GNU bug report logs - #26829
Add knot service

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 26829 in the body.
You can then email your comments to 26829 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Julien Lepiller <julien <at> lepiller.eu>
To: guix-patches <at> gnu.org
Subject: Add knot service
Date: Mon, 8 May 2017 17:22:23 +0200

[Message part 1 (text/plain, inline)]

Hi,

here is a new service for knot, an authoritative DNS server. I have not
yet tested all the possible combinations in the configuration, but at
least the examples in the documentation work.

[0001-gnu-Add-knot-service-type.patch (text/x-patch, attachment)]

Message #8 received at 26829 <at> debbugs.gnu.org (full text, mbox):

From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: Julien Lepiller <julien <at> lepiller.eu>, 26829 <at> debbugs.gnu.org
Subject: Re: bug#26829: Add knot service
Date: Mon, 8 May 2017 20:25:26 +0200

Julien,

On 08/05/17 17:22, Julien Lepiller wrote:
> + (zones (list maste-zone slave-zone))))
                 ^^^^^
This happened to catch my eye.

> here is a new service for knot, an authoritative DNS server. I have not
> yet tested all the possible combinations in the configuration, but at
> least the examples in the documentation work.

Wonderful! Knot on GuixSD (sans service) runs the primary NS for my 
domain. It's a great server, but its configuration file format can make 
doing non-trivial things quite painful. Being able to use Scheme instead 
sounds very nice indeed.

I'm giving it a spin.

Thanks!

T G-R

Message #11 received at 26829 <at> debbugs.gnu.org (full text, mbox):

From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: Julien Lepiller <julien <at> lepiller.eu>, 26829 <at> debbugs.gnu.org
Subject: Re: bug#26829: Add knot service
Date: Mon, 8 May 2017 20:27:53 +0200

On 08/05/17 20:25, Tobias Geerinckx-Rice wrote:
> This happened to catch my eye.

As did this:

  nckx <at> apollo ~/guix$ git am ~/0001-gnu-Add-knot-service-type.patch
  Applying: gnu: Add knot-service-type.
  .git/rebase-apply/patch:310: trailing whitespace.
  Whether the key management is manual or automatic.
  warning: 1 line adds whitespace errors.

Kind regards,

T G-R

Message #14 received at 26829 <at> debbugs.gnu.org (full text, mbox):

From: julien lepiller <julien <at> lepiller.eu>
To: 26829 <at> debbugs.gnu.org
Subject: Re: bug#26829: Add knot service
Date: Mon, 22 May 2017 09:57:10 +0200

Le 2017-05-08 20:27, Tobias Geerinckx-Rice a écrit :
> On 08/05/17 20:25, Tobias Geerinckx-Rice wrote:
>> This happened to catch my eye.
> 
> As did this:
> 
>   nckx <at> apollo ~/guix$ git am ~/0001-gnu-Add-knot-service-type.patch
>   Applying: gnu: Add knot-service-type.
>   .git/rebase-apply/patch:310: trailing whitespace.
>   Whether the key management is manual or automatic.
>   warning: 1 line adds whitespace errors.
> 
> Kind regards,
> 
> T G-R

Hi Tobias,

apart from these mistakes, did you test it? I guess the lack of response 
from your side means it works well? Can I push this patch?

Message #19 received at 26829-done <at> debbugs.gnu.org (full text, mbox):

From: Julien Lepiller <julien <at> lepiller.eu>
To: 26829-done <at> debbugs.gnu.org
Subject: Re: bug#26829: Add knot service
Date: Sat, 27 May 2017 10:41:45 +0200

Le Mon, 22 May 2017 09:57:10 +0200,
julien lepiller <julien <at> lepiller.eu> a écrit :

> Le 2017-05-08 20:27, Tobias Geerinckx-Rice a écrit :
> > On 08/05/17 20:25, Tobias Geerinckx-Rice wrote:  
> >> This happened to catch my eye.  
> > 
> > As did this:
> > 
> >   nckx <at> apollo ~/guix$ git am ~/0001-gnu-Add-knot-service-type.patch
> >   Applying: gnu: Add knot-service-type.
> >   .git/rebase-apply/patch:310: trailing whitespace.
> >   Whether the key management is manual or automatic.
> >   warning: 1 line adds whitespace errors.
> > 
> > Kind regards,
> > 
> > T G-R  
> 
> Hi Tobias,
> 
> apart from these mistakes, did you test it? I guess the lack of
> response from your side means it works well? Can I push this patch?
> 
> 
> 

So, pushed as ba69e8f7ce21a81bdd5b99fdb1cc64492443e15c.

