Update ene

Julien LepillerMon Apr 18 10:38:26+0200 2022

32856e9

Update ene

systems/ene.scm

1818 
(use-modules (gnu))
1919 
(use-modules (gnu bootloader))
2020 
(use-modules (gnu bootloader u-boot))
21-
(use-modules (gnu packages bootloaders))
22-
(use-modules (gnu packages dns))
2321 
(use-modules (gnu services dns))
2422 
(use-modules (gnu services mail))
2523 
(use-modules (gnu services networking))

2725 
(use-modules (gnu services web))
2826 
(use-modules (gnu system))
2927 
28+
(use-modules (gnu packages bootloaders))
29+
(use-modules (gnu packages dns))
3030 
(use-modules (gnu packages libunwind))
3131 
(use-modules (gnu packages mail))
32+
(use-modules (gnu packages package-management))
33+
(use-modules (gnu packages php))
3234 
(use-modules (gnu packages tor))
3335 
(use-modules (gnu packages web))
36+
3437 
(use-modules (guix packages))
3538 
(use-modules (guix utils))
3639 
(use-modules (guix transformations))
3740 
3841 
(use-modules (config certbot) (config dns) (config iptables)
3942 
             (config mail) (config os) (config static-web)
40-
	     (config web)
41-
	     (services gitile) (packages gitile))
43+
             (config web)
44+
             (packages gitile))
4245 
4346 
;; Copy from (gnu bootloader u-boot)
4447 
(define install-allwinner-u-boot
5861 
  (inherit (tyreunom-os "ene"))
5962 
  (bootloader
6063 
    (bootloader-configuration
61-
      (target "/dev/mmcblk0")
64+
      (targets '("/dev/mmcblk0"))
6265 
      (bootloader u-boot-cubietruck-bootloader)))
6366 
  (initrd-modules (cons* "sunxi-mmc" "sd_mod" "ahci_sunxi" %base-initrd-modules))
6467 
  (file-systems (cons (file-system
7881 
            (term "vt100")
7982 
            (tty "ttyS0")))
8083 
        (service tor-service-type
81-
		 (tor-configuration
82-
		   (tor (package
83-
			  (inherit tor)
84-
			  (arguments
85-
			   `(#:tests? #f
86-
			     ,@(package-arguments tor)))))))
84+
                 (tor-configuration
85+
                   (tor (package
86+
                          (inherit tor)
87+
                          (arguments
88+
                           `(#:tests? #f
89+
                             ,@(package-arguments tor)))))))
8790 
        (tor-hidden-service "mail"
8891 
                            '((25 "127.0.0.1:25")
8992 
                              (143 "127.0.0.1:143")
9093 
                              (587 "127.0.0.1:587")
9194 
                              (993 "127.0.0.1:993")))
95+
        (tor-hidden-service "ssh"
96+
                            '(("22" "127.0.0.1:22")))
9297 
        (service knot-service-type
9398 
                 (knot-configuration
94-
		   (knot
95-
		     ((options->transformation '((without-tests . "protobuf")))
96-
		       knot))
99+
                   (knot
100+
                     ((options->transformation '((without-tests . "protobuf")
101+
						 (without-tests . "knot")))
102+
                       knot))
97103 
                   (includes '("/etc/knot/secrets.conf"))
98-
                   (acls (list master-acl))
104+
                   (acls (list slave-acl))
99105 
                   (remotes (list hermes))
100-
                   (zones (list lepiller-master-zone
106+
                   (zones (list lepiller-slave-zone
101107 
                                ipv4-reverse-master-zone
102108 
                                ipv6-reverse-master-zone))))
103109 
        (certbot-service `(("courriel.lepiller.eu" "imap.lepiller.eu")
104110 
                           ("ene.lepiller.eu" "rennes.lepiller.eu")
105111 
                           ("avatar.lepiller.eu")
106112 
                           ("git.lepiller.eu")
107-
			   ("social.lepiller.eu")))
113+
                           ("social.lepiller.eu")))
108114 
        (service nginx-service-type)
109115 
        (service php-fpm-service-type
110-
		 (php-fpm-configuration
111-
		   ;; TODO: remove after guix doesn't complain about duplicate
112-
		   ;; groups.
113-
		   (group "php-fpm2")))
116+
                 (php-fpm-configuration
117+
                   ;; TODO: remove after guix doesn't complain about duplicate
118+
                   ;; groups.
119+
                   (group "php-fpm2")
120+
		   (php (package (inherit php)
121+
				 (arguments
122+
				  `(#:tests? #f
123+
				    ,@(package-arguments php)))))))
114124 
        (service fcgiwrap-service-type
115125 
                 (fcgiwrap-configuration
116126 
                   (group "git")))
140150 
                  (root "/srv/http/social/public")
141151 
                  (locations
142152 
                    (list
143-
		      (nginx-location-configuration
144-
			(uri "/content/")
145-
			(body '("alias /var/lib/social/user-data/public/;")))
153+
                      (nginx-location-configuration
154+
                        (uri "/content/")
