summary refs log tree commit diff
path: root/gnu/services/dns.scm
AgeCommit message (Collapse)Author
2023-04-21services: knot: Add 'configuration' action.Ludovic Courtès
* gnu/services/dns.scm (knot-shepherd-service): Add 'actions' field.
2023-03-13services: dns: Fix cpe-id default value.Andrew Tropin
* gnu/service/dns.scm: (<dnsmasq-configuration>)[cpe-id]: Change cpe-id default value to #f instead of #t.
2023-03-13services: dns: Extend dnsmasq-configuration.Sergey Trofimov
* gnu/service/dns.scm: (<dnsmasq-configuration>)[servers-file]: Add. (<dnsmasq-configuration>)[tftp-secure?]: Fix typo in parameter name. * doc/guix.texi: Document (<dnsmasq-configuration>)[servers-file]. Signed-off-by: Andrew Tropin <andrew@trop.in>
2023-03-06services: knot: Default zone-file-refresh to 12h.Felix Lechner
The Knot DNS service in Guix uses two days, or 48 hours, for the SOA refresh interval but that is outside the range of RFC 1912, which is entitled "Common DNS Operational and Configuration Errors." [1] Section 2.2 of RFC 1912 recommends a maximum of 12 hours for the SOA refresh rate: "You can keep it short (20 mins to 2 hours) if you aren't worried about a small increase in bandwidth used, or longer (2-12 hours) if your Internet connection is slow or is started on demand." This commit sets the default refresh interval at the nearest value recommended by the standard, which is 12 hours. Due to the widespread adoption of NOTIFY messages between primary and secondary DNS servers, the SOA refresh interval has arguably lost some importance, but the Guix default should still be in line with the standards. Values outside the recommended range can provoke warning messages from services commonly used to find bugs in DNS configurations, such as the MX Toolbox Super Tool. [2] [1] https://datatracker.ietf.org/doc/rfc1912/ [2] https://mxtoolbox.com/SuperTool.aspx * gnu/services/dns.scm (<zone-file>)[refresh]: Default to (* 12 3600). Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
2022-06-04services: ddclient: No need to import (ice-9 rdelim) from the host.Attila Lendvai
* gnu/services/dns.scm (ddclient-activation): Remove (ice-9 rdelim) from the with-imported-modules form. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2022-03-24services: dnsmasq: Add more options.Remco van 't Veer
* gnu/services/dns.scm (<dnsmasq-configuration>): Add forward-private-reverse-lookup?, strict-order? and cpe-id options. (dnsmasq-shepherd-service): Pass added options to dnsmasq and use match-record instead of match-lambda. * doc/guix.texi (Guix Services): Document options added to dnsmasq. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-11-30services: Accept <inferior-package>s in lieu of <package>s.Tobias Geerinckx-Rice
* gnu/services/authentication.scm (fprintd-configuration) (nslcd-configuration): Substitute file-like objects for package ones. * gnu/services/cgit.scm (cgit-configuration, opaque-cgit-configuration): Likewise. * gnu/services/cups.scm (package-list?, cups-configuration): Likewise. * gnu/services/dns.scm (verify-knot-configuration) (ddclient-configuration): Likewise. * gnu/services/docker.scm (docker-configuration): Likewise. * gnu/services/file-sharing.scm (transmission-daemon-configuration): Likewise. * gnu/services/getmail.scm (getmail-configuration): Likewise. * gnu/services/mail.scm (dovecot-configuration) (opaque-dovecot-configuration): Likewise. * gnu/services/messaging.scm (prosody-configuration) (opaque-prosody-configuration): Likewise. * gnu/services/monitoring.scm (zabbix-server-configuration) (zabbix-agent-configuration): Likewise. * gnu/services/networking.scm (opendht-configuration): Likewise. * gnu/services/pm.scm (tlp-configuration): Likewise. * gnu/services/telephony.scm (jami-configuration): Likewise. * gnu/services/virtualization.scm (libvirt-configuration) (qemu-guest-agent-configuration): Likewise. * gnu/services/vpn.scm (openvpn-client-configuration): Likewise.
2021-10-04services: knot: Remove obsolete DISABLE-ANY? zone option.Tobias Geerinckx-Rice
It is now silently ignored by knotd. * gnu/services/dns.scm (<knot-zone-configuration>): Remove DISABLE-ANY? field. Adjust all previous users. * doc/guix.texi (DNS Services): Undocument it.
2021-05-31services: dnsmasq: Extend 'activation-service'.Brice Waegeneire
* gnu/services/dns.scm (dnsmasq-activation): New procedure … (dnsmasq-service-type): … use it.
2021-03-10services: Prevent following symlinks during activation.Maxime Devos
This addresses a potential security issue, where a compromised service could trick the activation code in changing the permissions, owner and group of arbitrary files. However, this patch is currently only a partial fix, due to a TOCTTOU (time-of-check to time-of-use) race, which can be fixed once guile has bindings to openat and friends. Fixes: <https://lists.gnu.org/archive/html/guix-devel/2021-01/msg00388.html> * gnu/build/activation.scm: new procedure 'mkdir-p/perms'. * gnu/services/authentication.scm (%nslcd-activation, nslcd-service-type): use new procedure. * gnu/services/cups.scm (%cups-activation): likewise. * gnu/services/dbus.scm (dbus-activation): likewise. * gnu/services/dns.scm (knot-activation): likewise. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-02-11services: knot: Fix configuration verification.Alexey Abramov
* gnu/services/dns.scm (verify-knot-key-configuration): Fix the order of memq arguments. (verify-knot-keystore-configuration): Likewise. (verify-knot-acl-configuration): Replace fold with every procedure. Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
2020-10-27services: knot-resolver: Replace deprecated command-line option.Simon South
This silences a warning from the service at startup. * gnu/services/dns.scm (knot-resolver-shepherd-services)[start]: Use the "-n" command-line option to kresd in place of the deprecated "-f 1". Signed-off-by: Leo Famulari <leo@famulari.name>
2020-10-06services: dnsmasq: Add TFTP configuration fields.Danny Milosavljevic
* gnu/services/dns.scm (<dnsmasq-configuration>): Add TFTP configuration fields. (dnsmasq-shepherd-service): Use them. * doc/guix.texi (DNS Services): Document them.
