mirror/guix
1
0
Fork 0
mirror of https://git.savannah.gnu.org/git/guix.git synced 2025-01-31 14:56:54 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

services: dnsmasq: Add more options.

Browse source 
* gnu/services/dns.scm (<dnsmasq-configuration>): Add
forward-private-reverse-lookup?, strict-order? and cpe-id options.
(dnsmasq-shepherd-service): Pass added options to dnsmasq and use
match-record instead of match-lambda.
* doc/guix.texi (Guix Services): Document options added to dnsmasq.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit is contained in:
Remco van 't Veer 2022-03-23 08:07:33 +01:00 committed by Ludovic Courtès
parent 9877408d2f
commit e91c9edb20
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
2 changed files with 115 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
doc/guix.texi
View file

@ -100,6 +100,7 @@ Copyright @copyright{} 2021 Josselin Poiret@*
Copyright @copyright{} 2021 Andrew Tropin@* Copyright @copyright{} 2021 Andrew Tropin@*
Copyright @copyright{} 2021 Sarah Morgensen@* Copyright @copyright{} 2021 Sarah Morgensen@*
Copyright @copyright{} 2021 Josselin Poiret@* Copyright @copyright{} 2021 Josselin Poiret@*
Copyright @copyright{} 2022 Remco van 't Veer@*
Permission is granted to copy, distribute and/or modify this document Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or under the terms of the GNU Free Documentation License, Version 1.3 or
@ -28945,6 +28946,14 @@ The file to read the IP address of the upstream nameservers from.
@item @code{no-resolv?} (default: @code{#f}) @item @code{no-resolv?} (default: @code{#f})
When true, don't read @var{resolv-file}. When true, don't read @var{resolv-file}.
@item @code{forward-private-reverse-lookup?} (default: @code{#t})
When false, all reverse lookups for private IP ranges are answered with
"no such domain" rather than being forwarded upstream.
@item @code{query-servers-in-order?} (default: @code{#f})
When true, dnsmasq queries the servers in the same order as they appear
in @var{servers}.
@item @code{servers} (default: @code{'()}) @item @code{servers} (default: @code{'()})
Specify IP address of upstream servers directly. Specify IP address of upstream servers directly.
@ -28974,6 +28983,10 @@ disables caching.
@item @code{negative-cache?} (default: @code{#t}) @item @code{negative-cache?} (default: @code{#t})
When false, disable negative caching. When false, disable negative caching.
@item @code{cpe-id} (default: @code{#f})
If set, add a CPE (Customer-Premises Equipment) identifier to DNS
queries which are forwarded upstream.
@item @code{tftp-enable?} (default: @code{#f}) @item @code{tftp-enable?} (default: @code{#f})
Whether to enable the built-in TFTP server. Whether to enable the built-in TFTP server.

