HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: ruby-pry: Update to 0.11.1.
[jackhill/guix/guix.git] / gnu / packages / dns.scm
CommitLineData
dd2efd3d
TUBK		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
d912db5b 3;;; Copyright © 2016 Mark H Weaver <mhw@netris.org>
b2844d8f 4;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
0d88031c 5;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
be86b7ad 6;;; Copyright © 2016 John Darrington <jmd@gnu.org>
71f048c6 7;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
f9cdf1c1 8;;; Copyright © 2016, 2017 Tobias Geerinckx-Rice <me@tobias.gr>
afe62a8b 9;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
ecc7aa89 10;;; Copyright © 2017 Vasile Dumitrascu <va511e@yahoo.com>
7e61a16c 11;;; Copyright © 2017 Gregor Giesen <giesen@zaehlwerk.net>
dd2efd3d
TUBK		 12;;;
13;;; This file is part of GNU Guix.
14;;;
15;;; GNU Guix is free software; you can redistribute it and/or modify it
16;;; under the terms of the GNU General Public License as published by
17;;; the Free Software Foundation; either version 3 of the License, or (at
18;;; your option) any later version.
19;;;
20;;; GNU Guix is distributed in the hope that it will be useful, but
21;;; WITHOUT ANY WARRANTY; without even the implied warranty of
22;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23;;; GNU General Public License for more details.
24;;;
25;;; You should have received a copy of the GNU General Public License
26;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
27
36fb36b5 28(define-module (gnu packages dns)
f9cdf1c1 29 #:use-module (gnu packages admin)
71f048c6 30 #:use-module (gnu packages autotools)
6cf626e8 31 #:use-module (gnu packages base)
1e744399 32 #:use-module (gnu packages databases)
afe62a8b 33 #:use-module (gnu packages crypto)
f9cdf1c1 34 #:use-module (gnu packages datastructures)
7e61a16c 35 #:use-module (gnu packages flex)
cb6d322a 36 #:use-module (gnu packages glib)
71f048c6 37 #:use-module (gnu packages groff)
f9cdf1c1
TGR		 38 #:use-module (gnu packages groff)
39 #:use-module (gnu packages libedit)
afe62a8b 40 #:use-module (gnu packages libevent)
f9cdf1c1 41 #:use-module (gnu packages libidn)
1e744399 42 #:use-module (gnu packages linux)
f9cdf1c1
TGR		 43 #:use-module (gnu packages ncurses)
44 #:use-module (gnu packages nettle)
1e744399 45 #:use-module (gnu packages perl)
71f048c6 46 #:use-module (gnu packages pkg-config)
7e61a16c
GG		 47 #:use-module (gnu packages protobuf)
48 #:use-module (gnu packages python)
49 #:use-module (gnu packages swig)
a7fd7b68 50 #:use-module (gnu packages tls)
f9cdf1c1 51 #:use-module (gnu packages web)
1e744399
 52 #:use-module (gnu packages xml)
53 #:use-module ((guix licenses) #:prefix license:)
dd2efd3d
TUBK		 54 #:use-module (guix packages)
55 #:use-module (guix download)
7e61a16c 56 #:use-module (guix utils)
dd2efd3d
TUBK		 57 #:use-module (guix build-system gnu))
58
59(define-public dnsmasq
60 (package
61 (name "dnsmasq")
c99bf9b2 62 (version "2.76")
dd2efd3d
TUBK		 63 (source (origin
64 (method url-fetch)
65 (uri (string-append
66 "http://www.thekelleys.org.uk/dnsmasq/dnsmasq-"
67 version ".tar.xz"))
68 (sha256
69 (base32
c99bf9b2 70 "15lzih6671gh9knzpl8mxchiml7z5lfqzr7jm2r0rjhrxs6nk4jb"))))
dd2efd3d 71 (build-system gnu-build-system)
cb6d322a
CB		 72 (native-inputs
73 `(("pkg-config" ,pkg-config)))
74 (inputs
75 `(("dbus" ,dbus)))
dd2efd3d
TUBK		 76 (arguments
77 `(#:phases
78 (alist-delete 'configure %standard-phases)
79 #:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
cb6d322a
CB		 80 "CC=gcc"
81 "COPTS=\"-DHAVE_DBUS\"")
dd2efd3d
TUBK		 82 ;; No 'check' target.
