From debbugs-submit-bounces@debbugs.gnu.org Sat May 02 05:20:05 2020 Received: (at submit) by debbugs.gnu.org; 2 May 2020 09:20:05 +0000 Received: from localhost ([127.0.0.1]:51243 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jUoJV-0002hw-OY for submit@debbugs.gnu.org; Sat, 02 May 2020 05:20:05 -0400 Received: from lists.gnu.org ([209.51.188.17]:59844) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jUoJT-0002ho-Ku for submit@debbugs.gnu.org; Sat, 02 May 2020 05:20:00 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:58444) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jUoJS-0005of-Nr for guix-patches@gnu.org; Sat, 02 May 2020 05:19:59 -0400 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,T_SPF_PERMERROR,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.90_1) (envelope-from ) id 1jUoJQ-0007tv-Ql for guix-patches@gnu.org; Sat, 02 May 2020 05:19:57 -0400 Received: from mail.cock.li ([37.120.193.124]:50974) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jUoJO-0007gu-Oz for guix-patches@gnu.org; Sat, 02 May 2020 05:19:56 -0400 Date: Sat, 2 May 2020 11:19:46 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=airmail.cc; s=mail; t=1588411188; bh=alxBGBGVxXIyyhuyJbiK972waDBEcrDBjo7Dw2LUWn4=; h=Date:From:To:Subject:From; b=H367O5pWgYsLIsGq3IzH2GpMjKAtoENKrbGVP5cFeFezgqrItU68Uq7bUKfU+UZGh +a0jp95RxGnggET8Y7Bm8Zm4k8l0vALiEfYjA/x196hFqMD1eLJXz3hMk2tj0KNhBg 11XtgzoxGZThuTcoX9KvOC2Qz+INBmwulF4EU8CKDj9uZhaCWgWWMdmEiG7NCZ3IBq kswnKxL1M4DQ8T56Zr4H+sFTFcMm1uPQzo5igYSOy0MsXu1NLRJ4LffgokPnmu0DHw N6ESuDf7KfppMTpqyXbUdGLazPo6xgNaOugJgrjqxH9tmvgzqMPFUehAczgNpZRhcA fdErbzjm6RKWQ== From: pinoaffe To: guix-patches@gnu.org Subject: [PATCH] gnu: Add AutoSSH service. Message-ID: <20200502111908.26a8e396@airmail.cc> X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; x86_64-unknown-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Received-SPF: permerror client-ip=37.120.193.124; envelope-from=pinoaffe@airmail.cc; helo=mail.cock.li X-detected-operating-system: by eggs.gnu.org: First seen = 2020/05/02 05:19:48 X-ACL-Warn: Detected OS = Linux 3.11 and newer [fuzzy] X-Received-From: 37.120.193.124 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) * doc/guix.texi: Add documentation. * gnu/services/ssh.scm (): New record type. (mpd-service-type): New service type. --- doc/guix.texi | 75 +++++++++++++++++++++++++++++ gnu/services/ssh.scm | 109 ++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 183 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index c571010bc8..f88859c584 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -78,6 +78,7 @@ Copyright @copyright{} 2020 Jack Hill@* Copyright @copyright{} 2020 Naga Malleswari@* Copyright @copyright{} 2020 Brice Waegeneire@* Copyright @copyright{} 2020 R Veera Kumar@* +Copyright @copyright{} 2020 pinoaffe@* =20 Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -14378,6 +14379,80 @@ Whether to enable password-based authentication. @end table @end deftp =20 +@deffn {Scheme Procedure} autossh-service [@var{config}] +Run the AutoSSH service with the given @var{config}, +a @code{} object. + +AutoSSH is a program that runs a copy of @code{ssh} and monitors it, +restarting it as necessary should it die or stop passing traffic. +AutoSSH can be run manually from the commandline by passing arguments +to the binary @code{autossh} from the package @code{autossh}, +but it can also be run as a guix service. This latter usecase is documente= d here. + +AutoSSH can be used to forward local traffic to a remote machine using an = SSH tunnel, +and it respects the @file{~/.ssh/config} of the user it is run as. + +For example, to specify a service running autossh as the user @code{pino} +and forwarding all local connections to port @code{8081} to @code{remote:8= 081} +using an SSH tunnel, add this call to the operating system's @code{service= s} field: + +@lisp +(autossh (autossh-configuration + (user "pino") + (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.= net")))) +@end lisp +@end deffn + +@deftp {Data Type} autossh-configuration +This data type represents the configuration of an AutoSSH service. + +@table @asis + +@item @code{user} (default @code{"autossh"}) +The user as which the AutoSSH service is to be run. +This assumes that the specified user exists. + +@item @code{poll} (default @code{600}) +Specifies the connection poll time in seconds. + +@item @code{first-poll} (default @code{#f}) +Specifies how long autossh waits before the first connection test in secon= ds. +After this first test, polling is resumed at the pace defined in @code{pol= l}. +When set to @code{#f}, the first poll is not treated specially and +will also use the connection poll specified in @code{poll} + +@item @code{gate-time} (default @code{30}) +Specifies (in seconds) how long an SSH connection must be active +before it is considered successful. + +@item @code{log-level} (default @code{1}) +The log level, corresponding to the levels used by syslog +(so @code{0} is the most silent while @code{7} is the chattiest.) + +@item @code{max-start} (default @code{#f}) +The maximum number of times SSH may be (re)started before AutoSSH exits. +When set to @code{#f}, no maximum is configured and AutoSSH may restart in= definitely. + +@item @code{message} (default @code{""}) +The message to append to the echo message sent when testing connections. + +@item @code{port} (default @code{"0"}) +The ports used for monitoring the connection. When set to @code{"0"}, +monitoring is disabled. When set to @code{"n"} where @code{n} is a positiv= e integer, +ports @code{n} and @code{n+1} are used for monitoring the connection, such= that +port @code{n} is the base monitoring port and @code{n+1} is the echo port. +When set to @code{"n:m"} where @code{n} and @code{m} are positive integers, +the ports @code{n} and @code{n+1} are used for monitoring the connection, = such +that port @code{n} is the base monitoring port and @code{m} is the echo po= rt. + +@item @code{ssh-options} (default @code{'()}) +The list of commandline arguments to pass to ssh when it is run. +Options @code{-f} and @code{-M ....