[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
03/06: services: dnsmasq: Add more options.
From: |
guix-commits |
Subject: |
03/06: services: dnsmasq: Add more options. |
Date: |
Thu, 24 Mar 2022 07:56:37 -0400 (EDT) |
civodul pushed a commit to branch master
in repository guix.
commit e91c9edb204d2ee977c6d6c2942fba4642cc3b7f
Author: Remco van 't Veer <remco@remworks.net>
AuthorDate: Wed Mar 23 08:07:33 2022 +0100
services: dnsmasq: Add more options.
* gnu/services/dns.scm (<dnsmasq-configuration>): Add
forward-private-reverse-lookup?, strict-order? and cpe-id options.
(dnsmasq-shepherd-service): Pass added options to dnsmasq and use
match-record instead of match-lambda.
* doc/guix.texi (Guix Services): Document options added to dnsmasq.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
---
doc/guix.texi | 13 ++++
gnu/services/dns.scm | 183 ++++++++++++++++++++++++++++-----------------------
2 files changed, 115 insertions(+), 81 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 44b0f9f1ea..e8ef4286be 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -100,6 +100,7 @@ Copyright @copyright{} 2021 Josselin Poiret@*
Copyright @copyright{} 2021 Andrew Tropin@*
Copyright @copyright{} 2021 Sarah Morgensen@*
Copyright @copyright{} 2021 Josselin Poiret@*
+Copyright @copyright{} 2022 Remco van 't Veer@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -28945,6 +28946,14 @@ The file to read the IP address of the upstream
nameservers from.
@item @code{no-resolv?} (default: @code{#f})
When true, don't read @var{resolv-file}.
+@item @code{forward-private-reverse-lookup?} (default: @code{#t})
+When false, all reverse lookups for private IP ranges are answered with
+"no such domain" rather than being forwarded upstream.
+
+@item @code{query-servers-in-order?} (default: @code{#f})
+When true, dnsmasq queries the servers in the same order as they appear
+in @var{servers}.
+
@item @code{servers} (default: @code{'()})
Specify IP address of upstream servers directly.
@@ -28974,6 +28983,10 @@ disables caching.
@item @code{negative-cache?} (default: @code{#t})
When false, disable negative caching.
+@item @code{cpe-id} (default: @code{#f})
+If set, add a CPE (Customer-Premises Equipment) identifier to DNS
+queries which are forwarded upstream.
+
@item @code{tftp-enable?} (default: @code{#f})
Whether to enable the built-in TFTP server.
diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm
index 9b8603cc95..a220b33f15 100644
--- a/gnu/services/dns.scm
+++ b/gnu/services/dns.scm
@@ -3,6 +3,7 @@
;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com>
;;; Copyright © 2020 Pierre Langlois <pierre.langlois@gmx.com>
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
+;;; Copyright © 2022 Remco van 't Veer <remco@remworks.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -745,6 +746,12 @@ cache.size = 100 * MB
(default "/etc/resolv.conf")) ;string
(no-resolv? dnsmasq-configuration-no-resolv?
(default #f)) ;boolean
+ (forward-private-reverse-lookup?
+ dnsmasq-configuration-forward-private-reverse-lookup?
+ (default #t)) ;boolean
+ (query-servers-in-order?
+ dnsmasq-configuration-query-servers-in-order?
+ (default #f)) ;boolean
(servers dnsmasq-configuration-servers
(default '())) ;list of string
(addresses dnsmasq-configuration-addresses
@@ -752,7 +759,9 @@ cache.size = 100 * MB
(cache-size dnsmasq-configuration-cache-size
(default 150)) ;integer
(negative-cache? dnsmasq-configuration-negative-cache?
- (default #t)) ;boolean
+ (default #t)) ;boolean
+ (cpe-id dnsmasq-configuration-cpe-id
+ (default #t)) ;string
(tftp-enable? dnsmasq-configuration-tftp-enable?
(default #f)) ;boolean
(tftp-no-fail? dnsmasq-configuration-tftp-no-fail?
@@ -776,86 +785,98 @@ cache.size = 100 * MB
(tftp-unique-root dnsmasq-tftp-unique-root
(default #f))) ;"" or "ip" or "mac"
-(define dnsmasq-shepherd-service
- (match-lambda
- (($ <dnsmasq-configuration> package
- no-hosts?
- port local-service? listen-addresses
- resolv-file no-resolv? servers
- addresses cache-size negative-cache?
- tftp-enable? tftp-no-fail?
- tftp-single-port? tftp-secure?
- tftp-max tftp-mtu tftp-no-blocksize?
- tftp-lowercase? tftp-port-range
- tftp-root tftp-unique-root)
- (shepherd-service
- (provision '(dnsmasq))
- (requirement '(networking))
- (documentation "Run the dnsmasq DNS server.")
- (start #~(make-forkexec-constructor
- '(#$(file-append package "/sbin/dnsmasq")
- "--keep-in-foreground"
- "--pid-file=/run/dnsmasq.pid"
- #$@(if no-hosts?
- '("--no-hosts")
- '())
- #$(format #f "--port=~a" port)
- #$@(if local-service?
- '("--local-service")
- '())
- #$@(map (cut format #f "--listen-address=~a" <>)
- listen-addresses)
- #$(format #f "--resolv-file=~a" resolv-file)
- #$@(if no-resolv?
- '("--no-resolv")
- '())
- #$@(map (cut format #f "--server=~a" <>)
- servers)
- #$@(map (cut format #f "--address=~a" <>)
- addresses)
- #$(format #f "--cache-size=~a" cache-size)
- #$@(if negative-cache?
