diff options
Diffstat (limited to 'contrib/services/shepherd/ng0_wip/gnunet.scm')
| -rw-r--r-- | contrib/services/shepherd/ng0_wip/gnunet.scm | 173 |
1 files changed, 0 insertions, 173 deletions
diff --git a/contrib/services/shepherd/ng0_wip/gnunet.scm b/contrib/services/shepherd/ng0_wip/gnunet.scm deleted file mode 100644 index 80b807e74..000000000 --- a/contrib/services/shepherd/ng0_wip/gnunet.scm +++ /dev/null | |||
| @@ -1,173 +0,0 @@ | |||
| 1 | ;;; plant --- | ||
| 2 | ;;; Copyright (C) 2016, 2017, 2018 Nils Gillmann <gillmann@infotropique.org> | ||
| 3 | ;;; | ||
| 4 | ;;; This file is part of plant. | ||
| 5 | ;;; | ||
| 6 | ;;; plant is free software; you can redistribute it and/or modify it | ||
| 7 | ;;; under the terms of the GNU General Public License as published by | ||
| 8 | ;;; the Free Software Foundation; either version 3 of the License, or (at | ||
| 9 | ;;; your option) any later version. | ||
| 10 | ;;; | ||
| 11 | ;;; plant is distributed in the hope that it will be useful, but | ||
| 12 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | ||
| 13 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
| 14 | ;;; GNU General Public License for more details. | ||
| 15 | ;;; | ||
| 16 | ;;; You should have received a copy of thye GNU General Public License | ||
| 17 | ;;; along with plant. If not, see <http://www.gnu.org/licenses/>. | ||
| 18 | |||
| 19 | (define-module (infotropique services networking) | ||
| 20 | #:use-module (infotropique services) | ||
| 21 | #:use-module (infotropique services shepherd) | ||
| 22 | #:use-module (infotropique services dbus) | ||
| 23 | #:use-module (infotropique system shadow) | ||
| 24 | #:use-module (infotropique system pam) | ||
| 25 | #:use-module (infotropique packages admin) | ||
| 26 | #:use-module (infotropique packages connman) | ||
| 27 | #:use-module (infotropique packages linux) | ||
| 28 | #:use-module (infotropique packages tor) | ||
| 29 | #:use-module (infotropique packages messaging) | ||
| 30 | #:use-module (infotropique packages networking) | ||
| 31 | #:use-module (infotropique packages ntp) | ||
| 32 | #:use-module (infotropique packages wicd) | ||
| 33 | #:use-module (infotropique packages gnome) | ||
| 34 | #:use-module (infotropique packages gnunet) | ||
| 35 | #:use-module (plant gexp) | ||
| 36 | #:use-module (plant records) | ||
| 37 | #:use-module (plant modules) | ||
| 38 | #:use-module (srfi srfi-1) | ||
| 39 | #:use-module (srfi srfi-9) | ||
| 40 | #:use-module (srfi srfi-26) | ||
| 41 | #:use-module (ice-9 match) | ||
| 42 | #:export (gnunet-configuration | ||
| 43 | gnunet-configuration? | ||
| 44 | gnunet-service | ||
| 45 | gnunet-service-type)) | ||
| 46 | |||
| 47 | ;;; | ||
| 48 | ;;; Commentary: | ||
| 49 | ;;; gnunet (GNUnet) related services, mainly gnunet itself. | ||
| 50 | ;;; | ||
| 51 | |||
| 52 | ;; GENTOO OpenRC: | ||
| 53 | DONE: depends on "net". | ||
| 54 | DONE: PIDFILE=/run/gnunet/arm-service.pid | ||
| 55 | SUID_ROOT_HELPERS=exit, nat-server, nat-client, transport-bluetooth, transport-wlan, vpn | ||
| 56 | |||
| 57 | /var/lib/gnunet/.local/share/gnunet/gnunet.conf must be chmod 600 and chown gnunet:gnunet | ||
| 58 | /var/lib/gnunet/.cache/gnunet must exist. | ||
| 59 | /usr/lib/gnunet/libexec/gnunet-helper-SUID_ROOT_HELPERS must be s+u (--> suid) | ||
| 60 | |||
| 61 | /usr/lib/gnunet/libexec/gnunet-helper-dns must be: chown root:gnunetdns and chmod 4750 | ||
| 62 | /usr/lib/gnunet/libexec/gnunet-service-dns must be: chown gnunet:gnunetdns and chmod 2750 | ||
| 63 | |||
| 64 | directory with PID file must then be chowned by gnunet:gnunet | ||
| 65 | |||
| 66 | user gnunet startet dann /usr/lib/gnunet/libexec/gnunet-service-arm -d | ||
| 67 | |||
| 68 | stop process hat: | ||
| 69 | start-stop-daemon --stop --signal QUIT --pidfile ${PIDFILE} | ||
| 70 | sleep 1 | ||
| 71 | killall -u gnunet | ||
| 72 | sleep 1 | ||
