HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: Fix typo in description of xfce-desktop-service.
[jackhill/guix/guix.git] / gnu / services / networking.scm
CommitLineData
db4fdc04 1;;; GNU Guix --- Functional package management for GNU
4ee96a79 2;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
b7d0c494 3;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
76192896 4;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
db4fdc04
LC		 5;;;
6;;; This file is part of GNU Guix.
7;;;
8;;; GNU Guix is free software; you can redistribute it and/or modify it
9;;; under the terms of the GNU General Public License as published by
10;;; the Free Software Foundation; either version 3 of the License, or (at
11;;; your option) any later version.
12;;;
13;;; GNU Guix is distributed in the hope that it will be useful, but
14;;; WITHOUT ANY WARRANTY; without even the implied warranty of
15;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16;;; GNU General Public License for more details.
17;;;
18;;; You should have received a copy of the GNU General Public License
19;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
20
21(define-module (gnu services networking)
22 #:use-module (gnu services)
0190c1c0 23 #:use-module (gnu services shepherd)
0adfe95a 24 #:use-module (gnu services dbus)
927097ef 25 #:use-module (gnu system shadow)
6e828634 26 #:use-module (gnu system pam)
db4fdc04 27 #:use-module (gnu packages admin)
76192896 28 #:use-module (gnu packages connman)
db4fdc04 29 #:use-module (gnu packages linux)
927097ef 30 #:use-module (gnu packages tor)
4627a464 31 #:use-module (gnu packages messaging)
63854bcb 32 #:use-module (gnu packages ntp)
b7d0c494 33 #:use-module (gnu packages wicd)
7234ad4f 34 #:use-module (gnu packages gnome)
b5f4e686 35 #:use-module (guix gexp)
0adfe95a 36 #:use-module (guix records)
6331bde7
LC		 37 #:use-module (srfi srfi-1)
38 #:use-module (srfi srfi-9)
63854bcb 39 #:use-module (srfi srfi-26)
0adfe95a 40 #:use-module (ice-9 match)
fa0c1d61 41 #:export (%facebook-host-aliases
24e96431 42 static-networking
fa0c1d61 43 static-networking-service
24e96431 44 static-networking-service-type
a023cca8 45 dhcp-client-service
63854bcb 46 %ntp-servers
24e96431
 47
48 ntp-configuration
49 ntp-configuration?
63854bcb 50 ntp-service
24e96431
 51 ntp-service-type
52
53 tor-configuration
54 tor-configuration?
6331bde7 55 tor-hidden-service
4627a464 56 tor-service
24e96431
 57 tor-service-type
58
59 bitlbee-configuration
60 bitlbee-configuration?
b7d0c494 61 bitlbee-service
24e96431
 62 bitlbee-service-type
63
7234ad4f 64 wicd-service
76192896
EF		 65 network-manager-service
66 connman-service))
db4fdc04
LC		 67
68;;; Commentary:
69;;;
70;;; Networking services.
71;;;
72;;; Code:
73
fa0c1d61
LC		 74(define %facebook-host-aliases
75 ;; This is the list of known Facebook hosts to be added to /etc/hosts if you
76 ;; are to block it.
77 "\
78# Block Facebook IPv4.
79127.0.0.1 www.facebook.com
80127.0.0.1 facebook.com
81127.0.0.1 login.facebook.com
82127.0.0.1 www.login.facebook.com
83127.0.0.1 fbcdn.net
84127.0.0.1 www.fbcdn.net
85127.0.0.1 fbcdn.com
86127.0.0.1 www.fbcdn.com
87127.0.0.1 static.ak.fbcdn.net
88127.0.0.1 static.ak.connect.facebook.com
89127.0.0.1 connect.facebook.net
90127.0.0.1 www.connect.facebook.net
91127.0.0.1 apps.facebook.com
92
93# Block Facebook IPv6.
