfTPRPw0DUG/svsrcaNiWCRt9OS+UqEhs2nE7ZSwS/idaAe1MbAvI /pwkAIH8W4j2EmboWmm/nsq1md99DdxInVfs5B7t1vT0ztHa7WWBgvQHM0PllrxgW9oP ePmtmpmhyj83u+eSuvDz71V3o+BjVg1aDLeQJK6KW5aChXThf604wmyeIfDOrpE0ba1x 2Uug== X-Gm-Message-State: AOUpUlHb5ynVaiPnSPrkPC9z7aZvq/rfKoGRKDt+GVhAINMwEQhxXk9G ns8Kw0Sk3x18wTydExmnFGLRCw== X-Google-Smtp-Source: AAOMgpfCtLwrisTe3/HwKy/znwo2DmsABTifhREubDnNu6Vd4CsI/L2FS7Sz2kVhQTDwkTNTCwqF4w== X-Received: by 2002:a2e:8616:: with SMTP id a22-v6mr3799857lji.43.1531493948314; Fri, 13 Jul 2018 07:59:08 -0700 (PDT) Received: from localhost.localdomain ([178.71.196.63]) by smtp.gmail.com with ESMTPSA id f3-v6sm3618249lfc.30.2018.07.13.07.59.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 13 Jul 2018 07:59:07 -0700 (PDT) From: Oleg Pykhalov To: guix-patches@gnu.org Subject: [PATCH] services: Add ddclient service. Date: Fri, 13 Jul 2018 17:58:54 +0300 Message-Id: <20180713145854.12250-1-go.wigust@gmail.com> X-Mailer: git-send-email 2.18.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.0 (----) X-Debbugs-Envelope-To: submit Cc: Oleg Pykhalov X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) * gnu/services/dns.scm (ddclient-configuration, opaque-ddclient-configuration, ddclient-service-type): New variables. (uglify-field-name, serialize-field, serialize-boolean, serialize-integer, serialize-string, serialize-list, serialize-extra-options, ddclient-activation, ddclient-shepherd-service, generate-ddclient-documentation, generate-opaque-ddclient-documentation): New procedures. * doc/guix.texi (DNS Services): Document it. --- doc/guix.texi | 107 +++++++++++++++++++++++++++++++++ gnu/services/dns.scm | 137 ++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 243 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index eaec4c422..fcc7c0037 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -17123,6 +17123,113 @@ When false, disable negative caching. @end table @end deftp +@subsubheading ddclient Service + +@cindex ddclient +@uref{https://sourceforge.net/projects/ddclient/, ddclient} is an address +updating utility for dynamic DNS services. + +The following example will configure the service with values from +@file{ddclient.conf} file. You could get a @file{ddclient.conf} sample from +@code{ddclient} package. + +@example +(use-modules (ice-9 textual-ports)) + +(service ddclient-service-type + (opaque-ddclient-configuration + (ddclient-conf + (call-with-input-file "ddclient.conf" + get-string-all)))) +@end example + +@c %start of fragment + +Available @code{opaque-ddclient-configuration} fields are: + +@deftypevr {@code{opaque-ddclient-configuration} parameter} package ddclient +The ddclient package. + +@end deftypevr + +@deftypevr {@code{opaque-ddclient-configuration} parameter} string ddclient-conf +The contents of the @file{ddclient.conf} to use. + +@end deftypevr + +@deftypevr {@code{opaque-ddclient-configuration} parameter} string pid +The ddclient PID file. + +Defaults to @samp{"/var/run/ddclient.pid"}. + +@end deftypevr + + +@c %end of fragment + + +@c %start of fragment + +Available @code{ddclient-configuration} fields are: + +@deftypevr {@code{ddclient-configuration} parameter} package ddclient +The ddclient package. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} integer daemon +The period after which ddclient will retry to check IP and domain name. + +Defaults to @samp{300}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} boolean syslog +Use syslog for the output. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} string mail +Mail to user. + +Defaults to @samp{"root"}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} string mail-failure +Mail failed update to user. + +Defaults to @samp{"root"}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} string pid +The ddclient PID file. + +Defaults to @samp{"/var/run/ddclient.pid"}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} boolean ssl +Enable SSL support. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} list extra-options +Extra options will be appended to ddclient configuration file. + +Defaults to @samp{()}. + +@end deftypevr + + +@c %end of fragment + + @node VPN Services @subsubsection VPN Services @cindex VPN (virtual private network) diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm index 2c57a36b8..7a3184b42 100644 --- a/gnu/services/dns.scm +++ b/gnu/services/dns.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2017 Julien Lepiller +;;; Copyright © 2018 Oleg Pykhalov ;;; ;;; This file is part of GNU Guix. ;;; @@ -45,7 +46,11 @@ zone-entry dnsmasq-service-type - dnsmasq-configuration)) + dnsmasq-configuration + + ddclient-service-type + ddclient-configuration + opaque-ddclient-configuration)) ;;; ;;; Knot DNS. @@ -670,3 +675,133 @@ (compose list dnsmasq-shepherd-service)))) (default-value (dnsmasq-configuration)) (description "Run the dnsmasq DNS server."))) + + +;;; +;;; ddclient +;;; + +(define (uglify-field-name field-name) + (string-delete #\? (symbol->string field-name))) + +(define (serialize-field field-name val) + (format #t "~a=~a\n" (uglify-field-name field-name) val)) + +(define (serialize-boolean field-name val) + (serialize-field field-name (if val "yes" "no"))) + +(define (serialize-integer field-name val) + (serialize-field field-name (number->string val))) + +(define (serialize-string field-name val) + (if (and (string? val) (string=? val "")) + "" + (serialize-field field-name val))) + +(define (serialize-list field-name val) + (if (null? val) "" (serialize-field field-name (string-join val)))) + +(define (serialize-extra-options extra-options) + (string-join extra-options "\n" 'suffix)) + +(define-configuration ddclient-configuration + (ddclient + (package ddclient) + "The ddclient package.") + (daemon + (integer 300) + "The period after which ddclient will retry to check IP and domain name.") + (syslog + (boolean #t) + "Use syslog for the output.") + (mail + (string "root") + "Mail to user.") + (mail-failure + (string "root") + "Mail failed update to user.") + (pid + (string "/var/run/ddclient.pid") + "The ddclient PID file.") + (ssl + (boolean #t) + "Enable SSL support.") + (extra-options + (list '()) + "Extra options will be appended to ddclient configuration file.")) + +(define-configuration opaque-ddclient-configuration + (ddclient + (package ddclient) + "The ddclient package.") + (ddclient-conf + (string (configuration-missing-field 'opaque-ddclient-configuration + 'ddclient-conf)) + "The contents of the @file{ddclient.conf} to use.") + (pid + (string "/var/run/ddclient.pid") + "The ddclient PID file.")) + +(define (ddclient-activation config) + "Return the activation GEXP for CONFIG." + (let ((config-str + (if (opaque-ddclient-configuration? config) + (opaque-ddclient-configuration-ddclient-conf config) + (with-output-to-string + (lambda () + (serialize-configuration config + ddclient-configuration-fields)))))) + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (mkdir-p "/var/cache/ddclient") + ;; 'ddclient' complains about ddclient.conf file permissions, which + ;; rules out /gnu/store. Thus we copy the ddclient.conf to /etc. + (mkdir-p "/etc/ddclient") + (let ((file "/etc/ddclient/ddclient.conf")) + (copy-file #$(plain-file "ddclient.conf" config-str) file) + (chmod file #o600)))))) + +(define (ddclient-shepherd-service config) + "Return a for ddclient with CONFIG." + (let* ((opaque-config? (opaque-ddclient-configuration? config)) + (pid (if opaque-config? + (opaque-ddclient-configuration-pid config) + (ddclient-configuration-pid config))) + (ddclient (if opaque-config? + (opaque-ddclient-configuration-ddclient config) + (ddclient-configuration-ddclient config)))) + (list (shepherd-service + (provision '(ddclient)) + (documentation "Run ddclient daemon.") + (start #~(make-forkexec-constructor + (list #$(file-append ddclient "/bin/ddclient") + "-foreground" "-file" "/etc/ddclient/ddclient.conf" + "-debug" "-verbose") + #:pid-file #$pid + #:environment-variables + (list "SSL_CERT_DIR=/run/current-system/profile\ +/etc/ssl/certs" + "SSL_CERT_FILE=/run/current-system/profile\ +/etc/ssl/certs/ca-certificates.crt"))) + (stop #~(make-kill-destructor)))))) + +(define ddclient-service-type + (service-type + (name 'ddclient) + (extensions + (list (service-extension shepherd-root-service-type ddclient-shepherd-service) + (service-extension activation-service-type ddclient-activation))) + (default-value (ddclient-configuration)) + (description "Configure address updating utility for dynamic DNS services, +ddclient."))) + +(define (generate-ddclient-documentation) + (generate-documentation + `((ddclient-configuration ,ddclient-configuration-fields)) + 'ddclient-configuration)) + +(define (generate-opaque-ddclient-documentation) + (generate-documentation + `((opaque-ddclient-configuration ,opaque-ddclient-configuration-fields)) + 'opaque-ddclient-configuration)) -- 2.18.0 From debbugs-submit-bounces@debbugs.gnu.org Thu Jul 19 05:40:49 2018 Received: (at 32141) by debbugs.gnu.org; 19 Jul 2018 09:40:49 +0000 Received: from localhost ([127.0.0.1]:47515 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fg5QX-0001Za-5K for submit@debbugs.gnu.org; Thu, 19 Jul 2018 05:40:49 -0400 Received: from eggs.gnu.org ([208.118.235.92]:36572) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fg5QV-0001ZN-3N for 32141@debbugs.gnu.org; Thu, 19 Jul 2018 05:40:47 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fg5QM-0004Rp-L6 for 32141@debbugs.gnu.org; Thu, 19 Jul 2018 05:40:41 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:49777) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fg5QM-0004RQ-FY; Thu, 19 Jul 2018 05:40:38 -0400 Received: from [193.50.110.227] (port=58580 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1fg5QL-0002nN-W8; Thu, 19 Jul 2018 05:40:38 -0400 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: Oleg Pykhalov Subject: Re: [bug#32141] [PATCH] services: Add ddclient service. References: <20180713145854.12250-1-go.wigust@gmail.com> Date: Thu, 19 Jul 2018 11:40:36 +0200 In-Reply-To: <20180713145854.12250-1-go.wigust@gmail.com> (Oleg Pykhalov's message of "Fri, 13 Jul 2018 17:58:54 +0300") Message-ID: <87lga7wokr.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: 32141 Cc: 32141@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -6.0 (------) Hi Oleg, Oleg Pykhalov skribis: > * gnu/services/dns.scm (ddclient-configuration, opaque-ddclient-configura= tion, > ddclient-service-type): New variables. > (uglify-field-name, serialize-field, serialize-boolean, serialize-integer, > serialize-string, serialize-list, serialize-extra-options, > ddclient-activation, ddclient-shepherd-service, > generate-ddclient-documentation, generate-opaque-ddclient-documentation):= New > procedures. > * doc/guix.texi (DNS Services): Document it. [...] > +@subsubheading ddclient Service > + > +@cindex ddclient > +@uref{https://sourceforge.net/projects/ddclient/, ddclient} is an address > +updating utility for dynamic DNS services. It would be nice to expound a bit, like: The ddclient service described below runs the ddclient daemon, which takes care of automatically updating DNS entries for service providers such as DynDNS.com. Also, is there a better home page? Otherwise LGTM! > + (list (shepherd-service > + (provision '(ddclient)) > + (documentation "Run ddclient daemon.") > + (start #~(make-forkexec-constructor > + (list #$(file-append ddclient "/bin/ddclient") > + "-foreground" "-file" "/etc/ddclient/ddclient= .conf" > + "-debug" "-verbose") > + #:pid-file #$pid > + #:environment-variables > + (list "SSL_CERT_DIR=3D/run/current-system/profile\ > +/etc/ssl/certs" > + "SSL_CERT_FILE=3D/run/current-system/profile\ > +/etc/ssl/certs/ca-certificates.crt"))) > + (stop #~(make-kill-destructor)))))) Does it run as root? If there=E2=80=99s no option to run