diff options
| author | EuAndreh <eu@euandre.org> | 2020-11-29 00:39:36 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2020-11-29 00:39:36 -0300 |
| commit | 2719472071a81d007a1782ff5f89f9adf512b01c (patch) | |
| tree | 546c602687815897e983e99598f3c9ebbe7b0a8a /sync | |
| parent | Move shell.sh to container (diff) | |
| download | toph-2719472071a81d007a1782ff5f89f9adf512b01c.tar.gz toph-2719472071a81d007a1782ff5f89f9adf512b01c.tar.xz | |
vps.scm: WIP setup cgit
Diffstat (limited to 'sync')
| -rw-r--r-- | sync/vps.scm | 108 |
1 files changed, 83 insertions, 25 deletions
diff --git a/sync/vps.scm b/sync/vps.scm index fa1a595..a7b8aa1 100644 --- a/sync/vps.scm +++ b/sync/vps.scm @@ -1,10 +1,20 @@ (use-modules (gnu) (ice-9 textual-ports) (guix gexp)) -(use-service-modules networking ssh mcron admin mail web certbot) -(use-package-modules ssh backup) +(use-package-modules ssh + backup + version-control) +(use-service-modules networking + ssh + mcron + admin + mail + web + certbot + cgit) -(define user "andreh") +(define user + "andreh") (define (slurp f) (string-trim-both @@ -20,8 +30,13 @@ root ALL=(ALL) ALL (define tld (slurp "tld.txt")) +(define mail-domain-prefix "mail") (define mail-domain - (string-append "mail." tld)) + (string-append mail-domain-prefix "." tld)) + +(define git-domain-prefix "git") +(define git-domain + (string-append git-domain-prefix "." tld)) (define certbot-alias "certbot") @@ -48,7 +63,12 @@ pki " mail-domain " cert \"" (tls-pub-for mail-domain) "\" pki " mail-domain " key \"" (tls-priv-for mail-domain) "\"")) (define tls-prefixes - '("mail" "ci")) + (list "www" + mail-domain-prefix + "ci" + git-domain-prefix + "chat" + "meet")) (define tls-domains (cons tld @@ -95,31 +115,69 @@ pki " mail-domain " key \"" (tls-priv-for mail-domain) "\"")) ("webmaster" "root") ("abuse" "root") (,certbot-alias "root"))) - (service nginx-service-type - (nginx-configuration - (server-blocks - (list - (nginx-server-configuration - ;; FIXME: force redirect - ;; FIXME: hook for "mkdir -p /srv/http/ && chmod" - ;; FIXME: permanent redirect www - (server-name (list tld)) - (ssl-certificate (tls-pub-for tld)) - (ssl-certificate-key (tls-priv-for tld))))))) - (service certbot-service-type - (certbot-configuration - (email (string-append certbot-alias "@" tld)) - (certificates - (list - (certificate-configuration - (domains tls-domains)))))) + ;; (service nginx-service-type + ;; (nginx-configuration + ;; (server-blocks + ;; (list + ;; (nginx-server-configuration + ;; ;; FIXME: force redirect HTTPS + ;; ;; FIXME: permanent redirect www and everything else to non-www + ;; (server-name (list tld)) + ;; (ssl-certificate (tls-pub-for tld)) + ;; (ssl-certificate-key (tls-priv-for tld))))))) + ;; (service certbot-service-type + ;; (certbot-configuration + ;; (email (string-append certbot-alias "@" tld)) + ;; (certificates + ;; (list + ;; (certificate-configuration + ;; (domains tls-domains)))))) (simple-service 'automatic-certbot-renewal activation-service-type (with-imported-modules '((gnu services herd)) #~(begin (use-modules (gnu services herd)) - (execl "/var/lib/certbot/renew-certificates") - (restart-service 'nginx))))) + ;; (execl "/var/lib/certbot/renew-certificates") + (restart-service 'nginx)))) + (service cgit-service-type + (cgit-configuration + (remove-suffix? #t) + (root-title "EuAndreh's repositories") + (root-desc "Patches welcome!") + (snapshots '("tar.gz" "zip")) + (clone-prefix (list (string-append "https://" git-domain))) + (source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py")) + (about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh")) + ;; about-filter + ;;(clone-url "dunno") + (enable-commit-graph? #t) + (enable-follow-links? #t) + (enable-index-links? #t) + (enable-log-filecount? #t) + (enable-log-linecount? #t) + (max-repodesc-length 120) + (max-stats "year") + (nocache? #t) + (readme "README.md") ;; FIXME + ;() + ;; (repositories + ;; (list + ;; (repository-cgit-configuration + ;; )) + ;; ) + ;; (map (lambda (f) + ;; (repository-cgit-configuration (readme f))) + ;; '("README.md" "README" "README.rst" "README.org")) + )) + (simple-service 'init-srv-directories + activation-service-type + #~(begin + (for-each (lambda (p) + (mkdir-p p) + (chmod p #o777)) + '("/srv/http" + "/srv/git" + "/srv/ci"))))) %base-services)) (bootloader (bootloader-configuration |