Commit | Line | Data |
---|---|---|
b6d2930d | 1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2017 nee <nee-git@hidamari.blue> | |
3 | ;;; | |
4 | ;;; This file is part of GNU Guix. | |
5 | ;;; | |
6 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
7 | ;;; under the terms of the GNU General Public License as published by | |
8 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
9 | ;;; your option) any later version. | |
10 | ;;; | |
11 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
12 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | ;;; GNU General Public License for more details. | |
15 | ;;; | |
16 | ;;; You should have received a copy of the GNU General Public License | |
17 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
18 | ||
19 | (define-module (gnu services telephony) | |
20 | #:use-module (gnu services) | |
21 | #:use-module (gnu services shepherd) | |
22 | #:use-module (gnu system shadow) | |
23 | #:use-module (gnu packages admin) | |
24 | #:use-module (gnu packages telephony) | |
25 | #:use-module (guix records) | |
26 | #:use-module (guix gexp) | |
27 | #:use-module (srfi srfi-1) | |
28 | #:use-module (ice-9 match) | |
29 | #:export (murmur-configuration | |
30 | make-murmur-configuration | |
31 | murmur-configuration? | |
32 | murmur-configuration-package | |
33 | murmur-configuration-user | |
34 | murmur-configuration-group | |
35 | murmur-configuration-port | |
36 | murmur-configuration-welcome-text | |
37 | murmur-configuration-server-password | |
38 | murmur-configuration-max-users | |
39 | murmur-configuration-max-user-bandwidth | |
40 | murmur-configuration-database-file | |
41 | murmur-configuration-log-file | |
42 | murmur-configuration-pid-file | |
43 | murmur-configuration-autoban-attempts | |
44 | murmur-configuration-autoban-timeframe | |
45 | murmur-configuration-autoban-time | |
46 | murmur-configuration-opus-threshold | |
47 | murmur-configuration-channel-nesting-limit | |
48 | murmur-configuration-channelname-regex | |
49 | murmur-configuration-username-regex | |
50 | murmur-configuration-text-message-length | |
51 | murmur-configuration-image-message-length | |
52 | murmur-configuration-cert-required? | |
53 | murmur-configuration-remember-channel? | |
54 | murmur-configuration-allow-html? | |
55 | murmur-configuration-allow-ping? | |
56 | murmur-configuration-bonjour? | |
57 | murmur-configuration-send-version? | |
58 | murmur-configuration-log-days | |
59 | murmur-configuration-obfuscate-ips? | |
60 | murmur-configuration-ssl-cert | |
61 | murmur-configuration-ssl-key | |
62 | murmur-configuration-ssl-dh-params | |
63 | murmur-configuration-ssl-ciphers | |
64 | murmur-configuration-public-registration | |
65 | murmur-configuration-file | |
66 | ||
67 | murmur-public-registration-configuration | |
68 | make-murmur-public-registration-configuration | |
69 | murmur-public-registration-configuration? | |
70 | murmur-public-registration-configuration-name | |
71 | murmur-public-registration-configuration-url | |
72 | murmur-public-registration-configuration-password | |
73 | murmur-public-registration-configuration-hostname | |
74 | ||
75 | murmur-service-type)) | |
76 | ||
77 | ;; https://github.com/mumble-voip/mumble/blob/master/scripts/murmur.ini | |
78 | ||
79 | (define-record-type* <murmur-configuration> murmur-configuration | |
80 | make-murmur-configuration | |
81 | murmur-configuration? | |
82 | (package murmur-configuration-package ;<package> | |
83 | (default mumble)) | |
84 | (user murmur-configuration-user | |
85 | (default "murmur")) | |
86 | (group murmur-configuration-group | |
87 | (default "murmur")) | |
88 | (port murmur-configuration-port | |
89 | (default 64738)) | |
90 | (welcome-text murmur-configuration-welcome-text | |
91 | (default "")) | |
92 | (server-password murmur-configuration-server-password | |
93 | (default "")) | |
94 | (max-users murmur-configuration-max-users | |
95 | (default 100)) | |
96 | (max-user-bandwidth murmur-configuration-max-user-bandwidth | |
97 | (default #f)) | |
98 | (database-file murmur-configuration-database-file | |
99 | (default "/var/lib/murmur/db.sqlite")) | |
100 | (log-file murmur-configuration-log-file | |
101 | (default "/var/log/murmur/murmur.log")) | |
102 | (pid-file murmur-configuration-pid-file | |
103 | (default "/var/run/murmur/murmur.pid")) | |
104 | (autoban-attempts murmur-configuration-autoban-attempts | |
105 | (default 10)) | |
106 | (autoban-timeframe murmur-configuration-autoban-timeframe | |
107 | (default 120)) | |
