Received: (at 63403) by debbugs.gnu.org; 25 May 2023 15:13:21 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu May 25 11:13:21 2023
Received: from localhost ([127.0.0.1]:47843 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1q2CeW-0006HN-LA
for submit <at> debbugs.gnu.org; Thu, 25 May 2023 11:13:20 -0400
Received: from mail-qt1-f178.google.com ([209.85.160.178]:48369)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <maxim.cournoyer@HIDDEN>)
id 1q2CeT-0006H4-VV; Thu, 25 May 2023 11:13:18 -0400
Received: by mail-qt1-f178.google.com with SMTP id
d75a77b69052e-3f6bafd4782so5548401cf.0;
Thu, 25 May 2023 08:13:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20221208; t=1685027592; x=1687619592;
h=content-transfer-encoding:mime-version:user-agent:message-id
:in-reply-to:date:references:subject:cc:to:from:from:to:cc:subject
:date:message-id:reply-to;
bh=Fec5MLNSWNhvEcQxgsE+fb9OQM//l56VchTP0gKTq3k=;
b=jykprqn7pfio/3lBiSFHpvXmpSjS/83tzlNQ2JRx5G5EeYmXm15IS5QsgydK1SeCx8
uBJY67kB65DqwohmKIn+kw7NO9tqPxWMy73g9bzm+EsOiueJlaTSozdhpUqQoe0JHPpK
WJSEGDFPG+z7pAkH7VkjPIMTvYxmiyrj42PmISKfL/qEX2+1sSZPIXGYnv6YEZ0SeCCs
O5eYbl0BkaY1hRTkEX+ydPi/PrX1o43l6FGLxZ8DBvvaZ1W4Wl0rhBBNtaWI4Xe+/4wc
BHtXpRkO3W30K6iu9DpQ89MImnnQgdyGP1gQZmMvsMlDWFhjCntgrBP63zSyI8XzxrLB
ttpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20221208; t=1685027592; x=1687619592;
h=content-transfer-encoding:mime-version:user-agent:message-id
:in-reply-to:date:references:subject:cc:to:from:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=Fec5MLNSWNhvEcQxgsE+fb9OQM//l56VchTP0gKTq3k=;
b=ejp5UscfZh1p9PogJWWQtRcGTnhxSrJlj9eqMJvzEFoacgezMxg9jOBJkRmLrJhRn6
PQYbcTa/NuwBUoGDxOhDgA/WsR4cjxPX1ApIID3kx/Ej66Zggrt4EOwjgAAnjQQ+nnXb
+TGCyZgQ0cqEGnWk1KVS0aOOtBtsRmpA56PBi04RZurT7aL4BQJ4Y+1o0aaxFtC9lvnp
5pRjYaJtFOUxsiXvLLYfPw1z6lFHs3RnagjjaPR31IuO+hTJJqGW+TviEbmolRYZ85mC
Ameo+1bXuyi2FGo/Zrcj6UtZg6yovpbSYx710MA0n4R3SNRLucRm3LAlTKRQaBhUip34
MkEg==
X-Gm-Message-State: AC+VfDxpZqMjVfO6EZhKBq0YvgtItGMHeg9Ur1Xp3AB5dMkestouXE0r
1UYMlLzsmwPb3fZG2HQvO3T2zhCVBlFHNA==
X-Google-Smtp-Source: ACHHUZ7CPuWs2/C4qdpB+Tl+T9YW6onYgNtCnJ0kOOnl5mCwULsrVTwCcBYpW9VQowmYvVc/8MM6ew==
X-Received: by 2002:a05:622a:1452:b0:3f7:b95:f088 with SMTP id
v18-20020a05622a145200b003f70b95f088mr6363493qtx.20.1685027591772;
Thu, 25 May 2023 08:13:11 -0700 (PDT)
Received: from hurd (dsl-149-67.b2b2c.ca. [66.158.149.67])
by smtp.gmail.com with ESMTPSA id
p4-20020a0cf684000000b00619adb4b66asm467720qvn.95.2023.05.25.08.13.11
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 25 May 2023 08:13:11 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
IP monitoring feature.
References: <cover.1684461197.git.maxim.cournoyer@HIDDEN>
<bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN>
<87cz2swgpu.fsf_-_@HIDDEN> <87fs7ohrif.fsf@HIDDEN>
<87pm6pixvf.fsf@HIDDEN>
Date: Thu, 25 May 2023 11:13:10 -0400
In-Reply-To: <87pm6pixvf.fsf@HIDDEN> ("Ludovic =?utf-8?Q?Court=C3=A8s=22'?=
=?utf-8?Q?s?= message of "Wed, 24 May 2023 16:53:56 +0200")
Message-ID: <87h6s0fnqx.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 63403
Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Hi Ludovic,
Ludovic Court=C3=A8s <ludo@HIDDEN> writes:
> Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis:
>
>> Yeah, upstream offers a contrib shell script called reresolve-dns.sh
>> [0], that works a bit differently (it's doesn't actually monitor IPs but
>> just keep a watch on when was the last successful handshake made).
>>
>> [0] https://github.com/WireGuard/wireguard-tools/blob/master/contrib/re=
resolve-dns/reresolve-dns.
>>
>>> Would that be a viable option? WDYT?
>>
>> I think my Guile script is more precise in terms of what it does and
>> also produces useful output. If I knew of the shell script existence
>> when I started I probably wouldn't have bothered re-implementing it in
>> Scheme, but since it's here, and better, I see no reason to not use it
>> :-). I don't foresee high maintenance for the stable APIs involved
>> (resolving host names and setting an endpoint with 'wg set').
>
> I don=E2=80=99t doubt your script is better (first because it=E2=80=99s i=
n Guile ;-)).
> I=E2=80=99m concerned about adding non-trivial =E2=80=9Cperipheral=E2=80=
=9D code that we=E2=80=99ll all
> be responsible for going forward (the Jami services pose a similar
> challenge IMO: I experienced first-hand the maintenance burden recently
> when investigating system test failures.)
I get that the Jami service is complex, but to be fair here the tests
being broken by a (good) change in the marionette behavior caused by
commit a09c7da, which also affected a few other tests, as demonstrated
in the follow-up commit f518882, rather than because it crumbled under
its own weight. I personally think this service is a great test suite
for the service infrastructure in Guix :-) I've now fixed the Jami test
suite with 99fc7e5. Hopefully QA helps catching regressions like this
early in the future, avoiding the need to fix things after the facts.
> So I=E2=80=99m a bit torn. I sympathize with the need to improve those
> services, but I=E2=80=99m also concerned what will happen if we don=E2=80=
=99t have clear
> criteria to decide what to take and what to reject.
I think this happens rarely enough that it can be left as an exercise of
judgement rather than policy; e.g. deemed to provide enough value to
justify the maintenance burden, keeping in mind that using some
'contrib' shell script from upstream is not guaranteed to be
maintenance-free. In this case it's also not on any critical path: it'd
only affects users of the new feature; if it ever breaks only that
feature would be impacted.
--=20
Thanks,
Maxim
guix-patches@HIDDEN:bug#63403; Package guix-patches.
