nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

services: Add dnsmasq-service-type. 

* gnu/services/dns.scm (dnsmasq-service-type): New variable.
(<dnsmasq-configuration>): New record type.
(dnsmasq-shepherd-service): New procedure.
* doc/guix.texi (DNS Services): Document it.
This commit is contained in:
宋文武 2018-06-02 23:23:45 +08:00
parent a64e30ed9e
commit 97f6e9133a
No known key found for this signature in database
GPG Key ID: 26525665AE727D37
2 changed files with 136 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
doc/guix.texi
View File

@ -16405,7 +16405,11 @@ saved to @code{/etc/letsencrypt/live/@var{name}/privkey.pem}.
The @code{(gnu services dns)} module provides services related to the The @code{(gnu services dns)} module provides services related to the
@dfn{domain name system} (DNS). It provides a server service for hosting @dfn{domain name system} (DNS). It provides a server service for hosting
an @emph{authoritative} DNS server for multiple zones, slave or master. an @emph{authoritative} DNS server for multiple zones, slave or master.
This service uses @uref{https://www.knot-dns.cz/, Knot DNS}. This service uses @uref{https://www.knot-dns.cz/, Knot DNS}. And also a
caching and forwarding DNS server for the LAN, which uses
@uref{http://www.thekelleys.org.uk/dnsmasq/doc.html, dnsmasq}.
@subsubheading Knot Service
An example configuration of an authoritative server for two zones, one master An example configuration of an authoritative server for two zones, one master
and one slave, is: and one slave, is:
@ -16800,6 +16804,59 @@ The list of knot-zone-configuration used by this configuration.
@end table @end table
@end deftp @end deftp
@subsubheading Dnsmasq Service
@deffn {Scheme Variable} dnsmasq-service-type
This is the type of the dnsmasq service, whose value should be an
@code{dnsmasq-configuration} object as in this example:
@example
(service dnsmasq-service-type
(dnsmasq-configuration
(no-resolv? #t)
(servers '("192.168.1.1"))))
@end example
@end deffn
@deftp {Data Type} dnsmasq-configuration
Data type representing the configuration of dnsmasq.
@table @asis
@item @code{package} (default: @var{dnsmasq})
Package object of the dnsmasq server.
@item @code{no-hosts?} (default: @code{#f})
When true, don't read the hostnames in /etc/hosts.
@item @code{port} (default: @code{53})
The port to listen on. Setting this to zero completely disables DNS
funtion, leaving only DHCP and/or TFTP.
@item @code{local-service?} (default: @code{#t})
Accept DNS queries only from hosts whose address is on a local subnet,
ie a subnet for which an interface exists on the server.
@item @code{listen-addresses} (default: @code{'()})
Listen on the given IP addresses.
@item @code{resolv-file} (default: @code{"/etc/resolv.conf"})
The file to read the IP address of the upstream nameservers from.
@item @code{no-resolv?} (default: @code{#f})
When true, don't read @var{resolv-file}.
@item @code{servers} (default: @code{'()})
Specify IP address of upstream servers directly.
@item @code{cache-size} (default: @code{150})
Set the size of dnsmasq's cache. Setting the cache size to zero
disables caching.
@item @code{no-negcache?} (default: @code{#f})
When true, disable negative caching.
@end table
@end deftp
@node VPN Services @node VPN Services
@subsubsection VPN Services @subsubsection VPN Services

79
gnu/services/dns.scm
View File

@ -27,6 +27,7 @@
#:use-module (guix records) #:use-module (guix records)
#:use-module (guix gexp) #:use-module (guix gexp)
#:use-module (srfi srfi-1) #:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:use-module (srfi srfi-34) #:use-module (srfi srfi-34)
#:use-module (srfi srfi-35) #:use-module (srfi srfi-35)
#:use-module (ice-9 match) #:use-module (ice-9 match)
@ -41,7 +42,10 @@
knot-configuration knot-configuration
define-zone-entries define-zone-entries
zone-file zone-file
zone-entry)) zone-entry
dnsmasq-service-type
dnsmasq-configuration))
;;; ;;;
;;; Knot DNS. ;;; Knot DNS.
@ -591,3 +595,76 @@
knot-activation) knot-activation)
(service-extension account-service-type (service-extension account-service-type
(const %knot-accounts)))))) (const %knot-accounts))))))
;;;
;;; Dnsmasq.
;;;
(define-record-type* <dnsmasq-configuration>
dnsmasq-configuration make-dnsmasq-configuration
dnsmasq-configuration?
(package dnsmasq-configuration-package
(default dnsmasq)) ;package
(no-hosts? dnsmasq-configuration-no-hosts?
(default #f)) ;boolean
(port dnsmasq-configuration-port
(default 53)) ;integer
(local-service? dnsmasq-configuration-local-service?
(default #t)) ;boolean
(listen-addresses dnsmasq-configuration-listen-address
(default '())) ;list of string
(resolv-file dnsmasq-configuration-resolv-file
(default "/etc/resolv.conf")) ;string
(no-resolv? dnsmasq-configuration-no-resolv?
(default #f)) ;boolean
(servers dnsmasq-configuration-servers
(default '())) ;list of string
(cache-size dnsmasq-configuration-cache-size
(default 150)) ;integer
(no-negcache? dnsmasq-configuration-no-negcache?
(default #f))) ;boolean
(define dnsmasq-shepherd-service
(match-lambda
(($ <dnsmasq-configuration> package
no-hosts?
port local-service? listen-addresses
resolv-file no-resolv? servers
cache-size no-negcache?)
(shepherd-service
(provision '(dnsmasq))
(requirement '(networking))
(documentation "Run the dnsmasq DNS server.")
(start #~(make-forkexec-constructor
'(#$(file-append package "/sbin/dnsmasq")
"--keep-in-foreground"
"--pid-file=/run/dnsmasq.pid"
#$@(if no-hosts?
'("--no-hosts")
'())
#$(format #f "--port=~a" port)
#$@(if local-service?
'("--local-service")
'())
#$@(map (cut format #f "--listen-address=~a" <>)
listen-addresses)
#$(format #f "--resolv-file=~a" resolv-file)
#$@(if no-resolv?
'("--no-resolv")
'())
#$@(map (cut format #f "--server=~a" <>)
servers)
#$(format #f "--cache-size=~a" cache-size)
#$@(if no-negcache?
'("--no-negcache")
'()))
#:pid-file "/run/dnsmasq.pid"))
(stop #~(make-kill-destructor))))))
(define dnsmasq-service-type
(service-type
(name 'dnsmasq)
(extensions
(list (service-extension shepherd-root-service-type
(compose list dnsmasq-shepherd-service))))))