GNU bug report logs - #63403
[PATCH 1/1] services: wireguard: Implement a dynamic IP monitoring feature.

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: guix-patches; Reported by: Maxim Cournoyer <maxim.cournoyer@HIDDEN>; Keywords: patch; merged with #63402; dated Wed, 10 May 2023 01:10:02 UTC; Maintainer for guix-patches is guix-patches@HIDDEN.

Message received at 63403 <at> debbugs.gnu.org:


Received: (at 63403) by debbugs.gnu.org; 25 May 2023 15:13:21 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu May 25 11:13:21 2023
Received: from localhost ([127.0.0.1]:47843 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1q2CeW-0006HN-LA
	for submit <at> debbugs.gnu.org; Thu, 25 May 2023 11:13:20 -0400
Received: from mail-qt1-f178.google.com ([209.85.160.178]:48369)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@HIDDEN>)
 id 1q2CeT-0006H4-VV; Thu, 25 May 2023 11:13:18 -0400
Received: by mail-qt1-f178.google.com with SMTP id
 d75a77b69052e-3f6bafd4782so5548401cf.0; 
 Thu, 25 May 2023 08:13:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20221208; t=1685027592; x=1687619592;
 h=content-transfer-encoding:mime-version:user-agent:message-id
 :in-reply-to:date:references:subject:cc:to:from:from:to:cc:subject
 :date:message-id:reply-to;
 bh=Fec5MLNSWNhvEcQxgsE+fb9OQM//l56VchTP0gKTq3k=;
 b=jykprqn7pfio/3lBiSFHpvXmpSjS/83tzlNQ2JRx5G5EeYmXm15IS5QsgydK1SeCx8
 uBJY67kB65DqwohmKIn+kw7NO9tqPxWMy73g9bzm+EsOiueJlaTSozdhpUqQoe0JHPpK
 WJSEGDFPG+z7pAkH7VkjPIMTvYxmiyrj42PmISKfL/qEX2+1sSZPIXGYnv6YEZ0SeCCs
 O5eYbl0BkaY1hRTkEX+ydPi/PrX1o43l6FGLxZ8DBvvaZ1W4Wl0rhBBNtaWI4Xe+/4wc
 BHtXpRkO3W30K6iu9DpQ89MImnnQgdyGP1gQZmMvsMlDWFhjCntgrBP63zSyI8XzxrLB
 ttpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1685027592; x=1687619592;
 h=content-transfer-encoding:mime-version:user-agent:message-id
 :in-reply-to:date:references:subject:cc:to:from:x-gm-message-state
 :from:to:cc:subject:date:message-id:reply-to;
 bh=Fec5MLNSWNhvEcQxgsE+fb9OQM//l56VchTP0gKTq3k=;
 b=ejp5UscfZh1p9PogJWWQtRcGTnhxSrJlj9eqMJvzEFoacgezMxg9jOBJkRmLrJhRn6
 PQYbcTa/NuwBUoGDxOhDgA/WsR4cjxPX1ApIID3kx/Ej66Zggrt4EOwjgAAnjQQ+nnXb
 +TGCyZgQ0cqEGnWk1KVS0aOOtBtsRmpA56PBi04RZurT7aL4BQJ4Y+1o0aaxFtC9lvnp
 5pRjYaJtFOUxsiXvLLYfPw1z6lFHs3RnagjjaPR31IuO+hTJJqGW+TviEbmolRYZ85mC
 Ameo+1bXuyi2FGo/Zrcj6UtZg6yovpbSYx710MA0n4R3SNRLucRm3LAlTKRQaBhUip34
 MkEg==
X-Gm-Message-State: AC+VfDxpZqMjVfO6EZhKBq0YvgtItGMHeg9Ur1Xp3AB5dMkestouXE0r
 1UYMlLzsmwPb3fZG2HQvO3T2zhCVBlFHNA==
X-Google-Smtp-Source: ACHHUZ7CPuWs2/C4qdpB+Tl+T9YW6onYgNtCnJ0kOOnl5mCwULsrVTwCcBYpW9VQowmYvVc/8MM6ew==
X-Received: by 2002:a05:622a:1452:b0:3f7:b95:f088 with SMTP id
 v18-20020a05622a145200b003f70b95f088mr6363493qtx.20.1685027591772; 
 Thu, 25 May 2023 08:13:11 -0700 (PDT)
Received: from hurd (dsl-149-67.b2b2c.ca. [66.158.149.67])
 by smtp.gmail.com with ESMTPSA id
 p4-20020a0cf684000000b00619adb4b66asm467720qvn.95.2023.05.25.08.13.11
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 25 May 2023 08:13:11 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
 IP monitoring feature.
References: <cover.1684461197.git.maxim.cournoyer@HIDDEN>
 <bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN>
 <87cz2swgpu.fsf_-_@HIDDEN> <87fs7ohrif.fsf@HIDDEN>
 <87pm6pixvf.fsf@HIDDEN>
Date: Thu, 25 May 2023 11:13:10 -0400
In-Reply-To: <87pm6pixvf.fsf@HIDDEN> ("Ludovic =?utf-8?Q?Court=C3=A8s=22'?=
 =?utf-8?Q?s?= message of "Wed, 24 May 2023 16:53:56 +0200")
Message-ID: <87h6s0fnqx.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 63403
Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi Ludovic,

Ludovic Court=C3=A8s <ludo@HIDDEN> writes:

> Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis:
>
>> Yeah, upstream offers a contrib shell script called reresolve-dns.sh
>> [0], that works a bit differently (it's doesn't actually monitor IPs but
>> just keep a watch on when was the last successful handshake made).
>>
>> [0]  https://github.com/WireGuard/wireguard-tools/blob/master/contrib/re=
resolve-dns/reresolve-dns.
>>
>>> Would that be a viable option?  WDYT?
>>
>> I think my Guile script is more precise in terms of what it does and
>> also produces useful output.  If I knew of the shell script existence
>> when I started I probably wouldn't have bothered re-implementing it in
>> Scheme, but since it's here, and better, I see no reason to not use it
>> :-).  I don't foresee high maintenance for the stable APIs involved
>> (resolving host names and setting an endpoint with 'wg set').
>
> I don=E2=80=99t doubt your script is better (first because it=E2=80=99s i=
n Guile ;-)).
> I=E2=80=99m concerned about adding non-trivial =E2=80=9Cperipheral=E2=80=
=9D code that we=E2=80=99ll all
> be responsible for going forward (the Jami services pose a similar
> challenge IMO: I experienced first-hand the maintenance burden recently
> when investigating system test failures.)

I get that the Jami service is complex, but to be fair here the tests
being broken by a (good) change in the marionette behavior caused by
commit a09c7da, which also affected a few other tests, as demonstrated
in the follow-up commit f518882, rather than because it crumbled under
its own weight.  I personally think this service is a great test suite
for the service infrastructure in Guix :-)  I've now fixed the Jami test
suite with 99fc7e5.  Hopefully QA helps catching regressions like this
early in the future, avoiding the need to fix things after the facts.

> So I=E2=80=99m a bit torn.  I sympathize with the need to improve those
> services, but I=E2=80=99m also concerned what will happen if we don=E2=80=
=99t have clear
> criteria to decide what to take and what to reject.

I think this happens rarely enough that it can be left as an exercise of
judgement rather than policy; e.g. deemed to provide enough value to
justify the maintenance burden, keeping in mind that using some
'contrib' shell script from upstream is not guaranteed to be
maintenance-free.  In this case it's also not on any critical path: it'd
only affects users of the new feature; if it ever breaks only that
feature would be impacted.

--=20
Thanks,
Maxim




Information forwarded to guix-patches@HIDDEN:
bug#63403; Package guix-patches. Full text available.

