10 files changed, 69 insertions, 8 deletions

diff --git a/.envrc b/.envrc
index 8a97b26..d16dff6 100644
--- a/.envrc
+++ b/.envrc
@@ -2,16 +2,15 @@
 set -Eeuo pipefail
 
 #
-# envsubst variables for:
-# - envsubst-configuration.nix
-export TLD='euandreh.xyz'
-export SYSTEM_STATE_VERSION='20.03'
+# envsubst
+#
+export TLD='arrobaponto.org'
 
 #
 # Terraform
 #
 export TF_VAR_tld="${TLD}"
-export TF_VAR_hostname="sovereignty-nixos"
-export TF_VAR_storage_name="sovereignty-nixos-storage"
+export TF_VAR_hostname="sovereignty-guix-system"
+export TF_VAR_storage_name="sovereignty-storage"
 TF_VAR_vultr_api_key="$(cat ./secrets/terraform/vultr-api-key.txt)"
 export TF_VAR_vultr_api_key
diff --git a/TODOs.org b/TODOs.org
index 7f3b2ad..5b1ebc6 100644
--- a/TODOs.org
+++ b/TODOs.org
@@ -1,4 +1,5 @@
 * Tasks
+** TODO External volume
 ** TODO Backups
 If possible, put every data subfolder under the same folder, and just backup the
 toplevel folder. This also allows me to put it on an external volum and grow it
@@ -19,6 +20,7 @@ re-creating everything from scratch.
 ** TODO =ci.$tld=: cuirass
 ** TODO =$tld=: Jekyll blog
 ** TODO =$project.$tld=: static documentation for projects
+** TODO =audio.$tld=: FunkWhale
 * Decisions
 ** Matrix over XMPP
 I'm picking Matrix. Not because of the protocol or anything else, but because it
diff --git a/guix-reconfigure.sh b/guix-reconfigure.sh
new file mode 100755
index 0000000..9eefabb
--- /dev/null
+++ b/guix-reconfigure.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+set -Eeuox pipefail
+cd "$(dirname "${BASH_SOURCE[0]}")"
+
+envsubst < config.scm | ssh "$TLD" 'cat > /data/config.scm'
+ssh "$TLD" guix pull
+ssh "$TLD" sudo -i guix system reconfigure /data/config.scm
diff --git a/secrets/terraform/plan-files/2020-11-16T20:02:03-03:00.tfplan b/secrets/terraform/plan-files/2020-11-16T20:02:03-03:00.tfplan
new file mode 100644
index 0000000..d05d691
--- /dev/null
+++ b/secrets/terraform/plan-files/2020-11-16T20:02:03-03:00.tfplan
diff --git a/secrets/terraform/plan-files/2020-11-16T20:11:50-03:00.tfplan b/secrets/terraform/plan-files/2020-11-16T20:11:50-03:00.tfplan
new file mode 100644
index 0000000..08d5e79
--- /dev/null
+++ b/secrets/terraform/plan-files/2020-11-16T20:11:50-03:00.tfplan
diff --git a/secrets/terraform/plan-files/2020-11-16T22:16:40-03:00.tfplan b/secrets/terraform/plan-files/2020-11-16T22:16:40-03:00.tfplan
new file mode 100644
index 0000000..2272d23
--- /dev/null
+++ b/secrets/terraform/plan-files/2020-11-16T22:16:40-03:00.tfplan
diff --git a/secrets/terraform/terraform.tfstate b/secrets/terraform/terraform.tfstate
index df179b7..135ef81 100644
--- a/secrets/terraform/terraform.tfstate
+++ b/secrets/terraform/terraform.tfstate
diff --git a/secrets/terraform/terraform.tfstate.backup b/secrets/terraform/terraform.tfstate.backup
index 21c7872..775ca09 100644
--- a/secrets/terraform/terraform.tfstate.backup
+++ b/secrets/terraform/terraform.tfstate.backup
diff --git a/vps.scm b/vps.scm
new file mode 100644
index 0000000..8d47891
