diff --git a/doc/guix.texi b/doc/guix.texi index 464060f42c..9e79641736 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -43944,6 +43944,62 @@ Extra content appended as-is to this @code{Host} block in @end deftp +@cindex Parcimonie, Home service +The @code{parcimonie} service runs a daemon that slowly refreshes a GnuPG +public key from a keyserver. It refreshes one key at a time; between every +key update parcimonie sleeps a random amount of time, long enough for the +previously used Tor circuit to expire. This process is meant to make it hard +for an attacker to correlate the multiple key update. + +As an example, here is how you would configure @code{parcimonie} to refresh the +keys in your GnuPG keyring, as well as those keyrings created by Guix, such as +when running @code{guix import}: + +@lisp +(service home-parcimonie-service-type + (home-parcimonie-configuration + (refresh-guix-keyrings? #t))) +@end lisp + +This assumes that the Tor anonymous routing daemon is already running on your +system. On Guix System, this can be achieved by setting up +@code{tor-service-type} (@pxref{Networking Services, @code{tor-service-type}}). + +The service reference is given below. + +@defvar parcimonie-service-type +This is the service type for @command{parcimonie} +(@uref{https://salsa.debian.org/intrigeri/parcimonie, Parcimonie's web site}). +Its value must be a @code{home-parcimonie-configuration}, as shown below. +@end defvar + +@c %start of fragment + +@deftp {Data Table} home-parcimonie-configuration +Available @code{home-parcimonie-configuration} fields are: + +@table @asis +@item @code{parcimonie} (default: @code{parcimonie}) (type: file-like) +The parcimonie package to use. + +@item @code{verbose?} (default: @code{#f}) (type: boolean) +Whether to have more verbose logging from the service. + +@item @code{gnupg-already-torified?} (default: @code{#f}) (type: boolean) +Whether GnuPG is already configured to pass all traffic through +@uref{https://torproject.org, Tor}. + +@item @code{refresh-guix-keyrings?} (default: @code{#f}) (type: boolean) +Guix creates a few keyrings in the @var{$XDG_CONFIG_DIR}, such as when running +@code{guix import} (@pxref{Invoking guix import}). Setting this to @code{#t} +will also refresh any keyrings which Guix has created. + +@item @code{extra-content} (default: @code{#f}) (type: raw-configuration-string) +Raw content to add to the parcimonie command. + +@end table + +@end deftp @c %end of fragment diff --git a/gnu/home/services/gnupg.scm b/gnu/home/services/gnupg.scm index 7e9e02a3cc..04989666ed 100644 --- a/gnu/home/services/gnupg.scm +++ b/gnu/home/services/gnupg.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2023 Ludovic Courtès +;;; Copyright © 2023 Efraim Flashner ;;; ;;; This file is part of GNU Guix. ;;; @@ -23,7 +24,7 @@ #:use-module (gnu services configuration) #:use-module (gnu home services) #:use-module (gnu home services shepherd) - #:autoload (gnu packages gnupg) (gnupg pinentry) + #:autoload (gnu packages gnupg) (gnupg pinentry parcimonie) #:export (home-gpg-agent-configuration home-gpg-agent-configuration? home-gpg-agent-configuration-gnupg @@ -34,7 +35,16 @@ home-gpg-agent-configuration-max-cache-ttl-ssh home-gpg-agent-configuration-extra-content - home-gpg-agent-service-type)) + home-gpg-agent-service-type + + home-parcimonie-configuration + home-parcimonie-configuration? + home-parcimonie-configuration-parcimonie + home-parcimonie-configuration-gnupg-already-torified? + home-parcimonie-configuration-refresh-guix-keyrings? + home-parcimonie-configuration-extra-content + + home-parcimonie-service-type)) (define raw-configuration-string? string?) @@ -148,3 +158,68 @@ agent, with support for handling OpenSSH material.")))) managing OpenPGP and optionally SSH private keys. When SSH support is enabled, @command{gpg-agent} acts as a drop-in replacement for OpenSSH's @command{ssh-agent}."))) + +(define-configuration/no-serialization home-parcimonie-configuration + (parcimonie + (file-like parcimonie) + "The parcimonie package to use.") + (verbose? + (boolean #f) + "Provide extra output to the log file.") + (gnupg-aleady-torified? + (boolean #f) + "GnuPG is already configured to use tor and parcimonie won't attempt to use +tor directly.") + (refresh-guix-keyrings? + (boolean #f) + "Also refresh any Guix keyrings found in the XDG_CONFIG_DIR.") + (extra-content + (raw-configuration-string "") + "Raw content to add to the parcimonie service.")) + +(define (home-parcimonie-shepherd-service config) + "Return a user service to run parcimonie." + (match-record config + (parcimonie verbose? gnupg-aleady-torified? + refresh-guix-keyrings? extra-content) + (let ((log-file #~(string-append %user-log-dir "/parcimonie.log"))) + (list (shepherd-service + (provision '(parcimonie)) + (modules '((shepherd support) ;for '%user-log-dir' + (guix build utils) + (srfi srfi-1))) + (start #~(make-forkexec-constructor + (cons* + #$(file-append parcimonie "/bin/parcimonie") + #$@(if verbose? + '("--verbose") + '()) + #$@(if gnupg-aleady-torified? + '("--gnupg_already_torified") + '()) + #$@(if (not (string=? extra-content "")) + (list extra-content) + '()) + #$@(if refresh-guix-keyrings? + '((append-map + (lambda (item) + (list (string-append "--gnupg_extra_args=" + "--keyring=" item))) + (find-files + (string-append (getenv "XDG_CONFIG_HOME") "/guix") + "^trustedkeys\\.kbx$"))) + '((list)))) + #:log-file #$log-file)) + (stop #~(make-kill-destructor)) + (respawn? #t) + (documentation "Incrementally refresh gnupg keyring over Tor")))))) + +(define home-parcimonie-service-type + (service-type + (name 'home-parcimonie) + (extensions + (list (service-extension home-shepherd-service-type + home-parcimonie-shepherd-service))) + (default-value (home-parcimonie-configuration)) + (description + "Incrementally refresh GnuPG keyrings over Tor.")))