Message received at 63403 <at> debbugs.gnu.org:


Received: (at 63403) by debbugs.gnu.org; 24 May 2023 22:12:36 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 24 18:12:36 2023
Received: from localhost ([127.0.0.1]:45389 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1q1wii-00033h-Ib
	for submit <at> debbugs.gnu.org; Wed, 24 May 2023 18:12:36 -0400
Received: from smtpm3.myservices.hosting ([185.26.105.234]:54752)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mirai@HIDDEN>)
 id 1q1wif-00033Q-S2; Wed, 24 May 2023 18:12:34 -0400
Received: from mail1.netim.hosting (unknown [185.26.106.173])
 by smtpm3.myservices.hosting (Postfix) with ESMTP id 15E9D20FB1;
 Thu, 25 May 2023 00:12:30 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
 by mail1.netim.hosting (Postfix) with ESMTP id 56CFF80097;
 Thu, 25 May 2023 00:12:27 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mail1.netim.hosting
Received: from mail1.netim.hosting ([127.0.0.1])
 by localhost (mail1-2.netim.hosting [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id mWPjFwObHO-3; Thu, 25 May 2023 00:12:27 +0200 (CEST)
Received: from [192.168.1.239] (unknown [10.192.1.83])
 (Authenticated sender: lumen@HIDDEN)
 by mail1.netim.hosting (Postfix) with ESMTPSA id B382180060;
 Thu, 25 May 2023 00:12:26 +0200 (CEST)
Message-ID: <966ccdfe-8d66-6020-57c5-695ac4701f95@HIDDEN>
Date: Wed, 24 May 2023 23:12:26 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.10.1
Subject: Re: [bug#63403] [PATCH 1/1] services: wireguard: Implement a dynamic
 IP monitoring feature.
Content-Language: en-US
To: =?UTF-8?Q?Ludovic_Court=c3=a8s?= <ludo@HIDDEN>,
 Maxim Cournoyer <maxim.cournoyer@HIDDEN>
References: <cover.1684461197.git.maxim.cournoyer@HIDDEN>
 <bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN>
 <87cz2swgpu.fsf_-_@HIDDEN> <87fs7ohrif.fsf@HIDDEN>
 <87pm6pixvf.fsf@HIDDEN>
From: Bruno Victal <mirai@HIDDEN>
In-Reply-To: <87pm6pixvf.fsf@HIDDEN>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -1.1 (-)
X-Debbugs-Envelope-To: 63403
Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.1 (--)

Hi Ludo’,

On 2023-05-24 15:53, Ludovic Courtès wrote:
> I don’t doubt your script is better (first because it’s in Guile ;-)).
> I’m concerned about adding non-trivial “peripheral” code that we’ll all
> be responsible for going forward (the Jami services pose a similar
> challenge IMO: I experienced first-hand the maintenance burden recently
> when investigating system test failures.)
> 
> So I’m a bit torn.  I sympathize with the need to improve those
> services, but I’m also concerned what will happen if we don’t have clear
> criteria to decide what to take and what to reject.
> 

I think having some “indigenous” guix capabilities is a good idea,
if the guix services are to be something more than a (lossy) scheme
translation of some daemon's configuration file syntax.

IMO as long the feature in question is:
* Not overly tailored to some specific setup scenario.
* Generic (or can be reasonably refactored/extended as needed)
* Improves the overall experience of a service.

It should be acceptable to have it in Guix since it brings more value
to the service subsystem. (rather than require a user to import
$MYSTERY_CHANNEL_FROM_INTERNET_USER_5554$ or reinvent the
ω+1 iteration of the same wheel)


-- 
Furthermore, I consider that nonfree software must be eradicated.

Cheers,
Bruno.





Information forwarded to guix-patches@HIDDEN:
bug#63403; Package guix-patches. Full text available.

Message received at 63403 <at> debbugs.gnu.org:


Received: (at 63403) by debbugs.gnu.org; 24 May 2023 14:54:07 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 24 10:54:07 2023
Received: from localhost ([127.0.0.1]:44358 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1q1psN-0004J5-3T
	for submit <at> debbugs.gnu.org; Wed, 24 May 2023 10:54:07 -0400
Received: from eggs.gnu.org ([209.51.188.92]:39922)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>)
 id 1q1psK-0004IW-4I; Wed, 24 May 2023 10:54:05 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1q1psE-0003Vz-T7; Wed, 24 May 2023 10:53:58 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=xDW0DT4hXyUnZvRkzkjymaaNZqfBs4xwMIrSMIah7GQ=; b=WbnqKC14UxDGV1gZ42Bi
 GzgJ5K2s4LuWY04ycFNUP8hNAi6w/LMRu3pLVd/pvRuSo7U3hX7T9fE9HmWVVQyEZxjohakrZq0lQ
 CuuNQRoLXH+7yynACwzHVQ29j5xsu7nEHynvPuRAGyQSzc4VrUrkb4d24rIfbSTjaeO5UTlRiuwtd
 pQLnPTG7qOmn5wJiPzyJ9iANkuMdBuGsRqyxFQoVpH6XWRqApKHBxZDtTN5Hl45AhQgHfJWu9bjZj
 y+4e/eyRc5D2UEgaL+eaIEUAIHYhegmSGn9OyDjepoK0pdGKpvAqTJt+X6Rs6VwSINAuchqBEEcVM
 eT74EkH10y7Q3g==;
Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201] helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1q1psE-0002bL-G6; Wed, 24 May 2023 10:53:58 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
 IP monitoring feature.
References: <cover.1684461197.git.maxim.cournoyer@HIDDEN>
 <bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN>
 <87cz2swgpu.fsf_-_@HIDDEN> <87fs7ohrif.fsf@HIDDEN>
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: Quintidi 5 Prairial an 231 de la =?utf-8?Q?R=C3=A9vo?=
 =?utf-8?Q?lution=2C?= jour du Canard
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
Date: Wed, 24 May 2023 16:53:56 +0200
In-Reply-To: <87fs7ohrif.fsf@HIDDEN> (Maxim Cournoyer's message of "Mon, 22
 May 2023 19:32:08 -0400")
Message-ID: <87pm6pixvf.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 63403
Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis:

> Yeah, upstream offers a contrib shell script called reresolve-dns.sh
> [0], that works a bit differently (it's doesn't actually monitor IPs but
> just keep a watch on when was the last successful handshake made).
>
> [0]  https://github.com/WireGuard/wireguard-tools/blob/master/contrib/rer=
esolve-dns/reresolve-dns.
>
>> Would that be a viable option?  WDYT?
>
> I think my Guile script is more precise in terms of what it does and
> also produces useful output.  If I knew of the shell script existence
> when I started I probably wouldn't have bothered re-implementing it in
> Scheme, but since it's here, and better, I see no reason to not use it
> :-).  I don't foresee high maintenance for the stable APIs involved
> (resolving host names and setting an endpoint with 'wg set').

I don=E2=80=99t doubt your script is better (first because it=E2=80=99s in =
Guile ;-)).
I=E2=80=99m concerned about adding non-trivial =E2=80=9Cperipheral=E2=80=9D=
 code that we=E2=80=99ll all
be responsible for going forward (the Jami services pose a similar
challenge IMO: I experienced first-hand the maintenance burden recently
when investigating system test failures.)

So I=E2=80=99m a bit torn.  I sympathize with the need to improve those
services, but I=E2=80=99m also concerned what will happen if we don=E2=80=
=99t have clear
criteria to decide what to take and what to reject.

WDYT?

Ludo=E2=80=99.




Information forwarded to guix-patches@HIDDEN:
bug#63403; Package guix-patches. Full text available.

