services: Add '%facebook-host-aliases'.

* gnu/services/networking.scm (%facebook-host-aliases): New variable.
* doc/guix.texi (Networking Services): Document it.

diff --git a/doc/guix.texi b/doc/guix.texi
index ac2aad6..583bdbf 100644 (file)
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -3610,6 +3610,35 @@ root.
 The other options should be self-descriptive.
 @end deffn
 
+@defvr {Scheme Variable} %facebook-host-aliases
+This variable contains a string for use in @file{/etc/hosts}
+(@pxref{Host Names,,, libc, The GNU C Library Reference Manual}).  Each
+line contains a entry that maps a known server name of the Facebook
+on-line service---e.g., @code{www.facebook.com}---to the local
+host---@code{127.0.0.1} or its IPv6 equivalent, @code{::1}.
+
+This variable is typically used in the @code{hosts-file} field of an
+@code{operating-system} declaration (@pxref{Using the Configuration
+System}):
+
+@example
+(use-modules (gnu) (guix))
+
+(operating-system
+  (host-name "mymachine")
+  ;; ...
+  (hosts-file
+    ;; Create a /etc/hosts file with aliases for "localhost"
+    ;; and "mymachine", as well as for Facebook servers.
+    (text-file "hosts"
+               (string-append (local-host-aliases host-name)
+                              %facebook-host-aliases))))
+@end example
+
+This mechanism can prevent programs running locally, such as Web
+browsers, from accessing Facebook.
+@end defvr
+
 @node X Window
 @subsubsection X Window
 

diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index 44e3c30..8e682b9 100644 (file)
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -25,7 +25,8 @@
   #:use-module (gnu packages messaging)
   #:use-module (guix gexp)
   #:use-module (guix monads)
-  #:export (static-networking-service
+  #:export (%facebook-host-aliases
+            static-networking-service
             dhcp-client-service
             tor-service
             bitlbee-service))
@@ -36,6 +37,40 @@
 ;;;
 ;;; Code:
 
+(define %facebook-host-aliases
+  ;; This is the list of known Facebook hosts to be added to /etc/hosts if you
+  ;; are to block it.
+  "\
+# Block Facebook IPv4.
+127.0.0.1   www.facebook.com
+127.0.0.1   facebook.com
+127.0.0.1   login.facebook.com
+127.0.0.1   www.login.facebook.com
+127.0.0.1   fbcdn.net
+127.0.0.1   www.fbcdn.net
+127.0.0.1   fbcdn.com
+127.0.0.1   www.fbcdn.com
+127.0.0.1   static.ak.fbcdn.net
+127.0.0.1   static.ak.connect.facebook.com
+127.0.0.1   connect.facebook.net
+127.0.0.1   www.connect.facebook.net
+127.0.0.1   apps.facebook.com
+
+# Block Facebook IPv6.
+fe80::1%lo0 facebook.com
+fe80::1%lo0 login.facebook.com
+fe80::1%lo0 www.login.facebook.com
+fe80::1%lo0 fbcdn.net
+fe80::1%lo0 www.fbcdn.net
+fe80::1%lo0 fbcdn.com
+fe80::1%lo0 www.fbcdn.com
+fe80::1%lo0 static.ak.fbcdn.net
+fe80::1%lo0 static.ak.connect.facebook.com
+fe80::1%lo0 connect.facebook.net
+fe80::1%lo0 www.connect.facebook.net
+fe80::1%lo0 apps.facebook.com\n")
+
+
 (define* (static-networking-service interface ip
                                     #:key
                                     gateway