Update hipis os configuration.

author: jdlugosz963 <jdlugosz963@gmail.com> 2023-10-28 22:27:50 +0200
committer: jdlugosz963 <jdlugosz963@gmail.com> 2023-10-28 22:27:50 +0200
commit: 3908645b186239837f733d154448d182ba49ea7d (patch)
tree: 4612ae3d27453dadf5cf1767f86407ffe10c869f
parent: cb6fb76e52cbca3c628efcccee493a9dcc653cd1 (diff)
download: hipis-system-3908645b186239837f733d154448d182ba49ea7d.tar.gz
hipis-system-3908645b186239837f733d154448d182ba49ea7d.zip
1 files changed, 44 insertions, 27 deletions
diff --git a/hipis/hipis.scm b/hipis/hipis.scm
index ba36cbf..217eadb 100755
--- a/hipis/hipis.scm
+++ b/hipis/hipis.scm
@@ -20,9 +20,6 @@
   #~(let ((pid (call-with-input-file "/var/run/nginx/pid" read)))
       (kill pid SIGHUP))))
-(define uuid-root "1ec6339b-4918-45d2-b77e-b32cf265265d")
-(define dev-bootloader "/dev/xvda")
 (define (letsencrypt-certificate domain)
  (string-append "/etc/letsencrypt/live/" domain "/fullchain.pem"))
@@ -47,22 +44,16 @@
                                     "netdev" ;; network devices
                                     "tty"
                                     "input")))
-            (user-account
-             (name "fcgiwrap")
-             (group "fcgiwrap")
-             (supplementary-groups '("git")))
            %base-user-accounts))
-;;    (user-group (name "git"))
+   (packages (append
+              (specifications->packages '("emacs-no-x-toolkit"
-    (packages (append
+                                          "exfat-utils"
-               (specifications->packages '("emacs-no-x-toolkit"
+                                          "git"
-                                           "exfat-utils"
+                                          "nss-certs"
-                                           "git"
+                                          "nmap"
-                                           "nss-certs"
+                                          "curl"))
-                                           "nmap"
+              %base-packages))
-                                           "curl"))
-               %base-packages))
    (services (cons*
               (service openssh-service-type
@@ -78,11 +69,11 @@
                               (addresses
                                (list (network-address
                                       (device "eth0")
-                                       (value "195.74.91.18/26"))))
+                                       (value "193.200.51.92/27"))))
                               (routes
                                (list (network-route
                                       (destination "default")
-                                       (gateway "195.74.91.1"))))
+                                       (gateway "193.200.51.89"))))
                               (name-servers '("195.74.91.4 " "193.200.50.51")))
                              %loopback-static-networking))
@@ -90,9 +81,26 @@
               (service gitolite-service-type
                        (gitolite-configuration
                         (admin-pubkey jdlugosz-ssh-pub)
+                         (group "fcgiwrap")
                         (rc-file
-                          (gitolite-rc-file (umask #o0027)))))
+                          (gitolite-rc-file (umask #o0027)
+                                            ;; Allow to set any configuration key
+                                            (git-config-keys ".*")
+                                            ;; Allow any text as a valid configuration value
+                                            (unsafe-pattern "^$")
+                                            ))))
+               ;;; Note to myself:
+               ;;;
+               ;;; After fresh installation, nginx wont be working,
+               ;;; because the ssl certifications aren't generated yet,
+               ;;; you have to comment out the cgit and nginx service type
+               ;;; and after system reconfigure, run this script:
+               ;;; /var/lib/certbot/renew-certicates
+               ;;; after it, new certificates should appear in:
+               ;;; /etc/letsencrypt/live/{domain} directory
+               ;;; now you can uncomment cgit and nginx service type
+               ;;; and after system reconfigure everything should be up and running.
