diff options
Diffstat (limited to 'vps.scm')
| -rw-r--r-- | vps.scm | 65 |
1 files changed, 37 insertions, 28 deletions
@@ -157,9 +157,9 @@ ;; DNS constants (define user "andreh") -(define host-name "harvey") -(define tld (slurp (string-append "/home/" user "/tld.txt"))) +(define tld (slurp "shared/tld.txt")) +(define host-name (slurp "shared/hostname.txt")) (define mail-domain-prefix "mail") (define mail-domain (string-append mail-domain-prefix "." tld)) @@ -346,9 +346,7 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (define my-system (operating-system - (locale "en_US.UTF-8") (timezone "America/Sao_Paulo") - (keyboard-layout (keyboard-layout "us")) (host-name host-name) (users (cons* (user-account (name user) @@ -359,9 +357,8 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (sudoers-file (plain-file "sudoers" sudoers)) (packages (append (map (compose list specification->package+output symbol->string) - '(git - nss-certs - rsync)) + ;; required for guix pull + '(nss-certs)) %base-packages)) (services (append @@ -371,21 +368,25 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (password-authentication? #false) (authorized-keys `((,user ,(plain-file "id_rsa.pub" ssh-public-key)))))) + #; (service mcron-service-type (mcron-configuration (jobs (list generate-ci-html-job)))) + #; (simple-service 'automatic-services-restart activation-service-type (with-imported-modules '((gnu services herd)) #~(begin (use-modules (gnu services herd)) (restart-service 'mcron) - (restart-service 'nginx)))) + (restart-service 'nginx)))) (service unattended-upgrade-service-type) (service dhcp-client-service-type) + #; (service opensmtpd-service-type (opensmtpd-configuration (config-file opensmtpd-config))) + #; (service mail-aliases-service-type `(("postmaster" "root") ("webmaster" "root") @@ -394,10 +395,11 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (service nginx-service-type (nginx-configuration (server-blocks - (append - (list - (static-nginx-config (list ci-domain) "/srv/ci")) - static-projects-nginx-config)))) + (append + (list + (static-nginx-config (list ci-domain) "/srv/ci")) + static-projects-nginx-config)))) + #; (service certbot-service-type (certbot-configuration (email (string-append certbot-alias "@" tld)) @@ -405,6 +407,7 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (list (certificate-configuration (domains tls-domains)))))) + #; (simple-service 'automatic-certbot-renewal activation-service-type (with-imported-modules '((gnu services herd)) @@ -422,7 +425,7 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (clone-prefix (list (string-append "https://" git-domain))) (source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py")) (about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh")) - (favicon (file-append cgit "/share/cgit/favicon.ico")) + (favicon (file-append cgit "/share/cgit/favicon.ico")) (enable-commit-graph? #t) (enable-follow-links? #t) (enable-index-owner? #f) @@ -439,28 +442,34 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (string-join (map (partial string-append "readme=:README") '("" ".txt" ".md" ".rst")) "\n"))) - #; - (nginx - (nginx-server-configuration)))) + #; + (nginx-server-configuration-list + (list + (nginx-server-configuration + (server-name (list git-domain))))))) + #; (simple-service 'init-srv-directories activation-service-type #~(for-each (lambda (p) (mkdir-p p) - ;; error: cmd is undefined - ;; #´chown -R $user users $p´ - #; - (chown p #$user "users") - #; (chmod p #o755)) '("/srv/http" "/srv/git" "/srv/ci")))) - %base-services)) + (modify-services + %base-services + (guix-service-type + config => (guix-configuration + (inherit config) + (authorized-keys + (append + (list (local-file "/etc/guix/signing-key.pub")) + %default-authorized-guix-keys))))))) (bootloader (bootloader-configuration (bootloader grub-bootloader) (target "/dev/vda") - (keyboard-layout keyboard-layout))) + (terminal-outputs '(console)))) (swap-devices (list (uuid "79a91c82-f3e1-4ed7-8c4e-23569f1ae0ca"))) (file-systems @@ -477,11 +486,11 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\""))) (operating-system my-system) (environment managed-host-environment-type) (configuration (machine-ssh-configuration - (host-name host-name) - (system "x86_64-linux) + (host-name tld) + (system "x86_64-linux") (user "andreh") - (identity "~/.ssh/id_rsa.pub") - (port 1234))))) + (host-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOwnnw/u8ub+kcQhnVSyNWarYGH8aesUwIy4SIprufKf") + ;; FIXME: change away from the default port + (port 22))))) (list my-machine) -my-system |