From 92c10ab3ee47e5f352c74c030f390d4b56f5c934 Mon Sep 17 00:00:00 2001 From: Noah Metz Date: Sat, 2 Dec 2023 14:49:40 -0700 Subject: [PATCH] Add certs(nss and le) to system profile --- aws.scm | 27 ++++++++++++--------------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/aws.scm b/aws.scm index 6ef1365..bc45fd3 100644 --- a/aws.scm +++ b/aws.scm @@ -5,6 +5,7 @@ (guix gexp) (guix modules) (gnu services shepherd) + (gnu packages certs) (guix packages) (guix build-system trivial) (gnu system shadow) @@ -45,35 +46,26 @@ #~(begin (use-modules (ice-9 receive) - (guix build download) - (web uri) - (web client) - (ice-9 binary-ports)) (call-with-output-file "/etc/ssh/authorized_keys.d/aws" (lambda (port) - (begin - (format (current-error-port) "opened-file\n") - (put-bytevector port - (receive (header body) (let ((uri "http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key")) - (http-get uri #:port (open-connection-for-uri @@ -94,13 +86,16 @@ (respawn? #t) (start #~(make-forkexec-constructor (list #$aws-pubkey-prog)))))) -(define aws-pubkey-service-type - (service-type (name 'aws-pubkey) +(define aws-service-type + (service-type (name 'aws) (description "AWS public key service") - (extensions (list (service-extension + (extensions (list (service-extension profile-service-type + (lambda (val) + val)) + (service-extension shepherd-root-service-type aws-pubkey-service))) - (default-value '()))) + (default-value (list le-certs nss-certs)))) (operating-system (host-name "guix-ami") @@ -133,7 +128,9 @@ (services (cons* (service dhcp-client-service-type) - (service aws-pubkey-service-type) + (service aws-service-type) (service openssh-service-type - (openssh-configuration (port-number 22) (password-authentication? #f))) %base-services))) + (openssh-configuration (port-number 22) + (password-authentication? #f))) + %base-services)))