Package: guix-patches;
Reported by: pinoaffe <pinoaffe <at> airmail.cc>
Date: Sat, 2 May 2020 09:21:02 UTC
Severity: normal
Tags: patch
Done: Oleg Pykhalov <go.wigust <at> gmail.com>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 41018 in the body.
You can then email your comments to 41018 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
guix-patches <at> gnu.org:bug#41018; Package guix-patches.
(Sat, 02 May 2020 09:21:02 GMT) Full text and rfc822 format available.pinoaffe <pinoaffe <at> airmail.cc>:guix-patches <at> gnu.org.
(Sat, 02 May 2020 09:21:02 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: pinoaffe <pinoaffe <at> airmail.cc> To: guix-patches <at> gnu.org Subject: [PATCH] gnu: Add AutoSSH service. Date: Sat, 2 May 2020 11:19:46 +0200
* doc/guix.texi: Add documentation.
* gnu/services/ssh.scm (<autossh-configuration>): New record type.
(mpd-service-type): New service type.
---
doc/guix.texi | 75 +++++++++++++++++++++++++++++
gnu/services/ssh.scm | 109 ++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 183 insertions(+), 1 deletion(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index c571010bc8..f88859c584 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -78,6 +78,7 @@ Copyright @copyright{} 2020 Jack Hill@*
Copyright @copyright{} 2020 Naga Malleswari@*
Copyright @copyright{} 2020 Brice Waegeneire@*
Copyright @copyright{} 2020 R Veera Kumar@*
+Copyright @copyright{} 2020 pinoaffe@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -14378,6 +14379,80 @@ Whether to enable password-based authentication.
@end table
@end deftp
+@deffn {Scheme Procedure} autossh-service [@var{config}]
+Run the AutoSSH service with the given @var{config},
+a @code{<autossh-configuration>} object.
+
+AutoSSH is a program that runs a copy of @code{ssh} and monitors it,
+restarting it as necessary should it die or stop passing traffic.
+AutoSSH can be run manually from the commandline by passing arguments
+to the binary @code{autossh} from the package @code{autossh},
+but it can also be run as a guix service. This latter usecase is documented here.
+
+AutoSSH can be used to forward local traffic to a remote machine using an SSH tunnel,
+and it respects the @file{~/.ssh/config} of the user it is run as.
+
+For example, to specify a service running autossh as the user @code{pino}
+and forwarding all local connections to port @code{8081} to @code{remote:8081}
+using an SSH tunnel, add this call to the operating system's @code{services} field:
+
+@lisp
+(autossh (autossh-configuration
+ (user "pino")
+ (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
+@end lisp
+@end deffn
+
+@deftp {Data Type} autossh-configuration
+This data type represents the configuration of an AutoSSH service.
+
+@table @asis
+
+@item @code{user} (default @code{"autossh"})
+The user as which the AutoSSH service is to be run.
+This assumes that the specified user exists.
+
+@item @code{poll} (default @code{600})
+Specifies the connection poll time in seconds.
+
+@item @code{first-poll} (default @code{#f})
+Specifies how long autossh waits before the first connection test in seconds.
+After this first test, polling is resumed at the pace defined in @code{poll}.
+When set to @code{#f}, the first poll is not treated specially and
+will also use the connection poll specified in @code{poll}
+
+@item @code{gate-time} (default @code{30})
+Specifies (in seconds) how long an SSH connection must be active
+before it is considered successful.
+
+@item @code{log-level} (default @code{1})
+The log level, corresponding to the levels used by syslog
+(so @code{0} is the most silent while @code{7} is the chattiest.)
+
+@item @code{max-start} (default @code{#f})
+The maximum number of times SSH may be (re)started before AutoSSH exits.
+When set to @code{#f}, no maximum is configured and AutoSSH may restart indefinitely.
+
+@item @code{message} (default @code{""})
+The message to append to the echo message sent when testing connections.
+
+@item @code{port} (default @code{"0"})
+The ports used for monitoring the connection. When set to @code{"0"},
+monitoring is disabled. When set to @code{"n"} where @code{n} is a positive integer,
+ports @code{n} and @code{n+1} are used for monitoring the connection, such that
+port @code{n} is the base monitoring port and @code{n+1} is the echo port.