94fe80::1%lo0 facebook.com
95fe80::1%lo0 login.facebook.com
96fe80::1%lo0 www.login.facebook.com
97fe80::1%lo0 fbcdn.net
98fe80::1%lo0 www.fbcdn.net
99fe80::1%lo0 fbcdn.com
100fe80::1%lo0 www.fbcdn.com
101fe80::1%lo0 static.ak.fbcdn.net
102fe80::1%lo0 static.ak.connect.facebook.com
103fe80::1%lo0 connect.facebook.net
104fe80::1%lo0 www.connect.facebook.net
105fe80::1%lo0 apps.facebook.com\n")
106
107
0adfe95a
LC		 108(define-record-type* <static-networking>
109 static-networking make-static-networking
110 static-networking?
111 (interface static-networking-interface)
112 (ip static-networking-ip)
113 (gateway static-networking-gateway)
114 (provision static-networking-provision)
115 (name-servers static-networking-name-servers)
116 (net-tools static-networking-net-tools))
117
118(define static-networking-service-type
d4053c71 119 (shepherd-service-type
00184239 120 'static-networking
0adfe95a
LC		 121 (match-lambda
122 (($ <static-networking> interface ip gateway provision
123 name-servers net-tools)
124 (let ((loopback? (memq 'loopback provision)))
125
126 ;; TODO: Eventually replace 'route' with bindings for the appropriate
127 ;; ioctls.
d4053c71 128 (shepherd-service
0adfe95a
LC		 129
130 ;; Unless we're providing the loopback interface, wait for udev to be up
131 ;; and running so that INTERFACE is actually usable.
132 (requirement (if loopback? '() '(udev)))
133
134 (documentation
135 "Bring up the networking interface using a static IP address.")
136 (provision provision)
137 (start #~(lambda _
138 ;; Return #t if successfully started.
139 (let* ((addr (inet-pton AF_INET #$ip))
140 (sockaddr (make-socket-address AF_INET addr 0)))
141 (configure-network-interface #$interface sockaddr
142 (logior IFF_UP
143 #$(if loopback?
144 #~IFF_LOOPBACK
145 0))))
146 #$(if gateway
147 #~(zero? (system* (string-append #$net-tools
148 "/sbin/route")
149 "add" "-net" "default"
150 "gw" #$gateway))
151 #t)
152 #$(if (pair? name-servers)
153 #~(call-with-output-file "/etc/resolv.conf"
154 (lambda (port)
155 (display
156 "# Generated by 'static-networking-service'.\n"
157 port)
158 (for-each (lambda (server)
159 (format port "nameserver ~a~%"
160 server))
161 '#$name-servers)))
162 #t)))
163 (stop #~(lambda _
164 ;; Return #f is successfully stopped.
165 (let ((sock (socket AF_INET SOCK_STREAM 0)))
166 (set-network-interface-flags sock #$interface 0)
167 (close-port sock))
168 (not #$(if gateway
169 #~(system* (string-append #$net-tools
170 "/sbin/route")
171 "del" "-net" "default")
172 #t))))
173 (respawn? #f)))))))
174
db4fdc04
LC		 175(define* (static-networking-service interface ip
176 #:key
177 gateway
4a3b3b07 178 (provision '(networking))
db4fdc04 179 (name-servers '())
db4fdc04 180 (net-tools net-tools))
51da7ca0
LC		 181 "Return a service that starts @var{interface} with address @var{ip}. If
182@var{gateway} is true, it must be a string specifying the default network
183gateway."
0adfe95a
LC		 184 (service static-networking-service-type
185 (static-networking (interface interface) (ip ip)
186 (gateway gateway)
187 (provision provision)
188 (name-servers name-servers)
189 (net-tools net-tools))))
190
191(define dhcp-client-service-type
d4053c71 192 (shepherd-service-type
00184239 193 'dhcp-client
0adfe95a
LC		 194 (lambda (dhcp)
195 (define dhclient
196 #~(string-append #$dhcp "/sbin/dhclient"))
197
198 (define pid-file
199 "/var/run/dhclient.pid")
200
d4053c71 201 (shepherd-service
0adfe95a
LC		 202 (documentation "Set up networking via DHCP.")
