[PATCH] services: mpd: Allow authentication and permissions to be configured.

OpenSubmitted by pinoaffe.
Details
One participant
  • pinoaffe
Owner
unassigned
Severity
normal
P
P
pinoaffe wrote on 26 Apr 22:16 +0200
(address . guix-patches@gnu.org)
1ee4ef44362d20518fe69da7b6c37df5@airmail.cc
* gnu/services/audio.scm (mpd-credential): New public variable.* gnu/services/audio.scm (mpd-configuration): Add credentialsand permissions.--- doc/guix.texi | 23 ++++++++++++ gnu/services/audio.scm | 79 ++++++++++++++++++++++++++++++------------ 2 files changed, 80 insertions(+), 22 deletions(-)
Toggle diff (171 lines)diff --git a/doc/guix.texi b/doc/guix.texiindex 6613a4af13..1693d938f1 100644--- a/doc/guix.texi+++ b/doc/guix.texi@@ -23271,12 +23271,35 @@ an absolute path can be specified here. @item @code{outputs} (default: @code{"(list (mpd-output))"}) The audio outputs that MPD can use. By default this is a single output using pulseaudio.
+@item @code{default-permissions} (default: @code{'(read add control admin)})+The permissions a user that connected to the mpd server without a password should enjoy.+Should be a subset of @code{'(read add control admin)}.++@item @code{credentials} (default: @code{'()})+The list of credentials one can use to sign in to mpd and gain extra permissions. By+default this is an empty list.+ @end table @end deftp
+@deftp {Data Type} mpd-credential+Data type representing an @command{mpd} password/permissions pair.+ @deftp {Data Type} mpd-output Data type representing an @command{mpd} audio output.
+@table @asis+@item @code{password} (default: @code{""})+The password used to authenticate. The password may not contain "@".++@item @code{permissions} (default: @code{'()})+The permissions one gains after authenticating to the server using @code{password}.+This should be a subset of @code{'(read add control admin)}, as in+@code{default-permissions}.++@end table+@end deftp+ @table @asis @item @code{name} (default: @code{"MPD"}) The name of the audio output.diff --git a/gnu/services/audio.scm b/gnu/services/audio.scmindex 345d8225b2..9a6dc8db94 100644--- a/gnu/services/audio.scm+++ b/gnu/services/audio.scm@@ -26,6 +26,8 @@ #:use-module (ice-9 match) #:export (mpd-output mpd-output?+ mpd-credential+ mpd-credential? mpd-configuration mpd-configuration? mpd-service-type))@@ -36,6 +38,16 @@ ;;; ;;; Code:
+(define-record-type* <mpd-credential>+ mpd-credential make-mpd-credential+ mpd-credential?+ (password mpd-credential-password+ ;; valid: any string that does not contain #\@+ (default ""))+ (permissions mpd-credential-permissions+ ;; valid: any subset of read, add, control and admin+ (default '())))+ (define-record-type* <mpd-output> mpd-output make-mpd-output mpd-output?@@ -58,24 +70,41 @@ (define-record-type* <mpd-configuration> mpd-configuration make-mpd-configuration mpd-configuration?- (user mpd-configuration-user- (default "mpd"))- (music-dir mpd-configuration-music-dir- (default "~/Music"))- (playlist-dir mpd-configuration-playlist-dir- (default "~/.mpd/playlists"))- (db-file mpd-configuration-db-file- (default "~/.mpd/tag_cache"))- (state-file mpd-configuration-state-file- (default "~/.mpd/state"))- (sticker-file mpd-configuration-sticker-file- (default "~/.mpd/sticker.sql"))- (port mpd-configuration-port- (default "6600"))- (address mpd-configuration-address- (default "any"))- (outputs mpd-configuration-outputs- (default (list (mpd-output)))))+ (user mpd-configuration-user+ (default "mpd"))+ (music-dir mpd-configuration-music-dir+ (default "~/Music"))+ (playlist-dir mpd-configuration-playlist-dir+ (default "~/.mpd/playlists"))+ (db-file mpd-configuration-db-file+ (default "~/.mpd/tag_cache"))+ (state-file mpd-configuration-state-file+ (default "~/.mpd/state"))+ (sticker-file mpd-configuration-sticker-file+ (default "~/.mpd/sticker.sql"))+ (port mpd-configuration-port+ (default "6600"))+ (address mpd-configuration-address+ (default "any"))+ (credentials mpd-configuration-credentials+ (default '()))+ (default-permissions mpd-configuration-default-permissions+ (default '(read add control admin)))+ (outputs mpd-configuration-outputs+ (default (list (mpd-output)))))++(define (mpd-permissions->string permissions)+ (string-join (map symbol->string+ permissions)+ ","))++(define (mpd-credential->string credential)+ "Convert the USER of type <mpd-credential> to a configuration file snippet."+ (format #f+ "password \"~a@~a\"\n"+ (mpd-credential-password credential)+ (mpd-permissions->string+ (mpd-credential-permissions credential))))
(define (mpd-output->string output) "Convert the OUTPUT of type <mpd-output> to a configuration file snippet."@@ -110,8 +139,14 @@ audio_output { (apply mixed-text-file "mpd.conf" "pid_file \"" (mpd-file-name config "pid") "\"\n"+ "default_permissions \""+ (mpd-permissions->string+ (mpd-configuration-default-permissions config))+ "\"\n" (append (map mpd-output->string (mpd-configuration-outputs config))+ (map mpd-credential->string+ (mpd-configuration-credentials config)) (map (match-lambda ((config-name config-val) (string-append config-name " \"" (config-val config) "\"\n")))@@ -143,10 +178,10 @@ audio_output { #:environment-variables ;; Required to detect PulseAudio when run under a user account. '(#$(string-append- "XDG_RUNTIME_DIR=/run/user/"- (number->string- (passwd:uid- (getpwnam (mpd-configuration-user config))))))+ "XDG_RUNTIME_DIR=/run/user/"+ (number->string+ (passwd:uid+ (getpwnam (mpd-configuration-user config)))))) #:log-file #$(mpd-file-name config "log"))) (stop #~(make-kill-destructor))))
-- 2.26.2
P
P
pinoaffe wrote on 28 Apr 13:29 +0200
[PATCH (hopefully not garbled this time)] services: mpd: Allow authentication and permissions to be configured.
(address . 40878@debbugs.gnu.org)
20200426223555.2a5793bb@airmail.cc
* gnu/services/audio.scm (mpd-credential): New public variable.* gnu/services/audio.scm (mpd-configuration): Add credentialsand permissions.--- doc/guix.texi | 23 ++++++++++++ gnu/services/audio.scm | 79 ++++++++++++++++++++++++++++++------------ 2 files changed, 80 insertions(+), 22 deletions(-)
Toggle diff (162 lines)diff --git a/doc/guix.texi b/doc/guix.texiindex 6613a4af13..1693d938f1 100644--- a/doc/guix.texi+++ b/doc/guix.texi@@ -23271,12 +23271,35 @@ an absolute path can be specified here. @item @code{outputs} (default: @code{"(list (mpd-output))"}) The audio outputs that MPD can use. By default this is a single output using pulseaudio. +@item @code{default-permissions} (default: @code{'(read add control admin)})+The permissions a user that connected to the mpd server without a password should enjoy. +Should be a subset of @code{'(read add control admin)}.++@item @code{credentials} (default: @code{'()})+The list of credentials one can use to sign in to mpd and gain extra permissions. By+default this is an empty list.+ @end table @end deftp +@deftp {Data Type} mpd-credential+Data type representing an @command{mpd} password/permissions pair.+ @deftp {Data Type} mpd-output Data type representing an @command{mpd} audio output. +@table @asis+@item @code{password} (default: @code{""})+The password used to authenticate. The password may not contain "@".++@item @code{permissions} (default: @code{'()})+The permissions one gains after authenticating to the server using @code{password}.+This should be a subset of @code{'(read add control admin)}, as in+@code{default-permissions}.