5 files changed, 282 insertions, 13 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..30bd623
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+.env
diff --git a/hipis.scm b/hipis.scm
index e3f4b93..d66bec7 100755
--- a/hipis.scm
+++ b/hipis.scm
@@ -11,9 +11,13 @@
  #:use-module (gnu services version-control)
  #:use-module (gnu services certbot)
  #:use-module (gnu services web)
-  #:use-module (gnu services messaging)
+  #:use-module (gnu services dbus)
+  #:use-module (gnu services desktop)
+  #:use-module (gnu services docker)
-  #:use-module (hipis services web))
+  #:use-module (hipis services web)
+  #:use-module (hipis services goaccess)
+  #:use-module (hipis services radicale))
 (define jdlugosz-ssh-pub
  (local-file "./jdlugosz.pub"))
@@ -47,19 +51,25 @@
            (supplementary-groups '("wheel"  ;; sudo
                                    "netdev" ;; network devices
                                    "tty"
-                                    "input")))
+                                    "input"
+                                    "docker")))
           %base-user-accounts))
   (packages (append
-              (specifications->packages '("emacs-no-x-toolkit"
+              (map car
-                                          "exfat-utils"
+                   (specifications->packages '("emacs-no-x-toolkit"
-                                          "git"
+                                               "exfat-utils"
-                                          "nss-certs"
+                                               "git"
-                                          "nmap"
+                                               ;; "nss-certs"
-                                          "curl"))
+                                               "nmap"
+                                               "curl")))
              %base-packages))
   (services (cons*
+              (service elogind-service-type)
+              (service dbus-root-service-type)
+              (service docker-service-type)
              (service fail2ban-service-type
                       (fail2ban-configuration
                        (extra-jails
@@ -73,6 +83,7 @@
                        (permit-root-login 'prohibit-password)
                        (allow-empty-passwords? #f)
                        (password-authentication? #f)
+                        (gateway-ports? #t)
                        (authorized-keys
                         `(("jakub" ,jdlugosz-ssh-pub)))))
@@ -116,7 +127,8 @@
                        (certificates
                         (list
                          (certificate-configuration
-                           (domains '("jdlugosz.com" "git.jdlugosz.com"))
+                           (domains '("jdlugosz.com" "git.jdlugosz.com"
+                                      "caldav.jdlugosz.com" "raport.jdlugosz.com"))
                           (deploy-hook %nginx-deploy-hook))))))
              (service cgit-service-type
@@ -146,7 +158,26 @@
                           (ssl-certificate (letsencrypt-certificate "jdlugosz.com"))
                           (ssl-certificate-key (letsencrypt-key "jdlugosz.com")))))))
-              (service quassel-service-type)
+              (service goaccess-service-type
+                       (goaccess-configuration
+                        (goaccess-nginx-server-configuration
+                         (nginx-server-configuration
+                          (inherit %goaccess-nginx-server-configuration)
+                          (server-name '("raport.jdlugosz.com"))
+                          (listen '("443 ssl"))
+                          (ssl-certificate (letsencrypt-certificate "jdlugosz.com"))
+                          (ssl-certificate-key (letsencrypt-key "jdlugosz.com"))))))
+              (service radicale-service-type
+                       (radicale-configuration
+                        (users `(("admin" . ,(getenv "RADICALE_ADMIN_PASS"))))
+                        (radicale-nginx-server-configuration
+                         (nginx-server-configuration
+                          (inherit %radicale-nginx-server-configuration)
+                          (server-name '("caldav.jdlugosz.com"))
+                          (listen '("443 ssl"))
+                          (ssl-certificate (letsencrypt-certificate "jdlugosz.com"))
+                          (ssl-certificate-key (letsencrypt-key "jdlugosz.com"))))))
              (service hwp-service-type
                       (hwp-site-configuration
diff --git a/hipis/packages/web.scm b/hipis/packages/web.scm
index e4f4f6c..94ebcbf 100644
--- a/hipis/packages/web.scm
+++ b/hipis/packages/web.scm
@@ -26,7 +26,7 @@
    (description "Build scripts to *.jdlugosz.com pages.")
