diff options
author | Efraim Flashner <efraim@flashner.co.il> | 2017-11-28 10:19:11 +0200 |
---|---|---|
committer | Efraim Flashner <efraim@flashner.co.il> | 2018-03-05 08:46:28 +0200 |
commit | 16718b6776b6cb918cddb3abb3bfcf2405b0b297 (patch) | |
tree | 9da028eaa620061ef84a7236a21bbd4261f4180f /gnu | |
parent | ac1a9ce8b07f3b80900ee08436ff6e683e8dc195 (diff) | |
download | guix-16718b6776b6cb918cddb3abb3bfcf2405b0b297.tar.gz guix-16718b6776b6cb918cddb3abb3bfcf2405b0b297.zip |
services: Add openntpd service.
* gnu/packages/ntp.scm (openntpd)[arguments]: Add 'configure-flags to
set openntpd daemon's user and localstatedir. Add a custom phase to not
try to create said directory at install time.
* gnu/services/networking.scm (<openntpd-configuration>): New record type.
(openntpd-shepherd-service, openntpd-service-activation): New procedures.
(openntpd-service-type): New variable.
* doc/guix.texi (Networking Services): Add openntpd documentation.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/packages/ntp.scm | 13 | ||||
-rw-r--r-- | gnu/services/networking.scm | 102 |
2 files changed, 113 insertions, 2 deletions
diff --git a/gnu/packages/ntp.scm b/gnu/packages/ntp.scm index d270f513dc..1c3b8cd313 100644 --- a/gnu/packages/ntp.scm +++ b/gnu/packages/ntp.scm @@ -3,7 +3,7 @@ ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com> ;;; Copyright © 2015 Ludovic Courtès <ludo@gnu.org> -;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il> ;;; ;;; This file is part of GNU Guix. ;;; @@ -107,6 +107,17 @@ computers over a network.") (base32 "0fn12i4kzsi0zkr4qp3dp9bycmirnfapajqvdfx02zhr4hanj0kv")))) (build-system gnu-build-system) + (arguments + '(#:configure-flags '("--with-privsep-user=ntpd" + "--localstatedir=/var") + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'modify-install-locations + (lambda _ + ;; Don't try to create /var/run or /var/db + (substitute* "src/Makefile.in" + (("DESTDIR\\)\\$\\(localstatedir") "TMPDIR")) + #t))))) (inputs `(("libressl" ,libressl))) ; enable TLS time constraints. See ntpd.conf(5). (home-page "http://www.openntpd.org/") diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 5ba3c5eed6..6ac440fd26 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org> -;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> +;;; Copyright © 2016, 2018 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2016 John Darrington <jmd@gnu.org> ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org> ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be> @@ -64,6 +64,10 @@ ntp-service ntp-service-type + openntpd-configuration + openntpd-configuration? + openntpd-service-type + inetd-configuration inetd-entry inetd-service-type @@ -448,6 +452,102 @@ make an initial adjustment of more than 1,000 seconds." ;;; +;;; OpenNTPD. +;;; + +(define-record-type* <openntpd-configuration> + openntpd-configuration make-openntpd-configuration + openntpd-configuration? + (openntpd openntpd-configuration-openntpd + (default openntpd)) + (listen-on openntpd-listen-on + (default '("127.0.0.1" + "::1"))) + (query-from openntpd-query-from + (default '())) + (sensor openntpd-sensor + (default '())) + (server openntpd-server + (default %ntp-servers)) + (servers openntpd-servers + (default '())) + (constraint-from openntpd-constraint-from + (default '())) + (constraints-from openntpd-constraints-from + (default '())) + (allow-large-adjustment? openntpd-allow-large-adjustment? + (default #f))) ; upstream default + +(define (openntpd-shepherd-service config) + (match-record config <openntpd-configuration> + (openntpd listen-on query-from sensor server servers constraint-from + constraints-from allow-large-adjustment?) + (let () + (define config + (string-join + (filter-map + (lambda (field value) + (string-join + (map (cut string-append field <> "\n") + value))) + '("listen on " "query from " "sensor " "server " "servers " + "constraint from ") + (list listen-on query-from sensor server servers constraint-from)) + ;; The 'constraints from' field needs to be enclosed in double quotes. + (string-join + (map (cut string-append "constraints from \"" <> "\"\n") + constraints-from)))) + + (define ntpd.conf + (plain-file "ntpd.conf" config)) + + (list (shepherd-service + (provision '(ntpd)) + (documentation "Run the Network Time Protocol (NTP) daemon.") + (requirement '(user-processes networking)) + (start #~(make-forkexec-constructor + (list (string-append #$openntpd "/sbin/ntpd") + "-f" #$ntpd.conf + "-d" ;; don't daemonize + #$@(if allow-large-adjustment? + '("-s") + '())) + ;; When ntpd is daemonized it repeatedly tries to respawn + ;; while running, leading shepherd to disable it. To + ;; prevent spamming stderr, redirect output to logfile. + #:log-file "/var/log/ntpd")) + (stop #~(make-kill-destructor))))))) + +(define (openntpd-service-activation config) + "Return the activation gexp for CONFIG." + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + + (mkdir-p "/var/db") + (mkdir-p "/var/run") + (unless (file-exists? "/var/db/ntpd.drift") + (with-output-to-file "/var/db/ntpd.drift" + (lambda _ + (format #t "0.0"))))))) + +(define openntpd-service-type + (service-type (name 'openntpd) + (extensions + (list (service-extension shepherd-root-service-type + openntpd-shepherd-service) + (service-extension account-service-type + (const %ntp-accounts)) + (service-extension activation-service-type + openntpd-service-activation))) + (default-value (openntpd-configuration)) + (description + "Run the @command{ntpd}, the Network Time Protocol (NTP) +daemon, as implemented by @uref{http://www.openntpd.org, OpenNTPD}. The +daemon will keep the system clock synchronized with that of the given servers."))) + + +;;; ;;; Inetd. ;;; |