Message received at 63403 <at> debbugs.gnu.org:


Received: (at 63403) by debbugs.gnu.org; 24 May 2023 14:44:50 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 24 10:44:50 2023
Received: from localhost ([127.0.0.1]:44331 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1q1pjO-0003tH-F9
	for submit <at> debbugs.gnu.org; Wed, 24 May 2023 10:44:50 -0400
Received: from eggs.gnu.org ([209.51.188.92]:45994)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>)
 id 1q1pjM-0003t2-Vr; Wed, 24 May 2023 10:44:49 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1q1pjH-00013v-Oc; Wed, 24 May 2023 10:44:43 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=0qd9frzCuNcb/NbHLzYPvEDww1Z4PPsTOrSCJdTcxa0=; b=iWVPVRWCQ4CBm5romj8u
 +soqFjLqRgi/QFHhhdL2VeHzPluthdFd2XTww9J84uvHkV/17aT59B1U6WzXdonMUi/acFhLvkdax
 I1JjnIHHrgIC5GiAhZNlmZ2jtIi/P5SiY2BjNsjK+k0kwaUXMuuoumSdXUmwuag95/+XF20rJ/Z+Y
 PHpAfUF46qfaS2z+BJtxyGlspnLk/p84ebeW2rcOl/7sZL04OElD8yXCOADA03CbgrVugQml7s5mT
 hLty2taZySYjoTlvsGOUIMb4ZcH3zYlLkm9vNW9Z8rDFFOucV2MxM3jE9a7sB6P20nrNF9qEiQeGg
 PRRq2cxYKhsI9A==;
Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201] helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1q1pjH-0001eX-7m; Wed, 24 May 2023 10:44:43 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
 IP monitoring feature.
References: <cover.1684461197.git.maxim.cournoyer@HIDDEN>
 <4ae50adcd4cef9d26b26eb4456727538d61f064c.1684461197.git.maxim.cournoyer@HIDDEN>
 <87lehgwgvz.fsf_-_@HIDDEN> <87jzx0hryo.fsf@HIDDEN>
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: Quintidi 5 Prairial an 231 de la =?utf-8?Q?R=C3=A9vo?=
 =?utf-8?Q?lution=2C?= jour du Canard
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
Date: Wed, 24 May 2023 16:44:40 +0200
In-Reply-To: <87jzx0hryo.fsf@HIDDEN> (Maxim Cournoyer's message of "Mon, 22
 May 2023 19:22:23 -0400")
Message-ID: <87cz2pkcvb.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 63403
Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi Maxim,

Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis:

> Ludovic Court=C3=A8s <ludo@HIDDEN> writes:
>
>> Hi,
>>
>> Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis:
>>
>>> * gnu/services/herd.scm (current-service): New procedure, mostly reusin=
g the
>>> existing current-services.
>>> (current-services): Implement in terms of the above procedure.
>>
>> How about having (lookup-service name) that calls the =E2=80=98status=E2=
=80=99 action on
>> the given service and either returns a <live-service> or #f?
>
> I'd rather keep the name 'current-service',

There=E2=80=99s no notion of a =E2=80=9Ccurrent service=E2=80=9D in the She=
pherd; that would be
confusing to me.

> because 'lookup-service' is already a public procedure exported by
> Shepherd's (shepherd service) module; it'd be confusing.

Yeah well, I think we should clarify the client/server architecture and
the context in which (shepherd =E2=80=A6) modules are meant to be used.  I =
made
a first attempt:

  https://git.savannah.gnu.org/cgit/shepherd.git/commit/?id=3Dd3d437a34bcb1=
1fc416bf141181d8908064aeceb

However, what matters most to me is that the procedure names really
represent what they do.  With that in mind, it=E2=80=99s no surprise that t=
he
procedure to look up a service is called =E2=80=98lookup-service=E2=80=99 i=
n both
contexts.

Thanks,
Ludo=E2=80=99.




Information forwarded to guix-patches@HIDDEN:
bug#63403; Package guix-patches. Full text available.

Message received at 63403 <at> debbugs.gnu.org:


Received: (at 63403) by debbugs.gnu.org; 22 May 2023 23:32:25 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon May 22 19:32:25 2023
Received: from localhost ([127.0.0.1]:37287 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1q1F0o-0005IX-40
	for submit <at> debbugs.gnu.org; Mon, 22 May 2023 19:32:25 -0400
Received: from mail-qk1-f178.google.com ([209.85.222.178]:56778)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@HIDDEN>)
 id 1q1F0i-0005IC-HM; Mon, 22 May 2023 19:32:20 -0400
Received: by mail-qk1-f178.google.com with SMTP id
 af79cd13be357-75b0df7b225so92045485a.1; 
 Mon, 22 May 2023 16:32:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20221208; t=1684798331; x=1687390331;
 h=content-transfer-encoding:mime-version:user-agent:message-id
 :in-reply-to:date:references:subject:cc:to:from:from:to:cc:subject
 :date:message-id:reply-to;
 bh=UbW4PFRdAfMgpJji7/CdoSejXHPX1C4w+FGbbQLcjQI=;
 b=r8l8jEmRuVhBWHOVWUNJydH8XwqcOtomEogSn/Jq8b3vzkp7P0Y32iG7WGongxreHn
 9p0odLaU/2iSuXVWwRZGDE2O3+JlOn6SrHhfC5tqGuv/UxdIIYNiycl+ESuhYUGm46Dt
 0fX0HZ+rBLpaAWmjlBpUqAPQuo4/kGLgbkmFcVV6yqOoqxdkyLRtU4fl2cn1T/bOs8NU
 wHhO9GYsSeXvr9GP5kHLcC4mGF/BkQgPoN+Aml2NUeCNRBgrIlJkD7SdwryCy4xjxkPG
 xFIjCxP+PZf6Gozh7NmiEv8QsKx4wzS4UpMdk2G9i8fPN9To7MYgfpoFRqogL/gZkbXU
 lXjw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1684798331; x=1687390331;
 h=content-transfer-encoding:mime-version:user-agent:message-id
 :in-reply-to:date:references:subject:cc:to:from:x-gm-message-state
 :from:to:cc:subject:date:message-id:reply-to;
 bh=UbW4PFRdAfMgpJji7/CdoSejXHPX1C4w+FGbbQLcjQI=;
 b=TgFuCJvTY9TxzipvLzNt8Yl3Yg39nNXnwjm9nQ3SxIFinGiXQrC3YmU7kap/5Wfzsb
 TXDVjaUwf27yfOElsccECn+l8XHxKKEJotFmfJVjHWEucX0BWNYiVu6rL1eqB1fbDQCo
 shzTK66wgRzK2Gk/hEtoWk1Qh2hUygqGBfg+lDqgBCv3azRc8MX5AHB5IbO5EIUpoMLv
 EdYPIudTCO/ZBuULMOy/G3blQXhqUsoDJ1TkZJlbN8uz0XGh+ha9OjDQ7SY9YBT+zr03
 mDYwxlbFiWUnDmu/eMqZawhFZb2klzlN25XLIuB9FcjN84miQV5EsqYr/frNBCDyMMt3
 i9Og==
X-Gm-Message-State: AC+VfDwnShIBUat/4OlxtP9ob1Mjk59RraCu6gAatukU7ci3OdX+a+yp
 7P5hADS/PGabv5qr1HzA5XY5wjWZKzu+PQ==
X-Google-Smtp-Source: ACHHUZ54ruKky3EB3ofjh427x9es0ntCSEVX7sujSgQG94yi8l7UmCc0FHAV6R3k2YoAeZms1/FoZA==
X-Received: by 2002:a05:622a:34e:b0:3e3:8ed5:a47e with SMTP id
 r14-20020a05622a034e00b003e38ed5a47emr21902142qtw.10.1684798330694; 
 Mon, 22 May 2023 16:32:10 -0700 (PDT)
Received: from hurd (dsl-205-233-124-30.b2b2c.ca. [205.233.124.30])
 by smtp.gmail.com with ESMTPSA id
 k5-20020ac81405000000b003ee4b5a2dd3sm1690093qtj.21.2023.05.22.16.32.09
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 22 May 2023 16:32:10 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
 IP monitoring feature.
References: <cover.1684461197.git.maxim.cournoyer@HIDDEN>
 <bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN>
 <87cz2swgpu.fsf_-_@HIDDEN>
Date: Mon, 22 May 2023 19:32:08 -0400
In-Reply-To: <87cz2swgpu.fsf_-_@HIDDEN> ("Ludovic =?utf-8?Q?Court=C3=A8s?=
 =?utf-8?Q?=22's?= message of "Mon, 22 May 2023 17:03:57 +0200")
Message-ID: <87fs7ohrif.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 63403
Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi Ludovic,