- '()
- '("--no-negcache"))
- #$@(if tftp-enable?
- '("--enable-tftp")
- '())
- #$@(if tftp-no-fail?
- '("--tftp-no-fail")
- '())
- #$@(if tftp-single-port?
- '("--tftp-single-port")
- '())
- #$@(if tftp-secure?
- '("--tftp-secure?")
- '())
- #$@(if tftp-max
- (list (format #f "--tftp-max=~a" tftp-max))
- '())
- #$@(if tftp-mtu
- (list (format #f "--tftp-mtu=~a" tftp-mtu))
- '())
- #$@(if tftp-no-blocksize?
- '("--tftp-no-blocksize")
- '())
- #$@(if tftp-lowercase?
- '("--tftp-lowercase")
- '())
- #$@(if tftp-port-range
- (list (format #f "--tftp-port-range=~a"
- tftp-port-range))
- '())
- #$@(if tftp-root
- (list (format #f "--tftp-root=~a" tftp-root))
- '())
- #$@(if tftp-unique-root
- (list
- (if (> (length tftp-unique-root) 0)
- (format #f "--tftp-unique-root=~a"
tftp-unique-root)
- (format #f "--tftp-unique-root")))
- '()))
- #:pid-file "/run/dnsmasq.pid"))
- (stop #~(make-kill-destructor))))))
+(define (dnsmasq-shepherd-service config)
+ (match-record config <dnsmasq-configuration>
+ (package
+ no-hosts?
+ port local-service? listen-addresses
+ resolv-file no-resolv?
+ forward-private-reverse-lookup? query-servers-in-order?
+ servers addresses
+ cache-size negative-cache?
+ cpe-id
+ tftp-enable? tftp-no-fail?
+ tftp-single-port? tftp-secure?
+ tftp-max tftp-mtu tftp-no-blocksize?
+ tftp-lowercase? tftp-port-range
+ tftp-root tftp-unique-root)
+ (shepherd-service
+ (provision '(dnsmasq))
+ (requirement '(networking))
+ (documentation "Run the dnsmasq DNS server.")
+ (start #~(make-forkexec-constructor
+ '(#$(file-append package "/sbin/dnsmasq")
+ "--keep-in-foreground"
+ "--pid-file=/run/dnsmasq.pid"
+ #$@(if no-hosts?
+ '("--no-hosts")
+ '())
+ #$(format #f "--port=~a" port)
+ #$@(if local-service?
+ '("--local-service")
+ '())
+ #$@(map (cut format #f "--listen-address=~a" <>)
+ listen-addresses)
+ #$(format #f "--resolv-file=~a" resolv-file)
+ #$@(if no-resolv?
+ '("--no-resolv")
+ '())
+ #$@(if forward-private-reverse-lookup?
+ '()
+ '("--bogus-priv"))
+ #$@(if query-servers-in-order?
+ '("--strict-order")
+ '())
+ #$@(map (cut format #f "--server=~a" <>)
+ servers)
+ #$@(map (cut format #f "--address=~a" <>)
+ addresses)
+ #$(format #f "--cache-size=~a" cache-size)
+ #$@(if negative-cache?
+ '()
+ '("--no-negcache"))
+ #$@(if cpe-id
+ (list (format #f "--add-cpe-id=~a" cpe-id))
+ '())
+ #$@(if tftp-enable?
+ '("--enable-tftp")
+ '())
+ #$@(if tftp-no-fail?
+ '("--tftp-no-fail")
+ '())
+ #$@(if tftp-single-port?
+ '("--tftp-single-port")
+ '())
+ #$@(if tftp-secure?
+ '("--tftp-secure?")
+ '())
+ #$@(if tftp-max
+ (list (format #f "--tftp-max=~a" tftp-max))
+ '())
+ #$@(if tftp-mtu
+ (list (format #f "--tftp-mtu=~a" tftp-mtu))
+ '())
+ #$@(if tftp-no-blocksize?
+ '("--tftp-no-blocksize")
+ '())
+ #$@(if tftp-lowercase?
+ '("--tftp-lowercase")
+ '())
+ #$@(if tftp-port-range
+ (list (format #f "--tftp-port-range=~a"
+ tftp-port-range))
+ '())
+ #$@(if tftp-root
+ (list (format #f "--tftp-root=~a" tftp-root))
+ '())
+ #$@(if tftp-unique-root
+ (list
+ (if (> (length tftp-unique-root) 0)
+ (format #f "--tftp-unique-root=~a"
tftp-unique-root)
+ (format #f "--tftp-unique-root")))
+ '()))
+ #:pid-file "/run/dnsmasq.pid"))
+ (stop #~(make-kill-destructor)))))
(define (dnsmasq-activation config)
#~(begin
- branch master updated (24cbe07ae6 -> ab98b51ef1), guix-commits, 2022/03/24
- 01/06: gnu: guile-fibers: Support cross-compilation., guix-commits, 2022/03/24
- 05/06: services: murmur: Fix server program name., guix-commits, 2022/03/24
- 06/06: gnu: cogl: Fix the home page., guix-commits, 2022/03/24
- 04/06: gnu: avr-xyz: Add simavr, guix-commits, 2022/03/24
- 02/06: gnu: guile-fibers: Remove GNU/Hurd from 'supported-systems'., guix-commits, 2022/03/24
- 03/06: services: dnsmasq: Add more options.,
guix-commits <=