services: wireguard: Add DNS config field.

* gnu/services/vpn.scm (wireguard-configuration)[dns]: New field. (wireguard-configuration-file): Honor it. * doc/guix.texi: Document it. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org>
2021-12-21 14:18:22 -06:00 · 2021-12-21 14:18:22 -06:00 · 6fb5459e8b
parent dce3415a74
commit 6fb5459e8b
2 changed files with 14 additions and 2 deletions
--- a/doc/guix.texi
+++ b/doc/guix.texi
@ -28632,6 +28632,9 @@ The IP addresses to be assigned to the above interface.
@item @code{port} (default: @code{51820})
 The port on which to listen for incoming connections.
@item @code{dns} (default: @code{#f})
 The DNS server(s) to announce to VPN clients via DHCP.
@item @code{private-key} (default: @code{"/etc/wireguard/private.key"})
 The private key file for the interface.  It is automatically generated if
 the file does not exist.
--- a/gnu/services/vpn.scm
+++ b/gnu/services/vpn.scm
@ -8,6 +8,7 @@
 ;;; Copyright © 2021 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2021 Raghav Gururajan <rg@raghavgururajan.name>
 ;;; Copyright © 2021 jgart <jgart@dismail.de>
 ;;; Copyright © 2021 Nathan Dehnel <ncdehnel@gmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@ -67,6 +68,7 @@
            wireguard-configuration-interface
            wireguard-configuration-addresses
            wireguard-configuration-port
            wireguard-configuration-dns
            wireguard-configuration-private-key
            wireguard-configuration-peers
@ -715,7 +717,9 @@ strongSwan.")))
  (private-key        wireguard-configuration-private-key ;string
                      (default "/etc/wireguard/private.key"))
  (peers              wireguard-configuration-peers ;list of <wiregard-peer>
-                      (default '())))
+                      (default '()))
  (dns                wireguard-configuration-dns ;list of strings
                      (default #f)))
 (define (wireguard-configuration-file config)
  (define (peer->config peer)
@ -739,7 +743,7 @@ AllowedIPs = ~a
                  "\n"))))
  (match-record config <wireguard-configuration>
-    (wireguard interface addresses port private-key peers)
+    (wireguard interface addresses port private-key peers dns)
    (let* ((config-file (string-append interface ".conf"))
           (peers (map peer->config peers))
           (config
@ -755,6 +759,7 @@ AllowedIPs = ~a
 Address = ~a
 PostUp = ~a set %i private-key ~a
 ~a
 ~a
 ~{~a~^~%~}"
                               #$(string-join addresses ",")
                               #$(file-append wireguard "/bin/wg")
@ -762,6 +767,10 @@ PostUp = ~a set %i private-key ~a
                               #$(if port
                                     (format #f "ListenPort = ~a" port)
                                     "")
                               #$(if dns
                                     (format #f "DNS = ~a"
                                             (string-join dns ","))
                                     "")
                               (list #$@peers)))))))))
      (file-append config "/" config-file))))