+When set to @code{"n:m"} where @code{n} and @code{m} are positive integers,
+the ports @code{n} and @code{n+1} are used for monitoring the connection, such
+that port @code{n} is the base monitoring port and @code{m} is the echo port.
+
+@item @code{ssh-options} (default @code{'()})
+The list of commandline arguments to pass to ssh when it is run.
+Options @code{-f} and @code{-M ....} are reserved for AutoSSH
+and may cause undefined behaviour.
+
+@end table
+@end deftp
+
@defvr {Scheme Variable} %facebook-host-aliases
This variable contains a string for use in @file{/etc/hosts}
(@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index d2dbb8f80d..ec0150b3a2 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2016 Julien Lepiller <julien <at> lepiller.eu>
;;; Copyright © 2017 Clément Lassieur <clement <at> lassieur.org>
;;; Copyright © 2019 Ricardo Wurmus <rekado <at> elephly.net>
+;;; Copyright © 2020 pinoaffe <pinoaffe <at> airmail.cc>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -45,7 +46,12 @@
dropbear-configuration
dropbear-configuration?
dropbear-service-type
- dropbear-service))
+ dropbear-service
+
+ autossh-configuration
+ autossh-configuration?
+ autossh-service-type
+ autossh-service))
;;; Commentary:
;;;
@@ -628,4 +634,105 @@ daemon} with the given @var{config}, a @code{<dropbear-configuration>}
object."
(service dropbear-service-type config))
+
+;;;
+;;; AutoSSH.
+;;;
+
+
+(define-record-type* <autossh-configuration>
+ autossh-configuration make-autossh-configuration
+ autossh-configuration?
+ (user autossh-configuration-user
+ (default "autossh"))
+ (poll autossh-configuration-poll
+ (default 600))
+ (first-poll autossh-configuration-first-poll
+ (default #f))
+ (gate-time autossh-configuration-gate-time
+ (default 30))
+ (log-level autossh-configuration-log-level
+ (default 1))
+ (max-start autossh-configuration-max-start
+ (default #f))
+ (message autossh-configuration-message
+ (default ""))
+ (port autossh-configuration-port
+ (default "0"))
+ (ssh-options autossh-configuration-ssh-options
+ (default '())))
+
+(define (autossh-file-name config file)
+ "Return a path in /var/run/autossh/ that is writable
+ by @code{user} from @code{config}."
+ (string-append "/var/run/autossh/"
+ (autossh-configuration-user config)
+ "/" file))
+
+(define (autossh-shepherd-service config)
+ (shepherd-service
+ (documentation "Automatically set up ssh connections (and keep them alive).")
+ (provision '(autossh))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append autossh "/bin/autossh")
+ #$@(autossh-configuration-ssh-options config))
+ #:user #$(autossh-configuration-user config)
+ #:group (passwd:gid (getpw #$(autossh-configuration-user config)))
+ #:pid-file #$(autossh-file-name config "pid")
+ #:log-file #$(autossh-file-name config "log")
+ #:environment-variables
+ '(#$(string-append "AUTOSSH_PIDFILE="
+ (autossh-file-name config "pid"))
+ #$(string-append "AUTOSSH_LOGFILE="
+ (autossh-file-name config "log"))
+ #$(string-append "AUTOSSH_POLL="
+ (number->string
+ (autossh-configuration-poll config)))
+ #$(string-append "AUTOSSH_FIRST_POLL="
+ (number->string
+ (or
+ (autossh-configuration-first-poll config)
+ (autossh-configuration-poll config))))
+ #$(string-append "AUTOSSH_GATETIME="
+ (number->string
+ (autossh-configuration-gate-time config)))
+ #$(string-append "AUTOSSH_LOGLEVEL="
+ (number->string
+ (autossh-configuration-log-level config)))
+ #$(string-append "AUTOSSH_MAXSTART="
+ (number->string
+ (or (autossh-configuration-max-start config)
+ -1)))
+ #$(string-append "AUTOSSH_MESSAGE="
+ (autossh-configuration-message config))
+ #$(string-append "AUTOSSH_PORT="
+ (autossh-configuration-port config)))))
+ (stop #~(make-kill-destructor))))
+
+(define (autossh-service-activation config)
+ (with-imported-modules '((guix build utils))
+ #~(begin
+ (use-modules (guix build utils))
+ (define %user
+ (getpw #$(autossh-configuration-user config)))
+ (let ((directory #$(autossh-file-name config "")))
+ (mkdir-p directory)
+ (chown directory (passwd:uid %user) (passwd:gid %user))))))
+
+(define autossh-service-type
+ (service-type
+ (name 'autossh)
+ (description "Automatically set up ssh connections (and keep them alive).")