Message #22 received at 26829 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: 26829 <at> debbugs.gnu.org
Cc: julien <at> lepiller.eu
Subject: Re: bug#26829: Add knot service
Date: Sun, 28 May 2017 19:34:06 +0200

Hi Julien,

Julien Lepiller <julien <at> lepiller.eu> skribis:

> So, pushed as ba69e8f7ce21a81bdd5b99fdb1cc64492443e15c.

Very nice and very useful notably for self-hosting use cases!

I have two minor comments:

  1. What it would it take to write tests for this?  I assume we could
     simply make DNS requests locally?

  2. For things like:

     +@item @code{nsec3-salt-lifetime} (default: @code{"30d"})

     I prefer using an integer denoting the number of seconds, and then
     letting users do the multiplication or use (string->duration "30d").
     I did that for ‘guix-publish-service’.

     Thoughts?

Thank you!

Ludo’.

Message #25 received at 26829 <at> debbugs.gnu.org (full text, mbox):

From: julien lepiller <julien <at> lepiller.eu>
To: 26829 <at> debbugs.gnu.org
Subject: Re: bug#26829: Add knot service
Date: Mon, 29 May 2017 09:55:18 +0200

Le 2017-05-28 19:34, ludo <at> gnu.org a écrit :
> Hi Julien,
> 
> Julien Lepiller <julien <at> lepiller.eu> skribis:
> 
>> So, pushed as ba69e8f7ce21a81bdd5b99fdb1cc64492443e15c.
> 
> Very nice and very useful notably for self-hosting use cases!
That's exactly why I did that :). I'm currently self-hosting my services 
on debian, and I would like to move to guixSD at some point, so I'm 
writing services I need.

> 
> I have two minor comments:
> 
>   1. What it would it take to write tests for this?  I assume we could
>      simply make DNS requests locally?
I have never written a system test, so I don't know how it works. If we 
check only that requests are answered correctly locally, I think that 
would be great but limited to the "master" scenario. Then there is the 
"slave" scenario, where we would need a zone transfer between two hosts. 
And we could also check that transfer occurs only to authorized slaves.

> 
>   2. For things like:
> 
>      +@item @code{nsec3-salt-lifetime} (default: @code{"30d"})
> 
>      I prefer using an integer denoting the number of seconds, and then
>      letting users do the multiplication or use (string->duration 
> "30d").
>      I did that for ‘guix-publish-service’.
I didn't know it existed, but it looks nicer indeed. I'll see what I can 
do.

> 
>      Thoughts?
I'll be away for a few days, but I'll send patches as soon as I can.

> 
> Thank you!
> 
> Ludo’.

Message #28 received at 26829 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: julien lepiller <julien <at> lepiller.eu>
Cc: 26829 <at> debbugs.gnu.org
Subject: Re: bug#26829: Add knot service
Date: Mon, 29 May 2017 18:36:17 +0200

Hello,

julien lepiller <julien <at> lepiller.eu> skribis:

> Le 2017-05-28 19:34, ludo <at> gnu.org a écrit :
>> Hi Julien,
>>
>> Julien Lepiller <julien <at> lepiller.eu> skribis:
>>
>>> So, pushed as ba69e8f7ce21a81bdd5b99fdb1cc64492443e15c.
>>
>> Very nice and very useful notably for self-hosting use cases!
> That's exactly why I did that :). I'm currently self-hosting my
> services on debian, and I would like to move to guixSD at some point,
> so I'm writing services I need.

Excellent.  :-)

>> I have two minor comments:
>>
>>   1. What it would it take to write tests for this?  I assume we could
>>      simply make DNS requests locally?
> I have never written a system test, so I don't know how it works. If
> we check only that requests are answered correctly locally, I think
> that would be great but limited to the "master" scenario. Then there
> is the "slave" scenario, where we would need a zone transfer between
> two hosts. And we could also check that transfer occurs only to
> authorized slaves.

OK.  I guess I know too little about DNS to make any useful comment.

>>   2. For things like:
>>
>>      +@item @code{nsec3-salt-lifetime} (default: @code{"30d"})
>>
>>      I prefer using an integer denoting the number of seconds, and then
>>      letting users do the multiplication or use (string->duration
>> "30d").
>>      I did that for ‘guix-publish-service’.
> I didn't know it existed, but it looks nicer indeed. I'll see what I
> can do.

OK!  Note that I’m not saying that the service code should use
‘string->duration’ directly, but rather that the service code should use
integers to represent duration (in seconds).

Thank you,
Ludo’.