Full text available.Received: (at 63403) by debbugs.gnu.org; 24 May 2023 22:12:36 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 24 18:12:36 2023 Received: from localhost ([127.0.0.1]:45389 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1q1wii-00033h-Ib for submit <at> debbugs.gnu.org; Wed, 24 May 2023 18:12:36 -0400 Received: from smtpm3.myservices.hosting ([185.26.105.234]:54752) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <mirai@HIDDEN>) id 1q1wif-00033Q-S2; Wed, 24 May 2023 18:12:34 -0400 Received: from mail1.netim.hosting (unknown [185.26.106.173]) by smtpm3.myservices.hosting (Postfix) with ESMTP id 15E9D20FB1; Thu, 25 May 2023 00:12:30 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by mail1.netim.hosting (Postfix) with ESMTP id 56CFF80097; Thu, 25 May 2023 00:12:27 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at mail1.netim.hosting Received: from mail1.netim.hosting ([127.0.0.1]) by localhost (mail1-2.netim.hosting [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id mWPjFwObHO-3; Thu, 25 May 2023 00:12:27 +0200 (CEST) Received: from [192.168.1.239] (unknown [10.192.1.83]) (Authenticated sender: lumen@HIDDEN) by mail1.netim.hosting (Postfix) with ESMTPSA id B382180060; Thu, 25 May 2023 00:12:26 +0200 (CEST) Message-ID: <966ccdfe-8d66-6020-57c5-695ac4701f95@HIDDEN> Date: Wed, 24 May 2023 23:12:26 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1 Subject: Re: [bug#63403] [PATCH 1/1] services: wireguard: Implement a dynamic IP monitoring feature. Content-Language: en-US To: =?UTF-8?Q?Ludovic_Court=c3=a8s?= <ludo@HIDDEN>, Maxim Cournoyer <maxim.cournoyer@HIDDEN> References: <cover.1684461197.git.maxim.cournoyer@HIDDEN> <bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN> <87cz2swgpu.fsf_-_@HIDDEN> <87fs7ohrif.fsf@HIDDEN> <87pm6pixvf.fsf@HIDDEN> From: Bruno Victal <mirai@HIDDEN> In-Reply-To: <87pm6pixvf.fsf@HIDDEN> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -1.1 (-) X-Debbugs-Envelope-To: 63403 Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.1 (--) Hi Ludo’, On 2023-05-24 15:53, Ludovic Courtès wrote: > I don’t doubt your script is better (first because it’s in Guile ;-)). > I’m concerned about adding non-trivial “peripheral” code that we’ll all > be responsible for going forward (the Jami services pose a similar > challenge IMO: I experienced first-hand the maintenance burden recently > when investigating system test failures.) > > So I’m a bit torn. I sympathize with the need to improve those > services, but I’m also concerned what will happen if we don’t have clear > criteria to decide what to take and what to reject. > I think having some “indigenous” guix capabilities is a good idea, if the guix services are to be something more than a (lossy) scheme translation of some daemon's configuration file syntax. IMO as long the feature in question is: * Not overly tailored to some specific setup scenario. * Generic (or can be reasonably refactored/extended as needed) * Improves the overall experience of a service. It should be acceptable to have it in Guix since it brings more value to the service subsystem. (rather than require a user to import $MYSTERY_CHANNEL_FROM_INTERNET_USER_5554$ or reinvent the ω+1 iteration of the same wheel) -- Furthermore, I consider that nonfree software must be eradicated. Cheers, Bruno.
guix-patches@HIDDEN:bug#63403; Package guix-patches.
Full text available.Received: (at 63403) by debbugs.gnu.org; 24 May 2023 14:54:07 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 24 10:54:07 2023 Received: from localhost ([127.0.0.1]:44358 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1q1psN-0004J5-3T for submit <at> debbugs.gnu.org; Wed, 24 May 2023 10:54:07 -0400 Received: from eggs.gnu.org ([209.51.188.92]:39922) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1q1psK-0004IW-4I; Wed, 24 May 2023 10:54:05 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1q1psE-0003Vz-T7; Wed, 24 May 2023 10:53:58 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To: From; bh=xDW0DT4hXyUnZvRkzkjymaaNZqfBs4xwMIrSMIah7GQ=; b=WbnqKC14UxDGV1gZ42Bi GzgJ5K2s4LuWY04ycFNUP8hNAi6w/LMRu3pLVd/pvRuSo7U3hX7T9fE9HmWVVQyEZxjohakrZq0lQ CuuNQRoLXH+7yynACwzHVQ29j5xsu7nEHynvPuRAGyQSzc4VrUrkb4d24rIfbSTjaeO5UTlRiuwtd pQLnPTG7qOmn5wJiPzyJ9iANkuMdBuGsRqyxFQoVpH6XWRqApKHBxZDtTN5Hl45AhQgHfJWu9bjZj y+4e/eyRc5D2UEgaL+eaIEUAIHYhegmSGn9OyDjepoK0pdGKpvAqTJt+X6Rs6VwSINAuchqBEEcVM eT74EkH10y7Q3g==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201] helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1q1psE-0002bL-G6; Wed, 24 May 2023 10:53:58 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Maxim Cournoyer <maxim.cournoyer@HIDDEN> Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic IP monitoring feature. References: <cover.1684461197.git.maxim.cournoyer@HIDDEN> <bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN> <87cz2swgpu.fsf_-_@HIDDEN> <87fs7ohrif.fsf@HIDDEN> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: Quintidi 5 Prairial an 231 de la =?utf-8?Q?R=C3=A9vo?= =?utf-8?Q?lution=2C?= jour du Canard X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Wed, 24 May 2023 16:53:56 +0200 In-Reply-To: <87fs7ohrif.fsf@HIDDEN> (Maxim Cournoyer's message of "Mon, 22 May 2023 19:32:08 -0400") Message-ID: <87pm6pixvf.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 63403 Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis: > Yeah, upstream offers a contrib shell script called reresolve-dns.sh > [0], that works a bit differently (it's doesn't actually monitor IPs but > just keep a watch on when was the last successful handshake made). > > [0] https://github.com/WireGuard/wireguard-tools/blob/master/contrib/rer= esolve-dns/reresolve-dns. > >> Would that be a viable option? WDYT? > > I think my Guile script is more precise in terms of what it does and > also produces useful output. If I knew of the shell script existence > when I started I probably wouldn't have bothered re-implementing it in > Scheme, but since it's here, and better, I see no reason to not use it > :-). I don't foresee high maintenance for the stable APIs involved > (resolving host names and setting an endpoint with 'wg set'). I don=E2=80=99t doubt your script is better (first because it=E2=80=99s in = Guile ;-)). I=E2=80=99m concerned about adding non-trivial =E2=80=9Cperipheral=E2=80=9D= code that we=E2=80=99ll all be responsible for going forward (the Jami services pose a similar challenge IMO: I experienced first-hand the maintenance burden recently when investigating system test failures.) So I=E2=80=99m a bit torn. I sympathize with the need to improve those services, but I=E2=80=99m also concerned what will happen if we don=E2=80= =99t have clear criteria to decide what to take and what to reject. WDYT? Ludo=E2=80=99.
guix-patches@HIDDEN:bug#63403; Package guix-patches.
