From fd449608eb9016fb705eebbea784901b0242cbf2 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Mon, 12 Apr 2021 17:00:27 -0400 Subject: [PATCH] services: Add a service for opendht. * gnu/services/networking.scm (maybe-number?, maybe-string?): New procedures. (): New configuration record. (%opendht-accounts): New variable. (opendht-configuration->command-line-arguments): New procedure. (opendht-shepherd-service, opendht-service-type): New variables. * doc/guix.texi (Networking Services): Document the new service. --- doc/guix.texi | 93 ++++++++++++++++++++++++++ gnu/services/networking.scm | 129 +++++++++++++++++++++++++++++++++++- 2 files changed, 221 insertions(+), 1 deletion(-) diff --git a/doc/guix.texi b/doc/guix.texi index a10943f2d5..a8ee27cae7 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -16688,6 +16688,99 @@ must be @code{'()} or @code{'("internal")}. detailed discussion of each configuration field. @end deftp +@cindex opendht, distributed hash table network service +@cindex dhtproxy, for use with jami +@defvr {Scheme Variable} opendht-service-type +This is the type of the service running a @uref{https://opendht.net, +OpenDHT} node, @command{dhtnode}. The daemon can be used to host your +own proxy service to the distributed hash table (DHT), for example to +connect to with Jami, among other applications. + +@quotation Important +When using the OpenDHT proxy server, the IP addresses it ``sees'' from +the clients should be addresses reachable from other peers. In practice +this means that a publicly reachable address is best suited for a proxy +server, outside of your private network. For example, hosting the proxy +server on a IPv4 private local network and exposing it via port +forwarding could work for external peers, but peers local to the proxy +would have their private addresses shared with the external peers, +leading to connectivity problems. +@end quotation + +The value of this service is a @code{opendht-configuration} object, as +described below. +@end defvr + +@deftp {Data Type} opendht-configuration +This is the data type for the OpenDHT service configuration. + +@c The fields documentation has been auto-generated using the +@c configuration->documentation procedure from +@c (gnu services configuration). +Available @code{opendht-configuration} fields are: + +@deftypevr {@code{opendht-configuration} parameter} package opendht +The @code{opendht} package to use. + +@end deftypevr + +@deftypevr {@code{opendht-configuration} parameter} boolean peer-discovery? +Whether to enable the multicast local peer discovery mechanism. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{opendht-configuration} parameter} boolean enable-logging? +Whether to enable logging messages to syslog. It is disabled by default +as it is rather verbose. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{opendht-configuration} parameter} boolean debug? +Whether to enable debug-level logging messages. This has no effect if +logging is disabled. + +Defaults to @samp{#f}. + +@end deftypevr + +@deftypevr {@code{opendht-configuration} parameter} maybe-string bootstrap-host +The node host name that is used to make the first connection to the +network. A specific port value can be provided by appending the +@code{:PORT} suffix. By default, it uses the Jami bootstrap nodes, but +any host can be specified here. It's also possible to disable +bootsrapping by setting this to the @code{'disabled} symbol. + +Defaults to @samp{"bootstrap.jami.net:4222"}. + +@end deftypevr + +@deftypevr {@code{opendht-configuration} parameter} maybe-number port +The UDP port to bind to. When set to @code{'disabled}, an available +port is automatically selected. + +Defaults to @samp{4222}. + +@end deftypevr + +@deftypevr {@code{opendht-configuration} parameter} maybe-number proxy-server-port +Spawn a proxy server listening on the specified port. + +Defaults to @samp{disabled}. + +@end deftypevr + +@deftypevr {@code{opendht-configuration} parameter} maybe-number proxy-server-port-tls +Spawn a proxy server listening to TLS connections on the specified port. + +Defaults to @samp{disabled}. + +@end deftypevr +@end deftp + @cindex Tor @defvr {Scheme Variable} tor-service-type This is the type for a service that runs the @uref{https://torproject.org, diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 761820ad2e..d713042a9f 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -10,7 +10,7 @@ ;;; Copyright © 2018 Chris Marusich ;;; Copyright © 2018 Arun Isaac ;;; Copyright © 2019 Florian Pelz -;;; Copyright © 2019 Maxim Cournoyer +;;; Copyright © 2019, 2021 Maxim Cournoyer ;;; Copyright © 2019 Sou Bunnbu ;;; Copyright © 2019 Alex Griffin ;;; Copyright © 2020 Brice Waegeneire @@ -111,6 +111,18 @@ (define-module (gnu services networking) inetd-entry inetd-service-type + opendht-configuration + opendht-configuration-peer-discovery? + opendht-configuration-verbose? + opendht-configuration-bootstrap-host + opendht-configuration-port + opendht-configuration-proxy-server-port + opendht-configuration-proxy-server-port-tls + opendht-configuration->command-line-arguments + + opendht-shepherd-service + opendht-service-type + tor-configuration tor-configuration? tor-hidden-service @@ -740,6 +752,121 @@ (define-public inetd-service-type for listening on Internet sockets and spawning the corresponding services on demand."))) + +;;; +;;; OpenDHT, the distributed hash table network used by Jami +;;; + +(define-maybe/no-serialization number) +(define-maybe/no-serialization string) + +;;; To generate the documentation of the following configuration record, you +;;; can evaluate: (configuration->documentation 'opendht-configuration) +(define-configuration/no-serialization opendht-configuration + (opendht + (package opendht) + "The @code{opendht} package to use.") + (peer-discovery? + (boolean #false) + "Whether to enable the multicast local peer discovery mechanism.") + (enable-logging? + (boolean #false) + "Whether to enable logging messages to syslog. It is disabled by default +as it is rather verbose.") + (debug? + (boolean #false) + "Whether to enable debug-level logging messages. This has no effect if +logging is disabled.") + (bootstrap-host + (maybe-string "bootstrap.jami.net:4222") + "The node host name that is used to make the first connection to the +network. A specific port value can be provided by appending the @code{:PORT} +suffix. By default, it uses the Jami bootstrap nodes, but any host can be +specified here. It's also possible to disable bootstrapping by setting this +to the @code{'disabled} symbol.") + (port + (maybe-number 4222) + "The UDP port to bind to. When set to @code{'disabled}, an available port +is automatically selected.") + (proxy-server-port + (maybe-number 'disabled) + "Spawn a proxy server listening on the specified port.") + (proxy-server-port-tls + (maybe-number 'disabled) + "Spawn a proxy server listening to TLS connections on the specified +port.")) + +(define %opendht-accounts + ;; User account and groups for Tor. + (list (user-group (name "opendht") (system? #t)) + (user-account + (name "opendht") + (group "opendht") + (system? #t) + (comment "OpenDHT daemon user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))) + +(define (opendht-configuration->command-line-arguments config) + "Derive the command line arguments used to launch the OpenDHT daemon from +CONFIG, an object." + (match-record config + (opendht bootstrap-host enable-logging? port debug? peer-discovery? + proxy-server-port proxy-server-port-tls) + (let ((dhtnode #~(string-append #$opendht:tools "/bin/dhtnode"))) + `(,dhtnode + "--service" ;non-forking mode + ,@(if (string? bootstrap-host) + (list "--bootstrap" bootstrap-host)) + ,@(if enable-logging? + (list "--syslog") + '()) + ,@(if (number? port) + (list "--port" (number->string port)) + '()) + ,@(if debug? + (list "--verbose") + '()) + ,@(if peer-discovery? + (list "--peer-discovery") + '()) + ,@(if (number? proxy-server-port) + (list "--proxyserver" (number->string proxy-server-port)) + '()) + ,@(if (number? proxy-server-port-tls) + (list "--proxyserverssl" (number->string proxy-server-port-tls)) + '()))))) + +(define (opendht-shepherd-service config) + "Return a running OpenDHT." + (shepherd-service + (documentation "Run an OpenDHT node.") + (provision '(opendht dhtnode dhtproxy)) + (requirement '(user-processes syslogd)) + (start #~(make-forkexec-constructor/container + (list #$@(opendht-configuration->command-line-arguments config)) + #:mappings (list (file-system-mapping + (source "/dev/log") ;for syslog + (target source))) + #:user "opendht")) + (stop #~(make-kill-destructor)))) + +(define opendht-service-type + (service-type + (name 'opendht) + (default-value (opendht-configuration)) + (extensions + (list (service-extension shepherd-root-service-type + (compose list opendht-shepherd-service)) + (service-extension account-service-type + (const %opendht-accounts)))) + (description "Run the OpenDHT @command{dhtnode} command that allows +participating in the distributed hash table based OpenDHT network. The +service can be configured to act as a proxy to the distributed network, which +can be useful for portable devices where minimizing energy consumption is +paramount. OpenDHT was originally based on Kademlia and adapted for +applications in communication. It is used by Jami, for example."))) + ;;; ;;; Tor.