system-configuration

system-configuration/systems/amadeus.scm

amadeus.scm

;;; Tyreunom's system administration and configuration tools.
;;;
;;; Copyright © 2020 Julien Lepiller <julien@lepiller.eu>
;;;
;;; This program is free software: you can redistribute it and/or modify
;;; it under the terms of the GNU General Public License as published by
;;; the Free Software Foundation, either version 3 of the License, or
;;; (at your option) any later version.
;;;
;;; This program is distributed in the hope that it will be useful,
;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with this program.  If not, see <http://www.gnu.org/licenses/>.

(use-modules (gnu))
(use-modules (gnu system))
(use-modules (gnu bootloader) (gnu bootloader grub))
(use-modules (gnu services networking))
(use-modules (gnu services web))
(use-modules (config certbot) (config cuirass) (config network) (config os))

(operating-system
  (inherit (tyreunom-os "amadeus"))
  (bootloader
    (bootloader-configuration
      (target "/dev/sda")
      (bootloader grub-bootloader)))
  (file-systems (cons (file-system
                        (mount-point "/")
                        (device (uuid "03dd5046-be04-4853-ae65-47f79584133f"))
                        (type "ext4"))
                      %base-file-systems))
  (swap-devices '("/dev/sda1"))
  (services
    (append
      (list
        (service dhcp-client-service-type)
        (service nginx-service-type
	  (nginx-configuration
	    (extra-content
	      (string-join %cuirass-extra-content "\n"))))
        (certbot-service `(("amadeus.lepiller.eu")
                           ("guix.lepiller.eu")))
        (simple-service 'default-http-server nginx-service-type
          (list (nginx-server-configuration
                  (ssl-certificate
                    "/etc/letsencrypt/live/amadeus.lepiller.eu/fullchain.pem")
                  (ssl-certificate-key
                    "/etc/letsencrypt/live/amadeus.lepiller.eu/privkey.pem")
                  (listen '("443 ssl http2" "[::]:443 ssl http2"))
                  (server-name '(default "amadeus.lepiller.eu"))
                  (root "/srv/http/default")))))
      (cuirass-services
        "guix.lepiller.eu"
        "/etc/letsencrypt/live/guix.lepiller.eu/fullchain.pem"
        "/etc/letsencrypt/live/guix.lepiller.eu/privkey.pem")
      (modify-services (server-services "amadeus")
        (guix-service-type config =>
          (guix-configuration
            (inherit config)
            (substitute-urls '())
	    (extra-options '("-M2" "--no-substitutes"))))))))


1	;;; Tyreunom's system administration and configuration tools.
2	;;;
3	;;; Copyright © 2020 Julien Lepiller <julien@lepiller.eu>
4	;;;
5	;;; This program is free software: you can redistribute it and/or modify
6	;;; it under the terms of the GNU General Public License as published by
7	;;; the Free Software Foundation, either version 3 of the License, or
8	;;; (at your option) any later version.
9	;;;
10	;;; This program is distributed in the hope that it will be useful,
11	;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
12	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13	;;; GNU General Public License for more details.
14	;;;
15	;;; You should have received a copy of the GNU General Public License
16	;;; along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18	(use-modules (gnu))
19	(use-modules (gnu system))
20	(use-modules (gnu bootloader) (gnu bootloader grub))
21	(use-modules (gnu services networking))
22	(use-modules (gnu services web))
23	(use-modules (config certbot) (config cuirass) (config network) (config os))
24
25	(operating-system
26	(inherit (tyreunom-os "amadeus"))
27	(bootloader
28	(bootloader-configuration
29	(target "/dev/sda")
30	(bootloader grub-bootloader)))
31	(file-systems (cons (file-system
32	(mount-point "/")
33	(device (uuid "03dd5046-be04-4853-ae65-47f79584133f"))
34	(type "ext4"))
35	%base-file-systems))
36	(swap-devices '("/dev/sda1"))
37	(services
38	(append
39	(list
40	(service dhcp-client-service-type)
41	(service nginx-service-type
42	(nginx-configuration
43	(extra-content
44	(string-join %cuirass-extra-content "\n"))))
45	(certbot-service `(("amadeus.lepiller.eu")
46	("guix.lepiller.eu")))
47	(simple-service 'default-http-server nginx-service-type
48	(list (nginx-server-configuration
49	(ssl-certificate
50	"/etc/letsencrypt/live/amadeus.lepiller.eu/fullchain.pem")
51	(ssl-certificate-key
52	"/etc/letsencrypt/live/amadeus.lepiller.eu/privkey.pem")
53	(listen '("443 ssl http2" "[::]:443 ssl http2"))
54	(server-name '(default "amadeus.lepiller.eu"))
55	(root "/srv/http/default")))))
56	(cuirass-services
57	"guix.lepiller.eu"
58	"/etc/letsencrypt/live/guix.lepiller.eu/fullchain.pem"
59	"/etc/letsencrypt/live/guix.lepiller.eu/privkey.pem")
60	(modify-services (server-services "amadeus")
61	(guix-service-type config =>
62	(guix-configuration
63	(inherit config)
64	(substitute-urls '())
65	(extra-options '("-M2" "--no-substitutes"))))))))
66