diff options
author | Nils Gillmann <ng0@n0.is> | 2018-10-15 13:11:48 +0000 |
---|---|---|
committer | Nils Gillmann <ng0@n0.is> | 2018-10-15 13:11:48 +0000 |
commit | 8d205b76dcfe4659e73ac3a97aa8792a517c5774 (patch) | |
tree | 982a1903e29efb85cee6b17d7fa3dbada76a86e2 | |
parent | 430db6a55226ea4a9c33e322edc4a3a7b325393c (diff) | |
download | deployment-8d205b76dcfe4659e73ac3a97aa8792a517c5774.tar.gz deployment-8d205b76dcfe4659e73ac3a97aa8792a517c5774.tar.bz2 deployment-8d205b76dcfe4659e73ac3a97aa8792a517c5774.zip |
guix/config.scm (do not deploy this): work on adding more necessary bits in the system config.
Signed-off-by: Nils Gillmann <ng0@n0.is>
-rw-r--r-- | guix/config.scm | 88 |
1 files changed, 84 insertions, 4 deletions
diff --git a/guix/config.scm b/guix/config.scm index 39d1110..32adf8c 100644 --- a/guix/config.scm +++ b/guix/config.scm @@ -1,10 +1,58 @@ (use-modules (srfi srfi-1) (gnu) - (guix)) + (guix) + (guix gexp)) (use-system-modules nss) -(use-service-modules networking ssh version-control databases admin) -(use-package-modules base bash shells) +(use-service-modules networking ssh version-control databases admin web) +(use-package-modules base bash shells web) + +;;; --- cron jobs start +(define %gc-job + ;; Collect garbage once a day. + #~(job '(next-hour '(4)) + (string-append #$guix "/bin/guix gc -F80G"))) +;;; --- cron jobs end + +;;; --- nginx start +;; TODO: Translate nginx code to guix nginx-service without a file +;; if possible wiht our config. +;; DOCUMENTATION: There are 2 ways to run nginx on GuixSD, we use +;; the way which allows us to work directly on nginx files instead +;; of generating them through Guix, for now. Every update of the +;; nginx config requires a reconfigure! +(define %nginx-config + (computed-file "nginx-config" + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (mkdir #$output) + (chdir #$output) + (symlink #$(local-file "etc/nginx/nginx.conf") + "nginx.conf") + (mkdir "conf.d") + (copy-file #$(local-file "etc/nginx/conf.d/favicon_robots") + "conf.d/favicon_robots") + (mkdir "sites-enabled") + (copy-file #$(local-file "etc/nginx/sites-enabled/git.site") + "sites-enabled/git.site") + (copy-file #$(local-file "etc/nginx/sites-enabled/git-ssl.site") + "sites-enabled/git-ssl.site"))))) + +;; TODO: Change to our file. +(define %nginx-mime-types + (simple-service 'nginx-mime.types + etc-service-type + `(("nginx" ,(file-append nginx "/share/nginx/conf"))))) + +(define %nginx-cache-activation + (simple-service 'nginx-/var/cache/nginx + activation-service-type + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (mkdir-p "/var/cache/nginx"))))) +;;; --- nginx end (operating-system (host-name "gv") @@ -61,8 +109,16 @@ "nss-certs" "curl" "gnutls-dane" "gitolite" - "acme-client")) + "acme-client" + ; Website dependencies: + "python" "python-jinja2" + "python-sphinx")) + ; "buildbot" %base-packages)) + + ;; TODO: cgit service? + ;; TODO: gitolite service? + (services (cons* (service static-networking-service-type (list @@ -83,6 +139,21 @@ "/bin/env")) ("/bin/ksh" ,(file-append (canonical-package loksh) "/bin/ksh")))) + ;; TODO: acme-client cronjob for: + ;; taler.net www.taler.net api.taler.net lcov.taler.net + ;; git.taler.net gauger.taler.net buildbot.taler.net + ;; test.taler.net playground.test.taler.net + ;; auditor.test.taler.net auditor.demo.taler.net + ;; demo.taler.net shop.test.taler.net + ;; shop.demo.taler.net survey.test.taler.net + ;; survey.demo.taler.net donations.demo.taler.net + ;; backend.test.taler.net backend.demo.taler.net + ;; bank.test.taler.net bank.demo.taler.net + ;; www.git.taler.net exchange.demo.taler.net + ;; exchange.test.taler.net env.taler.net + ;; envs.taler.net blog.demo.taler.net + ;; blog.test.taler.net donations.test.taler.net + ;; docs.taler.net intranet.taler.net stage.taler.net (service openssh-service-type (openssh-configuration (x11-forwarding? #t) @@ -91,6 +162,9 @@ (permit-root-login 'without-password))) (service rottlog-service-type (rottlog-configuration)) + (service mcron-service-type + (mcron-configuration + (jobs (list %gc-job %thing1)))) (service postgresql-service-type) (git-daemon-service #:config (git-daemon-configuration @@ -102,6 +176,12 @@ (constraint-from '("www.gnu.org")) (constraints-from '("https://www.google.com/")) (allow-large-adjustment? #t))) + (service nginx-service-type + (nginx-configuration + (file (file-append %nginx-config + "/nginx.conf")))) + %nginx-mime-types + %nginx-cache-activation (modify-services %base-services (guix-service-type config => |