system-configuration

xana.scm

;;; Tyreunom's system administration and configuration tools.
;;;
;;; Copyright © 2020 Julien Lepiller <julien@lepiller.eu>
;;;
;;; This program is free software: you can redistribute it and/or modify
;;; it under the terms of the GNU General Public License as published by
;;; the Free Software Foundation, either version 3 of the License, or
;;; (at your option) any later version.
;;;
;;; This program is distributed in the hope that it will be useful,
;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with this program.  If not, see <http://www.gnu.org/licenses/>.

(use-modules (gnu))
(use-modules (gnu system))
(use-modules (gnu bootloader) (gnu bootloader grub))
(use-modules (gnu services mcron))
(use-modules (gnu services networking))
(use-modules (gnu services web))
(use-modules (config certbot) (config cuirass) (config network) (config os))
(use-modules (gnu packages base))
(use-modules (guix gexp))

(define i18n-download-job
  #~(job '(next-minute-from (next-hour '(05)) '(51))
         (lambda ()
           (execl #$(file-append gnu-make "/bin/make")
                  "-C" "/srv/http/i18n" "fdroid-update"))))

(define i18n-compile-job
  #~(job '(next-minute-from (next-hour '(06)) '(21))
         (lambda ()
           (execl #$(file-append gnu-make "/bin/make")
                  "-C" "/srv/http/i18n"))))

(define nani-download-job
  #~(job '(next-minute-from (next-hour-from (next-day (range 1 31 5)) '(02)) '(12))
         (lambda ()
           (execl #$(file-append gnu-make "/bin/make")
                  "-C" "/srv/http/nani" "download"))))

(define nani-update-job
  #~(job '(next-minute-from (next-hour-from (next-day (range 1 31 5)) '(03)) '(12))
         (lambda ()
           (execl #$(file-append gnu-make "/bin/make")
                  "-C" "/srv/http/nani" "download"))))

(operating-system
  (inherit (tyreunom-os "xana"))
  (bootloader
    (bootloader-configuration
      (target "/dev/sda")
      (bootloader grub-bootloader)))
  (file-systems (cons (file-system
                        (mount-point "/")
                        (device (uuid "27207be8-f30a-4ac6-a5ec-41859e90ee94"))
                        (type "ext4"))
                      %base-file-systems))
  (swap-devices '("/dev/sda1"))
  (services
    (append
      (list
        (service dhcp-client-service-type)
        (service nginx-service-type)
        (simple-service 'i18n-cron mcron-service-type
          (list i18n-download-job i18n-compile-job
                nani-download-job nani-update-job))
        (certbot-service `(("xana.lepiller.eu")
                           ("nani.lepiller.eu")))
        (simple-service 'nani-http-server nginx-service-type
          (list (nginx-server-configuration
                  (ssl-certificate
                    "/etc/letsencrypt/live/nani.lepiller.eu/fullchain.pem")
                  (ssl-certificate-key
                    "/etc/letsencrypt/live/nani.lepiller.eu/privkey.pem")
                  (listen '("443 ssl http2" "[::]:443 ssl http2"))
                  (server-name '("nani.lepiller.eu"))
                  (root "/srv/http/nani/public"))))
        (simple-service 'default-http-server nginx-service-type
          (list (nginx-server-configuration
                  (ssl-certificate
                    "/etc/letsencrypt/live/xana.lepiller.eu/fullchain.pem")
                  (ssl-certificate-key
                    "/etc/letsencrypt/live/xana.lepiller.eu/privkey.pem")
                  (listen '("443 ssl http2" "[::]:443 ssl http2"))
                  (server-name '(default "xana.lepiller.eu"))
                  (root "/srv/http/default")))))
      (modify-services (server-services "xana")
        (guix-service-type config =>
          (guix-configuration
            (inherit config)
            (substitute-urls '("https://guix.lepiller.eu" "https://ci.guix.gnu.org"))))))))


