me
/
guix
Archived
1
0
Fork 0
Code

services: wireguard: Clean-up configuration file serializer. 

Previously, the generated config file would contain arbitrary whitespace that
made it look ugly.

* gnu/services/vpn.scm (<wireguard-configuration>) [dns]: Change default value
from #f to '().
(wireguard-configuration-file): Use match-record.  Format each line
individually, assembling the lines at the end to avoid extraneous white space.
* doc/guix.texi (VPN Services): Update doc.
Maxim Cournoyer 2023-05-15 15:36:30 -04:00
parent 8d785c43ba
commit d2385da87e
No known key found for this signature in database
GPG Key ID: 1260E46482E63562
2 changed files with 46 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/guix.texi
View File

@ -32952,7 +32952,7 @@ The IP addresses to be assigned to the above interface.
@item @code{port} (default: @code{51820}) @item @code{port} (default: @code{51820})
The port on which to listen for incoming connections. The port on which to listen for incoming connections.
@item @code{dns} (default: @code{#f}) @item @code{dns} (default: @code{'())})
The DNS server(s) to announce to VPN clients via DHCP. The DNS server(s) to announce to VPN clients via DHCP.
@item @code{monitor-ips?} (default: @code{#f}) @item @code{monitor-ips?} (default: @code{#f})

119
gnu/services/vpn.scm
View File

@ -44,6 +44,7 @@
#:use-module (guix i18n) #:use-module (guix i18n)
#:use-module (guix deprecation) #:use-module (guix deprecation)
#:use-module (srfi srfi-1) #:use-module (srfi srfi-1)
#:use-module (ice-9 format)
#:use-module (ice-9 match) #:use-module (ice-9 match)
#:use-module (ice-9 regex) #:use-module (ice-9 regex)
#:export (openvpn-client-service ; deprecated #:export (openvpn-client-service ; deprecated
@ -745,7 +746,7 @@ strongSwan.")))
(peers wireguard-configuration-peers ;list of <wiregard-peer> (peers wireguard-configuration-peers ;list of <wiregard-peer>
(default '())) (default '()))
(dns wireguard-configuration-dns ;list of strings (dns wireguard-configuration-dns ;list of strings
(default #f)) (default '()))
(monitor-ips? wireguard-configuration-monitor-ips? ;boolean (monitor-ips? wireguard-configuration-monitor-ips? ;boolean
(default #f)) (default #f))
(monitor-ips-interval wireguard-configuration-monitor-ips-interval (monitor-ips-interval wireguard-configuration-monitor-ips-interval
@ -763,24 +764,15 @@ strongSwan.")))
(define (wireguard-configuration-file config) (define (wireguard-configuration-file config)
(define (peer->config peer) (define (peer->config peer)
(let ((name (wireguard-peer-name peer)) (match-record peer <wireguard-peer>
(public-key (wireguard-peer-public-key peer)) (name public-key endpoint allowed-ips keep-alive)
(endpoint (wireguard-peer-endpoint peer)) (let ((lines (list
(allowed-ips (wireguard-peer-allowed-ips peer)) (format #f "[Peer] #~a" name)
(keep-alive (wireguard-peer-keep-alive peer))) (format #f "PublicKey = ~a" public-key)
(format #f "[Peer] #~a (format #f "AllowedIPs = ~{~a~^, ~}" allowed-ips)
PublicKey = ~a (format #f "~@[Endpoint = ~a~]" endpoint)
AllowedIPs = ~a (format #f "~@[PersistentKeepalive = ~a~]" keep-alive))))
~a~a" (string-join (remove string-null? lines) "\n"))))
name
public-key
(string-join allowed-ips ",")
(if endpoint
(format #f "Endpoint = ~a\n" endpoint)
"")
(if keep-alive
(format #f "PersistentKeepalive = ~a\n" keep-alive)
"\n"))))
(define (peers->preshared-keys peer keys) (define (peers->preshared-keys peer keys)
(let ((public-key (wireguard-peer-public-key peer)) (let ((public-key (wireguard-peer-public-key peer))
@ -799,65 +791,44 @@ AllowedIPs = ~a
(computed-file (computed-file
"wireguard-config" "wireguard-config"
#~(begin #~(begin
(use-modules (ice-9 format)
(srfi srfi-1))
(define lines
(list
"[Interface]"
#$@(if (null? addresses)
'()
(list (format #f "Address = ~{~a~^, ~}"
addresses)))
(format #f "~@[Table = ~a~]" #$table)
#$@(if (null? pre-up)
'()
(list (format #f "~{PreUp = ~a~%~}" pre-up)))
(format #f "PostUp = ~a set %i private-key ~a\
~{ peer ~a preshared-key ~a~}" #$(file-append wireguard "/bin/wg")
#$private-key '#$peer-keys)
#$@(if (null? post-up)
'()
(list (format #f "~{PostUp = ~a~%~}" post-up)))
#$@(if (null? pre-down)
'()
(list (format #f "~{PreDown = ~a~%~}" pre-down)))
#$@(if (null? post-down)
'()
(list (format #f "~{PostDown = ~a~%~}" post-down)))
(format #f "~@[ListenPort = ~a~]" #$port)
#$@(if (null? dns)
'()
(list (format #f "~{DNS = ~{~a~^, ~}" dns)))))
(mkdir #$output) (mkdir #$output)
(chdir #$output) (chdir #$output)
(call-with-output-file #$config-file (call-with-output-file #$config-file
(lambda (port) (lambda (port)
(let ((format (@ (ice-9 format) format))) (format port "~a~%~%~{~a~%~^~%~}"
(format port "[Interface] (string-join (remove string-null? lines) "\n")
Address = ~a '#$peers)))))))
~a
~a
PostUp = ~a set %i private-key ~a~{ peer ~a preshared-key ~a~}
~a
~a
~a
~a
~a
~{~a~^~%~}"
#$(string-join addresses ",")
#$(if table
(format #f "Table = ~a" table)
"")
#$(if (null? pre-up)
""
(string-join
(map (lambda (command)
(format #f "PreUp = ~a" command))
pre-up)
"\n"))
#$(file-append wireguard "/bin/wg")
#$private-key
'#$peer-keys
#$(if (null? post-up)
""
(string-join
(map (lambda (command)
(format #f "PostUp = ~a" command))
post-up)
"\n"))
#$(if (null? pre-down)
""
(string-join
(map (lambda (command)
(format #f "PreDown = ~a" command))
pre-down)
"\n"))
#$(if (null? post-down)
""
(string-join
(map (lambda (command)
(format #f "PostDown = ~a" command))
post-down)
"\n"))
#$(if port
(format #f "ListenPort = ~a" port)
"")
#$(if dns
(format #f "DNS = ~a"
(string-join dns ","))
"")
(list #$@peers)))))))))
(file-append config "/" config-file)))) (file-append config "/" config-file))))
(define (wireguard-activation config) (define (wireguard-activation config)