Ludovic Court=C3=A8s <ludo@HIDDEN> writes:

> Hi,
>
> Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis:
>
>> * gnu/services/vpn.scm (<wireguard-configuration>)
>> [monitor-ips?, monitor-ips-internal]: New fields.
>> * gnu/services/vpn.scm (define-with-source): New syntax.
>> (wireguard-service-name, strip-port/maybe)
>> (ipv4-address?, ipv6-address?, host-name?)
>> (endpoint-host-names): New procedure.
>> (wireguard-monitoring-jobs): Likewise.
>> (wireguard-service-type): Register it.
>> * tests/services/vpn.scm: New file.
>> * Makefile.am (SCM_TESTS): Register it.
>> * doc/guix.texi (VPN Services): Update doc.
>
> As discussed on IRC the other day, I tend to think that this is =E2=80=9C=
not our
> job=E2=80=9D but rather upstream=E2=80=99s.  (As a rule of thumb, I think=
 services
> should merely expose what upstream implements.)
>
> You mentioned that upstream has a shell script to do something similar.
> Using that may not be as nice as what you propose here in terms of
> integration, but the upside is that we wouldn=E2=80=99t have to maintain =
it
> ourselves.

Yeah, upstream offers a contrib shell script called reresolve-dns.sh
[0], that works a bit differently (it's doesn't actually monitor IPs but
just keep a watch on when was the last successful handshake made).

[0]  https://github.com/WireGuard/wireguard-tools/blob/master/contrib/reres=
olve-dns/reresolve-dns.

> Would that be a viable option?  WDYT?

I think my Guile script is more precise in terms of what it does and
also produces useful output.  If I knew of the shell script existence
when I started I probably wouldn't have bothered re-implementing it in
Scheme, but since it's here, and better, I see no reason to not use it
:-).  I don't foresee high maintenance for the stable APIs involved
(resolving host names and setting an endpoint with 'wg set').

--=20
Thanks,
Maxim




Information forwarded to guix-patches@HIDDEN:
bug#63403; Package guix-patches. Full text available.

Message received at 63403 <at> debbugs.gnu.org:


Received: (at 63403) by debbugs.gnu.org; 22 May 2023 23:22:39 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon May 22 19:22:39 2023
Received: from localhost ([127.0.0.1]:37271 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1q1ErM-00050r-FL
	for submit <at> debbugs.gnu.org; Mon, 22 May 2023 19:22:38 -0400
Received: from mail-qk1-f181.google.com ([209.85.222.181]:53651)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@HIDDEN>)
 id 1q1ErH-00050Q-Fr; Mon, 22 May 2023 19:22:35 -0400
Received: by mail-qk1-f181.google.com with SMTP id
 af79cd13be357-75b076babc3so101750885a.3; 
 Mon, 22 May 2023 16:22:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20221208; t=1684797745; x=1687389745;
 h=content-transfer-encoding:mime-version:user-agent:message-id
 :in-reply-to:date:references:subject:cc:to:from:from:to:cc:subject
 :date:message-id:reply-to;
 bh=N0mIBc/bth0ZNvJZ9Z0OfVgcVChQlviV69YqjCM4Bbc=;
 b=OxwSnlPZxhaPDLni4+7mvsxsIITlCowK2g2w0yiU5MrwMFo8D6Vrui8J+Yq2u2y2+Z
 Ni9EFg+ixZa4LVx5ngj9W/CIEQU57Jkx3XmlLkPWIP1GLM9zd76prRg6mPL+xz87v3Pb
 TRq63UCamXpw9JMvRgVXgSZlIbB+eWwq2V+lPNgXtAkoEVqZip1bHXL6KajaIk7lUUWh
 9LuaiK5co85DgqjtIXfWWm1nugcGilDrEB/48W7AupTmkrT6SDMVMTw2xtXvR2BCFRP6
 CyIOkg5nboht4ElHK5d+V1SjBm06Hb8gyWaU3kqYR6tK9B7XTJAL+NcL35K9Jy43S4bD
 501w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1684797745; x=1687389745;
 h=content-transfer-encoding:mime-version:user-agent:message-id
 :in-reply-to:date:references:subject:cc:to:from:x-gm-message-state
 :from:to:cc:subject:date:message-id:reply-to;
 bh=N0mIBc/bth0ZNvJZ9Z0OfVgcVChQlviV69YqjCM4Bbc=;
 b=F+pr+uLtlg/nKNiOkY+mALs/UyZGeVhu/6zqGVOomC2BWrjR7lUfJVmO47Vehds76a
 bMAwh5+wLgel58652xeMgMg3eBNQi//ljEmmvKBujy1mkIjQ56xNYZeJWQ2C5sjL5DoD
 C+zfiXWWMwvfhVW28q4XmT21N8qjjv36J+lbT3szdgyzvbRebWpDff5yevVGAAqUKVjO
 W3Tjz5jwTPJ7FNHeLg84cYX3RcLD00j6r7TSEsGMrPirgCe5OxzMNakYmaxmMHkUxavx
 B3T3CgM4Aa0YZSPTR6/FwzJJNGvKyp6kFd0eED8sFM8YtYcIGOCxDbJnv2IBmaeiHgHZ
 THlw==
X-Gm-Message-State: AC+VfDyemh9yGQ+SSyjQTUMcuFew8bypT6dZdf76GmSbjtn8EuTrkdlJ
 l6Tb6Ei51lxGkPclRBvU1KrW5c8F4QkOaQ==
X-Google-Smtp-Source: ACHHUZ6ZPTq+li+2pUDCdak0X1+GLRKXDJDv1EMWhrOu+ncPeiG3NWcYel2cB7x2NwU+vWvW53ykKQ==
X-Received: by 2002:a05:620a:2603:b0:75b:23a1:3645 with SMTP id
 z3-20020a05620a260300b0075b23a13645mr2475457qko.6.1684797745600; 
 Mon, 22 May 2023 16:22:25 -0700 (PDT)
Received: from hurd (dsl-205-233-124-30.b2b2c.ca. [205.233.124.30])
 by smtp.gmail.com with ESMTPSA id
 20-20020a05620a06d400b007579ea33cdesm2080019qky.62.2023.05.22.16.22.24
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 22 May 2023 16:22:25 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
 IP monitoring feature.
References: <cover.1684461197.git.maxim.cournoyer@HIDDEN>
 <4ae50adcd4cef9d26b26eb4456727538d61f064c.1684461197.git.maxim.cournoyer@HIDDEN>
 <87lehgwgvz.fsf_-_@HIDDEN>
Date: Mon, 22 May 2023 19:22:23 -0400
In-Reply-To: <87lehgwgvz.fsf_-_@HIDDEN> ("Ludovic =?utf-8?Q?Court=C3=A8s?=
 =?utf-8?Q?=22's?= message of "Mon, 22 May 2023 17:00:16 +0200")
Message-ID: <87jzx0hryo.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 63403
Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi Ludovic,

Ludovic Court=C3=A8s <ludo@HIDDEN> writes:

> Hi,
>
> Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis:
>
>> * gnu/services/herd.scm (current-service): New procedure, mostly reusing=
 the
>> existing current-services.
>> (current-services): Implement in terms of the above procedure.
>
> How about having (lookup-service name) that calls the =E2=80=98status=E2=
=80=99 action on
> the given service and either returns a <live-service> or #f?

I'd rather keep the name 'current-service', because 'lookup-service' is
already a public procedure exported by Shepherd's (shepherd service)
module; it'd be confusing.

> =E2=80=98current-services=E2=80=99 might be implemented as (lookup-servic=
e 'root) but
> this should be kept as an implementation detail.

Yeah, that's my view on current-services being implemented in terms of
(current-service 'root).  It's a bit weird, but that's because the
underlying API is not symmetrical either.

