metznet-channel/metznet/machines/vpn.scm

(define-module (metznet machines vpn)
  #:use-module (guix gexp)
  #:use-module (guix modules)
  #:use-module (gnu packages tls)
  #:use-module (gnu system)
  #:use-module (gnu services)
  #:use-module (gnu services certbot)
  #:use-module (gnu services vpn)
  #:use-module (metznet system base-system)

  #:export (vpn.metznet.ca vpn-services metznet-vpn-service-type))

(define-public vpn-services
  (append (list (service openvpn-server-service-type
                         (openvpn-server-configuration (ca
                                                        "/var/lib/openvpn/ca.crt")
                                                       (cert
                                                        "/var/lib/openvpn/client.crt")
                                                       (key
                                                        "/var/lib/openvpn/client.key")
                                                       (tls-auth
                                                        "/var/lib/openvpn/ta.key")
                                                       (dh
                                                        "/var/lib/openvpn/dh2048.pem")
                                                       (ifconfig-pool-persist
                                                        "/var/lib/openvpn/ipp.txt")
                                                       (server
                                                        "10.0.80.0 255.255.255.0")))
                (service certbot-service-type
                         (certbot-configuration (email "admin@metznet.ca")
                                                (certificates (list (certificate-configuration
                                                                     (domains '
                                                                              ("vpn.metznet.ca"))))))))
          (modify-services %metznet-server-services
            (delete openvpn-client-service-type))))

(define-public vpn.metznet.ca
  (operating-system
    (inherit %metznet-base-server-system)
    (host-name "vpn.metznet.ca")
    (services
     vpn-services)))
Moved machines/system under metznet, and removed nonguix dependency 2023-12-02 17:19:54 -07:00			`(define-module (metznet machines vpn)`
Moved all machines to defines, and styles 2023-11-30 18:26:00 -07:00			`#:use-module (guix gexp)`
moved all files in config to file-likes 2023-12-02 02:49:54 -07:00			`#:use-module (guix modules)`
			`#:use-module (gnu packages tls)`
Moved all machines to defines, and styles 2023-11-30 18:26:00 -07:00			`#:use-module (gnu system)`
			`#:use-module (gnu services)`
			`#:use-module (gnu services certbot)`
			`#:use-module (gnu services vpn)`
Moved machines/system under metznet, and removed nonguix dependency 2023-12-02 17:19:54 -07:00			`#:use-module (metznet system base-system)`
Moved vpn around 2023-11-30 18:09:21 -07:00
export metznet-vpn-service-type 2023-12-02 17:32:38 -07:00			`#:export (vpn.metznet.ca vpn-services metznet-vpn-service-type))`
Moved vpn services to vpn-services variable so they can be modified 2023-12-01 18:02:10 -07:00
			`(define-public vpn-services`
			`(append (list (service openvpn-server-service-type`
Removed copy of openvpn files to store, now expected to be at '/var/lib/openvpn' 2023-12-02 21:02:28 -07:00			`(openvpn-server-configuration (ca`
			`"/var/lib/openvpn/ca.crt")`
			`(cert`
			`"/var/lib/openvpn/client.crt")`
			`(key`
			`"/var/lib/openvpn/client.key")`
			`(tls-auth`
			`"/var/lib/openvpn/ta.key")`
			`(dh`
			`"/var/lib/openvpn/dh2048.pem")`
			`(ifconfig-pool-persist`
			`"/var/lib/openvpn/ipp.txt")`
Moved vpn services to vpn-services variable so they can be modified 2023-12-01 18:02:10 -07:00			`(server`
			`"10.0.80.0 255.255.255.0")))`
			`(service certbot-service-type`
			`(certbot-configuration (email "admin@metznet.ca")`
			`(certificates (list (certificate-configuration`
			`(domains '`
			`("vpn.metznet.ca"))))))))`
			`(modify-services %metznet-server-services`
			`(delete openvpn-client-service-type))))`
Moved vpn around 2023-11-30 18:09:21 -07:00
			`(define-public vpn.metznet.ca`
Moved all machines to defines, and styles 2023-11-30 18:26:00 -07:00			`(operating-system`
			`(inherit %metznet-base-server-system)`
			`(host-name "vpn.metznet.ca")`
			`(services`
Moved vpn services to vpn-services variable so they can be modified 2023-12-01 18:02:10 -07:00			`vpn-services)))`
Moved vpn around 2023-11-30 18:09:21 -07:00