diff options
author | Ludovic Courtès <ludo@gnu.org> | 2014-07-12 23:14:10 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2014-07-12 23:17:54 +0200 |
commit | 927097effdab473d2a344e6de75a85ec734df5dc (patch) | |
tree | e723e5c38bac526c859fddc6420724f1ba6ef0aa /gnu/services/networking.scm | |
parent | 8897603ad02042f916911c406eb47f0b36d1f831 (diff) | |
download | patches-927097effdab473d2a344e6de75a85ec734df5dc.tar patches-927097effdab473d2a344e6de75a85ec734df5dc.tar.gz |
services: Add Tor service.
* gnu/services/networking.scm (tor-service): New procedure.
* doc/guix.texi (Networking Services): Document it.
* build-aux/hydra/demo-os.scm: Use it. Add TOR and TORSOCKS to
'packages'.
Diffstat (limited to 'gnu/services/networking.scm')
-rw-r--r-- | gnu/services/networking.scm | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 7abcd9ed15..502b0d85f1 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -18,11 +18,14 @@ (define-module (gnu services networking) #:use-module (gnu services) + #:use-module (gnu system shadow) #:use-module (gnu packages admin) #:use-module (gnu packages linux) + #:use-module (gnu packages tor) #:use-module (guix gexp) #:use-module (guix monads) - #:export (static-networking-service)) + #:export (static-networking-service + tor-service)) ;;; Commentary: ;;; @@ -85,4 +88,35 @@ gateway." #t))))) (respawn? #f))))) +(define* (tor-service #:key (tor tor)) + "Return a service to run the @uref{https://torproject.org,Tor} daemon. + +The daemon runs with the default settings (in particular the default exit +policy) as the @code{tor} unprivileged user." + (mlet %store-monad ((torrc (text-file "torrc" "User tor\n"))) + (return + (service + (provision '(tor)) + + ;; Tor needs at least one network interface to be up, hence the + ;; dependency on 'loopback'. + (requirement '(user-processes loopback)) + + (start #~(make-forkexec-constructor + (list (string-append #$tor "/bin/tor") "-f" #$torrc))) + (stop #~(make-kill-destructor)) + + (user-groups (list (user-group + (name "tor")))) + (user-accounts (list (user-account + (name "tor") + (group "tor") + (system? #t) + (comment "Tor daemon user") + (home-directory "/var/empty") + (shell + "/run/current-system/profile/sbin/nologin")))) + + (documentation "Run the Tor anonymous network overlay."))))) + ;;; networking.scm ends here |