    (home-page "https://git.jdlugosz.com/hipis/hipis-system/")
    (source
-     (local-file "/home/jakub/Projects/hipis/hipis/packages/source/hwp" #:recursive? #t))
+     (local-file "/home/jakub/hipis-system/hipis/packages/source/hwp" #:recursive? #t))
    (build-system guile-build-system)
    (arguments
@@ -35,11 +35,14 @@
                                          (lambda* (#:key inputs outputs #:allow-other-keys)
                                            (let* ((out  (assoc-ref outputs "out"))
                                                   (bin  (string-append out "/bin/"))
+                                                   (site  (string-append out "/share/guile/site/3.0/"))
                                                   (haunt (assoc-ref inputs "haunt"))
                                                   (hwp "hwp-build"))
                                              (mkdir-p bin)
                                              (chmod hwp #o555)
                                              (copy-recursively hwp (string-append bin hwp))
+                                              (copy-recursively "hwp/static/"
+                                                                (string-append site "hwp/static/"))
                                              (delete-file-recursively hwp))))
                               (add-before 'install 'wrap-hipis-build-web-page
@@ -66,7 +69,8 @@
    ;; (native-inputs (list haunt))
    (inputs (list guile-3.0
                  guile-reader
-                  guile-commonmark))
+                  guile-commonmark
+                  guile-syntax-highlight))
    (propagated-inputs (list haunt))
    (license license:gpl3+)))
diff --git a/hipis/services/goaccess.scm b/hipis/services/goaccess.scm
new file mode 100644
index 0000000..e71ca2b
--- /dev/null
+++ b/hipis/services/goaccess.scm
@@ -0,0 +1,83 @@
+(define-module (hipis services goaccess)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (guix packages)
+  #:use-module (guix profiles)
+  #:use-module (guix gexp)
+  #:use-module (guix records)
+  #:use-module (guix download)
+  #:use-module (gnu packages)
+  #:use-module (gnu packages web)
+  #:use-module (gnu services)
+  #:use-module (gnu services web)
+  #:use-module (gnu services guix)
+  #:use-module (gnu services mcron)
+  #:export (goaccess-service-type
+            goaccess-configuration
+            %goaccess-nginx-server-configuration))
+(define %goaccess-nginx-server-configuration
+  (nginx-server-configuration
+   (root "/var/www/raport/")
+   (listen '("80"))
+   (ssl-certificate #f)
+   (ssl-certificate-key #f)))
+(define-record-type* <goaccess-configuration>
+  goaccess-configuration make-goaccess-configuration
+  goaccess-configuration-configuration?
+  (nginx-log-access                    goaccess-configuration-nginx-log-access
+                                       (default "/var/log/nginx/access.log"))
+  (goaccess-run-script-dir             goaccess-configuration-goaccess-run-script
+                                       (default "/var/lib/goaccess/"))
+  (goaccess-run-script-name            goaccess-configuration-goaccess-run-script-name
+                                       (default "generate-raport"))
+  (goaccess-additional-args            goaccess-configuration-goaccess-additional-args
+                                       (default '()))
+  (goaccess-nginx-server-configuration goaccess-configuration-goaccess-nginx-server-configuration
+                                       (default %goaccess-nginx-configuration)))
+(define (goaccess-run-script config)
+  (match-record config <goaccess-configuration>
+                (goaccess-additional-args goaccess-nginx-server-configuration goaccess-run-script-name)
+                (program-file goaccess-run-script-name
+                 #~(begin
+                     (use-modules (guix build utils))
+                     (system* (string-append #$goaccess "/bin/goaccess")
+                              "/var/log/nginx/access.log"
+                              "--log-format" "COMBINED"
+                              "-o" #$(string-append (nginx-server-configuration-root
+                                                     goaccess-nginx-server-configuration)
+                                                    "index.html")
+                              #$@goaccess-additional-args)))))
+(define (goaccess-activation config)
+  (match-record config <goaccess-configuration>
+                (goaccess-run-script-dir goaccess-run-script-name goaccess-nginx-server-configuration)
+                #~(begin
+                    (use-modules (guix build utils))
+                    (format #t "creating goaccess run script at '~a'~%" #$goaccess-run-script-dir)
+                    (mkdir-p #$goaccess-run-script-dir)
+                    (mkdir-p #$(nginx-server-configuration-root
+                                goaccess-nginx-server-configuration))
+                    (copy-file #$(goaccess-run-script config)
+                               #$(string-append goaccess-run-script-dir
+                                                goaccess-run-script-name)))))
+(define goaccess-service-type
+  (service-type
+   (name 'goaccess)
+   (extensions
+    (list (service-extension activation-service-type
+                             goaccess-activation)
+          (service-extension nginx-service-type
+                             (lambda (config)
+                               (list  (goaccess-configuration-goaccess-nginx-server-configuration
+                                       config))))
+          (service-extension mcron-service-type
+                             (lambda (config)
+                               (list  #~(job '(next-hour '(0 12))
+                                             #$(goaccess-run-script config)))))))
+   (description
+    "Create static raports for various types of web server using goaccess.")))
