gnu: services: use seconds instead of duration strings.

* gnu/services/dns.scm (zone-file, knot-policy-configuration): Use numbers instead of duration strings. (verify-knot-policy-configuration): Fix typo. * doc/guix.texi (DNS Services): Update documentation.
2017-06-10 11:59:18 +02:00 · 2017-06-10 11:59:18 +02:00 · f3853a259b
parent afd06f605b
commit f3853a259b
2 changed files with 22 additions and 27 deletions
--- a/doc/guix.texi
+++ b/doc/guix.texi
@ -13907,26 +13907,21 @@ The serial number of the zone.  As this is used to keep track of changes by
 both slaves and resolvers, it is mandatory that it @emph{never} decreases.
 Always increment it when you make a change in your zone.
-@item @code{refresh} (default: @code{"2d"})
+@item @code{refresh} (default: @code{(* 2 24 3600)})
-The frequency at which slaves will do a zone transfer.  This value can be
+The frequency at which slaves will do a zone transfer.  This value is a number
-a number of seconds or a number of some unit between:
+of seconds.  It can be computed by multiplications or with
-@itemize
+@code{(string->duration)}.
@item m: minute
@item h: hour
@item d: day
@item w: week
@end itemize
-@item @code{retry} (default: @code{"15m"})
+@item @code{retry} (default: @code{(* 15 60)})
 The period after which a slave will retry to contact its master when it fails
 to do so a first time.
-@item @code{expiry} (default: @code{"2w"})
+@item @code{expiry} (default: @code{(* 14 24 3600)})
 Default TTL of records.  Existing records are considered correct for at most
 this amount of time.  After this period, resolvers will invalidate their cache
 and check again that it still exists.
-@item @code{nx} (default: @code{"1h"})
+@item @code{nx} (default: @code{3600})
 Default TTL of inexistant records.  This delay is usually short because you want
 your new domains to reach everyone quickly.
@ -14029,17 +14024,17 @@ algorithm, but would be unsecure for other algorithms.
 The TTL value for DNSKEY records added into zone apex.  The special
@code{'default} value means same as the zone SOA TTL.
-@item @code{zsk-lifetime} (default: @code{"30d"})
+@item @code{zsk-lifetime} (default: @code{(* 30 24 3600)})
 The period between ZSK publication and the next rollover initiation.
-@item @code{propagation-delay} (default: @code{"1d"})
+@item @code{propagation-delay} (default: @code{(* 24 3600)})
 An extra delay added for each key rollover step.  This value should be high
 enough to cover propagation of data from the master server to all slaves.
-@item @code{rrsig-lifetime} (default: @code{"14d"})
+@item @code{rrsig-lifetime} (default: @code{(* 14 24 3600)})
 A validity period of newly issued signatures.
-@item @code{rrsig-refresh} (default: @code{"7d"})
+@item @code{rrsig-refresh} (default: @code{(* 7 24 3600)})
 A period how long before a signature expiration the signature will be refreshed.
@item @code{nsec3?} (default: @code{#f})
@ -14052,7 +14047,7 @@ The number of additional times the hashing is performed.
 The length of a salt field in octets, which is appended to the original owner
 name before hashing.
-@item @code{nsec3-salt-lifetime} (default: @code{"30d"})
+@item @code{nsec3-salt-lifetime} (default: @code{(* 30 24 3600)})
 The validity period of newly issued salt field.
@end table
--- a/gnu/services/dns.scm
+++ b/gnu/services/dns.scm
@ -99,13 +99,13 @@
  (serial  zone-file-serial
           (default 1))
  (refresh zone-file-refresh
-           (default "2d"))
+           (default (* 2 24 3600)))
  (retry   zone-file-retry
-           (default "15m"))
+           (default (* 15 60)))
  (expiry  zone-file-expiry
-           (default "2w"))
+           (default (* 2 7 24 3600)))
  (nx      zone-file-nx
-           (default "1h")))
+           (default 3600)))
 (define-record-type* <knot-keystore-configuration>
  knot-keystore-configuration make-knot-keystore-configuration
  knot-keystore-configuration?
@ -136,13 +136,13 @@
  (dnskey-ttl           knot-policy-configuration-dnskey-ttl
                        (default 'default))
  (zsk-lifetime         knot-policy-configuration-zsk-lifetime
-                        (default "30d"))
+                        (default (* 30 24 3600)))
  (propagation-delay    knot-policy-configuration-propagation-delay
-                        (default "1d"))
+                        (default (* 24 3600)))
  (rrsig-lifetime       knot-policy-configuration-rrsig-lifetime
-                        (default "14d"))
+                        (default (* 14 24 3600)))
  (rrsig-refresh        knot-policy-configuration-rrsig-refresh
-                        (default "7d"))
+                        (default (* 7 24 3600)))
  (nsec3?               knot-policy-configuration-nsec3?
                        (default #f))
  (nsec3-iterations     knot-policy-configuration-nsec3-iterations
@ -150,7 +150,7 @@
  (nsec3-salt-length    knot-policy-configuration-nsec3-salt-length
                        (default 8))
  (nsec3-salt-lifetime  knot-policy-configuration-nsec3-salt-lifetime
-                        (default "30d")))
+                        (default (* 30 24 3600))))
 (define-record-type* <knot-zone-configuration>
  knot-zone-configuration make-knot-zone-configuration
@ -248,7 +248,7 @@
          (error-out "backend must be one of: 'pem or 'pkcs11")))
 (define (verify-knot-policy-configuration policy)
-  (unless (knot-keystore-configuration? policy)
+  (unless (knot-policy-configuration? policy)
    (error-out "policies must be a list of only knot-policy-configuration."))
  (let ((id (knot-policy-configuration-id policy)))
    (unless (and (string? id) (not (equal? id "")))