03/03: services: tor: Run in a container.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

03/03: services: tor: Run in a container.

From:	Ludovic Court�s
Subject:	03/03: services: tor: Run in a container.
Date:	Wed, 12 Apr 2017 18:12:50 -0400 (EDT)

civodul pushed a commit to branch master
in repository guix.

commit ee295346ce81c276ffb4ee34cc6f5b134b415097
Author: Ludovic Courtès <address@hidden>
Date:   Wed Apr 12 16:44:18 2017 +0200

    services: tor: Run in a container.
    
    * gnu/services/networking.scm (tor-shepherd-service): Use (gnu build
    shepherd) and use 'make-forkexec-constructor/container' instead of
    'make-forkexec-constructor'.
---
 gnu/services/networking.scm | 32 +++++++++++++++++++++++---------
 1 file changed, 23 insertions(+), 9 deletions(-)

diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index 85fc0b8..ae9b8f8 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -595,17 +595,31 @@ HiddenServicePort ~a ~a~%"
   (match config
     (($ <tor-configuration> tor)
      (let ((torrc (tor-configuration->torrc config)))
-       (list (shepherd-service
-              (provision '(tor))
+       (with-imported-modules (source-module-closure
+                               '((gnu build shepherd)
+                                 (gnu system file-systems)))
+         (list (shepherd-service
+                (provision '(tor))
 
-              ;; Tor needs at least one network interface to be up, hence the
-              ;; dependency on 'loopback'.
-              (requirement '(user-processes loopback syslogd))
+                ;; Tor needs at least one network interface to be up, hence the
+                ;; dependency on 'loopback'.
+                (requirement '(user-processes loopback syslogd))
 
-              (start #~(make-forkexec-constructor
-                        (list (string-append #$tor "/bin/tor") "-f" #$torrc)))
-              (stop #~(make-kill-destructor))
-              (documentation "Run the Tor anonymous network overlay.")))))))
+                (modules '((gnu build shepherd)
+                           (gnu system file-systems)))
+
+                (start #~(make-forkexec-constructor/container
+                          (list #$(file-append tor "/bin/tor") "-f" #$torrc)
+
+                          #:mappings (list (file-system-mapping
+                                            (source "/var/lib/tor")
+                                            (target source)
+                                            (writable? #t))
+                                           (file-system-mapping
+                                            (source "/dev/log") ;for syslog
+                                            (target source)))))
+                (stop #~(make-kill-destructor))
+                (documentation "Run the Tor anonymous network overlay."))))))))
 
 (define (tor-hidden-service-activation config)
   "Return the activation gexp for SERVICES, a list of hidden services."

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (0128630 -> ee29534), Ludovic Court�s, 2017/04/12
- 02/03: file-systems: Allow for bind-mounts of named sockets., Ludovic Court�s, 2017/04/12
- 03/03: services: tor: Run in a container., Ludovic Court�s <=
- 01/03: services: Define '%linux-bare-metal-service' using 'simple-service'., Ludovic Court�s, 2017/04/12

Prev by Date: 02/03: file-systems: Allow for bind-mounts of named sockets.
Next by Date: branch master updated (0128630 -> ee29534)
Previous by thread: 02/03: file-systems: Allow for bind-mounts of named sockets.
Next by thread: 01/03: services: Define '%linux-bare-metal-service' using 'simple-service'.
Index(es):
- Date
- Thread