diff --git a/hipis/services/radicale.scm b/hipis/services/radicale.scm
new file mode 100644
index 0000000..4198095
--- /dev/null
+++ b/hipis/services/radicale.scm
@@ -0,0 +1,149 @@
+(define-module (hipis services radicale)
+  #:use-module (ice-9 match)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (guix packages)
+  #:use-module (guix profiles)
+  #:use-module (guix gexp)
+  #:use-module (guix records)
+  #:use-module (guix download)
+  #:use-module (gnu packages)
+  #:use-module (gnu packages web)
+  #:use-module (gnu packages base)
+  #:use-module (gnu packages dav)
+  #:use-module (gnu packages admin)
+  #:use-module (gnu services)
+  #:use-module (gnu services web)
+  #:use-module (gnu services guix)
+  #:use-module (gnu services shepherd)
+  #:use-module (gnu system shadow)
+  #:export (radicale-service-type
+            radicale-configuration
+            radicale-nginx-server-configuration
+            %radicale-config-file
+            %radicale-nginx-server-configuration))
+(define %radicale-config-file
+  (plain-file "radicale.conf" "
+[auth]
+type = htpasswd
+htpasswd_filename = /var/lib/radicale/users
+htpasswd_encryption = md5
+[server]
+hosts = localhost:5232
+"))
+(define %radicale-nginx-server-configuration
+  (nginx-server-configuration
+   (locations
+    (list
+     (nginx-location-configuration
+      (uri "/radicale/")
+      (body '("proxy_pass        http://localhost:5232/;"
+              "proxy_set_header  X-Script-Name /radicale;"
+              "proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;"
+              "proxy_set_header  Host $http_host;"
+              "proxy_pass_header Authorization;")))))
+   (root "")
+   (try-files #nil)
+   (index #nil)
+   (listen '("80"))
+   (ssl-certificate #f)
+   (ssl-certificate-key #f)))
+(define %radicale-accounts
+  (list (user-group
+         (name "radicale")
+         (system? #t))
+        (user-account
+         (name "radicale")
+         (group "radicale")
+         (system? #t)
+         (comment "Radicale Daemon")
+         (home-directory "/var/empty")
+         (shell (file-append shadow "/sbin/nologin")))))
+(define-record-type* <radicale-configuration>
+  radicale-configuration make-radicale-configuration
+  radicale-configuration-configuration?
+  (radicale-nginx-server-configuration    radicale-configuration-radicale-nginx-server-configuration
+                                          (default %radicale-nginx-server-configuration))
+  (package                                radicale-configuration-package
+                                          (default radicale))
+  (config-file                            radicale-configuration-config-file
+                                          (default %radicale-config-file))
+  (users                                  radicale-configuration-users
+                                          (default '())))
+(define (radicale-nginx-service config)
+  (list (radicale-configuration-radicale-nginx-server-configuration
+         config)))
+(define (radicale-activation config)
+  (match-record config <radicale-configuration>
+    (users)
+    (with-imported-modules '((guix build utils))
+      #~(begin
+          (use-modules (guix build utils)
+                       (ice-9 match))
+          (let* ((uid (passwd:uid (getpw "radicale")))
+                 (gid (group:gid (getgr "radicale")))
+                 (radicale-lib "/var/lib/radicale")
+                 (radicale-collections
+                  (string-append radicale-lib "/collections"))
+                 (radicale-users
+                  (string-append radicale-lib "/users")))
+            (mkdir-p radicale-collections)
+            (chown radicale-collections uid gid)
+            (chown radicale-lib uid gid)
+            (chmod radicale-lib #o700)
+            (when (file-exists? radicale-users)
+              (system* #$(file-append coreutils "/bin/rm")
+                       radicale-users))
+            (system* #$(file-append coreutils "/bin/touch")
+                     radicale-users)
+            (chown radicale-users uid gid)
+            (map (match-lambda
+                   ((user . pass)
+                    (system* #$(file-append httpd "/bin/htpasswd")
+                             "-b" radicale-users user pass))
+                   (_ (error "Expected list of cons lists with username and password.")))
