mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-12 06:06:53 -05:00
services: dnsmasq: Add TFTP configuration fields.
* gnu/services/dns.scm (<dnsmasq-configuration>): Add TFTP configuration fields. (dnsmasq-shepherd-service): Use them. * doc/guix.texi (DNS Services): Document them.
This commit is contained in:
Danny Milosavljevic
parent
3e34f89980
commit
34d1c0a03b
2 changed files with 121 additions and 3 deletions
|
|
@ -23363,6 +23363,60 @@ disables caching.
|
||||||
@item @code{negative-cache?} (default: @code{#t})
|
@item @code{negative-cache?} (default: @code{#t})
|
||||||
When false, disable negative caching.
|
When false, disable negative caching.
|
||||||
|
|
||||||
|
@item @code{tftp-enable?} (default: @code{#f})
|
||||||
|
Whether to enable the built-in TFTP server.
|
||||||
|
|
||||||
|
@item @code{tftp-no-fail?} (default: @code{#f})
|
||||||
|
If true, does not fail dnsmasq if the TFTP server could not start up.
|
||||||
|
|
||||||
|
@item @code{tftp-single-port?} (default: @code{#f})
|
||||||
|
Whether to use only one single port for TFTP.
|
||||||
|
|
||||||
|
@item @code{tftp-secure?} (default: @code{#f})
|
||||||
|
If true, only files owned by the user running the dnsmasq process are accessible.
|
||||||
|
|
||||||
|
If dnsmasq is being run as root, different rules apply:
|
||||||
|
@code{tftp-secure?} has no effect, but only files which have the
|
||||||
|
world-readable bit set are accessible.
|
||||||
|
|
||||||
|
@item @code{tftp-max} (default: @code{#f})
|
||||||
|
If set, sets the maximal number of concurrent connections allowed.
|
||||||
|
|
||||||
|
@item @code{tftp-mtu} (default: @code{#f})
|
||||||
|
If set, sets the MTU for TFTP packets to that value.
|
||||||
|
|
||||||
|
@item @code{tftp-no-blocksize?} (default: @code{#f})
|
||||||
|
If true, stops the TFTP server from negotiating the blocksize with a client.
|
||||||
|
|
||||||
|
@item @code{tftp-lowercase?} (default: @code{#f})
|
||||||
|
Whether to convert all filenames in TFTP requests to lowercase.
|
||||||
|
|
||||||
|
@item @code{tftp-port-range} (default: @code{#f})
|
||||||
|
If set, fixes the dynamical ports (one per client) to the given range
|
||||||
|
(@code{"<start>,<end>"}).
|
||||||
|
|
||||||
|
@item @code{tftp-root} (default: @code{/var/empty,lo})
|
||||||
|
Look for files to transfer using TFTP relative to the given directory.
|
||||||
|
When this is set, TFTP paths which include ".." are rejected, to stop clients
|
||||||
|
getting outside the specified root. Absolute paths (starting with /) are
|
||||||
|
allowed, but they must be within the tftp-root. If the optional interface
|
||||||
|
argument is given, the directory is only used for TFTP requests via that
|
||||||
|
interface.
|
||||||
|
|
||||||
|
@item @code{tftp-unique-root} (default: @code{#f})
|
||||||
|
If set, add the IP or hardware address of the TFTP client as a path component
|
||||||
|
on the end of the TFTP-root. Only valid if a TFTP root is set and the
|
||||||
|
directory exists. Defaults to adding IP address (in standard dotted-quad
|
||||||
|
format).
|
||||||
|
|
||||||
|
For instance, if --tftp-root is "/tftp" and client 1.2.3.4 requests file
|
||||||
|
"myfile" then the effective path will be "/tftp/1.2.3.4/myfile" if
|
||||||
|
/tftp/1.2.3.4 exists or /tftp/myfile otherwise. When "=mac" is specified
|
||||||
|
it will append the MAC address instead, using lowercase zero padded digits
|
||||||
|
separated by dashes, e.g.: 01-02-03-04-aa-bb Note that resolving MAC
|
||||||
|
addresses is only possible if the client is in the local network or obtained
|
||||||
|
a DHCP lease from dnsmasq.
|
||||||
|
|
||||||
@end table
|
@end table
|
||||||
@end deftp
|
@end deftp
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -757,7 +757,29 @@ (define-record-type* <dnsmasq-configuration>
|
||||||
(cache-size dnsmasq-configuration-cache-size
|
(cache-size dnsmasq-configuration-cache-size
|
||||||
(default 150)) ;integer
|
(default 150)) ;integer
|
||||||
(negative-cache? dnsmasq-configuration-negative-cache?
|
(negative-cache? dnsmasq-configuration-negative-cache?
|
||||||
(default #t))) ;boolean
|
(default #t)) ;boolean
|
||||||
|
(tftp-enable? dnsmasq-configuration-tftp-enable?
|
||||||
|
(default #f)) ;boolean
|
||||||
|
(tftp-no-fail? dnsmasq-configuration-tftp-no-fail?