} are reserved for AutoSSH +and may cause undefined behaviour. + +@end table +@end deftp + @defvr {Scheme Variable} %facebook-host-aliases This variable contains a string for use in @file{/etc/hosts} (@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index d2dbb8f80d..ec0150b3a2 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -4,6 +4,7 @@ ;;; Copyright =C2=A9 2016 Julien Lepiller ;;; Copyright =C2=A9 2017 Cl=C3=A9ment Lassieur ;;; Copyright =C2=A9 2019 Ricardo Wurmus +;;; Copyright =C2=A9 2020 pinoaffe ;;; ;;; This file is part of GNU Guix. ;;; @@ -45,7 +46,12 @@ dropbear-configuration dropbear-configuration? dropbear-service-type - dropbear-service)) + dropbear-service + + autossh-configuration + autossh-configuration? + autossh-service-type + autossh-service)) =20 ;;; Commentary: ;;; @@ -628,4 +634,105 @@ daemon} with the given @var{config}, a @code{} object." (service dropbear-service-type config)) =20 +=0C +;;; +;;; AutoSSH. +;;; + + +(define-record-type* + autossh-configuration make-autossh-configuration + autossh-configuration? + (user autossh-configuration-user + (default "autossh")) + (poll autossh-configuration-poll + (default 600)) + (first-poll autossh-configuration-first-poll + (default #f)) + (gate-time autossh-configuration-gate-time + (default 30)) + (log-level autossh-configuration-log-level + (default 1)) + (max-start autossh-configuration-max-start + (default #f)) + (message autossh-configuration-message + (default "")) + (port autossh-configuration-port + (default "0")) + (ssh-options autossh-configuration-ssh-options + (default '()))) + +(define (autossh-file-name config file) + "Return a path in /var/run/autossh/ that is writable + by @code{user} from @code{config}." + (string-append "/var/run/autossh/" + (autossh-configuration-user config) + "/" file)) + +(define (autossh-shepherd-service config) + (shepherd-service + (documentation "Automatically set up ssh connections (and keep them ali= ve).") + (provision '(autossh)) + (start #~(make-forkexec-constructor + (list #$(file-append autossh "/bin/autossh") + #$@(autossh-configuration-ssh-options config)) + #:user #$(autossh-configuration-user config) + #:group (passwd:gid (getpw #$(autossh-configuration-user conf= ig))) + #:pid-file #$(autossh-file-name config "pid") + #:log-file #$(autossh-file-name config "log") + #:environment-variables + '(#$(string-append "AUTOSSH_PIDFILE=3D" + (autossh-file-name config "pid")) + #$(string-append "AUTOSSH_LOGFILE=3D" + (autossh-file-name config "log")) + #$(string-append "AUTOSSH_POLL=3D" + (number->string + (autossh-configuration-poll config))) + #$(string-append "AUTOSSH_FIRST_POLL=3D" + (number->string + (or + (autossh-configuration-first-poll config) + (autossh-configuration-poll config)))) + #$(string-append "AUTOSSH_GATETIME=3D" + (number->string + (autossh-configuration-gate-time config))) + #$(string-append "AUTOSSH_LOGLEVEL=3D" + (number->string + (autossh-configuration-log-level config))) + #$(string-append "AUTOSSH_MAXSTART=3D" + (number->string + (or (autossh-configuration-max-start conf= ig) + -1))) + #$(string-append "AUTOSSH_MESSAGE=3D" + (autossh-configuration-message config)) + #$(string-append "AUTOSSH_PORT=3D" + (autossh-configuration-port config))))) + (stop #~(make-kill-destructor)))) + +(define (autossh-service-activation config) + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (define %user + (getpw #$(autossh-configuration-user config))) + (let ((directory #$(autossh-file-name config ""))) + (mkdir-p directory) + (chown directory (passwd:uid %user) (passwd:gid %user)))))) + +(define autossh-service-type + (service-type + (name 'autossh) + (description "Automatically set up ssh connections (and keep them alive= ).") + (extensions + (list (service-extension shepherd-root-service-type + (compose list autossh-shepherd-service)) + (service-extension activation-service-type + autossh-service-activation))) + (default-value (autossh-configuration)))) + +(define* (autossh-service #:optional (config (autossh-configuration))) + "Run autossh with the given @var{config}, a @code{} +object." + (service autossh-service-type config)) + ;;; ssh.scm ends here --=20 2.26.2 From debbugs-submit-bounces@debbugs.gnu.org Sat May 02 09:48:21 2020 Received: (at 41018) by debbugs.gnu.org; 2 May 2020 13:48:21 +0000 Received: from localhost ([127.0.0.1]:51612 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jUsVB-0005Fl-52 for submit@debbugs.gnu.org; Sat, 02 May 2020 09:48:21 -0400 Received: from mail-lf1-f66.google.com ([209.85.167.66]:46439) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jUsV7-0005FV-0D for 41018@debbugs.gnu.org; Sat, 02 May 2020 09:48:19 -0400 Received: by mail-lf1-f66.google.com with SMTP id g10so5913801lfj.13 for <41018@debbugs.gnu.org>; Sat, 02 May 2020 06:48:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=lZCBNh+0ukuM+wzQMdNAwZMGwrdT1a+DHWJU7UcLiBA=; b=CzwEgSFAVBKloaEBx4jCnK9n5wIU902qju8pp8zm2VmQ8plsebe1XtQihjHo0SsBOV uYW9h718rbO21ZCi+PM6ChyC7FTy69J4tyuOmfpaM/Vqu4piekwc5lMWWbfTNuVCqxQp u18y+Q70qIsLhqjTshekz+Ec105Zm9q8EPqZbOLpEmEfwwzPJflfCafIkhnbbpJvE7fU RBOcXcT3Fb4RnymTY36AIiR/2ZK79J20nRC3TIekWTUDQFzwOn8s2jwEmM0mGOnoBiK1 cgTZkXJec7fZn44el54EetlByzU3nW3ryvD7gy7/abdpH0gLFZynxZkzn86xdUjLExIe zpNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=lZCBNh+0ukuM+wzQMdNAwZMGwrdT1a+DHWJU7UcLiBA=; b=kpRdUmfFEpHJI9HzXwh1mtmRahJC5nrTuwvLmM7qtkia+WxdcsvwTPKCL9Gj3Fi0n/ sruykaaTfbLInpxVvqqoXP9+HESlnBBGKbrx9BOakY/vuIpCZ6u8rUb7RegACLYQ+BVG ur7nPBf/p/vZCrtt/hm4FJ8OAv+LGG/eR/Q9JLZN1qSkTdGxso4Bp7jRqTdiVhvMAZjv 2MhvEqWEo1j5sGqldoD8aPaC1iK6PZ/qEd4gmoFqThX4JUB60a3+cYL/ycolMSFinJiv KXMLwSUXZUP79LN0Dbd4DJHUh5gJFsEEZ7JWOzwCoxT+0hxw80Ix4YpnLFGEagCFU4g7 9+sw== X-Gm-Message-State: AGi0PuaPI9z5dJ6r4vPSwM2pIhEANisfWfZnAHD6kW7eWRhkwmFAk6VW hCeMl4xcq5A2a8Q+7PlzMm57B090 X-Google-Smtp-Source: APiQypKmF616MZxRTDTmn8EmzATwSsLX+Yp0EnS9LHJM76+Xqpb52cVmdqj9axkPf+T5m1rVfXaOmw== X-Received: by 2002:a19:6a10:: with SMTP id u16mr1770666lfu.105.1588427290372; Sat, 02 May 2020 06:48:10 -0700 (PDT) Received: from guixsd (ppp91-122-124-75.pppoe.avangarddsl.ru. [91.122.124.75]) by smtp.gmail.com with ESMTPSA id t3sm3879013ljo.51.2020.05.02.06.48.