108 | (autoban-time murmur-configuration-autoban-time | |
109 | (default 300)) | |
110 | (opus-threshold murmur-configuration-opus-threshold | |
111 | (default 100)) ; integer percent | |
112 | (channel-nesting-limit murmur-configuration-channel-nesting-limit | |
113 | (default 10)) | |
114 | (channelname-regex murmur-configuration-channelname-regex | |
115 | (default #f)) | |
116 | (username-regex murmur-configuration-username-regex | |
117 | (default #f)) | |
118 | (text-message-length murmur-configuration-text-message-length | |
119 | (default 5000)) | |
120 | (image-message-length murmur-configuration-image-message-length | |
121 | (default (* 128 1024))) ; 128 Kilobytes | |
122 | (cert-required? murmur-configuration-cert-required? | |
123 | (default #f)) | |
124 | (remember-channel? murmur-configuration-remember-channel? | |
125 | (default #f)) | |
126 | (allow-html? murmur-configuration-allow-html? | |
127 | (default #f)) | |
128 | (allow-ping? murmur-configuration-allow-ping? | |
129 | (default #f)) | |
130 | (bonjour? murmur-configuration-bonjour? | |
131 | (default #f)) | |
132 | (send-version? murmur-configuration-send-version? | |
133 | (default #f)) | |
134 | (log-days murmur-configuration-log-days | |
135 | (default 31)) | |
136 | (obfuscate-ips? murmur-obfuscate-ips? | |
137 | (default #t)) | |
138 | (ssl-cert murmur-configuration-ssl-cert | |
139 | (default #f)) | |
140 | (ssl-key murmur-configuration-ssl-key | |
141 | (default #f)) | |
142 | (ssl-dh-params murmur-configuration-ssl-dh-params | |
143 | (default #f)) | |
144 | (ssl-ciphers murmur-configuration-ssl-ciphers | |
145 | (default #f)) | |
146 | (public-registration murmur-configuration-public-registration | |
147 | (default #f)) ; <murmur-public-registration-configuration> | |
148 | (file murmur-configuration-file | |
149 | (default #f))) | |
150 | ||
151 | (define-record-type* <murmur-public-registration-configuration> | |
152 | murmur-public-registration-configuration | |
153 | make-murmur-public-registration-configuration | |
154 | murmur-public-registration-configuration? | |
155 | (name murmur-public-registration-configuration-name) | |
156 | (password murmur-public-registration-configuration-password) | |
157 | (url murmur-public-registration-configuration-url) | |
158 | (hostname murmur-public-registration-configuration-hostname | |
159 | (default #f))) | |
160 | ||
161 | (define (flatten . lst) | |
162 | "Return a list that recursively concatenates all sub-lists of LST." | |
163 | (define (flatten1 head out) | |
164 | (if (list? head) | |
165 | (fold-right flatten1 out head) | |
166 | (cons head out))) | |
167 | (fold-right flatten1 '() lst)) | |
168 | ||
169 | (define (default-murmur-config config) | |
170 | (match-record | |
171 | config | |
172 | <murmur-configuration> | |
173 | (user port welcome-text server-password max-users max-user-bandwidth | |
174 | database-file log-file pid-file autoban-attempts autoban-timeframe | |
175 | autoban-time opus-threshold channel-nesting-limit channelname-regex | |
176 | username-regex text-message-length image-message-length cert-required? | |
177 | remember-channel? allow-html? allow-ping? bonjour? send-version? | |
178 | log-days obfuscate-ips? ssl-cert ssl-key ssl-dh-params ssl-ciphers | |
179 | public-registration) | |
180 | (apply mixed-text-file "murmur.ini" | |
181 | (flatten | |
182 | "welcometext=" welcome-text "\n" | |
183 | "port=" (number->string port) "\n" | |
184 | (if server-password (list "serverpassword=" server-password "\n") '()) | |
83670e02 SM |
185 | (if max-user-bandwidth (list "bandwidth=" |
186 | (number->string max-user-bandwidth) "\n") | |
187 | '()) | |
b6d2930d | 188 | "users=" (number->string max-users) "\n" |
189 | "uname=" user "\n" | |
190 | "database=" database-file "\n" | |
191 | "logfile=" log-file "\n" | |
192 | "pidfile=" pid-file "\n" | |
193 | (if autoban-attempts (list "autobanAttempts=" (number->string autoban-attempts) "\n") '()) | |
194 | (if autoban-timeframe (list "autobanTimeframe=" (number->string autoban-timeframe) "\n") '()) | |
195 | (if autoban-time (list "autobanTime=" (number->string autoban-time) "\n") '()) | |
196 | (if opus-threshold (list "opusthreshold=" (number->string opus-threshold) "\n") '()) | |
197 | (if channel-nesting-limit (list "channelnestinglimit=" (number->string channel-nesting-limit) "\n") '()) | |
198 | (if channelname-regex (list "channelname=" channelname-regex "\n") '()) | |
199 | (if username-regex (list "username=" username-regex "\n") '()) | |