| 73 | rm -rf /tmp/gnunet-gnunet-runtime >/dev/null 2>&1 | ||
| 74 | rm -rf /tmp/gnunet-system-runtime >/dev/null 2>&1 | ||
| 75 | |||
| 76 | /etc/nsswitch.conf kriegt den eintrag: | ||
| 77 | hosts: files gns [NOTFOUND=return] dns | ||
| 78 | |||
| 79 | und die dateien die in der source rumliegen bzgl nss müssen noch kopiert werden | ||
| 80 | UND nss muss sie finden. | ||
| 81 | |||
| 82 | |||
| 83 | |||
| 84 | (define-record-type* <gnunet-configuration> | ||
| 85 | gnunet-configuration make-gnunet-configuration | ||
| 86 | gnunet-configuration? | ||
| 87 | (package gnunet-configuration-package | ||
| 88 | (default gnunet)) | ||
| 89 | (config-file gnunet-configuration-config-file | ||
| 90 | (default %default-gnunet-config-file))) | ||
| 91 | |||
| 92 | ;; TODO: [PATHS] DEFAULTCONFIG = ? | ||
| 93 | (define %default-gnunet-config-file | ||
| 94 | (plain-file "gnunet.conf" " | ||
| 95 | [PATHS] | ||
| 96 | SERVICEHOME = /var/lib/gnunet | ||
| 97 | GNUNET_CONFIG_HOME = /var/lib/gnunet | ||
| 98 | |||
| 99 | [arm] | ||
| 100 | SYSTEM_ONLY = YES | ||
| 101 | USER_ONLY = NO | ||
| 102 | |||
| 103 | [nat] | ||
| 104 | BEHIND_NAT = YES | ||
| 105 | ENABLE_UPNP = NO | ||
| 106 | USE_LOCALADDR = NO | ||
| 107 | DISABLEV6 = YES | ||
| 108 | |||
| 109 | [hostlist] | ||
| 110 | OPTIONS = -b -e | ||
| 111 | ")) | ||
| 112 | |||
| 113 | (define gnunet-shepherd-service | ||
| 114 | (match-lambda | ||
| 115 | (($ <gnunet-configuration> package config-file) | ||
| 116 | (list (shepherd-service | ||
| 117 | (provision '(gnunet)) | ||
| 118 | ;; do we require networking? arm will try to reconnect until a connection | ||
| 119 | ;; exists (again), but we might also set up vpn and not succeed at service | ||
| 120 | ;; boot time as well as the general certificate issue we have especially on | ||
| 121 | ;; Guix-on-GuixSD systems. | ||
| 122 | (requirement '(loopback)) | ||
| 123 | (documentation "Run the GNUnet service.") | ||
| 124 | (start | ||
| 125 | (let ((gnunet | ||
| 126 | (file-append package "/lib/gnunet/libexec/gnunet-service-arm"))) | ||
| 127 | #~(make-forkexec-constructor | ||
| 128 | (list #$gnunet "-c" #$config-file) | ||
| 129 | #:log-file "/var/log/gnunet.log" | ||
| 130 | #:pid-file "/var/run/gnunet/arm-service.pid"))) | ||
| 131 | (stop | ||
| 132 | #~(make-kill-destructor))))))) | ||
| 133 | |||
| 134 | (define %gnunet-accounts | ||
| 135 | (list (user-group | ||
| 136 | (name "gnunetdns") | ||
| 137 | (system? #t)) | ||
| 138 | (user-group | ||
| 139 | (name "gnunet") | ||
| 140 | (system? #t)) | ||
| 141 | (user-account | ||
| 142 | (name "gnunet") | ||
| 143 | (group "gnunet") | ||
| 144 | (system? #t) | ||
| 145 | (comment "GNUnet system user") | ||
| 146 | (home-directory "/var/lib/gnunet") | ||
| 147 | (shell #~(string-append #$shadow "/sbin/nologin"))))) | ||
| 148 | |||
| 149 | ;; TODO: setuids. | ||
| 150 | ;; TODO: certificate issues -- gnunet should honor CURL_CA_BUNDLE! | ||
| 151 | (define gnunet-activation | ||
| 152 | (match-lambda | ||
| 153 | (($ <gnunet-configuration> package config-file) | ||
| 154 | (let ((gnunet | ||
| 155 | (file-append package "/lib/gnunet/libexec/gnunet-service-arm"))) | ||
| 156 | #~(begin | ||
| 157 | ;; Create the .config + .cache for gnunet user | ||
| 158 | (mkdir-p "/var/lib/gnunet/.config/gnunet") | ||
| 159 | (mkdir-p "/var/lib/gnunet/.cache/gnunet")))))) | ||
| 160 | |||
| 161 | (define gnunet-service-type | ||
| 162 | (service-type | ||
| 163 | (name 'gnunet) | ||
| 164 | (extensions (list (service-extension account-service-type | ||
| 165 | (const %gnunet-accounts)) | ||
| 166 | (service-extension activation-service-type | ||
| 167 | gnunet-activation) | ||
| 168 | (service-extension profile-service-type | ||
| 169 | (compose list gnunet-configuration-package)) | ||
| 170 | (service-extension shepherd-root-service-type | ||
| 171 | gnunet-shepherd-service))))) | ||
| 172 | |||
| 173 | ;;; gnunet.scm ends here | ||