>From d46cf6f6ce6b152e7794665417cfa9ce91120a98 Mon Sep 17 00:00:00 2001
From: ng0 <address@hidden>
Date: Mon, 12 Sep 2016 12:26:52 +0000
Subject: [PATCH] gnu: services: Add gnunet-service.

---
 doc/guix.texi               |  36 +++++++++++++
 gnu/services/networking.scm | 126 +++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 161 insertions(+), 1 deletion(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index be11096a4..42884fe1c 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -9289,6 +9289,42 @@ Package object of the Open vSwitch.
 @end table
 @end deftp
 
address@hidden GNUnet
address@hidden gnunet
address@hidden GNUnet Service
+
address@hidden {Scheme Variable} gnunet-service-type
+This is the type of the @uref{https://gnunet.org, GNUnet}
+service, whose value should be an @code{gnunet-configuration} object
+as in this example:
+
address@hidden
+(service gnunet-service-type
+           (gnunet-configuration
+             (config-file (local-file "./gnunet.conf"))))
address@hidden example
address@hidden deffn
+
address@hidden {Data Type} gnunet-configuration
+Data type representing the configuration of GNUnet.
+
address@hidden @asis
address@hidden @code{package} (default: @var{gnunet})
+Package object of the GNUnet service.
+
address@hidden @code{config-file} (default: @var{%default-gnunet-file})
+File-like object of the GNUnet configuration file to use.  For NAT is
+assumes by default that you are behind a NAT (@var{BEHIND_NAT = YES})
+and enables UPNP (@var{ENABLE_UPNP = YES}).
+The hostlist is configured with the options @var{-b} (bootstrap using
+configured hostlist servers) and @var{-e} (enable learning advertised hostlists).
+Read the configuration files in @var{"~/.guix-profile/share/gnunet/config.d/"}
+for more information.  These files also set the defaults when you don't set
+any explicit values to override them.
+
address@hidden table
address@hidden deftp
+
 @node X Window
 @subsubsection X Window
 
diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index 18bce2a2b..2eac1ba06 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -4,6 +4,7 @@
 ;;; Copyright © 2016 Efraim Flashner <address@hidden>
 ;;; Copyright © 2016 John Darrington <address@hidden>
 ;;; Copyright © 2017 Clément Lassieur <address@hidden>
+;;; Copyright © 2017 ng0 <address@hidden>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -28,6 +29,7 @@
   #:use-module (gnu system pam)
   #:use-module (gnu packages admin)
   #:use-module (gnu packages connman)
+  #:use-module (gnu packages gnunet)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages tor)
   #:use-module (gnu packages messaging)
@@ -84,7 +86,12 @@
             wpa-supplicant-service-type
 
             openvswitch-service-type
-            openvswitch-configuration))
+            openvswitch-configuration
+
+            gnunet-configuration
+            gnunet-configuration?
+            gnunet-service-type
+            %default-gnunet-config-file))
 
 ;;; Commentary:
 ;;;
@@ -947,4 +954,121 @@ configure networking."
           (service-extension shepherd-root-service-type
                              openvswitch-shepherd-service)))))
 