83 #:tests? #f))
84 (home-page "http://www.thekelleys.org.uk/dnsmasq/doc.html")
85 (synopsis "Small caching DNS proxy and DHCP/TFTP server")
86 (description
87 "Dnsmasq is a lightweight DNS forwarder and DHCP server. It is designed
88to provide DNS and optionally, DHCP, to a small network. It can serve the
89names of local machines which are not in the global DNS. The DHCP server
90integrates with the DNS server and allows machines with DHCP-allocated
91addresses to appear in the DNS with names configured either in each host or in
92a central configuration file. Dnsmasq supports static and dynamic DHCP leases
93and BOOTP/TFTP for network booting of diskless machines.")
94 ;; Source files only say GPL2 and GPL3 are allowed.
1e744399
 95 (license (list license:gpl2 license:gpl3))))
96
a0683006
LC		 97;; 'bind' is the name of a built-in Guile procedure, which is why we choose a
98;; different name here.
99(define-public isc-bind
1e744399 100 (package
be86b7ad 101 (name "bind")
d02e19aa 102 (version "9.11.2")
1e744399
 103 (source (origin
104 (method url-fetch)
be86b7ad
JD		 105 (uri (string-append
106 "ftp://ftp.isc.org/isc/bind9/" version "/" name "-"
107 version ".tar.gz"))
1e744399
 108 (sha256
109 (base32
d02e19aa 110 "0yn7wgi2y8mpmvbjbkl4va7p0xsnn48m4yjx6ynb1hzp423asikz"))))
1e744399 111 (build-system gnu-build-system)
be86b7ad 112 (outputs `("out" "utils"))
1e744399
 113 (inputs
114 ;; it would be nice to add GeoIP and gssapi once there is package
115 `(("libcap" ,libcap)
116 ("libxml2" ,libxml2)
1e744399 117 ("openssl" ,openssl)
1e744399 118 ("p11-kit" ,p11-kit)))
be86b7ad
JD		 119 (native-inputs `(("perl" ,perl)
120 ("net-tools" ,net-tools)))
1e744399 121 (arguments
be86b7ad 122 `(#:configure-flags
1e744399
 123 (list (string-append "--with-openssl="
124 (assoc-ref %build-inputs "openssl"))
1e744399
 125 (string-append "--with-pkcs11="
126 (assoc-ref %build-inputs "p11-kit")))
127 #:phases
be86b7ad
JD		 128 (modify-phases %standard-phases
129 (add-after 'strip 'move-to-utils
130 (lambda _
131 (for-each
132 (lambda (file)
133 (let ((target (string-append (assoc-ref %outputs "utils") file))
134 (src (string-append (assoc-ref %outputs "out") file)))
135 (mkdir-p (dirname target))
136 (link src target)
137 (delete-file src)))
138 '("/bin/dig" "/bin/delv" "/bin/nslookup" "/bin/host" "/bin/nsupdate"
139 "/share/man/man1/dig.1"
140 "/share/man/man1/host.1"
141 "/share/man/man1/nslookup.1"
142 "/share/man/man1/nsupdate.1"))))
143 ;; When and if guix provides user namespaces for the build process,
144 ;; then the following can be uncommented and the subsequent "force-test"
145 ;; will not be necessary.
146 ;;
147 ;; (add-before 'check 'set-up-loopback
148 ;; (lambda _
149 ;; (system "bin/tests/system/ifconfig.sh up")))
150 (replace 'check
151 (lambda _
152 (zero? (system* "make" "force-test")))))))
153 (synopsis "An implementation of the Domain Name System")
366efcb2
TGR		 154 (description "BIND is an implementation of the @dfn{Domain Name System}
155(DNS) protocols for the Internet. It is a reference implementation of those
be86b7ad
JD		 156protocols, but it is also production-grade software, suitable for use in
157high-volume and high-reliability applications. The name BIND stands for
158\"Berkeley Internet Name Domain\", because the software originated in the early
1591980s at the University of California at Berkeley.")
160 (home-page "https://www.isc.org/downloads/bind")
ecc7aa89 161 (license (list license:mpl2.0))))
be86b7ad 162
d24727c0
MB		 163(define-public dnscrypt-proxy
164 (package
165 (name "dnscrypt-proxy")
83a89531 166 (version "1.9.5")
d24727c0
MB		 167 (source (origin
168 (method url-fetch)
169 (uri (string-append
170 "https://download.dnscrypt.org/dnscrypt-proxy/"
171 "dnscrypt-proxy-" version ".tar.bz2"))
172 (sha256
173 (base32
83a89531 174 "1dhvklr4dg2vlw108n11xbamacaryyg3dbrg629b76lp7685p7z8"))
d24727c0
MB		 175 (modules '((guix build utils)))
176 (snippet
177 ;; Delete bundled libltdl. XXX: This package also bundles
178 ;; a modified libevent that cannot currently be removed.