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ (compose list autossh-shepherd-service))
+ (service-extension activation-service-type
+ autossh-service-activation)))
+ (default-value (autossh-configuration))))
+
+(define* (autossh-service #:optional (config (autossh-configuration)))
+ "Run autossh with the given @var{config}, a @code{<autossh-configuration>}
+object."
+ (service autossh-service-type config))
+
;;; ssh.scm ends here
--
2.26.2
guix-patches <at> gnu.org:bug#41018; Package guix-patches.
(Sat, 02 May 2020 13:49:03 GMT) Full text and rfc822 format available.Message #8 received at 41018 <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: pinoaffe <pinoaffe <at> airmail.cc> Cc: 41018 <at> debbugs.gnu.org Subject: Re: [bug#41018] [PATCH] gnu: Add AutoSSH service. Date: Sat, 02 May 2020 16:47:38 +0300
[Message part 1 (text/plain, inline)]
Hi,
Thank you for the patch!
pinoaffe <pinoaffe <at> airmail.cc> writes:
> * doc/guix.texi: Add documentation.
> * gnu/services/ssh.scm (<autossh-configuration>): New record type.
> (mpd-service-type): New service type.
> ---
> doc/guix.texi | 75 +++++++++++++++++++++++++++++
> gnu/services/ssh.scm | 109 ++++++++++++++++++++++++++++++++++++++++++-
> 2 files changed, 183 insertions(+), 1 deletion(-)
>
> diff --git a/doc/guix.texi b/doc/guix.texi
> index c571010bc8..f88859c584 100644
> --- a/doc/guix.texi
> +++ b/doc/guix.texi
[…]
> +@lisp
> +(autossh (autossh-configuration
> + (user "pino")
> + (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
> +@end lisp
> +@end deffn
--8<---------------cut here---------------start------------->8---
(service autossh-service-type
(autossh-configuration
(user "pino")
(ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
--8<---------------cut here---------------end--------------->8---
[…]
> diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
> index d2dbb8f80d..ec0150b3a2 100644
> --- a/gnu/services/ssh.scm
> +++ b/gnu/services/ssh.scm
[…]
> +(define (autossh-service-activation config)
> + (with-imported-modules '((guix build utils))
> + #~(begin
> + (use-modules (guix build utils))
> + (define %user
> + (getpw #$(autossh-configuration-user config)))
> + (let ((directory #$(autossh-file-name config "")))
> + (mkdir-p directory)
> + (chown directory (passwd:uid %user) (passwd:gid %user))))))
I cannot start the service in a testing vm because of log file is owner
by root. The following fixes this.
[Message part 2 (text/x-patch, inline)]
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index ec0150b3a2..c111437b1a 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -715,9 +715,12 @@ object."
(use-modules (guix build utils))
(define %user
(getpw #$(autossh-configuration-user config)))
- (let ((directory #$(autossh-file-name config "")))
+ (let* ((directory #$(autossh-file-name config ""))
+ (log (string-append directory "/log")))
(mkdir-p directory)
- (chown directory (passwd:uid %user) (passwd:gid %user))))))
+ (chown directory (passwd:uid %user) (passwd:gid %user))
+ (call-with-output-file log (const #t))
+ (chown log (passwd:uid %user) (passwd:gid %user))))))
(define autossh-service-type
(service-type
[Message part 3 (text/plain, inline)]
Also, why don't you put the log in /var/log directory? Oleg.