Thanks for taking a look!

--=20
Thanks,
Maxim




Information forwarded to guix-patches@HIDDEN:
bug#63403; Package guix-patches. Full text available.

Message received at 63403 <at> debbugs.gnu.org:


Received: (at 63403) by debbugs.gnu.org; 22 May 2023 15:04:20 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon May 22 11:04:20 2023
Received: from localhost ([127.0.0.1]:35793 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1q175A-00048H-8d
	for submit <at> debbugs.gnu.org; Mon, 22 May 2023 11:04:20 -0400
Received: from eggs.gnu.org ([209.51.188.92]:42256)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>)
 id 1q1758-000481-Kx; Mon, 22 May 2023 11:04:19 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1q174q-0003HY-6S; Mon, 22 May 2023 11:04:12 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=CdwlsJJNdCd3v0HrP/VX7se/Vm5JtqQFRAyh1DH40iA=; b=Y/JNe2XHperIsbNv4Svi
 EUouTN6NQUQ88z/qnApwCq5LLBGUX4ylxfALKKWYhuddfRYRDV50aYjUKXhU32Vvnwn+qfRLENvRz
 6EEWbKUIZSjd7aRUH60TQfBl7x0MS378eM7kTe86WiH7r+Sp2w8Wmtqh0cLFoLYnmoL+kDEgVl0Wr
 EP0gbQkgPMJu1bBc2SJiL3kLxz1IGV26SP8d5vrBNKXWhzMAktqJI+xgMz4DFsGH5EBJ6FxeuDDNe
 Esfl8gWLBc9V6nWFMUfxJ0Y6xcYJz1NpGiVw0vmHKL5eWSZ5+GWXTg613nNjtUnEGwdcX8r9clSI7
 zW8AzlLK+bxubQ==;
Received: from [193.50.110.247] (helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1q174p-0003Nv-Bi; Mon, 22 May 2023 11:03:59 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
 IP monitoring feature.
References: <cover.1684461197.git.maxim.cournoyer@HIDDEN>
 <bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN>
Date: Mon, 22 May 2023 17:03:57 +0200
In-Reply-To: <bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN>
 (Maxim Cournoyer's message of "Thu, 18 May 2023 21:59:14 -0400")
Message-ID: <87cz2swgpu.fsf_-_@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 63403
Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi,

Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis:

> * gnu/services/vpn.scm (<wireguard-configuration>)
> [monitor-ips?, monitor-ips-internal]: New fields.
> * gnu/services/vpn.scm (define-with-source): New syntax.
> (wireguard-service-name, strip-port/maybe)
> (ipv4-address?, ipv6-address?, host-name?)
> (endpoint-host-names): New procedure.
> (wireguard-monitoring-jobs): Likewise.
> (wireguard-service-type): Register it.
> * tests/services/vpn.scm: New file.
> * Makefile.am (SCM_TESTS): Register it.
> * doc/guix.texi (VPN Services): Update doc.

As discussed on IRC the other day, I tend to think that this is =E2=80=9Cno=
t our
job=E2=80=9D but rather upstream=E2=80=99s.  (As a rule of thumb, I think s=
ervices
should merely expose what upstream implements.)

You mentioned that upstream has a shell script to do something similar.
Using that may not be as nice as what you propose here in terms of
integration, but the upside is that we wouldn=E2=80=99t have to maintain it
ourselves.

Would that be a viable option?  WDYT?

Thanks,
Ludo=E2=80=99.




Information forwarded to guix-patches@HIDDEN:
bug#63403; Package guix-patches. Full text available.

Message received at 63403 <at> debbugs.gnu.org:


Received: (at 63403) by debbugs.gnu.org; 22 May 2023 15:00:33 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon May 22 11:00:33 2023
Received: from localhost ([127.0.0.1]:35764 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1q171V-00042E-9Z
	for submit <at> debbugs.gnu.org; Mon, 22 May 2023 11:00:33 -0400
Received: from eggs.gnu.org ([209.51.188.92]:52158)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>)
 id 1q171T-00041x-RL; Mon, 22 May 2023 11:00:32 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1q171O-0002Vs-EC; Mon, 22 May 2023 11:00:26 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=BWSinoEVF1CI3SOjS1itOx/nICyiSVOaZS2gzGl1tNc=; b=moLGqYcGS3qZX+Cq6ceN
 YXJan2Ov5N5gGdefVC3Gf0bqme9606UqpCLIj24qS908Ez3dyMVlRWRlZkrCS/mFqEkpCnK07U2nW
 xGgeQAg5EWRKVNPcXYHpbz1olkhvENmajW45QFi+KrjSIPp3hDRNmJlV9XfvNpJluB+Km4ROPvW3V
 RgI+kYgQshjdO4xVtCaDBWcN11F6hF/k2ZnjBAiIHvrWEzAteW/5BJ7Nb8nfoXRce1LSu4iUrXgYQ
 CBByMYjWfbnQQxgEwTlaIVFJomdcsFRecODVMo6mkmbAhDfTqbzG62TSAFmKvwznnRmiwrPC2tC1S
 v8ZX/PqZNd2tgQ==;
Received: from [193.50.110.247] (helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1q171G-0007n2-Ai; Mon, 22 May 2023 11:00:25 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
 IP monitoring feature.
References: <cover.1684461197.git.maxim.cournoyer@HIDDEN>
 <4ae50adcd4cef9d26b26eb4456727538d61f064c.1684461197.git.maxim.cournoyer@HIDDEN>
Date: Mon, 22 May 2023 17:00:16 +0200
In-Reply-To: <4ae50adcd4cef9d26b26eb4456727538d61f064c.1684461197.git.maxim.cournoyer@HIDDEN>
 (Maxim Cournoyer's message of "Thu, 18 May 2023 21:59:13 -0400")
Message-ID: <87lehgwgvz.fsf_-_@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 63403
Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi,

Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis:

> * gnu/services/herd.scm (current-service): New procedure, mostly reusing =
the
> existing current-services.
> (current-services): Implement in terms of the above procedure.

How about having (lookup-service name) that calls the =E2=80=98status=E2=80=
=99 action on
the given service and either returns a <live-service> or #f?

=E2=80=98current-services=E2=80=99 might be implemented as (lookup-service =
'root) but
this should be kept as an implementation detail.

Ludo=E2=80=99.




Information forwarded to guix-patches@HIDDEN:
bug#63403; Package guix-patches. Full text available.

Message received at 63403 <at> debbugs.gnu.org:


