guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: knot-service: Add includes field in configuration.

From: guix-commits
Subject: 01/01: gnu: knot-service: Add includes field in configuration.
Date: Thu, 25 Apr 2019 15:45:40 -0400 (EDT) 
roptat pushed a commit to branch master
in repository guix.

commit 92eb600f8a94afa36142f8f145efaa485b632433
Author: Julien Lepiller <address@hidden>
Date:   Fri Apr 19 22:20:03 2019 +0200

    gnu: knot-service: Add includes field in configuration.
    
    * gnu/services/dns.scm (knot-configuration): Add includes field.
    (verify-knot-configuration): Check includes content.
    (knot-config-file): Serialize includes.
    * doc/guix.texi (DNS Services): Document it.
---
 doc/guix.texi        | 13 +++++++++++++
 gnu/services/dns.scm |  8 ++++++++
 2 files changed, 21 insertions(+)

diff --git a/doc/guix.texi b/doc/guix.texi
index dbbb811..2d5ec86 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -19843,6 +19843,19 @@ The Knot package.
 @item @code{run-directory} (default: @code{"/var/run/knot"})
 The run directory.  This directory will be used for pid file and sockets.
 
address@hidden @code{includes} (default: @code{'()})
+A list of strings or file-like objects denoting other files that must be
+included at the top of the configuration file.
+
address@hidden secrets, Knot service
+This can be used to manage secrets out-of-band.  For example, secret
+keys may be stored in an out-of-band file not managed by Guix, and
+thus not visible in @file{/gnu/store}---e.g., you could store secret
+key configuration in @file{/etc/knot/secrets.conf} and add this file
+to the @code{includes} list.
+
+It can also be used to add configuration not supported by this interface.
+
 @item @code{listen-v4} (default: @code{"0.0.0.0"})
 An ip address on which to listen.
 
diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm
index 1ef754b..445e035 100644
--- a/gnu/services/dns.scm
+++ b/gnu/services/dns.scm
@@ -207,6 +207,8 @@
                  (default knot))
   (run-directory knot-configuration-run-directory
                  (default "/var/run/knot"))
+  (includes      knot-configuration-includes
+                 (default '()))
   (listen-v4     knot-configuration-listen-v4
                  (default "0.0.0.0"))
   (listen-v6     knot-configuration-listen-v6
@@ -296,6 +298,8 @@
     (error-out "knot configuration field must be a package."))
   (unless (string? (knot-configuration-run-directory config))
     (error-out "run-directory must be a string."))
+  (unless (list? (knot-configuration-includes config))
+    (error-out "includes must be a list of strings or file-like objects."))
   (unless (list? (knot-configuration-keys config))
     (error-out "keys must be a list of knot-key-configuration."))
   (for-each (lambda (key) (verify-knot-key-configuration key))
@@ -529,6 +533,10 @@
     #~(begin
         (call-with-output-file #$output
           (lambda (port)
+            (if (knot-configuration-includes config)
+              (for-each (lambda (inc)
+                          (format port "include: ~a\n" inc))
+                (knot-configuration-includes config)))
             (format port "server:\n")
             (format port "    rundir: ~a\n" 
#$(knot-configuration-run-directory config))
             (format port "    user: knot\n")
reply via email to
[Prev in Thread] Current Thread [Next in Thread]