[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#54352] [PATCH v2] services: dnsmasq: Add more options.
|
From: |
Remco van 't Veer |
|
Subject: |
[bug#54352] [PATCH v2] services: dnsmasq: Add more options. |
|
Date: |
Sun, 20 Mar 2022 12:44:05 +0100 |
* gnu/services/dns.scm (<dnsmasq-configuration>): Add
forward-private-reverse-lookup?, strict-order? and additional-cpe-id options.
(dnsmasq-shepherd-service): Pass added options to dnsmasq.
* doc/guix.texi (Guix Services): Document options added to dnsmasq.
---
doc/guix.texi | 12 +++
gnu/services/dns.scm | 178 +++++++++++++++++++++++--------------------
2 files changed, 109 insertions(+), 81 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 4b71fb7010..a769cd1e5b 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -28945,6 +28945,14 @@ The file to read the IP address of the upstream
nameservers from.
@item @code{no-resolv?} (default: @code{#f})
When true, don't read @var{resolv-file}.
+@item @code{forward-private-reverse-lookup?} (default: @code{#t})
+When false, all reverse lookups for private IP ranges are answered with
+"no such domain" rather than being forwarded upstream.
+
+@item @code{strict-order?} (default: @code{#f})
+When true, forces dnsmasq to try each query with each server strictly in
+the order they appear in @var{servers}.
+
@item @code{servers} (default: @code{'()})
Specify IP address of upstream servers directly.
@@ -28974,6 +28982,10 @@ disables caching.
@item @code{negative-cache?} (default: @code{#t})
When false, disable negative caching.
+@item @code{additional-cpe-id} (default: @code{#f})
+If set, add an arbitrary identifying string to DNS queries which are
+forwarded upstream.
+
@item @code{tftp-enable?} (default: @code{#f})
Whether to enable the built-in TFTP server.
diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm
index 9b8603cc95..5add843f32 100644
--- a/gnu/services/dns.scm
+++ b/gnu/services/dns.scm
@@ -3,6 +3,7 @@
;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com>
;;; Copyright © 2020 Pierre Langlois <pierre.langlois@gmx.com>
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
+;;; Copyright © 2022 Remco van 't Veer <remco@remworks.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -745,6 +746,11 @@ (define-record-type* <dnsmasq-configuration>
(default "/etc/resolv.conf")) ;string
(no-resolv? dnsmasq-configuration-no-resolv?
(default #f)) ;boolean
+ (forward-private-reverse-lookup?
+ dnsmasq-configuration-forward-private-reverse-lookup?
+ (default #t)) ;boolean
+ (strict-order? dnsmasq-configuration-strict-order?
+ (default #f)) ;boolean
(servers dnsmasq-configuration-servers
(default '())) ;list of string
(addresses dnsmasq-configuration-addresses
@@ -752,7 +758,9 @@ (define-record-type* <dnsmasq-configuration>
(cache-size dnsmasq-configuration-cache-size
(default 150)) ;integer
(negative-cache? dnsmasq-configuration-negative-cache?
- (default #t)) ;boolean
+ (default #t)) ;boolean
+ (additional-cpe-id dnsmasq-configuration-additional-cpe-id
+ (default #t)) ;string
(tftp-enable? dnsmasq-configuration-tftp-enable?
(default #f)) ;boolean
(tftp-no-fail? dnsmasq-configuration-tftp-no-fail?
@@ -776,86 +784,94 @@ (define-record-type* <dnsmasq-configuration>
(tftp-unique-root dnsmasq-tftp-unique-root
(default #f))) ;"" or "ip" or "mac"
-(define dnsmasq-shepherd-service
- (match-lambda
- (($ <dnsmasq-configuration> package
- no-hosts?
- port local-service? listen-addresses
- resolv-file no-resolv? servers
- addresses cache-size negative-cache?
- tftp-enable? tftp-no-fail?
- tftp-single-port? tftp-secure?
- tftp-max tftp-mtu tftp-no-blocksize?
- tftp-lowercase? tftp-port-range
- tftp-root tftp-unique-root)
- (shepherd-service
- (provision '(dnsmasq))
- (requirement '(networking))
- (documentation "Run the dnsmasq DNS server.")
- (start #~(make-forkexec-constructor
- '(#$(file-append package "/sbin/dnsmasq")
- "--keep-in-foreground"
- "--pid-file=/run/dnsmasq.pid"
- #$@(if no-hosts?
- '("--no-hosts")
- '())
- #$(format #f "--port=~a" port)
- #$@(if local-service?
- '("--local-service")
- '())
- #$@(map (cut format #f "--listen-address=~a" <>)
- listen-addresses)
- #$(format #f "--resolv-file=~a" resolv-file)
- #$@(if no-resolv?
- '("--no-resolv")
- '())
- #$@(map (cut format #f "--server=~a" <>)
- servers)
- #$@(map (cut format #f "--address=~a" <>)
- addresses)
- #$(format #f "--cache-size=~a" cache-size)
- #$@(if negative-cache?
- '()
- '("--no-negcache"))
- #$@(if tftp-enable?
- '("--enable-tftp")
- '())
- #$@(if tftp-no-fail?
- '("--tftp-no-fail")
- '())
- #$@(if tftp-single-port?
- '("--tftp-single-port")
- '())
- #$@(if tftp-secure?
- '("--tftp-secure?")
