diff options
author | jdlugosz963 <jdlugosz963@gmail.com> | 2023-10-28 22:27:50 +0200 |
---|---|---|
committer | jdlugosz963 <jdlugosz963@gmail.com> | 2023-10-28 22:27:50 +0200 |
commit | 3908645b186239837f733d154448d182ba49ea7d (patch) | |
tree | 4612ae3d27453dadf5cf1767f86407ffe10c869f | |
parent | cb6fb76e52cbca3c628efcccee493a9dcc653cd1 (diff) | |
download | hipis-system-3908645b186239837f733d154448d182ba49ea7d.tar.gz hipis-system-3908645b186239837f733d154448d182ba49ea7d.zip |
Update hipis os configuration.
-rwxr-xr-x | hipis/hipis.scm | 71 |
1 files changed, 44 insertions, 27 deletions
diff --git a/hipis/hipis.scm b/hipis/hipis.scm index ba36cbf..217eadb 100755 --- a/hipis/hipis.scm +++ b/hipis/hipis.scm | |||
@@ -20,9 +20,6 @@ | |||
20 | #~(let ((pid (call-with-input-file "/var/run/nginx/pid" read))) | 20 | #~(let ((pid (call-with-input-file "/var/run/nginx/pid" read))) |
21 | (kill pid SIGHUP)))) | 21 | (kill pid SIGHUP)))) |
22 | 22 | ||
23 | (define uuid-root "1ec6339b-4918-45d2-b77e-b32cf265265d") | ||
24 | (define dev-bootloader "/dev/xvda") | ||
25 | |||
26 | (define (letsencrypt-certificate domain) | 23 | (define (letsencrypt-certificate domain) |
27 | (string-append "/etc/letsencrypt/live/" domain "/fullchain.pem")) | 24 | (string-append "/etc/letsencrypt/live/" domain "/fullchain.pem")) |
28 | 25 | ||
@@ -47,22 +44,16 @@ | |||
47 | "netdev" ;; network devices | 44 | "netdev" ;; network devices |
48 | "tty" | 45 | "tty" |
49 | "input"))) | 46 | "input"))) |
50 | (user-account | ||
51 | (name "fcgiwrap") | ||
52 | (group "fcgiwrap") | ||
53 | (supplementary-groups '("git"))) | ||
54 | %base-user-accounts)) | 47 | %base-user-accounts)) |
55 | 48 | ||
56 | ;; (user-group (name "git")) | 49 | (packages (append |
57 | 50 | (specifications->packages '("emacs-no-x-toolkit" | |
58 | (packages (append | 51 | "exfat-utils" |
59 | (specifications->packages '("emacs-no-x-toolkit" | 52 | "git" |
60 | "exfat-utils" | 53 | "nss-certs" |
61 | "git" | 54 | "nmap" |
62 | "nss-certs" | 55 | "curl")) |
63 | "nmap" | 56 | %base-packages)) |
64 | "curl")) | ||
65 | %base-packages)) | ||
66 | 57 | ||
67 | (services (cons* | 58 | (services (cons* |
68 | (service openssh-service-type | 59 | (service openssh-service-type |
@@ -78,11 +69,11 @@ | |||
78 | (addresses | 69 | (addresses |
79 | (list (network-address | 70 | (list (network-address |
80 | (device "eth0") | 71 | (device "eth0") |
81 | (value "195.74.91.18/26")))) | 72 | (value "193.200.51.92/27")))) |
82 | (routes | 73 | (routes |
83 | (list (network-route | 74 | (list (network-route |
84 | (destination "default") | 75 | (destination "default") |
85 | (gateway "195.74.91.1")))) | 76 | (gateway "193.200.51.89")))) |
86 | (name-servers '("195.74.91.4 " "193.200.50.51"))) | 77 | (name-servers '("195.74.91.4 " "193.200.50.51"))) |
87 | 78 | ||
88 | %loopback-static-networking)) | 79 | %loopback-static-networking)) |
@@ -90,9 +81,26 @@ | |||
90 | (service gitolite-service-type | 81 | (service gitolite-service-type |
91 | (gitolite-configuration | 82 | (gitolite-configuration |
92 | (admin-pubkey jdlugosz-ssh-pub) | 83 | (admin-pubkey jdlugosz-ssh-pub) |
84 | (group "fcgiwrap") | ||
