[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: gnu: services: use seconds instead of duration strings.
From: |
julien lepiller |
Subject: |
01/01: gnu: services: use seconds instead of duration strings. |
Date: |
Wed, 21 Jun 2017 13:30:19 -0400 (EDT) |
roptat pushed a commit to branch master
in repository guix.
commit f3853a259b9b0588f6ae4f32c5c56a77ab096e86
Author: Julien Lepiller <address@hidden>
Date: Sat Jun 10 11:59:18 2017 +0200
gnu: services: use seconds instead of duration strings.
* gnu/services/dns.scm (zone-file, knot-policy-configuration): Use numbers
instead of duration strings.
(verify-knot-policy-configuration): Fix typo.
* doc/guix.texi (DNS Services): Update documentation.
---
doc/guix.texi | 29 ++++++++++++-----------------
gnu/services/dns.scm | 20 ++++++++++----------
2 files changed, 22 insertions(+), 27 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 4933a98..8714780 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -13907,26 +13907,21 @@ The serial number of the zone. As this is used to
keep track of changes by
both slaves and resolvers, it is mandatory that it @emph{never} decreases.
Always increment it when you make a change in your zone.
address@hidden @code{refresh} (default: @code{"2d"})
-The frequency at which slaves will do a zone transfer. This value can be
-a number of seconds or a number of some unit between:
address@hidden
address@hidden m: minute
address@hidden h: hour
address@hidden d: day
address@hidden w: week
address@hidden itemize
address@hidden @code{refresh} (default: @code{(* 2 24 3600)})
+The frequency at which slaves will do a zone transfer. This value is a number
+of seconds. It can be computed by multiplications or with
address@hidden(string->duration)}.
address@hidden @code{retry} (default: @code{"15m"})
address@hidden @code{retry} (default: @code{(* 15 60)})
The period after which a slave will retry to contact its master when it fails
to do so a first time.
address@hidden @code{expiry} (default: @code{"2w"})
address@hidden @code{expiry} (default: @code{(* 14 24 3600)})
Default TTL of records. Existing records are considered correct for at most
this amount of time. After this period, resolvers will invalidate their cache
and check again that it still exists.
address@hidden @code{nx} (default: @code{"1h"})
address@hidden @code{nx} (default: @code{3600})
Default TTL of inexistant records. This delay is usually short because you
want
your new domains to reach everyone quickly.
@@ -14029,17 +14024,17 @@ algorithm, but would be unsecure for other algorithms.
The TTL value for DNSKEY records added into zone apex. The special
@code{'default} value means same as the zone SOA TTL.
address@hidden @code{zsk-lifetime} (default: @code{"30d"})
address@hidden @code{zsk-lifetime} (default: @code{(* 30 24 3600)})
The period between ZSK publication and the next rollover initiation.
address@hidden @code{propagation-delay} (default: @code{"1d"})
address@hidden @code{propagation-delay} (default: @code{(* 24 3600)})
An extra delay added for each key rollover step. This value should be high
enough to cover propagation of data from the master server to all slaves.
address@hidden @code{rrsig-lifetime} (default: @code{"14d"})
address@hidden @code{rrsig-lifetime} (default: @code{(* 14 24 3600)})
A validity period of newly issued signatures.
address@hidden @code{rrsig-refresh} (default: @code{"7d"})
address@hidden @code{rrsig-refresh} (default: @code{(* 7 24 3600)})
A period how long before a signature expiration the signature will be
refreshed.
@item @code{nsec3?} (default: @code{#f})
@@ -14052,7 +14047,7 @@ The number of additional times the hashing is performed.
The length of a salt field in octets, which is appended to the original owner
name before hashing.
address@hidden @code{nsec3-salt-lifetime} (default: @code{"30d"})
address@hidden @code{nsec3-salt-lifetime} (default: @code{(* 30 24 3600)})
The validity period of newly issued salt field.
@end table
diff --git a/gnu/services/dns.scm b/gnu/services/dns.scm
index 2ed7b9e..673ab1a 100644
--- a/gnu/services/dns.scm
+++ b/gnu/services/dns.scm
@@ -99,13 +99,13 @@
(serial zone-file-serial
(default 1))
(refresh zone-file-refresh
- (default "2d"))
+ (default (* 2 24 3600)))
(retry zone-file-retry
- (default "15m"))
+ (default (* 15 60)))
(expiry zone-file-expiry
- (default "2w"))
+ (default (* 2 7 24 3600)))
(nx zone-file-nx
- (default "1h")))
+ (default 3600)))
(define-record-type* <knot-keystore-configuration>
knot-keystore-configuration make-knot-keystore-configuration
knot-keystore-configuration?
@@ -136,13 +136,13 @@
(dnskey-ttl knot-policy-configuration-dnskey-ttl
(default 'default))
(zsk-lifetime knot-policy-configuration-zsk-lifetime
- (default "30d"))
+ (default (* 30 24 3600)))
(propagation-delay knot-policy-configuration-propagation-delay
- (default "1d"))
+ (default (* 24 3600)))
(rrsig-lifetime knot-policy-configuration-rrsig-lifetime
- (default "14d"))
+ (default (* 14 24 3600)))
(rrsig-refresh knot-policy-configuration-rrsig-refresh
- (default "7d"))
+ (default (* 7 24 3600)))
(nsec3? knot-policy-configuration-nsec3?
(default #f))
(nsec3-iterations knot-policy-configuration-nsec3-iterations
@@ -150,7 +150,7 @@
(nsec3-salt-length knot-policy-configuration-nsec3-salt-length
(default 8))
(nsec3-salt-lifetime knot-policy-configuration-nsec3-salt-lifetime
- (default "30d")))
+ (default (* 30 24 3600))))
(define-record-type* <knot-zone-configuration>
knot-zone-configuration make-knot-zone-configuration
@@ -248,7 +248,7 @@
(error-out "backend must be one of: 'pem or 'pkcs11")))
(define (verify-knot-policy-configuration policy)
- (unless (knot-keystore-configuration? policy)
+ (unless (knot-policy-configuration? policy)
(error-out "policies must be a list of only knot-policy-configuration."))
(let ((id (knot-policy-configuration-id policy)))
(unless (and (string? id) (not (equal? id "")))