b6d2930d |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2017 nee <nee-git@hidamari.blue> |
3 | ;;; |
4 | ;;; This file is part of GNU Guix. |
5 | ;;; |
6 | ;;; GNU Guix is free software; you can redistribute it and/or modify it |
7 | ;;; under the terms of the GNU General Public License as published by |
8 | ;;; the Free Software Foundation; either version 3 of the License, or (at |
9 | ;;; your option) any later version. |
10 | ;;; |
11 | ;;; GNU Guix is distributed in the hope that it will be useful, but |
12 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
14 | ;;; GNU General Public License for more details. |
15 | ;;; |
16 | ;;; You should have received a copy of the GNU General Public License |
17 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. |
18 | |
19 | (define-module (gnu services telephony) |
20 | #:use-module (gnu services) |
21 | #:use-module (gnu services shepherd) |
22 | #:use-module (gnu system shadow) |
23 | #:use-module (gnu packages admin) |
24 | #:use-module (gnu packages telephony) |
25 | #:use-module (guix records) |
26 | #:use-module (guix gexp) |
27 | #:use-module (srfi srfi-1) |
28 | #:use-module (ice-9 match) |
29 | #:export (murmur-configuration |
30 | make-murmur-configuration |
31 | murmur-configuration? |
32 | murmur-configuration-package |
33 | murmur-configuration-user |
34 | murmur-configuration-group |
35 | murmur-configuration-port |
36 | murmur-configuration-welcome-text |
37 | murmur-configuration-server-password |
38 | murmur-configuration-max-users |
39 | murmur-configuration-max-user-bandwidth |
40 | murmur-configuration-database-file |
41 | murmur-configuration-log-file |
42 | murmur-configuration-pid-file |
43 | murmur-configuration-autoban-attempts |
44 | murmur-configuration-autoban-timeframe |
45 | murmur-configuration-autoban-time |
46 | murmur-configuration-opus-threshold |
47 | murmur-configuration-channel-nesting-limit |
48 | murmur-configuration-channelname-regex |
49 | murmur-configuration-username-regex |
50 | murmur-configuration-text-message-length |
51 | murmur-configuration-image-message-length |
52 | murmur-configuration-cert-required? |
53 | murmur-configuration-remember-channel? |
54 | murmur-configuration-allow-html? |
55 | murmur-configuration-allow-ping? |
56 | murmur-configuration-bonjour? |
57 | murmur-configuration-send-version? |
58 | murmur-configuration-log-days |
59 | murmur-configuration-obfuscate-ips? |
60 | murmur-configuration-ssl-cert |
61 | murmur-configuration-ssl-key |
62 | murmur-configuration-ssl-dh-params |
63 | murmur-configuration-ssl-ciphers |
64 | murmur-configuration-public-registration |
65 | murmur-configuration-file |
66 | |
67 | murmur-public-registration-configuration |
68 | make-murmur-public-registration-configuration |
69 | murmur-public-registration-configuration? |
70 | murmur-public-registration-configuration-name |
71 | murmur-public-registration-configuration-url |
72 | murmur-public-registration-configuration-password |
73 | murmur-public-registration-configuration-hostname |
74 | |
75 | murmur-service-type)) |
76 | |
77 | ;; https://github.com/mumble-voip/mumble/blob/master/scripts/murmur.ini |
78 | |
79 | (define-record-type* <murmur-configuration> murmur-configuration |
80 | make-murmur-configuration |
81 | murmur-configuration? |
82 | (package murmur-configuration-package ;<package> |
83 | (default mumble)) |
84 | (user murmur-configuration-user |
85 | (default "murmur")) |
86 | (group murmur-configuration-group |
87 | (default "murmur")) |
88 | (port murmur-configuration-port |
89 | (default 64738)) |
90 | (welcome-text murmur-configuration-welcome-text |
91 | (default "")) |
92 | (server-password murmur-configuration-server-password |
93 | (default "")) |
94 | (max-users murmur-configuration-max-users |
95 | (default 100)) |
96 | (max-user-bandwidth murmur-configuration-max-user-bandwidth |
97 | (default #f)) |
98 | (database-file murmur-configuration-database-file |
99 | (default "/var/lib/murmur/db.sqlite")) |
100 | (log-file murmur-configuration-log-file |
101 | (default "/var/log/murmur/murmur.log")) |
102 | (pid-file murmur-configuration-pid-file |
103 | (default "/var/run/murmur/murmur.pid")) |
104 | (autoban-attempts murmur-configuration-autoban-attempts |
105 | (default 10)) |
106 | (autoban-timeframe murmur-configuration-autoban-timeframe |