Message #31 received at 26829 <at> debbugs.gnu.org (full text, mbox):

From: Julien Lepiller <julien <at> lepiller.eu>
To: 26829 <at> debbugs.gnu.org
Subject: Re: bug#26829: Add knot service
Date: Wed, 31 May 2017 21:41:39 +0200

Le Mon, 29 May 2017 18:36:17 +0200,
ludo <at> gnu.org (Ludovic Courtès) a écrit :

> Hello,
> 
> julien lepiller <julien <at> lepiller.eu> skribis:
> 
> > Le 2017-05-28 19:34, ludo <at> gnu.org a écrit :  
> >> Hi Julien,
> >>
> >> Julien Lepiller <julien <at> lepiller.eu> skribis:
> >>  
> >>> So, pushed as ba69e8f7ce21a81bdd5b99fdb1cc64492443e15c.  
> >>
> >> Very nice and very useful notably for self-hosting use cases!  
> > That's exactly why I did that :). I'm currently self-hosting my
> > services on debian, and I would like to move to guixSD at some
> > point, so I'm writing services I need.  
> 
> Excellent.  :-)
> 
> >> I have two minor comments:
> >>
> >>   1. What it would it take to write tests for this?  I assume we
> >> could simply make DNS requests locally?  
> > I have never written a system test, so I don't know how it works. If
> > we check only that requests are answered correctly locally, I think
> > that would be great but limited to the "master" scenario. Then there
> > is the "slave" scenario, where we would need a zone transfer between
> > two hosts. And we could also check that transfer occurs only to
> > authorized slaves.  
> 
> OK.  I guess I know too little about DNS to make any useful comment.
> 
> >>   2. For things like:
> >>
> >>      +@item @code{nsec3-salt-lifetime} (default: @code{"30d"})
> >>
> >>      I prefer using an integer denoting the number of seconds, and
> >> then letting users do the multiplication or use (string->duration
> >> "30d").
> >>      I did that for ‘guix-publish-service’.  
> > I didn't know it existed, but it looks nicer indeed. I'll see what I
> > can do.  
> 
> OK!  Note that I’m not saying that the service code should use
> ‘string->duration’ directly, but rather that the service code should
> use integers to represent duration (in seconds).
So, the default value would be (string->duration "30d"), which is a
number of second, and the configuration should use this number of
seconds, right?

> 
> Thank you,
> Ludo’.

Message #34 received at 26829 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Julien Lepiller <julien <at> lepiller.eu>
Cc: 26829 <at> debbugs.gnu.org
Subject: Re: bug#26829: Add knot service
Date: Wed, 31 May 2017 23:17:56 +0200

Julien Lepiller <julien <at> lepiller.eu> skribis:

> Le Mon, 29 May 2017 18:36:17 +0200,
> ludo <at> gnu.org (Ludovic Courtès) a écrit :
>
>> Hello,
>> 
>> julien lepiller <julien <at> lepiller.eu> skribis:
>> 
>> > Le 2017-05-28 19:34, ludo <at> gnu.org a écrit :  
>> >> Hi Julien,
>> >>
>> >> Julien Lepiller <julien <at> lepiller.eu> skribis:
>> >>  
>> >>> So, pushed as ba69e8f7ce21a81bdd5b99fdb1cc64492443e15c.  
>> >>
>> >> Very nice and very useful notably for self-hosting use cases!  
>> > That's exactly why I did that :). I'm currently self-hosting my
>> > services on debian, and I would like to move to guixSD at some
>> > point, so I'm writing services I need.  
>> 
>> Excellent.  :-)
>> 
>> >> I have two minor comments:
>> >>
>> >>   1. What it would it take to write tests for this?  I assume we
>> >> could simply make DNS requests locally?  
>> > I have never written a system test, so I don't know how it works. If
>> > we check only that requests are answered correctly locally, I think
>> > that would be great but limited to the "master" scenario. Then there
>> > is the "slave" scenario, where we would need a zone transfer between
>> > two hosts. And we could also check that transfer occurs only to
>> > authorized slaves.  
>> 
>> OK.  I guess I know too little about DNS to make any useful comment.
>> 
>> >>   2. For things like:
>> >>
>> >>      +@item @code{nsec3-salt-lifetime} (default: @code{"30d"})
>> >>
>> >>      I prefer using an integer denoting the number of seconds, and
>> >> then letting users do the multiplication or use (string->duration
>> >> "30d").
>> >>      I did that for ‘guix-publish-service’.  
>> > I didn't know it existed, but it looks nicer indeed. I'll see what I
>> > can do.  
>> 
>> OK!  Note that I’m not saying that the service code should use
>> ‘string->duration’ directly, but rather that the service code should
>> use integers to represent duration (in seconds).
> So, the default value would be (string->duration "30d"), which is a
> number of second, and the configuration should use this number of
> seconds, right?

No, the (gnu services …) modules should not depend on (guix ui), which
is mostly for the CLI.

So the default value would be (* 30 24 3600).

We could (define hour 3600) (define day (* 24 hour)) etc.

Ludo’.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.