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 02 May 2020 06:48:09 -0700 (PDT) From: Oleg Pykhalov To: pinoaffe Subject: Re: [bug#41018] [PATCH] gnu: Add AutoSSH service. References: <20200502111908.26a8e396@airmail.cc> Date: Sat, 02 May 2020 16:47:38 +0300 In-Reply-To: <20200502111908.26a8e396@airmail.cc> (pinoaffe@airmail.cc's message of "Sat, 2 May 2020 11:19:46 +0200") Message-ID: <87ees2la85.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 41018 Cc: 41018@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi, Thank you for the patch! pinoaffe writes: > * doc/guix.texi: Add documentation. > * gnu/services/ssh.scm (): New record type. > (mpd-service-type): New service type. > --- > doc/guix.texi | 75 +++++++++++++++++++++++++++++ > gnu/services/ssh.scm | 109 ++++++++++++++++++++++++++++++++++++++++++- > 2 files changed, 183 insertions(+), 1 deletion(-) > > diff --git a/doc/guix.texi b/doc/guix.texi > index c571010bc8..f88859c584 100644 > --- a/doc/guix.texi > +++ b/doc/guix.texi [=E2=80=A6] > +@lisp > +(autossh (autossh-configuration > + (user "pino") > + (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remot= e.net")))) > +@end lisp > +@end deffn =2D-8<---------------cut here---------------start------------->8--- (service autossh-service-type (autossh-configuration (user "pino") (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.n= et")))) =2D-8<---------------cut here---------------end--------------->8--- [=E2=80=A6] > diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm > index d2dbb8f80d..ec0150b3a2 100644 > --- a/gnu/services/ssh.scm > +++ b/gnu/services/ssh.scm [=E2=80=A6] > +(define (autossh-service-activation config) > + (with-imported-modules '((guix build utils)) > + #~(begin > + (use-modules (guix build utils)) > + (define %user > + (getpw #$(autossh-configuration-user config))) > + (let ((directory #$(autossh-file-name config ""))) > + (mkdir-p directory) > + (chown directory (passwd:uid %user) (passwd:gid %user)))))) I cannot start the service in a testing vm because of log file is owner by root. The following fixes this. --=-=-= Content-Type: text/x-patch Content-Disposition: inline Content-Transfer-Encoding: quoted-printable diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index ec0150b3a2..c111437b1a 100644 =2D-- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -715,9 +715,12 @@ object." (use-modules (guix build utils)) (define %user (getpw #$(autossh-configuration-user config))) =2D (let ((directory #$(autossh-file-name config ""))) + (let* ((directory #$(autossh-file-name config "")) + (log (string-append directory "/log"))) (mkdir-p directory) =2D (chown directory (passwd:uid %user) (passwd:gid %user)))))) + (chown directory (passwd:uid %user) (passwd:gid %user)) + (call-with-output-file log (const #t)) + (chown log (passwd:uid %user) (passwd:gid %user)))))) =20 (define autossh-service-type (service-type --=-=-= Content-Type: text/plain Also, why don't you put the log in /var/log directory? Oleg. --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEcjhxI46s62NFSFhXFn+OpQAa+pwFAl6tefoACgkQFn+OpQAa +pzIpA/9Gl7+ROEU1v2/CnDrTMlVh2zmGsUaObBcvd6rOvtvlXv7F2v9+ej9pGg/ OfZFVaFpuveywoKj01ZBPpi8YUm4WC7xrBr53ZG1pHVejNKiaV/PGYgDepfD6AnN Ig7MeQovuBsg0SlVoiXKyMs3Uw76E5NOFJw7U9uJl8ZqDkuYk7wzsAKz8DXsD8I3 Xcff0hwGOYz4y5bGHeKaVjTEOyp7+iapuNHBzY/BaO8yf/eHaCPlmXTmC/I1zd1R mrmLqXhjEBYAgtAaSw1ot4eVF+Cu+FQZzQphmteimD3VFEfGE2BqmpCc7WwniVft rKgZTTXtysxA0UHaVfLsb3F5USndEbeNwRp9i/WDQLEcJZ62e69U56zMoAEsePjr 6qmSTuJ0WPBFp5T2nOATZ1qcjJKeFTBbcga18H8+p5FjPhnJCmXttg628s7cH11A uF2p+Uq4ZIZXGTpQEqaF0RJ2gymd9mc6lTnYL4nQkpf5flLG8c2iG6onUAIWTIE6 jXJ04EOZ7IfkAeHEfUqBimRqn2AoPh/QxiL9cGENT0rdDuO6rZoGcOe1cNn7nr0k jcqOuz+jJoLAc8U7M/xWnpSZOClaXaoOnwR6IGwissf5hZkYf12kxW2V6imP8A6a pkwXwsWAuvtkueqPU71sL1jtowsmtK7InTnRyln4wF40WZWKjBE= =9VF1 -----END PGP SIGNATURE----- --==-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Sun May 03 11:13:38 2020 Received: (at 41018) by debbugs.gnu.org; 3 May 2020 15:13:38 +0000 Received: from localhost ([127.0.0.1]:57670 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVGJG-0005Vb-0d for submit@debbugs.gnu.org; Sun, 03 May 2020 11:13:38 -0400 Received: from mail.cock.li ([37.120.193.124]:59104) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVGJB-0005VI-G6 for 41018@debbugs.gnu.org; Sun, 03 May 2020 11:13:36 -0400 Date: Sun, 3 May 2020 17:13:24 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=airmail.cc; s=mail; t=1588518806; bh=oY/r8Zm4MTvKzQzhNrgLN4+y6Ii7LFTVuTljfajFhCY=; h=Date:From:To:Cc:Subject:From; b=I5l49awyxpovEyh6hY/K0COXrVKQOCrKLBGx4fCFiuL/460/0QXhMxGP+19NkskdJ WljSOqNt3mksaEc3/jERo4xM8RsoprL2YXbiKRxU68BWj3f9prARuLjf9HSKgOrtfG 3ETJiSTZu5pXdHvNPFsSekZCeDAJgRoEmVvelsMfTTgEOU2smKfyzZJ8FVvbRxoPsT BtFNdSLK6083SOjCngE4lhwe3EfGq33y3VZMFzUk84+d8+rsWNbbRBErRfMnk04avs wLQC9VsOu50+8tZRMswAlPNfd5Nd+APzkoYvUy6D8gxOIkfBJgF928Bx2i553fzY+y gnybutYiQAz+A== From: pinoaffe To: go.wigust@gmail.com Subject: Re: [bug#41018] [PATCH] gnu: Add AutoSSH service. Message-ID: <20200503171324.606c33d8@airmail.cc> X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; x86_64-unknown-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 41018 Cc: 41018@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) > I cannot start the service in a testing vm because of log file is > owner by root. The following