+;;;
+;;; GNUnet
+;;;
+
+(define-record-type* <gnunet-configuration>
+  gnunet-configuration make-gnunet-configuration
+  gnunet-configuration?
+  (package           gnunet-configuration-package
+                     (default gnunet))
+  (config-file       gnunet-configuration-config-file
+                     (default %default-gnunet-config-file)))
+
+(define %default-gnunet-config-file
+  (plain-file "gnunet.conf" "
+[PATHS]
+SERVICEHOME = /var/lib/gnunet
+GNUNET_CONFIG_HOME = /var/lib/gnunet
+
+[arm]
+SYSTEM_ONLY = NO
+USER_ONLY = NO
+
+[nat]
+BEHIND_NAT = YES
+ENABLE_UPNP = YES
+
+[hostlist]
+OPTIONS = -b -e
+"))
+
+(define gnunet-shepherd-service
+  (match-lambda
+    (($ <gnunet-configuration> package config-file)
+     (list (shepherd-service
+            (provision '(gnunet))
+            (requirement '(user-processes loopback networking))
+            (documentation "Run the GNUnet service.")
+            (start
+             (let ((gnunet
+                    (file-append package "/lib/gnunet/libexec/gnunet-service-arm")))
+               #~(make-forkexec-constructor
+                  (list #$gnunet "-c" #$config-file)
+                  #:pid-file "/var/run/gnunet.pid"
+                  #:user "gnunet"
+                  #:group "gnunet"
+                  ;;#:log-file "/var/lib/gnunet/gnunet.log")))
+                  #:log-file "/var/log/gnunet.log")))
+            (stop
+             #~(make-kill-destructor)))))))
+
+(define %gnunet-accounts
+  (list (user-group
+         (name "gnunetdns")
+         (system? #t))
+        (user-group
+         (name "gnunet")
+         (system? #t))
+        (user-account
+         (name "gnunet")
+         (group "gnunet")
+         (system? #t)
+         (comment "GNUnet system user")
+         (home-directory "/var/empty")
+         (shell (file-append shadow "/sbin/nologin")))))
+
+(define gnunet-activation
+  (match-lambda
+    (($ <gnunet-configuration> package config-file)
+     (let ((gnunet
+            (file-append package "/lib/gnunet/libexec/gnunet-service-arm")))
+       #~(begin
+           (use-modules (guix build utils))
+           (define %user (getpw "gnunet"))
+           (mkdir-p "/var/lib/gnunet/")
+           (chown "/var/lib/gnunet" (passwd:uid %user) (passwd:gid %user))
+           ;;(chmod "/var/lib/gnunet/" #o755)
+           (mkdir-p "/var/lib/gnunet/.local/share/gnunet")
+           (mkdir-p "/var/lib/gnunet/.cache/gnunet")
+           (mkdir-p "/var/lib/gnunet/hostlist")
+           (mkdir-p "/var/lib/gnunet/.config/gnunet")
+           (chown "/var/lib/gnunet/.local/share/gnunet" (passwd:uid %user) (passwd:gid %user))
+           (chown "/var/lib/gnunet/.cache/gnunet" (passwd:uid %user) (passwd:gid %user))
+           (chown "/var/lib/gnunet/hostlist" (passwd:uid %user) (passwd:gid %user))
+           ;;(chown "/var/lib/gnunet/gnunet.conf" (passwd:uid %user) (passwd:gid %user))
+           (chown "/var/lib/gnunet/.config/gnunet" (passwd:uid %user) (passwd:gid %user)))))))
+           ;;(chmod "/var/lib/gnunet/.config/gnunet" #o755)
+           ;;(chmod "/var/lib/gnunet/.cache/gnunet" #o755)
+           ;;(chmod "/var/lib/gnunet/.local/share/gnunet" #o755))))))
+
+;; SUID_ROOT_HELPERS="exit nat-server nat-client transport-bluetooth transport-wlan vpn"
+;; set chmod u+s for those above.
+;; chmodown_execbin ${libexec}/gnunet-helper-dns 4750 root:gnunetdns
+;; chmodown_execbin ${libexec}/gnunet-service-dns 2750 gnunet:gnunetdns
+(define gnunet-setuid-programs
+  (match-lambda
+    (($ <gnunet-configuration> package)
+     (list (file-append package "/lib/gnunet/libexec/gnunet-helper-exit")
+           (file-append package "/lib/gnunet/libexec/gnunet-helper-nat-server")
+           (file-append package "/lib/gnunet/libexec/gnunet-helper-nat-client")
+           (file-append package "/lib/gnunet/libexec/gnunet-helper-transport-bluetooth")
+           (file-append package "/lib/gnunet/libexec/gnunet-helper-transport-wlan")
+           (file-append package "/lib/gnunet/libexec/gnunet-helper-vpn")))))
+
+(define gnunet-service-type
+  (service-type
+   (name 'gnunet)
+   (extensions (list (service-extension account-service-type
+                                        (const %gnunet-accounts))
+                     (service-extension activation-service-type
+                                        gnunet-activation)
+                     (service-extension profile-service-type
+                                        (compose list gnunet-configuration-package))
+                     (service-extension setuid-program-service-type
+                                        gnunet-setuid-programs)
+                     (service-extension shepherd-root-service-type
+                                        gnunet-shepherd-service)))))
+
 ;;; networking.scm ends here
-- 
2.11.1