Full text available.Received: (at 63403) by debbugs.gnu.org; 24 May 2023 14:44:50 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed May 24 10:44:50 2023 Received: from localhost ([127.0.0.1]:44331 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1q1pjO-0003tH-F9 for submit <at> debbugs.gnu.org; Wed, 24 May 2023 10:44:50 -0400 Received: from eggs.gnu.org ([209.51.188.92]:45994) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1q1pjM-0003t2-Vr; Wed, 24 May 2023 10:44:49 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1q1pjH-00013v-Oc; Wed, 24 May 2023 10:44:43 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To: From; bh=0qd9frzCuNcb/NbHLzYPvEDww1Z4PPsTOrSCJdTcxa0=; b=iWVPVRWCQ4CBm5romj8u +soqFjLqRgi/QFHhhdL2VeHzPluthdFd2XTww9J84uvHkV/17aT59B1U6WzXdonMUi/acFhLvkdax I1JjnIHHrgIC5GiAhZNlmZ2jtIi/P5SiY2BjNsjK+k0kwaUXMuuoumSdXUmwuag95/+XF20rJ/Z+Y PHpAfUF46qfaS2z+BJtxyGlspnLk/p84ebeW2rcOl/7sZL04OElD8yXCOADA03CbgrVugQml7s5mT hLty2taZySYjoTlvsGOUIMb4ZcH3zYlLkm9vNW9Z8rDFFOucV2MxM3jE9a7sB6P20nrNF9qEiQeGg PRRq2cxYKhsI9A==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201] helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1q1pjH-0001eX-7m; Wed, 24 May 2023 10:44:43 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Maxim Cournoyer <maxim.cournoyer@HIDDEN> Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic IP monitoring feature. References: <cover.1684461197.git.maxim.cournoyer@HIDDEN> <4ae50adcd4cef9d26b26eb4456727538d61f064c.1684461197.git.maxim.cournoyer@HIDDEN> <87lehgwgvz.fsf_-_@HIDDEN> <87jzx0hryo.fsf@HIDDEN> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: Quintidi 5 Prairial an 231 de la =?utf-8?Q?R=C3=A9vo?= =?utf-8?Q?lution=2C?= jour du Canard X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Wed, 24 May 2023 16:44:40 +0200 In-Reply-To: <87jzx0hryo.fsf@HIDDEN> (Maxim Cournoyer's message of "Mon, 22 May 2023 19:22:23 -0400") Message-ID: <87cz2pkcvb.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 63403 Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Hi Maxim, Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis: > Ludovic Court=C3=A8s <ludo@HIDDEN> writes: > >> Hi, >> >> Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis: >> >>> * gnu/services/herd.scm (current-service): New procedure, mostly reusin= g the >>> existing current-services. >>> (current-services): Implement in terms of the above procedure. >> >> How about having (lookup-service name) that calls the =E2=80=98status=E2= =80=99 action on >> the given service and either returns a <live-service> or #f? > > I'd rather keep the name 'current-service', There=E2=80=99s no notion of a =E2=80=9Ccurrent service=E2=80=9D in the She= pherd; that would be confusing to me. > because 'lookup-service' is already a public procedure exported by > Shepherd's (shepherd service) module; it'd be confusing. Yeah well, I think we should clarify the client/server architecture and the context in which (shepherd =E2=80=A6) modules are meant to be used. I = made a first attempt: https://git.savannah.gnu.org/cgit/shepherd.git/commit/?id=3Dd3d437a34bcb1= 1fc416bf141181d8908064aeceb However, what matters most to me is that the procedure names really represent what they do. With that in mind, it=E2=80=99s no surprise that t= he procedure to look up a service is called =E2=80=98lookup-service=E2=80=99 i= n both contexts. Thanks, Ludo=E2=80=99.
guix-patches@HIDDEN:bug#63403; Package guix-patches.
Full text available.
Received: (at 63403) by debbugs.gnu.org; 22 May 2023 23:32:25 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon May 22 19:32:25 2023
Received: from localhost ([127.0.0.1]:37287 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1q1F0o-0005IX-40
for submit <at> debbugs.gnu.org; Mon, 22 May 2023 19:32:25 -0400
Received: from mail-qk1-f178.google.com ([209.85.222.178]:56778)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <maxim.cournoyer@HIDDEN>)
id 1q1F0i-0005IC-HM; Mon, 22 May 2023 19:32:20 -0400
Received: by mail-qk1-f178.google.com with SMTP id
af79cd13be357-75b0df7b225so92045485a.1;
Mon, 22 May 2023 16:32:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20221208; t=1684798331; x=1687390331;
h=content-transfer-encoding:mime-version:user-agent:message-id
:in-reply-to:date:references:subject:cc:to:from:from:to:cc:subject
:date:message-id:reply-to;
bh=UbW4PFRdAfMgpJji7/CdoSejXHPX1C4w+FGbbQLcjQI=;
b=r8l8jEmRuVhBWHOVWUNJydH8XwqcOtomEogSn/Jq8b3vzkp7P0Y32iG7WGongxreHn
9p0odLaU/2iSuXVWwRZGDE2O3+JlOn6SrHhfC5tqGuv/UxdIIYNiycl+ESuhYUGm46Dt
0fX0HZ+rBLpaAWmjlBpUqAPQuo4/kGLgbkmFcVV6yqOoqxdkyLRtU4fl2cn1T/bOs8NU
wHhO9GYsSeXvr9GP5kHLcC4mGF/BkQgPoN+Aml2NUeCNRBgrIlJkD7SdwryCy4xjxkPG
xFIjCxP+PZf6Gozh7NmiEv8QsKx4wzS4UpMdk2G9i8fPN9To7MYgfpoFRqogL/gZkbXU
lXjw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20221208; t=1684798331; x=1687390331;
h=content-transfer-encoding:mime-version:user-agent:message-id
:in-reply-to:date:references:subject:cc:to:from:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=UbW4PFRdAfMgpJji7/CdoSejXHPX1C4w+FGbbQLcjQI=;
b=TgFuCJvTY9TxzipvLzNt8Yl3Yg39nNXnwjm9nQ3SxIFinGiXQrC3YmU7kap/5Wfzsb
TXDVjaUwf27yfOElsccECn+l8XHxKKEJotFmfJVjHWEucX0BWNYiVu6rL1eqB1fbDQCo
shzTK66wgRzK2Gk/hEtoWk1Qh2hUygqGBfg+lDqgBCv3azRc8MX5AHB5IbO5EIUpoMLv
EdYPIudTCO/ZBuULMOy/G3blQXhqUsoDJ1TkZJlbN8uz0XGh+ha9OjDQ7SY9YBT+zr03
mDYwxlbFiWUnDmu/eMqZawhFZb2klzlN25XLIuB9FcjN84miQV5EsqYr/frNBCDyMMt3
i9Og==
X-Gm-Message-State: AC+VfDwnShIBUat/4OlxtP9ob1Mjk59RraCu6gAatukU7ci3OdX+a+yp
7P5hADS/PGabv5qr1HzA5XY5wjWZKzu+PQ==
X-Google-Smtp-Source: ACHHUZ54ruKky3EB3ofjh427x9es0ntCSEVX7sujSgQG94yi8l7UmCc0FHAV6R3k2YoAeZms1/FoZA==
X-Received: by 2002:a05:622a:34e:b0:3e3:8ed5:a47e with SMTP id
r14-20020a05622a034e00b003e38ed5a47emr21902142qtw.10.1684798330694;
Mon, 22 May 2023 16:32:10 -0700 (PDT)
Received: from hurd (dsl-205-233-124-30.b2b2c.ca. [205.233.124.30])
by smtp.gmail.com with ESMTPSA id
k5-20020ac81405000000b003ee4b5a2dd3sm1690093qtj.21.2023.05.22.16.32.09
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Mon, 22 May 2023 16:32:10 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
IP monitoring feature.
References: <cover.1684461197.git.maxim.cournoyer@HIDDEN>
<bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN>
<87cz2swgpu.fsf_-_@HIDDEN>
Date: Mon, 22 May 2023 19:32:08 -0400
In-Reply-To: <87cz2swgpu.fsf_-_@HIDDEN> ("Ludovic =?utf-8?Q?Court=C3=A8s?=
=?utf-8?Q?=22's?= message of "Mon, 22 May 2023 17:03:57 +0200")
Message-ID: <87fs7ohrif.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 63403
Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Hi Ludovic,
Ludovic Court=C3=A8s <ludo@HIDDEN> writes:
> Hi,
>
> Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis:
>
>> * gnu/services/vpn.scm (<wireguard-configuration>)
>> [monitor-ips?, monitor-ips-internal]: New fields.
>> * gnu/services/vpn.scm (define-with-source): New syntax.
>> (wireguard-service-name, strip-port/maybe)
>> (ipv4-address?, ipv6-address?, host-name?)