it (mostly) as non-root, perhaps it would make sense to try using =E2=80=98make-forkexec-constructor/container=E2=80=99 here (as a separate p= atch.) WDYT? Thank you, Ludo=E2=80=99. From debbugs-submit-bounces@debbugs.gnu.org Wed Jul 25 03:23:04 2018 Received: (at 32141) by debbugs.gnu.org; 25 Jul 2018 07:23:04 +0000 Received: from localhost ([127.0.0.1]:56058 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fiE8V-0002C3-M5 for submit@debbugs.gnu.org; Wed, 25 Jul 2018 03:23:03 -0400 Received: from mail-lf1-f46.google.com ([209.85.167.46]:37167) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fiE8T-0002BL-Nu for 32141@debbugs.gnu.org; Wed, 25 Jul 2018 03:23:02 -0400 Received: by mail-lf1-f46.google.com with SMTP id j8-v6so4720386lfb.4 for <32141@debbugs.gnu.org>; Wed, 25 Jul 2018 00:23:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:message-id:user-agent :mime-version; bh=y0pU7xNkojWnZ9KvB8aXQqLAvFk/QY8HXInKtiDbN78=; b=NIQKCY4JW7J5yIPLFkQhQeBTX183cdRWc1sgawNC9qgjbfCFU3knJNmy4R+pSEVaTP BJLS6tJkOeTNc+jEHjNP+KIdW+8aijbxKKtTORwbroxJkjN8/+m2buIq0qUgvIJsRdTa S127pSLpW+Tko5D2hcrkKswX8f3rztRNg7mmYwU4rS/k6atn26dyFsD5/jUh52C7S/p/ ANYCKykHFwY+mSqRk84kdydMKk4ZXQeseW60LkYvzfccR5b1SNZvD0EJF9Ahd0hbQUYF Ws1Gg2uiu1lXS562mWEzBVD+jLsmjvXanAX3UiMuJY5XekR3wNjex1t0l6e6TccsQVpK UZCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:message-id :user-agent:mime-version; bh=y0pU7xNkojWnZ9KvB8aXQqLAvFk/QY8HXInKtiDbN78=; b=OgqGY1b7WsnZSYjS/bwppJOabmTTv7ggo6ehy3KMcb9cG1lqxnvdqcQV7gavB1RWnq pH0EMsi8asnsBudovLxDf/K5FspIhggU5jaaCht7Aza6kvs1jzvoGqx3SXvJXxpSanCc LGV+fTiZawPdLrIY4EKafpZFxtRK5ShxKWXmt4x3mQ/lgVNreyztKAR0dA8+mll0VaOA 8dI6A2sDPmjt4qQlSsVsw3JAvIRDi97wY8Fp2R0Yst7gBngM/N4IxS5yZ8C07tiFdWNr X+kTgoZaX5darXHTJF2613VI1eVzE2MVITGIoj1/Glnj4XYc6TLYgYIBbMSVXpL4woCg B/2g== X-Gm-Message-State: AOUpUlFfjbp2aV7JUkFcqBeqI+N3PR2yd8W+xpEeeCIW8IYrGqZLA25z m92pjD06RDNQug7QyQfHav01/HweM0E= X-Google-Smtp-Source: AAOMgpcbtUVc/yoMlolOocYY4RSQB5T7YHvMvV8voo06KL79oDo3tFGJ+8h0ZbbEp3x3qD7QcysF+Q== X-Received: by 2002:a19:1604:: with SMTP id m4-v6mr11541505lfi.120.1532503375592; Wed, 25 Jul 2018 00:22:55 -0700 (PDT) Received: from magnolia (95-55-112-34.dynamic.avangarddsl.ru. [95.55.112.34]) by smtp.gmail.com with ESMTPSA id 14-v6sm2621258ljc.74.2018.07.25.00.22.54 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 25 Jul 2018 00:22:54 -0700 (PDT) From: Oleg Pykhalov To: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Subject: Re: [bug#32141] [PATCH] services: Add ddclient service. References: <20180713145854.12250-1-go.wigust@gmail.com> <87lga7wokr.fsf@gnu.org> Date: Wed, 25 Jul 2018 10:22:50 +0300 Message-ID: <87effrpynp.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 32141 Cc: 32141@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello Ludovic, Thank you for review. ludo@gnu.org (Ludovic Court=C3=A8s) writes: > Oleg Pykhalov skribis: > >> * gnu/services/dns.scm (ddclient-configuration, opaque-ddclient-configur= ation, >> ddclient-service-type): New variables. >> (uglify-field-name, serialize-field, serialize-boolean, serialize-intege= r, >> serialize-string, serialize-list, serialize-extra-options, >> ddclient-activation, ddclient-shepherd-service, >> generate-ddclient-documentation, generate-opaque-ddclient-documentation)= : New >> procedures. >> * doc/guix.texi (DNS Services): Document it. > > [...] > >> +@subsubheading ddclient Service >> + >> +@cindex ddclient >> +@uref{https://sourceforge.net/projects/ddclient/, ddclient} is an addre= ss >> +updating utility for dynamic DNS services. > > It would be nice to expound a bit, like: > > The ddclient service described below runs the ddclient daemon, which > takes care of automatically updating DNS entries for service providers > such as DynDNS.com. OK. I improved little bit with =E2=80=9Csuch as @uref{https://dyn.com/dns/, Dyn}.=E2=80=9D if you don't mind. > Also, is there a better home page? I think no. I found http://ddclient.sf.net/ in Debian package recipe [1], but =E2=80=98curl -Ik --location http://ddclient.sf.net/=E2=80=99 retu= rns a https://sourceforge.net/p/ddclient/wiki/Home/ URI. > Otherwise LGTM! > >> + (list (shepherd-service >> + (provision '(ddclient)) >> + (documentation "Run ddclient daemon.") >> + (start #~(make-forkexec-constructor >> + (list #$(file-append ddclient "/bin/ddclient") >> + "-foreground" "-file" "/etc/ddclient/ddclien= t.conf" >> + "-debug" "-verbose") >> + #:pid-file #$pid >> + #:environment-variables >> + (list "SSL_CERT_DIR=3D/run/current-system/profile\ >> +/etc/ssl/certs" >> + "SSL_CERT_FILE=3D/run/current-system/profile\ >> +/etc/ssl/certs/ca-certificates.crt"))) >> + (stop #~(make-kill-destructor)))))) > > Does it run as root? If there=E2=80=99s no option to run it (mostly) as > non-root, perhaps it would make sense to try using > =E2=80=98make-forkexec-constructor/container=E2=80=99 here (as a separate= patch.) > > WDYT? It did run as root. I've succeeded to run it with =E2=80=98ddclient=E2=80= =99 user. Also, the generated =E2=80=98ddclient.conf=E2=80=99 which contains secrets = is stored in the store. I probably should change the =E2=80=98ddclient-activation=E2=80= =99 procedure =2D-8<---------------cut here---------------start------------->8--- (copy-file #$(plain-file "ddclient.conf" config-str) file) =2D-8<---------------cut here---------------end--------------->8--- to a procedure which writes =E2=80=98config-str=E2=80=99 to the file withou= t storing it somewhere else. WDYT? [1] https://packages.debian.org/stretch/ddclient --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEc+OyAXw1EaDPCmAPckbhHGm3lWkFAltYJUoACgkQckbhHGm3 lWkZMg/9FqkHR1HVU5XQpN/+YD0QJJ00oRu34OGb3pA7nXZiMYKf0+RoGbDUWu74 6e+pHcRhDmxiZt2w4lkqSDq2J3Ge3MdaJBfUDmGVYkszyi30tbavxgleWqz4U69u wTMPpMrSDk4nQzaKRvtTEx32J9K7q8Hfz4/njv9hnYrtazsmBz6hNicDcvcJD8vi Naj3E75pGVInup5uj9yGaKQsjZzaRroAMp/5qAAmdWO4wSMO3E0qczkH+9EuNgQV DalwA2zhd4P4OYp3PUXeCQpbWXKiEDFoR+lD1go6jKLBieXHw2c37tZ+pQB37ba2 