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#41018; Package guix-patches.
(Sun, 03 May 2020 15:14:01 GMT) Full text and rfc822 format available.Message #11 received at 41018 <at> debbugs.gnu.org (full text, mbox):
From: pinoaffe <pinoaffe <at> airmail.cc> To: go.wigust <at> gmail.com Cc: 41018 <at> debbugs.gnu.org Subject: Re: [bug#41018] [PATCH] gnu: Add AutoSSH service. Date: Sun, 3 May 2020 17:13:24 +0200
> I cannot start the service in a testing vm because of log file is > owner by root. The following fixes this. Thanks, I'll submit a modified patch > Also, why don't you put the log in /var/log directory? No particular reason, I simply replicated behavior I saw in some other services. Should I change this?
guix-patches <at> gnu.org:bug#41018; Package guix-patches.
(Sun, 03 May 2020 15:53:01 GMT) Full text and rfc822 format available.Message #14 received at 41018 <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: pinoaffe <pinoaffe <at> airmail.cc> Cc: 41018 <at> debbugs.gnu.org Subject: Re: [bug#41018] [PATCH] gnu: Add AutoSSH service. Date: Sun, 03 May 2020 18:52:36 +0300
[Message part 1 (text/plain, inline)]
pinoaffe <pinoaffe <at> airmail.cc> writes: >> I cannot start the service in a testing vm because of log file is >> owner by root. The following fixes this. > Thanks, I'll submit a modified patch OK, then I could push it to master. >> Also, why don't you put the log in /var/log directory? > No particular reason, I simply replicated behavior I saw in some other > services. Should I change this? Depending on how much those logs are useful. I don't know. I'm OK with either /var/run or /var/log, but /var/run will be removed after reboot.
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#41018; Package guix-patches.
(Mon, 04 May 2020 15:57:02 GMT) Full text and rfc822 format available.Message #17 received at 41018 <at> debbugs.gnu.org (full text, mbox):
From: pinoaffe <pinoaffe <at> airmail.cc> To: 41018 <at> debbugs.gnu.org Subject: [PATCH v2] gnu: Add AutoSSH service. Date: Mon, 4 May 2020 17:56:16 +0200
* doc/guix.texi: Add documentation.
* gnu/services/ssh.scm (<autossh-configuration>): New record type.
(mpd-service-type): New service type.
---
doc/guix.texi | 75 +++++++++++++++++++++++++++++
gnu/services/ssh.scm | 112 ++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 186 insertions(+), 1 deletion(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index c571010bc8..f88859c584 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -78,6 +78,7 @@ Copyright @copyright{} 2020 Jack Hill@*
Copyright @copyright{} 2020 Naga Malleswari@*
Copyright @copyright{} 2020 Brice Waegeneire@*
Copyright @copyright{} 2020 R Veera Kumar@*
+Copyright @copyright{} 2020 pinoaffe@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -14378,6 +14379,80 @@ Whether to enable password-based authentication.
@end table
@end deftp
+@deffn {Scheme Procedure} autossh-service [@var{config}]
+Run the AutoSSH service with the given @var{config},
+a @code{<autossh-configuration>} object.
+
+AutoSSH is a program that runs a copy of @code{ssh} and monitors it,
+restarting it as necessary should it die or stop passing traffic.
+AutoSSH can be run manually from the commandline by passing arguments
+to the binary @code{autossh} from the package @code{autossh},
+but it can also be run as a guix service. This latter usecase is documented here.
+
+AutoSSH can be used to forward local traffic to a remote machine using an SSH tunnel,
+and it respects the @file{~/.ssh/config} of the user it is run as.
+
+For example, to specify a service running autossh as the user @code{pino}
+and forwarding all local connections to port @code{8081} to @code{remote:8081}
+using an SSH tunnel, add this call to the operating system's @code{services} field:
+
+@lisp
+(autossh (autossh-configuration
+ (user "pino")
+ (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
+@end lisp
+@end deffn
+
+@deftp {Data Type} autossh-configuration
+This data type represents the configuration of an AutoSSH service.