+                 '#$users))))))
+(define (radicale-shepherd-service config)
+  (match-record config <radicale-configuration>
+    (package config-file)
+    (list (shepherd-service
+           (provision '(radicale))
+           (documentation "Run the radicale daemon.")
+           (requirement '(networking))
+           (start #~(make-forkexec-constructor
+                     (list #$(file-append package "/bin/radicale")
+                           "-C" #$config-file)
+                     #:user "radicale"
+                     #:group "radicale"))
+           (stop #~(make-kill-destructor))))))
+(define radicale-service-type
+  (service-type
+   (name 'radicale)
+   (extensions
+    (list (service-extension nginx-service-type
+                             radicale-nginx-service)
+          (service-extension shepherd-root-service-type
+                             radicale-shepherd-service)
+          (service-extension account-service-type
+                             (const %radicale-accounts))
+          (service-extension activation-service-type
+                             radicale-activation)))
+   (default-value (radicale-configuration))
+   (description
+    "Create static raports for various types of web server using goaccess.")))

diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..30bd623 --- /dev/null +++ b/.gitignore
@@ -0,0 +1,2 @@
		1	.env
		2


diff --git a/hipis.scm b/hipis.scm index e3f4b93..d66bec7 100755 --- a/hipis.scm +++ b/hipis.scm
@@ -11,9 +11,13 @@
11	#:use-module (gnu services version-control)	11	#:use-module (gnu services version-control)
12	#:use-module (gnu services certbot)	12	#:use-module (gnu services certbot)
13	#:use-module (gnu services web)	13	#:use-module (gnu services web)
14	#:use-module (gnu services messaging)	14	#:use-module (gnu services dbus)
		15	#:use-module (gnu services desktop)
		16	#:use-module (gnu services docker)
15		17
16	#:use-module (hipis services web))	18	#:use-module (hipis services web)
		19	#:use-module (hipis services goaccess)
		20	#:use-module (hipis services radicale))
17		21
18	(define jdlugosz-ssh-pub	22	(define jdlugosz-ssh-pub
19	(local-file "./jdlugosz.pub"))	23	(local-file "./jdlugosz.pub"))
@@ -47,19 +51,25 @@
47	(supplementary-groups '("wheel" ;; sudo	51	(supplementary-groups '("wheel" ;; sudo
48	"netdev" ;; network devices	52	"netdev" ;; network devices
49	"tty"	53	"tty"
50	"input")))	54	"input"
		55	"docker")))
51	%base-user-accounts))	56	%base-user-accounts))
52		57
53	(packages (append	58	(packages (append
54	(specifications->packages '("emacs-no-x-toolkit"	59	(map car
55	"exfat-utils"	60	(specifications->packages '("emacs-no-x-toolkit"
56	"git"	61	"exfat-utils"
57	"nss-certs"	62	"git"
58	"nmap"	63	;; "nss-certs"
59	"curl"))	64	"nmap"
		65	"curl")))
60	%base-packages))	66	%base-packages))
61		67
62	(services (cons*	68	(services (cons*
		69	(service elogind-service-type)
		70	(service dbus-root-service-type)
		71	(service docker-service-type)
		72
63	(service fail2ban-service-type	73	(service fail2ban-service-type
64	(fail2ban-configuration	74	(fail2ban-configuration
65	(extra-jails	75	(extra-jails
@@ -73,6 +83,7 @@
73	(permit-root-login 'prohibit-password)	83	(permit-root-login 'prohibit-password)
74	(allow-empty-passwords? #f)	84	(allow-empty-passwords? #f)
75	(password-authentication? #f)	85	(password-authentication? #f)
		86	(gateway-ports? #t)
76	(authorized-keys	87	(authorized-keys
77	`(("jakub" ,jdlugosz-ssh-pub)))))	88	`(("jakub" ,jdlugosz-ssh-pub)))))
78		89
@@ -116,7 +127,8 @@
116	(certificates	127	(certificates
117	(list	128	(list
118	(certificate-configuration	129	(certificate-configuration