fixes this. Thanks, I'll submit a modified patch > Also, why don't you put the log in /var/log directory? No particular reason, I simply replicated behavior I saw in some other services. Should I change this? From debbugs-submit-bounces@debbugs.gnu.org Sun May 03 11:52:56 2020 Received: (at 41018) by debbugs.gnu.org; 3 May 2020 15:52:56 +0000 Received: from localhost ([127.0.0.1]:57699 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVGvI-0000BP-Gi for submit@debbugs.gnu.org; Sun, 03 May 2020 11:52:56 -0400 Received: from mail-lj1-f195.google.com ([209.85.208.195]:46766) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVGvD-0000B6-BX for 41018@debbugs.gnu.org; Sun, 03 May 2020 11:52:55 -0400 Received: by mail-lj1-f195.google.com with SMTP id f18so7203929lja.13 for <41018@debbugs.gnu.org>; Sun, 03 May 2020 08:52:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=jsl581IdLbQ6UQikqBbfjD3aaElCTSQPbfx0rsWkeME=; b=FVzhPkV6a1bSUQ+TGta0g0y5/nAy8aa7rrEPWICKgAJmkSXCkK91ceoTeFS8Yep8e4 Cz2W3CpxenjY2txI+6alYj8WGXxqLLNB87OEB9NUCYxBTjP5QMIXiU9JD0Kvt8/xvTb1 L6dvQV+aQphbuTkpTql0mG6M51OGqsRUsZNTsHvgp13KkJVB3f5NfiidxKgjgKjBHeaY MUAenHjEtCTGroXhpF+cN6WfdnJLPGuum/t/5ZMTdGeeEL3Pt2RbnhWte1pmJbXhj5jB 7iKNTbdcg53Q+zREVxz7fAi6kGZhORVVe3o/FtN8MezZy0fCDa4K/0OVE7groK/nSg8i Rkiw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=jsl581IdLbQ6UQikqBbfjD3aaElCTSQPbfx0rsWkeME=; b=JllSFBaiysulNDqbFPON16BoUNmfRouM0z9e0aSVdCiaLRLnX606cq0Cnkn+jtNnVj FOhC50HiL542j3CptBrm8nWISQ8zewQMttrdmSPuTy3y9Ww3IYHOePE8DUez/NR9GeY7 U7JMHtYw8XUbnoH11NEgNbkffmVl1zB7uwqNEfhA24v/P++CcDqNvhnj/i8fZlqJ7dod 3+Quq31cc4+MstWgyAqU6S0qPqk5LeON16YknZMjQPkp/S63czLWrVgRdidElwW/X8d8 0BHUq94LhHSwKSQCq2NeS2OT9pp6WIDYcmFVZlZ43eAcgZ7LV2vUwlzKfFOvIl+WK+uZ dlVg== X-Gm-Message-State: AGi0PubzDg4dBFVqrMFx/gP3e/6KVJZ0st3fjoxPaGHxE7n474s52KiA lIioNW7t8V8eNn4QFWUJ0ptsOCF2 X-Google-Smtp-Source: APiQypJBiwAOmZ7kdHruhXyHxTgiqkARGgEBdX6gWNsL44Vv7YdMOGScWBjQFVYFWpP9L1chZ7lvkw== X-Received: by 2002:a2e:97d3:: with SMTP id m19mr7749535ljj.136.1588521164792; Sun, 03 May 2020 08:52:44 -0700 (PDT) Received: from guixsd (ppp91-122-124-75.pppoe.avangarddsl.ru. [91.122.124.75]) by smtp.gmail.com with ESMTPSA id r4sm2520505lfm.28.2020.05.03.08.52.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 03 May 2020 08:52:44 -0700 (PDT) From: Oleg Pykhalov To: pinoaffe Subject: Re: [bug#41018] [PATCH] gnu: Add AutoSSH service. References: <20200503171324.606c33d8@airmail.cc> Date: Sun, 03 May 2020 18:52:36 +0300 In-Reply-To: <20200503171324.606c33d8@airmail.cc> (pinoaffe@airmail.cc's message of "Sun, 3 May 2020 17:13:24 +0200") Message-ID: <871ro1kocb.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 41018 Cc: 41018@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain pinoaffe writes: >> I cannot start the service in a testing vm because of log file is >> owner by root. The following fixes this. > Thanks, I'll submit a modified patch OK, then I could push it to master. >> Also, why don't you put the log in /var/log directory? > No particular reason, I simply replicated behavior I saw in some other > services. Should I change this? Depending on how much those logs are useful. I don't know. I'm OK with either /var/run or /var/log, but /var/run will be removed after reboot. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEcjhxI46s62NFSFhXFn+OpQAa+pwFAl6u6MQACgkQFn+OpQAa +pzwew//VyB6nPpogl3bV1pduWvh96DzGSrS/fC0Es++KGHthgd29EPDTkqfTADN thsloljWLk+NiVe+kCCIuofJqSMjkQwU120Zne0UFetR7rEVi2dp06mkHNBbeNfj hyaIzxr76nPRfePGSlUxgSKOBD3Ok/IZF8SBqajFmmk2ZJwa+/SeQpzJ8GTfr5m9 +EqEhWyUquKJpyE7uUG6RyUD4SxglrF0W5OGBzN64tAhOdC/oo+B8XQTMXM0cFMc 5xmFocJip24BgMoF4rjcxxA1mLv9JjDFAu/+7XD7s7uvB4Y3aP+17oFzX31o05Rr b4dAUC2UIki6QZze2qWSGCPW+QHJq4zMrWYIIr8QcofQprh6GcsZHQvBljxWdwxA sS6nlDdsBvn1fgUHB+6p6jMVeb+R2I6J0YvlEVxvKOkldfBSo3lF0LXQ1v1fcMsR gSBMKpLDqJFdhnAURy+4U/mF4ewQ3EAPlPPebdbMBDEu6QnmNqfIxxlNi1aUSx9V stm6ri/ihdtUguarqb3gRvvsyz4ofzxMnwT/RmOaGeRpcYHo9UrEIKrGXDVV2AuO VaJ+/p6JwNvCWOqtnXyb0CtlM0dfagaY1V/w/4Pi2K4Nz/9O6cWHPYuYasBFaHvD hd7XGtjrljfR9nQ8jzywj9PlPcCNfe42RaFyybIlIlRQ6tlwbdU= =LgA3 -----END PGP SIGNATURE----- --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Mon May 04 11:56:30 2020 Received: (at 41018) by debbugs.gnu.org; 4 May 2020 15:56:30 +0000 Received: from localhost ([127.0.0.1]:33764 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVdSI-0005fT-6L for submit@debbugs.gnu.org; Mon, 04 May 2020 11:56:30 -0400 Received: from mail.cock.li ([37.120.193.124]:36310) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVdSC-0005fA-Ph for 41018@debbugs.gnu.org; Mon, 04 May 2020 11:56:29 -0400 Date: Mon, 4 May 2020 17:56:16 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=airmail.cc; s=mail; t=1588607778; bh=G89uGr71TApeu1cLaFs42POK+PvDv/oshsHcwF6fbvY=; h=Date:From:To:Subject:From; b=Knas1g8koeRJKHq9TjgB1d2/VzhWr8Cu4XAo0jCwHkR+Cajm2R5VepbezS+b8MHrV ZJsZavqEUSPJEVqAIuSvNfd8swvAgy79T/q8XqMwLRI7BDee3x5k3wCB3J/W14aBjC FCXg0oLm2uOcwGKMicRwCQIgAHYXQBD77h4d2Tx9zAmScOIlqzsdSx4h9GgarhVuU7 EeWZb569brJud3ewV00F16F9WQ+LaHpx6gOPmDsJOb9j0C2zPyYrGFKRgXUErW+1xK iIwtyqpwNQ8elSdVvjx3dB8B0yCI23bEATjAkUeLbwnNj5+q8itLTpESk091eOOBsG dnX1dHY3ArABw== From: pinoaffe To: 41018@debbugs.gnu.org Subject: [PATCH v2] gnu: Add AutoSSH service. Message-ID: <20200504175616.2bbdb2ec@airmail.cc> X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; x86_64-unknown-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 41018 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * doc/guix.texi: Add documentation. * gnu/services/ssh.scm (): New record type. (mpd-service-type): New service type. --- doc/guix.texi | 75 +++++++++++++++++++++++++++++ gnu/services/ssh.scm | 112 ++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 186 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index c571010bc8..f88859c584 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -78,6 +78,7 @@ Copyright @copyright{} 2020 Jack Hill@* Copyright @copyright{} 2020 Naga Malleswari@* Copyright @copyright{} 2020 Brice Waegeneire@* Copyright @copyright{} 2020 R Veera Kumar@* +Copyright @copyright{} 2020 pinoaffe@* =20 Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -14378,6 +14379,80 @@ Whether to enable password-based authentication. @end table @end deftp =20 +@deffn {Scheme Procedure} autossh-service [@var{config}] +Run the AutoSSH service with the given @var{config}, +a @code{} object. + +AutoSSH is a program that runs a copy of @code{ssh} and monitors it, +restarting it as necessary should it die or stop passing traffic. +AutoSSH can be run manually from the commandline by passing arguments +to the binary @code{autossh} from the package @code{autossh}, +but it can also be run as a guix service. This latter usecase is documente= d here. + +AutoSSH can be used to forward local traffic to a remote machine using an = SSH tunnel, +and it respects the @file{~/.ssh/config} of the user it is run as. + +For example, to specify a service running autossh as the user @code{pino} +and forwarding all local connections to port @code{8081} to @code{remote:8= 081} +using an SSH tunnel, add this call to the operating system's @code{service= s} field: + +@lisp +(autossh (autossh-configuration + (user "pino") + (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.= net")))) +@end lisp +@end deffn + +@deftp {Data Type} autossh-configuration +This data type represents the configuration of an AutoSSH service. + +@table @asis + +@item @code{user} (default @code{"autossh"}) +The user as which the AutoSSH service is to be run. +This assumes that the specified user exists. + +@item @code{poll} (default @code{600}) +Specifies the connection poll time in seconds. + +@item @code{first-poll} (default @code{#f}) +Specifies how long autossh waits before the first connection test in secon= ds. +After this first test, polling is resumed at the pace defined in @code{pol= l}. +When set to @code{#f}, the first poll is not treated specially and +will also use the connection poll specified in @code{poll} + +@item @code{gate-time} (default @code{30}) +Specifies (in seconds) how long an SSH connection must be active +before it is considered successful. + +@item @code{log-level} (default @code{1}) +The log level, corresponding to the levels used by syslog +(so @code{0} is the most silent while @code{7} is the chattiest.) + +@item @code{max-start} (default @code{#f}) +The maximum number of times SSH may be (re)started before AutoSSH exits. +When set to @code{#f}, no maximum is configured and AutoSSH may restart in= definitely. + +@item @code{message} (default @code{""}) +The message to append to the echo message sent when testing connections. + +@item @code{port} (default @code{"0"}) +The ports used for monitoring the connection. When set to @code{"0"}, +monitoring is disabled. When set to @code{"n"} where @code{n} is a positiv= e integer, +ports @code{n} and @code{n+1} are used for monitoring the connection, such= that +port @code{n} is the base monitoring port and @code{n+1} is the echo port. +When set to @code{"n:m"} where @code{n} and @code{m} are positive integers, +the ports @code{n} and @code{n+1} are used for monitoring the connection, = such +that port @code{n} is the base monitoring port and @code{m} is the echo po= rt. + +@item @code{ssh-options} (default @code{'()}) +The list of commandline arguments to pass to ssh when it is run. +Options @code{-f} and @code{-M ....} are reserved for AutoSSH +and may cause undefined behaviour. + +@end table +@end deftp + @defvr {Scheme Variable} %facebook-host-aliases This variable contains a string for use in @file{/etc/hosts} (@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index d2dbb8f80d..c111437b1a 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -4,6 +4,7 @@ ;;; Copyright =C2=A9 2016 Julien Lepiller ;;; Copyright =C2=A9 2017 Cl=C3=A9ment Lassieur ;;; Copyright =C2=A9 2019 Ricardo Wurmus +;;; Copyright =C2=A9 2020 pinoaffe ;;; ;;; This file is part of GNU Guix. ;;; @@ -45,7 +46,12 @@ dropbear-configuration dropbear-configuration? dropbear-service-type - dropbear-service)) + dropbear-service + + autossh-configuration + autossh-configuration? + autossh-service-type + autossh-service)) =20 ;;; Commentary: ;;; @@ -628,4 +634,108 @@ daemon} with the given @var{ From debbugs-submit-bounces@debbugs.gnu.org Mon May 04 18:53:46 2020 Received: (at 41018) by debbugs.gnu.org; 4 May 2020 22:53:46 +0000 Received: from localhost ([127.0.0.1]:34253 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVjy5-0003em-Or for submit@debbugs.gnu.org; Mon, 04 May 2020 18:53:46 -0400 Received: from mail-lf1-f45.google.com ([209.85.167.45]:43980) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVjy3-0003eN-Uw for 41018@debbugs.gnu.org; Mon, 04 May 2020 18:53:44 -0400 Received: by mail-lf1-f45.google.com with SMTP id 188so11238972lfa.10 for <41018@debbugs.gnu.org>; Mon, 04 May 2020 15:53:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=YTivjDABB2QQy2n7F4oDo4UPKaFK+c8lMnmuNu58lhE=; b=P4tQMROvBYtoJCPIwDktPk1hTwKOsaP4on7HIpVE55fzWtADfqhnXekzZiZ88rzrGE RaQJb7lFOyFEVcWWt1pQgZ/di88ABPlwwSy/b6ijlndP5Xo37xhLMcvZi9TAeAsAcMy5 EKq5ir0SWgKyBe99LcDPttRLbt2ZKhKyIyOr3XL3Ewcs8vyXZ/tAtV42fD4wq035Zd4/ mCW29CI/+JAnw66gpHQBdBymVHRbo/7cdT5+Y10Qz4pOwPbgMoF/VLqhhslsMkQy66FL N34hKsi4ytJxhxPyPZ0/QYMgGF69msNcTb2AWh7WW5yGVvTqtDI81ENNuX0XLXLtRwGR bg7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=YTivjDABB2QQy2n7F4oDo4UPKaFK+c8lMnmuNu58lhE=; b=tSLG7rRQ7tvUnPGFAzLkwWTpXATIX0NLyr1+NFQCdU3N9Zuo4rFuhhecqTuJRQ+Mja 5azRfglWPJEJR9eKEBWosVKY0i16ul2Z05wfGUSUhcyBZBC3xAf9+0epeD1ISlWxkTPO J8gCiHOIlnGeh3dpoUf91qFuVQWyyR5NwFOSR8BDQdhYOwHaGj99b6kXZ8cIA/ZB6+vy tqafQDFmv0oTz8dAEomR3mW081lDeNjFz//j61pdFGmfrvo1MEqmisS+2iaq7QrqH1Qw 9mtV3qoWXGkvgAvoxEVE2VUWDI6UoBYZKQbdVchFXolvSAa1CCay3t7CQL+DiCRLkVry rH2g== X-Gm-Message-State: AGi0PuYcBnfEXvlbJWqjvo+4AzVtXepwAzLltwd+fs4dqDf4e55+K9OG Rbt8INtJp1LV+Wj0Ge7YtwvWBrUF X-Google-Smtp-Source: APiQypJUB/1fi5yPo8JnyQhToUqLU3S4wxPooK+8b41uDzbRIUpoUKlFxJRZO4v40BzGY5TpI369vw== X-Received: by 2002:a19:4f02:: with SMTP id d2mr38844lfb.180.1588632817122; Mon, 04 May 2020 15:53:37 -0700 (PDT) Received: from guixsd (ppp91-122-124-75.pppoe.avangarddsl.ru. [91.122.124.75]) by smtp.gmail.com with ESMTPSA id j23sm98749lfh.65.2020.05.04.15.53.