179 '(delete-file-recursively "libltdl"))))
180 (build-system gnu-build-system)
181 (arguments
182 `(#:phases
183 (modify-phases %standard-phases
d10092b8 184 (add-after 'unpack 'autoreconf
d24727c0
MB		 185 (lambda _
186 ;; Re-generate build files due to unbundling ltdl.
187 ;; TODO: Prevent generating new libltdl and building it.
188 ;; The system version is still favored and referenced.
189 (zero? (system* "autoreconf" "-vif")))))))
190 (native-inputs
191 `(("pkg-config" ,pkg-config)
192 ("automake" ,automake)
193 ("autoconf" ,autoconf)
194 ("libtool" ,libtool)))
195 (inputs
196 `(("libltdl" ,libltdl)
197 ("libsodium" ,libsodium)))
198 (home-page "https://www.dnscrypt.org/")
199 (synopsis "Securely send DNS requests to a remote server")
200 (description
201 "@command{dnscrypt-proxy} is a tool for securing communications
202between a client and a DNS resolver. It verifies that responses you get
203from a DNS provider was actually sent by that provider, and haven't been
204tampered with. For optimal performance it is recommended to use this as
205a forwarder for a caching DNS resolver such as @command{dnsmasq}, but it
206can also be used as a normal DNS \"server\". A list of public dnscrypt
207servers is included, and an up-to-date version is available at
208@url{https://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-resolvers.csv}.")
209 (license (list license:isc
210 ;; Libevent and src/ext/queue.h is 3-clause BSD.
211 license:bsd-3))))
212
afe62a8b
MB		 213(define-public dnscrypt-wrapper
214 (package
215 (name "dnscrypt-wrapper")
216 (version "0.2.2")
217 (source (origin
218 (method url-fetch)
219 (uri (string-append
220 "https://github.com/cofyc/dnscrypt-wrapper/releases"
221 "/download/v" version "/" name "-v" version ".tar.bz2"))
222 (sha256
223 (base32
224 "1vhg4g0r687f51wcdn7z9w1hxapazx6vyh5rsr8wa48sljzd583g"))))
225 (build-system gnu-build-system)
226 (arguments
227 `(#:make-flags '("CC=gcc")
228 ;; TODO: Tests require ruby-cucumber and ruby-aruba.
229 #:tests? #f
230 #:phases
231 (modify-phases %standard-phases
d10092b8 232 (add-after 'unpack 'create-configure
afe62a8b
MB		 233 (lambda _
234 (zero? (system* "make" "configure")))))))
235 (native-inputs
236 `(("autoconf" ,autoconf)))
237 (inputs
238 `(("libevent" ,libevent)
239 ("libsodium" ,libsodium)))
240 (home-page "https://github.com/Cofyc/dnscrypt-wrapper")
241 (synopsis "Server-side dnscrypt proxy")
242 (description
243 "@command{dnscrypt-wrapper} is a tool to expose a name server over
244the @code{dnscrypt} protocol. It can be used as an endpoint for the
245@command{dnscrypt-proxy} client to securely tunnel DNS requests between
246the two.")
247 (license (list license:isc
248 ;; Bundled argparse is MIT. TODO: package and unbundle.
249 license:expat
250 ;; dns-protocol.h and rfc1035.{c,h} is gpl2 or gpl3 (either).
251 license:gpl2
252 license:gpl3))))
253
71f048c6 254(define-public libasr
255 (package
256 (name "libasr")
257 (version "201602131606")
258 (source
259 (origin
260 (method url-fetch)
261 (uri (string-append "https://www.opensmtpd.org/archives/"
262 name "-" version ".tar.gz"))
263 (sha256
264 (base32
265 "18kdmbjsxrfai16d66qslp48b1zf7gr8him2jj5dcqgbsl44ls75"))))
266 (build-system gnu-build-system)
267 (native-inputs
268 `(("autoconf" ,autoconf)
269 ("automake" ,automake)
270 ("pkg-config" ,pkg-config)
271 ("groff" ,groff)))
272 (home-page "https://www.opensmtpd.org")
273 (synopsis "Asynchronous resolver library by the OpenBSD project")
274 (description
275 "libasr is a free, simple and portable asynchronous resolver library.
