aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorpinoaffe <pinoaffe@airmail.cc>2020-04-28 17:00:23 +0200
committerGuix Patches Tester <>2020-04-28 16:06:15 +0100
commitd3f423787993070cbeec63217cb086f39fbda51c (patch)
tree5c05a3eeb976b0b658824d130f14e9421a97eceb
parent085948fbfc8aef4370d8df8784bbd239c333fa99 (diff)
downloadpatches-series-3723.tar
patches-series-3723.tar.gz
services: mpd: Allow authentication and permissions to be configured.series-3723
* gnu/services/audio.scm (mpd-credential): New public variable. * gnu/services/audio.scm (mpd-configuration): Add credentials and permissions.
-rw-r--r--doc/guix.texi26
-rw-r--r--gnu/services/audio.scm79
2 files changed, 83 insertions, 22 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index f779281e05..c6693aa216 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -23271,6 +23271,32 @@ an absolute path can be specified here.
@item @code{outputs} (default: @code{"(list (mpd-output))"})
The audio outputs that MPD can use. By default this is a single output using pulseaudio.
+@item @code{default-permissions} (default: @code{'(read add control admin)})
+The permissions a user that connected to the mpd server without a password should enjoy.
+Should be a subset of @code{'(read add control admin)}.
+
+@item @code{credentials} (default: @code{'()})
+The list of credentials one can use to sign in to mpd and gain extra permissions. By
+default this is an empty list.
+
+@end table
+@end deftp
+
+@deftp {Data Type} mpd-credential
+Data type representing an @command{mpd} password/permissions pair.
+
+@table @asis
+@item @code{password} (default: @code{""})
+The password used to authenticate. The password may not contain "@".
+Warning: due to limitations of the mpd configuration system, the generated mpd config
+(which is stored in the guix store and is readable to all users) will include a
+plaintext copy of the provided password(s).
+
+@item @code{permissions} (default: @code{'()})
+The permissions one gains after authenticating to the server using @code{password}.
+This should be a subset of @code{'(read add control admin)}, as in
+@code{default-permissions}.
+
@end table
@end deftp
diff --git a/gnu/services/audio.scm b/gnu/services/audio.scm
index 345d8225b2..9a6dc8db94 100644
--- a/gnu/services/audio.scm
+++ b/gnu/services/audio.scm
@@ -26,6 +26,8 @@
#:use-module (ice-9 match)
#:export (mpd-output
mpd-output?
+ mpd-credential
+ mpd-credential?
mpd-configuration
mpd-configuration?
mpd-service-type))
@@ -36,6 +38,16 @@
;;;
;;; Code:
+(define-record-type* <mpd-credential>
+ mpd-credential make-mpd-credential
+ mpd-credential?
+ (password mpd-credential-password
+ ;; valid: any string that does not contain #\@
+ (default ""))
+ (permissions mpd-credential-permissions
+ ;; valid: any subset of read, add, control and admin
+ (default '())))
+
(define-record-type* <mpd-output>
mpd-output make-mpd-output
mpd-output?
@@ -58,24 +70,41 @@
(define-record-type* <mpd-configuration>
mpd-configuration make-mpd-configuration
mpd-configuration?
- (user mpd-configuration-user
- (default "mpd"))
- (music-dir mpd-configuration-music-dir
- (default "~/Music"))
- (playlist-dir mpd-configuration-playlist-dir
- (default "~/.mpd/playlists"))
- (db-file mpd-configuration-db-file
- (default "~/.mpd/tag_cache"))
- (state-file mpd-configuration-state-file
- (default "~/.mpd/state"))
- (sticker-file mpd-configuration-sticker-file
- (default "~/.mpd/sticker.sql"))
- (port mpd-configuration-port
- (default "6600"))
- (address mpd-configuration-address
- (default "any"))
- (outputs mpd-configuration-outputs
- (default (list (mpd-output)))))
+ (user mpd-configuration-user
+ (default "mpd"))
+ (music-dir mpd-configuration-music-dir
+ (default "~/Music"))
+ (playlist-dir mpd-configuration-playlist-dir
+ (default "~/.mpd/playlists"))
+ (db-file mpd-configuration-db-file
+ (default "~/.mpd/tag_cache"))
+ (state-file mpd-configuration-state-file
+ (default "~/.mpd/state"))
+ (sticker-file mpd-configuration-sticker-file
+ (default "~/.mpd/sticker.sql"))
+ (port mpd-configuration-port
+ (default "6600"))
+ (address mpd-configuration-address
+ (default "any"))
+ (credentials mpd-configuration-credentials
+ (default '()))
+ (default-permissions mpd-configuration-default-permissions
+ (default '(read add control admin)))
+ (outputs mpd-configuration-outputs
+ (default (list (mpd-output)))))
+
+(define (mpd-permissions->string permissions)
+ (string-join (map symbol->string
+ permissions)
+ ","))
+
+(define (mpd-credential->string credential)
+ "Convert the USER of type <mpd-credential> to a configuration file snippet."
+ (format #f
+ "password \"~a@~a\"\n"
+ (mpd-credential-password credential)
+ (mpd-permissions->string
+ (mpd-credential-permissions credential))))
(define (mpd-output->string output)
"Convert the OUTPUT of type <mpd-output> to a configuration file snippet."
@@ -110,8 +139,14 @@ audio_output {
(apply
mixed-text-file "mpd.conf"
"pid_file \"" (mpd-file-name config "pid") "\"\n"
+ "default_permissions \""
+ (mpd-permissions->string
+ (mpd-configuration-default-permissions config))
+ "\"\n"
(append (map mpd-output->string
(mpd-configuration-outputs config))
+ (map mpd-credential->string
+ (mpd-configuration-credentials config))
(map (match-lambda
((config-name config-val)
(string-append config-name " \"" (config-val config) "\"\n")))
@@ -143,10 +178,10 @@ audio_output {
#:environment-variables
;; Required to detect PulseAudio when run under a user account.
'(#$(string-append
- "XDG_RUNTIME_DIR=/run/user/"
- (number->string
- (passwd:uid
- (getpwnam (mpd-configuration-user config))))))
+ "XDG_RUNTIME_DIR=/run/user/"
+ (number->string
+ (passwd:uid
+ (getpwnam (mpd-configuration-user config))))))
#:log-file #$(mpd-file-name config "log")))
(stop #~(make-kill-destructor))))