107 | (default 120)) |
108 | (autoban-time murmur-configuration-autoban-time |
109 | (default 300)) |
110 | (opus-threshold murmur-configuration-opus-threshold |
111 | (default 100)) ; integer percent |
112 | (channel-nesting-limit murmur-configuration-channel-nesting-limit |
113 | (default 10)) |
114 | (channelname-regex murmur-configuration-channelname-regex |
115 | (default #f)) |
116 | (username-regex murmur-configuration-username-regex |
117 | (default #f)) |
118 | (text-message-length murmur-configuration-text-message-length |
119 | (default 5000)) |
120 | (image-message-length murmur-configuration-image-message-length |
121 | (default (* 128 1024))) ; 128 Kilobytes |
122 | (cert-required? murmur-configuration-cert-required? |
123 | (default #f)) |
124 | (remember-channel? murmur-configuration-remember-channel? |
125 | (default #f)) |
126 | (allow-html? murmur-configuration-allow-html? |
127 | (default #f)) |
128 | (allow-ping? murmur-configuration-allow-ping? |
129 | (default #f)) |
130 | (bonjour? murmur-configuration-bonjour? |
131 | (default #f)) |
132 | (send-version? murmur-configuration-send-version? |
133 | (default #f)) |
134 | (log-days murmur-configuration-log-days |
135 | (default 31)) |
136 | (obfuscate-ips? murmur-obfuscate-ips? |
137 | (default #t)) |
138 | (ssl-cert murmur-configuration-ssl-cert |
139 | (default #f)) |
140 | (ssl-key murmur-configuration-ssl-key |
141 | (default #f)) |
142 | (ssl-dh-params murmur-configuration-ssl-dh-params |
143 | (default #f)) |
144 | (ssl-ciphers murmur-configuration-ssl-ciphers |
145 | (default #f)) |
146 | (public-registration murmur-configuration-public-registration |
147 | (default #f)) ; <murmur-public-registration-configuration> |
148 | (file murmur-configuration-file |
149 | (default #f))) |
150 | |
151 | (define-record-type* <murmur-public-registration-configuration> |
152 | murmur-public-registration-configuration |
153 | make-murmur-public-registration-configuration |
154 | murmur-public-registration-configuration? |
155 | (name murmur-public-registration-configuration-name) |
156 | (password murmur-public-registration-configuration-password) |
157 | (url murmur-public-registration-configuration-url) |
158 | (hostname murmur-public-registration-configuration-hostname |
159 | (default #f))) |
160 | |
161 | (define (flatten . lst) |
162 | "Return a list that recursively concatenates all sub-lists of LST." |
163 | (define (flatten1 head out) |
164 | (if (list? head) |
165 | (fold-right flatten1 out head) |
166 | (cons head out))) |
167 | (fold-right flatten1 '() lst)) |
168 | |
169 | (define (default-murmur-config config) |
170 | (match-record |
171 | config |
172 | <murmur-configuration> |
173 | (user port welcome-text server-password max-users max-user-bandwidth |
174 | database-file log-file pid-file autoban-attempts autoban-timeframe |
175 | autoban-time opus-threshold channel-nesting-limit channelname-regex |
176 | username-regex text-message-length image-message-length cert-required? |
177 | remember-channel? allow-html? allow-ping? bonjour? send-version? |
178 | log-days obfuscate-ips? ssl-cert ssl-key ssl-dh-params ssl-ciphers |
179 | public-registration) |
180 | (apply mixed-text-file "murmur.ini" |
181 | (flatten |
182 | "welcometext=" welcome-text "\n" |
183 | "port=" (number->string port) "\n" |
184 | (if server-password (list "serverpassword=" server-password "\n") '()) |
185 | (if max-user-bandwidth (list "bandwidth=" (number->string max-user-bandwidth)) '()) |
186 | "users=" (number->string max-users) "\n" |
187 | "uname=" user "\n" |
188 | "database=" database-file "\n" |
189 | "logfile=" log-file "\n" |
190 | "pidfile=" pid-file "\n" |
191 | (if autoban-attempts (list "autobanAttempts=" (number->string autoban-attempts) "\n") '()) |
192 | (if autoban-timeframe (list "autobanTimeframe=" (number->string autoban-timeframe) "\n") '()) |
193 | (if autoban-time (list "autobanTime=" (number->string autoban-time) "\n") '()) |
194 | (if opus-threshold (list "opusthreshold=" (number->string opus-threshold) "\n") '()) |
195 | (if channel-nesting-limit (list "channelnestinglimit=" (number->string channel-nesting-limit) "\n") '()) |
196 | (if channelname-regex (list "channelname=" channelname-regex "\n") '()) |
197 | (if username-regex (list "username=" username-regex "\n") '()) |
