(use-modules (gnu)
             (metznet aws)
             (metznet packages slapd)
             (metznet services slapd)
             (gnu services)
             (gnu services certbot)
             (metznet system base-system)
             (gnu packages vim)
             (gnu packages version-control)
             (gnu packages shells))

(operating-system
  (inherit %metznet-base-server-system)
  (host-name "ldap.metznet.ca")
  (bootloader (bootloader-configuration
                (bootloader grub-minimal-bootloader)
                (targets '("/dev/nvme0n1"))))
  (swap-devices (list (swap-space
                        (target (file-system-label "ldap-guix-swap")))))
  (file-systems (cons (file-system
                        (device (file-system-label "ldap-guix-data"))
                        (mount-point "/")
                        (type "ext4")) %base-file-systems))
  (sudoers-file (plain-file "sudoers"
                            (string-join (list
                                          "root ALL=(ALL:ALL) NOPASSWD:ALL"
                                          "%aws ALL=(ALL:ALL) ALL"
                                          "%aws ALL=(root) NOPASSWD:/run/setuid-programs/passwd"
                                          "") "\n")))

  (packages (cons* git neovim %metznet-base-packages))

  (services
   (append (list (service aws-service-type)
                 (service certbot-service-type
                          (certbot-configuration (email "admin@metznet.ca")
                                                 (certificates (list (certificate-configuration
                                                                      (domains '
                                                                       ("ldap.metznet.ca")))))))
                 (service slapd-service-type
                          (slapd-configuration (uris "ldap:// ldaps://"))))
           %metznet-server-services)))