diff --git a/glicid/services/networking.scm b/glicid/services/networking.scm index baef292..8e2b6d5 100644 --- a/glicid/services/networking.scm +++ b/glicid/services/networking.scm @@ -1,7 +1,9 @@ (define-module (glicid services networking) + #:use-module (gnu packages bash) #:use-module (gnu packages networking) #:use-module (gnu services) #:use-module (gnu services shepherd) + #:use-module (gnu system shadow) #:use-module (guix) #:use-module (guix records) #:use-module (ice-9 match) @@ -22,6 +24,9 @@ (port squid-configuration-port (default 3128) ) + (loglevel squid-configuration-loglevel + (default 1) + ) (pid-file squid-configuration-pid-file (default "/var/run/squid/squid.pid") ) @@ -45,25 +50,25 @@ (start #~(make-forkexec-constructor (list #$(file-append squid "/sbin/squid") - "-d 1" - "--foreground" + "-d" #$loglevel + "-N" "-f" #$config-file ) #:pid-file #$pid-file #:log-file #$log-file - #:user (passwd:uid (getpwnam "nobody")) + #:user (passwd:uid (getpwnam "squid")) )) (stop #~(exec-command (list #$(file-append squid "/sbin/squid") - "-d 1" - "--foreground" + "-d" #$loglevel + "-N" "-k" "shutdown" "-f" #$config-file ) #:pid-file #$pid-file #:log-file #$log-file - #:user (passwd:uid (getpwnam "nobody")) + #:user (passwd:uid (getpwnam "squid")) )) (actions (list (shepherd-action @@ -72,14 +77,46 @@ (procedure #~(exec-command (list #$(file-append squid "/sbin/squid") - "-d 1" - "--foreground" + "-d" #$loglevel + "-N" "-k" "reconfigure" "-f" #$config-file ) #:pid-file #$pid-file #:log-file #$log-file - #:user (passwd:uid (getpwnam "nobody")) + #:user (passwd:uid (getpwnam "squid")) + )) + ) + (shepherd-action + (name 'check-config) + (documentation "Check the settings file from disk.") + (procedure #~(exec-command + (list + #$(file-append squid "/sbin/squid") + "-d" #$loglevel + "-N" + "-k" "parse" + "-f" #$config-file + ) + #:pid-file #$pid-file + #:log-file #$log-file + #:user (passwd:uid (getpwnam "squid")) + )) + ) + (shepherd-action + (name 'kill) + (documentation "Ultimatly kill the squid process.") + (procedure #~(exec-command + (list + #$(file-append squid "/sbin/squid") + "-d" #$loglevel + "-N" + "-k" "kill" + "-f" #$config-file + ) + #:pid-file #$pid-file + #:log-file #$log-file + #:user (passwd:uid (getpwnam "squid")) )) ) )) @@ -104,24 +141,39 @@ (touch "/var/log/squid/squid_access.log") (touch "/var/log/squid/squid_cache.log") (touch "/var/log/squid/squid_cache_store.log") - (chown "/var/run/squid" (passwd:uid (getpwnam "nobody"))) - (chown "/var/log/squid" (passwd:uid (getpwnam "nobody"))) - (chown "/var/cache/squid" (passwd:uid (getpwnam "nobody"))) - (chown "/var/spool/squid" (passwd:uid (getpwnam "nobody"))) - (chown "/var/log/squid/squid_access.log" (passwd:uid (getpwnam "nobody"))) - (chown "/var/log/squid/squid_cache.log" (passwd:uid (getpwnam "nobody"))) - (chown "/var/log/squid/squid_cache_store.log" (passwd:uid (getpwnam "nobody"))) + (chown "/var/run/squid" (passwd:uid (getpwnam "squid"))) + (chown "/var/log/squid" (passwd:uid (getpwnam "squid"))) + (chown "/var/cache/squid" (passwd:uid (getpwnam "squid"))) + (chown "/var/spool/squid" (passwd:uid (getpwnam "squid"))) + (chown "/var/log/squid/squid_access.log" (passwd:uid (getpwnam "squid"))) + (chown "/var/log/squid/squid_cache.log" (passwd:uid (getpwnam "squid"))) + (chown "/var/log/squid/squid_cache_store.log" (passwd:uid (getpwnam "squid"))) #t ) ) ) +(define %squid-accounts + (list + (user-group (name "squid") (system? #t)) + (user-account + (name "squid") + (group "squid") + (system? #t) + (comment "Squid server user") + (home-directory "/var/spool/squid") + (shell (file-append bash "/bin/bash")) + ) + ) +) + (define squid-service-type (service-type (name 'squid) (extensions (list (service-extension shepherd-root-service-type squid-shepherd-service) (service-extension activation-service-type (const %squid-activation)) + (service-extension account-service-type (const %squid-accounts)) ) ) (description "Run @uref{http://www.squid-cache.org/, squid} community developped Squid software.")