MetzNet
/
metznet-channel
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed vm target(it didn't like me writing to etc/guix/channels.scm

master
noah metz 2023-12-02 11:12:38 -07:00
parent 71ce440ed2
commit 87f792ef85
1 changed files with 72 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

117
system/base-system.scm
Unescape Escape View File

@ -53,6 +53,9 @@
#:export (%metznet-desktop-services)
#:export (%metznet-server-services)
#:export (metznet-service-type)
#:export (metznet-system-configuration)
#:export (%metznet-base-server-system)
#:export (%metznet-base-desktop-system))
@ -157,28 +160,51 @@
(define alist-of-file-like?
(list-of file-like-pair?))
(define-maybe file-like)
(define-configuration/no-serialization metznet-system-configuration
(certs (file-like le-certs)
"certificate package")
(vpn-ta-key (file-like (computed-file "ta.key" (with-imported-modules '((guix build utils)) #~(begin
(use-modules (guix build utils))
(invoke #$(file-append openvpn "/sbin/openvpn") "--genkey" "secret" #$output)))))
(vpn-ta-key (file-like (computed-file
"ta.key"
(with-imported-modules '
((guix build
utils))
#~(begin
(use-modules
(guix
build
utils))
(invoke #$
(file-append
openvpn
"/sbin/openvpn")
"--genkey"
"secret"
#$output)))))
"ta.key for openvpn")
(vpn-ca (file-like (local-file (or (getenv "VPN_CA") "pki/ca.crt"))) "ca.crt for openvpn")
(vpn-cert (file-like (local-file (or (getenv "VPN_CERT") "pki/vpn.crt"))) "certificate for openvpn")
(vpn-key (file-like (local-file (or (getenv "VPN_KEY") "pki/vpn.key"))) "key for openvpn")
(vpn-ca (file-like (local-file (or (getenv
"VPN_CA")
"pki/ca.crt")))
"ca.crt for openvpn")
(vpn-cert (file-like (local-file (or (getenv
"VPN_CERT")
"pki/vpn.crt")))
"certificate for openvpn")
(vpn-key (file-like (local-file (or (getenv
"VPN_KEY")
"pki/vpn.key")))
"key for openvpn")
(user-shells (alist-of-file-like (list (cons
"/bin/zsh"
zsh)))
"user shells to link")
(channels-file (file-like (scheme-file
(channels-file (maybe-file-like (scheme-file
"channels.scm"
#~(cons
(channel
(name 'metznet-channel)
(url
"https://git.metznet.ca/MetzNet/metznet-channel.git"))
#~(cons (channel
(name 'metznet-channel)
(url
"https://git.metznet.ca/MetzNet/metznet-channel.git"))
%default-channels)))
"channels.scm")
(pam-services (list-of-strings (list
@ -223,13 +249,17 @@
(list #$@(shell-packages configuration))))
(define (metznet-etc-service configuration)
`(("guix/channels.scm" ,(metznet-system-configuration-channels-file configuration))
("openvpn/ta.key" ,(metznet-system-configuration-vpn-ta-key configuration))
("openvpn/ca.crt" ,(metznet-system-configuration-vpn-ca configuration))
("openvpn/client.key" ,(metznet-system-configuration-vpn-cert configuration))
("openvpn/client.crt" ,(metznet-system-configuration-vpn-key configuration))))
(define metznet-service-type
`(,@(if (maybe-value-set? (metznet-system-configuration-channels-file configuration))
`("guix/channels.scm" ,(metznet-system-configuration-channels-file
configuration))
'())
("openvpn/ta.key" ,(metznet-system-configuration-vpn-ta-key configuration))
("openvpn/ca.crt" ,(metznet-system-configuration-vpn-ca configuration))
("openvpn/client.key" ,(metznet-system-configuration-vpn-cert
configuration))
("openvpn/client.crt" ,(metznet-system-configuration-vpn-key configuration))))
(define-public metznet-service-type
(service-type (name 'metznet-service)
(description "MetzNet Services")
(extensions (list (service-extension activation-service-type
@ -290,26 +320,31 @@
(list
network-manager-openvpn)))))))
(define %metznet-server-services
(define %base-services-nscd
(modify-services %base-services
(nscd-service-type config => %metznet-nscd-configuration)))
(define %server-services
(append %metznet-services
(list (service dbus-root-service-type)
(service dhcp-client-service-type)
(service openvpn-client-service-type (openvpn-client-configuration
(openvpn openvpn)
(pid-file
"/var/run/openvpn/client.pid")
(persist-key? #f)
(remote (list (openvpn-remote-configuration
(name
"vpn.metznet.ca"))))
(tls-auth
"/etc/openvpn/ta.key"))))
(modify-services %base-services
(nscd-service-type config => %metznet-nscd-configuration))))
(define %metznet-base-operating-system
(service openvpn-client-service-type
(openvpn-client-configuration (openvpn openvpn)
(pid-file
"/var/run/openvpn/client.pid")
(persist-key? #f)
(remote (list (openvpn-remote-configuration
(name
"vpn.metznet.ca"))))
(tls-auth
"/etc/openvpn/ta.key"))))))
(define %metznet-server-services
(append %server-services %base-services-nscd))
(define %metznet-base-server-system
(operating-system
(host-name "base")
(host-name "metznet-base-server")
(timezone "America/Edmonton")
(locale "en_CA.utf8")
(keyboard-layout %default-keyboard-layout)
@ -332,20 +367,12 @@
(users %metznet-base-user-accounts)
(groups %metznet-base-groups)
(packages %metznet-base-packages)
(services
(append %metznet-services %base-services))))
(define %metznet-base-server-system
(operating-system
(inherit %metznet-base-operating-system)
(host-name "metznet-base-server")
(packages %metznet-base-packages)
(services
%metznet-server-services)))
(define %metznet-base-desktop-system
(operating-system
(inherit %metznet-base-operating-system)
(inherit %metznet-base-server-system)
(host-name "metznet-base-desktop")
(setuid-programs %desktop-setuid-programs)
(packages %metznet-desktop-packages)