mfYBW67D7vToGWc/HvEFkBL7MDEHPnB4lY+IR28e4U6eBMREH8wEwflup0+7omjP BlLz9gGpDezcsJ99Wgzj+kR89lCcgR1EX7u4iS/EB5EJxgIBb7Iq9tp3Bbe7S72O 4YvY1zu4thIvDGmnAB5C2XQXp9zI60DbZSEd98kJPT5ZhUogzOfFrnCcLxtSRwty /Rr0k36rLuQTQrrsjPGkFiJm4ljpuj+RuqSDm7YxXqXxH4ngT10JMLK87aE2LsMG oMbDlHpGmSsMhgmDUop5gJdFl7X5+AFrWkbOi9jeyDpr9QzkTyRsQjXBwBjooOkz l20uSDex2vTojuUCd/0ZYf9qPmL5HOonjxAl+wcO2nnr2YiMlUk= =UF5x -----END PGP SIGNATURE----- --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Thu Jul 26 04:51:43 2018 Received: (at 32141) by debbugs.gnu.org; 26 Jul 2018 08:51:43 +0000 Received: from localhost ([127.0.0.1]:58271 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fibzr-0004FZ-Ii for submit@debbugs.gnu.org; Thu, 26 Jul 2018 04:51:43 -0400 Received: from eggs.gnu.org ([208.118.235.92]:36136) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fibzq-0004FM-5c for 32141@debbugs.gnu.org; Thu, 26 Jul 2018 04:51:42 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fibzi-0003Nd-1V for 32141@debbugs.gnu.org; Thu, 26 Jul 2018 04:51:37 -0400 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:48874) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fibzh-0003NJ-Se; Thu, 26 Jul 2018 04:51:33 -0400 Received: from [193.50.110.221] (port=53402 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1fibzh-0003hq-EL; Thu, 26 Jul 2018 04:51:33 -0400 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: Oleg Pykhalov Subject: Re: [bug#32141] [PATCH] services: Add ddclient service. Message-ID: <87o9eu2xl1.fsf@gnu.org> References: <20180713145854.12250-1-go.wigust@gmail.com> <87lga7wokr.fsf@gnu.org> <87effrpynp.fsf@gmail.com> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 8 Thermidor an 226 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Thu, 26 Jul 2018 10:51:30 +0200 In-Reply-To: <87effrpynp.fsf@gmail.com> (Oleg Pykhalov's message of "Wed, 25 Jul 2018 10:22:50 +0300") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: 32141 Cc: 32141@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -6.0 (------) Hi Oleg, Oleg Pykhalov skribis: > ludo@gnu.org (Ludovic Court=C3=A8s) writes: [...] >>> +@subsubheading ddclient Service >>> + >>> +@cindex ddclient >>> +@uref{https://sourceforge.net/projects/ddclient/, ddclient} is an addr= ess >>> +updating utility for dynamic DNS services. >> >> It would be nice to expound a bit, like: >> >> The ddclient service described below runs the ddclient daemon, which >> takes care of automatically updating DNS entries for service providers >> such as DynDNS.com. > > OK. I improved little bit with =E2=80=9Csuch as @uref{https://dyn.com/dn= s/, > Dyn}.=E2=80=9D if you don't mind. Sure. >> Does it run as root? If there=E2=80=99s no option to run it (mostly) as >> non-root, perhaps it would make sense to try using >> =E2=80=98make-forkexec-constructor/container=E2=80=99 here (as a separat= e patch.) >> >> WDYT? > > It did run as root. I've succeeded to run it with =E2=80=98ddclient=E2= =80=99 user. Awesome. > Also, the generated =E2=80=98ddclient.conf=E2=80=99 which contains secret= s is stored in > the store. I probably should change the =E2=80=98ddclient-activation=E2= =80=99 procedure > > (copy-file #$(plain-file "ddclient.conf" config-str) file) > > to a procedure which writes =E2=80=98config-str=E2=80=99 to the file with= out storing it > somewhere else. WDYT? The problem would be the same: the activation script would contain =E2=80=98config-str=E2=80=99, and it would live in the store. In short we must not manipulate secrets in anything that goes through the store. The only thing I can suggest is to leave it up to the user to create a file containing the secret in an out-of-band fashion; /etc is a good place for such things. For example, they could create /etc/ddclient-secrets and then we would somehow arrange to get that file read. To do that there are two possibilities that come to mind: 1. If the config file syntax has an =E2=80=9Cinclude=E2=80=9D directive, = just include /etc/ddclient-secrets unconditionally in the generated config file. 2. Write an activation snippet that concatenates the generated config file with /etc/ddclient-secrets and stores that as /etc/ddclient.conf (or something like that.) Thoughts? Ludo=E2=80=99. From debbugs-submit-bounces@debbugs.gnu.org Wed Aug 01 13:27:52 2018 Received: (at 32141) by debbugs.gnu.org; 1 Aug 2018 17:27:52 +0000 Received: from localhost ([127.0.0.1]:37910 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fkuud-0002Ya-Uh for submit@debbugs.gnu.org; Wed, 01 Aug 2018 13:27:52 -0400 Received: from mail-lj1-f196.google.com ([209.85.208.196]:38458) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fkuua-0002YM-TD for 32141@debbugs.gnu.org; Wed, 01 Aug 2018 13:27:49 -0400 Received: by mail-lj1-f196.google.com with SMTP id p6-v6so17543397ljc.5 for <32141@debbugs.gnu.org>; Wed, 01 Aug 2018 10:27:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=snVstMjCFIhm3Jm2mg7htXG2YNmSDE39pST799Z1FnY=; b=dyDQWmL23LISl+KqfahJi/KD4LbE9jHCJFFxgPfiggpa1RZNWpfIpW87fO3jB4fhOz uHnRxtha/P81Kvl4V2LuoY6FBu3apYjZvBaxtpt+Nb6y8LlS0xiHOSPiHH8FDA6A15NS YzBGfckZdlO7TPwkac/1qHgGYddgb5N/Hn0X8tWTSDC5tM9tZ+nKMIhIwaPEp/Ttsz6e QGnegwC5FbJKwgV9swaoBgS/lRUf8l4zfbS/zPP8l6Cehe65fwiFVTJ7J77CJOWal6k4 QL8O+29PRVxKA486nEdhgwpKopPwBEz5PXR7SBABNsdbnZnkXopnVkWfc2Vcb5UqEKfA hcVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=snVstMjCFIhm3Jm2mg7htXG2YNmSDE39pST799Z1FnY=; b=L83d3jhB9cMdF4EUrFqkUDyE0xP7lZJIZYok89tnkcGbg28+Po/W7lqi2M29TOucgo 5+9dfYvqF+L+ZyiF8uNMtd7d64Yb6U7xQDRaIp3AIBtKN3Iqw44SGpJhH0HsA1AEV4B/ 2fUdNDUvTtTnvITXducVqHfiKNFGaWBo31jXvyTjPKbSOh9iJYqUXUjpw/poqPNe4Cp4 sez0qbhPiw2VB3PhKBnMQiXHslaLFvLuRoIvp/R09y3PkLPmMCYtehXRN1yZbgfJ8Ozk sMWB0e+o/lMfpMaIZzNw0hum6mh9kHNPsqWQotwvRTr37glv45E2B0yFHuAriv3/RP5K Ix9w== X-Gm-Message-State: AOUpUlEBrN29HBRsPyo6th40WcMJkM9E72s+zXoPzdFQ8dbN0xTn71D5 G2f53jg1Bxjq7AbkWePFxsFyHOjd X-Google-Smtp-Source: AAOMgpdHOVus+NlpFZDZUfI775XPjAEZFBuO9Wu7nSjrMjOHIYomHw7F2SwhITwjaLKfOuBc/mp/Kg== X-Received: by 2002:a2e:2bd7:: with SMTP id r84-v6mr21190618ljr.40.1533144462535; Wed, 01 Aug 2018 10:27:42 -0700 (PDT) Received: from magnolia (95-55-117-227.dynamic.avangarddsl.ru. [95.55.117.227]) by smtp.gmail.com with ESMTPSA id x3-v6sm3241331ljb.25.2018.08.01.10.27.41 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 01 Aug 2018 10:27:41 -0700 (PDT) From: Oleg Pykhalov To: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Subject: Re: [bug#32141] [PATCH] services: Add ddclient service. References: <20180713145854.12250-1-go.wigust@gmail.com> <87lga7wokr.fsf@gnu.org> <87effrpynp.fsf@gmail.com> <87o9eu2xl1.fsf@gnu.org> Date: Wed, 01 Aug 2018 20:27:38 +0300 In-Reply-To: <87o9eu2xl1.