gnu/services/networking.scm

   1 ;;; GNU Guix --- Functional package management for GNU
   2 ;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org>
   3 ;;;
   4 ;;; This file is part of GNU Guix.
   5 ;;;
   6 ;;; GNU Guix is free software; you can redistribute it and/or modify it
   7 ;;; under the terms of the GNU General Public License as published by
   8 ;;; the Free Software Foundation; either version 3 of the License, or (at
   9 ;;; your option) any later version.
  10 ;;;
  11 ;;; GNU Guix is distributed in the hope that it will be useful, but
  12 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
  13 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14 ;;; GNU General Public License for more details.
  15 ;;;
  16 ;;; You should have received a copy of the GNU General Public License
  17 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
  18
  19 (define-module (gnu services networking)
  20   #:use-module (gnu services)
  21   #:use-module (gnu system shadow)
  22   #:use-module (gnu packages admin)
  23   #:use-module (gnu packages linux)
  24   #:use-module (gnu packages tor)
  25   #:use-module (guix gexp)
  26   #:use-module (guix monads)
  27   #:export (static-networking-service
  28             tor-service))
  29
  30 ;;; Commentary:
  31 ;;;
  32 ;;; Networking services.
  33 ;;;
  34 ;;; Code:
  35
  36 (define* (static-networking-service interface ip
  37                                     #:key
  38                                     gateway
  39                                     (provision '(networking))
  40                                     (name-servers '())
  41                                     (inetutils inetutils)
  42                                     (net-tools net-tools))
  43   "Return a service that starts @var{interface} with address @var{ip}.  If
  44 @var{gateway} is true, it must be a string specifying the default network
  45 gateway."
  46
  47   ;; TODO: Eventually we should do this using Guile's networking procedures,
  48   ;; like 'configure-qemu-networking' does, but the patch that does this is
  49   ;; not yet in stock Guile.
  50   (with-monad %store-monad
  51     (return
  52      (service
  53       (documentation
  54        (string-append "Set up networking on the '" interface
  55                       "' interface using a static IP address."))
  56       (provision provision)
  57       (start #~(lambda _
  58                  ;; Return #t if successfully started.
  59                  (and (zero? (system* (string-append #$inetutils
  60                                                      "/bin/ifconfig")
  61                                       "-i" #$interface "-A" #$ip
  62                                       "-i" #$interface "--up"))
  63                       #$(if gateway
  64                             #~(zero? (system* (string-append #$net-tools
  65                                                              "/sbin/route")
  66                                               "add" "-net" "default"
  67                                               "gw" #$gateway))
  68                             #t)
  69                       #$(if (pair? name-servers)
  70                             #~(call-with-output-file "/etc/resolv.conf"
  71                                 (lambda (port)
  72                                   (display
  73                                    "# Generated by 'static-networking-service'.\n"
  74                                    port)
  75                                   (for-each (lambda (server)
  76                                               (format port "nameserver ~a~%"
  77                                                       server))
  78                                             '#$name-servers)))
  79                             #t))))
  80       (stop #~(lambda _
  81                 ;; Return #f is successfully stopped.
  82                 (not (and (system* (string-append #$inetutils "/bin/ifconfig")
  83                                    #$interface "down")
  84                           #$(if gateway
  85                                 #~(system* (string-append #$net-tools
  86                                                           "/sbin/route")
  87                                            "del" "-net" "default")
  88                                 #t)))))
  89       (respawn? #f)))))
  90
  91 (define* (tor-service #:key (tor tor))
  92   "Return a service to run the @uref{https://torproject.org,Tor} daemon.
  93
  94 The daemon runs with the default settings (in particular the default exit
  95 policy) as the @code{tor} unprivileged user."
  96   (mlet %store-monad ((torrc (text-file "torrc" "User tor\n")))
  97     (return
  98      (service
  99       (provision '(tor))
 100
 101       ;; Tor needs at least one network interface to be up, hence the
 102       ;; dependency on 'loopback'.
 103       (requirement '(user-processes loopback))
 104
 105       (start #~(make-forkexec-constructor
 106                 (list (string-append #$tor "/bin/tor") "-f" #$torrc)))
 107       (stop #~(make-kill-destructor))
 108
 109       (user-groups   (list (user-group
 110                             (name "tor")
 111                             (system? #t))))
 112       (user-accounts (list (user-account
 113                             (name "tor")
 114                             (group "tor")
 115                             (system? #t)
 116                             (comment "Tor daemon user")
 117                             (home-directory "/var/empty")
 118                             (shell
 119                              "/run/current-system/profile/sbin/nologin"))))
 120
 121       (documentation "Run the Tor anonymous network overlay.")))))
 122
 123 ;;; networking.scm ends here