Received: (at 63403) by debbugs.gnu.org; 15 May 2023 15:57:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon May 15 11:57:19 2023
Received: from localhost ([127.0.0.1]:44188 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1pyaZa-00041b-Jz
	for submit <at> debbugs.gnu.org; Mon, 15 May 2023 11:57:19 -0400
Received: from mail-qv1-f54.google.com ([209.85.219.54]:44437)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@HIDDEN>) id 1pyaZT-00041H-En
 for 63403 <at> debbugs.gnu.org; Mon, 15 May 2023 11:57:17 -0400
Received: by mail-qv1-f54.google.com with SMTP id
 6a1803df08f44-619ca08c166so59897106d6.1
 for <63403 <at> debbugs.gnu.org>; Mon, 15 May 2023 08:57:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20221208; t=1684166225; x=1686758225;
 h=mime-version:user-agent:message-id:in-reply-to:date:references
 :subject:to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=fIogbxU91ZhdSW0IOVLhBZeNjwez2bdZAJaIwOEnTLw=;
 b=sjhxpvacoVAwAnVYfwByTl7KtAffCdfo0J7gbFs2JxiLR1Csj4YVUygWgj/IsqGuKu
 MGqDI0CeqrPyItF7i+IYzbTYKIs3m/mjsaLVX8eIqrKYv5PCklI7raec58aeYkLimg9j
 xLGR1tP6AsZJotsJyQB0Sw9ZpqsjlA0TEqttz2FdhhZvH0trtbfKQDgOxeTxcSSHMfK+
 QoAmHsb+V2e2xvyUAIE0kypqYCqtcQiz4lKLiUqv5gK10+vjRBlCacUZjdiphEVy5pzD
 4MdThM06BKoLaLANFYrDVcLgwfBt1nxnm+LMJBLlMXsxYNvGtB04HNp1AH4FRZVqFqCy
 P0dg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1684166225; x=1686758225;
 h=mime-version:user-agent:message-id:in-reply-to:date:references
 :subject:to:from:x-gm-message-state:from:to:cc:subject:date
 :message-id:reply-to;
 bh=fIogbxU91ZhdSW0IOVLhBZeNjwez2bdZAJaIwOEnTLw=;
 b=HQrJC76maGe7bTtFPeMiMp0IiorsmyWA25b+4zh2FdmP1aM9QDrFe0m83HfbfRa8Z3
 A+SzeJzFl41C+j5djiQ5xHUaMJlJKS1ABzPZslujDjDk4re52y8f6v3c1NY4vxX+Fwwg
 NMLAoIIOKiL9Mgj8D9uGkJzGBqoW7YC8esXTGl8eF7823sfGC9VflKkyenRgHRFlZMNl
 S5hH3t8H1u5+gVvWsBkjrTeBiXgys8juFtClUxla+8FXCAl5w/B6cKoGkRbTasNv0phf
 2BGfopqxyTqLGbkonxedqQAhc00eLaX+iWNz96HQ8BX3rcPD9sxYvLa3g4SuMLvllEFr
 xoQw==
X-Gm-Message-State: AC+VfDyzL7ezmkiiTxQGWWTNpleOemPc647BUVXYZPHxLkyvVyw/TIR+
 dwylKZz2X2Bd6SYf01taeLCJhBZaqPNgtA==
X-Google-Smtp-Source: ACHHUZ4IFiQNcsvo03pBMbBvpNYhvM5AGx9YIOlMXKXEAlvhyQ4A4ZiDgUOyr+7RleoqC+QN0Q9oSw==
X-Received: by 2002:a05:6214:4017:b0:621:1c72:af3 with SMTP id
 kd23-20020a056214401700b006211c720af3mr40531207qvb.0.1684166224890; 
 Mon, 15 May 2023 08:57:04 -0700 (PDT)
Received: from hurd (dsl-205-236-230-106.b2b2c.ca. [205.236.230.106])
 by smtp.gmail.com with ESMTPSA id
 o18-20020a05620a111200b0075932cd3ca0sm29168qkk.69.2023.05.15.08.57.03
 for <63403 <at> debbugs.gnu.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 15 May 2023 08:57:04 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
To: 63403 <at> debbugs.gnu.org
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
 IP monitoring feature.
References: <cover.1683679924.git.maxim.cournoyer@HIDDEN>
 <81431f5906cd69b4377e1f5d5b26e7c915c7cc87.1683679924.git.maxim.cournoyer@HIDDEN>
Date: Mon, 15 May 2023 11:57:02 -0400
In-Reply-To: <81431f5906cd69b4377e1f5d5b26e7c915c7cc87.1683679924.git.maxim.cournoyer@HIDDEN>
 (Maxim Cournoyer's message of "Tue, 9 May 2023 21:09:00 -0400")
Message-ID: <871qjhvb8x.fsf_-_@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 63403
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi,

Maxim Cournoyer <maxim.cournoyer@HIDDEN> writes:

> * gnu/services/vpn.scm (<wireguard-configuration>)
> [monitor-ips?, monitor-ips-internal]: New fields.
> * gnu/services/vpn.scm (define-with-source): New syntax.
> (wireguard-service-name, strip-port/maybe)
> (ipv4-address?, ipv6-address?, host-name?)
> (peers->endpoint-host-names)
> (wireguard-monitoring-jobs): New procedures.
> (wireguard-service-type): Register it.
> * tests/services/vpn.scm: New file.
> * Makefile.am (SCM_TESTS): Register it.
> * doc/guix.texi (VPN Services): Update doc.

I've found a bug when no endpoints were used.  The following changes
were needed:

--8<---------------cut here---------------start------------->8---
modified   gnu/services/vpn.scm
@@ -921,7 +921,7 @@ (define (peers->endpoint-host-names peers)
   "Return host names used as the endpoints of PEERS, if any.  Any \":PORT\"
 suffixes are stripped."
   (map strip-port/maybe
-       (filter host-name? (map wireguard-peer-endpoint peers))))
+       (filter host-name? (filter-map wireguard-peer-endpoint peers))))
 
 (define (wireguard-shepherd-service config)
   (match-record config <wireguard-configuration>
@@ -998,7 +998,8 @@ (define (wireguard-monitoring-jobs config)
                                               resolved-ips)
                                  (format #t "restarting ~a service due to \
 stale endpoint IPs~%" service-name)
-                                 (restart-service service-name))))))))))))))
+                                 (restart-service service-name))))))))))
+          '()))))                       ;monitor-ips? is #f
 
 (define wireguard-service-type
   (service-type
--8<---------------cut here---------------end--------------->8---

Will send a v2.

-- 
Thanks,
Maxim




Information forwarded to guix-patches@HIDDEN:
bug#63403; Package guix-patches. Full text available.
Forcibly Merged 63402 63403. Request was from Maxim Cournoyer <maxim.cournoyer@HIDDEN> to control <at> debbugs.gnu.org. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 10 May 2023 01:09:29 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 09 21:09:29 2023
Received: from localhost ([127.0.0.1]:44836 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1pwYKe-0006QO-HY
	for submit <at> debbugs.gnu.org; Tue, 09 May 2023 21:09:29 -0400
Received: from lists.gnu.org ([209.51.188.17]:53074)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@HIDDEN>) id 1pwYKU-0006Pw-0Z
 for submit <at> debbugs.gnu.org; Tue, 09 May 2023 21:09:20 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <maxim.cournoyer@HIDDEN>)
 id 1pwYKT-0003Wf-Ru
 for guix-patches@HIDDEN; Tue, 09 May 2023 21:09:17 -0400
Received: from mail-qv1-xf2d.google.com ([2607:f8b0:4864:20::f2d])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <maxim.cournoyer@HIDDEN>)
 id 1pwYKN-00055G-Rk
 for guix-patches@HIDDEN; Tue, 09 May 2023 21:09:17 -0400
Received: by mail-qv1-xf2d.google.com with SMTP id
 6a1803df08f44-619be7d7211so31278486d6.3
 for <guix-patches@HIDDEN>; Tue, 09 May 2023 18:09:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20221208; t=1683680950; x=1686272950;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
 :reply-to; bh=yC6/cBPNEwyyqb+Udt/0rYEGEoBEDj0vfuIWvKpgKsA=;
 b=stCNcuU07GfAgR1TMppU/t1lyvvA/4SX70ubLgbHBq7wDTET/4fwL/xXp8YPi9LKCi
 CcDYRyfZeRaulA9PKTmFWt4iwphPV8D68tZWytyN9k+dQhGvoLekcIuhXtEehxmMU075
 dY3PuvugzXruPD2J4xYkTqk05iC3wR+yj1DTY8GA6g2Udeb6d5WtMSg3bFZv/81g8Jmb
 4bh97LMS8VZspSa+oZREf7YVXaMb+ug/HthQR4yz8P5CUrEw5coLaT49rb9roSk4CEY7
 GdfUpGhNWrOl5gQmZnWQc8yNnYSHfVGsxXx2iZnQ1kl7FVpMDn3aIvhLYh5PKKJzEKO2
 RsiA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1683680950; x=1686272950;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=yC6/cBPNEwyyqb+Udt/0rYEGEoBEDj0vfuIWvKpgKsA=;
 b=DGtCg5I61lijL+1EdVZWxbqKl0T0tUqq/lRUUo/wpuFEvDyc7sboFGNrsO+IvU0VuP
 g/Qx46V1UjYK41L31YqJiIkyMG/QG433NHJOr7UXyznprumTJWRFKP//Xyh62uYlKMfb
 tpqR14HDrd07jK+q8gxUU2wpWnaZgADiIu3cTVsoizbbwXzgRftpJcrSF2Aj/jkcZoT8
 QrFqCW8ceN8VyI2vDSS/9s9odv/wMKPOZ/cD36xQ3/TbCkDjNcHRlji3LBN4YzcengTy
 fQp3khYt1EE0cFtvuaV3M1DPdOyUtNqJe/Yegngbz4O9TRYzU9eHVnoFANZDBPSuoOLy
 SMkQ==
X-Gm-Message-State: AC+VfDx7e23e2Ll1QaZeqHA28/UG+Zl564iH8HCIqhMnS1xbtsSzIVHQ
 jCs7RjD5dqd90Kq+b5ZkAMsIlw0uMDk=
X-Google-Smtp-Source: ACHHUZ7y6VKVtfyirwTsWe54Aws+ElouYaZLMWGAcG7Bj4zTNSpKe4tpPrtyiuYBK02m/q8MvQpP9A==
X-Received: by 2002:a05:6214:c85:b0:5ef:642e:7cd2 with SMTP id
 r5-20020a0562140c8500b005ef642e7cd2mr20645506qvr.7.1683680950518; 
 Tue, 09 May 2023 18:09:10 -0700 (PDT)
Received: from localhost.localdomain (dsl-156-94.b2b2c.ca. [66.158.156.94])
 by smtp.gmail.com with ESMTPSA id
 z29-20020ac8431d000000b003f3941ba4d9sm972632qtm.32.2023.05.09.18.09.09
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 09 May 2023 18:09:10 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
To: guix-patches@HIDDEN,
	maxim.cournoyer@HIDDEN
Subject: [PATCH 1/1] services: wireguard: Implement a dynamic IP monitoring
 feature.
Date: Tue,  9 May 2023 21:09:00 -0400
Message-Id: <81431f5906cd69b4377e1f5d5b26e7c915c7cc87.1683679924.git.maxim.cournoyer@HIDDEN>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <cover.1683679924.git.maxim.cournoyer@HIDDEN>
References: <cover.1683679924.git.maxim.cournoyer@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2607:f8b0:4864:20::f2d;
 envelope-from=maxim.cournoyer@HIDDEN; helo=mail-qv1-xf2d.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.3 (-)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.3 (--)