276It allows to run DNS queries and perform hostname resolutions in a fully
277asynchronous fashion.")
278 (license (list license:isc
279 license:bsd-2 ; last part of getrrsetbyname_async.c
280 license:bsd-3
281 (license:non-copyleft "file://LICENSE") ; includes.h
282 license:openssl))))
6cf626e8 283
7e61a16c
GG		 284(define-public unbound
285 (package
286 (name "unbound")
287 (version "1.6.3")
288 (source
289 (origin
290 (method url-fetch)
291 (uri (string-append "https://www.unbound.net/downloads/unbound-"
292 version ".tar.gz"))
293 (sha256
294 (base32
295 "0pw4m4z5qspsagxzbjb61xq5bhd57amw26xqvqzi6b8d3mf6azjc"))))
296 (build-system gnu-build-system)
297 (outputs '("out" "python"))
298 (native-inputs
299 `(("flex" ,flex)
300 ("swig" ,swig)))
301 (inputs
302 `(("expat" ,expat)
303 ("libevent" ,libevent)
304 ("protobuf" ,protobuf)
305 ("python" ,python-3)
306 ("python-wrapper" ,python-wrapper)
307 ("openssl" ,openssl)))
308 (arguments
309 `(#:configure-flags
a431929d
LC		 310 (list "--disable-static" ;save space and non-determinism in libunbound.a
311 (string-append
7e61a16c
GG		 312 "--with-ssl=" (assoc-ref %build-inputs "openssl"))
313 (string-append
314 "--with-libevent=" (assoc-ref %build-inputs "libevent"))
315 (string-append
316 "--with-libexpat=" (assoc-ref %build-inputs "expat"))
317 "--with-pythonmodule" "--with-pyunbound")
318 #:phases
319 (modify-phases %standard-phases
320 (add-after 'configure 'fix-python-site-package-path
321 ;; Move python modules into their own output.
322 (lambda* (#:key outputs #:allow-other-keys)
323 (let ((pyout (assoc-ref outputs "python"))
324 (ver ,(version-major+minor (package-version python))))
325 (substitute* "Makefile"
326 (("^PYTHON_SITE_PKG=.*$")
327 (string-append
328 "PYTHON_SITE_PKG="
329 pyout "/lib/python-" ver "/site-packages\n"))))
330 #t))
331 (add-before 'check 'fix-missing-nss-for-tests
332 ;; Unfortunately, the package's unittests involve some checks
333 ;; looking up protocols and services which are not provided
334 ;; by the minimalistic build environment, in particular,
335 ;; /etc/protocols and /etc/services are missing.
336 ;; Also, after plain substitution of protocol and service names
337 ;; in the test data, the tests still fail because the
338 ;; corresponding Resource Records have been signed by
339 ;; RRSIG records.
340 ;; The following LD_PRELOAD library overwrites the glibc
341 ;; functions ‘get{proto,serv}byname’, ‘getprotobynumber’ and
342 ;; ‘getservbyport’ providing the few records required for the
343 ;; unit tests to pass.