>> (endpoint-host-names): New procedure.
>> (wireguard-monitoring-jobs): Likewise.
>> (wireguard-service-type): Register it.
>> * tests/services/vpn.scm: New file.
>> * Makefile.am (SCM_TESTS): Register it.
>> * doc/guix.texi (VPN Services): Update doc.
>
> As discussed on IRC the other day, I tend to think that this is =E2=80=9C=
not our
> job=E2=80=9D but rather upstream=E2=80=99s. (As a rule of thumb, I think=
services
> should merely expose what upstream implements.)
>
> You mentioned that upstream has a shell script to do something similar.
> Using that may not be as nice as what you propose here in terms of
> integration, but the upside is that we wouldn=E2=80=99t have to maintain =
it
> ourselves.
Yeah, upstream offers a contrib shell script called reresolve-dns.sh
[0], that works a bit differently (it's doesn't actually monitor IPs but
just keep a watch on when was the last successful handshake made).
[0] https://github.com/WireGuard/wireguard-tools/blob/master/contrib/reres=
olve-dns/reresolve-dns.
> Would that be a viable option? WDYT?
I think my Guile script is more precise in terms of what it does and
also produces useful output. If I knew of the shell script existence
when I started I probably wouldn't have bothered re-implementing it in
Scheme, but since it's here, and better, I see no reason to not use it
:-). I don't foresee high maintenance for the stable APIs involved
(resolving host names and setting an endpoint with 'wg set').
--=20
Thanks,
Maxim
guix-patches@HIDDEN:bug#63403; Package guix-patches.
Full text available.
Received: (at 63403) by debbugs.gnu.org; 22 May 2023 23:22:39 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon May 22 19:22:39 2023
Received: from localhost ([127.0.0.1]:37271 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1q1ErM-00050r-FL
for submit <at> debbugs.gnu.org; Mon, 22 May 2023 19:22:38 -0400
Received: from mail-qk1-f181.google.com ([209.85.222.181]:53651)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <maxim.cournoyer@HIDDEN>)
id 1q1ErH-00050Q-Fr; Mon, 22 May 2023 19:22:35 -0400
Received: by mail-qk1-f181.google.com with SMTP id
af79cd13be357-75b076babc3so101750885a.3;
Mon, 22 May 2023 16:22:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20221208; t=1684797745; x=1687389745;
h=content-transfer-encoding:mime-version:user-agent:message-id
:in-reply-to:date:references:subject:cc:to:from:from:to:cc:subject
:date:message-id:reply-to;
bh=N0mIBc/bth0ZNvJZ9Z0OfVgcVChQlviV69YqjCM4Bbc=;
b=OxwSnlPZxhaPDLni4+7mvsxsIITlCowK2g2w0yiU5MrwMFo8D6Vrui8J+Yq2u2y2+Z
Ni9EFg+ixZa4LVx5ngj9W/CIEQU57Jkx3XmlLkPWIP1GLM9zd76prRg6mPL+xz87v3Pb
TRq63UCamXpw9JMvRgVXgSZlIbB+eWwq2V+lPNgXtAkoEVqZip1bHXL6KajaIk7lUUWh
9LuaiK5co85DgqjtIXfWWm1nugcGilDrEB/48W7AupTmkrT6SDMVMTw2xtXvR2BCFRP6
CyIOkg5nboht4ElHK5d+V1SjBm06Hb8gyWaU3kqYR6tK9B7XTJAL+NcL35K9Jy43S4bD
501w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20221208; t=1684797745; x=1687389745;
h=content-transfer-encoding:mime-version:user-agent:message-id
:in-reply-to:date:references:subject:cc:to:from:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=N0mIBc/bth0ZNvJZ9Z0OfVgcVChQlviV69YqjCM4Bbc=;
b=F+pr+uLtlg/nKNiOkY+mALs/UyZGeVhu/6zqGVOomC2BWrjR7lUfJVmO47Vehds76a
bMAwh5+wLgel58652xeMgMg3eBNQi//ljEmmvKBujy1mkIjQ56xNYZeJWQ2C5sjL5DoD
C+zfiXWWMwvfhVW28q4XmT21N8qjjv36J+lbT3szdgyzvbRebWpDff5yevVGAAqUKVjO
W3Tjz5jwTPJ7FNHeLg84cYX3RcLD00j6r7TSEsGMrPirgCe5OxzMNakYmaxmMHkUxavx
B3T3CgM4Aa0YZSPTR6/FwzJJNGvKyp6kFd0eED8sFM8YtYcIGOCxDbJnv2IBmaeiHgHZ
THlw==
X-Gm-Message-State: AC+VfDyemh9yGQ+SSyjQTUMcuFew8bypT6dZdf76GmSbjtn8EuTrkdlJ
l6Tb6Ei51lxGkPclRBvU1KrW5c8F4QkOaQ==
X-Google-Smtp-Source: ACHHUZ6ZPTq+li+2pUDCdak0X1+GLRKXDJDv1EMWhrOu+ncPeiG3NWcYel2cB7x2NwU+vWvW53ykKQ==
X-Received: by 2002:a05:620a:2603:b0:75b:23a1:3645 with SMTP id
z3-20020a05620a260300b0075b23a13645mr2475457qko.6.1684797745600;
Mon, 22 May 2023 16:22:25 -0700 (PDT)
Received: from hurd (dsl-205-233-124-30.b2b2c.ca. [205.233.124.30])
by smtp.gmail.com with ESMTPSA id
20-20020a05620a06d400b007579ea33cdesm2080019qky.62.2023.05.22.16.22.24
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Mon, 22 May 2023 16:22:25 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
IP monitoring feature.
References: <cover.1684461197.git.maxim.cournoyer@HIDDEN>
<4ae50adcd4cef9d26b26eb4456727538d61f064c.1684461197.git.maxim.cournoyer@HIDDEN>
<87lehgwgvz.fsf_-_@HIDDEN>
Date: Mon, 22 May 2023 19:22:23 -0400
In-Reply-To: <87lehgwgvz.fsf_-_@HIDDEN> ("Ludovic =?utf-8?Q?Court=C3=A8s?=
=?utf-8?Q?=22's?= message of "Mon, 22 May 2023 17:00:16 +0200")
Message-ID: <87jzx0hryo.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 63403
Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Hi Ludovic,
Ludovic Court=C3=A8s <ludo@HIDDEN> writes:
> Hi,
>
> Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis:
>
>> * gnu/services/herd.scm (current-service): New procedure, mostly reusing=
the
>> existing current-services.
>> (current-services): Implement in terms of the above procedure.
>
> How about having (lookup-service name) that calls the =E2=80=98status=E2=
=80=99 action on
> the given service and either returns a <live-service> or #f?
I'd rather keep the name 'current-service', because 'lookup-service' is
already a public procedure exported by Shepherd's (shepherd service)
module; it'd be confusing.
> =E2=80=98current-services=E2=80=99 might be implemented as (lookup-servic=
e 'root) but
> this should be kept as an implementation detail.
Yeah, that's my view on current-services being implemented in terms of
(current-service 'root). It's a bit weird, but that's because the
underlying API is not symmetrical either.
Thanks for taking a look!
--=20
Thanks,
Maxim
guix-patches@HIDDEN:bug#63403; Package guix-patches.
Full text available.Received: (at 63403) by debbugs.gnu.org; 22 May 2023 15:04:20 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon May 22 11:04:20 2023 Received: from localhost ([127.0.0.1]:35793 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1q175A-00048H-8d for submit <at> debbugs.gnu.org; Mon, 22 May 2023 11:04:20 -0400 Received: from eggs.gnu.org ([209.51.188.92]:42256) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1q1758-000481-Kx; Mon, 22 May 2023 11:04:19 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1q174q-0003HY-6S; Mon, 22 May 2023 11:04:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To: From; bh=CdwlsJJNdCd3v0HrP/VX7se/Vm5JtqQFRAyh1DH40iA=; b=Y/JNe2XHperIsbNv4Svi EUouTN6NQUQ88z/qnApwCq5LLBGUX4ylxfALKKWYhuddfRYRDV50aYjUKXhU32Vvnwn+qfRLENvRz 6EEWbKUIZSjd7aRUH60TQfBl7x0MS378eM7kTe86WiH7r+Sp2w8Wmtqh0cLFoLYnmoL+kDEgVl0Wr EP0gbQkgPMJu1bBc2SJiL3kLxz1IGV26SP8d5vrBNKXWhzMAktqJI+xgMz4DFsGH5EBJ6FxeuDDNe Esfl8gWLBc9V6nWFMUfxJ0Y6xcYJz1NpGiVw0vmHKL5eWSZ5+GWXTg613nNjtUnEGwdcX8r9clSI7 zW8AzlLK+bxubQ==; Received: from [193.50.110.247] (helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1q174p-0003Nv-Bi; Mon, 22 May 2023 11:03:59 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Maxim Cournoyer <maxim.cournoyer@HIDDEN> Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic IP monitoring feature. References: <cover.1684461197.git.maxim.cournoyer@HIDDEN> <bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN> Date: Mon, 22 May 2023 17:03:57 +0200 In-Reply-To: <bfaae8df952aabc4e1b00bf7154dc7aa239860b3.1684461197.git.maxim.cournoyer@HIDDEN> (Maxim Cournoyer's message of "Thu, 18 May 2023 21:59:14 -0400") Message-ID: <87cz2swgpu.fsf_-_@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 63403 Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Hi, Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis: > * gnu/services/vpn.scm (<wireguard-configuration>) > [monitor-ips?, monitor-ips-internal]: New fields. > * gnu/services/vpn.scm (define-with-source): New syntax. > (wireguard-service-name, strip-port/maybe) > (ipv4-address?, ipv6-address?, host-name?) > (endpoint-host-names): New procedure. > (wireguard-monitoring-jobs): Likewise. > (wireguard-service-type): Register it. > * tests/services/vpn.scm: New file. > * Makefile.am (SCM_TESTS): Register it. > * doc/guix.texi (VPN Services): Update doc. As discussed on IRC the other day, I tend to think that this is =E2=80=9Cno= t our job=E2=80=9D but rather upstream=E2=80=99s. (As a rule of thumb, I think s= ervices should merely expose what upstream implements.) You mentioned that upstream has a shell script to do something similar. Using that may not be as nice as what you propose here in terms of integration, but the upside is that we wouldn=E2=80=99t have to maintain it ourselves. Would that be a viable option? WDYT? Thanks, Ludo=E2=80=99.
guix-patches@HIDDEN:bug#63403; Package guix-patches.
Full text available.Received: (at 63403) by debbugs.gnu.org; 22 May 2023 15:00:33 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon May 22 11:00:33 2023 Received: from localhost ([127.0.0.1]:35764 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1q171V-00042E-9Z for submit <at> debbugs.gnu.org; Mon, 22 May 2023 11:00:33 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52158) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1q171T-00041x-RL; Mon, 22 May 2023 11:00:32 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1q171O-0002Vs-EC; Mon, 22 May 2023 11:00:26 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To: From; bh=BWSinoEVF1CI3SOjS1itOx/nICyiSVOaZS2gzGl1tNc=; b=moLGqYcGS3qZX+Cq6ceN YXJan2Ov5N5gGdefVC3Gf0bqme9606UqpCLIj24qS908Ez3dyMVlRWRlZkrCS/mFqEkpCnK07U2nW xGgeQAg5EWRKVNPcXYHpbz1olkhvENmajW45QFi+KrjSIPp3hDRNmJlV9XfvNpJluB+Km4ROPvW3V RgI+kYgQshjdO4xVtCaDBWcN11F6hF/k2ZnjBAiIHvrWEzAteW/5BJ7Nb8nfoXRce1LSu4iUrXgYQ CBByMYjWfbnQQxgEwTlaIVFJomdcsFRecODVMo6mkmbAhDfTqbzG62TSAFmKvwznnRmiwrPC2tC1S v8ZX/PqZNd2tgQ==; Received: from [193.50.110.247] (helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1q171G-0007n2-Ai; Mon, 22 May 2023 11:00:25 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Maxim Cournoyer <maxim.cournoyer@HIDDEN> Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic IP monitoring feature. References: <cover.1684461197.git.maxim.cournoyer@HIDDEN> <4ae50adcd4cef9d26b26eb4456727538d61f064c.1684461197.git.maxim.cournoyer@HIDDEN> Date: Mon, 22 May 2023 17:00:16 +0200 In-Reply-To: <4ae50adcd4cef9d26b26eb4456727538d61f064c.1684461197.git.maxim.cournoyer@HIDDEN> (Maxim Cournoyer's message of "Thu, 18 May 2023 21:59:13 -0400") Message-ID: <87lehgwgvz.fsf_-_@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 63403 Cc: 63402 <at> debbugs.gnu.org, 63403 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Hi, Maxim Cournoyer <maxim.cournoyer@HIDDEN> skribis: > * gnu/services/herd.scm (current-service): New procedure, mostly reusing = the > existing current-services. > (current-services): Implement in terms of the above procedure. How about having (lookup-service name) that calls the =E2=80=98status=E2=80= =99 action on the given service and either returns a <live-service> or #f? =E2=80=98current-services=E2=80=99 might be implemented as (lookup-service = 'root) but this should be kept as an implementation detail. Ludo=E2=80=99.
guix-patches@HIDDEN:bug#63403; Package guix-patches.
Full text available.