* gnu/services/vpn.scm (<wireguard-configuration>)
[monitor-ips?, monitor-ips-internal]: New fields.
* gnu/services/vpn.scm (define-with-source): New syntax.
(wireguard-service-name, strip-port/maybe)
(ipv4-address?, ipv6-address?, host-name?)
(peers->endpoint-host-names)
(wireguard-monitoring-jobs): New procedures.
(wireguard-service-type): Register it.
* tests/services/vpn.scm: New file.
* Makefile.am (SCM_TESTS): Register it.
* doc/guix.texi (VPN Services): Update doc.
---
 Makefile.am            |   1 +
 doc/guix.texi          |  18 +++++-
 gnu/services/vpn.scm   | 122 +++++++++++++++++++++++++++++++++++++++--
 tests/services/vpn.scm |  80 +++++++++++++++++++++++++++
 4 files changed, 215 insertions(+), 6 deletions(-)
 create mode 100644 tests/services/vpn.scm

diff --git a/Makefile.am b/Makefile.am
index 13718e4353..fb6e4f57cd 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -553,6 +553,7 @@ SCM_TESTS =					\
   tests/services/lightdm.scm			\
   tests/services/linux.scm			\
   tests/services/telephony.scm			\
+  tests/services/vpn.scm			\
   tests/sets.scm				\
   tests/size.scm				\
   tests/status.scm				\
diff --git a/doc/guix.texi b/doc/guix.texi
index c69fde646d..fad7f32bca 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -32345,9 +32345,23 @@ VPN Services
 @item @code{dns} (default: @code{#f})
 The DNS server(s) to announce to VPN clients via DHCP.
 
+@item @code{monitor-ips?} (default: @code{#f})
+@cindex Dynamic IP, with Wireguard
+@cindex dyndns, usage with Wireguard
+Whether to monitor the resolved Internet addresses (IPs) of the
+endpoints of the configured peers, restarting the service when there is
+a mismatch between the endpoint IPs in actual use versus those freshly
+resolved from their host names.  Set this to @code{#t} if one or more
+endpoints use host names provided by a dynamic DNS service to keep
+connections working.
+
+@item @code{monitor-ips-internal} (default: @code{'(next-minute (range 0 60 5))})
+The time interval at which the IP monitoring job should run, provided as
+an mcron time specification (@pxref{Guile Syntax,,,mcron}).
+
 @item @code{private-key} (default: @code{"/etc/wireguard/private.key"})
-The private key file for the interface.  It is automatically generated if
-the file does not exist.
+The private key file for the interface.  It is automatically generated
+if the file does not exist.
 
 @item @code{peers} (default: @code{'()})
 The authorized peers on this interface.  This is a list of
diff --git a/gnu/services/vpn.scm b/gnu/services/vpn.scm
index a884d71eb2..5a56884008 100644
--- a/gnu/services/vpn.scm
+++ b/gnu/services/vpn.scm
@@ -11,6 +11,7 @@
 ;;; Copyright © 2021 Nathan Dehnel <ncdehnel@HIDDEN>
 ;;; Copyright © 2022 Cameron V Chaparro <cameron@HIDDEN>
 ;;; Copyright © 2022 Timo Wilken <guix@HIDDEN>
+;;; Copyright © 2023 Maxim Cournoyer <maxim.cournoyer@HIDDEN>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -31,10 +32,12 @@ (define-module (gnu services vpn)
   #:use-module (gnu services)
   #:use-module (gnu services configuration)
   #:use-module (gnu services dbus)
+  #:use-module (gnu services mcron)
   #:use-module (gnu services shepherd)
   #:use-module (gnu system shadow)
   #:use-module (gnu packages admin)
   #:use-module (gnu packages vpn)
+  #:use-module (guix modules)
   #:use-module (guix packages)
   #:use-module (guix records)
   #:use-module (guix gexp)
@@ -73,6 +76,8 @@ (define-module (gnu services vpn)
             wireguard-configuration-addresses
             wireguard-configuration-port
             wireguard-configuration-dns
+            wireguard-configuration-monitor-ips?
+            wireguard-configuration-monitor-ips-interval
             wireguard-configuration-private-key
             wireguard-configuration-peers
             wireguard-configuration-pre-up
@@ -741,6 +746,10 @@ (define-record-type* <wireguard-configuration>
                       (default '()))
   (dns                wireguard-configuration-dns ;list of strings
                       (default #f))
+  (monitor-ips?       wireguard-configuration-monitor-ips? ;boolean
+                      (default #f))
+  (monitor-ips-interval wireguard-configuration-monitor-ips-interval
+                        (default '(next-minute (range 0 60 5)))) ;string | list
   (pre-up             wireguard-configuration-pre-up ;list of strings
                       (default '()))
   (post-up            wireguard-configuration-post-up ;list of strings
@@ -871,6 +880,49 @@ (define (wireguard-activation config)
             (chmod #$private-key #o400)
             (close-pipe pipe))))))
 
