GNU bug report logs - #35329
[PATCH] gnu: knot-service: Add includes field in configuration.

Previous Next

Package: guix-patches;

Reported by: Julien Lepiller <julien <at> lepiller.eu>

Date: Fri, 19 Apr 2019 21:28:01 UTC

Severity: normal

Tags: patch

Done: Julien Lepiller <julien <at> lepiller.eu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Julien Lepiller <julien <at> lepiller.eu>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#35329: closed ([PATCH] gnu: knot-service: Add includes field
 in configuration.)
Date: Thu, 25 Apr 2019 19:47:01 +0000

[Message part 1 (text/plain, inline)]
Your message dated Thu, 25 Apr 2019 21:46:08 +0200
with message-id <20190425214608.774e13ae <at> sybil.lepiller.eu>
and subject line Re: [bug#35329] [PATCH] gnu: knot-service: Add includes field in configuration.
has caused the debbugs.gnu.org bug report #35329,
regarding [PATCH] gnu: knot-service: Add includes field in configuration.
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
35329: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=35329
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Julien Lepiller <julien <at> lepiller.eu>
To: guix-patches <at> gnu.org
Subject: [PATCH] gnu: knot-service: Add includes field in configuration.
Date: Fri, 19 Apr 2019 23:22:55 +0200

* gnu/services/dns.scm (knot-configuration): Add includes field.
(verify-knot-configuration): Check includes content.
(knot-config-file): Serialize includes.
* doc/guix.texi (DNS Services): Document it.
---
 doc/guix.texi        | 7 +++++++
 gnu/services/dns.scm | 8 ++++++++
 2 files changed, 15 insertions(+)

diff --git a/doc/guix.texi b/doc/guix.texi
index 8c7522f286..d61fd1c7a9 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -19814,6 +19814,13 @@ The Knot package.
 @item @code{run-directory} (default: @code{"/var/run/knot"})
 The run directory.  This directory will be used for pid file and sockets.
 
+@item @code{includes} (default: @code{'()})
+A list of strings or file-like objects denoting other files that must be
+included at the top of the configuration file.  This is especially useful
+for including key configuration from outside the store, since keys should
+not be readable by every user.  It can also be used to add configuration
+not supported by this interface.
+
 @item @code{listen-v4} (default: @code{"0.0.0.0"})
 An ip address on which to listen.
 
diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm
index 1ef754b360..445e03570a 100644
--- a/gnu/services/dns.scm
+++ b/gnu/services/dns.scm
@@ -207,6 +207,8 @@
                  (default knot))
   (run-directory knot-configuration-run-directory
                  (default "/var/run/knot"))
+  (includes      knot-configuration-includes
+                 (default '()))
   (listen-v4     knot-configuration-listen-v4
                  (default "0.0.0.0"))
   (listen-v6     knot-configuration-listen-v6
@@ -296,6 +298,8 @@
     (error-out "knot configuration field must be a package."))
   (unless (string? (knot-configuration-run-directory config))
     (error-out "run-directory must be a string."))
+  (unless (list? (knot-configuration-includes config))
+    (error-out "includes must be a list of strings or file-like objects."))
   (unless (list? (knot-configuration-keys config))
     (error-out "keys must be a list of knot-key-configuration."))
   (for-each (lambda (key) (verify-knot-key-configuration key))
@@ -529,6 +533,10 @@
     #~(begin
         (call-with-output-file #$output
           (lambda (port)
+            (if (knot-configuration-includes config)
+              (for-each (lambda (inc)
+                          (format port "include: ~a\n" inc))
+                (knot-configuration-includes config)))
             (format port "server:\n")
             (format port "    rundir: ~a\n" #$(knot-configuration-run-directory config))
             (format port "    user: knot\n")
-- 
2.21.0




[Message part 3 (message/rfc822, inline)]
From: Julien Lepiller <julien <at> lepiller.eu>
To: 35329-done <at> debbugs.gnu.org
Subject: Re: [bug#35329] [PATCH] gnu: knot-service: Add includes field in
 configuration.
Date: Thu, 25 Apr 2019 21:46:08 +0200

Le Wed, 24 Apr 2019 14:34:15 +0200,
Ludovic Courtès <ludo <at> gnu.org> a écrit :

> Julien Lepiller <julien <at> lepiller.eu> skribis:
> 
> > * gnu/services/dns.scm (knot-configuration): Add includes field.
> > (verify-knot-configuration): Check includes content.
> > (knot-config-file): Serialize includes.
> > * doc/guix.texi (DNS Services): Document it.  
> 
> [...]
> 
> > +@item @code{includes} (default: @code{'()})
> > +A list of strings or file-like objects denoting other files that
> > must be +included at the top of the configuration file.  This is
> > especially useful  
>                                                  ^
> I’d make a new paragraph here.
> 
> > +for including key configuration from outside the store, since keys
> > should +not be readable by every user.  It can also be used to add
> > configuration +not supported by this interface.  
> 
> What about:
> 
>   @cindex secrets, Knot service
>   This can be used to manage secrets out-of-band.  For example, secret
>   keys may be stored in an out-of-band file not managed by Guix, and
>   thus not visible in @file{/gnu/store}---e.g., you could store secret
>   key configuration in @file{/etc/knot/secrets.conf} and add this file
>   to the @code{includes} list.
> 
>   It can also be used […]
> 
> LGTM!
> 
> Thanks,
> LUdo’.

Push as 92eb600f8a94afa36142f8f145efaa485b632433, thanks!
This bug report was last modified 6 years and 24 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.