+
+@table @asis
+
+@item @code{user} (default @code{"autossh"})
+The user as which the AutoSSH service is to be run.
+This assumes that the specified user exists.
+
+@item @code{poll} (default @code{600})
+Specifies the connection poll time in seconds.
+
+@item @code{first-poll} (default @code{#f})
+Specifies how long autossh waits before the first connection test in seconds.
+After this first test, polling is resumed at the pace defined in @code{poll}.
+When set to @code{#f}, the first poll is not treated specially and
+will also use the connection poll specified in @code{poll}
+
+@item @code{gate-time} (default @code{30})
+Specifies (in seconds) how long an SSH connection must be active
+before it is considered successful.
+
+@item @code{log-level} (default @code{1})
+The log level, corresponding to the levels used by syslog
+(so @code{0} is the most silent while @code{7} is the chattiest.)
+
+@item @code{max-start} (default @code{#f})
+The maximum number of times SSH may be (re)started before AutoSSH exits.
+When set to @code{#f}, no maximum is configured and AutoSSH may restart indefinitely.
+
+@item @code{message} (default @code{""})
+The message to append to the echo message sent when testing connections.
+
+@item @code{port} (default @code{"0"})
+The ports used for monitoring the connection. When set to @code{"0"},
+monitoring is disabled. When set to @code{"n"} where @code{n} is a positive integer,
+ports @code{n} and @code{n+1} are used for monitoring the connection, such that
+port @code{n} is the base monitoring port and @code{n+1} is the echo port.
+When set to @code{"n:m"} where @code{n} and @code{m} are positive integers,
+the ports @code{n} and @code{n+1} are used for monitoring the connection, such
+that port @code{n} is the base monitoring port and @code{m} is the echo port.
+
+@item @code{ssh-options} (default @code{'()})
+The list of commandline arguments to pass to ssh when it is run.
+Options @code{-f} and @code{-M ....} are reserved for AutoSSH
+and may cause undefined behaviour.
+
+@end table
+@end deftp
+
@defvr {Scheme Variable} %facebook-host-aliases
This variable contains a string for use in @file{/etc/hosts}
(@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index d2dbb8f80d..c111437b1a 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2016 Julien Lepiller <julien <at> lepiller.eu>
;;; Copyright © 2017 Clément Lassieur <clement <at> lassieur.org>
;;; Copyright © 2019 Ricardo Wurmus <rekado <at> elephly.net>
+;;; Copyright © 2020 pinoaffe <pinoaffe <at> airmail.cc>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -45,7 +46,12 @@
dropbear-configuration
dropbear-configuration?
dropbear-service-type
- dropbear-service))
+ dropbear-service
+
+ autossh-configuration
+ autossh-configuration?
+ autossh-service-type
+ autossh-service))
;;; Commentary:
;;;
@@ -628,4 +634,108 @@ daemon} with the given @var{
guix-patches <at> gnu.org:bug#41018; Package guix-patches.
(Mon, 04 May 2020 22:54:02 GMT) Full text and rfc822 format available.Message #20 received at 41018 <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: pinoaffe <pinoaffe <at> airmail.cc> Cc: 41018 <at> debbugs.gnu.org Subject: Re: [bug#41018] [PATCH v2] gnu: Add AutoSSH service. Date: Tue, 05 May 2020 01:49:11 +0300
[Message part 1 (text/plain, inline)]
pinoaffe <pinoaffe <at> airmail.cc> writes:
> * doc/guix.texi: Add documentation.
> * gnu/services/ssh.scm (<autossh-configuration>): New record type.
> (mpd-service-type): New service type.
> ---
> doc/guix.texi | 75 +++++++++++++++++++++++++++++
> gnu/services/ssh.scm | 112 ++++++++++++++++++++++++++++++++++++++++++-
> 2 files changed, 186 insertions(+), 1 deletion(-)
[…]
> ;;; Commentary:
> ;;;
> @@ -628,4 +634,108 @@ daemon} with the given @var{
The patch is truncated on the hunk above. Could you resend it, please?
