diff options
| author | EuAndreh <eu@euandre.org> | 2021-01-15 11:57:49 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2021-01-15 11:57:49 -0300 |
| commit | a90591c8d3ef54e60d7b790f1e52547318c2bc43 (patch) | |
| tree | 5b50c29fcf0730d1540f0f9fdd02250c774c44f9 | |
| parent | remote-guix-reconfigure.sh: Move to POSIX sh (diff) | |
| download | server-a90591c8d3ef54e60d7b790f1e52547318c2bc43.tar.gz server-a90591c8d3ef54e60d7b790f1e52547318c2bc43.tar.xz | |
WIP setup of cgit + nginx. Pivot to work on Guix deploy instead
| -rw-r--r-- | TODOs.rst | 5 | ||||
| -rw-r--r-- | sync/vps.scm | 65 |
2 files changed, 58 insertions, 12 deletions
@@ -297,3 +297,8 @@ NGINX settings: # VPS - setup chat servers: XMPP and Matrix + +cronjob: copy tarballs in git notes to directory to make it easier to browse (directory listing) +use guix deploy over ssh sysrem reconfigure + + diff --git a/sync/vps.scm b/sync/vps.scm index 1f13415..259ec80 100644 --- a/sync/vps.scm +++ b/sync/vps.scm @@ -4,6 +4,7 @@ ((guix build utils) #:prefix utils:) ((guix modules) #:prefix modules:) ((srfi srfi-1) #:prefix srfi-1:) + (srfi srfi-26) ((ice-9 textual-ports) #:prefix textual-ports:) ((ice-9 ftw) #:prefix ftw:) ((ice-9 popen) #:prefix popen:) @@ -166,6 +167,9 @@ (define git-domain-prefix "git") (define git-domain (string-append git-domain-prefix "." tld)) +(define ci-domain-prefix "ci") +(define ci-domain (string-append ci-domain-prefix "." tld)) + ;; CI HTML generation from Git notes @@ -289,15 +293,20 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (define tls-prefixes (list "www" mail-domain-prefix - "ci" + ci-domain-prefix git-domain-prefix "chat" "meet")) +(define static-projects + '("guile-pds" "boneco")) + (define tls-domains (cons tld - (map #[string-append % "." tld] - tls-prefixes))) + (append + (map #[string-append % "." tld] + tls-prefixes) + (map (cut string-append <> "." tld) static-projects)))) (define generate-ci-html-job #~(job "*/5 * * * *" @@ -309,6 +318,32 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (use-modules (guix build utils)) (display 'generate-ci-html)))))) + +(define (static-nginx-config domains root) + (nginx-server-configuration + (server-name domains) + (listen '("443 ssl")) + (ssl-certificate (tls-pub-for tld)) + (ssl-certificate-key (tls-priv-for tld)) + (root root))) + +(define static-projects-nginx-config + (map #[static-nginx-config (list (string-append % "." tld)) + (string-append "/srv/http/" %)] + static-projects)) + +(define cgit-with-custom-about-formatting + (package + (inherit cgit) + (arguments + (substitute-keyword-arguments (package-arguments cgit) + ((#:phases phases) + `(modify-phases ,phases + (add-after unpack 'patch-about-formatting + (lambda _ + (substitute* "lib/cgit/filters/about-formatting.sh" + (("txt2html") "md2html")))))))))) + (operating-system (locale "en_US.UTF-8") (timezone "America/Sao_Paulo") @@ -338,12 +373,13 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (service mcron-service-type (mcron-configuration (jobs (list generate-ci-html-job)))) - (simple-service 'automatic-mcron-restart + (simple-service 'automatic-services-restart activation-service-type (with-imported-modules '((gnu services herd)) #~(begin (use-modules (gnu services herd)) - (restart-service 'mcron)))) + (restart-service 'mcron) + (restart-service 'nginx)))) (service unattended-upgrade-service-type) (service dhcp-client-service-type) (service opensmtpd-service-type @@ -357,11 +393,10 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (service nginx-service-type (nginx-configuration (server-blocks - (list - (nginx-server-configuration - (server-name (list tld)) - (ssl-certificate (tls-pub-for tld)) - (ssl-certificate-key (tls-priv-for tld))))))) + (append + (list + (static-nginx-config (list ci-domain) "/srv/ci")) + static-projects-nginx-config)))) (service certbot-service-type (certbot-configuration (email (string-append certbot-alias "@" tld)) @@ -378,14 +413,15 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (restart-service 'nginx)))) (service cgit-service-type (cgit-configuration + (package cgit-with-custom-about-formatting) (remove-suffix? #t) (root-title "EuAndreh's repositories") (root-desc "Patches welcome!") (snapshots '("tar.gz" "zip")) (clone-prefix (list (string-append "https://" git-domain))) (source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py")) - ;; Use custom: README is markdown (about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh")) + (favicon (file-append cgit "/share/cgit/favicon.ico")) (enable-commit-graph? #t) (enable-follow-links? #t) (enable-index-owner? #f) @@ -401,14 +437,19 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (plain-file "euandreh-cgitrc" (string-join (map (partial string-append "readme=:README") '("" ".txt" ".md" ".rst")) - "\n"))))) + "\n"))) + #; + (nginx + (nginx-server-configuration)))) (simple-service 'init-srv-directories activation-service-type #~(for-each (lambda (p) (mkdir-p p) ;; error: cmd is undefined ;; #´chown -R $user users $p´ + #; (chown p #$user "users") + #; (chmod p #o755)) '("/srv/http" "/srv/git" |