++@end table+@end deftp+ @table @asis @item @code{name} (default: @code{"MPD"}) The name of the audio output.diff --git a/gnu/services/audio.scm b/gnu/services/audio.scmindex 345d8225b2..9a6dc8db94 100644--- a/gnu/services/audio.scm+++ b/gnu/services/audio.scm@@ -26,6 +26,8 @@ #:use-module (ice-9 match) #:export (mpd-output mpd-output?+ mpd-credential+ mpd-credential? mpd-configuration mpd-configuration? mpd-service-type))@@ -36,6 +38,16 @@ ;;; ;;; Code: +(define-record-type* <mpd-credential>+ mpd-credential make-mpd-credential+ mpd-credential?+ (password mpd-credential-password+ ;; valid: any string that does not contain #\@+ (default ""))+ (permissions mpd-credential-permissions+ ;; valid: any subset of read, add, control and admin+ (default '())))+ (define-record-type* <mpd-output> mpd-output make-mpd-output mpd-output?@@ -58,24 +70,41 @@ (define-record-type* <mpd-configuration> mpd-configuration make-mpd-configuration mpd-configuration?- (user mpd-configuration-user- (default "mpd"))- (music-dir mpd-configuration-music-dir- (default "~/Music"))- (playlist-dir mpd-configuration-playlist-dir- (default "~/.mpd/playlists"))- (db-file mpd-configuration-db-file- (default "~/.mpd/tag_cache"))- (state-file mpd-configuration-state-file- (default "~/.mpd/state"))- (sticker-file mpd-configuration-sticker-file- (default "~/.mpd/sticker.sql"))- (port mpd-configuration-port- (default "6600"))- (address mpd-configuration-address- (default "any"))- (outputs mpd-configuration-outputs- (default (list (mpd-output)))))+ (user mpd-configuration-user+ (default "mpd"))+ (music-dir mpd-configuration-music-dir+ (default "~/Music"))+ (playlist-dir mpd-configuration-playlist-dir+ (default "~/.mpd/playlists"))+ (db-file mpd-configuration-db-file+ (default "~/.mpd/tag_cache"))+ (state-file mpd-configuration-state-file+ (default "~/.mpd/state"))+ (sticker-file mpd-configuration-sticker-file+ (default "~/.mpd/sticker.sql"))+ (port mpd-configuration-port+ (default "6600"))+ (address mpd-configuration-address+ (default "any"))+ (credentials mpd-configuration-credentials+ (default '()))+ (default-permissions mpd-configuration-default-permissions+ (default '(read add control admin)))+ (outputs mpd-configuration-outputs+ (default (list (mpd-output)))))++(define (mpd-permissions->string permissions)+ (string-join (map symbol->string+ permissions)+ ","))++(define (mpd-credential->string credential)+ "Convert the USER of type <mpd-credential> to a configuration file snippet."+ (format #f+ "password \"~a@~a\"\n"+ (mpd-credential-password credential)+ (mpd-permissions->string+ (mpd-credential-permissions credential)))) (define (mpd-output->string output) "Convert the OUTPUT of type <mpd-output> to a configuration file snippet."@@ -110,8 +139,14 @@ audio_output { (apply mixed-text-file "mpd.conf" "pid_file \"" (mpd-file-name config "pid") "\"\n"+ "default_permissions \""+ (mpd-permissions->string+ (mpd-configuration-default-permissions config))+ "\"\n" (append (map mpd-output->string (mpd-configuration-outputs config))+ (map mpd-credential->string+ (mpd-configuration-credentials config)) (map (match-lambda ((config-name config-val) (string-append config-name " \"" (config-val config) "\"\n")))@@ -143,10 +178,10 @@ audio_output { #:environment-variables ;; Required to detect PulseAudio when run under a user account. '(#$(string-append- "XDG_RUNTIME_DIR=/run/user/"- (number->string- (passwd:uid- (getpwnam (mpd-configuration-user config))))))+ "XDG_RUNTIME_DIR=/run/user/"+ (number->string+ (passwd:uid+ (getpwnam (mpd-configuration-user config)))))) #:log-file #$(mpd-file-name config "log"))) (stop #~(make-kill-destructor)))) -- 2.26.2
P
P
pinoaffe wrote on 28 Apr 17:00 +0200
[PATCH v2] services: mpd: Allow authentication and permissions to be configured.
