From patchwork Fri Jan 15 21:22:54 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: M X-Patchwork-Id: 26392 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id EEE7A27BC14; Fri, 15 Jan 2021 21:24:13 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM, MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 5196227BC13 for ; Fri, 15 Jan 2021 21:24:13 +0000 (GMT) Received: from localhost ([::1]:33590 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1l0WZo-0007Io-A5 for patchwork@mira.cbaines.net; Fri, 15 Jan 2021 16:24:12 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:60870) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l0WZf-0007HE-4Y for guix-patches@gnu.org; Fri, 15 Jan 2021 16:24:03 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:58556) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1l0WZe-00026H-1T for guix-patches@gnu.org; Fri, 15 Jan 2021 16:24:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1l0WZd-0000ej-TD for guix-patches@gnu.org; Fri, 15 Jan 2021 16:24:01 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#45905] [PATCH] IPFS service definition Resent-From: Maxime Devos Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 15 Jan 2021 21:24:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 45905 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 45905@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.16107458072471 (code B ref -1); Fri, 15 Jan 2021 21:24:01 +0000 Received: (at submit) by debbugs.gnu.org; 15 Jan 2021 21:23:27 +0000 Received: from localhost ([127.0.0.1]:41869 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l0WZ5-0000dn-1W for submit@debbugs.gnu.org; Fri, 15 Jan 2021 16:23:27 -0500 Received: from lists.gnu.org ([209.51.188.17]:54780) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l0WZ2-0000de-3o for submit@debbugs.gnu.org; Fri, 15 Jan 2021 16:23:26 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:60724) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l0WZ1-0006n8-0w for guix-patches@gnu.org; Fri, 15 Jan 2021 16:23:23 -0500 Received: from andre.telenet-ops.be ([2a02:1800:120:4::f00:15]:45128) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1l0WYs-0001s6-8o for guix-patches@gnu.org; Fri, 15 Jan 2021 16:23:22 -0500 Received: from ptr-bvsjgyjmffd7q9timvx.18120a2.ip6.access.telenet.be ([IPv6:2a02:1811:8c09:9d00:aaf1:9810:a0b8:a55d]) by andre.telenet-ops.be with bizsmtp id H9P82400L0mfAB4019P9HD; Fri, 15 Jan 2021 22:23:09 +0100 Message-ID: From: Maxime Devos Date: Fri, 15 Jan 2021 22:22:54 +0100 User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Received-SPF: pass client-ip=2a02:1800:120:4::f00:15; envelope-from=maximedevos@telenet.be; helo=andre.telenet-ops.be X-Spam_score_int: -25 X-Spam_score: -2.6 X-Spam_bar: -- X-Spam_report: (-2.6 / 5.0 requ) BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches Hi Guix! A patch defining simple ‘ipfs-service-type’ is attached. I've tested this in a VM, and will test it on a ‘real’ system later. The gateway is currently broken, it tries to redirect to non-existent subdomains of localhost. Correcting this might require fiddling with the DNS configuration. Maxime From c441bca727df67837652eb2f0b5ad23528fd11a3 Mon Sep 17 00:00:00 2001 From: Maxime Devos Date: Fri, 15 Jan 2021 21:46:42 +0100 Subject: [PATCH] services: Add ipfs-service-type * gnu/services/networking.scm (ipfs-service-type) (%ipfs-home-mapping, %ipfs-environment) (%ipfs-accounts, %ipfs-home): New variables. (ipfs-configuration, ipfs-configuration?) (ipfs-configuration-package, ipfs-configuration-gateway) (ipfs-configuration-api, ipfs-shepherd-service) (ipfs-binary, %ipfs-activation): New procedures. * doc/guix.texi (Networking Services): Document it. --- doc/guix.texi | 33 +++++++++ gnu/services/networking.scm | 138 ++++++++++++++++++++++++++++++++++++ 2 files changed, 171 insertions(+) diff --git a/doc/guix.texi b/doc/guix.texi index cea7f8a8cf..49680b13e9 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -86,6 +86,7 @@ Copyright @copyright{} 2020 raingloom@* Copyright @copyright{} 2020 Daniel Brooks@* Copyright @copyright{} 2020 John Soo@* Copyright @copyright{} 2020 Jonathan Brielmaier@* +Copyright @copyright{} 2021 Maxime Devos@* Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -17221,6 +17222,38 @@ address, delete everything except these options: @end table @end deftp +@cindex IPFS +@defvr {Scheme Variable} ipfs-service-type +The service type for connecting to the @uref{https://ipfs.io,IPFS network}, +a global, versioned, peer-to-peer file system. Pass it a +@code{ipfs-configuration} to change the ports used for the gateway and API. + +Here's an example configuration, using some non-standard ports: + +@lisp +;; part of the operating-system declaration +(service ipfs-service-type + (ipfs-configuration + (gateway "/ip4/127.0.0.1/tcp/8880") + (api "/ip4/127.0.0.1/tcp/8881"))) +@end lisp +@end defvr + +@deftp {Data Type} ipfs-configuration +Data type representing the configuration of IPFS. + +@table @asis +@item @code{package} (default: @code{go-ipfs}) +Package object of IPFS. + +@item @code{gateway} (default: @code{"/ip4/127.0.0.1/tcp/8082"}) +Address of the gateway, in ‘multiaddress’ format. + +@item @code{api} (default: @code{"/ip4/127.0.0.1/tcp/5001"}) +Address of the API endpoint, in ‘multiaddress’ format. +@end table +@end deftp + @cindex keepalived @deffn {Scheme Variable} keepalived-service-type This is the type for the @uref{https://www.keepalived.org/, Keepalived} diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index dd4061341e..4a1d04dfbb 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -15,6 +15,7 @@ ;;; Copyright © 2019 Alex Griffin ;;; Copyright © 2020 Brice Waegeneire ;;; Copyright © 2021 Oleg Pykhalov +;;; Copyright © 2021 Maxime Devos ;;; ;;; This file is part of GNU Guix. ;;; @@ -54,6 +55,8 @@ #:use-module (gnu packages ntp) #:use-module (gnu packages wicd) #:use-module (gnu packages gnome) + #:use-module (gnu packages ipfs) + #:use-module (gnu build linux-container) #:use-module (guix gexp) #:use-module (guix records) #:use-module (guix modules) @@ -196,6 +199,13 @@ yggdrasil-configuration-json-config yggdrasil-configuration-package + ipfs-service-type + ipfs-configuration + ipfs-configuration? + ipfs-configuration-package + ipfs-configuration-gateway + ipfs-configuration-api + keepalived-configuration keepalived-configuration? keepalived-service-type)) @@ -1873,6 +1883,134 @@ See yggdrasil -genconf for config options.") (service-extension profile-service-type (compose list yggdrasil-configuration-package)))))) + +;;; +;;; IPFS +;;; + +(define-record-type* + ipfs-configuration + make-ipfs-configuration + ipfs-configuration? + (package ipfs-configuration-package + (default go-ipfs)) + (gateway ipfs-configuration-gateway + (default "/ip4/127.0.0.1/tcp/8082")) + (api ipfs-configuration-api + (default "/ip4/127.0.0.1/tcp/5001"))) + +(define %ipfs-home "/var/lib/ipfs") + +(define %ipfs-accounts + (list (user-account + (name "ipfs") + (group "ipfs") + (system? #t) + (comment "IPFS daemon user") + (home-directory "/var/lib/ipfs") + (shell (file-append shadow "/sbin/nologin"))) + (user-group + (name "ipfs") + (system? #t)))) + +(define (ipfs-binary config) + (file-append (ipfs-configuration-package config) "/bin/ipfs")) + +(define %ipfs-home-mapping + #~(file-system-mapping + (source #$%ipfs-home) + (target #$%ipfs-home) + (writable? #t))) + +(define %ipfs-environment + #~(list #$(string-append "HOME=" %ipfs-home))) + +(define (ipfs-shepherd-service config) + "Return a for IPFS with CONFIG." + (define ipfs-daemon-command + #~(list #$(ipfs-binary config) "daemon")) + (list + (with-imported-modules (source-module-closure + '((gnu build shepherd) + (gnu system file-systems))) + (shepherd-service + (provision '(ipfs)) + (requirement '(networking)) + (documentation "Connect to the IPFS network") + (modules '((gnu build shepherd) + (gnu system file-systems))) + (start #~(make-forkexec-constructor/container + #$ipfs-daemon-command + #:namespaces '#$(fold delq %namespaces '(user net)) + #:mappings (list #$%ipfs-home-mapping) + #:log-file "/var/log/ipfs.log" + #:user "ipfs" + #:group "ipfs" + #:environment-variables #$%ipfs-environment)) + (stop #~(make-kill-destructor)))))) + +(define (%ipfs-activation config) + "Return an activation gexp for IPFS with CONFIG" + (define (ipfs-config-command setting value) + #~(#$(ipfs-binary config) "config" #$setting #$value)) + (define (set-config!-gexp setting value) + #~(system* #$@(ipfs-config-command setting value))) + (define settings + `(("Addresses.API" ,(ipfs-configuration-api config)) + ("Addresses.Gateway" ,(ipfs-configuration-gateway config)))) + (define inner-gexp + #~(begin + (umask #o077) + ;; Create $HOME/.ipfs structure + (system* #$(ipfs-binary config) "init") + ;; Apply settings + #$@(map (cute apply set-config!-gexp <>) settings))) + (define inner-script + (program-file "ipfs-activation-inner" inner-gexp)) + ;; Run ipfs init and ipfs config from a container, + ;; in case the IPFS daemon was compromised at some point + ;; and ~/.ipfs is now a symlink to somewhere outside + ;; %ipfs-home. + (define container-gexp + (with-extensions (list shepherd) + (with-imported-modules (source-module-closure + '((gnu build shepherd) + (gnu system file-systems))) + #~(begin + (use-modules (gnu build shepherd) + (gnu system file-systems)) + (let* ((constructor + (make-forkexec-constructor/container + (list #$inner-script) + #:namespaces '#$(fold delq %namespaces '(user)) + #:mappings (list #$%ipfs-home-mapping) + #:user "ipfs" + #:group "ipfs" + #:environment-variables #$%ipfs-environment)) + (pid (constructor))) + (waitpid pid)))))) + ;; The activation may happen from the initrd, which uses + ;; a statically-linked guile, while the guix container + ;; procedures require a working dynamic-link. + (define container-script + (program-file "ipfs-activation-container" container-gexp)) + #~(system* #$container-script)) + +(define ipfs-service-type + (service-type + (name 'ipfs) + (extensions + (list (service-extension account-service-type + (const %ipfs-accounts)) + (service-extension activation-service-type + %ipfs-activation) + (service-extension shepherd-root-service-type + ipfs-shepherd-service))) + (default-value (ipfs-configuration)) + (description + "Run @command{ipfs daemon}, the reference implementation +of the IPFS p2p storage network."))) + ;;; ;;; Keepalived -- 2.30.0