confd: expose more avahi-daemon settings in mdns service context

Use container for interface allow/deny and for reflector settings.
Hopefully there will be more settings in the future, e.g., control
reflector interfaces independently.

Fix #678

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>

src/confd/src/infix-services.c

@@ -176,21 +176,81 @@ static int hostname_change(sr_session_ctx_t *session, uint32_t sub_id, const cha
 	return mdns_records("update", all);
 }
 
+static void fput_list(FILE *fp, struct lyd_node *cfg, const char *list, const char *heading)
+{
+	const char *prefix = heading;
+	struct lyd_node *node;
+
+	LYX_LIST_FOR_EACH(lyd_child(cfg), node, list) {
+		fprintf(fp, "%s%s", prefix, lyd_get_value(node));
+		prefix = ",";
+	}
+
+	if (prefix != heading)
+		fprintf(fp, "\n");
+}
+
+#define AVAHI_CONF "/etc/avahi/avahi-daemon.conf"
+
+static void mdns_conf(struct lyd_node *cfg)
+{
+	struct lyd_node *ctx;
+	FILE *fp;
+
+	fp = fopen(AVAHI_CONF, "w");
+	if (!fp) {
+		ERRNO("failed creating %s", AVAHI_CONF);
+		return;
+	}
+
+	fprintf(fp, "# Generated by Infix confd\n"
+		"[server]\n"
+		"domain-name=%s\n"
+		"use-ipv4=yes\n"
+		"use-ipv6=yes\n", lydx_get_cattr(cfg, "domain"));
+
+	ctx = lydx_get_descendant(lyd_child(cfg), "interfaces", NULL);
+	if (ctx) {
+		fput_list(fp, ctx, "allow", "allow-interfaces=");
+		fput_list(fp, ctx, "deny", "deny-interfaces=");
+	}
+
+	fprintf(fp,
+		"ratelimit-interval-usec=1000000\n"
+		"ratelimit-burst=1000\n");
+
+	fprintf(fp, "\n[wide-area]\n");
+	/* nop */
+	fprintf(fp, "\n[publish]\n");
+	/* nop */
+	fprintf(fp, "\n[reflector]\n");
+	ctx = lydx_get_descendant(lyd_child(cfg), "reflector", NULL);
+	if (ctx) {
+		fprintf(fp, "enable-reflector=%s\n", lydx_is_enabled(ctx, "enabled") ? "on" : "off");
+		fput_list(fp, ctx, "service-filter", "reflect-filters=");
+	}
+
+	fprintf(fp, "\n[rlimits]\n");
+	/* nop */
+
+	fclose(fp);
+}
+
 static void mdns_cname(sr_session_ctx_t *session)
 {
 	int ena = srx_enabled(session, "/infix-services:mdns/enabled");
 
 	if (ena) {
 		int www = srx_enabled(session, "/infix-services:web/netbrowse/enabled");
-		char *name = fgetkey("/etc/os-release", "DEFAULT_HOSTNAME");
+		const char *hostnm = fgetkey("/etc/os-release", "DEFAULT_HOSTNAME");
 
-		if (name || www) {
+		if (hostnm || www) {
 			FILE *fp;
 
 			fp = fopen("/etc/default/mdns-alias", "w");
 			if (fp) {
 				fprintf(fp, "MDNS_ALIAS_ARGS=\"%s%s %s\"\n",
-					name ?: "", name ? ".local" : "",
+					hostnm ?: "", hostnm ? ".local" : "",
 					www ? "network.local" : "");
 				fclose(fp);
 			} else {
@@ -217,6 +277,9 @@ static int mdns_change(sr_session_ctx_t *session, uint32_t sub_id, const char *m
 
 	ena = lydx_is_enabled(srv, "enabled");
 	if (ena) {
+		/* Generate/update avahi-daemon.conf */
+		mdns_conf(srv);
+
 		/* Generate/update basic mDNS service records */
 		mdns_records("update", all);
 	}

src/confd/yang/confd.inc

@@ -33,7 +33,7 @@ MODULES=(
 	"infix-dhcp-client@2024-09-20.yang"
 	"infix-meta@2024-10-18.yang"
 	"infix-system@2024-11-27.yang"
-	"infix-services@2024-05-30.yang"
+	"infix-services@2024-12-02.yang"
 	"ieee802-ethernet-interface@2019-06-21.yang"
 	"infix-ethernet-interface@2024-02-27.yang"
 	"infix-factory-default@2023-06-28.yang"

src/confd/yang/infix-services.yang

@@ -3,10 +3,21 @@ module infix-services {
   namespace "urn:ietf:params:xml:ns:yang:infix-services";
   prefix infix-svc;
 
+  import ietf-interfaces {
+    prefix if;
+  }
+  import ietf-inet-types {
+    prefix inet;
+  }
+
   organization "KernelKit";
   contact      "kernelkit@googlegroups.com";
   description  "Infix services, generic.";
 
+  revision 2024-12-02 {
+    description "Expand mdns options: domain, allow/deny interfaces, reflector.";
+    reference "internal";
+  }
   revision 2024-05-30 {
     description "Add support for RESTCONF enable/disable as a web service.";
     reference "internal";
@@ -35,6 +46,63 @@ module infix-services {
       description "Globally enable or disable mDNS/SD on all interfaces.";
       type boolean;
     }
+
+    leaf domain {
+      description "LAN domain name to register host name and services in.
+
+                   Most common is .local, but some also use .lan, or .office,
+                   usually this setting can be left as-is.";
+      default "local";
+      type inet:domain-name;
+    }
+
+    container interfaces {
+      description "Filter interfaces to act on.";
+
+      leaf-list allow {
+        description "Enabled on interfaces, can be combined with deny-interfaces.
+
+                     By default all, except loopback and point-to-point links.";
+        type if:interface-ref;
+      }
+
+      leaf-list deny {
+        description "Disabled on interfaces (always wins).
+
+                     Other not specified interfaces will be used, except loopback
+                     and point-to-point, unless combined with allow-interfaces.
+
+                     This option takes precedence over allow-interfaces.";
+        type if:interface-ref;
+      }
+    }
+
+    container reflector {
+      description "Reflect incoming mDNS requests to local interfaces.";
+
+      leaf enabled {
+        description "Enable mDNS reflector on local interfaces.";
+        type boolean;
+      }
+
+      leaf-list service-filter {
+        description "Filter mDNS service names to reflect.
+
+                     Example, for AirPlay and AirTunes, use:
+
+                       - _airplay._tcp.local
+                       - _raop._tcp.local
+
+                     For AirPrint use:
+
+                       - _printer._tcp.local
+                       - _ipp._tcp.local
+                       - _pdl-datastream._tcp.local
+
+                     By default all services are reflected.";
+        type string;
+      }
+    }
   }
 
   container web {