Also not related, just for to notice you. I receive delivery errors
from Gmail to your email address:
--8<---------------cut here---------------start------------->8---
** Delivery incomplete **
There was a temporary problem delivering your message to
pinoaffe <at> airmail.cc. Gmail will retry for 47 more hours. You'll be
notified if the delivery fails permanently.
The response from the remote server was:
454 4.7.0 TLS not available due to local problem
Reporting-MTA: dns; googlemail.com
Received-From-MTA: dns; go.wigust <at> gmail.com
Arrival-Date: Sun, 03 May 2020 08:52:44 -0700 (PDT)
X-Original-Message-ID: <871ro1kocb.fsf <at> gmail.com>
Final-Recipient: rfc822; pinoaffe <at> airmail.cc
Action: delayed
Status: 4.7.0
Remote-MTA: dns; mx1.cock.li. (37.120.193.125, the server for the domain airmail.cc.)
Diagnostic-Code: smtp; 454 4.7.0 TLS not available due to local problem
Last-Attempt-Date: Mon, 04 May 2020 09:44:16 -0700 (PDT)
Will-Retry-Until: Wed, 06 May 2020 08:52:44 -0700 (PDT)
--8<---------------cut here---------------end--------------->8---
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#41018; Package guix-patches.
(Tue, 05 May 2020 07:32:02 GMT) Full text and rfc822 format available.Message #23 received at 41018 <at> debbugs.gnu.org (full text, mbox):
From: pinoaffe <pinoaffe <at> airmail.cc> To: 41018 <at> debbugs.gnu.org Subject: [PATCH v2 try 2] gnu: Add AutoSSH service. Date: Tue, 5 May 2020 09:31:11 +0200
* doc/guix.texi: Add documentation.
* gnu/services/ssh.scm (<autossh-configuration>): New record type.
(mpd-service-type): New service type.
---
doc/guix.texi | 75 +++++++++++++++++++++++++++++
gnu/services/ssh.scm | 112 ++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 186 insertions(+), 1 deletion(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index c571010bc8..f88859c584 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -78,6 +78,7 @@ Copyright @copyright{} 2020 Jack Hill@*
Copyright @copyright{} 2020 Naga Malleswari@*
Copyright @copyright{} 2020 Brice Waegeneire@*
Copyright @copyright{} 2020 R Veera Kumar@*
+Copyright @copyright{} 2020 pinoaffe@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -14378,6 +14379,80 @@ Whether to enable password-based authentication.
@end table
@end deftp
+@deffn {Scheme Procedure} autossh-service [@var{config}]
+Run the AutoSSH service with the given @var{config},
+a @code{<autossh-configuration>} object.
+
+AutoSSH is a program that runs a copy of @code{ssh} and monitors it,
+restarting it as necessary should it die or stop passing traffic.
+AutoSSH can be run manually from the commandline by passing arguments
+to the binary @code{autossh} from the package @code{autossh},
+but it can also be run as a guix service. This latter usecase is documented here.
+
+AutoSSH can be used to forward local traffic to a remote machine using an SSH tunnel,
+and it respects the @file{~/.ssh/config} of the user it is run as.
+
+For example, to specify a service running autossh as the user @code{pino}
+and forwarding all local connections to port @code{8081} to @code{remote:8081}
+using an SSH tunnel, add this call to the operating system's @code{services} field:
+
+@lisp
+(autossh (autossh-configuration
+ (user "pino")
+ (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
+@end lisp
+@end deffn
+
+@deftp {Data Type} autossh-configuration
+This data type represents the configuration of an AutoSSH service.
+
+@table @asis
+
+@item @code{user} (default @code{"autossh"})
+The user as which the AutoSSH service is to be run.
+This assumes that the specified user exists.
+
+@item @code{poll} (default @code{600})
+Specifies the connection poll time in seconds.
+
+@item @code{first-poll} (default @code{#f})
+Specifies how long autossh waits before the first connection test in seconds.
+After this first test, polling is resumed at the pace defined in @code{poll}.
+When set to @code{#f}, the first poll is not treated specially and
+will also use the connection poll specified in @code{poll}
+
+@item @code{gate-time} (default @code{30})
+Specifies (in seconds) how long an SSH connection must be active
+before it is considered successful.