Received: (at 63403) by debbugs.gnu.org; 15 May 2023 15:57:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon May 15 11:57:19 2023
Received: from localhost ([127.0.0.1]:44188 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1pyaZa-00041b-Jz
for submit <at> debbugs.gnu.org; Mon, 15 May 2023 11:57:19 -0400
Received: from mail-qv1-f54.google.com ([209.85.219.54]:44437)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <maxim.cournoyer@HIDDEN>) id 1pyaZT-00041H-En
for 63403 <at> debbugs.gnu.org; Mon, 15 May 2023 11:57:17 -0400
Received: by mail-qv1-f54.google.com with SMTP id
6a1803df08f44-619ca08c166so59897106d6.1
for <63403 <at> debbugs.gnu.org>; Mon, 15 May 2023 08:57:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20221208; t=1684166225; x=1686758225;
h=mime-version:user-agent:message-id:in-reply-to:date:references
:subject:to:from:from:to:cc:subject:date:message-id:reply-to;
bh=fIogbxU91ZhdSW0IOVLhBZeNjwez2bdZAJaIwOEnTLw=;
b=sjhxpvacoVAwAnVYfwByTl7KtAffCdfo0J7gbFs2JxiLR1Csj4YVUygWgj/IsqGuKu
MGqDI0CeqrPyItF7i+IYzbTYKIs3m/mjsaLVX8eIqrKYv5PCklI7raec58aeYkLimg9j
xLGR1tP6AsZJotsJyQB0Sw9ZpqsjlA0TEqttz2FdhhZvH0trtbfKQDgOxeTxcSSHMfK+
QoAmHsb+V2e2xvyUAIE0kypqYCqtcQiz4lKLiUqv5gK10+vjRBlCacUZjdiphEVy5pzD
4MdThM06BKoLaLANFYrDVcLgwfBt1nxnm+LMJBLlMXsxYNvGtB04HNp1AH4FRZVqFqCy
P0dg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20221208; t=1684166225; x=1686758225;
h=mime-version:user-agent:message-id:in-reply-to:date:references
:subject:to:from:x-gm-message-state:from:to:cc:subject:date
:message-id:reply-to;
bh=fIogbxU91ZhdSW0IOVLhBZeNjwez2bdZAJaIwOEnTLw=;
b=HQrJC76maGe7bTtFPeMiMp0IiorsmyWA25b+4zh2FdmP1aM9QDrFe0m83HfbfRa8Z3
A+SzeJzFl41C+j5djiQ5xHUaMJlJKS1ABzPZslujDjDk4re52y8f6v3c1NY4vxX+Fwwg
NMLAoIIOKiL9Mgj8D9uGkJzGBqoW7YC8esXTGl8eF7823sfGC9VflKkyenRgHRFlZMNl
S5hH3t8H1u5+gVvWsBkjrTeBiXgys8juFtClUxla+8FXCAl5w/B6cKoGkRbTasNv0phf
2BGfopqxyTqLGbkonxedqQAhc00eLaX+iWNz96HQ8BX3rcPD9sxYvLa3g4SuMLvllEFr
xoQw==
X-Gm-Message-State: AC+VfDyzL7ezmkiiTxQGWWTNpleOemPc647BUVXYZPHxLkyvVyw/TIR+
dwylKZz2X2Bd6SYf01taeLCJhBZaqPNgtA==
X-Google-Smtp-Source: ACHHUZ4IFiQNcsvo03pBMbBvpNYhvM5AGx9YIOlMXKXEAlvhyQ4A4ZiDgUOyr+7RleoqC+QN0Q9oSw==
X-Received: by 2002:a05:6214:4017:b0:621:1c72:af3 with SMTP id
kd23-20020a056214401700b006211c720af3mr40531207qvb.0.1684166224890;
Mon, 15 May 2023 08:57:04 -0700 (PDT)
Received: from hurd (dsl-205-236-230-106.b2b2c.ca. [205.236.230.106])
by smtp.gmail.com with ESMTPSA id
o18-20020a05620a111200b0075932cd3ca0sm29168qkk.69.2023.05.15.08.57.03
for <63403 <at> debbugs.gnu.org>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Mon, 15 May 2023 08:57:04 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
To: 63403 <at> debbugs.gnu.org
Subject: Re: bug#63403: [PATCH 1/1] services: wireguard: Implement a dynamic
IP monitoring feature.
References: <cover.1683679924.git.maxim.cournoyer@HIDDEN>
<81431f5906cd69b4377e1f5d5b26e7c915c7cc87.1683679924.git.maxim.cournoyer@HIDDEN>
Date: Mon, 15 May 2023 11:57:02 -0400
In-Reply-To: <81431f5906cd69b4377e1f5d5b26e7c915c7cc87.1683679924.git.maxim.cournoyer@HIDDEN>
(Maxim Cournoyer's message of "Tue, 9 May 2023 21:09:00 -0400")
Message-ID: <871qjhvb8x.fsf_-_@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 63403
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Hi,
Maxim Cournoyer <maxim.cournoyer@HIDDEN> writes:
> * gnu/services/vpn.scm (<wireguard-configuration>)
> [monitor-ips?, monitor-ips-internal]: New fields.
> * gnu/services/vpn.scm (define-with-source): New syntax.
> (wireguard-service-name, strip-port/maybe)
> (ipv4-address?, ipv6-address?, host-name?)
> (peers->endpoint-host-names)
> (wireguard-monitoring-jobs): New procedures.
> (wireguard-service-type): Register it.
> * tests/services/vpn.scm: New file.
> * Makefile.am (SCM_TESTS): Register it.
> * doc/guix.texi (VPN Services): Update doc.
I've found a bug when no endpoints were used. The following changes
were needed:
--8<---------------cut here---------------start------------->8---
modified gnu/services/vpn.scm
@@ -921,7 +921,7 @@ (define (peers->endpoint-host-names peers)
"Return host names used as the endpoints of PEERS, if any. Any \":PORT\"
suffixes are stripped."
(map strip-port/maybe
- (filter host-name? (map wireguard-peer-endpoint peers))))
+ (filter host-name? (filter-map wireguard-peer-endpoint peers))))
(define (wireguard-shepherd-service config)
(match-record config <wireguard-configuration>
@@ -998,7 +998,8 @@ (define (wireguard-monitoring-jobs config)
resolved-ips)
(format #t "restarting ~a service due to \
stale endpoint IPs~%" service-name)
- (restart-service service-name))))))))))))))
+ (restart-service service-name))))))))))
+ '())))) ;monitor-ips? is #f
(define wireguard-service-type
(service-type
--8<---------------cut here---------------end--------------->8---
Will send a v2.
--
Thanks,
Maxim
guix-patches@HIDDEN:bug#63403; Package guix-patches.
Full text available.Maxim Cournoyer <maxim.cournoyer@HIDDEN>
to control <at> debbugs.gnu.org.
Full text available.
Received: (at submit) by debbugs.gnu.org; 10 May 2023 01:09:29 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue May 09 21:09:29 2023
Received: from localhost ([127.0.0.1]:44836 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1pwYKe-0006QO-HY
for submit <at> debbugs.gnu.org; Tue, 09 May 2023 21:09:29 -0400
Received: from lists.gnu.org ([209.51.188.17]:53074)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <maxim.cournoyer@HIDDEN>) id 1pwYKU-0006Pw-0Z
for submit <at> debbugs.gnu.org; Tue, 09 May 2023 21:09:20 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <maxim.cournoyer@HIDDEN>)
id 1pwYKT-0003Wf-Ru
for guix-patches@HIDDEN; Tue, 09 May 2023 21:09:17 -0400
Received: from mail-qv1-xf2d.google.com ([2607:f8b0:4864:20::f2d])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.90_1) (envelope-from <maxim.cournoyer@HIDDEN>)
id 1pwYKN-00055G-Rk
for guix-patches@HIDDEN; Tue, 09 May 2023 21:09:17 -0400
Received: by mail-qv1-xf2d.google.com with SMTP id
6a1803df08f44-619be7d7211so31278486d6.3
for <guix-patches@HIDDEN>; Tue, 09 May 2023 18:09:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20221208; t=1683680950; x=1686272950;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:to:from:from:to:cc:subject:date:message-id
:reply-to; bh=yC6/cBPNEwyyqb+Udt/0rYEGEoBEDj0vfuIWvKpgKsA=;
b=stCNcuU07GfAgR1TMppU/t1lyvvA/4SX70ubLgbHBq7wDTET/4fwL/xXp8YPi9LKCi
CcDYRyfZeRaulA9PKTmFWt4iwphPV8D68tZWytyN9k+dQhGvoLekcIuhXtEehxmMU075
dY3PuvugzXruPD2J4xYkTqk05iC3wR+yj1DTY8GA6g2Udeb6d5WtMSg3bFZv/81g8Jmb
4bh97LMS8VZspSa+oZREf7YVXaMb+ug/HthQR4yz8P5CUrEw5coLaT49rb9roSk4CEY7
GdfUpGhNWrOl5gQmZnWQc8yNnYSHfVGsxXx2iZnQ1kl7FVpMDn3aIvhLYh5PKKJzEKO2
RsiA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20221208; t=1683680950; x=1686272950;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:to:from:x-gm-message-state:from:to:cc
:subject:date:message-id:reply-to;
bh=yC6/cBPNEwyyqb+Udt/0rYEGEoBEDj0vfuIWvKpgKsA=;
b=DGtCg5I61lijL+1EdVZWxbqKl0T0tUqq/lRUUo/wpuFEvDyc7sboFGNrsO+IvU0VuP
g/Qx46V1UjYK41L31YqJiIkyMG/QG433NHJOr7UXyznprumTJWRFKP//Xyh62uYlKMfb
tpqR14HDrd07jK+q8gxUU2wpWnaZgADiIu3cTVsoizbbwXzgRftpJcrSF2Aj/jkcZoT8
QrFqCW8ceN8VyI2vDSS/9s9odv/wMKPOZ/cD36xQ3/TbCkDjNcHRlji3LBN4YzcengTy
fQp3khYt1EE0cFtvuaV3M1DPdOyUtNqJe/Yegngbz4O9TRYzU9eHVnoFANZDBPSuoOLy
SMkQ==
X-Gm-Message-State: AC+VfDx7e23e2Ll1QaZeqHA28/UG+Zl564iH8HCIqhMnS1xbtsSzIVHQ
jCs7RjD5dqd90Kq+b5ZkAMsIlw0uMDk=
X-Google-Smtp-Source: ACHHUZ7y6VKVtfyirwTsWe54Aws+ElouYaZLMWGAcG7Bj4zTNSpKe4tpPrtyiuYBK02m/q8MvQpP9A==
X-Received: by 2002:a05:6214:c85:b0:5ef:642e:7cd2 with SMTP id
r5-20020a0562140c8500b005ef642e7cd2mr20645506qvr.7.1683680950518;
Tue, 09 May 2023 18:09:10 -0700 (PDT)
Received: from localhost.localdomain (dsl-156-94.b2b2c.ca. [66.158.156.94])
by smtp.gmail.com with ESMTPSA id
z29-20020ac8431d000000b003f3941ba4d9sm972632qtm.32.2023.05.09.18.09.09
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 09 May 2023 18:09:10 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
To: guix-patches@HIDDEN,
maxim.cournoyer@HIDDEN
Subject: [PATCH 1/1] services: wireguard: Implement a dynamic IP monitoring
feature.
