system-configuration

Julien LepillerSat Sep 26 03:48:02+0200 2020

15e87d9

Add gitolite service

systems/ene.scm

 (use-modules (gnu services dns))
 (use-modules (gnu services mail))
 (use-modules (gnu services networking))
 (use-modules (gnu services version-control))
 (use-modules (gnu services web))
 (use-modules (gnu system))
 (use-modules (guix utils))
 (use-modules (config certbot) (config dns) (config iptables)
 	     (config mail) (config os))
              (config mail) (config os))
 ;; Copy from (gnu bootloader u-boot)
 (define install-allwinner-u-boot
             (baud-rate "115200")
             (term "vt100")
             (tty "ttyS0")))
         (service nginx-service-type)
         (service tor-service-type)
         (tor-hidden-service "mail"
                             '((25 "127.0.0.1:25")
                               (143 "127.0.0.1:143")
                               (587 "127.0.0.1:587")
                               (993 "127.0.0.1:993")))
         (service knot-service-type
                  (knot-configuration
                    (includes '("/etc/knot/secrets.conf"))
                                 ipv6-reverse-master-zone))))
         (certbot-service `(("courriel.lepiller.eu" "imap.lepiller.eu")
                            ("ene.lepiller.eu" "rennes.lepiller.eu")
                            ("avatar.lepiller.eu")))
                            ("avatar.lepiller.eu")
 			   ("git.lepiller.eu")))
         (service nginx-service-type)
         (service php-fpm-service-type)
         (cat-avatar-generator-service
           #:configuration
           (nginx-server-configuration
             (server-name '("avatar.lepiller.eu"))
             (ssl-certificate "/etc/letsencrypt/live/avatar.lepiller.eu/fullchain.pem")
             (ssl-certificate-key "/etc/letsencrypt/live/avatar.lepiller.eu/privkey.pem")
             (ssl-certificate
 	      "/etc/letsencrypt/live/avatar.lepiller.eu/fullchain.pem")
             (ssl-certificate-key
 	      "/etc/letsencrypt/live/avatar.lepiller.eu/privkey.pem")
             (listen '("443 ssl http2" "[::]:443 ssl http2"))))
         (simple-service 'default-http-server nginx-service-type
           (list (nginx-server-configuration
                   (ssl-certificate "/etc/letsencrypt/live/ene.lepiller.eu/fullchain.pem")
                   (ssl-certificate-key "/etc/letsencrypt/live/ene.lepiller.eu/privkey.pem")
                   (ssl-certificate
 		    "/etc/letsencrypt/live/ene.lepiller.eu/fullchain.pem")
                   (ssl-certificate-key
 		    "/etc/letsencrypt/live/ene.lepiller.eu/privkey.pem")
                   (listen '("443 ssl http2" "[::]:443 ssl http2"))
                   (server-name '(default))(root "/srv/http/default"))))
         (simple-service 'git-server nginx-service-type
           (list (nginx-server-configuration
                   (ssl-certificate
 		    "/etc/letsencrypt/live/git.lepiller.eu/fullchain.pem")
                   (ssl-certificate-key
 		    "/etc/letsencrypt/live/git.lepiller.eu/privkey.pem")
                   (listen '("443 ssl http2" "[::]:443 ssl http2"))
                   (server-name '(default))(root "/srv/http/default")))))
       (lepiller-mail-services
         #:interface "eth0"
         #:domain "courriel.lepiller.eu")
                   (server-name '(default))(root "/srv/http/git/public"))))
 	(service gitolite-service-type
 	  (gitolite-configuration
 	    (admin-pubkey (local-file "../keys/tyreunom.pub")))))
       (modify-services
         (lepiller-mail-services
           #:interface "eth0"
           #:domain "courriel.lepiller.eu")
         (dovecot-service-type config =>
          (dovecot-configuration
            (inherit config)
            (dovecot (package
                       (inherit dovecot)
                       (arguments
                         `(#:tests? #f
                           ,@(package-arguments dovecot))))))))
       (server-services "ene"))))