+
+@item @code{log-level} (default @code{1})
+The log level, corresponding to the levels used by syslog
+(so @code{0} is the most silent while @code{7} is the chattiest.)
+
+@item @code{max-start} (default @code{#f})
+The maximum number of times SSH may be (re)started before AutoSSH exits.
+When set to @code{#f}, no maximum is configured and AutoSSH may restart indefinitely.
+
+@item @code{message} (default @code{""})
+The message to append to the echo message sent when testing connections.
+
+@item @code{port} (default @code{"0"})
+The ports used for monitoring the connection. When set to @code{"0"},
+monitoring is disabled. When set to @code{"n"} where @code{n} is a positive integer,
+ports @code{n} and @code{n+1} are used for monitoring the connection, such that
+port @code{n} is the base monitoring port and @code{n+1} is the echo port.
+When set to @code{"n:m"} where @code{n} and @code{m} are positive integers,
+the ports @code{n} and @code{n+1} are used for monitoring the connection, such
+that port @code{n} is the base monitoring port and @code{m} is the echo port.
+
+@item @code{ssh-options} (default @code{'()})
+The list of commandline arguments to pass to ssh when it is run.
+Options @code{-f} and @code{-M ....} are reserved for AutoSSH
+and may cause undefined behaviour.
+
+@end table
+@end deftp
+
@defvr {Scheme Variable} %facebook-host-aliases
This variable contains a string for use in @file{/etc/hosts}
(@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index d2dbb8f80d..c111437b1a 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2016 Julien Lepiller <julien <at> lepiller.eu>
;;; Copyright © 2017 Clément Lassieur <clement <at> lassieur.org>
;;; Copyright © 2019 Ricardo Wurmus <rekado <at> elephly.net>
+;;; Copyright © 2020 pinoaffe <pinoaffe <at> airmail.cc>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -45,7 +46,12 @@
dropbear-configuration
dropbear-configuration?
dropbear-service-type
- dropbear-service))
+ dropbear-service
+
+ autossh-configuration
+ autossh-configuration?
+ autossh-service-type
+ autossh-service))
;;; Commentary:
;;;
@@ -628,4 +634,108 @@ daemon} with the given @var{config}, a @code{<dropbear-configuration>}
object."
(service dropbear-service-type config))
+
+;;;
+;;; AutoSSH.
+;;;
+
+
+(define-record-type* <autossh-configuration>
+ autossh-configuration make-autossh-configuration
+ autossh-configuration?
+ (user autossh-configuration-user
+ (default "autossh"))
+ (poll autossh-configuration-poll
+ (default 600))
+ (first-poll autossh-configuration-first-poll
+ (default #f))
+ (gate-time autossh-configuration-gate-time
+ (default 30))
+ (log-level autossh-configuration-log-level
+ (default 1))
+ (max-start autossh-configuration-max-start
+ (default #f))
+ (message autossh-configuration-message
+ (default ""))
+ (port autossh-configuration-port
+ (default "0"))
+ (ssh-options autossh-configuration-ssh-options
+ (default '())))
+
+(define (autossh-file-name config file)
+ "Return a path in /var/run/autossh/ that is writable
+ by @code{user} from @code{config}."
+ (string-append "/var/run/autossh/"
+ (autossh-configuration-user config)
+ "/" file))
+
+(define (autossh-shepherd-service config)
+ (shepherd-service
+ (documentation "Automatically set up ssh connections (and keep them alive).")
+ (provision '(autossh))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append autossh "/bin/autossh")
+ #$@(autossh-configuration-ssh-options config))
+ #:user #$(autossh-configuration-user config)
+ #:group (passwd:gid (getpw #$(autossh-configuration-user config)))
+ #:pid-file #$(autossh-file-name config "pid")
+ #:log-file #$(autossh-file-name config "log")
+ #:environment-variables
+ '(#$(string-append "AUTOSSH_PIDFILE="
+ (autossh-file-name config "pid"))
+ #$(string-append "AUTOSSH_LOGFILE="
+ (autossh-file-name config "log"))
+ #$(string-append "AUTOSSH_POLL="
+ (number->string
+ (autossh-configuration-poll config)))
+ #$(string-append "AUTOSSH_FIRST_POLL="
+ (number->string
+ (or
+ (autossh-configuration-first-poll config)
+ (autossh-configuration-poll config))))
+ #$(string-append "AUTOSSH_GATETIME="
+ (number->string
+ (autossh-configuration-gate-time config)))
+ #$(string-append "AUTOSSH_LOGLEVEL="
+ (number->string
+ (autossh-configuration-log-level config)))
+ #$(string-append "AUTOSSH_MAXSTART="
+ (number->string
+ (or (autossh-configuration-max-start config)
+ -1)))
+ #$(string-append "AUTOSSH_MESSAGE="
+ (autossh-configuration-message config))
+ #$(string-append "AUTOSSH_PORT="
+ (autossh-configuration-port config)))))
+ (stop #~(make-kill-destructor))))
+
+(define (autossh-service-activation config)
+ (with-imported-modules '((guix build utils))
+ #~(begin
+ (use-modules (guix build utils))
+ (define %user
+ (getpw #$(autossh-configuration-user config)))
+ (let* ((directory #$(autossh-file-name config ""))
+ (log (string-append directory "/log")))
+ (mkdir-p directory)
+ (chown directory (passwd:uid %user) (passwd:gid %user))
+ (call-with-output-file log (const #t))
+ (chown log (passwd:uid %user) (passwd:gid %user))))))
+
+(define autossh-service-type
+ (service-type
+ (name 'autossh)
+ (description "Automatically set up ssh connections (and keep them alive).")
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ (compose list autossh-shepherd-service))
+ (service-extension activation-service-type
+ autossh-service-activation)))
+ (default-value (autossh-configuration))))
+
+(define* (autossh-service #:optional (config (autossh-configuration)))
+ "Run autossh with the given @var{config}, a @code{<autossh-configuration>}
+object."
+ (service autossh-service-type config))
+
;;; ssh.scm ends here
--
2.26.2
guix-patches <at> gnu.org:bug#41018; Package guix-patches.
(Tue, 05 May 2020 12:34:02 GMT) Full text and rfc822 format available.Message #26 received at 41018 <at> debbugs.gnu.org (full text, mbox):
From: Oleg Pykhalov <go.wigust <at> gmail.com> To: pinoaffe <pinoaffe <at> airmail.cc> Cc: 41018 <at> debbugs.gnu.org, 41018-done <at> debbugs.gnu.org Subject: Re: [bug#41018] [PATCH v2 try 2] gnu: Add AutoSSH service. Date: Tue, 05 May 2020 15:33:12 +0300
[Message part 1 (text/plain, inline)]
pinoaffe <pinoaffe <at> airmail.cc> writes:
> * doc/guix.texi: Add documentation.
> * gnu/services/ssh.scm (<autossh-configuration>): New record type.
> (mpd-service-type): New service type.
> ---
Not mpd-service-type. :-) Changed to:
--8<---------------cut here---------------start------------->8---
gnu: Add AutoSSH service.
* gnu/services/ssh.scm (<autossh-configuration>): New record type.
(autossh-service-type): New variable.
(autossh-service-activation, autossh-file-name): New procedures.
* doc/guix.texi (Networking Services): Document this.
--8<---------------cut here---------------end--------------->8---
[…]
> +@lisp
> +(autossh (autossh-configuration
> + (user "pino")
> + (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.net"))))
> +@end lisp
> +@end deffn
…
> +(define* (autossh-service #:optional (config (autossh-configuration)))
> + "Run autossh with the given @var{config}, a @code{<autossh-configuration>}
> +object."
> + (service autossh-service-type config))
> +
Procedures like this ‘autossh-service’ are deprecated. I removed it and
updated documentation accordingly. Pushed to master with those changes.
Oleg.
[signature.asc (application/pgp-signature, inline)]
Oleg Pykhalov <go.wigust <at> gmail.com>:pinoaffe <pinoaffe <at> airmail.cc>:Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Wed, 03 Jun 2020 11:24:04 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.