Add tor hidden service for the website

Julien LepillerThu Sep 26 12:07:26+0200 2019

97574eb

Add tor hidden service for the website

systems/hermes.scm

1919 
(use-modules (gnu system))
2020 
(use-modules (gnu bootloader) (gnu bootloader grub))
2121 
(use-modules (gnu services dns))
22+
(use-modules (gnu services networking))
2223 
(use-modules (gnu services web))
2324 
(use-modules (config certbot) (config dns) (config mail) (config network) (config os)
24-
	     (config web))
25+
             (config web))
2526 
2627 
2728 
;; NOTE: this config contains out-of band files.
7677 
    (append
7778 
      (list
7879 
        hermes-network-service
79-
        (service nginx-service-type)
80+
        (service tor-service-type)
81+
        (tor-hidden-service "lepiller"
82+
                            '((22 "127.0.0.1:22")
83+
                              (80 "127.0.0.1:80")))
84+
        (service nginx-service-type
85+
          (nginx-configuration
86+
            (server-names-hash-bucket-size 128)))
8087 
        (service knot-service-type
8188 
                 (knot-configuration
8289 
                   (includes '("/etc/knot/secrets.conf"))
8693 
                                ipv4-reverse-master-zone
8794 
                                ipv6-reverse-master-zone))))
8895 
        (certbot-service `(("lepiller.eu" "www.lepiller.eu" "smtp.lepiller.eu")))
96+
        (simple-service 'tor-lepiller-http-server nginx-service-type
97+
          (list (nginx-server-configuration
98+
                  (listen '("80" "[::]:80"))
99+
                  (server-name '("c25o7knygjm3m67jy27yuynvv4pkfi25naucscmh4ubq2ggiig3v57ad.onion"))
100+
                  (root "/srv/http/lepiller/public")
101+
                  (index '("index.$language_suffix.html" "index.html"))
102+
                  (try-files '("$uri.$language_suffix.html" "$uri" "$uri/" "=404"))
103+
                  (raw-content lepiller-policy))))
89104 
        (simple-service 'lepiller-http-server nginx-service-type
90105 
          (list (nginx-server-configuration
91106 
                  (ssl-certificate "/etc/letsencrypt/live/lepiller.eu/fullchain.pem")
102117 
                  (ssl-certificate-key "/etc/letsencrypt/live/lepiller.eu/privkey.pem")
103118 
                  (listen '("443 ssl http2" "[::]:443 ssl http2"))
104119 
                  (server-name '(default))
105-
		  (root "/srv/http/default")
106-
		  (raw-content default-web-policy)))))
120+
                  (root "/srv/http/default")
121+
                  (raw-content default-web-policy)))))
107122 
      (lepiller-mail-services
108123 
        #:interface "ens18"
109124 
        #:domain "lepiller.eu")