services: Add dnsmasq-service-type.
* gnu/services/dns.scm (dnsmasq-service-type): New variable. (<dnsmasq-configuration>): New record type. (dnsmasq-shepherd-service): New procedure. * doc/guix.texi (DNS Services): Document it.
This commit is contained in:
parent
a64e30ed9e
commit
97f6e9133a
|
@ -16405,7 +16405,11 @@ saved to @code{/etc/letsencrypt/live/@var{name}/privkey.pem}.
|
|||
The @code{(gnu services dns)} module provides services related to the
|
||||
@dfn{domain name system} (DNS). It provides a server service for hosting
|
||||
an @emph{authoritative} DNS server for multiple zones, slave or master.
|
||||
This service uses @uref{https://www.knot-dns.cz/, Knot DNS}.
|
||||
This service uses @uref{https://www.knot-dns.cz/, Knot DNS}. And also a
|
||||
caching and forwarding DNS server for the LAN, which uses
|
||||
@uref{http://www.thekelleys.org.uk/dnsmasq/doc.html, dnsmasq}.
|
||||
|
||||
@subsubheading Knot Service
|
||||
|
||||
An example configuration of an authoritative server for two zones, one master
|
||||
and one slave, is:
|
||||
|
@ -16800,6 +16804,59 @@ The list of knot-zone-configuration used by this configuration.
|
|||
@end table
|
||||
@end deftp
|
||||
|
||||
@subsubheading Dnsmasq Service
|
||||
|
||||
@deffn {Scheme Variable} dnsmasq-service-type
|
||||
This is the type of the dnsmasq service, whose value should be an
|
||||
@code{dnsmasq-configuration} object as in this example:
|
||||
|
||||
@example
|
||||
(service dnsmasq-service-type
|
||||
(dnsmasq-configuration
|
||||
(no-resolv? #t)
|
||||
(servers '("192.168.1.1"))))
|
||||
@end example
|
||||
@end deffn
|
||||
|
||||
@deftp {Data Type} dnsmasq-configuration
|
||||
Data type representing the configuration of dnsmasq.
|
||||
|
||||
@table @asis
|
||||
@item @code{package} (default: @var{dnsmasq})
|
||||
Package object of the dnsmasq server.
|
||||
|
||||
@item @code{no-hosts?} (default: @code{#f})
|
||||
When true, don't read the hostnames in /etc/hosts.
|
||||
|
||||
@item @code{port} (default: @code{53})
|
||||
The port to listen on. Setting this to zero completely disables DNS
|
||||
funtion, leaving only DHCP and/or TFTP.
|
||||
|
||||
@item @code{local-service?} (default: @code{#t})
|
||||
Accept DNS queries only from hosts whose address is on a local subnet,
|
||||
ie a subnet for which an interface exists on the server.
|
||||
|
||||
@item @code{listen-addresses} (default: @code{'()})
|
||||
Listen on the given IP addresses.
|
||||
|
||||
@item @code{resolv-file} (default: @code{"/etc/resolv.conf"})
|
||||
The file to read the IP address of the upstream nameservers from.
|
||||
|
||||
@item @code{no-resolv?} (default: @code{#f})
|
||||
When true, don't read @var{resolv-file}.
|
||||
|
||||
@item @code{servers} (default: @code{'()})
|
||||
Specify IP address of upstream servers directly.
|
||||
|
||||
@item @code{cache-size} (default: @code{150})
|
||||
Set the size of dnsmasq's cache. Setting the cache size to zero
|
||||
disables caching.
|
||||
|
||||
@item @code{no-negcache?} (default: @code{#f})
|
||||
When true, disable negative caching.
|
||||
|
||||
@end table
|
||||
@end deftp
|
||||
|
||||
@node VPN Services
|
||||
@subsubsection VPN Services
|
||||
|
|
|
@ -27,6 +27,7 @@
|
|||
#:use-module (guix records)
|
||||
#:use-module (guix gexp)
|
||||
#:use-module (srfi srfi-1)
|
||||
#:use-module (srfi srfi-26)
|
||||
#:use-module (srfi srfi-34)
|
||||
#:use-module (srfi srfi-35)
|
||||
#:use-module (ice-9 match)
|
||||
|
@ -41,7 +42,10 @@
|
|||
knot-configuration
|
||||
define-zone-entries
|
||||
zone-file
|
||||
zone-entry))
|
||||
zone-entry
|
||||
|
||||
dnsmasq-service-type
|
||||
dnsmasq-configuration))
|
||||
|
||||
;;;
|
||||
;;; Knot DNS.
|
||||
|
@ -591,3 +595,76 @@
|
|||
knot-activation)
|
||||
(service-extension account-service-type
|
||||
(const %knot-accounts))))))
|
||||
|
||||
|
||||
;;;
|
||||
;;; Dnsmasq.
|
||||
;;;
|
||||
|
||||
(define-record-type* <dnsmasq-configuration>
|
||||
dnsmasq-configuration make-dnsmasq-configuration
|
||||
dnsmasq-configuration?
|
||||
(package dnsmasq-configuration-package
|
||||
(default dnsmasq)) ;package
|
||||
(no-hosts? dnsmasq-configuration-no-hosts?
|
||||
(default #f)) ;boolean
|
||||
(port dnsmasq-configuration-port
|
||||
(default 53)) ;integer
|
||||
(local-service? dnsmasq-configuration-local-service?
|
||||
(default #t)) ;boolean
|
||||
(listen-addresses dnsmasq-configuration-listen-address
|
||||
(default '())) ;list of string
|
||||
(resolv-file dnsmasq-configuration-resolv-file
|
||||
(default "/etc/resolv.conf")) ;string
|
||||
(no-resolv? dnsmasq-configuration-no-resolv?
|
||||
(default #f)) ;boolean
|
||||
(servers dnsmasq-configuration-servers
|
||||
(default '())) ;list of string
|
||||
(cache-size dnsmasq-configuration-cache-size
|
||||
(default 150)) ;integer
|
||||
(no-negcache? dnsmasq-configuration-no-negcache?
|
||||
(default #f))) ;boolean
|
||||
|
||||
(define dnsmasq-shepherd-service
|
||||
(match-lambda
|
||||
(($ <dnsmasq-configuration> package
|
||||
no-hosts?
|
||||
port local-service? listen-addresses
|
||||
resolv-file no-resolv? servers
|
||||
cache-size no-negcache?)
|
||||
(shepherd-service
|
||||
(provision '(dnsmasq))
|
||||
(requirement '(networking))
|
||||
(documentation "Run the dnsmasq DNS server.")
|
||||
(start #~(make-forkexec-constructor
|
||||
'(#$(file-append package "/sbin/dnsmasq")
|
||||
"--keep-in-foreground"
|
||||
"--pid-file=/run/dnsmasq.pid"
|
||||
#$@(if no-hosts?
|
||||
'("--no-hosts")
|
||||
'())
|
||||
#$(format #f "--port=~a" port)
|
||||
#$@(if local-service?
|
||||
'("--local-service")
|
||||
'())
|
||||
#$@(map (cut format #f "--listen-address=~a" <>)
|
||||
listen-addresses)
|
||||
#$(format #f "--resolv-file=~a" resolv-file)
|
||||
#$@(if no-resolv?
|
||||
'("--no-resolv")
|
||||
'())
|
||||
#$@(map (cut format #f "--server=~a" <>)
|
||||
servers)
|
||||
#$(format #f "--cache-size=~a" cache-size)
|
||||
#$@(if no-negcache?
|
||||
'("--no-negcache")
|
||||
'()))
|
||||
#:pid-file "/run/dnsmasq.pid"))
|
||||
(stop #~(make-kill-destructor))))))
|
||||
|
||||
(define dnsmasq-service-type
|
||||
(service-type
|
||||
(name 'dnsmasq)
|
||||
(extensions
|
||||
(list (service-extension shepherd-root-service-type
|
||||
(compose list dnsmasq-shepherd-service))))))
|
||||
|
|
Loading…
Reference in New Issue