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Thu, 26 Jul 2018 10:51:30 +0200") Message-ID: <874lgengj9.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 32141 Cc: 32141@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello Ludovic, I applied all your suggestions and updated the documentation. The patch is attached below. I run a ddclient service from this patch currently. ludo@gnu.org (Ludovic Court=C3=A8s) writes: [=E2=80=A6] >> Also, the generated =E2=80=98ddclient.conf=E2=80=99 which contains secre= ts is stored in >> the store. I probably should change the =E2=80=98ddclient-activation=E2= =80=99 procedure >> >> (copy-file #$(plain-file "ddclient.conf" config-str) file) >> >> to a procedure which writes =E2=80=98config-str=E2=80=99 to the file wit= hout storing it >> somewhere else. WDYT? > > The problem would be the same: the activation script would contain > =E2=80=98config-str=E2=80=99, and it would live in the store. > > In short we must not manipulate secrets in anything that goes through > the store. The only thing I can suggest is to leave it up to the > user to create a file containing the secret in an out-of-band fashion; > /etc is a good place for such things. > > For example, they could create /etc/ddclient-secrets and then we would > somehow arrange to get that file read. > > To do that there are two possibilities that come to mind: > > 1. If the config file syntax has an =E2=80=9Cinclude=E2=80=9D directive= , just include > /etc/ddclient-secrets unconditionally in the generated config file. > > 2. Write an activation snippet that concatenates the generated config > file with /etc/ddclient-secrets and stores that as > /etc/ddclient.conf (or something like that.) > > Thoughts? Could we use =E2=80=98/etc/ddclient=E2=80=99 directory for secrets file, be= cause ddclient program use this directory by default? =2D-8<---------------cut here---------------start------------->8--- The following example will configure the service. By default, the @code{secret-file} in @code{ddclient-configuration} is pointing to @file{/etc/ddclient/secrets.conf} file, which will be appended = to @file{/etc/ddclient/ddclient.conf} and should be created in advance. See samples inside @file{/share/ddclient} directory of @code{ddclient} package. @example (service ddclient-service-type) @end example =2D-8<---------------cut here---------------end--------------->8--- --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: attachment; filename=0001-services-Add-ddclient-service.patch Content-Transfer-Encoding: quoted-printable Content-Description: [PATCH] services: Add ddclient service. From=203f47ae60ecb2e8780c451e93976b5c83135d8420 Mon Sep 17 00:00:00 2001 From: Oleg Pykhalov Date: Fri, 13 Jul 2018 11:49:13 +0300 Subject: [PATCH] services: Add ddclient service. * gnu/services/dns.scm (ddclient-configuration, ddclient-service-type): New variables. (uglify-field-name, serialize-field, serialize-boolean, serialize-integer, serialize-string, serialize-list, serialize-extra-options, ddclient-activation, ddclient-shepherd-service, generate-ddclient-documentation): New procedures. * doc/guix.texi (DNS Services): Document it. =2D-- doc/guix.texi | 103 +++++++++++++++++++++++++++ gnu/services/dns.scm | 166 ++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 268 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index 080b091b3..e08bfe059 100644 =2D-- a/doc/guix.texi +++ b/doc/guix.texi @@ -17211,6 +17211,109 @@ When false, disable negative caching. @end table @end deftp =20 +@subsubheading ddclient Service + +@cindex ddclient +The ddclient service described below runs the ddclient daemon, which takes +care of automatically updating DNS entries for service providers such as +@uref{https://dyn.com/dns/, Dyn}. + +The following example will configure the service. + +By default, the @code{secret-file} in @code{ddclient-configuration} is +pointing to @file{/etc/ddclient/secrets.conf} file, which will be appended= to +@file{/etc/ddclient/ddclient.conf} and should be created in advance. See +samples inside @file{/share/ddclient} directory of @code{ddclient} package. + +@example +(service ddclient-service-type) +@end example + + +@c %start of fragment + +Available @code{ddclient-configuration} fields are: + +@deftypevr {@code{ddclient-configuration} parameter} package ddclient +The ddclient package. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} integer daemon +The period after which ddclient will retry to check IP and domain name. + +Defaults to @samp{300}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} boolean syslog +Use syslog for the output. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} string mail +Mail to user. + +Defaults to @samp{"root"}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} string mail-failure +Mail failed update to user. + +Defaults to @samp{"root"}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} string pid +The ddclient PID file. + +Defaults to @samp{"/var/run/ddclient/ddclient.pid"}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} boolean ssl +Enable SSL support. + +Defaults to @samp{#t}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} string user +Specifies the user name or ID that is used when running ddclient +program. + +Defaults to @samp{"ddclient"}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} string group +Group of the user who will run the ddclient program. + +Defaults to @samp{"ddclient"}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} string secret-file +Secret file which will be appended to ddclient.conf file. + +Defaults to @samp{"/etc/ddclient/secrets.conf"}. + +@end deftypevr + +@deftypevr {@code{ddclient-configuration} parameter} list extra-options +Extra options will be appended to ddclient configuration file. + +Defaults to @samp{()}. + +@end deftypevr + + +@c %end of fragment + + @node VPN Services @subsubsection VPN Services @cindex VPN (virtual private network) diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm index 2c57a36b8..7ac61dfca 100644 =2D-- a/gnu/services/dns.scm +++ b/gnu/services/dns.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright =C2=A9 2017 Julien Lepiller +;;; Copyright =C2=A9 2018 Oleg Pykhalov ;;; ;;; This file is part of GNU Guix. ;;; @@ -45,7 +46,10 @@ zone-entry =20 dnsmasq-service-type =2D dnsmasq-configuration)) + dnsmasq-configuration + + ddclient-service-type + ddclient-configuration)) =20 ;;; ;;; Knot DNS. @@ -670,3 +674,163 @@ (compose list dnsmasq-shepherd-service)))) (default-value (dnsmasq-configuration)) (description "Run the dnsmasq DNS server."))) + + +;;; +;;; ddclient +;;; + +(define (uglify-field-name field-name) + (string-delete #\? (symbol->string field-name))) + +(define (serialize-field field-name val) + (format #t "~a=3D~a\n" (uglify-field-name field-name) val)) + +(define (serialize-boolean field-name val) + (serialize-field field-name (if val "yes" "no"))) + +(define (serialize-integer field-name val) + (serialize-field field-name (number->string val))) + +(define (serialize-string field-name val) + (if (and (string? val) (string=3D? val "")) + "" + (serialize-field field-name val))) + +(define (serialize-list field-name val) + (if (null? val) "" (serialize-field field-name (string-join val)))) + +(define (serialize-extra-options extra-options) + (string-join extra-options "\n" 'suffix)) + +(define-configuration ddclient-configuration + (ddclient + (package ddclient) + "The ddclient package.") + (daemon + (integer 300) + "The period after which ddclient will retry to check IP and domain name= .") + (syslog + (boolean #t) + "Use syslog for the output.") + (mail + (string "root") + "Mail to user.") + (mail-failure + (string "root") + "Mail failed update to user.") + (pid + (string "/var/run/ddclient/ddclient.pid") + "The ddclient PID file.") + (ssl + (boolean #t) + "Enable SSL support.") + (user + (string "ddclient") + "Specifies the user name or ID that is used when running ddclient +program.") + (group + (string "ddclient") + "Group of the user who will run the ddclient program.") + (secret-file + (string "/etc/ddclient/secrets.conf") + "Secret file which will be appended to ddclient.conf file.") + (extra-options + (list '()) + "Extra options will be appended to ddclient configuration file.")) + +(define (ddclient-account config) + "Return the user accounts and user groups for CONFIG." + (let ((ddclient-user (ddclient-configuration-user config)) + (ddclient-group (ddclient-configuration-group config))) + (list (user-group + (name ddclient-group) + (system? #t)) + (user-account + (name ddclient-user) + (system? #t) + (group ddclient-group) + (comment "ddclientd privilege separation user") + (home-directory (string-append "/var/run/" ddclient-user)))))) + +(define (ddclient-activation config) + "Return the activation GEXP for CONFIG." + (with-imported-modules '((guix build utils) + (ice-9 rdelim)) + #~(begin + (use-modules (guix build utils) + (ice-9 rdelim)) + (let ((ddclient-user + #$(passwd:uid (getpw (ddclient-configuration-user config)))) + (ddclient-group + #$(passwd:gid (getpw (ddclient-configuration-group config))= )) + (ddclient-secret-file + #$(ddclient-configuration-secret-file config))) + ;; 'ddclient' complains about ddclient.conf file permissions, wh= ich + ;; rules out /gnu/store. Thus we copy the ddclient.conf to /etc. + (for-each (lambda (dir) + (mkdir-p dir) + (chmod dir #o700) + (chown dir ddclient-user ddclient-group)) + '("/var/cache/ddclient" "/var/run/ddclient" + "/etc/ddclient")) + (with-output-to-file "/etc/ddclient/ddclient.conf" + (lambda () + (display + (string-append + "# Generated by 'ddclient-service'.\n\n" + #$(with-output-to-string + (lambda () + (serialize-configuration config + ddclient-configuration-fiel= ds))) + (if (string-null? ddclient-secret-file) + "" + (format #f "\n\n# Appended from '~a'.\n\n~a" + ddclient-secret-file + (with-input-from-file ddclient-secret-file + read-string))))))) + (chmod "/etc/ddclient/ddclient.conf" #o600) + (chown "/etc/ddclient/ddclient.conf" + ddclient-user ddclient-group))))) + +(define (ddclient-shepherd-service config) + "Return a for ddclient with CONFIG." + (let ((ddclient (ddclient-configuration-ddclient config)) + (ddclient-pid (ddclient-configuration-pid config)) + (ddclient-user (ddclient-configuration-user config)) + (ddclient-group (ddclient-configuration-group config))) + (list (shepherd-service + (provision '(ddclient)) + (documentation "Run ddclient daemon.") + (start #~(make-forkexec-constructor + (list #$(file-append ddclient "/bin/ddclient") + "-foreground" + "-file" "/etc/ddclient/ddclient.conf") + #:pid-file #$ddclient-pid + #:environment-variables + (list "SSL_CERT_DIR=3D/run/current-system/profile\ +/etc/ssl/certs" + "SSL_CERT_FILE=3D/run/current-system/profile\ +/etc/ssl/certs/ca-certificates.crt") + #:user #$ddclient-user + #:group #$ddclient-group)) + (stop #~(make-kill-destructor)))))) + +(define ddclient-service-type + (service-type + (name 'ddclient) + (extensions + (list (service-extension account-service-type + ddclient-account) + (service-extension shepherd-root-service-type + ddclient-shepherd-service) + (service-extension activation-service-type + ddclient-activation))) + (default-value (ddclient-configuration)) + (description "Configure address updating utility for dynamic DNS servic= es, +ddclient."))) + +(define (generate-ddclient-documentation) + (generate-documentation + `((ddclient-configuration ,ddclient-configuration-fields)) + 'ddclient-configuration)) =2D-=20 2.18.0 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEc+OyAXw1EaDPCmAPckbhHGm3lWkFAlth7YoACgkQckbhHGm3 lWkHmw//ccEedT1wvTUJfBnn0pMDvynGpsE4R6EWK605yYmbA3wSY0ffYxGH5FWJ KF6KwLCej+jpelOsTD1ZdVkRALasVMihJybcxcjoT1XJjBEjJZ+o2bTFIxwuMORg ouo7I0Ua9qNQ2+xQrvCzpkMswkHEX1O+UntXzosLHEyYPzw3NdyDOvwMWetPcZ7F RCC5RIf3oav0d7FRKPGiGGmKfPrvVwsA7pb7PJx39DFAou2CLBVRBbtPK1mp/DAV wykjqojIPUaIWJxpVjWQ799mTnjFzPAtnOOkmore9HdJ/w9E7abP55ryqYMNugJ6 CskFE/a7v4RhFxaqy8tQ4/s/pMpuGyfvEe/9/43/Maa9X2c/IoNg6poIPJm7LhxB bsCO8VlgxwjHIzA1Rsvu4D5e+osO2STGvw7vcv3obIiosD0t3Fihve7oF5rfFp54 hUSwBAZ+lh5n7m0r4sVEW/CUu/hNEai6+vjCpSiVLKAB1FlYi4GGkQE2/8iy9RU9 Fpy+O+uPNpDUAFMdfci2bHgYPMPMGZXdnMIsOiynaIwKcgC6DQ2feETKNwyXYQdC DKaP+eC5aK1V5Gg5E/8bw/CQXvc2zH0ol+695XjmfN41p7mHO//qgAZoo4Y+OoyY DPyb8VedoyRdcnjioRCjmw4fdlAUhnDPezZEeKan5eVZtMUdJ1s= =zbMP -----END PGP SIGNATURE----- --==-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Mon Aug 27 07:22:58 2018 Received: (at 32141) by debbugs.gnu.org; 27 Aug 2018 11:22:58 +0000 Received: from localhost ([127.0.0.1]:33611 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fuFbm-0006C3-Bl for submit@debbugs.gnu.org; Mon, 27 Aug 2018 07:22:58 -0400 Received: from eggs.gnu.org ([208.118.235.92]:50238) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fuFbk-0006Bp-17 for 32141@debbugs.gnu.org; Mon, 27 Aug 2018 07:22:56 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fuFbb-0000oX-Kx for 32141@debbugs.gnu.org; Mon, 27 Aug 2018 07:22:50 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:37394) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fuFbb-0000oO-Gj; Mon, 27 Aug 2018 07:22:47 -0400 Received: from [193.50.110.186] (port=41562 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1fuFbb-0000Pp-7s; Mon, 27 Aug 2018 07:22:47 -0400 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: Oleg Pykhalov Subject: Re: [bug#32141] [PATCH] services: Add ddclient service. References: <20180713145854.12250-1-go.wigust@gmail.com> <87lga7wokr.fsf@gnu.org> <87effrpynp.fsf@gmail.com> <87o9eu2xl1.fsf@gnu.org> <874lgengj9.fsf@gmail.com> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 10 Fructidor an 226 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Mon, 27 Aug 2018 13:22:45 +0200 In-Reply-To: <874lgengj9.fsf@gmail.com> (Oleg Pykhalov's message of "Wed, 01 Aug 2018 20:27:38 +0300") Message-ID: <87zhx8awai.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: 32141 Cc: 32141@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -6.0 (------) Hi Oleg, Sorry for the delay, I had forgotten about this patch. (Feel free to ping when that happens!) Oleg Pykhalov skribis: > I applied all your suggestions and updated the documentation. The patch > is attached below. I run a ddclient service from this patch currently. Neat. > ludo@gnu.org (Ludovic Court=C3=A8s) writes: [...] >> In short we must not manipulate secrets in anything that goes through >> the store. The only thing I can suggest is to leave it up to the >> user to create a file containing the secret in an out-of-band fashion; >> /etc is a good place for such things. >> >> For example, they could create /etc/ddclient-secrets and then we would >> somehow arrange to get that file read. >> >> To do that there are two possibilities that come to mind: >> >> 1. If the config file syntax has an =E2=80=9Cinclude=E2=80=9D directiv= e, just include >> /etc/ddclient-secrets unconditionally in the generated config file. >> >> 2. Write an activation snippet that concatenates the generated config >> file with /etc/ddclient-secrets and stores that as >> /etc/ddclient.conf (or something like that.) >> >> Thoughts? > > Could we use =E2=80=98/etc/ddclient=E2=80=99 directory for secrets file, = because > ddclient program use this directory by default? Sure. > From 3f47ae60ecb2e8780c451e93976b5c83135d8420 Mon Sep 17 00:00:00 2001 > From: Oleg Pykhalov > Date: Fri, 13 Jul 2018 11:49:13 +0300 > Subject: [PATCH] services: Add ddclient service. > > * gnu/services/dns.scm (ddclient-configuration, ddclient-service-type): N= ew > variables. > (uglify-field-name, serialize-field, serialize-boolean, serialize-integer, > serialize-string, serialize-list, serialize-extra-options, > ddclient-activation, ddclient-shepherd-service, > generate-ddclient-documentation): New procedures. > * doc/guix.texi (DNS Services): Document it. [...] > +By default, the @code{secret-file} in @code{ddclient-configuration} is > +pointing to @file{/etc/ddclient/secrets.conf} file, which will be append= ed to > +@file{/etc/ddclient/ddclient.conf} and should be created in advance. See > +samples inside @file{/share/ddclient} directory of @code{ddclient} packa= ge. I propose slightly different wording, to make it clear that users are expected to provide the secret file: The following example show instantiates the service with its default configuration: @example (service ddclient-service-type) @end example Note that ddclient needs to access credentials that are stored in a @dfn{secret file}, by default @file{/etc/ddclient/secrets} (see @code{secret-file} below.) You are expected to create this file manually, in an ``out-of-band'' fashion (you @emph{could} make this file part of the service configuration, for instance by using @code{plain-file}, but it will be world-readable @i{via} @file{/gnu/store}.) See the examples in the @file{share/ddclient} directory of the @code{ddclient} package. WDYT? > +@deftypevr {@code{ddclient-configuration} parameter} string secret-file > +Secret file which will be appended to ddclient.conf file. ^ @file{ddclient.conf} Maybe add: This file contains credentials for use by ddclient. You are expected to create it manually. > +Defaults to @samp{"/etc/ddclient/secrets.conf"}. OK with changes along these lines. Thank you! Ludo=E2=80=99. From debbugs-submit-bounces@debbugs.gnu.org Wed Aug 29 18:45:43 2018 Received: (at 32141-done) by debbugs.gnu.org; 29 Aug 2018 22:45:43 +0000 Received: from localhost ([127.0.0.1]:37607 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fv9Da-0001Ef-Rt for submit@debbugs.gnu.org; Wed, 29 Aug 2018 18:45:43 -0400 Received: from mail-lf1-f52.google.com ([209.85.167.52]:41781) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fv9DZ-0001ET-Mg for 32141-done@debbugs.gnu.org; Wed, 29 Aug 2018 18:45:42 -0400 Received: by mail-lf1-f52.google.com with SMTP id l26-v6so5610454lfc.8 for <32141-done@debbugs.gnu.org>; Wed, 29 Aug 2018 15:45:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=Nt62DCRJVBCNivz/+/enz6CKyXfTcJAPy0Uf/8+trlo=; b=j/YMIri2N3FOOfoKv/EHY31HjC2N0FYdmqH0FqPOyc5zHRqycmSGRd0SMskqgyhC3y 9BH0JdkAps6g+tzMFUT8RmLxcX89dIUm5ZP/cWmuWjRV3veNUUiSnzaIS9lV5um0lgWr npkiMg/ylVZ6b9RkdHRua5ViqCvgeb3mpaTGYpsFehN1Qe9ra9oD+MEo9fZQ9RCbbpYU GrR+wV5t8uTPRZ4HVTc/kqnpzJF8wf79ty1bpRu6xMp4UqyD8U1v83c/6+k7+CzEpQTo sv4fsGdmhiP2ZrEBNKguTOoyRyyPQFcS//JJvFrS2/s7b4/oj7lrkmSbl0d3jS7GDiTT O7vw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=Nt62DCRJVBCNivz/+/enz6CKyXfTcJAPy0Uf/8+trlo=; b=rjaf7awWfVLo7RyCwGkR26/kxiuhckBGH2mzGKx7IgKLMHx6rlcp4kqzNKjbnv9xU/ BTrOqwZCGkPSiw8jahKJyQI2FuapJ60VfxcqvbJ/RTAij/2NWbTpPBkgsyk8nqCYjqIh RDEqvv+aC/jzbiP2QvOn4lOkGmobdoyUMua9XwwzFVbl6jogNBVwBIh8DkmlKpvwnRkZ ivFr5YE0+eiP+kCWELLJPsQNjUgdhQP6xko9hJbG2+xyrawsKpA4YrXQiTggxxwGXR1w L+uOpOnAecxuX6kdxtEN29MHPDtCXWHVLCMd5bN/8DZ4mtuF+CU/iRsNO+/WfBwEy/2A +6hw== X-Gm-Message-State: APzg51D0tHN2p0ITv0cxk/BdQuyvaqGpiBcWMMrMSLzOnl8TUnQlSURt XKzY0t7q5B0QIFq1iB2HHOmaFALi X-Google-Smtp-Source: ANB0VdZpdYP/ep9gKfsSWAY8cT+yACMhfTxNfaLV5SUI4RGbYQ3vfeqLSNvI+jdJXcMmls5GLOrCxQ== X-Received: by 2002:a19:a2c1:: with SMTP id l184-v6mr2405385lfe.129.1535582735343; Wed, 29 Aug 2018 15:45:35 -0700 (PDT) Received: from magnolia ([178.71.248.72]) by smtp.gmail.com with ESMTPSA id z5-v6sm963061lfg.75.2018.08.29.15.45.34 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 29 Aug 2018 15:45:34 -0700 (PDT) From: Oleg Pykhalov To: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Subject: Re: [bug#32141] [PATCH] services: Add ddclient service. References: <20180713145854.12250-1-go.wigust@gmail.com> <87lga7wokr.fsf@gnu.org> <87effrpynp.fsf@gmail.com> <87o9eu2xl1.fsf@gnu.org> <874lgengj9.fsf@gmail.com> <87zhx8awai.fsf@gnu.org> Date: Thu, 30 Aug 2018 01:45:27 +0300 In-Reply-To: <87zhx8awai.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Mon, 27 Aug 2018 13:22:45 +0200") Message-ID: <878t4oeqrc.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 32141-done Cc: 32141-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Ludovic, ludo@gnu.org (Ludovic Court=C3=A8s) writes: > Sorry for the delay, I had forgotten about this patch. (Feel free to > ping when that happens!) No problem. OK. Feel free the same and thank you for pinging me. > Oleg Pykhalov skribis: [=E2=80=A6] >> +By default, the @code{secret-file} in @code{ddclient-configuration} is >> +pointing to @file{/etc/ddclient/secrets.conf} file, which will be appen= ded to >> +@file{/etc/ddclient/ddclient.conf} and should be created in advance. S= ee >> +samples inside @file{/share/ddclient} directory of @code{ddclient} pack= age. > > I propose slightly different wording, to make it clear that users are > expected to provide the secret file: > > The following example show instantiates the service with its default > configuration: > > @example > (service ddclient-service-type) > @end example > > Note that ddclient needs to access credentials that are stored in a > @dfn{secret file}, by default @file{/etc/ddclient/secrets} (see > @code{secret-file} below.) You are expected to create this file > manually, in an ``out-of-band'' fashion (you @emph{could} make this > file part of the service configuration, for instance by using > @code{plain-file}, but it will be world-readable @i{via} > @file{/gnu/store}.) See the examples in the @file{share/ddclient} > directory of the @code{ddclient} package. > > WDYT? It looks more clear. I will apply this, thanks. >> +@deftypevr {@code{ddclient-configuration} parameter} string secret-file >> +Secret file which will be appended to ddclient.conf file. > ^ > @file{ddclient.conf} > > Maybe add: > > This file contains credentials for use by ddclient. You are expected > to create it manually. > >> +Defaults to @samp{"/etc/ddclient/secrets.conf"}. Applied. > OK with changes along these lines. Pushed as 8490a8346b5c8207f5798be55bea1de865b0bd42 Thanks, Oleg. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEc+OyAXw1EaDPCmAPckbhHGm3lWkFAluHIgcACgkQckbhHGm3 lWnr3g//ePLrI8+BUd2KZaBAYPnNMxXU0z75uPm6Hh6gQBX96ljxlATkGVCU9UfD U+IuIMsWP8XsVgrj0qmW+MfYK6F7NWI/ZrkzsaGftin+i+h1zKOahdHbds/Je3XS 9mWGX8ndYJU6y3+eC9KX7hicZ7jkLpM11IkPC1zSMsQhxBSzOyqSG4kiAz3ij3OW C2W1F6W1FaltrXcKKih4kl2DelTCGBh0KTUHJ4k3QKs4m6uCvRPV9xS2H25Je6Xd AjE1lzjSz3imWeJQ+8A6TVhVb/ofUk3WaL3h85JbBuxzuhWdjTw7S6l/BlgxzKw5 4I+DmnQG4CIZrjf+cpzFEaZIpk9evB2n0EWZDTYvuIiUuLKm1b7hxC1e2VI1+LSL Uv3pQrvtTr5HMD7zSCAj0HOElAfw+eTMNCddZv/NuNn1etmobSXSJly4VHnXNirs YJtUuO3TorhGAyPfimMT5b1Vf0bR23bWtxdcWAe4lRii8709Cfywmde55tKjPjio sMUhduGbkQCIneScN/ijTZ2Q00b4/36Pt4rRwKFaconP9XDeAousYnvOywfwFX4L VZ3P1SN25kWE0+PY7AqxYxrIQoHNBX0/ceJEvzSavvFn4UU26ti08lMfExvJLVTj Wj1YQtO8qVrdkzb1W654q0Ow4PrVy57PxUUT5iuPgZZoOK8CAu4= =PI5A -----END PGP SIGNATURE----- --=-=-=-- From unknown Mon Jun 23 22:06:43 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Thu, 27 Sep 2018 11:24:05 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator