services: Add dnsmasq-service-type.

* gnu/services/dns.scm (dnsmasq-service-type): New variable.
(<dnsmasq-configuration>): New record type.
(dnsmasq-shepherd-service): New procedure.
* doc/guix.texi (DNS Services): Document it.
This commit is contained in:
宋文武 2018-06-02 23:23:45 +08:00
parent a64e30ed9e
commit 97f6e9133a
No known key found for this signature in database
GPG Key ID: 26525665AE727D37
2 changed files with 136 additions and 2 deletions

View File

@ -16405,7 +16405,11 @@ saved to @code{/etc/letsencrypt/live/@var{name}/privkey.pem}.
The @code{(gnu services dns)} module provides services related to the
@dfn{domain name system} (DNS). It provides a server service for hosting
an @emph{authoritative} DNS server for multiple zones, slave or master.
This service uses @uref{https://www.knot-dns.cz/, Knot DNS}.
This service uses @uref{https://www.knot-dns.cz/, Knot DNS}. And also a
caching and forwarding DNS server for the LAN, which uses
@uref{http://www.thekelleys.org.uk/dnsmasq/doc.html, dnsmasq}.
@subsubheading Knot Service
An example configuration of an authoritative server for two zones, one master
and one slave, is:
@ -16800,6 +16804,59 @@ The list of knot-zone-configuration used by this configuration.
@end table
@end deftp
@subsubheading Dnsmasq Service
@deffn {Scheme Variable} dnsmasq-service-type
This is the type of the dnsmasq service, whose value should be an
@code{dnsmasq-configuration} object as in this example:
@example
(service dnsmasq-service-type
(dnsmasq-configuration
(no-resolv? #t)
(servers '("192.168.1.1"))))
@end example
@end deffn
@deftp {Data Type} dnsmasq-configuration
Data type representing the configuration of dnsmasq.
@table @asis
@item @code{package} (default: @var{dnsmasq})
Package object of the dnsmasq server.
@item @code{no-hosts?} (default: @code{#f})
When true, don't read the hostnames in /etc/hosts.
@item @code{port} (default: @code{53})
The port to listen on. Setting this to zero completely disables DNS
funtion, leaving only DHCP and/or TFTP.
@item @code{local-service?} (default: @code{#t})
Accept DNS queries only from hosts whose address is on a local subnet,
ie a subnet for which an interface exists on the server.
@item @code{listen-addresses} (default: @code{'()})
Listen on the given IP addresses.
@item @code{resolv-file} (default: @code{"/etc/resolv.conf"})
The file to read the IP address of the upstream nameservers from.
@item @code{no-resolv?} (default: @code{#f})
When true, don't read @var{resolv-file}.
@item @code{servers} (default: @code{'()})
Specify IP address of upstream servers directly.
@item @code{cache-size} (default: @code{150})
Set the size of dnsmasq's cache. Setting the cache size to zero
disables caching.
@item @code{no-negcache?} (default: @code{#f})
When true, disable negative caching.
@end table
@end deftp
@node VPN Services
@subsubsection VPN Services

View File

@ -27,6 +27,7 @@
#:use-module (guix records)
#:use-module (guix gexp)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:use-module (srfi srfi-34)
#:use-module (srfi srfi-35)
#:use-module (ice-9 match)
@ -41,7 +42,10 @@
knot-configuration
define-zone-entries
zone-file
zone-entry))
zone-entry
dnsmasq-service-type
dnsmasq-configuration))
;;;
;;; Knot DNS.
@ -591,3 +595,76 @@
knot-activation)
(service-extension account-service-type
(const %knot-accounts))))))
;;;
;;; Dnsmasq.
;;;
(define-record-type* <dnsmasq-configuration>
dnsmasq-configuration make-dnsmasq-configuration
dnsmasq-configuration?
(package dnsmasq-configuration-package
(default dnsmasq)) ;package
(no-hosts? dnsmasq-configuration-no-hosts?
(default #f)) ;boolean
(port dnsmasq-configuration-port
(default 53)) ;integer
(local-service? dnsmasq-configuration-local-service?
(default #t)) ;boolean
(listen-addresses dnsmasq-configuration-listen-address
(default '())) ;list of string
(resolv-file dnsmasq-configuration-resolv-file
(default "/etc/resolv.conf")) ;string
(no-resolv? dnsmasq-configuration-no-resolv?
(default #f)) ;boolean
(servers dnsmasq-configuration-servers
(default '())) ;list of string
(cache-size dnsmasq-configuration-cache-size
(default 150)) ;integer
(no-negcache? dnsmasq-configuration-no-negcache?
(default #f))) ;boolean
(define dnsmasq-shepherd-service
(match-lambda
(($ <dnsmasq-configuration> package
no-hosts?
port local-service? listen-addresses
resolv-file no-resolv? servers
cache-size no-negcache?)
(shepherd-service
(provision '(dnsmasq))
(requirement '(networking))
(documentation "Run the dnsmasq DNS server.")
(start #~(make-forkexec-constructor
'(#$(file-append package "/sbin/dnsmasq")
"--keep-in-foreground"
"--pid-file=/run/dnsmasq.pid"
#$@(if no-hosts?
'("--no-hosts")
'())
#$(format #f "--port=~a" port)
#$@(if local-service?
'("--local-service")
'())
#$@(map (cut format #f "--listen-address=~a" <>)
listen-addresses)
#$(format #f "--resolv-file=~a" resolv-file)
#$@(if no-resolv?
'("--no-resolv")
'())
#$@(map (cut format #f "--server=~a" <>)
servers)
#$(format #f "--cache-size=~a" cache-size)
#$@(if no-negcache?
'("--no-negcache")
'()))
#:pid-file "/run/dnsmasq.pid"))
(stop #~(make-kill-destructor))))))
(define dnsmasq-service-type
(service-type
(name 'dnsmasq)
(extensions
(list (service-extension shepherd-root-service-type
(compose list dnsmasq-shepherd-service))))))