93 | (rc-file | 85 | (rc-file |
94 | (gitolite-rc-file (umask #o0027))))) | 86 | (gitolite-rc-file (umask #o0027) |
95 | 87 | ;; Allow to set any configuration key | |
88 | (git-config-keys ".*") | ||
89 | ;; Allow any text as a valid configuration value | ||
90 | (unsafe-pattern "^$") | ||
91 | )))) | ||
92 | |||
93 | ;;; Note to myself: | ||
94 | ;;; | ||
95 | ;;; After fresh installation, nginx wont be working, | ||
96 | ;;; because the ssl certifications aren't generated yet, | ||
97 | ;;; you have to comment out the cgit and nginx service type | ||
98 | ;;; and after system reconfigure, run this script: | ||
99 | ;;; /var/lib/certbot/renew-certicates | ||
100 | ;;; after it, new certificates should appear in: | ||
101 | ;;; /etc/letsencrypt/live/{domain} directory | ||
102 | ;;; now you can uncomment cgit and nginx service type | ||
103 | ;;; and after system reconfigure everything should be up and running. | ||
96 | (service certbot-service-type | 104 | (service certbot-service-type |
97 | (certbot-configuration | 105 | (certbot-configuration |
98 | (email "me@jdlugosz.com") | 106 | (email "me@jdlugosz.com") |
@@ -111,7 +119,9 @@ | |||
111 | (enable-log-filecount? #t) | 119 | (enable-log-filecount? #t) |
112 | (enable-log-linecount? #t) | 120 | (enable-log-linecount? #t) |
113 | (side-by-side-diffs? #t) | 121 | (side-by-side-diffs? #t) |
114 | (repository-directory "/var/lib/gitolite/repositories/public") | 122 | (enable-git-config? #t) |
123 | (section-from-path 1) | ||
124 | (repository-directory "/var/lib/gitolite/repositories/public/") | ||
115 | (source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py")) | 125 | (source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py")) |
116 | (about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh")) | 126 | (about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh")) |
117 | (max-stats "year") | 127 | (max-stats "year") |
@@ -142,14 +152,21 @@ | |||
142 | (delete static-networking-service-type)))) | 152 | (delete static-networking-service-type)))) |
143 | 153 | ||
144 | (bootloader (bootloader-configuration | 154 | (bootloader (bootloader-configuration |
145 | (bootloader grub-bootloader) | 155 | (bootloader grub-bootloader) |
146 | (targets (list dev-bootloader)) | 156 | (targets (list "/dev/sda")) |
147 | (keyboard-layout keyboard-layout))) | 157 | (keyboard-layout keyboard-layout))) |
148 | 158 | (initrd-modules (append '("virtio_scsi") %base-initrd-modules)) | |
159 | (swap-devices (list (swap-space | ||
160 | (target (uuid | ||
161 | "1510f063-9936-494a-97ee-488fda7ff0fe"))))) | ||
162 | |||
163 | ;; The list of file systems that get "mounted". The unique | ||
164 | ;; file system identifiers there ("UUIDs") can be obtained | ||
165 | ;; by running 'blkid' in a terminal. | ||
149 | (file-systems (cons* (file-system | 166 | (file-systems (cons* (file-system |
150 | (mount-point "/") | 167 | (mount-point "/") |
151 | (device (uuid | 168 | (device (uuid |
152 | uuid-root | 169 | "21ea8fcd-d031-4f00-9e57-0bd4ed5b0230" |
153 | 'ext4)) | 170 | 'ext4)) |
154 | (type "ext4")) %base-file-systems)))) | 171 | (type "ext4")) %base-file-systems)))) |
155 | 172 | ||