203 (requirement '(user-processes udev))
204
205 ;; XXX: Running with '-nw' ("no wait") avoids blocking for a minute when
206 ;; networking is unavailable, but also means that the interface is not up
207 ;; yet when 'start' completes. To wait for the interface to be ready, one
208 ;; should instead monitor udev events.
209 (provision '(networking))
210
211 (start #~(lambda _
212 ;; When invoked without any arguments, 'dhclient' discovers all
213 ;; non-loopback interfaces *that are up*. However, the relevant
214 ;; interfaces are typically down at this point. Thus we perform
215 ;; our own interface discovery here.
216 (define valid?
217 (negate loopback-network-interface?))
218 (define ifaces
219 (filter valid? (all-network-interface-names)))
220
221 ;; XXX: Make sure the interfaces are up so that 'dhclient' can
222 ;; actually send/receive over them.
223 (for-each set-network-interface-up ifaces)
224
225 (false-if-exception (delete-file #$pid-file))
226 (let ((pid (fork+exec-command
227 (cons* #$dhclient "-nw"
228 "-pf" #$pid-file ifaces))))
229 (and (zero? (cdr (waitpid pid)))
230 (let loop ()
231 (catch 'system-error
232 (lambda ()
233 (call-with-input-file #$pid-file read))
234 (lambda args
235 ;; 'dhclient' returned before PID-FILE was created,
236 ;; so try again.
237 (let ((errno (system-error-errno args)))
238 (if (= ENOENT errno)
239 (begin
240 (sleep 1)
241 (loop))
242 (apply throw args))))))))))
243 (stop #~(make-kill-destructor))))))
db4fdc04 244
a023cca8
LC		 245(define* (dhcp-client-service #:key (dhcp isc-dhcp))
246 "Return a service that runs @var{dhcp}, a Dynamic Host Configuration
247Protocol (DHCP) client, on all the non-loopback network interfaces."
0adfe95a 248 (service dhcp-client-service-type dhcp))
a023cca8 249
63854bcb
LC		 250(define %ntp-servers
251 ;; Default set of NTP servers.
252 '("0.pool.ntp.org"
253 "1.pool.ntp.org"
254 "2.pool.ntp.org"))
255
0adfe95a
LC		 256\f
257;;;
258;;; NTP.
259;;;
260
261;; TODO: Export.
262(define-record-type* <ntp-configuration>
263 ntp-configuration make-ntp-configuration
264 ntp-configuration?
265 (ntp ntp-configuration-ntp
266 (default ntp))
267 (servers ntp-configuration-servers))
268
d4053c71 269(define ntp-shepherd-service
0adfe95a
LC		 270 (match-lambda
271 (($ <ntp-configuration> ntp servers)
272 (let ()
273 ;; TODO: Add authentication support.
274 (define config
275 (string-append "driftfile /var/run/ntp.drift\n"
276 (string-join (map (cut string-append "server " <>)
277 servers)
278 "\n")
279 "
63854bcb
LC		 280# Disable status queries as a workaround for CVE-2013-5211:
281# <http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using>.
282restrict default kod nomodify notrap nopeer noquery
283restrict -6 default kod nomodify notrap nopeer noquery
284
285# Yet, allow use of the local 'ntpq'.
286restrict 127.0.0.1
287restrict -6 ::1\n"))
288
0adfe95a
LC		 289 (define ntpd.conf
290 (plain-file "ntpd.conf" config))
291
d4053c71 292 (list (shepherd-service
0adfe95a
LC		 293 (provision '(ntpd))
294 (documentation "Run the Network Time Protocol (NTP) daemon.")