+;;; XXX: Copied from (guix scripts pack), changing define to define*.
+(define-syntax-rule (define-with-source (variable args ...) body body* ...)
+  "Bind VARIABLE to a procedure accepting ARGS defined as BODY, also setting
+its source property."
+  (begin
+    (define* (variable args ...)
+      body body* ...)
+    (eval-when (load eval)
+      (set-procedure-property! variable 'source
+                               '(define* (variable args ...) body body* ...)))))
+
+(define (wireguard-service-name interface)
+  "Return the WireGuard service name (a symbol) configured to use INTERFACE."
+  (symbol-append 'wireguard- (string->symbol interface)))
+
+(define-with-source (strip-port/maybe endpoint #:key ipv6?)
+  "Strip the colon and port, if present in ENDPOINT, a string."
+  (if ipv6?
+      (if (string-prefix? "[" endpoint)
+          (first (string-split (string-drop endpoint 1) #\])) ;ipv6
+          endpoint)
+      (first (string-split endpoint #\:)))) ;ipv4
+
+(define (ipv4-address? str)
+  "Return true if STR denotes an IPv4 address."
+  (false-if-exception
+   (->bool (inet-pton AF_INET (strip-port/maybe str)))))
+
+(define (ipv6-address? str)
+  "Return true if STR denotes an IPv6 address."
+  (false-if-exception
+   (->bool (inet-pton AF_INET6 (strip-port/maybe str #:ipv6? #t)))))
+
+(define (host-name? name)
+  "Predicate to check whether NAME is a host name, i.e. not an IP address."
+  (not (or (ipv6-address? name) (ipv4-address? name))))
+
+(define (peers->endpoint-host-names peers)
+  "Return host names used as the endpoints of PEERS, if any.  Any \":PORT\"
+suffixes are stripped."
+  (map strip-port/maybe
+       (filter host-name? (map wireguard-peer-endpoint peers))))
+
 (define (wireguard-shepherd-service config)
   (match-record config <wireguard-configuration>
     (wireguard interface)
@@ -878,9 +930,7 @@ (define (wireguard-shepherd-service config)
           (config (wireguard-configuration-file config)))
       (list (shepherd-service
              (requirement '(networking))
-             (provision (list
-                         (symbol-append 'wireguard-
-                                        (string->symbol interface))))
+             (provision (list (wireguard-service-name interface)))
              (start #~(lambda _
                        (invoke #$wg-quick "up" #$config)))
              (stop #~(lambda _
@@ -888,6 +938,68 @@ (define (wireguard-shepherd-service config)
                        #f))                       ;stopped!
              (documentation "Run the Wireguard VPN tunnel"))))))
 
+(define (wireguard-monitoring-jobs config)
+  (match-record config <wireguard-configuration>
+    (interface monitor-ips? monitor-ips-interval peers)
+    (let ((host-names (peers->endpoint-host-names peers)))
+      (if monitor-ips?
+          (if (null? host-names)
+              (begin
+                (warn "monitor-ips? is #t but no host name to monitor")
+                '())
+              ;; The mcron monitor job may be a string or a list; ungexp strips
+              ;; one quote level, which must be added back when a list is
+              ;; provided.
+              (list
+               #~(job
+                  (if (string? #$monitor-ips-interval)
+                      #$monitor-ips-interval
+                      '#$monitor-ips-interval)
+                  #$(program-file
+                     (format #f "wireguard-~a-monitoring" interface)
+                     (with-imported-modules (source-module-closure
+                                             '((gnu services herd)))
+                       #~(begin
+                           (use-modules (gnu services herd)
+                                        (ice-9 popen)
+                                        (ice-9 textual-ports)
+                                        (srfi srfi-1)
+                                        (srfi srfi-26))
+
+                           (define (host-name->ip name)
+                             "Return the IP address resolved from NAME."
+                             (let* ((ai (car (getaddrinfo name)))
+                                    (sa (addrinfo:addr ai)))
+                               (inet-ntop (sockaddr:fam sa)
+                                          (sockaddr:addr sa))))
+
+                           #$(procedure-source strip-port/maybe)
+
+                           (define service-name '#$(wireguard-service-name
+                                                    interface))
+
+                           (when (start-service service-name)
+                             (let* ((resolved-ips (map host-name->ip
+                                                       '#$host-names))
+                                    (pipe (open-pipe*
+                                           OPEN_READ
+                                           #$(file-append wireguard-tools
+                                                          "/bin/wg")
+                                           "show" #$interface "endpoints"))
+                                    (lines (string-split (get-string-all pipe)
+                                                         #\newline))
+                                    (used-ips (map (compose
+                                                    strip-port/maybe
+                                                    last
+                                                    (cut string-split <> #\tab))
+                                                   lines)))
+                               (close-pipe pipe)
+                               (unless (every (cut member <> used-ips)
+                                              resolved-ips)
+                                 (format #t "restarting ~a service due to \
+stale endpoint IPs~%" service-name)
+                                 (restart-service service-name))))))))))))))
+
 (define wireguard-service-type
   (service-type
    (name 'wireguard)
@@ -898,6 +1010,8 @@ (define wireguard-service-type
                              wireguard-activation)
           (service-extension profile-service-type
                              (compose list
-                                      wireguard-configuration-wireguard))))
+                                      wireguard-configuration-wireguard))
+          (service-extension mcron-service-type
+                             wireguard-monitoring-jobs)))
    (description "Set up Wireguard @acronym{VPN, Virtual Private Network}
 tunnels.")))
diff --git a/tests/services/vpn.scm b/tests/services/vpn.scm
new file mode 100644
index 0000000000..9c6fa65df6
--- /dev/null
+++ b/tests/services/vpn.scm
@@ -0,0 +1,80 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2023 Maxim Cournoyer <maxim.cournoyer@HIDDEN>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (tests services vpn)
+  #:use-module (gnu packages vpn)
+  #:use-module (gnu services vpn)
+  #:use-module (guix gexp)
+  #:use-module (ice-9 match)
+  #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-64))
+
+;;; Commentary:
+;;;
+;;; Unit tests for the (gnu services vpn) module.
+;;;
+;;; Code:
+
+;;; Access some internals for whitebox testing.
+(define ipv4-address? (@@ (gnu services vpn) ipv4-address?))
+(define ipv6-address? (@@ (gnu services vpn) ipv6-address?))
+(define host-name? (@@ (gnu services vpn) host-name?))
+(define peers->endpoint-host-names
+  (@@ (gnu services vpn) peers->endpoint-host-names))
+
+(test-begin "vpn-services")
+
+(test-assert "ipv4-address?"
+  (every ipv4-address?
+         (list "192.95.5.67:1234"
+               "10.0.0.1")))
+
+(test-assert "ipv6-address?"
+  (every ipv6-address?
+         (list "[2607:5300:60:6b0::c05f:543]:2468"
+               "2607:5300:60:6b0::c05f:543"
+               "2345:0425:2CA1:0000:0000:0567:5673:23b5"
+               "2345:0425:2CA1::0567:5673:23b5")))
+
+(define %wireguard-peers
+  (list (wireguard-peer
+         (name "dummy1")
+         (public-key "VlesLiEB5BFd//OD2ILKXviolfz+hodG6uZ+XjoalC8=")
+         (endpoint "some.dynamic-dns.service:53281")
+         (allowed-ips '()))
+        (wireguard-peer
+         (name "dummy2")
+         (public-key "AlesLiEB5BFd//OD2ILKXviolfz+hodG6uZ+XgoalC9=")
+         (endpoint "example.org")
+         (allowed-ips '()))
+        (wireguard-peer
+         (name "dummy3")
+         (public-key "BlesLiEB5BFd//OD2ILKXviolfz+hodG6uZ+XgoalC7=")
+         (endpoint "10.0.0.7:7777")
+         (allowed-ips '()))
+        (wireguard-peer
+         (name "dummy4")
+         (public-key "ClesLiEB5BFd//OD2ILKXviolfz+hodG6uZ+XgoalC6=")
+         (endpoint "[2345:0425:2CA1::0567:5673:23b5]:44444")
+         (allowed-ips '()))))
+
+(test-equal "peers->endpoint-host-names"
+  '("some.dynamic-dns.service" "example.org")
+  (peers->endpoint-host-names %wireguard-peers))
+
+(test-end "vpn-services")
-- 
2.39.2





Acknowledgement sent to Maxim Cournoyer <maxim.cournoyer@HIDDEN>:
New bug report received and forwarded. Copy sent to guix-patches@HIDDEN. Full text available.
Report forwarded to guix-patches@HIDDEN:
bug#63403; Package guix-patches. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Thu, 25 May 2023 15:15:01 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.