- '())
- #$@(if tftp-max
- (list (format #f "--tftp-max=~a" tftp-max))
- '())
- #$@(if tftp-mtu
- (list (format #f "--tftp-mtu=~a" tftp-mtu))
- '())
- #$@(if tftp-no-blocksize?
- '("--tftp-no-blocksize")
- '())
- #$@(if tftp-lowercase?
- '("--tftp-lowercase")
- '())
- #$@(if tftp-port-range
- (list (format #f "--tftp-port-range=~a"
- tftp-port-range))
- '())
- #$@(if tftp-root
- (list (format #f "--tftp-root=~a" tftp-root))
- '())
- #$@(if tftp-unique-root
- (list
- (if (> (length tftp-unique-root) 0)
- (format #f "--tftp-unique-root=~a"
tftp-unique-root)
- (format #f "--tftp-unique-root")))
- '()))
- #:pid-file "/run/dnsmasq.pid"))
- (stop #~(make-kill-destructor))))))
+(define (dnsmasq-shepherd-service config)
+ (match-record config <dnsmasq-configuration>
+ (package
+ no-hosts?
+ port local-service? listen-addresses
+ resolv-file no-resolv?
+ forward-private-reverse-lookup? strict-order?
+ servers addresses cache-size negative-cache?
+ additional-cpe-id
+ tftp-enable? tftp-no-fail?
+ tftp-single-port? tftp-secure?
+ tftp-max tftp-mtu tftp-no-blocksize?
+ tftp-lowercase? tftp-port-range
+ tftp-root tftp-unique-root)
+ (shepherd-service
+ (provision '(dnsmasq))
+ (requirement '(networking))
+ (documentation "Run the dnsmasq DNS server.")
+ (start #~(make-forkexec-constructor
+ '(#$(file-append package "/sbin/dnsmasq")
+ "--keep-in-foreground"
+ "--pid-file=/run/dnsmasq.pid"
+ #$@(if no-hosts?
+ '("--no-hosts")
+ '())
+ #$(format #f "--port=~a" port)
+ #$@(if local-service?
+ '("--local-service")
+ '())
+ #$@(map (cut format #f "--listen-address=~a" <>)
+ listen-addresses)
+ #$(format #f "--resolv-file=~a" resolv-file)
+ #$@(if no-resolv?
+ '("--no-resolv")
+ '())
+ #$@(if forward-private-reverse-lookup?
+ '()
+ '("--bogus-priv"))
+ #$@(map (cut format #f "--server=~a" <>)
+ servers)
+ #$@(map (cut format #f "--address=~a" <>)
+ addresses)
+ #$(format #f "--cache-size=~a" cache-size)
+ #$@(if negative-cache?
+ '()
+ '("--no-negcache"))
+ #$@(if additional-cpe-id
+ (list (format #f "--add-cpe-id=~a" additional-cpe-id))
+ '())
+ #$@(if tftp-enable?
+ '("--enable-tftp")
+ '())
+ #$@(if tftp-no-fail?
+ '("--tftp-no-fail")
+ '())
+ #$@(if tftp-single-port?
+ '("--tftp-single-port")
+ '())
+ #$@(if tftp-secure?
+ '("--tftp-secure?")
+ '())
+ #$@(if tftp-max
+ (list (format #f "--tftp-max=~a" tftp-max))
+ '())
+ #$@(if tftp-mtu
+ (list (format #f "--tftp-mtu=~a" tftp-mtu))
+ '())
+ #$@(if tftp-no-blocksize?
+ '("--tftp-no-blocksize")
+ '())
+ #$@(if tftp-lowercase?
+ '("--tftp-lowercase")
+ '())
+ #$@(if tftp-port-range
+ (list (format #f "--tftp-port-range=~a"
+ tftp-port-range))
+ '())
+ #$@(if tftp-root
+ (list (format #f "--tftp-root=~a" tftp-root))
+ '())
+ #$@(if tftp-unique-root
+ (list
+ (if (> (length tftp-unique-root) 0)
+ (format #f "--tftp-unique-root=~a"
tftp-unique-root)
+ (format #f "--tftp-unique-root")))
+ '()))
+ #:pid-file "/run/dnsmasq.pid"))
+ (stop #~(make-kill-destructor)))))
(define (dnsmasq-activation config)
#~(begin
--
2.34.0
- [bug#54352] [PATCH] services: dnsmasq: Add more options., Remco van 't Veer, 2022/03/12
- [bug#54352] [PATCH] services: dnsmasq: Add more options., Ludovic Courtès, 2022/03/19
- [bug#54352] [PATCH v2] services: dnsmasq: Add more options.,
Remco van 't Veer <=
- [bug#54352] [PATCH] services: dnsmasq: Add more options., Ludovic Courtès, 2022/03/21
- [bug#54352] [PATCH] services: dnsmasq: Add more options., Maxime Devos, 2022/03/21
- [bug#54352] [PATCH] services: dnsmasq: Add more options., Remco van 't Veer, 2022/03/22
- [bug#54352] [PATCH] services: dnsmasq: Add more options., Ludovic Courtès, 2022/03/22
- [bug#54352] [PATCH] services: dnsmasq: Add more options., Remco van 't Veer, 2022/03/23
[bug#54352] [PATCH v2] services: dnsmasq: Add more options., Maxime Devos, 2022/03/20