Merge pull request #29450 from jerith666/djb-1709

Add modules for tinydns and dnscache from djbdns
This commit is contained in:
Jörg Thalheim 2017-09-24 15:39:29 +01:00 committed by GitHub
commit 975c7b2204
6 changed files with 207 additions and 0 deletions

View File

@ -426,6 +426,7 @@
./services/networking/ddclient.nix
./services/networking/dhcpcd.nix
./services/networking/dhcpd.nix
./services/networking/dnscache.nix
./services/networking/dnschain.nix
./services/networking/dnscrypt-proxy.nix
./services/networking/dnscrypt-wrapper.nix
@ -526,6 +527,7 @@
./services/networking/tcpcrypt.nix
./services/networking/teamspeak3.nix
./services/networking/tinc.nix
./services/networking/tinydns.nix
./services/networking/tftpd.nix
./services/networking/tox-bootstrapd.nix
./services/networking/toxvpn.nix

View File

@ -0,0 +1,86 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.dnscache;
dnscache-root = pkgs.runCommand "dnscache-root" {} ''
mkdir -p $out/{servers,ip}
${concatMapStrings (ip: ''
echo > "$out/ip/"${lib.escapeShellArg ip}
'') cfg.clientIps}
${concatStrings (mapAttrsToList (host: ips: ''
${concatMapStrings (ip: ''
echo ${lib.escapeShellArg ip} > "$out/servers/"${lib.escapeShellArg host}
'') ips}
'') cfg.domainServers)}
# djbdns contains an outdated list of root servers;
# if one was not provided in config, provide a current list
if [ ! -e servers/@ ]; then
awk '/^.?.ROOT-SERVERS.NET/ { print $4 }' ${pkgs.dns-root-data}/root.hints > $out/servers/@
fi
'';
in {
###### interface
options = {
services.dnscache = {
enable = mkOption {
default = false;
type = types.bool;
description = "Whether to run the dnscache caching dns server";
};
ip = mkOption {
default = "0.0.0.0";
type = types.str;
description = "IP address on which to listen for connections";
};
clientIps = mkOption {
default = [ "127.0.0.1" ];
type = types.listOf types.str;
description = "client IP addresses (or prefixes) from which to accept connections";
example = ["192.168" "172.23.75.82"];
};
domainServers = mkOption {
default = { };
type = types.attrsOf (types.listOf types.str);
description = "table of {hostname: server} pairs to use as authoritative servers for hosts (and subhosts)";
example = {
"example.com" = ["8.8.8.8" "8.8.4.4"];
};
};
};
};
###### implementation
config = mkIf config.services.dnscache.enable {
environment.systemPackages = [ pkgs.djbdns ];
users.extraUsers.dnscache = {};
systemd.services.dnscache = {
description = "djbdns dnscache server";
wantedBy = [ "multi-user.target" ];
path = with pkgs; [ bash daemontools djbdns ];
preStart = ''
rm -rf /var/lib/dnscache
dnscache-conf dnscache dnscache /var/lib/dnscache ${config.services.dnscache.ip}
rm -rf /var/lib/dnscache/root
ln -sf ${dnscache-root} /var/lib/dnscache/root
'';
script = ''
cd /var/lib/dnscache/
exec ./run
'';
};
};
}

View File

@ -0,0 +1,54 @@
{ config, lib, pkgs, ... }:
with lib;
{
###### interface
options = {
services.tinydns = {
enable = mkOption {
default = false;
type = types.bool;
description = "Whether to run the tinydns dns server";
};
data = mkOption {
type = types.lines;
default = "";
description = "The DNS data to serve, in the format described by tinydns-data(8)";
};
ip = mkOption {
default = "0.0.0.0";
type = types.str;
description = "IP address on which to listen for connections";
};
};
};
###### implementation
config = mkIf config.services.tinydns.enable {
environment.systemPackages = [ pkgs.djbdns ];
users.extraUsers.tinydns = {};
systemd.services.tinydns = {
description = "djbdns tinydns server";
wantedBy = [ "multi-user.target" ];
path = with pkgs; [ daemontools djbdns ];
preStart = ''
rm -rf /var/lib/tinydns
tinydns-conf tinydns tinydns /var/lib/tinydns ${config.services.tinydns.ip}
cd /var/lib/tinydns/root/
ln -sf ${pkgs.writeText "tinydns-data" config.services.tinydns.data} data
tinydns-data
'';
script = ''
cd /var/lib/tinydns
exec ./run
'';
};
};
}

View File

@ -0,0 +1,48 @@
{ stdenv, fetchurl, glibc } :
let
version = "1.05";
manSrc = fetchurl {
url = "http://smarden.org/pape/djb/manpages/djbdns-${version}-man-20031023.tar.gz";
sha256 = "0sg51gjy6j1hnrra406q1qhf5kvk1m00y8qqhs6r0a699gqmh75s";
};
in
stdenv.mkDerivation {
name = "djbdns-${version}";
src = fetchurl {
url = "https://cr.yp.to/djbdns/djbdns-${version}.tar.gz";
sha256 = "0j3baf92vkczr5fxww7rp1b7gmczxmmgrqc8w2dy7kgk09m85k9w";
};
patches = [ ./hier.patch ];
postPatch = ''
echo gcc -O2 -include ${glibc.dev}/include/errno.h > conf-cc
echo $out > conf-home
sed -i "s|/etc/dnsroots.global|$out/etc/dnsroots.global|" dnscache-conf.c
'';
installPhase = ''
mkdir -pv $out/etc;
make setup
cd $out;
tar xzvf ${manSrc};
for n in 1 5 8; do
mkdir -p man/man$n;
mv -iv djbdns-man/*.$n man/man$n;
done;
rm -rv djbdns-man;
'';
meta = with stdenv.lib; {
description = "A collection of Domain Name System tools";
longDescription = "Includes software for all the fundamental DNS operations: DNS cache: finding addresses of Internet hosts; DNS server: publishing addresses of Internet hosts; and DNS client: talking to a DNS cache.";
homepage = https://cr.yp.to/djbdns.html;
license = licenses.publicDomain;
maintainers = with maintainers; [ jerith666 ];
};
}

View File

@ -0,0 +1,15 @@
--- a/hier.c 2016-04-19 21:22:21.992192405 -0400
+++ b/hier.c 2016-04-19 21:22:33.160229778 -0400
@@ -2,9 +2,9 @@
void hier()
{
- c("/","etc","dnsroots.global",-1,-1,0644);
+ c(auto_home,"etc","dnsroots.global",-1,-1,0644);
- h(auto_home,-1,-1,02755);
- d(auto_home,"bin",-1,-1,02755);
+ h(auto_home,-1,-1,0755);
+ d(auto_home,"bin",-1,-1,0755);
c(auto_home,"bin","dnscache-conf",-1,-1,0755);

View File

@ -1671,6 +1671,8 @@ with pkgs;
dev86 = callPackage ../development/compilers/dev86 { };
djbdns = callPackage ../tools/networking/djbdns { };
dnscrypt-proxy = callPackage ../tools/networking/dnscrypt-proxy { };
dnscrypt-wrapper = callPackage ../tools/networking/dnscrypt-wrapper { };