--- /dev/null
+++ b/vps.scm
@@ -0,0 +1,53 @@
+;; This is an operating system configuration generated
+;; by the graphical installer.
+
+(use-modules (gnu))
+(use-service-modules networking ssh)
+(use-package-modules ssh)
+
+(define ssh-public-key
+  "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDF+uy407LKZAFnfFkJPRiOBzwV98qIEcKhITnLYhqfITfrJvcFVOY0/YDCrs6WHXyLdM29AoywVWsQ1qXiB7xQCwknPV8YZoCnJQcn0gvH8jbCk+C8Po0Rx846wbhL49qYolnmlhe+Uoy30j7XIJSDtPVO9d/hZqt2GPwGVJ98HLyY2ak+j4i1YkHr+mPFgnCaqCAzA374d1Bop18+YENYtMMU0k8hCsomwZny/7qNo4V8mjLxQAS8FvTuljxlthEpOM4Jsjl07yDLgE69kLvU7mmFi8EeC26e50N18Ouse82dZigtVhAMeLBhbJnQbDff4WfUBzSjpKjZPGcxoRaej3qSRbIkcMMqCOSlww6GcjRi+COvlpA4c1i4hKI15wHceoiKghDLA6jbaHfOqEMldflYl5gCVUIYzJ5XehZppH6L7PzO+L4suNs+aFjWPDZ0jqEtcyTmgTMea40p7wwz086ExnBDorbG79oDiJrWc+swJjXuVakS+fQjb3mPsCC/FgUhsxEtqiVfvLo2mphp47pOYvs64aUp3RV9muqQNuS4tEuP9V1urGTLtgPL26LEjF0oLu1ag0H+VZY5O/T9KRYvWre8IWbj/KkZYo1tJaGJyEVr0plmyzLBEy8b3Hu/6Wtq7yB0Eii60fxqFWC24nEkvs1V0cxDa+o6I2iA9w== eu@euandre.org")
+
+(operating-system
+  (locale "en_GB.utf8")
+  (timezone "America/Sao_Paulo")
+  (keyboard-layout (keyboard-layout "us"))
+  (host-name "guix-pet-server")
+  (users (cons* (user-account
+                  (name "andreh")
+                  (group "users")
+                  (home-directory "/home/andreh")
+                  (supplementary-groups '("wheel")))
+                %base-user-accounts))
+  (sudoers-file (plain-file "sudoers" "\
+root ALL=(ALL) ALL
+%wheel ALL=NOPASSWD: ALL\n"))
+  (packages
+    (append
+      (list (specification->package "nss-certs"))
+      %base-packages))
+  (services
+    (append
+      (list (service openssh-service-type
+                     (openssh-configuration
+                       (openssh openssh-sans-x)
+                       (password-authentication? #false)
+                       (authorized-keys
+                         `(("andreh" ,(plain-file "id_rsa.pub" ssh-public-key))))))
+            (service dhcp-client-service-type))
+      %base-services))
+  (bootloader
+    (bootloader-configuration
+      (bootloader grub-bootloader)
+      (target "/dev/vda")
+      (keyboard-layout keyboard-layout)))
+  (swap-devices
+    (list (uuid "79a91c82-f3e1-4ed7-8c4e-23569f1ae0ca")))
+  (file-systems
+    (cons* (file-system
+             (mount-point "/")
+             (device
+               (uuid "fddb6a4c-8b8c-4f57-b274-5d6d33200f28"
+                     'ext4))
+             (type "ext4"))
+           %base-file-systems)))
diff --git a/vps.tf b/vps.tf
index 8abe76e..5570e80 100644
--- a/vps.tf
+++ b/vps.tf
@@ -35,9 +35,9 @@ resource "vultr_server" "vps_server" {
   # $ curl https://api.vultr.com/v1/regions/list | jq '.["9"]'
   region_id = 9
   # $ curl https://api.vultr.com/v1/plans/list?type=vc2 | jq '.["201"]'
-  plan_id = 202
+  plan_id = 201
   # $ curl -H "API-Key: $TF_VAR_vultr_api_key" https://api.vultr.com/v1/snapshot/list | jq
-  snapshot_id = "5d05f383bcf61"
+  snapshot_id = "2525fb321b412" # base-guix
 }
 
 output "public_ip" {