344 (lambda* (#:key inputs outputs #:allow-other-keys)
345 (let* ((source (assoc-ref %build-inputs "source"))
346 (gcc (assoc-ref %build-inputs "gcc")))
347 (call-with-output-file "/tmp/nss_preload.c"
348 (lambda (port)
349 (display "#include <stdlib.h>
350#include <string.h>
351#include <strings.h>
352
353#include <netdb.h>
354
355struct protoent *getprotobyname(const char *name) {
356 struct protoent *p = malloc(sizeof(struct protoent));
357 p->p_aliases = malloc(sizeof(char*));
358 if (strcasecmp(name, \"tcp\") == 0) {
359 p->p_name = \"tcp\";
360 p->p_proto = 6;
361 p->p_aliases[0] = \"TCP\";
362 } else if (strcasecmp(name, \"udp\") == 0) {
363 p->p_name = \"udp\";
364 p->p_proto = 17;
365 p->p_aliases[0] = \"UDP\";
366 } else
367 p = NULL;
368 return p;
369}
370
371struct protoent *getprotobynumber(int proto) {
372 struct protoent *p = malloc(sizeof(struct protoent));
373 p->p_aliases = malloc(sizeof(char*));
374 switch(proto) {
375 case 6:
376 p->p_name = \"tcp\";
377 p->p_proto = 6;
378 p->p_aliases[0] = \"TCP\";
379 break;
380 case 17:
381 p->p_name = \"udp\";
382 p->p_proto = 17;
383 p->p_aliases[0] = \"UDP\";
384 break;
385 default:
386 p = NULL;
387 break;
388 }
389 return p;
390}
391
392struct servent *getservbyname(const char *name, const char *proto) {
393 struct servent *s = malloc(sizeof(struct servent));
394 char* buf = malloc((strlen(proto)+1)*sizeof(char));
395 strcpy(buf, proto);
396 s->s_aliases = malloc(sizeof(char*));
397 s->s_aliases[0] = NULL;
398 if (strcasecmp(name, \"domain\") == 0) {
399 s->s_name = \"domain\";
400 s->s_port = htons(53);
401 s->s_proto = buf;
402 } else
403 s = NULL;
404 return s;
405}
406
407struct servent *getservbyport(int port, const char *proto) {
408 char buf[32];
409 struct servent *s = malloc(sizeof(struct servent));
410 strcpy(buf, proto);
411 s->s_aliases = malloc(sizeof(char*));
412 s->s_aliases[0] = NULL;
413 switch(port) {
414 case 53:
415 s->s_name = \"domain\";
416 s->s_port = 53;
417 s->s_proto = \"udp\";
418 break;
419 default:
420 s = NULL;
421 break;
422 }
423 return s;
424}" port)))
425 (system* (string-append gcc "/bin/gcc")
426 "-shared" "-fPIC" "-o" "/tmp/nss_preload.so"
427 "/tmp/nss_preload.c")
428 ;; The preload library only affects the unittests.
429 (substitute* "Makefile"
430 (("./unittest")
431 "LD_PRELOAD=/tmp/nss_preload.so ./unittest")))
432 #t)))))
433 (home-page "https://www.unbound.net")
434 (synopsis "Validating, recursive, and caching DNS resolver")
435 (description
436 "Unbound is a recursive-only caching DNS server which can perform DNSSEC
437validation of results. It implements only a minimal amount of authoritative
438service to prevent leakage to the root nameservers: forward lookups for
439localhost, reverse for @code{127.0.0.1} and @code{::1}, and NXDOMAIN for zones
440served by AS112. Stub and forward zones are supported.")
441 (license license:bsd-4)))
442
6cf626e8
TGR		 443(define-public yadifa
444 (package
445 (name "yadifa")
e0d87f8e 446 (version "2.2.5")
6cf626e8 447 (source
e0d87f8e 448 (let ((build "6937"))
8769d482
TGR		 449 (origin
450 (method url-fetch)
451 (uri
452 (string-append "http://cdn.yadifa.eu/sites/default/files/releases/"
e0d87f8e 453 name "-" version "-" build ".tar.gz"))
8769d482
TGR		 454 (sha256
455 (base32
e0d87f8e 456 "146fs52izf6dfwsxal3srpwin2yyl41g31cy4pyvbi5mqy2craj7")))))
6cf626e8
TGR		 457 (build-system gnu-build-system)
458 (native-inputs
459 `(("which" ,which)))
460 (inputs
461 `(("openssl" ,openssl)))
462 (arguments
463 `(#:phases (modify-phases %standard-phases
464 (add-before 'configure 'omit-example-configurations
2d431b01
TGR		 465 (lambda _
466 (substitute* "Makefile.in"
467 ((" (etc|var)") ""))
468 #t)))
6cf626e8
TGR		 469 #:configure-flags (list "--sysconfdir=/etc" "--localstatedir=/var"
470 "--enable-shared" "--disable-static"
471 "--enable-messages" "--enable-ctrl"
4d2fd1c0 472 "--enable-nsec" "--enable-nsec3"
e049372a 473 "--enable-tsig" "--enable-caching")))
6cf626e8
TGR		 474 (home-page "http://www.yadifa.eu/")
475 (synopsis "Authoritative DNS name server")
366efcb2
TGR		 476 (description "YADIFA is an authoritative name server for the @dfn{Domain
477Name System} (DNS). It aims for both higher performance and a smaller memory
6cf626e8 478footprint than other implementations, while remaining fully RFC-compliant.
366efcb2
TGR		 479YADIFA supports dynamic record updates and the @dfn{Domain Name System Security
480Extensions} (DNSSEC).")
