home: Add parcimonie service.

* gnu/home/services/gnupg.scm (home-parcimonie-service-type,
home-parcimonie-configuration): New variables.
* doc/guix.texi (GNU Privacy Guard): Document it.

doc/guix.texi

@@ -43944,6 +43944,62 @@ Extra content appended as-is to this @code{Host} block in
 
 @end deftp
 
+@cindex Parcimonie, Home service
+The @code{parcimonie} service runs a daemon that slowly refreshes a GnuPG
+public key from a keyserver.  It refreshes one key at a time; between every
+key update parcimonie sleeps a random amount of time, long enough for the
+previously used Tor circuit to expire.  This process is meant to make it hard
+for an attacker to correlate the multiple key update.
+
+As an example, here is how you would configure @code{parcimonie} to refresh the
+keys in your GnuPG keyring, as well as those keyrings created by Guix, such as
+when running @code{guix import}:
+
+@lisp
+(service home-parcimonie-service-type
+         (home-parcimonie-configuration
+           (refresh-guix-keyrings? #t)))
+@end lisp
+
+This assumes that the Tor anonymous routing daemon is already running on your
+system.  On Guix System, this can be achieved by setting up
+@code{tor-service-type} (@pxref{Networking Services, @code{tor-service-type}}).
+
+The service reference is given below.
+
+@defvar parcimonie-service-type
+This is the service type for @command{parcimonie}
+(@uref{https://salsa.debian.org/intrigeri/parcimonie, Parcimonie's web site}).
+Its value must be a @code{home-parcimonie-configuration}, as shown below.
+@end defvar
+
+@c %start of fragment
+
+@deftp {Data Table} home-parcimonie-configuration
+Available @code{home-parcimonie-configuration} fields are:
+
+@table @asis
+@item @code{parcimonie} (default: @code{parcimonie}) (type: file-like)
+The parcimonie package to use.
+
+@item @code{verbose?} (default: @code{#f}) (type: boolean)
+Whether to have more verbose logging from the service.
+
+@item @code{gnupg-already-torified?} (default: @code{#f}) (type: boolean)
+Whether GnuPG is already configured to pass all traffic through
+@uref{https://torproject.org, Tor}.
+
+@item @code{refresh-guix-keyrings?} (default: @code{#f}) (type: boolean)
+Guix creates a few keyrings in the @var{$XDG_CONFIG_DIR}, such as when running
+@code{guix import} (@pxref{Invoking guix import}).  Setting this to @code{#t}
+will also refresh any keyrings which Guix has created.
+
+@item @code{extra-content} (default: @code{#f}) (type: raw-configuration-string)
+Raw content to add to the parcimonie command.
+
+@end table
+
+@end deftp
 
 @c %end of fragment
 

gnu/home/services/gnupg.scm

@@ -1,5 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2023 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2023 Efraim Flashner <efraim@flashner.co.il>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -23,7 +24,7 @@ (define-module (gnu home services gnupg)
   #:use-module (gnu services configuration)
   #:use-module (gnu home services)
   #:use-module (gnu home services shepherd)
-  #:autoload   (gnu packages gnupg) (gnupg pinentry)
+  #:autoload   (gnu packages gnupg) (gnupg pinentry parcimonie)
   #:export (home-gpg-agent-configuration
             home-gpg-agent-configuration?
             home-gpg-agent-configuration-gnupg
@@ -34,7 +35,16 @@ (define-module (gnu home services gnupg)
             home-gpg-agent-configuration-max-cache-ttl-ssh
             home-gpg-agent-configuration-extra-content
 
-            home-gpg-agent-service-type))
+            home-gpg-agent-service-type
+
+            home-parcimonie-configuration
+            home-parcimonie-configuration?
+            home-parcimonie-configuration-parcimonie
+            home-parcimonie-configuration-gnupg-already-torified?
+            home-parcimonie-configuration-refresh-guix-keyrings?
+            home-parcimonie-configuration-extra-content
+
+            home-parcimonie-service-type))
 
 (define raw-configuration-string? string?)
 
@@ -148,3 +158,68 @@ (define home-gpg-agent-service-type
 managing OpenPGP and optionally SSH private keys.  When SSH support is
 enabled, @command{gpg-agent} acts as a drop-in replacement for OpenSSH's
 @command{ssh-agent}.")))
+
+(define-configuration/no-serialization home-parcimonie-configuration
+  (parcimonie
+    (file-like parcimonie)
+    "The parcimonie package to use.")
+  (verbose?
+    (boolean #f)
+    "Provide extra output to the log file.")
+  (gnupg-aleady-torified?
+    (boolean #f)
+    "GnuPG is already configured to use tor and parcimonie won't attempt to use
+tor directly.")
+  (refresh-guix-keyrings?
+    (boolean #f)
+    "Also refresh any Guix keyrings found in the XDG_CONFIG_DIR.")
+  (extra-content
+    (raw-configuration-string "")
+    "Raw content to add to the parcimonie service."))
+
+(define (home-parcimonie-shepherd-service config)
+  "Return a user service to run parcimonie."
+  (match-record config <home-parcimonie-configuration>
+    (parcimonie verbose? gnupg-aleady-torified?
+                refresh-guix-keyrings? extra-content)
+    (let ((log-file #~(string-append %user-log-dir "/parcimonie.log")))
+      (list (shepherd-service
+              (provision '(parcimonie))
+              (modules '((shepherd support)   ;for '%user-log-dir'
+                         (guix build utils)
+                         (srfi srfi-1)))
+              (start #~(make-forkexec-constructor
+                         (cons*
+                           #$(file-append parcimonie "/bin/parcimonie")
+                           #$@(if verbose?
+                                '("--verbose")
+                                '())
+                           #$@(if gnupg-aleady-torified?
+                                '("--gnupg_already_torified")
+                                '())
+                           #$@(if (not (string=? extra-content ""))
+                                (list extra-content)
+                                '())
+                           #$@(if refresh-guix-keyrings?
+                                '((append-map
+                                    (lambda (item)
+                                      (list (string-append "--gnupg_extra_args="
+                                                           "--keyring=" item)))
+                                    (find-files
+                                      (string-append (getenv "XDG_CONFIG_HOME") "/guix")
+                                      "^trustedkeys\\.kbx$")))
+                                '((list))))
+                         #:log-file #$log-file))
+              (stop #~(make-kill-destructor))
+              (respawn? #t)
+              (documentation "Incrementally refresh gnupg keyring over Tor"))))))
+
+(define home-parcimonie-service-type
+  (service-type
+   (name 'home-parcimonie)
+   (extensions
+    (list (service-extension home-shepherd-service-type
+                             home-parcimonie-shepherd-service)))
+   (default-value (home-parcimonie-configuration))
+   (description
+    "Incrementally refresh GnuPG keyrings over Tor.")))