diff options
| author | Florian Dold <florian.dold@gmail.com> | 2018-11-26 14:48:08 +0100 |
|---|---|---|
| committer | Florian Dold <florian.dold@gmail.com> | 2018-11-26 14:48:08 +0100 |
| commit | 279b8a49f293c417273b440d6590868fd5fbe478 (patch) | |
| tree | 7287df02c4d9c016a941a9c15775effa0d69b145 | |
| parent | 45ba6ff20b44b0d916acb8d9db8d1c163f09866e (diff) | |
| download | deployment-279b8a49f293c417273b440d6590868fd5fbe478.tar.gz deployment-279b8a49f293c417273b440d6590868fd5fbe478.tar.bz2 deployment-279b8a49f293c417273b440d6590868fd5fbe478.zip | |
cleanup: avoid excessive indentation and indent correctly
| -rw-r--r-- | guix/config.scm | 354 |
1 files changed, 174 insertions, 180 deletions
diff --git a/guix/config.scm b/guix/config.scm index f46faa3..e992fa4 100644 --- a/guix/config.scm +++ b/guix/config.scm @@ -32,24 +32,24 @@ (define %nginx-config (computed-file "nginx-config" (with-imported-modules '((guix build utils)) - #~(begin - (use-modules (guix build utils)) - (mkdir #$output) - (chdir #$output) - (symlink #$(local-file "etc/nginx/nginx.conf") - "nginx.conf") - (mkdir "conf.d") - (copy-file #$(local-file "etc/nginx/conf.d/favicon_robots") - "conf.d/favicon_robots") - (copy-file #$(local-file "etc/nginx/conf.d/talerssl") - "conf.d/talerssl") - (mkdir "sites-enabled") - ;; (copy-file #$(local-file "etc/nginx/sites-enabled/git.site") - ;; "sites-enabled/git.site") - (copy-file #$(local-file "etc/nginx/sites-enabled/git-ssl.site") - "sites-enabled/git-ssl.site") - (copy-file #$(local-file "etc/nginx/sites-enabled/default.site") - "sites-enabled/default.site"))))) + #~(begin + (use-modules (guix build utils)) + (mkdir #$output) + (chdir #$output) + (symlink #$(local-file "etc/nginx/nginx.conf") + "nginx.conf") + (mkdir "conf.d") + (copy-file #$(local-file "etc/nginx/conf.d/favicon_robots") + "conf.d/favicon_robots") + (copy-file #$(local-file "etc/nginx/conf.d/talerssl") + "conf.d/talerssl") + (mkdir "sites-enabled") + ;; (copy-file #$(local-file "etc/nginx/sites-enabled/git.site") + ;; "sites-enabled/git.site") + (copy-file #$(local-file "etc/nginx/sites-enabled/git-ssl.site") + "sites-enabled/git-ssl.site") + (copy-file #$(local-file "etc/nginx/sites-enabled/default.site") + "sites-enabled/default.site"))))) ;; this includes defaults, so 'fastcgi' related files: (define %nginx-mime-types @@ -61,168 +61,162 @@ (simple-service 'nginx-/var/cache/nginx activation-service-type (with-imported-modules '((guix build utils)) - #~(begin - (use-modules (guix build utils)) - (mkdir-p "/var/cache/nginx"))))) + #~(begin + (use-modules (guix build utils)) + (mkdir-p "/var/cache/nginx"))))) ;;; --- nginx end (operating-system - (host-name "gv") - (timezone "Europe/Paris") - (locale "en_US.utf8") - (initrd-modules (append (list "megaraid_sas") - ;; "shpchp" is now a built-in) - %base-initrd-modules)) - - (bootloader (bootloader-configuration - (bootloader grub-bootloader) - (target "/dev/sda"))) - - (users (cons* (user-account - (name "grothoff") - (comment "Christian Grothoff") - (group "users") - (supplementary-groups '("wheel" "netdev" "kvm")) - (home-directory "/home/grothoff")) - (user-account - (name "dold") - (comment "Florian Dold") - (group "users") - (supplementary-groups '("wheel" "netdev" "kvm")) - (home-directory "/home/dold")) - (user-account - (name "git") - (comment "gitolite") - (group "git") - (home-directory "/home/git")) - %base-user-accounts)) - - (groups (cons (user-group - (name "git")) - %base-groups)) - - (file-systems (cons* (file-system - (device (uuid "304189db-f9df-4222-810d-94c993598c3b")) - (mount-point "/") - (type "ext4")) - ;;(file-system - ;;(mapped-device - ;; (source (uuid "6631d48c-1371-4b50-aa94-5863c706773e")) - ;; (target "home") - ;; (type luks-device-mapping)) - ;; (mount-piont "/home") - ;; (type "ext4")) - %base-file-systems)) - - (packages (append (map specification->package '("mg" "cryptsetup" - "screen" "tmux" "wget" - "vim" "openssh" "openssl" - "postgresql" - "nss-certs" - "curl" "gnutls-dane" - "gitolite" - "acme-client" - ;"buildbot" - "fcgiwrap" - "python-future" - ; Website dependencies: - "python" "python-jinja2" - "python-sphinx")) - %base-packages)) - - ;; TODO: cgit service? - ;; TODO: gitolite service? - - (services (cons* - (service static-networking-service-type - (list - (static-networking - (interface "enp4s0f1") - (ip "147.87.255.221") - (netmask "255.255.255.240") - (gateway "147.87.255.209") - (name-servers '("8.8.8.8"))))) - - (service special-files-service-type - ;; Using 'canonical-package' as bash and coreutils - ;; canonical packages are already a part of - ;; '%base-packages'. - `(("/bin/sh" ,(file-append (canonical-package bash) - "/bin/sh")) - ("/usr/bin/env" ,(file-append (canonical-package coreutils) - "/bin/env")) - ("/bin/ksh" ,(file-append (canonical-package loksh) - "/bin/ksh")))) - ;; TODO: Use deploy-hook - ;; TODO: Add git.taler.net - ;; (service certbot-service-type - ;; (certbot-configuration - ;; ;; FIXME: switch over to taler.net domain - ;; (email "cert-admin-taler@n0.is") - ;; (certificates - ;; (list - ;; (certificate-configuration - ;; (domains '("gv.taler.net"))))))) - ;; TODO: acme-client cronjob for: - ;; taler.net www.taler.net api.taler.net lcov.taler.net - ;; git.taler.net gauger.taler.net buildbot.taler.net - ;; test.taler.net playground.test.taler.net - ;; auditor.test.taler.net auditor.demo.taler.net - ;; demo.taler.net shop.test.taler.net - ;; shop.demo.taler.net survey.test.taler.net - ;; survey.demo.taler.net donations.demo.taler.net - ;; backend.test.taler.net backend.demo.taler.net - ;; bank.test.taler.net bank.demo.taler.net - ;; www.git.taler.net exchange.demo.taler.net - ;; exchange.test.taler.net env.taler.net - ;; envs.taler.net blog.demo.taler.net - ;; blog.test.taler.net donations.test.taler.net - ;; docs.taler.net intranet.taler.net stage.taler.net - (service openssh-service-type - (openssh-configuration - (x11-forwarding? #t) - (port-number 22) - (password-authentication? #f) - (permit-root-login 'without-password))) - - ;; (service rottlog-service-type (rottlog-configuration)) - ;; (service mcron-service-type - ;; (mcron-configuration - ;; (jobs (list %gc-job %thing1)))) - (service postgresql-service-type) - (git-daemon-service - #:config (git-daemon-configuration - (user-path "git"))) - (service openntpd-service-type - (openntpd-configuration - (listen-on '("127.0.0.1" "::1")) - (sensor '("udcf0 correction 70000")) - (constraint-from '("www.gnu.org")) - (constraints-from '("https://www.google.com/")) - (allow-large-adjustment? #t))) - ;; FIXME: To be able to better test and replicate this, - ;; we have to replicate what's done in nginx (copy into - ;; store, use location in store). - (service fcgiwrap-service-type - (fcgiwrap-configuration - (socket "unix:/var/run/fcgiwrap.socket"))) - ;(service cgit-service-type - ; (opaque-cgit-configuration - ; (cgitrc "/etc/deployment/guix/etc/cgitrc"))) - (service nginx-service-type - (nginx-configuration - (file (file-append %nginx-config - "/nginx.conf")))) - %nginx-mime-types - %nginx-cache-activation - (modify-services %base-services - (guix-service-type - config => - (guix-configuration - (inherit config) - (substitute-urls - (cons* "https://berlin.guixsd.org" - %default-substitute-urls))))))) - - ;; Allow resolution of '.local' host names with mDNS. - (name-service-switch %mdns-host-lookup-nss)) + (host-name "gv") + (timezone "Europe/Paris") + (locale "en_US.utf8") + (initrd-modules (cons* "megaraid_sas" %base-initrd-modules)) + + (bootloader (bootloader-configuration + (bootloader grub-bootloader) + (target "/dev/sda"))) + + (users + (cons* (user-account + (name "grothoff") + (comment "Christian Grothoff") + (group "users") + (supplementary-groups '("wheel" "netdev" "kvm")) + (home-directory "/home/grothoff")) + (user-account + (name "dold") + (comment "Florian Dold") + (group "users") + (supplementary-groups '("wheel" "netdev" "kvm")) + (home-directory "/home/dold")) + (user-account + (name "git") + (comment "gitolite") + (group "git") + (home-directory "/home/git")) + %base-user-accounts)) + + (groups (cons (user-group (name "git")) + %base-groups)) + + (file-systems + (cons* (file-system + (device (uuid "304189db-f9df-4222-810d-94c993598c3b")) + (mount-point "/") + (type "ext4")) + %base-file-systems)) + + (packages + (append (map specification->package + '("mg" "cryptsetup" + "screen" "tmux" "wget" + "vim" "openssh" "openssl" + "postgresql" + "nss-certs" + "curl" "gnutls-dane" + "gitolite" + "acme-client" + #| "buildbot" |# + "fcgiwrap" + "python-future" + "python" "python-jinja2" + "python-sphinx")) + %base-packages)) + + ;; TODO: cgit service? + ;; TODO: gitolite service? + + (services + (cons* + (service static-networking-service-type + (list + (static-networking + (interface "enp4s0f1") + (ip "147.87.255.221") + (netmask "255.255.255.240") + (gateway "147.87.255.209") + (name-servers '("8.8.8.8"))))) + + (service special-files-service-type + ;; Using 'canonical-package' as bash and coreutils + ;; canonical packages are already a part of + ;; '%base-packages'. + `(("/bin/sh" ,(file-append (canonical-package bash) + "/bin/sh")) + ("/usr/bin/env" ,(file-append (canonical-package coreutils) + "/bin/env")) + ("/bin/ksh" ,(file-append (canonical-package loksh) + "/bin/ksh")))) + ;; TODO: Use deploy-hook + ;; TODO: Add git.taler.net + ;; (service certbot-service-type + ;; (certbot-configuration + ;; ;; FIXME: switch over to taler.net domain + ;; (email "cert-admin-taler@n0.is") + ;; (certificates + ;; (list + ;; (certificate-configuration + ;; (domains '("gv.taler.net"))))))) + ;; TODO: acme-client cronjob for: + ;; taler.net www.taler.net api.taler.net lcov.taler.net + ;; git.taler.net gauger.taler.net buildbot.taler.net + ;; test.taler.net playground.test.taler.net + ;; auditor.test.taler.net auditor.demo.taler.net + ;; demo.taler.net shop.test.taler.net + ;; shop.demo.taler.net survey.test.taler.net + ;; survey.demo.taler.net donations.demo.taler.net + ;; backend.test.taler.net backend.demo.taler.net + ;; bank.test.taler.net bank.demo.taler.net + ;; www.git.taler.net exchange.demo.taler.net + ;; exchange.test.taler.net env.taler.net + ;; envs.taler.net blog.demo.taler.net + ;; blog.test.taler.net donations.test.taler.net + ;; docs.taler.net intranet.taler.net stage.taler.net + (service openssh-service-type + (openssh-configuration + (x11-forwarding? #t) + (port-number 22) + (password-authentication? #f) + (permit-root-login 'without-password))) + + ;; (service rottlog-service-type (rottlog-configuration)) + ;; (service mcron-service-type + ;; (mcron-configuration + ;; (jobs (list %gc-job %thing1)))) + (service postgresql-service-type) + (git-daemon-service + #:config (git-daemon-configuration + (user-path "git"))) + (service openntpd-service-type + (openntpd-configuration + (listen-on '("127.0.0.1" "::1")) + (sensor '("udcf0 correction 70000")) + (constraint-from '("www.gnu.org")) + (constraints-from '("https://www.google.com/")) + (allow-large-adjustment? #t))) + ;; FIXME: To be able to better test and replicate this, + ;; we have to replicate what's done in nginx (copy into + ;; store, use location in store). + (service fcgiwrap-service-type + (fcgiwrap-configuration + (socket "unix:/var/run/fcgiwrap.socket"))) + ;(service cgit-service-type + ; (opaque-cgit-configuration + ; (cgitrc "/etc/deployment/guix/etc/cgitrc"))) + (service nginx-service-type + (nginx-configuration + (file (file-append %nginx-config + "/nginx.conf")))) + %nginx-mime-types + %nginx-cache-activation + (modify-services %base-services + (guix-service-type + config => + (guix-configuration + (inherit config) + (substitute-urls + (cons* "https://berlin.guixsd.org" + %default-substitute-urls))))))) + + ;; Allow resolution of '.local' host names with mDNS. + (name-service-switch %mdns-host-lookup-nss)) |