Initial commit of ldap.metznet.ca

Makefile

@@ -1,5 +1,7 @@
 NONGUIX_DIR ?= ~/Code/nonguix
-GUIX_IMAGE_CMD ?= guix system image --substitute-urls='https://bordeaux.guix.gnu.org' --image-type=qcow2 -L ./ -L $(NONGUIX_DIR)
+GUIX_SUBSTITUTE_FLAG = --substitute-urls='https://bordeaux.guix.gnu.org https://substitutes.nonguix.org'
+GUIX_LIB_FLAGS = -L ./ -L $(NONGUIX_DIR)
+GUIX_IMAGE_CMD ?= guix system image $(GUIX_SUBSTITUTE_FLAG) --image-type=qcow2 $(GUIX_LIB_FLAGS)
 LIBVIRT_GROUP ?= libvirt
 
 machines/%.qcow2: machines/%.scm
@@ -11,5 +13,5 @@ VM_CPU ?= 4
 
 .PHONY: machines/%
 machines/%: machines/%.qcow2
-	$(eval OVMF := $(shell guix build --substitute-urls='https://bordeaux.guix.gnu.org' ovmf))
+	$(eval OVMF := $(shell guix build $(GUIX_SUBSTITUTE_FLAG) ovmf))
 	qemu-system-x86_64 -nic bridge,br=virbr0 -enable-kvm -hda $< -m $(VM_RAM) -smp $(VM_CPU) -bios $(OVMF)/share/firmware/ovmf_x64.bin

machines/ldap.metznet.ca.scm

@@ -0,0 +1,41 @@
+(define-module (machines base-desktop)
+  #:use-module (system base-system)
+  #:use-module (guix gexp)
+  #:use-module (gnu)
+  #:use-module (gnu services configuration)
+  #:use-module (gnu packages openldap)
+  #:use-module (gnu packages admin))
+
+(define-configuration/no-serialization slapd-configuration
+                                       (openldap (file-like openldap)
+                                                 "openldap package to use")
+                                       (slapd-uris (list-of-strings (list
+                                                                     "ldap://"
+                                                                     "ldapi://"))
+                                        "slapd uris to accept connections to"))
+
+(define (slapd-accounts config)
+  (list (user-group
+          (name "slapd")
+          (system? #t))
+        (user-account
+          (name "slapd")
+          (group "slapd")
+          (system? #t)
+          (comment "openldap service account")
+          (home-directory "/var/lib/slapd")
+          (shell #~(string-append #$shadow "/sbin/nologin")))))
+
+(define slapd-service-type
+  (service-type (name 'slapd)
+                (description "openldap slapd service")
+                (extensions (list (service-extension account-service-type
+                                                     slapd-accounts)))
+                (default-value (slapd-configuration))))
+
+(operating-system
+  (inherit %metznet-base-server-system)
+  (host-name "ldap.metznet.ca")
+  (packages %metznet-server-packages)
+  (services
+   (append (list (service slapd-service-type)) %metznet-server-services)))

machines/otto.scm

@@ -1,86 +0,0 @@
-(define-module (machines otto)
-  #:use-module (gnu)
-  #:use-module (system base-system)
-  #:use-module (gnu packages )
-  #:use-module (nongnu packages nvidia)
-  #:use-module (gnu packages networking)
-  #:use-module (gnu packages shells)
-  #:use-module (gnu packages pulseaudio)
-  #:use-module (gnu packages virtualization)
-  #:use-module (gnu packages spice)
-  #:use-module (gnu packages vulkan)
-  #:use-module (gnu packages pdf)
-  #:use-module (gnu packages commencement)
-  #:use-module (gnu packages base)
-  #:use-module (gnu packages embedded)
-  #:use-module (gnu packages linux)
-  #:use-module (gnu packages docker)
-  #:use-module (gnu services docker)
-  #:use-module (gnu packages audio)
-  #:use-module (gnu services cups)
-  #:use-module (gnu services virtualization)
-  #:use-module (gnu services networking)
-  #:use-module (gnu services xorg)
-  #:use-module (gnu services desktop)
-  #:use-module (gnu services dbus)
-  #:use-module (gnu services linux)
-  #:use-module (gnu packages cups)
-  #:use-module (gnu packages python)
-  #:use-module (gnu packages xorg)
-  #:use-module (gnu packages scanner)
-  #:use-module (gnu packages dns)
-  #:use-module (gnu services shepherd)
-  #:use-module (gnu services base)
-  #:export (otto-operating-system))
-
-(define otto-operating-system
-  (operating-system
-    (inherit %metznet-base-desktop-system)
-    (host-name "otto")
-    (kernel-arguments '("modprobe.blacklist=nouveau"))
-    (packages (append (list blueman bluez bluez-alsa pulseaudio docker python openvswitch
-                            qemu pavucontrol mupdf gcc-toolchain gnu-make
-                            gcc-arm-none-eabi-7-2018-q2-update sane-backends-minimal xsane
-                            cups xf86-video-nv xf86-input-libinput vulkan-loader vulkan-tools
-                            (list isc-bind "utils")) %metznet-desktop-packages))
-    (services (append (list
-                        (simple-service 'blueman dbus-root-service-type (list blueman))
-                        (bluetooth-service #:auto-enable? #t)
-                        (service docker-service-type)
-                        (service openvswitch-service-type)
-                        (set-xorg-configuration
-                          (xorg-configuration
-                            (keyboard-layout %default-keyboard-layout)))
-                        (service sane-service-type)
-                        (service cups-service-type
-                                 (cups-configuration
-                                   (web-interface? #t))))
-                      (modify-services %metznet-desktop-services
-                        (udev-service-type config =>
-                                           (udev-configuration (inherit config)
-                                                               (rules (append (list
-                                                                                %usb-udev-rule)
-                                                                        (udev-configuration-rules config))))))))
-    (users (cons* (user-account
-                    (name "noah")
-                    (comment "Noah Metz")
-                    (group "users")
-                    (home-directory "/home/noah")
-                    (shell (file-append zsh "/bin/zsh"))
-                    (supplementary-groups
-                      `("wheel" "netdev" "audio" "video" "usb" "kvm" "lp" "docker")))
-                  %metznet-base-user-accounts))
-    (file-systems
-      (cons* (file-system
-               (mount-point "/boot/efi")
-               (device (uuid "6E88-FE62" 'fat32))
-               (type "vfat"))
-             (file-system
-               (mount-point "/")
-               (device
-                 (uuid "ba93a043-9e58-466f-b90f-bf2a6bbf91fe"
-                       'ext4))
-               (type "ext4"))
-             %base-file-systems))))
-
-otto-operating-system

system/base-system.scm

@@ -183,9 +183,9 @@
                                       "ldap_tls_reqcert = never"
                                       "ldap_tls_cacertdir = /etc/ssl/certs"
                                       "ldap_search_base = ou=users,ou=accounts,dc=metznet,dc=ca"
-                                      (string-append "ldap_default_bind_dn = " (getenv "LDAP_BINDDN"))
+                                      (string-append "ldap_default_bind_dn = " (or (getenv "LDAP_BINDDN") ""))
                                       "ldap_default_authtok_type = password"
-                                      (string-append "ldap_default_authtok = " (getenv "LDAP_BINDPW"))) "\n")))
+                                      (string-append "ldap_default_authtok = " (or (getenv "LDAP_BINDPW") ""))) "\n")))
 
 (define metznet-service-type
   (service-type