295 (requirement '(user-processes networking))
296 (start #~(make-forkexec-constructor
297 (list (string-append #$ntp "/bin/ntpd") "-n"
298 "-c" #$ntpd.conf "-u" "ntpd")))
299 (stop #~(make-kill-destructor))))))))
300
301(define %ntp-accounts
302 (list (user-account
303 (name "ntpd")
304 (group "nogroup")
305 (system? #t)
306 (comment "NTP daemon user")
307 (home-directory "/var/empty")
308 (shell #~(string-append #$shadow "/sbin/nologin")))))
309
310(define ntp-service-type
311 (service-type (name 'ntp)
312 (extensions
d4053c71
AK		 313 (list (service-extension shepherd-root-service-type
314 ntp-shepherd-service)
0adfe95a
LC		 315 (service-extension account-service-type
316 (const %ntp-accounts))))))
317
318(define* (ntp-service #:key (ntp ntp)
319 (servers %ntp-servers))
320 "Return a service that runs the daemon from @var{ntp}, the
321@uref{http://www.ntp.org, Network Time Protocol package}. The daemon will
322keep the system clock synchronized with that of @var{servers}."
323 (service ntp-service-type
324 (ntp-configuration (ntp ntp) (servers servers))))
325
326\f
327;;;
328;;; Tor.
329;;;
330
6331bde7
LC		 331(define-record-type* <tor-configuration>
332 tor-configuration make-tor-configuration
333 tor-configuration?
334 (tor tor-configuration-tor
335 (default tor))
336 (config-file tor-configuration-config-file)
337 (hidden-services tor-configuration-hidden-services
338 (default '())))
339
0adfe95a
LC		 340(define %tor-accounts
341 ;; User account and groups for Tor.
342 (list (user-group (name "tor") (system? #t))
343 (user-account
344 (name "tor")
345 (group "tor")
346 (system? #t)
347 (comment "Tor daemon user")
348 (home-directory "/var/empty")
349 (shell #~(string-append #$shadow "/sbin/nologin")))))
350
6331bde7
LC		 351(define-record-type <hidden-service>
352 (hidden-service name mapping)
353 hidden-service?
354 (name hidden-service-name) ;string
355 (mapping hidden-service-mapping)) ;list of port/address tuples
356
357(define (tor-configuration->torrc config)
358 "Return a 'torrc' file for CONFIG."
359 (match config
360 (($ <tor-configuration> tor config-file services)
361 (computed-file
362 "torrc"
4ee96a79
LC		 363 (with-imported-modules '((guix build utils))
364 #~(begin
365 (use-modules (guix build utils)
366 (ice-9 match))
367
368 (call-with-output-file #$output
369 (lambda (port)
370 (display "\
6331bde7 371# The beginning was automatically added.
5ee35eb7 372User tor
6629099a 373DataDirectory /var/lib/tor
5ee35eb7 374Log notice syslog\n" port)
6331bde7 375
4ee96a79
LC		 376 (for-each (match-lambda
377 ((service (ports hosts) ...)
378 (format port "\
6629099a 379HiddenServiceDir /var/lib/tor/hidden-services/~a~%"
4ee96a79
LC		 380 service)
381 (for-each (lambda (tcp-port host)
382 (format port "\
6331bde7 383HiddenServicePort ~a ~a~%"
4ee96a79
LC		 384 tcp-port host))
385 ports hosts)))
386 '#$(map (match-lambda
387 (($ <hidden-service> name mapping)
388 (cons name mapping)))
389 services))
390
391 ;; Append the user's config file.
392 (call-with-input-file #$config-file
393 (lambda (input)
394 (dump-port input port)))
395 #t))))))))
6331bde7 396
d4053c71
AK		 397(define (tor-shepherd-service config)
398 "Return a <shepherd-service> running TOR."
375c6108 399 (match config
6331bde7
LC		 400 (($ <tor-configuration> tor)
401 (let ((torrc (tor-configuration->torrc config)))
d4053c71 402 (list (shepherd-service
375c6108 403 (provision '(tor))
0adfe95a 404
375c6108
LC		 405 ;; Tor needs at least one network interface to be up, hence the
406 ;; dependency on 'loopback'.
5ee35eb7 407 (requirement '(user-processes loopback syslogd))
0adfe95a 408
375c6108
LC		 409 (start #~(make-forkexec-constructor
410 (list (string-append #$tor "/bin/tor") "-f" #$torrc)))
411 (stop #~(make-kill-destructor))
412 (documentation "Run the Tor anonymous network overlay.")))))))