|
||||||
|
(default #f)) ;boolean
|
||||||
|
(tftp-single-port? dnsmasq-configuration-tftp-single-port?
|
||||||
|
(default #f)) ;boolean
|
||||||
|
(tftp-secure? dnsmasq-tftp-secure?
|
||||||
|
(default #f)) ;boolean
|
||||||
|
(tftp-max dnsmasq-tftp-max
|
||||||
|
(default #f)) ;integer
|
||||||
|
(tftp-mtu dnsmasq-tftp-mtu
|
||||||
|
(default #f)) ;integer
|
||||||
|
(tftp-no-blocksize? dnsmasq-tftp-no-blocksize?
|
||||||
|
(default #f)) ;boolean
|
||||||
|
(tftp-lowercase? dnsmasq-tftp-lowercase?
|
||||||
|
(default #f)) ;boolean
|
||||||
|
(tftp-port-range dnsmasq-tftp-port-range
|
||||||
|
(default #f)) ;string
|
||||||
|
(tftp-root dnsmasq-tftp-root
|
||||||
|
(default "/var/empty,lo")) ;string
|
||||||
|
(tftp-unique-root dnsmasq-tftp-unique-root
|
||||||
|
(default #f))) ;"" or "ip" or "mac"
|
||||||
|
|
||||||
(define dnsmasq-shepherd-service
|
(define dnsmasq-shepherd-service
|
||||||
(match-lambda
|
(match-lambda
|
||||||
|
|
@ -765,7 +787,12 @@ (define dnsmasq-shepherd-service
|
||||||
no-hosts?
|
no-hosts?
|
||||||
port local-service? listen-addresses
|
port local-service? listen-addresses
|
||||||
resolv-file no-resolv? servers
|
resolv-file no-resolv? servers
|
||||||
addresses cache-size negative-cache?)
|
addresses cache-size negative-cache?
|
||||||
|
tftp-enable? tftp-no-fail?
|
||||||
|
tftp-single-port? tftp-secure?
|
||||||
|
tftp-max tftp-mtu tftp-no-blocksize?
|
||||||
|
tftp-lowercase? tftp-port-range
|
||||||
|
tftp-root tftp-unique-root)
|
||||||
(shepherd-service
|
(shepherd-service
|
||||||
(provision '(dnsmasq))
|
(provision '(dnsmasq))
|
||||||
(requirement '(networking))
|
(requirement '(networking))
|
||||||
|
|
@ -794,7 +821,44 @@ (define dnsmasq-shepherd-service
|
||||||
#$(format #f "--cache-size=~a" cache-size)
|
#$(format #f "--cache-size=~a" cache-size)
|
||||||
#$@(if negative-cache?
|
#$@(if negative-cache?
|
||||||
'()
|
'()
|
||||||
'("--no-negcache")))
|
'("--no-negcache"))
|
||||||
|
#$@(if tftp-enable?
|
||||||
|
'("--enable-tftp")
|
||||||
|
'())
|
||||||
|
#$@(if tftp-no-fail?
|
||||||
|
'("--tftp-no-fail")
|
||||||
|
'())
|
||||||
|
#$@(if tftp-single-port?
|
||||||
|
'("--tftp-single-port")
|
||||||
|
'())
|
||||||
|
#$@(if tftp-secure?
|
||||||
|
'("--tftp-secure?")
|
||||||
|
'())
|
||||||
|
#$@(if tftp-max
|
||||||
|
(list (format #f "--tftp-max=~a" tftp-max))
|
||||||
|
'())
|
||||||
|
#$@(if tftp-mtu
|
||||||
|
(list (format #f "--tftp-mtu=~a" tftp-mtu))
|
||||||
|
'())
|
||||||
|
#$@(if tftp-no-blocksize?
|
||||||
|
'("--tftp-no-blocksize")
|
||||||
|
'())
|
||||||
|
#$@(if tftp-lowercase?
|
||||||
|
'("--tftp-lowercase")
|
||||||
|
'())
|
||||||
|
#$@(if tftp-port-range
|
||||||
|
(list (format #f "--tftp-port-range=~a"
|
||||||
|
tftp-port-range))
|
||||||
|
'())
|
||||||
|
#$@(if tftp-root
|
||||||
|
(list (format #f "--tftp-root=~a" tftp-root))
|
||||||
|
'())
|
||||||
|
#$@(if tftp-unique-root
|
||||||
|
(list
|
||||||
|
(if (> (length tftp-unique-root) 0)
|
||||||
|
(format #f "--tftp-unique-root=~a" tftp-unique-root)
|
||||||
|
(format #f "--tftp-unique-root")))
|
||||||
|
'()))
|
||||||
#:pid-file "/run/dnsmasq.pid"))
|
#:pid-file "/run/dnsmasq.pid"))
|
||||||
(stop #~(make-kill-destructor))))))
|
(stop #~(make-kill-destructor))))))
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue