Use environment for paths

master
noah metz 2023-12-01 01:27:39 -07:00
parent 87ff202162
commit ba5b026ff1
4 changed files with 59 additions and 20 deletions

@ -1,7 +1,5 @@
NONGUIX_DIR ?= ~/Code/nonguix
GUIX_SUBSTITUTE_FLAG = --substitute-urls='https://ci.guix.gnu.org https://substitutes.nonguix.org'
GUIX_LIB_FLAGS = -L ./ -L $(NONGUIX_DIR)
GUIX_LIB_FLAGS ?= -L ./
LIBVIRT_GROUP ?= libvirt
LIBVIRT_USER ?= $(USER)
GUIX_IMAGE_CMD ?= guix system image $(GUIX_SUBSTITUTE_FLAG) --image-type=qcow2 $(GUIX_LIB_FLAGS)
@ -13,7 +11,11 @@ VM_CPU ?= 4
$(eval RO := $(shell $(GUIX_IMAGE_CMD) $<))
install -C -m 666 -o $(LIBVIRT_USER) -g $(LIBVIRT_GROUP) $(RO) $@
%: %.qcow2
$(eval OVMF := $(shell guix build $(GUIX_SUBSTITUTE_FLAG) ovmf))
qemu-system-x86_64 -nic user,model=virtio-net-pci -enable-kvm -hda $< -m $(VM_RAM) -smp $(VM_CPU) -bios $(OVMF)/share/firmware/ovmf_x64.bin
.PHONY: %
%: %.scm
%-ro: %.scm
$(eval VM_SCRIPT := $(shell guix system $(GUIX_LIB_FLAGS) $(GUIX_SUBSTITUTE_FLAG) vm $<))
$(VM_SCRIPT) -m $(VM_RAM) -smp $(VM_CPU) -nic user,model=virtio-net-pci

@ -22,8 +22,14 @@
(service slapd-service-type
(slapd-configuration (uris
"ldap:// ldapi:// ldaps:// ldapis://")
(backups (list (local-file
"0.ldif")
(local-file
"1.ldif"))))))
(backups (let ((slapd-seeds (getenv
"SLAPD_SEEDS")))
(if slapd-seeds
(map (lambda (ldif)
(local-file
ldif))
(string-split
slapd-seeds
#\:))
'()))))))
%metznet-server-services))))

@ -20,8 +20,10 @@
"10.0.80.0 255.255.255.0")))
(simple-service 'vpn-server-etc etc-service-type
`(("openvpn/dh2048.pem" ,(local-file
"dh2048.pem"))))
(let ((pki-dir (getenv "VPN_PKI_DIR")))
(if pki-dir
`(("openvpn/dh2048.pem" ,(local-file (string-append pki-dir "/dh2048.pem"))))
`())))
(service certbot-service-type
(certbot-configuration (email "admin@metznet.ca")
(certificates (list (certificate-configuration

@ -149,9 +149,23 @@
(define list-of-strings?
(list-of string?))
(define-maybe/no-serialization string)
(define (file-like-pair? val)
(let ((name (car val))
(file (cdr val)))
(and (string? name) (file-like? file))))
(define alist-of-file-like? (list-of file-like-pair?))
(define-configuration/no-serialization metznet-system-configuration
(certs (file-like le-certs)
"certificate package")
(vpn-pki-dir (maybe-string (let ((pki-dir (getenv "VPN_PKI_DIR")))
(or pki-dir
%unset-value)))
"openvpn pki directory")
(user-shells (alist-of-file-like (list (cons "/bin/zsh" zsh))) "user shells to link")
(channels-file (file-like (scheme-file
"channels.scm"
#~(append (list
@ -186,19 +200,34 @@
(define (pam-mkhomedir-services configuration)
(list (pam-mkhomedir-service configuration)))
(define (shell-paths configuration)
(map car (metznet-system-configuration-user-shells configuration)))
(define (shell-packages configuration)
(map cdr (metznet-system-configuration-user-shells configuration)))
(define (metznet-activation configuration)
#~(if (access? "/bin/zsh" F_OK)
(display "zsh already linked")
#~(for-each
(lambda
(path package)
(begin
(display "linking zsh")
(symlink (string-append #$zsh "/bin/zsh") "/bin/zsh"))))
(display path)
(display "\n")
(display package)
(display "\n")
(unless (access? path F_OK) (symlink (string-append package path) path))))
(list #$@(shell-paths configuration)) (list #$@(shell-packages configuration))))
(define (metznet-etc-service configuration)
`(("guix/channels.scm" ,(metznet-system-configuration-channels-file configuration))
("openvpn/ta.key" ,(local-file "ta.key"))
("openvpn/ca.crt" ,(local-file "ca.crt"))
("openvpn/client.crt" ,(local-file "client.crt"))
("openvpn/client.key" ,(local-file "client.key"))))
(let ((channels-file (metznet-system-configuration-channels-file configuration))
(pki-dir (metznet-system-configuration-vpn-pki-dir configuration)))
(if (maybe-value-set? pki-dir)
`(("guix/channels.scm" ,channels-file)
("openvpn/ta.key" ,(local-file (string-append pki-dir "/ta.key")))
("openvpn/ca.crt" ,(local-file (string-append pki-dir "/ca.crt")))
("openvpn/client.key" ,(local-file (string-append pki-dir "/client.key")))
("openvpn/client.crt" ,(local-file (string-append pki-dir "/client.crt"))))
`(("guix/channels.scm" ,channels-file)))))
(define metznet-service-type
(service-type (name 'metznet-service)