200 | (if text-message-length (list "textmessagelength=" (number->string text-message-length) "\n") '()) | |
201 | (if image-message-length (list "imagemessagelength=" (number->string image-message-length) "\n") '()) | |
202 | (if log-days (list "logdays=" (number->string log-days) "\n") '()) | |
203 | "obfuscate=" (if obfuscate-ips? "true" "false") "\n" | |
204 | "certrequired=" (if cert-required? "true" "false") "\n" | |
205 | "rememberchannel=" (if remember-channel? "true" "false") "\n" | |
206 | "allowhtml=" (if allow-html? "true" "false") "\n" | |
207 | "allowping=" (if allow-ping? "true" "false") "\n" | |
208 | "bonjour=" (if bonjour? "true" "false") "\n" | |
209 | "sendversion=" (if send-version? "true" "false") "\n" | |
210 | (cond ((and ssl-cert ssl-key) | |
211 | (list | |
212 | "sslCert=" ssl-cert "\n" | |
213 | "sslKey=" ssl-key "\n")) | |
214 | ((or ssl-cert ssl-key) | |
215 | (error "ssl-cert and ssl-key must both be set" | |
216 | ssl-cert ssl-key)) | |
217 | (else '())) | |
218 | (if ssl-dh-params (list "sslDHParams=" ssl-dh-params) '()) | |
219 | (if ssl-ciphers (list "sslCiphers=" ssl-ciphers) '()) | |
220 | ||
221 | (match public-registration | |
222 | (#f '()) | |
223 | (($ <murmur-public-registration-configuration> | |
224 | name password url hostname) | |
225 | (if (and (or (not server-password) (string-null? server-password)) | |
226 | allow-ping?) | |
227 | (list | |
228 | "registerName=" name "\n" | |
229 | "registerPassword=" password "\n" | |
230 | "registerUrl=" url "\n" | |
231 | (if hostname | |
232 | (string-append "registerHostname=" hostname "\n") | |
233 | "")) | |
234 | (error "To publicly register your murmur server your server must be publicy visible | |
235 | and users must be able to join without a password. To fix this set: | |
236 | (allow-ping? #t) | |
237 | (server-password \"\") | |
238 | Or set public-registration to #f")))))))) | |
239 | ||
240 | (define (murmur-activation config) | |
241 | #~(begin | |
242 | (use-modules (guix build utils)) | |
243 | (let* ((log-dir (dirname #$(murmur-configuration-log-file config))) | |
244 | (pid-dir (dirname #$(murmur-configuration-pid-file config))) | |
245 | (db-dir (dirname #$(murmur-configuration-database-file config))) | |
246 | (user (getpwnam #$(murmur-configuration-user config))) | |
247 | (init-dir | |
248 | (lambda (name dir) | |
249 | (format #t "creating murmur ~a directory '~a'\n" name dir) | |
250 | (mkdir-p dir) | |
251 | (chown dir (passwd:uid user) (passwd:gid user)) | |
252 | (chmod dir #o700))) | |
253 | (ini #$(or (murmur-configuration-file config) | |
254 | (default-murmur-config config)))) | |
255 | (init-dir "log" log-dir) | |
256 | (init-dir "pid" pid-dir) | |
257 | (init-dir "database" db-dir) | |
258 | ||
259 | (format #t "murmur: use config file: ~a~%\n" ini) | |
260 | (format #t "murmur: to set the SuperUser password run: | |
261 | `~a -ini ~a -readsupw`\n" | |
262 | #$(file-append (murmur-configuration-package config) | |
263 | "/bin/murmurd") ini) | |
264 | #t))) | |
265 | ||
266 | (define murmur-accounts | |
267 | (match-lambda | |
268 | (($ <murmur-configuration> _ user group) | |
269 | (list | |
270 | (user-group | |
271 | (name group) | |
272 | (system? #t)) | |
273 | (user-account | |
274 | (name user) | |
275 | (group group) | |
276 | (system? #t) | |
277 | (comment "Murmur Daemon") | |
278 | (home-directory "/var/empty") | |
279 | (shell (file-append shadow "/sbin/nologin"))))))) | |
280 | ||
281 | (define (murmur-shepherd-service config) | |
282 | (list (shepherd-service | |
283 | (provision '(murmur)) | |
284 | (documentation "Run the Murmur Mumble server.") | |
285 | (requirement '(networking)) | |
286 | (start #~(make-forkexec-constructor | |
287 | '(#$(file-append (murmur-configuration-package config) | |
288 | "/bin/murmurd") | |
289 | "-ini" | |
290 | #$(or (murmur-configuration-file config) | |
291 | (default-murmur-config config))) | |
292 | #:pid-file #$(murmur-configuration-pid-file config))) | |
293 | (stop #~(make-kill-destructor))))) | |
294 | ||
295 | (define murmur-service-type | |
296 | (service-type (name 'murmur) | |
297 | (description | |
298 | "Run the Murmur voice-over-IP (VoIP) server of the Mumble | |
299 | suite.") | |
300 | (extensions | |
301 | (list (service-extension shepherd-root-service-type | |
302 | murmur-shepherd-service) | |
303 | (service-extension activation-service-type | |
304 | murmur-activation) | |
305 | (service-extension account-service-type | |
306 | murmur-accounts))) | |
307 | (default-value (murmur-configuration)))) |