summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjdlugosz963 <jdlugosz963@gmail.com>2023-10-28 22:27:50 +0200
committerjdlugosz963 <jdlugosz963@gmail.com>2023-10-28 22:27:50 +0200
commit3908645b186239837f733d154448d182ba49ea7d (patch)
tree4612ae3d27453dadf5cf1767f86407ffe10c869f
parentcb6fb76e52cbca3c628efcccee493a9dcc653cd1 (diff)
downloadhipis-system-3908645b186239837f733d154448d182ba49ea7d.tar.gz
hipis-system-3908645b186239837f733d154448d182ba49ea7d.zip
Update hipis os configuration.
-rwxr-xr-xhipis/hipis.scm71
1 files changed, 44 insertions, 27 deletions
diff --git a/hipis/hipis.scm b/hipis/hipis.scm
index ba36cbf..217eadb 100755
--- a/hipis/hipis.scm
+++ b/hipis/hipis.scm
@@ -20,9 +20,6 @@
20 #~(let ((pid (call-with-input-file "/var/run/nginx/pid" read))) 20 #~(let ((pid (call-with-input-file "/var/run/nginx/pid" read)))
21 (kill pid SIGHUP)))) 21 (kill pid SIGHUP))))
22 22
23(define uuid-root "1ec6339b-4918-45d2-b77e-b32cf265265d")
24(define dev-bootloader "/dev/xvda")
25
26(define (letsencrypt-certificate domain) 23(define (letsencrypt-certificate domain)
27 (string-append "/etc/letsencrypt/live/" domain "/fullchain.pem")) 24 (string-append "/etc/letsencrypt/live/" domain "/fullchain.pem"))
28 25
@@ -47,22 +44,16 @@
47 "netdev" ;; network devices 44 "netdev" ;; network devices
48 "tty" 45 "tty"
49 "input"))) 46 "input")))
50 (user-account
51 (name "fcgiwrap")
52 (group "fcgiwrap")
53 (supplementary-groups '("git")))
54 %base-user-accounts)) 47 %base-user-accounts))
55 48
56;; (user-group (name "git")) 49 (packages (append
57 50 (specifications->packages '("emacs-no-x-toolkit"
58 (packages (append 51 "exfat-utils"
59 (specifications->packages '("emacs-no-x-toolkit" 52 "git"
60 "exfat-utils" 53 "nss-certs"
61 "git" 54 "nmap"
62 "nss-certs" 55 "curl"))
63 "nmap" 56 %base-packages))
64 "curl"))
65 %base-packages))
66 57
67 (services (cons* 58 (services (cons*
68 (service openssh-service-type 59 (service openssh-service-type
@@ -78,11 +69,11 @@
78 (addresses 69 (addresses
79 (list (network-address 70 (list (network-address
80 (device "eth0") 71 (device "eth0")
81 (value "195.74.91.18/26")))) 72 (value "193.200.51.92/27"))))
82 (routes 73 (routes
83 (list (network-route 74 (list (network-route
84 (destination "default") 75 (destination "default")
85 (gateway "195.74.91.1")))) 76 (gateway "193.200.51.89"))))
86 (name-servers '("195.74.91.4 " "193.200.50.51"))) 77 (name-servers '("195.74.91.4 " "193.200.50.51")))
87 78
88 %loopback-static-networking)) 79 %loopback-static-networking))
@@ -90,9 +81,26 @@
90 (service gitolite-service-type 81 (service gitolite-service-type
91 (gitolite-configuration 82 (gitolite-configuration
92 (admin-pubkey jdlugosz-ssh-pub) 83 (admin-pubkey jdlugosz-ssh-pub)
84 (group "fcgiwrap")
93 (rc-file 85 (rc-file
94 (gitolite-rc-file (umask #o0027))))) 86 (gitolite-rc-file (umask #o0027)
95 87 ;; Allow to set any configuration key
88 (git-config-keys ".*")
89 ;; Allow any text as a valid configuration value
90 (unsafe-pattern "^$")
91 ))))
92
93 ;;; Note to myself:
94 ;;;
95 ;;; After fresh installation, nginx wont be working,
96 ;;; because the ssl certifications aren't generated yet,
97 ;;; you have to comment out the cgit and nginx service type
98 ;;; and after system reconfigure, run this script:
99 ;;; /var/lib/certbot/renew-certicates
100 ;;; after it, new certificates should appear in:
101 ;;; /etc/letsencrypt/live/{domain} directory
102 ;;; now you can uncomment cgit and nginx service type
103 ;;; and after system reconfigure everything should be up and running.
96 (service certbot-service-type 104 (service certbot-service-type
97 (certbot-configuration 105 (certbot-configuration
98 (email "me@jdlugosz.com") 106 (email "me@jdlugosz.com")
@@ -111,7 +119,9 @@
111 (enable-log-filecount? #t) 119 (enable-log-filecount? #t)
112 (enable-log-linecount? #t) 120 (enable-log-linecount? #t)
113 (side-by-side-diffs? #t) 121 (side-by-side-diffs? #t)
114 (repository-directory "/var/lib/gitolite/repositories/public") 122 (enable-git-config? #t)
123 (section-from-path 1)
124 (repository-directory "/var/lib/gitolite/repositories/public/")
115 (source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py")) 125 (source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py"))
116 (about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh")) 126 (about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh"))
117 (max-stats "year") 127 (max-stats "year")
@@ -142,14 +152,21 @@
142 (delete static-networking-service-type)))) 152 (delete static-networking-service-type))))
143 153
144 (bootloader (bootloader-configuration 154 (bootloader (bootloader-configuration
145 (bootloader grub-bootloader) 155 (bootloader grub-bootloader)
146 (targets (list dev-bootloader)) 156 (targets (list "/dev/sda"))
147 (keyboard-layout keyboard-layout))) 157 (keyboard-layout keyboard-layout)))
148 158 (initrd-modules (append '("virtio_scsi") %base-initrd-modules))
159 (swap-devices (list (swap-space
160 (target (uuid
161 "1510f063-9936-494a-97ee-488fda7ff0fe")))))
162
163 ;; The list of file systems that get "mounted". The unique
164 ;; file system identifiers there ("UUIDs") can be obtained
165 ;; by running 'blkid' in a terminal.
149 (file-systems (cons* (file-system 166 (file-systems (cons* (file-system
150 (mount-point "/") 167 (mount-point "/")
151 (device (uuid 168 (device (uuid
152 uuid-root 169 "21ea8fcd-d031-4f00-9e57-0bd4ed5b0230"
153 'ext4)) 170 'ext4))
154 (type "ext4")) %base-file-systems)))) 171 (type "ext4")) %base-file-systems))))
155 172