summaryrefslogtreecommitdiff
path: root/gnu/services
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2016-06-17 11:09:46 +0200
committerLudovic Courtès <ludo@gnu.org>2016-06-17 11:14:18 +0200
commita1b484654af07303813a215d4e04c0e4e7b199e5 (patch)
tree66c29feaddb46afb1e825affada6c7e71620b45d /gnu/services
parent025597393c0fbdab17d1784e365330b9326c027f (diff)
downloadpatches-a1b484654af07303813a215d4e04c0e4e7b199e5.tar
patches-a1b484654af07303813a215d4e04c0e4e7b199e5.tar.gz
services: dicod: Add 'interfaces' configuration field.
This makes 'dicod' listen on 'localhost' by default, whereas it was previously listening on all the interfaces, which is not a good default security-wise. * gnu/services/dict.scm (<dicod-configuration>)[interfaces]: New field. (dicod-configuration-file)[database->text]: New procedure, with code formerly in 'dicod-configuration->text'. [dicod-configuration->text]: Rename to... [configuration->text]: ... this. Honor 'interfaces'. * doc/guix.texi (Various Services): Document 'interfaces'.
Diffstat (limited to 'gnu/services')
-rw-r--r--gnu/services/dict.scm24
1 files changed, 16 insertions, 8 deletions
diff --git a/gnu/services/dict.scm b/gnu/services/dict.scm
index abab6a3eba..9c06d5713a 100644
--- a/gnu/services/dict.scm
+++ b/gnu/services/dict.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -42,6 +43,8 @@
dicod-configuration make-dicod-configuration
dicod-configuration?
(dico dicod-configuration-dico (default dico))
+ (interfaces dicod-configuration-interfaces ;list of strings
+ (default '("localhost")))
(databases dicod-configuration-databases
;; list of <dicod-database>
(default (list %dicod-database:gcide))))
@@ -72,20 +75,25 @@
(shell #~(string-append #$shadow "/sbin/nologin")))))
(define (dicod-configuration-file config)
- (define dicod-configuration->text
+ (define database->text
(match-lambda
- (($ <dicod-configuration> dico databases)
- (append-map (match-lambda
- (($ <dicod-database> name module options)
- `("
+ (($ <dicod-database> name module options)
+ `("
load-module " ,module ";
database {
name \"" ,name "\";
handler \"" ,module
(string-join (list ,@options) " " 'prefix) "\";
-}\n")))
- databases))))
- (apply mixed-text-file "dicod.conf" (dicod-configuration->text config)))
+}\n"))))
+
+ (define configuration->text
+ (match-lambda
+ (($ <dicod-configuration> dico (interfaces ...) databases)
+ (append `("listen ("
+ ,(string-join interfaces ", ") ");\n")
+ (append-map database->text databases)))))
+
+ (apply mixed-text-file "dicod.conf" (configuration->text config)))
(define %dicod-activation
#~(begin