119	(domains '("jdlugosz.com" "git.jdlugosz.com"))	130	(domains '("jdlugosz.com" "git.jdlugosz.com"
		131	"caldav.jdlugosz.com" "raport.jdlugosz.com"))
120	(deploy-hook %nginx-deploy-hook))))))	132	(deploy-hook %nginx-deploy-hook))))))
121		133
122	(service cgit-service-type	134	(service cgit-service-type
@@ -146,7 +158,26 @@
146	(ssl-certificate (letsencrypt-certificate "jdlugosz.com"))	158	(ssl-certificate (letsencrypt-certificate "jdlugosz.com"))
147	(ssl-certificate-key (letsencrypt-key "jdlugosz.com")))))))	159	(ssl-certificate-key (letsencrypt-key "jdlugosz.com")))))))
148		160
149	(service quassel-service-type)	161	(service goaccess-service-type
		162	(goaccess-configuration
		163	(goaccess-nginx-server-configuration
		164	(nginx-server-configuration
		165	(inherit %goaccess-nginx-server-configuration)
		166	(server-name '("raport.jdlugosz.com"))
		167	(listen '("443 ssl"))
		168	(ssl-certificate (letsencrypt-certificate "jdlugosz.com"))
		169	(ssl-certificate-key (letsencrypt-key "jdlugosz.com"))))))
		170
		171	(service radicale-service-type
		172	(radicale-configuration
		173	(users `(("admin" . ,(getenv "RADICALE_ADMIN_PASS"))))
		174	(radicale-nginx-server-configuration
		175	(nginx-server-configuration
		176	(inherit %radicale-nginx-server-configuration)
		177	(server-name '("caldav.jdlugosz.com"))
		178	(listen '("443 ssl"))
		179	(ssl-certificate (letsencrypt-certificate "jdlugosz.com"))
		180	(ssl-certificate-key (letsencrypt-key "jdlugosz.com"))))))
150		181
151	(service hwp-service-type	182	(service hwp-service-type
152	(hwp-site-configuration	183	(hwp-site-configuration


diff --git a/hipis/packages/web.scm b/hipis/packages/web.scm index e4f4f6c..94ebcbf 100644 --- a/hipis/packages/web.scm +++ b/hipis/packages/web.scm
@@ -26,7 +26,7 @@
26	(description "Build scripts to *.jdlugosz.com pages.")	26	(description "Build scripts to *.jdlugosz.com pages.")
27	(home-page "https://git.jdlugosz.com/hipis/hipis-system/")	27	(home-page "https://git.jdlugosz.com/hipis/hipis-system/")
28	(source	28	(source
29	(local-file "/home/jakub/Projects/hipis/hipis/packages/source/hwp" #:recursive? #t))	29	(local-file "/home/jakub/hipis-system/hipis/packages/source/hwp" #:recursive? #t))
30	(build-system guile-build-system)	30	(build-system guile-build-system)
31		31
32	(arguments	32	(arguments
@@ -35,11 +35,14 @@
35	(lambda* (#:key inputs outputs #:allow-other-keys)	35	(lambda* (#:key inputs outputs #:allow-other-keys)
36	(let* ((out (assoc-ref outputs "out"))	36	(let* ((out (assoc-ref outputs "out"))
37	(bin (string-append out "/bin/"))	37	(bin (string-append out "/bin/"))
		38	(site (string-append out "/share/guile/site/3.0/"))
38	(haunt (assoc-ref inputs "haunt"))	39	(haunt (assoc-ref inputs "haunt"))
39	(hwp "hwp-build"))	40	(hwp "hwp-build"))
40	(mkdir-p bin)	41	(mkdir-p bin)
41	(chmod hwp #o555)	42	(chmod hwp #o555)
42	(copy-recursively hwp (string-append bin hwp))	43	(copy-recursively hwp (string-append bin hwp))
		44	(copy-recursively "hwp/static/"
		45	(string-append site "hwp/static/"))
43	(delete-file-recursively hwp))))	46	(delete-file-recursively hwp))))
44		47
45	(add-before 'install 'wrap-hipis-build-web-page	48	(add-before 'install 'wrap-hipis-build-web-page
@@ -66,7 +69,8 @@
66	;; (native-inputs (list haunt))	69	;; (native-inputs (list haunt))
67	(inputs (list guile-3.0	70	(inputs (list guile-3.0
68	guile-reader	71	guile-reader
69	guile-commonmark))	72	guile-commonmark
		73	guile-syntax-highlight))
70	(propagated-inputs (list haunt))	74	(propagated-inputs (list haunt))
71	(license license:gpl3+)))	75	(license license:gpl3+)))
72		76


diff --git a/hipis/services/goaccess.scm b/hipis/services/goaccess.scm new file mode 100644 index 0000000..e71ca2b --- /dev/null +++ b/hipis/services/goaccess.scm