(address . 40878@debbugs.gnu.org)
20200428170023.3304924a@airmail.cc
* gnu/services/audio.scm (mpd-credential): New public variable.* gnu/services/audio.scm (mpd-configuration): Add credentialsand permissions.--- doc/guix.texi | 26 ++++++++++++++ gnu/services/audio.scm | 79 ++++++++++++++++++++++++++++++------------ 2 files changed, 83 insertions(+), 22 deletions(-)
Toggle diff (159 lines)diff --git a/doc/guix.texi b/doc/guix.texiindex 6613a4af13..6a5038fd37 100644--- a/doc/guix.texi+++ b/doc/guix.texi@@ -23271,6 +23271,32 @@ an absolute path can be specified here. @item @code{outputs} (default: @code{"(list (mpd-output))"}) The audio outputs that MPD can use. By default this is a single output using pulseaudio. +@item @code{default-permissions} (default: @code{'(read add control admin)})+The permissions a user that connected to the mpd server without a password should enjoy. +Should be a subset of @code{'(read add control admin)}.++@item @code{credentials} (default: @code{'()})+The list of credentials one can use to sign in to mpd and gain extra permissions. By+default this is an empty list.++@end table+@end deftp++@deftp {Data Type} mpd-credential+Data type representing an @command{mpd} password/permissions pair.++@table @asis+@item @code{password} (default: @code{""})+The password used to authenticate. The password may not contain "@".+Warning: due to limitations of the mpd configuration system, the generated mpd config+(which is stored in the guix store and is readable to all users) will include a+plaintext copy of the provided password(s).++@item @code{permissions} (default: @code{'()})+The permissions one gains after authenticating to the server using @code{password}.+This should be a subset of @code{'(read add control admin)}, as in+@code{default-permissions}.+ @end table @end deftp diff --git a/gnu/services/audio.scm b/gnu/services/audio.scmindex 345d8225b2..9a6dc8db94 100644--- a/gnu/services/audio.scm+++ b/gnu/services/audio.scm@@ -26,6 +26,8 @@ #:use-module (ice-9 match) #:export (mpd-output mpd-output?+ mpd-credential+ mpd-credential? mpd-configuration mpd-configuration? mpd-service-type))@@ -36,6 +38,16 @@ ;;; ;;; Code: +(define-record-type* <mpd-credential>+ mpd-credential make-mpd-credential+ mpd-credential?+ (password mpd-credential-password+ ;; valid: any string that does not contain #\@+ (default ""))+ (permissions mpd-credential-permissions+ ;; valid: any subset of read, add, control and admin+ (default '())))+ (define-record-type* <mpd-output> mpd-output make-mpd-output mpd-output?@@ -58,24 +70,41 @@ (define-record-type* <mpd-configuration> mpd-configuration make-mpd-configuration mpd-configuration?- (user mpd-configuration-user- (default "mpd"))- (music-dir mpd-configuration-music-dir- (default "~/Music"))- (playlist-dir mpd-configuration-playlist-dir- (default "~/.mpd/playlists"))- (db-file mpd-configuration-db-file- (default "~/.mpd/tag_cache"))- (state-file mpd-configuration-state-file- (default "~/.mpd/state"))- (sticker-file mpd-configuration-sticker-file- (default "~/.mpd/sticker.sql"))- (port mpd-configuration-port- (default "6600"))- (address mpd-configuration-address- (default "any"))- (outputs mpd-configuration-outputs- (default (list (mpd-output)))))+ (user mpd-configuration-user+ (default "mpd"))+ (music-dir mpd-configuration-music-dir+ (default "~/Music"))+ (playlist-dir mpd-configuration-playlist-dir+ (default "~/.mpd/playlists"))+ (db-file mpd-configuration-db-file+ (default "~/.mpd/tag_cache"))+ (state-file mpd-configuration-state-file+ (default "~/.mpd/state"))+ (sticker-file mpd-configuration-sticker-file+ (default "~/.mpd/sticker.sql"))+ (port mpd-configuration-port+ (default "6600"))+ (address mpd-configuration-address+ (default "any"))+ (credentials mpd-configuration-credentials+ (default '()))+ (default-permissions mpd-configuration-default-permissions+ (default '(read add control admin)))+ (outputs mpd-configuration-outputs+ (default (list (mpd-output)))))++(define (mpd-permissions->string permissions)+ (string-join (map symbol->string+ permissions)+ ","))++(define (mpd-credential->string credential)+ "Convert the USER of type <mpd-credential> to a configuration file snippet."+ (format #f+ "password \"~a@~a\"\n"+ (mpd-credential-password credential)+ (mpd-permissions->string+ (mpd-credential-permissions credential)))) (define (mpd-output->string output) "Convert the OUTPUT of type <mpd-output> to a configuration file snippet."@@ -110,8 +139,14 @@ audio_output { (apply mixed-text-file "mpd.conf" "pid_file \"" (mpd-file-name config "pid") "\"\n"+ "default_permissions \""+ (mpd-permissions->string+ (mpd-configuration-default-permissions config))+ "\"\n" (append (map mpd-output->string (mpd-configuration-outputs config))+ (map mpd-credential->string+ (mpd-configuration-credentials config)) (map (match-lambda ((config-name config-val) (string-append config-name " \"" (config-val config) "\"\n")))@@ -143,10 +178,10 @@ audio_output { #:environment-variables ;; Required to detect PulseAudio when run under a user account. '(#$(string-append- "XDG_RUNTIME_DIR=/run/user/"- (number->string- (passwd:uid- (getpwnam (mpd-configuration-user config))))))+ "XDG_RUNTIME_DIR=/run/user/"+ (number->string+ (passwd:uid+ (getpwnam (mpd-configuration-user config)))))) #:log-file #$(mpd-file-name config "log"))) (stop #~(make-kill-destructor)))) -- 2.26.2
?