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 May 2020 15:53:36 -0700 (PDT) From: Oleg Pykhalov To: pinoaffe Subject: Re: [bug#41018] [PATCH v2] gnu: Add AutoSSH service. References: <20200502111908.26a8e396@airmail.cc> <20200504175616.2bbdb2ec@airmail.cc> Date: Tue, 05 May 2020 01:49:11 +0300 In-Reply-To: <20200504175616.2bbdb2ec@airmail.cc> (pinoaffe@airmail.cc's message of "Mon, 4 May 2020 17:56:16 +0200") Message-ID: <871rnznwns.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 41018 Cc: 41018@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable pinoaffe writes: > * doc/guix.texi: Add documentation. > * gnu/services/ssh.scm (): New record type. > (mpd-service-type): New service type. > --- > doc/guix.texi | 75 +++++++++++++++++++++++++++++ > gnu/services/ssh.scm | 112 ++++++++++++++++++++++++++++++++++++++++++- > 2 files changed, 186 insertions(+), 1 deletion(-) [=E2=80=A6] > ;;; Commentary: > ;;; > @@ -628,4 +634,108 @@ daemon} with the given @var{ The patch is truncated on the hunk above. Could you resend it, please? Also not related, just for to notice you. I receive delivery errors from Gmail to your email address: =2D-8<---------------cut here---------------start------------->8--- ** Delivery incomplete ** There was a temporary problem delivering your message to pinoaffe@airmail.cc. Gmail will retry for 47 more hours. You'll be notified if the delivery fails permanently. The response from the remote server was: 454 4.7.0 TLS not available due to local problem Reporting-MTA: dns; googlemail.com Received-From-MTA: dns; go.wigust@gmail.com Arrival-Date: Sun, 03 May 2020 08:52:44 -0700 (PDT) X-Original-Message-ID: <871ro1kocb.fsf@gmail.com> Final-Recipient: rfc822; pinoaffe@airmail.cc Action: delayed Status: 4.7.0 Remote-MTA: dns; mx1.cock.li. (37.120.193.125, the server for the domain ai= rmail.cc.) Diagnostic-Code: smtp; 454 4.7.0 TLS not available due to local problem Last-Attempt-Date: Mon, 04 May 2020 09:44:16 -0700 (PDT) Will-Retry-Until: Wed, 06 May 2020 08:52:44 -0700 (PDT) =2D-8<---------------cut here---------------end--------------->8--- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEcjhxI46s62NFSFhXFn+OpQAa+pwFAl6wm+cACgkQFn+OpQAa +pzCSg//ci2XEAcEAexx4pCX8kVY2aW149BP57Xi5GkyXfVDPkMC2kKekzn8TKa8 UAzsBoq/ihmYWf7DE6l3jWLUuZSGe/X8E6jN6wAalnDOAKj5NELd9j65Ed3plwkg 6URiiXedmO/3gbfbK4QXPMTpJNNa1pMVlR2dlUhe10WHzDPH7tE2IucxVBXYhcJP bY7ExxVvrs2MY53HaQv5HsOT4p/luJbsjKu0wPAeb4qOkOjsQb1BoxETX5r2zfvY Yq4yTD6cwW/mRu96V71x4WRiNivhs4oiGlkDGBzETOvNqdxC8SQQwLn0bXdyN5qj ZywyBLhL6iP/bwzt4JUQ8w0jFh+x6XO1wdJ4owHPWefz1U+mQCGtbIBOEVs8gJzM RkfihQYOztTdWQZU6NjD6DKd4dYueJvMRar6aOW97QlQN+8Gdk4Q7NtTC/uomSkA m/QiTYNOFYJuOl9uQWBApWCQt93zNZWOkR8Mm1civLQU/xST4nIeyTBggDYjLiYq qIZ93dsU10OXHf1nVnu9kcS0Hp2Vp9t40pKTJRrN7VznyiLyiki+9Lf0BI2BHVYD 26/dBEYcJRS3i8gB4JbxleTSkTmp/oLlrWHu2SLs9/YqJosfAqYc7OfI8MwdYTSI esKxIVXB6UwB+xnHiWJaqEHmNeOsO0blAThRaibwhmJwgkJBlbc= =zOma -----END PGP SIGNATURE----- --=-=-=-- From debbugs-submit-bounces@debbugs.gnu.org Tue May 05 03:31:26 2020 Received: (at 41018) by debbugs.gnu.org; 5 May 2020 07:31:26 +0000 Received: from localhost ([127.0.0.1]:34657 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVs33-0003eW-FT for submit@debbugs.gnu.org; Tue, 05 May 2020 03:31:26 -0400 Received: from mail.cock.li ([37.120.193.124]:33052) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVs31-0003eF-8i for 41018@debbugs.gnu.org; Tue, 05 May 2020 03:31:24 -0400 Date: Tue, 5 May 2020 09:31:11 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=airmail.cc; s=mail; t=1588663874; bh=+Tq4HrfaGBZuEEor5kxkfBj4bTjFZjcMaGhbyZDf8uE=; h=Date:From:To:Subject:From; b=SCy2awilSTzNLiF0Sw1g6xzrr/5Tt/g+c13tb7U11DpSRCo6OhnjOyri5KQTi6OI1 kA4cOOzF8m6U8I+x6ptRBZFgY71igE7e4co4SPFiOBtO6jXwlGR8Sl37PZqNtiMNxh f6p2iGh8X7xl5SUXgCuTyug3XkNOy1PZSwJZx3q0nlKRnmAuc4nf5MNjNKBb1n+uBE mtyVZnxKJBxOXIwo7RKbPqdewnHIVNAf55F/3LyiBpqZ7smro+W7UufRkky71FMKRS 1myK7FXLCU9hY8zDOl66+tLDvJ/54JoxJn0+4hc8vhVyKv+Z1Zfo5MvO0G28HDtH98 YPBsVw7kt6Zfg== From: pinoaffe To: 41018@debbugs.gnu.org Subject: [PATCH v2 try 2] gnu: Add AutoSSH service. Message-ID: <20200505093111.4e16fbec@airmail.cc> X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; x86_64-unknown-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 41018 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * doc/guix.texi: Add documentation. * gnu/services/ssh.scm (): New record type. (mpd-service-type): New service type. --- doc/guix.texi | 75 +++++++++++++++++++++++++++++ gnu/services/ssh.scm | 112 ++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 186 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index c571010bc8..f88859c584 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -78,6 +78,7 @@ Copyright @copyright{} 2020 Jack Hill@* Copyright @copyright{} 2020 Naga Malleswari@* Copyright @copyright{} 2020 Brice Waegeneire@* Copyright @copyright{} 2020 R Veera Kumar@* +Copyright @copyright{} 2020 pinoaffe@* =20 Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -14378,6 +14379,80 @@ Whether to enable password-based authentication. @end table @end deftp =20 +@deffn {Scheme Procedure} autossh-service [@var{config}] +Run the AutoSSH service with the given @var{config}, +a @code{} object. + +AutoSSH is a program that runs a copy of @code{ssh} and monitors it, +restarting it as necessary should it die or stop passing traffic. +AutoSSH can be run manually from the commandline by passing arguments +to the binary @code{autossh} from the package @code{autossh}, +but it can also be run as a guix service. This latter usecase is documente= d here. + +AutoSSH can be used to forward local traffic to a remote machine using an = SSH tunnel, +and it respects the @file{~/.ssh/config} of the user it is run as. + +For example, to specify a service running autossh as the user @code{pino} +and forwarding all local connections to port @code{8081} to @code{remote:8= 081} +using an SSH tunnel, add this call to the operating system's @code{service= s} field: + +@lisp +(autossh (autossh-configuration + (user "pino") + (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remote.