               (service certbot-service-type
                        (certbot-configuration
                         (email "me@jdlugosz.com")
@@ -111,7 +119,9 @@
                         (enable-log-filecount? #t)
                         (enable-log-linecount? #t)
                         (side-by-side-diffs? #t)
-                         (repository-directory "/var/lib/gitolite/repositories/public")
+                         (enable-git-config? #t)
+                         (section-from-path 1)
+                         (repository-directory "/var/lib/gitolite/repositories/public/")
                         (source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py"))
                         (about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh"))
                         (max-stats "year")
@@ -142,14 +152,21 @@
                 (delete static-networking-service-type))))
    (bootloader (bootloader-configuration
-                 (bootloader grub-bootloader)
+                (bootloader grub-bootloader)
-                 (targets (list dev-bootloader))
+                (targets (list "/dev/sda"))
-                 (keyboard-layout keyboard-layout)))
+                (keyboard-layout keyboard-layout)))
+    (initrd-modules (append '("virtio_scsi") %base-initrd-modules))
+    (swap-devices (list (swap-space
+                         (target (uuid
+                                  "1510f063-9936-494a-97ee-488fda7ff0fe")))))
+    ;; The list of file systems that get "mounted".  The unique
+    ;; file system identifiers there ("UUIDs") can be obtained
+    ;; by running 'blkid' in a terminal.
    (file-systems (cons* (file-system
                           (mount-point "/")
                           (device (uuid
-                                    uuid-root
+                                    "21ea8fcd-d031-4f00-9e57-0bd4ed5b0230"
                                    'ext4))
                           (type "ext4")) %base-file-systems))))
author	jdlugosz963 <jdlugosz963@gmail.com>	2023-10-28 22:27:50 +0200
committer	jdlugosz963 <jdlugosz963@gmail.com>	2023-10-28 22:27:50 +0200
commit	3908645b186239837f733d154448d182ba49ea7d (patch)
tree	4612ae3d27453dadf5cf1767f86407ffe10c869f
parent	cb6fb76e52cbca3c628efcccee493a9dcc653cd1 (diff)
download	hipis-system-3908645b186239837f733d154448d182ba49ea7d.tar.gz hipis-system-3908645b186239837f733d154448d182ba49ea7d.zip

diff --git a/hipis/hipis.scm b/hipis/hipis.scm index ba36cbf..217eadb 100755 --- a/hipis/hipis.scm +++ b/hipis/hipis.scm
@@ -20,9 +20,6 @@
20	#~(let ((pid (call-with-input-file "/var/run/nginx/pid" read)))	20	#~(let ((pid (call-with-input-file "/var/run/nginx/pid" read)))
21	(kill pid SIGHUP))))	21	(kill pid SIGHUP))))
22		22
23	(define uuid-root "1ec6339b-4918-45d2-b77e-b32cf265265d")
24	(define dev-bootloader "/dev/xvda")
25
26	(define (letsencrypt-certificate domain)	23	(define (letsencrypt-certificate domain)
27	(string-append "/etc/letsencrypt/live/" domain "/fullchain.pem"))	24	(string-append "/etc/letsencrypt/live/" domain "/fullchain.pem"))
28		25
@@ -47,22 +44,16 @@
47	"netdev" ;; network devices	44	"netdev" ;; network devices
48	"tty"	45	"tty"
49	"input")))	46	"input")))
50	(user-account
51	(name "fcgiwrap")
52	(group "fcgiwrap")
53	(supplementary-groups '("git")))
54	%base-user-accounts))	47	%base-user-accounts))
55		48
56	;; (user-group (name "git"))	49	(packages (append
57		50	(specifications->packages '("emacs-no-x-toolkit"
58	(packages (append	51	"exfat-utils"
59	(specifications->packages '("emacs-no-x-toolkit"	52	"git"
60	"exfat-utils"	53	"nss-certs"
61	"git"	54	"nmap"
62	"nss-certs"	55	"curl"))
63	"nmap"	56	%base-packages))
64	"curl"))
65	%base-packages))
66		57
