(define-module (glicid services ntp)
               #:use-module (gnu packages bash)
               #:use-module (gnu packages ntp)
               #:use-module (gnu services)
               #:use-module (gnu services shepherd)
               #:use-module (gnu system shadow)
               #:use-module (guix)
               #:use-module (guix build utils)
               #:use-module (guix records)
               #:use-module (ice-9 match)
               #:use-module (glicid utils)
               #:export (
                         chronyd-configuration
                         chronyd-configuration?
                         chronyd-shepherd-service
                         chronyd-service-type
                         %default-chrony-conf
                         %chrony-group
                         %chrony-account
                         %chrony-accounts
                         ))

(define %default-chrony-conf
  (plain-file "chrony.conf" "
              pool pool.ntp.org iburst
              driftfile /var/lib/chrony/drift
              ntsdumpdir /var/lib/chrony
              leapsectz right/UTC
              makestep 1.0 3
              rtcsync
              keyfile /etc/chrony/chrony.keys
              "))

(define %chrony-group
  (user-group
    (name "chrony")
    (system? #t)))

(define %chrony-account
  (user-account
    (name "chrony")
    (group "chrony")
    (system? #t)
    (comment "chrony server user")
    (uid 969)
    (home-directory "/var/lib/chrony")
    (shell (file-append bash "/bin/bash"))))

(define %chrony-accounts
  (list %chrony-group %chrony-account))

(define-record-type* 
  <chronyd-configuration>
  chronyd-configuration make-chronyd-configuration
  chronyd-configuration?
  (chronyd-pkg chronyd-pkg (default chrony))
  (config-file config-file (default %default-chrony-conf))
  (pid-file pid-file (default "/var/run/chrony/chronyd.pid"))
  (log-file log-file (default "/var/log/chrony/chrony.log")))

(define chronyd-shepherd-service
  (match-lambda
    (($ <chronyd-configuration> chronyd-pkg config-file pid-file log-file )
     (list
       (shepherd-service
         (provision '(chronyd))
         (documentation "Run chronyd.")
         (requirement '(user-processes))
         (respawn? #t)
         (start #~(make-forkexec-constructor
                    (list
                      #$(file-append chronyd-pkg "/sbin/chronyd")
                      "-d"
                      "-f" #$config-file
                      )
                    #:pid-file #$pid-file 
                    #:log-file #$log-file))
         (stop #~(make-kill-destructor)))))))

(define %chronyd-activation
  #~(begin
      (mkdir-p "/var/run/chrony")
      (mkdir-p "/var/lib/chrony")
      (mkdir-p "/var/log/chrony")
      (chown "/var/run/chrony" (passwd:uid (getpwnam "chrony")) (passwd:gid (getpwnam "chrony")))
      (chown "/var/lib/chrony" (passwd:uid (getpwnam "chrony")) (passwd:gid (getpwnam "chrony")))
      (chown "/var/log/chrony" (passwd:uid (getpwnam "chrony")) (passwd:gid (getpwnam "chrony")))
      (chmod "/var/run/chrony" #o770)
      #t))

(define chronyd-service-type
  (service-type 
    (name 'chronyd)
    (extensions (list
                  (service-extension shepherd-root-service-type chronyd-shepherd-service)
                  (service-extension activation-service-type (const %chronyd-activation))
                  (service-extension account-service-type (const %chrony-accounts))
                  ))
    (description "Run chronyd.")))