diff options
| author | pinoaffe <pinoaffe@airmail.cc> | 2020-04-28 17:00:23 +0200 |
|---|---|---|
| committer | Guix Patches Tester <> | 2020-04-28 16:06:15 +0100 |
| commit | d3f423787993070cbeec63217cb086f39fbda51c (patch) | |
| tree | 5c05a3eeb976b0b658824d130f14e9421a97eceb | |
| parent | 085948fbfc8aef4370d8df8784bbd239c333fa99 (diff) | |
| download | patches-series-3723.tar patches-series-3723.tar.gz | |
services: mpd: Allow authentication and permissions to be configured.series-3723
* gnu/services/audio.scm (mpd-credential): New public variable.
* gnu/services/audio.scm (mpd-configuration): Add credentials
and permissions.
| -rw-r--r-- | doc/guix.texi | 26 | ||||
| -rw-r--r-- | gnu/services/audio.scm | 79 |
2 files changed, 83 insertions, 22 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index f779281e05..c6693aa216 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -23271,6 +23271,32 @@ an absolute path can be specified here. @item @code{outputs} (default: @code{"(list (mpd-output))"}) The audio outputs that MPD can use. By default this is a single output using pulseaudio. +@item @code{default-permissions} (default: @code{'(read add control admin)}) +The permissions a user that connected to the mpd server without a password should enjoy. +Should be a subset of @code{'(read add control admin)}. + +@item @code{credentials} (default: @code{'()}) +The list of credentials one can use to sign in to mpd and gain extra permissions. By +default this is an empty list. + +@end table +@end deftp + +@deftp {Data Type} mpd-credential +Data type representing an @command{mpd} password/permissions pair. + +@table @asis +@item @code{password} (default: @code{""}) +The password used to authenticate. The password may not contain "@". +Warning: due to limitations of the mpd configuration system, the generated mpd config +(which is stored in the guix store and is readable to all users) will include a +plaintext copy of the provided password(s). + +@item @code{permissions} (default: @code{'()}) +The permissions one gains after authenticating to the server using @code{password}. +This should be a subset of @code{'(read add control admin)}, as in +@code{default-permissions}. + @end table @end deftp diff --git a/gnu/services/audio.scm b/gnu/services/audio.scm index 345d8225b2..9a6dc8db94 100644 --- a/gnu/services/audio.scm +++ b/gnu/services/audio.scm @@ -26,6 +26,8 @@ #:use-module (ice-9 match) #:export (mpd-output mpd-output? + mpd-credential + mpd-credential? mpd-configuration mpd-configuration? mpd-service-type)) @@ -36,6 +38,16 @@ ;;; ;;; Code: +(define-record-type* <mpd-credential> + mpd-credential make-mpd-credential + mpd-credential? + (password mpd-credential-password + ;; valid: any string that does not contain #\@ + (default "")) + (permissions mpd-credential-permissions + ;; valid: any subset of read, add, control and admin + (default '()))) + (define-record-type* <mpd-output> mpd-output make-mpd-output mpd-output? @@ -58,24 +70,41 @@ (define-record-type* <mpd-configuration> mpd-configuration make-mpd-configuration mpd-configuration? - (user mpd-configuration-user - (default "mpd")) - (music-dir mpd-configuration-music-dir - (default "~/Music")) - (playlist-dir mpd-configuration-playlist-dir - (default "~/.mpd/playlists")) - (db-file mpd-configuration-db-file - (default "~/.mpd/tag_cache")) - (state-file mpd-configuration-state-file - (default "~/.mpd/state")) - (sticker-file mpd-configuration-sticker-file - (default "~/.mpd/sticker.sql")) - (port mpd-configuration-port - (default "6600")) - (address mpd-configuration-address - (default "any")) - (outputs mpd-configuration-outputs - (default (list (mpd-output))))) + (user mpd-configuration-user + (default "mpd")) + (music-dir mpd-configuration-music-dir + (default "~/Music")) + (playlist-dir mpd-configuration-playlist-dir + (default "~/.mpd/playlists")) + (db-file mpd-configuration-db-file + (default "~/.mpd/tag_cache")) + (state-file mpd-configuration-state-file + (default "~/.mpd/state")) + (sticker-file mpd-configuration-sticker-file + (default "~/.mpd/sticker.sql")) + (port mpd-configuration-port + (default "6600")) + (address mpd-configuration-address + (default "any")) + (credentials mpd-configuration-credentials + (default '())) + (default-permissions mpd-configuration-default-permissions + (default '(read add control admin))) + (outputs mpd-configuration-outputs + (default (list (mpd-output))))) + +(define (mpd-permissions->string permissions) + (string-join (map symbol->string + permissions) + ",")) + +(define (mpd-credential->string credential) + "Convert the USER of type <mpd-credential> to a configuration file snippet." + (format #f + "password \"~a@~a\"\n" + (mpd-credential-password credential) + (mpd-permissions->string + (mpd-credential-permissions credential)))) (define (mpd-output->string output) "Convert the OUTPUT of type <mpd-output> to a configuration file snippet." @@ -110,8 +139,14 @@ audio_output { (apply mixed-text-file "mpd.conf" "pid_file \"" (mpd-file-name config "pid") "\"\n" + "default_permissions \"" + (mpd-permissions->string + (mpd-configuration-default-permissions config)) + "\"\n" (append (map mpd-output->string (mpd-configuration-outputs config)) + (map mpd-credential->string + (mpd-configuration-credentials config)) (map (match-lambda ((config-name config-val) (string-append config-name " \"" (config-val config) "\"\n"))) @@ -143,10 +178,10 @@ audio_output { #:environment-variables ;; Required to detect PulseAudio when run under a user account. '(#$(string-append - "XDG_RUNTIME_DIR=/run/user/" - (number->string - (passwd:uid - (getpwnam (mpd-configuration-user config)))))) + "XDG_RUNTIME_DIR=/run/user/" + (number->string + (passwd:uid + (getpwnam (mpd-configuration-user config)))))) #:log-file #$(mpd-file-name config "log"))) (stop #~(make-kill-destructor)))) |