6cf626e8 481 (license license:bsd-3)))
f9cdf1c1
TGR		 482
483(define-public knot
484 (package
485 (name "knot")
ce7393f0 486 (version "2.6.0")
f9cdf1c1
TGR		 487 (source (origin
488 (method url-fetch)
489 (uri (string-append "https://secure.nic.cz/files/knot-dns/"
490 name "-" version ".tar.xz"))
491 (sha256
492 (base32
ce7393f0 493 "1zc3ybhcxgbysyy68kbmndh6xzy4jnr5iikyrf9s2sxzs1hlkq38"))
f9cdf1c1
TGR		 494 (modules '((guix build utils)))
495 (snippet
496 '(begin
497 ;; Remove bundled libraries and dependencies on them.
498 (substitute* "configure"
499 (("src/contrib/dnstap/Makefile") ""))
500 (substitute* "src/Makefile.in"
501 (("contrib/dnstap ") ""))
502 (with-directory-excursion "src/contrib"
503 (for-each delete-file-recursively
2d431b01
TGR		 504 (list "dnstap" "lmdb")))
505 #t))))
f9cdf1c1
TGR		 506 (build-system gnu-build-system)
507 (native-inputs
508 `(("pkg-config" ,pkg-config)))
509 (inputs
510 `(("gnutls" ,gnutls)
511 ("jansson" ,jansson)
512 ("libcap-ng" ,libcap-ng)
513 ("libedit" ,libedit)
514 ("libidn" ,libidn)
515 ("liburcu" ,liburcu)
516 ("lmdb" ,lmdb)
517 ("ncurses" ,ncurses)
c7d0444a
TGR		 518 ("nettle" ,nettle)
519
520 ;; For ‘pykeymgr’, needed to migrate keys from versions <= 2.4.
521 ("python" ,python-2)
522 ("python-lmdb" ,python2-lmdb)))
f9cdf1c1
TGR		 523 (arguments
524 `(#:phases
525 (modify-phases %standard-phases
526 (add-before 'configure 'disable-directory-pre-creation
527 (lambda _
528 ;; Don't install empty directories like ‘/etc’ outside the store.
2d431b01
TGR		 529 (substitute* "src/Makefile.in" (("\\$\\(INSTALL\\) -d") "true"))
530 #t))
f9cdf1c1
TGR		 531 (replace 'install
532 (lambda* (#:key outputs #:allow-other-keys)
533 (let* ((out (assoc-ref outputs "out"))
534 (doc (string-append out "/share/doc/knot"))
535 (etc (string-append doc "/examples/etc")))
536 (zero?
537 (system* "make"
538 (string-append "config_dir=" etc)
c7d0444a
TGR		 539 "install")))))
540 (add-after 'install 'wrap-python-scripts
541 (lambda* (#:key outputs #:allow-other-keys)
542 (let* ((out (assoc-ref outputs "out"))
543 (path (getenv "PYTHONPATH")))
544 (wrap-program (string-append out "/sbin/pykeymgr")
545 `("PYTHONPATH" ":" prefix (,path))))
546 #t)))
f9cdf1c1
TGR		 547 #:configure-flags
548 (list "--sysconfdir=/etc"
549 "--localstatedir=/var"
c7d0444a 550 "--with-module-rosedb=yes" ; serve static records from a database
f9cdf1c1
TGR		 551 (string-append "--with-bash-completions="
552 (assoc-ref %outputs "out")
553 "/etc/bash_completion.d"))))
554 (home-page "https://www.knot-dns.cz/")
555 (synopsis "Authoritative DNS name server")
d1e4ad1b 556 (description "Knot DNS is an authoritative name server for the @dfn{Domain
f9cdf1c1
TGR		 557Name System} (DNS), designed to meet the needs of root and @dfn{top-level
558domain} (TLD) name servers. It is implemented as a threaded daemon and uses a
559number of programming techniques to improve speed. For example, the responder
560is completely lock-free, resulting in a very high response rate. Other features
561include automatic @dfn{DNS Security Extensions} (DNSSEC) signing, dynamic record
562synthesis, and on-the-fly re-configuration.")
563 (license (list license:expat ; src/contrib/{hat-trie,murmurhash3}
564 license:lgpl2.0+ ; parts of scr/contrib/ucw
565 license:gpl3+)))) ; everything else
jackhill's copy of GNU Guix: https://guix.gnu.org/