Fixed vm target(it didn't like me writing to etc/guix/channels.scm

master
noah metz 2023-12-02 11:12:38 -07:00
parent 71ce440ed2
commit 87f792ef85
1 changed files with 72 additions and 45 deletions

@ -53,6 +53,9 @@
#:export (%metznet-desktop-services) #:export (%metznet-desktop-services)
#:export (%metznet-server-services) #:export (%metznet-server-services)
#:export (metznet-service-type)
#:export (metznet-system-configuration)
#:export (%metznet-base-server-system) #:export (%metznet-base-server-system)
#:export (%metznet-base-desktop-system)) #:export (%metznet-base-desktop-system))
@ -157,28 +160,51 @@
(define alist-of-file-like? (define alist-of-file-like?
(list-of file-like-pair?)) (list-of file-like-pair?))
(define-maybe file-like)
(define-configuration/no-serialization metznet-system-configuration (define-configuration/no-serialization metznet-system-configuration
(certs (file-like le-certs) (certs (file-like le-certs)
"certificate package") "certificate package")
(vpn-ta-key (file-like (computed-file "ta.key" (with-imported-modules '((guix build utils)) #~(begin (vpn-ta-key (file-like (computed-file
(use-modules (guix build utils)) "ta.key"
(invoke #$(file-append openvpn "/sbin/openvpn") "--genkey" "secret" #$output))))) (with-imported-modules '
((guix build
utils))
#~(begin
(use-modules
(guix
build
utils))
(invoke #$
(file-append
openvpn
"/sbin/openvpn")
"--genkey"
"secret"
#$output)))))
"ta.key for openvpn") "ta.key for openvpn")
(vpn-ca (file-like (local-file (or (getenv "VPN_CA") "pki/ca.crt"))) "ca.crt for openvpn") (vpn-ca (file-like (local-file (or (getenv
(vpn-cert (file-like (local-file (or (getenv "VPN_CERT") "pki/vpn.crt"))) "certificate for openvpn") "VPN_CA")
(vpn-key (file-like (local-file (or (getenv "VPN_KEY") "pki/vpn.key"))) "key for openvpn") "pki/ca.crt")))
"ca.crt for openvpn")
(vpn-cert (file-like (local-file (or (getenv
"VPN_CERT")
"pki/vpn.crt")))
"certificate for openvpn")
(vpn-key (file-like (local-file (or (getenv
"VPN_KEY")
"pki/vpn.key")))
"key for openvpn")
(user-shells (alist-of-file-like (list (cons (user-shells (alist-of-file-like (list (cons
"/bin/zsh" "/bin/zsh"
zsh))) zsh)))
"user shells to link") "user shells to link")
(channels-file (file-like (scheme-file (channels-file (maybe-file-like (scheme-file
"channels.scm" "channels.scm"
#~(cons #~(cons (channel
(channel (name 'metznet-channel)
(name 'metznet-channel) (url
"https://git.metznet.ca/MetzNet/metznet-channel.git"))
(url
"https://git.metznet.ca/MetzNet/metznet-channel.git"))
%default-channels))) %default-channels)))
"channels.scm") "channels.scm")
(pam-services (list-of-strings (list (pam-services (list-of-strings (list
@ -223,13 +249,17 @@
(list #$@(shell-packages configuration)))) (list #$@(shell-packages configuration))))
(define (metznet-etc-service configuration) (define (metznet-etc-service configuration)
`(("guix/channels.scm" ,(metznet-system-configuration-channels-file configuration)) `(,@(if (maybe-value-set? (metznet-system-configuration-channels-file configuration))
("openvpn/ta.key" ,(metznet-system-configuration-vpn-ta-key configuration)) `("guix/channels.scm" ,(metznet-system-configuration-channels-file
("openvpn/ca.crt" ,(metznet-system-configuration-vpn-ca configuration)) configuration))
("openvpn/client.key" ,(metznet-system-configuration-vpn-cert configuration)) '())
("openvpn/client.crt" ,(metznet-system-configuration-vpn-key configuration)))) ("openvpn/ta.key" ,(metznet-system-configuration-vpn-ta-key configuration))
("openvpn/ca.crt" ,(metznet-system-configuration-vpn-ca configuration))
(define metznet-service-type ("openvpn/client.key" ,(metznet-system-configuration-vpn-cert
configuration))
("openvpn/client.crt" ,(metznet-system-configuration-vpn-key configuration))))
(define-public metznet-service-type
(service-type (name 'metznet-service) (service-type (name 'metznet-service)
(description "MetzNet Services") (description "MetzNet Services")
(extensions (list (service-extension activation-service-type (extensions (list (service-extension activation-service-type
@ -290,26 +320,31 @@
(list (list
network-manager-openvpn))))))) network-manager-openvpn)))))))
(define %metznet-server-services (define %base-services-nscd
(modify-services %base-services
(nscd-service-type config => %metznet-nscd-configuration)))
(define %server-services
(append %metznet-services (append %metznet-services
(list (service dbus-root-service-type) (list (service dbus-root-service-type)
(service dhcp-client-service-type) (service dhcp-client-service-type)
(service openvpn-client-service-type (openvpn-client-configuration (service openvpn-client-service-type
(openvpn openvpn) (openvpn-client-configuration (openvpn openvpn)
(pid-file (pid-file
"/var/run/openvpn/client.pid") "/var/run/openvpn/client.pid")
(persist-key? #f) (persist-key? #f)
(remote (list (openvpn-remote-configuration (remote (list (openvpn-remote-configuration
(name (name
"vpn.metznet.ca")))) "vpn.metznet.ca"))))
(tls-auth (tls-auth
"/etc/openvpn/ta.key")))) "/etc/openvpn/ta.key"))))))
(modify-services %base-services
(nscd-service-type config => %metznet-nscd-configuration)))) (define %metznet-server-services
(append %server-services %base-services-nscd))
(define %metznet-base-operating-system
(define %metznet-base-server-system
(operating-system (operating-system
(host-name "base") (host-name "metznet-base-server")
(timezone "America/Edmonton") (timezone "America/Edmonton")
(locale "en_CA.utf8") (locale "en_CA.utf8")
(keyboard-layout %default-keyboard-layout) (keyboard-layout %default-keyboard-layout)
@ -332,20 +367,12 @@
(users %metznet-base-user-accounts) (users %metznet-base-user-accounts)
(groups %metznet-base-groups) (groups %metznet-base-groups)
(packages %metznet-base-packages) (packages %metznet-base-packages)
(services
(append %metznet-services %base-services))))
(define %metznet-base-server-system
(operating-system
(inherit %metznet-base-operating-system)
(host-name "metznet-base-server")
(packages %metznet-base-packages)
(services (services
%metznet-server-services))) %metznet-server-services)))
(define %metznet-base-desktop-system (define %metznet-base-desktop-system
(operating-system (operating-system
(inherit %metznet-base-operating-system) (inherit %metznet-base-server-system)
(host-name "metznet-base-desktop") (host-name "metznet-base-desktop")
(setuid-programs %desktop-setuid-programs) (setuid-programs %desktop-setuid-programs)
(packages %metznet-desktop-packages) (packages %metznet-desktop-packages)