Date: Tue, 9 May 2023 21:09:00 -0400
Message-Id: <81431f5906cd69b4377e1f5d5b26e7c915c7cc87.1683679924.git.maxim.cournoyer@HIDDEN>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <cover.1683679924.git.maxim.cournoyer@HIDDEN>
References: <cover.1683679924.git.maxim.cournoyer@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2607:f8b0:4864:20::f2d;
envelope-from=maxim.cournoyer@HIDDEN; helo=mail-qv1-xf2d.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.3 (-)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.3 (--)
* gnu/services/vpn.scm (<wireguard-configuration>)
[monitor-ips?, monitor-ips-internal]: New fields.
* gnu/services/vpn.scm (define-with-source): New syntax.
(wireguard-service-name, strip-port/maybe)
(ipv4-address?, ipv6-address?, host-name?)
(peers->endpoint-host-names)
(wireguard-monitoring-jobs): New procedures.
(wireguard-service-type): Register it.
* tests/services/vpn.scm: New file.
* Makefile.am (SCM_TESTS): Register it.
* doc/guix.texi (VPN Services): Update doc.
---
Makefile.am | 1 +
doc/guix.texi | 18 +++++-
gnu/services/vpn.scm | 122 +++++++++++++++++++++++++++++++++++++++--
tests/services/vpn.scm | 80 +++++++++++++++++++++++++++
4 files changed, 215 insertions(+), 6 deletions(-)
create mode 100644 tests/services/vpn.scm
diff --git a/Makefile.am b/Makefile.am
index 13718e4353..fb6e4f57cd 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -553,6 +553,7 @@ SCM_TESTS = \
tests/services/lightdm.scm \
tests/services/linux.scm \
tests/services/telephony.scm \
+ tests/services/vpn.scm \
tests/sets.scm \
tests/size.scm \
tests/status.scm \
diff --git a/doc/guix.texi b/doc/guix.texi
index c69fde646d..fad7f32bca 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -32345,9 +32345,23 @@ VPN Services
@item @code{dns} (default: @code{#f})
The DNS server(s) to announce to VPN clients via DHCP.
+@item @code{monitor-ips?} (default: @code{#f})
+@cindex Dynamic IP, with Wireguard
+@cindex dyndns, usage with Wireguard
+Whether to monitor the resolved Internet addresses (IPs) of the
+endpoints of the configured peers, restarting the service when there is
+a mismatch between the endpoint IPs in actual use versus those freshly
+resolved from their host names. Set this to @code{#t} if one or more
+endpoints use host names provided by a dynamic DNS service to keep
+connections working.
+
+@item @code{monitor-ips-internal} (default: @code{'(next-minute (range 0 60 5))})
+The time interval at which the IP monitoring job should run, provided as
+an mcron time specification (@pxref{Guile Syntax,,,mcron}).
+
@item @code{private-key} (default: @code{"/etc/wireguard/private.key"})
-The private key file for the interface. It is automatically generated if
-the file does not exist.
+The private key file for the interface. It is automatically generated
+if the file does not exist.
@item @code{peers} (default: @code{'()})
The authorized peers on this interface. This is a list of
diff --git a/gnu/services/vpn.scm b/gnu/services/vpn.scm
index a884d71eb2..5a56884008 100644
--- a/gnu/services/vpn.scm
+++ b/gnu/services/vpn.scm
@@ -11,6 +11,7 @@
;;; Copyright © 2021 Nathan Dehnel <ncdehnel@HIDDEN>
;;; Copyright © 2022 Cameron V Chaparro <cameron@HIDDEN>
;;; Copyright © 2022 Timo Wilken <guix@HIDDEN>
+;;; Copyright © 2023 Maxim Cournoyer <maxim.cournoyer@HIDDEN>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -31,10 +32,12 @@ (define-module (gnu services vpn)
#:use-module (gnu services)
#:use-module (gnu services configuration)
#:use-module (gnu services dbus)
+ #:use-module (gnu services mcron)
#:use-module (gnu services shepherd)
#:use-module (gnu system shadow)
#:use-module (gnu packages admin)
#:use-module (gnu packages vpn)
+ #:use-module (guix modules)
#:use-module (guix packages)
#:use-module (guix records)
#:use-module (guix gexp)
@@ -73,6 +76,8 @@ (define-module (gnu services vpn)
wireguard-configuration-addresses
wireguard-configuration-port
wireguard-configuration-dns
+ wireguard-configuration-monitor-ips?
+ wireguard-configuration-monitor-ips-interval
wireguard-configuration-private-key
wireguard-configuration-peers
wireguard-configuration-pre-up
@@ -741,6 +746,10 @@ (define-record-type* <wireguard-configuration>
(default '()))
(dns wireguard-configuration-dns ;list of strings
(default #f))
+ (monitor-ips? wireguard-configuration-monitor-ips? ;boolean
+ (default #f))
+ (monitor-ips-interval wireguard-configuration-monitor-ips-interval
+ (default '(next-minute (range 0 60 5)))) ;string | list
(pre-up wireguard-configuration-pre-up ;list of strings
(default '()))
(post-up wireguard-configuration-post-up ;list of strings
@@ -871,6 +880,49 @@ (define (wireguard-activation config)
(chmod #$private-key #o400)
(close-pipe pipe))))))
+;;; XXX: Copied from (guix scripts pack), changing define to define*.
+(define-syntax-rule (define-with-source (variable args ...) body body* ...)
+ "Bind VARIABLE to a procedure accepting ARGS defined as BODY, also setting
+its source property."
+ (begin
+ (define* (variable args ...)
+ body body* ...)
+ (eval-when (load eval)
+ (set-procedure-property! variable 'source
+ '(define* (variable args ...) body body* ...)))))
+
+(define (wireguard-service-name interface)
+ "Return the WireGuard service name (a symbol) configured to use INTERFACE."
