gnu: services: Add darkstat service.

* gnu/services/monitoring.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (Monitoring Services): Document it.

3 files changed, 134 insertions, 0 deletions

diff --git a/doc/guix.texi b/doc/guix.texi
index bde0b5d8d0..e9ee5127a8 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -14727,6 +14727,48 @@ the 2nd element of the pair is the password.
 @end deftp
 
 
+@subsubheading Darkstat Service
+@cindex darkstat
+Darkstat is a packet sniffer that captures network traffic, calculates
+statistics about usage, and serves reports over HTTP.
+
+@defvar {Scheme Variable} darkstat-service-type
+This is the service type for the
+@uref{https://unix4lyfe.org/darkstat/, darkstat}
+service,  its value must be a @code{darkstat-configuration} record as in
+this example:
+
+@example
+(service darkstat-service-type
+         (darkstat-configuration
+           (interface "eno1")))
+@end example
+@end defvar
+
+@deftp {Data Type} darkstat-configuration
+Data type representing the configuration of @command{darkstat}.
+
+@table @asis
+@item @code{package} (default: @code{darkstat})
+The darkstat package to use.
+
+@item @code{interface}
+Capture traffic on the specified network interface.
+
+@item @code{port} (default: @code{"667"})
+Bind the web interface to the specified port.
+
+@item @code{bind-address} (default: @code{"127.0.0.1"})
+Bind the web interface to the specified address.
+
+@item @code{base} (default: @code{"/"})
+Specify the path of the base URL.  This can be useful if
+@command{darkstat} is accessed via a reverse proxy.
+
+@end table
+@end deftp
+
+
 @node Kerberos Services
 @subsubsection Kerberos Services
 @cindex Kerberos
diff --git a/gnu/local.mk b/gnu/local.mk
index d4e8419217..98cad36350 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -460,6 +460,7 @@ GNU_SYSTEM_MODULES =				\
   %D%/services/mail.scm				\
   %D%/services/mcron.scm			\
   %D%/services/messaging.scm			\
+  %D%/services/monitoring.scm			\
   %D%/services/networking.scm			\
   %D%/services/nfs.scm			\
   %D%/services/shepherd.scm			\
diff --git a/gnu/services/monitoring.scm b/gnu/services/monitoring.scm
new file mode 100644
index 0000000000..49a65db4b5
--- /dev/null
+++ b/gnu/services/monitoring.scm
@@ -0,0 +1,91 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2018 Sou Bunnbu <iyzsong@member.fsf.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu services monitoring)
+  #:use-module (gnu services)
+  #:use-module (gnu services shepherd)
+  #:use-module (gnu packages admin)
+  #:use-module (gnu packages monitoring)
+  #:use-module (gnu system shadow)
+  #:use-module (guix gexp)
+  #:use-module (guix records)
+  #:use-module (ice-9 match)
+  #:export (darkstat-configuration
+            darkstat-service-type))
+
+
+;;;
+;;; darkstat
+;;;
+
+(define-record-type* <darkstat-configuration>
+  darkstat-configuration make-darkstat-configuration darkstat-configuration?
+  (package      darkstat-configuration-package
+                (default darkstat))
+  (interface    darkstat-configuration-interface)
+  (port         darkstat-configuration-port
+                (default "667"))
+  (bind-address darkstat-configuration-bind-address
+                (default "127.0.0.1"))
+  (base         darkstat-configuration-base
+                (default "/")))
+
+(define %darkstat-accounts
+  (list (user-account
+         (name "darkstat")
+         (group "darkstat")
+         (system? #t)
+         (comment "darkstat daemon user")
+         (home-directory "/var/lib/darkstat")
+         (shell (file-append shadow "/sbin/nologin")))
+        (user-group
+         (name "darkstat")
+         (system? #t))))
+
+(define darkstat-shepherd-service
+  (match-lambda
+    (($ <darkstat-configuration>
+        package interface port bind-address base)
+     (shepherd-service
+      (documentation "Network statistics gatherer.")
+      (provision '(darkstat))
+      (requirement '(networking))
+      (start #~(make-forkexec-constructor
+                (list #$(file-append package "/sbin/darkstat")
+                      "-i" #$interface
+                      "-p" #$port
+                      "-b" #$bind-address
+                      "--base" #$base
+                      "--syslog" "--no-daemon"
+                      "--chroot" "/var/lib/darkstat"
+                      "--user" "darkstat"
+                      "--import" "darkstat.db"
+                      "--export" "darkstat.db")))
+      (stop #~(make-kill-destructor))))))
+
+(define darkstat-service-type
+  (service-type
+   (name 'darkstat)
+   (description
+    "Run @command{darkstat} to serve network traffic statictics reports over
+HTTP.")
+   (extensions
+    (list (service-extension account-service-type
+                             (const %darkstat-accounts))
+          (service-extension shepherd-root-service-type
+                             (compose list darkstat-shepherd-service))))))