183
gnu/services/dns.scm
View file

@ -3,6 +3,7 @@
;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com> ;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com>
;;; Copyright © 2020 Pierre Langlois <pierre.langlois@gmx.com> ;;; Copyright © 2020 Pierre Langlois <pierre.langlois@gmx.com>
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be> ;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
;;; Copyright © 2022 Remco van 't Veer <remco@remworks.net>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -745,6 +746,12 @@ (define-record-type* <dnsmasq-configuration>
(default "/etc/resolv.conf")) ;string (default "/etc/resolv.conf")) ;string
(no-resolv? dnsmasq-configuration-no-resolv? (no-resolv? dnsmasq-configuration-no-resolv?
(default #f)) ;boolean (default #f)) ;boolean
(forward-private-reverse-lookup?
dnsmasq-configuration-forward-private-reverse-lookup?
(default #t)) ;boolean
(query-servers-in-order?
dnsmasq-configuration-query-servers-in-order?
(default #f)) ;boolean
(servers dnsmasq-configuration-servers (servers dnsmasq-configuration-servers
(default '())) ;list of string (default '())) ;list of string
(addresses dnsmasq-configuration-addresses (addresses dnsmasq-configuration-addresses
@ -752,7 +759,9 @@ (define-record-type* <dnsmasq-configuration>
(cache-size dnsmasq-configuration-cache-size (cache-size dnsmasq-configuration-cache-size
(default 150)) ;integer (default 150)) ;integer
(negative-cache? dnsmasq-configuration-negative-cache? (negative-cache? dnsmasq-configuration-negative-cache?
(default #t)) ;boolean (default #t)) ;boolean
(cpe-id dnsmasq-configuration-cpe-id
(default #t)) ;string
(tftp-enable? dnsmasq-configuration-tftp-enable? (tftp-enable? dnsmasq-configuration-tftp-enable?
(default #f)) ;boolean (default #f)) ;boolean
(tftp-no-fail? dnsmasq-configuration-tftp-no-fail? (tftp-no-fail? dnsmasq-configuration-tftp-no-fail?
@ -776,86 +785,98 @@ (define-record-type* <dnsmasq-configuration>
(tftp-unique-root dnsmasq-tftp-unique-root (tftp-unique-root dnsmasq-tftp-unique-root
(default #f))) ;"" or "ip" or "mac" (default #f))) ;"" or "ip" or "mac"
(define dnsmasq-shepherd-service (define (dnsmasq-shepherd-service config)
(match-lambda (match-record config <dnsmasq-configuration>
(($ <dnsmasq-configuration> package (package
no-hosts? no-hosts?
port local-service? listen-addresses port local-service? listen-addresses
resolv-file no-resolv? servers resolv-file no-resolv?
addresses cache-size negative-cache? forward-private-reverse-lookup? query-servers-in-order?
tftp-enable? tftp-no-fail? servers addresses
tftp-single-port? tftp-secure? cache-size negative-cache?
tftp-max tftp-mtu tftp-no-blocksize? cpe-id
tftp-lowercase? tftp-port-range tftp-enable? tftp-no-fail?
tftp-root tftp-unique-root) tftp-single-port? tftp-secure?
(shepherd-service tftp-max tftp-mtu tftp-no-blocksize?
(provision '(dnsmasq)) tftp-lowercase? tftp-port-range
(requirement '(networking)) tftp-root tftp-unique-root)
(documentation "Run the dnsmasq DNS server.") (shepherd-service
(start #~(make-forkexec-constructor (provision '(dnsmasq))
'(#$(file-append package "/sbin/dnsmasq") (requirement '(networking))
"--keep-in-foreground" (documentation "Run the dnsmasq DNS server.")
"--pid-file=/run/dnsmasq.pid" (start #~(make-forkexec-constructor
#$@(if no-hosts? '(#$(file-append package "/sbin/dnsmasq")
'("--no-hosts") "--keep-in-foreground"
'()) "--pid-file=/run/dnsmasq.pid"
#$(format #f "--port=~a" port) #$@(if no-hosts?
#$@(if local-service? '("--no-hosts")
'("--local-service") '())
'()) #$(format #f "--port=~a" port)
#$@(map (cut format #f "--listen-address=~a" <>) #$@(if local-service?
listen-addresses) '("--local-service")
#$(format #f "--resolv-file=~a" resolv-file) '())
#$@(if no-resolv? #$@(map (cut format #f "--listen-address=~a" <>)
'("--no-resolv") listen-addresses)
'()) #$(format #f "--resolv-file=~a" resolv-file)
#$@(map (cut format #f "--server=~a" <>) #$@(if no-resolv?
servers) '("--no-resolv")
#$@(map (cut format #f "--address=~a" <>) '())
addresses) #$@(if forward-private-reverse-lookup?
#$(format #f "--cache-size=~a" cache-size) '()
#$@(if negative-cache? '("--bogus-priv"))
'() #$@(if query-servers-in-order?
'("--no-negcache")) '("--strict-order")
#$@(if tftp-enable? '())
'("--enable-tftp") #$@(map (cut format #f "--server=~a" <>)
'()) servers)
#$@(if tftp-no-fail? #$@(map (cut format #f "--address=~a" <>)
'("--tftp-no-fail") addresses)
'()) #$(format #f "--cache-size=~a" cache-size)
#$@(if tftp-single-port? #$@(if negative-cache?
'("--tftp-single-port") '()
'()) '("--no-negcache"))
#$@(if tftp-secure? #$@(if cpe-id
'("--tftp-secure?") (list (format #f "--add-cpe-id=~a" cpe-id))
'()) '())
#$@(if tftp-max #$@(if tftp-enable?
(list (format #f "--tftp-max=~a" tftp-max)) '("--enable-tftp")
'()) '())
#$@(if tftp-mtu #$@(if tftp-no-fail?
(list (format #f "--tftp-mtu=~a" tftp-mtu)) '("--tftp-no-fail")
'()) '())
#$@(if tftp-no-blocksize? #$@(if tftp-single-port?
'("--tftp-no-blocksize") '("--tftp-single-port")
'()) '())
#$@(if tftp-lowercase? #$@(if tftp-secure?
'("--tftp-lowercase") '("--tftp-secure?")
'()) '())
#$@(if tftp-port-range #$@(if tftp-max
(list (format #f "--tftp-port-range=~a" (list (format #f "--tftp-max=~a" tftp-max))
tftp-port-range)) '())
'()) #$@(if tftp-mtu
#$@(if tftp-root (list (format #f "--tftp-mtu=~a" tftp-mtu))
(list (format #f "--tftp-root=~a" tftp-root)) '())
'()) #$@(if tftp-no-blocksize?
#$@(if tftp-unique-root '("--tftp-no-blocksize")
(list '())
(if (> (length tftp-unique-root) 0) #$@(if tftp-lowercase?
(format #f "--tftp-unique-root=~a" tftp-unique-root) '("--tftp-lowercase")
(format #f "--tftp-unique-root"))) '())
'())) #$@(if tftp-port-range
#:pid-file "/run/dnsmasq.pid")) (list (format #f "--tftp-port-range=~a"
(stop #~(make-kill-destructor)))))) tftp-port-range))
'())
#$@(if tftp-root
(list (format #f "--tftp-root=~a" tftp-root))
'())
#$@(if tftp-unique-root
(list
(if (> (length tftp-unique-root) 0)
(format #f "--tftp-unique-root=~a" tftp-unique-root)
(format #f "--tftp-unique-root")))
'()))
#:pid-file "/run/dnsmasq.pid"))
(stop #~(make-kill-destructor)))))
(define (dnsmasq-activation config) (define (dnsmasq-activation config)
#~(begin #~(begin