diff --git a/Makefile b/Makefile index 92d9d85..3041fbe 100644 --- a/Makefile +++ b/Makefile @@ -2,9 +2,17 @@ NONGUIX_DIR ?= ~/Code/nonguix GUIX_SUBSTITUTE_FLAG = --substitute-urls='https://ci.guix.gnu.org https://substitutes.nonguix.org' GUIX_LIB_FLAGS = -L ./ -L $(NONGUIX_DIR) +LIBVIRT_GROUP ?= libvirt +LIBVIRT_USER ?= $(USER) +GUIX_IMAGE_CMD ?= guix system image $(GUIX_SUBSTITUTE_FLAG) --image-type=qcow2 $(GUIX_LIB_FLAGS) + VM_RAM ?= 4000 VM_CPU ?= 4 +machines/%.qcow2: machines/%.scm + $(eval RO := $(shell $(GUIX_IMAGE_CMD) $<)) + install -C -m 666 -o $(LIBVIRT_USER) -g $(LIBVIRT_GROUP) $(RO) $@ + .PHONY: machines/% machines/%: machines/%.scm $(eval VM_SCRIPT := $(shell guix system $(GUIX_LIB_FLAGS) $(GUIX_SUBSTITUTE_FLAG) vm $<)) diff --git a/machines/kerberos.metznet.ca.scm b/machines/kerberos.metznet.ca.scm index 17de14c..683ce8d 100644 --- a/machines/kerberos.metznet.ca.scm +++ b/machines/kerberos.metznet.ca.scm @@ -325,8 +325,7 @@ cryptography.") (operating-system (inherit %metznet-base-server-system) - (host-name "kerberos-guix.metznet.ca") - (packages (append (list mit-krb5-ldap) %metznet-base-packages)) + (host-name "kerberos.guix.metznet.ca") (services (append (list (service kdc-service-type (kdc-configuration (dbdefaults '("ldap_kerberos_container_dn = cn=kerberos,dc=metznet,dc=ca")) @@ -354,5 +353,5 @@ cryptography.") (certbot-configuration (email "admin@metznet.ca") (certificates (list (certificate-configuration (domains ' - ("ldap-guix.metznet.ca")))))))) + ("kerberos.guix.metznet.ca")))))))) %metznet-server-services))) diff --git a/machines/ldap.metznet.ca.scm b/machines/ldap.metznet.ca.scm index 709d807..5ff2bfe 100644 --- a/machines/ldap.metznet.ca.scm +++ b/machines/ldap.metznet.ca.scm @@ -9,13 +9,13 @@ (operating-system (inherit %metznet-base-server-system) - (host-name "ldap-guix.metznet.ca") + (host-name "ldap.guix.metznet.ca") (services (append (list (service certbot-service-type (certbot-configuration (email "admin@metznet.ca") (certificates (list (certificate-configuration (domains ' - ("ldap-guix.metznet.ca"))))))) + ("ldap.guix.metznet.ca"))))))) (service slapd-service-type (slapd-configuration (uris "ldap:// ldapi:// ldaps:// ldapis://") diff --git a/machines/vpn.metznet.ca.scm b/machines/vpn.metznet.ca.scm new file mode 100644 index 0000000..c0c06a9 --- /dev/null +++ b/machines/vpn.metznet.ca.scm @@ -0,0 +1,21 @@ +(define-module (machines vpn.metznet.ca) + #:use-module (gnu system) + #:use-module (gnu services) + #:use-module (gnu services certbot) + #:use-module (gnu services vpn) + #:use-module (system base-system)) + +(operating-system + (inherit %metznet-base-server-system) + (host-name "vpn.guix.metznet.ca") + (services + (append (list (service openvpn-server-service-type + (openvpn-server-configuration + (server "10.0.80.0 255.255.255.0"))) + (service certbot-service-type + (certbot-configuration (email "admin@metznet.ca") + (certificates (list (certificate-configuration + (domains ' + ("vpn.guix.metznet.ca")))))))) + (modify-services %metznet-server-services (delete openvpn-client-service-type))))) +