= net")))) +@end lisp +@end deffn + +@deftp {Data Type} autossh-configuration +This data type represents the configuration of an AutoSSH service. + +@table @asis + +@item @code{user} (default @code{"autossh"}) +The user as which the AutoSSH service is to be run. +This assumes that the specified user exists. + +@item @code{poll} (default @code{600}) +Specifies the connection poll time in seconds. + +@item @code{first-poll} (default @code{#f}) +Specifies how long autossh waits before the first connection test in secon= ds. +After this first test, polling is resumed at the pace defined in @code{pol= l}. +When set to @code{#f}, the first poll is not treated specially and +will also use the connection poll specified in @code{poll} + +@item @code{gate-time} (default @code{30}) +Specifies (in seconds) how long an SSH connection must be active +before it is considered successful. + +@item @code{log-level} (default @code{1}) +The log level, corresponding to the levels used by syslog +(so @code{0} is the most silent while @code{7} is the chattiest.) + +@item @code{max-start} (default @code{#f}) +The maximum number of times SSH may be (re)started before AutoSSH exits. +When set to @code{#f}, no maximum is configured and AutoSSH may restart in= definitely. + +@item @code{message} (default @code{""}) +The message to append to the echo message sent when testing connections. + +@item @code{port} (default @code{"0"}) +The ports used for monitoring the connection. When set to @code{"0"}, +monitoring is disabled. When set to @code{"n"} where @code{n} is a positiv= e integer, +ports @code{n} and @code{n+1} are used for monitoring the connection, such= that +port @code{n} is the base monitoring port and @code{n+1} is the echo port. +When set to @code{"n:m"} where @code{n} and @code{m} are positive integers, +the ports @code{n} and @code{n+1} are used for monitoring the connection, = such +that port @code{n} is the base monitoring port and @code{m} is the echo po= rt. + +@item @code{ssh-options} (default @code{'()}) +The list of commandline arguments to pass to ssh when it is run. +Options @code{-f} and @code{-M ....} are reserved for AutoSSH +and may cause undefined behaviour. + +@end table +@end deftp + @defvr {Scheme Variable} %facebook-host-aliases This variable contains a string for use in @file{/etc/hosts} (@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index d2dbb8f80d..c111437b1a 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -4,6 +4,7 @@ ;;; Copyright =C2=A9 2016 Julien Lepiller ;;; Copyright =C2=A9 2017 Cl=C3=A9ment Lassieur ;;; Copyright =C2=A9 2019 Ricardo Wurmus +;;; Copyright =C2=A9 2020 pinoaffe ;;; ;;; This file is part of GNU Guix. ;;; @@ -45,7 +46,12 @@ dropbear-configuration dropbear-configuration? dropbear-service-type - dropbear-service)) + dropbear-service + + autossh-configuration + autossh-configuration? + autossh-service-type + autossh-service)) =20 ;;; Commentary: ;;; @@ -628,4 +634,108 @@ daemon} with the given @var{config}, a @code{} object." (service dropbear-service-type config)) =20 +=0C +;;; +;;; AutoSSH. +;;; + + +(define-record-type* + autossh-configuration make-autossh-configuration + autossh-configuration? + (user autossh-configuration-user + (default "autossh")) + (poll autossh-configuration-poll + (default 600)) + (first-poll autossh-configuration-first-poll + (default #f)) + (gate-time autossh-configuration-gate-time + (default 30)) + (log-level autossh-configuration-log-level + (default 1)) + (max-start autossh-configuration-max-start + (default #f)) + (message autossh-configuration-message + (default "")) + (port autossh-configuration-port + (default "0")) + (ssh-options autossh-configuration-ssh-options + (default '()))) + +(define (autossh-file-name config file) + "Return a path in /var/run/autossh/ that is writable + by @code{user} from @code{config}." + (string-append "/var/run/autossh/" + (autossh-configuration-user config) + "/" file)) + +(define (autossh-shepherd-service config) + (shepherd-service + (documentation "Automatically set up ssh connections (and keep them ali= ve).") + (provision '(autossh)) + (start #~(make-forkexec-constructor + (list #$(file-append autossh "/bin/autossh") + #$@(autossh-configuration-ssh-options config)) + #:user #$(autossh-configuration-user config) + #:group (passwd:gid (getpw #$(autossh-configuration-user conf= ig))) + #:pid-file #$(autossh-file-name config "pid") + #:log-file #$(autossh-file-name config "log") + #:environment-variables + '(#$(string-append "AUTOSSH_PIDFILE=3D" + (autossh-file-name config "pid")) + #$(string-append "AUTOSSH_LOGFILE=3D" + (autossh-file-name config "log")) + #$(string-append "AUTOSSH_POLL=3D" + (number->string + (autossh-configuration-poll config))) + #$(string-append "AUTOSSH_FIRST_POLL=3D" + (number->string + (or + (autossh-configuration-first-poll config) + (autossh-configuration-poll config)))) + #$(string-append "AUTOSSH_GATETIME=3D" + (number->string + (autossh-configuration-gate-time config))) + #$(string-append "AUTOSSH_LOGLEVEL=3D" + (number->string + (autossh-configuration-log-level config))) + #$(string-append "AUTOSSH_MAXSTART=3D" + (number->string + (or (autossh-configuration-max-start conf= ig) + -1))) + #$(string-append "AUTOSSH_MESSAGE=3D" + (autossh-configuration-message config)) + #$(string-append "AUTOSSH_PORT=3D" + (autossh-configuration-port config))))) + (stop #~(make-kill-destructor)))) + +(define (autossh-service-activation config) + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (define %user + (getpw #$(autossh-configuration-user config))) + (let* ((directory #$(autossh-file-name config "")) + (log (string-append directory "/log"))) + (mkdir-p directory) + (chown directory (passwd:uid %user) (passwd:gid %user)) + (call-with-output-file log (const #t)) + (chown log (passwd:uid %user) (passwd:gid %user)))))) + +(define autossh-service-type + (service-type + (name 'autossh) + (description "Automatically set up ssh connections (and keep them alive= ).") + (extensions + (list (service-extension shepherd-root-service-type + (compose list autossh-shepherd-service)) + (service-extension activation-service-type + autossh-service-activation))) + (default-value (autossh-configuration)))) + +(define* (autossh-service #:optional (config (autossh-configuration))) + "Run autossh with the given @var{config}, a @code{} +object." + (service autossh-service-type config)) + ;;; ssh.scm ends here --=20 2.26.2 From debbugs-submit-bounces@debbugs.gnu.org Tue May 05 08:33:25 2020 Received: (at 41018) by debbugs.gnu.org; 5 May 2020 12:33:25 +0000 Received: from localhost ([127.0.0.1]:34973 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVwlI-0005BB-RS for submit@debbugs.gnu.org; Tue, 05 May 2020 08:33:25 -0400 Received: from mail-lj1-f193.google.com ([209.85.208.193]:44091) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jVwlH-0005As-MY; Tue, 05 May 2020 08:33:24 -0400 Received: by mail-lj1-f193.google.com with SMTP id a21so1394311ljj.11; Tue, 05 May 2020 05:33:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:message-id:user-agent :mime-version; bh=tWmSUsoMNc2TIagzzypsgG7Ow4y/60oJ84KftKqmbqE=; b=GlDrIzFO6PVQM8Cepm8kTvmQGqDyd40jDwTbGYizFzRPmhD3FpG23jCm2unOPZ1VHx W8IUREXgZX8Yu2nZwEg1Zi38PtRLqWsOeoymrFMOYdPs38H4XMVwaouSSMfpzoioIk4h 5SlSg1HykllT57MPpd7wNY1dWetkQg6i99RTq0rjeHoDoHVo3e5kMWcXZgIviNU0uoP4 gCOjWPaWNycdrNn597V1YlH1aYj3xymKMEnF/INCvG0fao06VpeVSC56WHQLCh5DHHPY /lLqgQgOMjVFEkuOS5QueDSYnTPspujhoV07BPHkbvGC24x7plVXxosOY+eGh0szobJC Yfmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:message-id :user-agent:mime-version; bh=tWmSUsoMNc2TIagzzypsgG7Ow4y/60oJ84KftKqmbqE=; b=gt12mXAJgXDT70o0TJygotQI1Vu+QlNYMsWoC13Fvw0Fvust4cjpqEwAQ7/ngS4r/7 SoIs7x74i5nApUuE8yabEB6Xgw1Lw4JErzSRFQPnWdPR6iO/eqFVAZKBgIWHvAynTAS6 kUVoSFo7nARHGj+SnN3SIRlNsfVQFokzObbhaKoR5/n1jSg/XgLhWAH5LK7xcW1UyD5Z t55B7s9OSa3WodFIVyx7cXDxKj4XYxnTl1SWwUawBYkgZqMFR3M7mWRz+QgILpTyiKM2 URD+D30mBH3vEzO3R2TUGJyfj3Te5b+pm3YWIXJGfPP3qQRkyqewVfXsDLyqjN8HvXAf 0czw== X-Gm-Message-State: AGi0PuaipJEpQeo66QU7PF8moBcS/opszIrhGsxebjzCf1E7S0L57eZ4 /VzLDp2xcFl7SU/7E+tep+Uf5lIV X-Google-Smtp-Source: APiQypKFljgpAh1B8Dr3U9TqIFvhsTe8UgniDREKtykMFdn7YvFNLsM8KO2DhG/NSmoWv+OGcdvIyQ== X-Received: by 2002:a2e:a58e:: with SMTP id m14mr1701297ljp.95.1588681996858; Tue, 05 May 2020 05:33:16 -0700 (PDT) Received: from guixsd (ppp91-122-124-75.pppoe.avangarddsl.ru. [91.122.124.75]) by smtp.gmail.com with ESMTPSA id j15sm2121323lji.18.2020.05.05.05.33.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 May 2020 05:33:15 -0700 (PDT) From: Oleg Pykhalov To: pinoaffe Subject: Re: [bug#41018] [PATCH v2 try 2] gnu: Add AutoSSH service. References: <20200502111908.26a8e396@airmail.cc> <20200505093111.4e16fbec@airmail.cc> Date: Tue, 05 May 2020 15:33:12 +0300 Message-ID: <87o8r2d0jb.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 41018 Cc: 41018@debbugs.gnu.org, 41018-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable pinoaffe writes: > * doc/guix.texi: Add documentation. > * gnu/services/ssh.scm (): New record type. > (mpd-service-type): New service type. > --- Not mpd-service-type. :-) Changed to: =2D-8<---------------cut here---------------start------------->8--- gnu: Add AutoSSH service. * gnu/services/ssh.scm (): New record type. (autossh-service-type): New variable. (autossh-service-activation, autossh-file-name): New procedures. * doc/guix.texi (Networking Services): Document this. =2D-8<---------------cut here---------------end--------------->8--- [=E2=80=A6] > +@lisp > +(autossh (autossh-configuration > + (user "pino") > + (ssh-options (list "-T" "-N" "-L" "8081:localhost:8081" "remot= e.net")))) > +@end lisp > +@end deffn =E2=80=A6 > +(define* (autossh-service #:optional (config (autossh-configuration))) > + "Run autossh with the given @var{config}, a @code{} > +object." > + (service autossh-service-type config)) > + Procedures like this =E2=80=98autossh-service=E2=80=99 are deprecated. I re= moved it and updated documentation accordingly. Pushed to master with those changes. Oleg. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEcjhxI46s62NFSFhXFn+OpQAa+pwFAl6xXQgACgkQFn+OpQAa +pzuCQ/+OHUoghnz4zunB05tZ3h6j0AaMf9esgyALIzLXCdfcry1hE1leHJRbzBo G4vAlBogDaR+2BxOAjhzu6tYdA3hdQ/N9KMQH8AbTiMHo5dvDQuWzrUMrXT2Scg/ WDfp/r9J2eWKV+QPGkJ48Drx89HvNne0eeBZia1MbWUzBtrQLxPHDKlwyIpP3XLk Xfriuyl9mwoOMmOXUrRkV1Xv/W7Zfgl7UkUnKweTWAzvMUHetGj4o5k6JhH4ui0g I39pz2Y5Yd52NtA03y0Hvi3FY9jcSSVjcD2kqj8j9JpK9CQIHt689E/cZu1DFC+d +8c+g3onpRQDKi6Hmg2Ca0jvoQNTwtz9jchjJHx2Y9dr3/jDOXOS6qm5Hd+6ItNo g7m4jN1eaIf1tw7hbODAlHC2H7uxmV5BdouOSMqzoic0irQoydjYvIFaFm5LYrq1 CACm7yJwzhNJTqBiLvOv9vW84xWNt5KfW90obqF4XB+1t09nkUEOv0yyGKz0+tYT KHUaAWTl9DqENNH0/83iFil85t50QGTuBjQqw5Orn2ioQrcermJmviJsWzH5bXRz lgLJ260peqa2R6nXQhZjTk7Wu+QAplaOEY1ItQ1nUnBqfa+iSB39NcvkN/EnRD+z Plt+Cr1OK8I+EqrLBlXFdY2JaOpLdYIkadiGhUuJCZQFo/NTo/c= =EL9G -----END PGP SIGNATURE----- --=-=-=-- From unknown Sat Jun 14 03:52:29 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Wed, 03 Jun 2020 11:24:04 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator