gnu: knot-service: Add includes field in configuration.
* gnu/services/dns.scm (knot-configuration): Add includes field. (verify-knot-configuration): Check includes content. (knot-config-file): Serialize includes. * doc/guix.texi (DNS Services): Document it.master
parent
ca3cf2d58e
commit
92eb600f8a
|
@ -19843,6 +19843,19 @@ The Knot package.
|
||||||
@item @code{run-directory} (default: @code{"/var/run/knot"})
|
@item @code{run-directory} (default: @code{"/var/run/knot"})
|
||||||
The run directory. This directory will be used for pid file and sockets.
|
The run directory. This directory will be used for pid file and sockets.
|
||||||
|
|
||||||
|
@item @code{includes} (default: @code{'()})
|
||||||
|
A list of strings or file-like objects denoting other files that must be
|
||||||
|
included at the top of the configuration file.
|
||||||
|
|
||||||
|
@cindex secrets, Knot service
|
||||||
|
This can be used to manage secrets out-of-band. For example, secret
|
||||||
|
keys may be stored in an out-of-band file not managed by Guix, and
|
||||||
|
thus not visible in @file{/gnu/store}---e.g., you could store secret
|
||||||
|
key configuration in @file{/etc/knot/secrets.conf} and add this file
|
||||||
|
to the @code{includes} list.
|
||||||
|
|
||||||
|
It can also be used to add configuration not supported by this interface.
|
||||||
|
|
||||||
@item @code{listen-v4} (default: @code{"0.0.0.0"})
|
@item @code{listen-v4} (default: @code{"0.0.0.0"})
|
||||||
An ip address on which to listen.
|
An ip address on which to listen.
|
||||||
|
|
||||||
|
|
|
@ -207,6 +207,8 @@
|
||||||
(default knot))
|
(default knot))
|
||||||
(run-directory knot-configuration-run-directory
|
(run-directory knot-configuration-run-directory
|
||||||
(default "/var/run/knot"))
|
(default "/var/run/knot"))
|
||||||
|
(includes knot-configuration-includes
|
||||||
|
(default '()))
|
||||||
(listen-v4 knot-configuration-listen-v4
|
(listen-v4 knot-configuration-listen-v4
|
||||||
(default "0.0.0.0"))
|
(default "0.0.0.0"))
|
||||||
(listen-v6 knot-configuration-listen-v6
|
(listen-v6 knot-configuration-listen-v6
|
||||||
|
@ -296,6 +298,8 @@
|
||||||
(error-out "knot configuration field must be a package."))
|
(error-out "knot configuration field must be a package."))
|
||||||
(unless (string? (knot-configuration-run-directory config))
|
(unless (string? (knot-configuration-run-directory config))
|
||||||
(error-out "run-directory must be a string."))
|
(error-out "run-directory must be a string."))
|
||||||
|
(unless (list? (knot-configuration-includes config))
|
||||||
|
(error-out "includes must be a list of strings or file-like objects."))
|
||||||
(unless (list? (knot-configuration-keys config))
|
(unless (list? (knot-configuration-keys config))
|
||||||
(error-out "keys must be a list of knot-key-configuration."))
|
(error-out "keys must be a list of knot-key-configuration."))
|
||||||
(for-each (lambda (key) (verify-knot-key-configuration key))
|
(for-each (lambda (key) (verify-knot-key-configuration key))
|
||||||
|
@ -529,6 +533,10 @@
|
||||||
#~(begin
|
#~(begin
|
||||||
(call-with-output-file #$output
|
(call-with-output-file #$output
|
||||||
(lambda (port)
|
(lambda (port)
|
||||||
|
(if (knot-configuration-includes config)
|
||||||
|
(for-each (lambda (inc)
|
||||||
|
(format port "include: ~a\n" inc))
|
||||||
|
(knot-configuration-includes config)))
|
||||||
(format port "server:\n")
|
(format port "server:\n")
|
||||||
(format port " rundir: ~a\n" #$(knot-configuration-run-directory config))
|
(format port " rundir: ~a\n" #$(knot-configuration-run-directory config))
|
||||||
(format port " user: knot\n")
|
(format port " user: knot\n")
|
||||||
|
|
Reference in New Issue