0adfe95a 413
6331bde7
LC		 414(define (tor-hidden-service-activation config)
415 "Return the activation gexp for SERVICES, a list of hidden services."
416 #~(begin
417 (use-modules (guix build utils))
418
6629099a
LC		 419 (define %user
420 (getpw "tor"))
421
6331bde7 422 (define (initialize service)
6629099a
LC		 423 (let ((directory (string-append "/var/lib/tor/hidden-services/"
424 service)))
6331bde7 425 (mkdir-p directory)
6629099a 426 (chown directory (passwd:uid %user) (passwd:gid %user))
6331bde7
LC		 427
428 ;; The daemon bails out if we give wider permissions.
429 (chmod directory #o700)))
430
6629099a
LC		 431 (mkdir-p "/var/lib/tor")
432 (chown "/var/lib/tor" (passwd:uid %user) (passwd:gid %user))
433 (chmod "/var/lib/tor" #o700)
434
6331bde7
LC		 435 (for-each initialize
436 '#$(map hidden-service-name
437 (tor-configuration-hidden-services config)))))
438
0adfe95a
LC		 439(define tor-service-type
440 (service-type (name 'tor)
441 (extensions
d4053c71
AK		 442 (list (service-extension shepherd-root-service-type
443 tor-shepherd-service)
0adfe95a 444 (service-extension account-service-type
6331bde7
LC		 445 (const %tor-accounts))
446 (service-extension activation-service-type
447 tor-hidden-service-activation)))
448
449 ;; This can be extended with hidden services.
450 (compose concatenate)
451 (extend (lambda (config services)
452 (tor-configuration
453 (inherit config)
454 (hidden-services
455 (append (tor-configuration-hidden-services config)
456 services)))))))
63854bcb 457
375c6108
LC		 458(define* (tor-service #:optional
459 (config-file (plain-file "empty" ""))
460 #:key (tor tor))
461 "Return a service to run the @uref{https://torproject.org, Tor} anonymous
462networking daemon.
927097ef 463
375c6108 464The daemon runs as the @code{tor} unprivileged user. It is passed
6331bde7
LC		 465@var{config-file}, a file-like object, with an additional @code{User tor} line
466and lines for hidden services added via @code{tor-hidden-service}. Run
467@command{man tor} for information about the configuration file."
468 (service tor-service-type
469 (tor-configuration (tor tor)
470 (config-file config-file))))
471
472(define tor-hidden-service-type
473 ;; A type that extends Tor with hidden services.
474 (service-type (name 'tor-hidden-service)
475 (extensions
476 (list (service-extension tor-service-type list)))))
477
478(define (tor-hidden-service name mapping)
479 "Define a new Tor @dfn{hidden service} called @var{name} and implementing
480@var{mapping}. @var{mapping} is a list of port/host tuples, such as:
481
482@example
483 '((22 \"127.0.0.1:22\")
484 (80 \"127.0.0.1:8080\"))
485@end example
486
487In this example, port 22 of the hidden service is mapped to local port 22, and
488port 80 is mapped to local port 8080.
489
6629099a
LC		 490This creates a @file{/var/lib/tor/hidden-services/@var{name}} directory, where
491the @file{hostname} file contains the @code{.onion} host name for the hidden
6331bde7
LC		 492service.
493
494See @uref{https://www.torproject.org/docs/tor-hidden-service.html.en, the Tor
495project's documentation} for more information."
496 (service tor-hidden-service-type
497 (hidden-service name mapping)))
0adfe95a
LC		 498
499\f
500;;;
501;;; BitlBee.
502;;;
503
504(define-record-type* <bitlbee-configuration>
505 bitlbee-configuration make-bitlbee-configuration
506 bitlbee-configuration?