1	;;; Tyreunom's system administration and configuration tools.
2	;;;
3	;;; Copyright © 2020 Julien Lepiller <julien@lepiller.eu>
4	;;;
5	;;; This program is free software: you can redistribute it and/or modify
6	;;; it under the terms of the GNU General Public License as published by
7	;;; the Free Software Foundation, either version 3 of the License, or
8	;;; (at your option) any later version.
9	;;;
10	;;; This program is distributed in the hope that it will be useful,
11	;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
12	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13	;;; GNU General Public License for more details.
14	;;;
15	;;; You should have received a copy of the GNU General Public License
16	;;; along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18	(use-modules (gnu))
19	(use-modules (gnu system))
20	(use-modules (gnu bootloader) (gnu bootloader grub))
21	(use-modules (gnu services mcron))
22	(use-modules (gnu services networking))
23	(use-modules (gnu services web))
24	(use-modules (config certbot) (config cuirass) (config network) (config os))
25	(use-modules (gnu packages base))
26	(use-modules (guix gexp))
27
28	(define i18n-download-job
29	#~(job '(next-minute-from (next-hour '(05)) '(51))
30	(lambda ()
31	(execl #$(file-append gnu-make "/bin/make")
32	"-C" "/srv/http/i18n" "fdroid-update"))))
33
34	(define i18n-compile-job
35	#~(job '(next-minute-from (next-hour '(06)) '(21))
36	(lambda ()
37	(execl #$(file-append gnu-make "/bin/make")
38	"-C" "/srv/http/i18n"))))
39
40	(define nani-download-job
41	#~(job '(next-minute-from (next-hour-from (next-day (range 1 31 5)) '(02)) '(12))
42	(lambda ()
43	(execl #$(file-append gnu-make "/bin/make")
44	"-C" "/srv/http/nani" "download"))))
45
46	(define nani-update-job
47	#~(job '(next-minute-from (next-hour-from (next-day (range 1 31 5)) '(03)) '(12))
48	(lambda ()
49	(execl #$(file-append gnu-make "/bin/make")
50	"-C" "/srv/http/nani" "download"))))
51
52	(operating-system
53	(inherit (tyreunom-os "xana"))
54	(bootloader
55	(bootloader-configuration
56	(target "/dev/sda")
57	(bootloader grub-bootloader)))
58	(file-systems (cons (file-system
59	(mount-point "/")
60	(device (uuid "27207be8-f30a-4ac6-a5ec-41859e90ee94"))
61	(type "ext4"))
62	%base-file-systems))
63	(swap-devices '("/dev/sda1"))
64	(services
65	(append
66	(list
67	(service dhcp-client-service-type)
68	(service nginx-service-type)
69	(simple-service 'i18n-cron mcron-service-type
70	(list i18n-download-job i18n-compile-job
71	nani-download-job nani-update-job))
72	(certbot-service `(("xana.lepiller.eu")
73	("nani.lepiller.eu")))
74	(simple-service 'nani-http-server nginx-service-type
75	(list (nginx-server-configuration
76	(ssl-certificate
77	"/etc/letsencrypt/live/nani.lepiller.eu/fullchain.pem")
78	(ssl-certificate-key
79	"/etc/letsencrypt/live/nani.lepiller.eu/privkey.pem")
80	(listen '("443 ssl http2" "[::]:443 ssl http2"))
81	(server-name '("nani.lepiller.eu"))
82	(root "/srv/http/nani/public"))))
83	(simple-service 'default-http-server nginx-service-type
84	(list (nginx-server-configuration
85	(ssl-certificate
86	"/etc/letsencrypt/live/xana.lepiller.eu/fullchain.pem")
87	(ssl-certificate-key
88	"/etc/letsencrypt/live/xana.lepiller.eu/privkey.pem")
89	(listen '("443 ssl http2" "[::]:443 ssl http2"))
90	(server-name '(default "xana.lepiller.eu"))
91	(root "/srv/http/default")))))
92	(modify-services (server-services "xana")
93	(guix-service-type config =>
94	(guix-configuration
95	(inherit config)
96	(substitute-urls '("https://guix.lepiller.eu" "https://ci.guix.gnu.org"))))))))
97