155+
                        (body '("alias /var/lib/social/user-data/public/;")))
146156 
                      (nginx-location-configuration
147157 
                        (uri "/")
148158 
                        (body '("proxy_pass http://localhost:8081;")))))
149159 
                  (raw-content default-web-policy))))
150-
	(service gitile-service-type)
151-
        (simple-service 'git-server nginx-service-type
152-
          (list (nginx-server-configuration
153-
                  (ssl-certificate
154-
                    "/etc/letsencrypt/live/git.lepiller.eu/fullchain.pem")
155-
                  (ssl-certificate-key
156-
                    "/etc/letsencrypt/live/git.lepiller.eu/privkey.pem")
157-
                  (listen '("443 ssl http2" "[::]:443 ssl http2"))
158-
                  (server-name '("git.lepiller.eu"))
159-
                  (root "/srv/http/git/public")
160-
                  (locations
161-
                    (append
162-
                      (list
163-
                        (git-http-nginx-location-configuration
164-
                          (git-http-configuration
165-
                            (uri-path "/git/")
166-
                            (git-root "/var/lib/gitolite/repositories")))
167-
                        (nginx-location-configuration
168-
                          (uri "/")
169-
                          (body
170-
                            (list
171-
                              "proxy_pass http://127.0.0.1:8080/;"))))
172-
                      (map
173-
                        (lambda (loc)
174-
                          (nginx-location-configuration
175-
                            (uri loc)
176-
                            (body
177-
                              (list
178-
                                "root /srv/http/git/public;"))))
179-
                        '("/css" "/js" "/images" "~* .*/manual/.*" "= /"
180-
                          "= /index.html")))))))
160+
        (service gitile-service-type
161+
                 (gitile-configuration
162+
		   (package gitile)
163+
                   (base-git-url "https://git.lepiller.eu/git")
164+
                   (intro '((p "Hey there, I'm Julien, also known as "
165+
                               (code "roptat") " or " (code "tyreunom")
166+
                               " on the internet. If you reached this page, it
167+
probably means you are interested in the kind of software projects I make. Thank
168+
you for your interest! Here is a list of projects I host here.")
169+
                            (p "Note that I am in the process of migrating from
170+
framagit. Every new project will appear here, but older projects might take
171+
time to migrate. I'm also planning to add some features at some point, like
172+
issues and merge requests, but that will take some time. I'd like to implement
173+
these features myself, using " (a (@ (href "https://notabug.org/peers/forgefed")) "forgefed") ".")))
174+
                   (footer '((p (a (@ (href "https://lepiller.eu")) "Who am I?"))))
175+
                   (nginx
176+
                     (nginx-server-configuration
177+
                       (ssl-certificate
178+
                         "/etc/letsencrypt/live/git.lepiller.eu/fullchain.pem")
179+
                       (ssl-certificate-key
180+
                         "/etc/letsencrypt/live/git.lepiller.eu/privkey.pem")
181+
                       (listen '("443 ssl http2" "[::]:443 ssl http2"))
182+
                       (server-name '("git.lepiller.eu"))
183+
                       (root "/srv/http/git/public")
184+
                       (locations
185+
                         (list
186+
                           (git-http-nginx-location-configuration
187+
                             (git-http-configuration
188+
                               (uri-path "/git/")
189+
                               (git-root "/var/lib/gitolite/repositories")))
190+
                           (nginx-location-configuration
191+
                             (uri "~* .*/manual/.*")
192+
                             (body
193+
                               (list
194+
                                 "root /srv/http/git/public;")))))))))
181195 
        (service static-web-site-service-type
182196 
                 (static-web-site-configuration
183197 
                  (git-url "https://git.lepiller.eu/git/guile-netlink")
193207 
          (gitolite-configuration
194208 
            (admin-pubkey (local-file "../keys/tyreunom.pub"))
195209 
            (rc-file
196-
              (gitolite-rc-file
210+
              (local-file "../files/gitolite.rc")
211+
              #;(gitolite-rc-file
197212 
                (umask #o0027)
198213 
                (git-config-keys ".*"))))))
199214 
      (modify-services