;;; Tyreunom's system administration and configuration tools.
;;;
;;; Copyright Â© 2019 Julien Lepiller <julien@lepiller.eu>
;;;
;;; This program is free software: you can redistribute it and/or modify
;;; it under the terms of the GNU General Public License as published by
;;; the Free Software Foundation, either version 3 of the License, or
;;; (at your option) any later version.
;;;
;;; This program is distributed in the hope that it will be useful,
;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with this program.  If not, see <http://www.gnu.org/licenses/>.

(use-modules (gnu))
(use-modules (gnu system))
(use-modules (gnu bootloader))
(use-modules (gnu services dns))
(use-modules (gnu services web))
(use-modules (config certbot) (config dns) (config mail) (config network) (config os))

(define u-boot-allwinner-bootloader (@@ (gnu bootloader u-boot) u-boot-allwinner-bootloader))

(define u-boot-cibietruck-bootloader
  (bootloader
    (inherit u-boot-allwinner-bootloader)
    (package u-boot-cubietruck)))

(operating-system
  (inherit (tyreunom-os "ene"))
  (bootloader
    (bootloader-configuration
      (target "/dev/mmcblk0")
      (bootloader u-boot-cubietruck-bootloader)))
  (initrd-modules (cons "sunxi-mmc" %base-initrd-modules))
  (file-systems (cons (file-system
                        (mount-point "/")
                        (device "/dev/sda1")
                        (type "ext4"))
                      %base-file-systems))
  (services
    (append
      (list
	(service dhcp-client-service-type)
	(agetty-service
	  (agetty-configuration
	    (extra-options '("-L"))
	    (baud-rate "115200")
	    (term "vt100")
	    (tty "ttyS0")))
        (service nginx-service-type)
        (service knot-service-type
                 (knot-configuration
                   (zones (list lepiller-master-zone
                                ipv4-reverse-master-zone
                                ipv6-reverse-master-zone))))
        (certbot-service `(("courriel.lepiller.eu")
			   ("ene.lepiller.eu" "rennes.lepiller.eu")
			   ("avatar.lepiller.eu")))
	(cat-avatar-generator-service
	  #:configuration
	  (nginx-server-configuration
	    (server-name '("avatar.lepiller.eu"))
	    (ssl-certificate "/etc/letsencrypt/live/avatar.lepiller.eu/fullchain.pem")
	    (ssl-certificate-key "/etc/letsencrypt/live/avatar.lepiller.eu/privkey.pem")
	    (listen '("443 ssl http2" "[::]:443 ssl http2"))))
        (simple-service 'default-http-server nginx-service-type
          (list (nginx-server-configuration
                  (ssl-certificate "/etc/letsencrypt/live/lepiller.eu/fullchain.pem")
                  (ssl-certificate-key "/etc/letsencrypt/live/lepiller.eu/privkey.pem")
                  (listen '("443 ssl http2" "[::]:443 ssl http2"))
                  (server-name '(default))(root "/srv/http/default")))))
      lepiller-mail-services
      (server-services "ene"))))