67	(services (cons*	58	(services (cons*
68	(service openssh-service-type	59	(service openssh-service-type
@@ -78,11 +69,11 @@
78	(addresses	69	(addresses
79	(list (network-address	70	(list (network-address
80	(device "eth0")	71	(device "eth0")
81	(value "195.74.91.18/26"))))	72	(value "193.200.51.92/27"))))
82	(routes	73	(routes
83	(list (network-route	74	(list (network-route
84	(destination "default")	75	(destination "default")
85	(gateway "195.74.91.1"))))	76	(gateway "193.200.51.89"))))
86	(name-servers '("195.74.91.4 " "193.200.50.51")))	77	(name-servers '("195.74.91.4 " "193.200.50.51")))
87		78
88	%loopback-static-networking))	79	%loopback-static-networking))
@@ -90,9 +81,26 @@
90	(service gitolite-service-type	81	(service gitolite-service-type
91	(gitolite-configuration	82	(gitolite-configuration
92	(admin-pubkey jdlugosz-ssh-pub)	83	(admin-pubkey jdlugosz-ssh-pub)
		84	(group "fcgiwrap")
93	(rc-file	85	(rc-file
94	(gitolite-rc-file (umask #o0027)))))	86	(gitolite-rc-file (umask #o0027)
95		87	;; Allow to set any configuration key
		88	(git-config-keys ".*")
		89	;; Allow any text as a valid configuration value
		90	(unsafe-pattern "^$")
		91	))))
		92
		93	;;; Note to myself:
		94	;;;
		95	;;; After fresh installation, nginx wont be working,
		96	;;; because the ssl certifications aren't generated yet,
		97	;;; you have to comment out the cgit and nginx service type
		98	;;; and after system reconfigure, run this script:
		99	;;; /var/lib/certbot/renew-certicates
		100	;;; after it, new certificates should appear in:
		101	;;; /etc/letsencrypt/live/{domain} directory
		102	;;; now you can uncomment cgit and nginx service type
		103	;;; and after system reconfigure everything should be up and running.
96	(service certbot-service-type	104	(service certbot-service-type
97	(certbot-configuration	105	(certbot-configuration
98	(email "me@jdlugosz.com")	106	(email "me@jdlugosz.com")
@@ -111,7 +119,9 @@
111	(enable-log-filecount? #t)	119	(enable-log-filecount? #t)
112	(enable-log-linecount? #t)	120	(enable-log-linecount? #t)
113	(side-by-side-diffs? #t)	121	(side-by-side-diffs? #t)
114	(repository-directory "/var/lib/gitolite/repositories/public")	122	(enable-git-config? #t)
		123	(section-from-path 1)
		124	(repository-directory "/var/lib/gitolite/repositories/public/")
115	(source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py"))	125	(source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py"))
116	(about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh"))	126	(about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh"))
117	(max-stats "year")	127	(max-stats "year")
@@ -142,14 +152,21 @@
142	(delete static-networking-service-type))))	152	(delete static-networking-service-type))))
143		153
144	(bootloader (bootloader-configuration	154	(bootloader (bootloader-configuration
145	(bootloader grub-bootloader)	155	(bootloader grub-bootloader)
146	(targets (list dev-bootloader))	156	(targets (list "/dev/sda"))
147	(keyboard-layout keyboard-layout)))	157	(keyboard-layout keyboard-layout)))
148		158	(initrd-modules (append '("virtio_scsi") %base-initrd-modules))
		159	(swap-devices (list (swap-space
		160	(target (uuid
		161	"1510f063-9936-494a-97ee-488fda7ff0fe")))))
		162
		163	;; The list of file systems that get "mounted". The unique
		164	;; file system identifiers there ("UUIDs") can be obtained
		165	;; by running 'blkid' in a terminal.
149	(file-systems (cons* (file-system	166	(file-systems (cons* (file-system
150	(mount-point "/")	167	(mount-point "/")
151	(device (uuid	168	(device (uuid
152	uuid-root	169	"21ea8fcd-d031-4f00-9e57-0bd4ed5b0230"
153	'ext4))	170	'ext4))
154	(type "ext4")) %base-file-systems))))	171	(type "ext4")) %base-file-systems))))
155		172