+ (symbol-append 'wireguard- (string->symbol interface)))
+
+(define-with-source (strip-port/maybe endpoint #:key ipv6?)
+ "Strip the colon and port, if present in ENDPOINT, a string."
+ (if ipv6?
+ (if (string-prefix? "[" endpoint)
+ (first (string-split (string-drop endpoint 1) #\])) ;ipv6
+ endpoint)
+ (first (string-split endpoint #\:)))) ;ipv4
+
+(define (ipv4-address? str)
+ "Return true if STR denotes an IPv4 address."
+ (false-if-exception
+ (->bool (inet-pton AF_INET (strip-port/maybe str)))))
+
+(define (ipv6-address? str)
+ "Return true if STR denotes an IPv6 address."
+ (false-if-exception
+ (->bool (inet-pton AF_INET6 (strip-port/maybe str #:ipv6? #t)))))
+
+(define (host-name? name)
+ "Predicate to check whether NAME is a host name, i.e. not an IP address."
+ (not (or (ipv6-address? name) (ipv4-address? name))))
+
+(define (peers->endpoint-host-names peers)
+ "Return host names used as the endpoints of PEERS, if any. Any \":PORT\"
+suffixes are stripped."
+ (map strip-port/maybe
+ (filter host-name? (map wireguard-peer-endpoint peers))))
+
(define (wireguard-shepherd-service config)
(match-record config <wireguard-configuration>
(wireguard interface)
@@ -878,9 +930,7 @@ (define (wireguard-shepherd-service config)
(config (wireguard-configuration-file config)))
(list (shepherd-service
(requirement '(networking))
- (provision (list
- (symbol-append 'wireguard-
- (string->symbol interface))))
+ (provision (list (wireguard-service-name interface)))
(start #~(lambda _
(invoke #$wg-quick "up" #$config)))
(stop #~(lambda _
@@ -888,6 +938,68 @@ (define (wireguard-shepherd-service config)
#f)) ;stopped!
(documentation "Run the Wireguard VPN tunnel"))))))
+(define (wireguard-monitoring-jobs config)
+ (match-record config <wireguard-configuration>
+ (interface monitor-ips? monitor-ips-interval peers)
+ (let ((host-names (peers->endpoint-host-names peers)))
+ (if monitor-ips?
+ (if (null? host-names)
+ (begin
+ (warn "monitor-ips? is #t but no host name to monitor")
+ '())
+ ;; The mcron monitor job may be a string or a list; ungexp strips
+ ;; one quote level, which must be added back when a list is
+ ;; provided.
+ (list
+ #~(job
+ (if (string? #$monitor-ips-interval)
+ #$monitor-ips-interval
+ '#$monitor-ips-interval)
+ #$(program-file
+ (format #f "wireguard-~a-monitoring" interface)
+ (with-imported-modules (source-module-closure
+ '((gnu services herd)))
+ #~(begin
+ (use-modules (gnu services herd)
+ (ice-9 popen)
+ (ice-9 textual-ports)
+ (srfi srfi-1)
+ (srfi srfi-26))
+
+ (define (host-name->ip name)
+ "Return the IP address resolved from NAME."
+ (let* ((ai (car (getaddrinfo name)))
+ (sa (addrinfo:addr ai)))
+ (inet-ntop (sockaddr:fam sa)
+ (sockaddr:addr sa))))
+
+ #$(procedure-source strip-port/maybe)
+
+ (define service-name '#$(wireguard-service-name
+ interface))
+
+ (when (start-service service-name)
+ (let* ((resolved-ips (map host-name->ip
+ '#$host-names))
+ (pipe (open-pipe*
+ OPEN_READ
+ #$(file-append wireguard-tools
+ "/bin/wg")
+ "show" #$interface "endpoints"))
+ (lines (string-split (get-string-all pipe)
+ #\newline))
+ (used-ips (map (compose
+ strip-port/maybe
+ last
+ (cut string-split <> #\tab))
+ lines)))
+ (close-pipe pipe)
+ (unless (every (cut member <> used-ips)
+ resolved-ips)
+ (format #t "restarting ~a service due to \
+stale endpoint IPs~%" service-name)
+ (restart-service service-name))))))))))))))
+
(define wireguard-service-type
(service-type
(name 'wireguard)
@@ -898,6 +1010,8 @@ (define wireguard-service-type
wireguard-activation)
(service-extension profile-service-type
(compose list
- wireguard-configuration-wireguard))))
+ wireguard-configuration-wireguard))
+ (service-extension mcron-service-type
+ wireguard-monitoring-jobs)))
(description "Set up Wireguard @acronym{VPN, Virtual Private Network}
tunnels.")))
diff --git a/tests/services/vpn.scm b/tests/services/vpn.scm
new file mode 100644
index 0000000000..9c6fa65df6
--- /dev/null
+++ b/tests/services/vpn.scm
@@ -0,0 +1,80 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2023 Maxim Cournoyer <maxim.cournoyer@HIDDEN>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (tests services vpn)
+ #:use-module (gnu packages vpn)
+ #:use-module (gnu services vpn)
+ #:use-module (guix gexp)
+ #:use-module (ice-9 match)
+ #:use-module (srfi srfi-1)
+ #:use-module (srfi srfi-64))
+
+;;; Commentary:
+;;;
+;;; Unit tests for the (gnu services vpn) module.
+;;;
+;;; Code:
+
+;;; Access some internals for whitebox testing.
+(define ipv4-address? (@@ (gnu services vpn) ipv4-address?))
+(define ipv6-address? (@@ (gnu services vpn) ipv6-address?))
+(define host-name? (@@ (gnu services vpn) host-name?))
+(define peers->endpoint-host-names
+ (@@ (gnu services vpn) peers->endpoint-host-names))
+
+(test-begin "vpn-services")
+
+(test-assert "ipv4-address?"
+ (every ipv4-address?
+ (list "192.95.5.67:1234"
+ "10.0.0.1")))
+
+(test-assert "ipv6-address?"
+ (every ipv6-address?
+ (list "[2607:5300:60:6b0::c05f:543]:2468"
+ "2607:5300:60:6b0::c05f:543"
+ "2345:0425:2CA1:0000:0000:0567:5673:23b5"
+ "2345:0425:2CA1::0567:5673:23b5")))
+
+(define %wireguard-peers
+ (list (wireguard-peer
+ (name "dummy1")
+ (public-key "VlesLiEB5BFd//OD2ILKXviolfz+hodG6uZ+XjoalC8=")
+ (endpoint "some.dynamic-dns.service:53281")
+ (allowed-ips '()))
+ (wireguard-peer
+ (name "dummy2")
+ (public-key "AlesLiEB5BFd//OD2ILKXviolfz+hodG6uZ+XgoalC9=")
+ (endpoint "example.org")
+ (allowed-ips '()))
+ (wireguard-peer
+ (name "dummy3")
+ (public-key "BlesLiEB5BFd//OD2ILKXviolfz+hodG6uZ+XgoalC7=")
+ (endpoint "10.0.0.7:7777")
+ (allowed-ips '()))
+ (wireguard-peer
+ (name "dummy4")
+ (public-key "ClesLiEB5BFd//OD2ILKXviolfz+hodG6uZ+XgoalC6=")
+ (endpoint "[2345:0425:2CA1::0567:5673:23b5]:44444")
+ (allowed-ips '()))))
+
+(test-equal "peers->endpoint-host-names"
+ '("some.dynamic-dns.service" "example.org")
+ (peers->endpoint-host-names %wireguard-peers))
+
+(test-end "vpn-services")
--
2.39.2
Maxim Cournoyer <maxim.cournoyer@HIDDEN>:guix-patches@HIDDEN.
Full text available.guix-patches@HIDDEN:bug#63403; Package guix-patches.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.