2020-05-08services: Add descriptions.Ludovic Courtès
* gnu/services/dbus.scm (polkit-service-type)[description]: New field. * gnu/services/dict.scm (dicod-service-type)[description]: New field. * gnu/services/dns.scm (knot-service-type)[description]: New field. * gnu/services/networking.scm (dhcpd-service-type)[description]: New field. * gnu/services/shepherd.scm (shepherd-root-service-type)[description]: New field. * gnu/services/xorg.scm (slim-service-type)[description]: New field. (screen-locker-service-type)[description]: New field. * gnu/system/pam.scm (pam-root-service-type)[description]: New field. * gnu/system/shadow.scm (account-service-type)[description]: New field.
2020-05-02services: dnsmasq: Support the --address flag.Pierre Langlois
Introduce a new `addresses' field that translates to passing `--address=' multiple times to dnsmasq. * gnu/services/dns.scm (<dnsmasq-configuration>): Add an addresses field. (dnsmasq-shepherd-service): Match the addresses field and translate it to multiple '--address=' flags. * doc/guix.texi (DNS Services): Document it. Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
2020-01-22services: knot-resolver: Manage a root TA at /var/cache/knot-resolver.宋文武
* gnu/services/dns.scm (%kresd.conf): Add /var/cache/knot-resolver/root.keys as the root TA.
2019-11-11services: Add knot-resolver-service-type.宋文武
* gnu/services/dns.scm (<knot-resolver-configuration>): New record type. (knot-resolver-activation, knot-resolver-shpherd-services): New procedures. (%knot-resolver-accounts, %kresd.conf, knot-resolver-service-type): New variables. * doc/guix.texi (DNS Services): Document it.
2019-04-27gnu: knot: Fix typos.Julien Lepiller
* gnu/services/dns.scm: Fix typos.
2019-04-27gnu: knot: Add configuration fields.Julien Lepiller
* gnu/services/dns.scm (knot-zone-configuration)[zonefile-load] [journal-content, max-journal-usage, max-journal-depth, max-zone-size]: New fields. (knot-zone-config): Serialize them. * doc/guix.texi (DNS Services): Document them.
2019-04-27services: knot: Fix configuration file generation.Ludovic Courtès
Fixes a regression introduced in 92eb600f8a94afa36142f8f145efaa485b632433. * gnu/services/dns.scm (knot-config-file): Add ungexp around call to 'knot-configuration-includes'.
2019-04-26gnu: dns: Fix configuration formating.Julien Lepiller
* gnu/services/dns.scm (format-string-list): Fix formating of lists with only one symbol.
2019-04-25gnu: knot-service: Add includes field in configuration.Julien Lepiller
* gnu/services/dns.scm (knot-configuration): Add includes field. (verify-knot-configuration): Check includes content. (knot-config-file): Serialize includes. * doc/guix.texi (DNS Services): Document it.
2018-12-04services: ddclient: Fix unrecognized keywords.Oleg Pykhalov
This patch fixes warnings about unrecognized keywords in logs. * gnu/services/dns.scm (serialize-field): Skip some field names.
2018-11-06gnu: services: dns: Fix 'ddclient-activation'.Oleg Pykhalov
* gnu/services/dns.scm (ddclient-activation): Fix procedure.
2018-08-30services: Add ddclient service.Oleg Pykhalov
* gnu/services/dns.scm (ddclient-configuration, ddclient-service-type): New variables. (uglify-field-name, serialize-field, serialize-boolean, serialize-integer, serialize-string, serialize-list, serialize-extra-options, ddclient-activation, ddclient-shepherd-service, generate-ddclient-documentation): New procedures. * doc/guix.texi (DNS Services): Document it.
2018-06-08services: dnsmasq-service-type: Add default configuration and description.宋文武
* gnu/services/dns.scm (dnsmasq-service-type) [default-value, description]: New fields.
2018-06-08services: dnsmasq: Use 'negative-cache?' instead of 'no-negcache?'.宋文武
The 'no-negcache?' option is mapped to the '--no-negcache' command-line argument directly, but we're in the scheme world, where the general guideline is to avoid double-negations in identifiers. * gnu/services/dns.scm <dnsmasq-configuration>: Replace the 'no-negcache?' field with 'negative-cache?'. * doc/guix.texi (DNS Services)[Dnsmasq Service]: Adjust accordingly.
2018-06-05services: Add dnsmasq-service-type.宋文武
* gnu/services/dns.scm (dnsmasq-service-type): New variable. (<dnsmasq-configuration>): New record type. (dnsmasq-shepherd-service): New procedure. * doc/guix.texi (DNS Services): Document it.
2017-06-21gnu: services: use seconds instead of duration strings.Julien Lepiller
* gnu/services/dns.scm (zone-file, knot-policy-configuration): Use numbers instead of duration strings. (verify-knot-policy-configuration): Fix typo. * doc/guix.texi (DNS Services): Update documentation.
2017-05-27gnu: Add knot-service-type.Julien Lepiller
* gnu/services/dns.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * doc/guix.texi (DNS Services): New subsubsection.