198 | (if text-message-length (list "textmessagelength=" (number->string text-message-length) "\n") '()) |
199 | (if image-message-length (list "imagemessagelength=" (number->string image-message-length) "\n") '()) |
200 | (if log-days (list "logdays=" (number->string log-days) "\n") '()) |
201 | "obfuscate=" (if obfuscate-ips? "true" "false") "\n" |
202 | "certrequired=" (if cert-required? "true" "false") "\n" |
203 | "rememberchannel=" (if remember-channel? "true" "false") "\n" |
204 | "allowhtml=" (if allow-html? "true" "false") "\n" |
205 | "allowping=" (if allow-ping? "true" "false") "\n" |
206 | "bonjour=" (if bonjour? "true" "false") "\n" |
207 | "sendversion=" (if send-version? "true" "false") "\n" |
208 | (cond ((and ssl-cert ssl-key) |
209 | (list |
210 | "sslCert=" ssl-cert "\n" |
211 | "sslKey=" ssl-key "\n")) |
212 | ((or ssl-cert ssl-key) |
213 | (error "ssl-cert and ssl-key must both be set" |
214 | ssl-cert ssl-key)) |
215 | (else '())) |
216 | (if ssl-dh-params (list "sslDHParams=" ssl-dh-params) '()) |
217 | (if ssl-ciphers (list "sslCiphers=" ssl-ciphers) '()) |
218 | |
219 | (match public-registration |
220 | (#f '()) |
221 | (($ <murmur-public-registration-configuration> |
222 | name password url hostname) |
223 | (if (and (or (not server-password) (string-null? server-password)) |
224 | allow-ping?) |
225 | (list |
226 | "registerName=" name "\n" |
227 | "registerPassword=" password "\n" |
228 | "registerUrl=" url "\n" |
229 | (if hostname |
230 | (string-append "registerHostname=" hostname "\n") |
231 | "")) |
232 | (error "To publicly register your murmur server your server must be publicy visible |
233 | and users must be able to join without a password. To fix this set: |
234 | (allow-ping? #t) |
235 | (server-password \"\") |
236 | Or set public-registration to #f")))))))) |
237 | |
238 | (define (murmur-activation config) |
239 | #~(begin |
240 | (use-modules (guix build utils)) |
241 | (let* ((log-dir (dirname #$(murmur-configuration-log-file config))) |
242 | (pid-dir (dirname #$(murmur-configuration-pid-file config))) |
243 | (db-dir (dirname #$(murmur-configuration-database-file config))) |
244 | (user (getpwnam #$(murmur-configuration-user config))) |
245 | (init-dir |
246 | (lambda (name dir) |
247 | (format #t "creating murmur ~a directory '~a'\n" name dir) |
248 | (mkdir-p dir) |
249 | (chown dir (passwd:uid user) (passwd:gid user)) |
250 | (chmod dir #o700))) |
251 | (ini #$(or (murmur-configuration-file config) |
252 | (default-murmur-config config)))) |
253 | (init-dir "log" log-dir) |
254 | (init-dir "pid" pid-dir) |
255 | (init-dir "database" db-dir) |
256 | |
257 | (format #t "murmur: use config file: ~a~%\n" ini) |
258 | (format #t "murmur: to set the SuperUser password run: |
259 | `~a -ini ~a -readsupw`\n" |
260 | #$(file-append (murmur-configuration-package config) |
261 | "/bin/murmurd") ini) |
262 | #t))) |
263 | |
264 | (define murmur-accounts |
265 | (match-lambda |
266 | (($ <murmur-configuration> _ user group) |
267 | (list |
268 | (user-group |
269 | (name group) |
270 | (system? #t)) |
271 | (user-account |
272 | (name user) |
273 | (group group) |
274 | (system? #t) |
275 | (comment "Murmur Daemon") |
276 | (home-directory "/var/empty") |
277 | (shell (file-append shadow "/sbin/nologin"))))))) |
278 | |
279 | (define (murmur-shepherd-service config) |
280 | (list (shepherd-service |
281 | (provision '(murmur)) |
282 | (documentation "Run the Murmur Mumble server.") |
283 | (requirement '(networking)) |
284 | (start #~(make-forkexec-constructor |
285 | '(#$(file-append (murmur-configuration-package config) |
286 | "/bin/murmurd") |
287 | "-ini" |
288 | #$(or (murmur-configuration-file config) |
289 | (default-murmur-config config))) |
290 | #:pid-file #$(murmur-configuration-pid-file config))) |
291 | (stop #~(make-kill-destructor))))) |
292 | |
293 | (define murmur-service-type |
294 | (service-type (name 'murmur) |
295 | (description |
296 | "Run the Murmur voice-over-IP (VoIP) server of the Mumble |
297 | suite.") |
298 | (extensions |
299 | (list (service-extension shepherd-root-service-type |
300 | murmur-shepherd-service) |
301 | (service-extension activation-service-type |
302 | murmur-activation) |
303 | (service-extension account-service-type |
304 | murmur-accounts))) |
305 | (default-value (murmur-configuration)))) |