507 (bitlbee bitlbee-configuration-bitlbee
508 (default bitlbee))
509 (interface bitlbee-configuration-interface)
510 (port bitlbee-configuration-port)
511 (extra-settings bitlbee-configuration-extra-settings))
512
d4053c71 513(define bitlbee-shepherd-service
0adfe95a
LC		 514 (match-lambda
515 (($ <bitlbee-configuration> bitlbee interface port extra-settings)
516 (let ((conf (plain-file "bitlbee.conf"
517 (string-append "
518 [settings]
519 User = bitlbee
520 ConfigDir = /var/lib/bitlbee
521 DaemonInterface = " interface "
522 DaemonPort = " (number->string port) "
523" extra-settings))))
524
d4053c71 525 (list (shepherd-service
0adfe95a
LC		 526 (provision '(bitlbee))
527 (requirement '(user-processes loopback))
528 (start #~(make-forkexec-constructor
529 (list (string-append #$bitlbee "/sbin/bitlbee")
530 "-n" "-F" "-u" "bitlbee" "-c" #$conf)))
531 (stop #~(make-kill-destructor))))))))
532
533(define %bitlbee-accounts
534 ;; User group and account to run BitlBee.
535 (list (user-group (name "bitlbee") (system? #t))
536 (user-account
537 (name "bitlbee")
538 (group "bitlbee")
539 (system? #t)
540 (comment "BitlBee daemon user")
541 (home-directory "/var/empty")
542 (shell #~(string-append #$shadow "/sbin/nologin")))))
543
544(define %bitlbee-activation
545 ;; Activation gexp for BitlBee.
546 #~(begin
547 (use-modules (guix build utils))
548
549 ;; This directory is used to store OTR data.
550 (mkdir-p "/var/lib/bitlbee")
551 (let ((user (getpwnam "bitlbee")))
552 (chown "/var/lib/bitlbee"
553 (passwd:uid user) (passwd:gid user)))))
554
555(define bitlbee-service-type
556 (service-type (name 'bitlbee)
557 (extensions
d4053c71
AK		 558 (list (service-extension shepherd-root-service-type
559 bitlbee-shepherd-service)
0adfe95a
LC		 560 (service-extension account-service-type
561 (const %bitlbee-accounts))
562 (service-extension activation-service-type
563 (const %bitlbee-activation))))))
927097ef 564
4627a464
LC		 565(define* (bitlbee-service #:key (bitlbee bitlbee)
566 (interface "127.0.0.1") (port 6667)
567 (extra-settings ""))
568 "Return a service that runs @url{http://bitlbee.org,BitlBee}, a daemon that
569acts as a gateway between IRC and chat networks.
570
571The daemon will listen to the interface corresponding to the IP address
572specified in @var{interface}, on @var{port}. @code{127.0.0.1} means that only
573local clients can connect, whereas @code{0.0.0.0} means that connections can
574come from any networking interface.
575
576In addition, @var{extra-settings} specifies a string to append to the
577configuration file."
0adfe95a
LC		 578 (service bitlbee-service-type
579 (bitlbee-configuration
580 (bitlbee bitlbee)
581 (interface interface) (port port)
582 (extra-settings extra-settings))))
583
584\f
585;;;
586;;; Wicd.
587;;;
588
589(define %wicd-activation
590 ;; Activation gexp for Wicd.
591 #~(begin
592 (use-modules (guix build utils))
593
594 (mkdir-p "/etc/wicd")
595 (let ((file-name "/etc/wicd/dhclient.conf.template.default"))
596 (unless (file-exists? file-name)
597 (copy-file (string-append #$wicd file-name)
598 file-name)))))
599
d4053c71
AK		 600(define (wicd-shepherd-service wicd)
601 "Return a shepherd service for WICD."
602 (list (shepherd-service
0adfe95a
LC		 603 (documentation "Run the Wicd network manager.")
604 (provision '(networking))
605 (requirement '(user-processes dbus-system loopback))
606 (start #~(make-forkexec-constructor
607 (list (string-append #$wicd "/sbin/wicd")
608 "--no-daemon")))
609 (stop #~(make-kill-destructor)))))
610
611(define wicd-service-type
612 (service-type (name 'wicd)
613 (extensions
d4053c71
AK		 614 (list (service-extension shepherd-root-service-type
615 wicd-shepherd-service)
0adfe95a
LC		 616 (service-extension dbus-root-service-type
617 list)
618 (service-extension activation-service-type
87f40011
LC		 619 (const %wicd-activation))
620
621 ;; Add Wicd to the global profile.
622 (service-extension profile-service-type list)))))
4627a464 623
b7d0c494
MW		 624(define* (wicd-service #:key (wicd wicd))
625 "Return a service that runs @url{https://launchpad.net/wicd,Wicd}, a network
87f40011
LC		 626management daemon that aims to simplify wired and wireless networking.
627
628This service adds the @var{wicd} package to the global profile, providing
629several commands to interact with the daemon and configure networking:
630@command{wicd-client}, a graphical user interface, and the @command{wicd-cli}
631and @command{wicd-curses} user interfaces."
0adfe95a 632 (service wicd-service-type wicd))
b7d0c494 633
7234ad4f
SB		 634\f
635;;;
636;;; NetworkManager
637;;;
638
639(define %network-manager-activation
640 ;; Activation gexp for NetworkManager.
641 #~(begin
642 (use-modules (guix build utils))
643 (mkdir-p "/etc/NetworkManager/system-connections")))
644
d4053c71
AK		 645(define (network-manager-shepherd-service network-manager)
646 "Return a shepherd service for NETWORK-MANAGER."
647 (list (shepherd-service
7234ad4f
SB		 648 (documentation "Run the NetworkManager.")
649 (provision '(networking))
650 (requirement '(user-processes dbus-system loopback))
651 (start #~(make-forkexec-constructor
652 (list (string-append #$network-manager
653 "/sbin/NetworkManager")
654 "--no-daemon")))
655 (stop #~(make-kill-destructor)))))
656
657(define network-manager-service-type
658 (service-type (name 'network-manager)
659 (extensions
d4053c71
AK		 660 (list (service-extension shepherd-root-service-type
661 network-manager-shepherd-service)
7234ad4f
SB		 662 (service-extension dbus-root-service-type list)
663 (service-extension activation-service-type
664 (const %network-manager-activation))
665 ;; Add network-manager to the system profile.
666 (service-extension profile-service-type list)))))
667
668(define* (network-manager-service #:key (network-manager network-manager))
669 "Return a service that runs NetworkManager, a network connection manager
670that attempting to keep active network connectivity when available."
671 (service network-manager-service-type network-manager))
672
76192896
EF		 673\f
674;;;
675;;; Connman
676;;;
677
678(define %connman-activation
679 ;; Activation gexp for Connman.
680 #~(begin
681 (use-modules (guix build utils))
682 (mkdir-p "/var/lib/connman/")
683 (mkdir-p "/var/lib/connman-vpn/")))
684
685(define (connman-shepherd-service connman)
686 "Return a shepherd service for Connman"
687 (list (shepherd-service
688 (documentation "Run Connman")
689 (provision '(networking))
690 (requirement '(user-processes dbus-system loopback))
691 (start #~(make-forkexec-constructor
692 (list (string-append #$connman
693 "/sbin/connmand")
694 "-n" "-r")))
695 (stop #~(make-kill-destructor)))))
696
697(define connman-service-type
698 (service-type (name 'connman)
699 (extensions
700 (list (service-extension shepherd-root-service-type
701 connman-shepherd-service)
702 (service-extension dbus-root-service-type list)
703 (service-extension activation-service-type
704 (const %connman-activation))
705 ;; Add connman to the system profile.
706 (service-extension profile-service-type list)))))
707
708(define* (connman-service #:key (connman connman))
709 "Return a service that runs @url{https://01.org/connman,Connman}, a network
710connection manager.
711
712This service adds the @var{connman} package to the global profile, providing
713several the @command{connmanctl} command to interact with the daemon and
714configure networking."
715 (service connman-service-type connman))
716
db4fdc04 717;;; networking.scm ends here
jackhill's copy of GNU Guix: https://guix.gnu.org/