@@ -0,0 +1,83 @@
		1	(define-module (hipis services goaccess)
		2	#:use-module ((guix licenses) #:prefix license:)
		3	#:use-module (guix packages)
		4	#:use-module (guix profiles)
		5	#:use-module (guix gexp)
		6	#:use-module (guix records)
		7	#:use-module (guix download)
		8
		9	#:use-module (gnu packages)
		10	#:use-module (gnu packages web)
		11	#:use-module (gnu services)
		12	#:use-module (gnu services web)
		13	#:use-module (gnu services guix)
		14	#:use-module (gnu services mcron)
		15	#:export (goaccess-service-type
		16	goaccess-configuration
		17	%goaccess-nginx-server-configuration))
		18
		19	(define %goaccess-nginx-server-configuration
		20	(nginx-server-configuration
		21	(root "/var/www/raport/")
		22	(listen '("80"))
		23	(ssl-certificate #f)
		24	(ssl-certificate-key #f)))
		25
		26	(define-record-type* <goaccess-configuration>
		27	goaccess-configuration make-goaccess-configuration
		28	goaccess-configuration-configuration?
		29	(nginx-log-access goaccess-configuration-nginx-log-access
		30	(default "/var/log/nginx/access.log"))
		31	(goaccess-run-script-dir goaccess-configuration-goaccess-run-script
		32	(default "/var/lib/goaccess/"))
		33	(goaccess-run-script-name goaccess-configuration-goaccess-run-script-name
		34	(default "generate-raport"))
		35	(goaccess-additional-args goaccess-configuration-goaccess-additional-args
		36	(default '()))
		37	(goaccess-nginx-server-configuration goaccess-configuration-goaccess-nginx-server-configuration
		38	(default %goaccess-nginx-configuration)))
		39
		40	(define (goaccess-run-script config)
		41	(match-record config <goaccess-configuration>
		42	(goaccess-additional-args goaccess-nginx-server-configuration goaccess-run-script-name)
		43	(program-file goaccess-run-script-name
		44	#~(begin
		45	(use-modules (guix build utils))
		46	(system* (string-append #$goaccess "/bin/goaccess")
		47	"/var/log/nginx/access.log"
		48	"--log-format" "COMBINED"
		49	"-o" #$(string-append (nginx-server-configuration-root
		50	goaccess-nginx-server-configuration)
		51	"index.html")
		52	#$@goaccess-additional-args)))))
		53
		54	(define (goaccess-activation config)
		55	(match-record config <goaccess-configuration>
		56	(goaccess-run-script-dir goaccess-run-script-name goaccess-nginx-server-configuration)
		57	#~(begin
		58	(use-modules (guix build utils))
		59
		60	(format #t "creating goaccess run script at '~a'~%" #$goaccess-run-script-dir)
		61	(mkdir-p #$goaccess-run-script-dir)
		62	(mkdir-p #$(nginx-server-configuration-root
		63	goaccess-nginx-server-configuration))
		64	(copy-file #$(goaccess-run-script config)
		65	#$(string-append goaccess-run-script-dir
		66	goaccess-run-script-name)))))
		67
		68	(define goaccess-service-type
		69	(service-type
		70	(name 'goaccess)
		71	(extensions
		72	(list (service-extension activation-service-type
		73	goaccess-activation)
		74	(service-extension nginx-service-type
		75	(lambda (config)
		76	(list (goaccess-configuration-goaccess-nginx-server-configuration
		77	config))))
		78	(service-extension mcron-service-type
		79	(lambda (config)
		80	(list #~(job '(next-hour '(0 12))
		81	#$(goaccess-run-script config)))))))
		82	(description
		83	"Create static raports for various types of web server using goaccess.")))


diff --git a/hipis/services/radicale.scm b/hipis/services/radicale.scm new file mode 100644 index 0000000..4198095 --- /dev/null +++ b/hipis/services/radicale.scm
@@ -0,0 +1,149 @@
		1	(define-module (hipis services radicale)
		2	#:use-module (ice-9 match)
		3
		4	#:use-module ((guix licenses) #:prefix license:)
		5	#:use-module (guix packages)
		6	#:use-module (guix profiles)
		7	#:use-module (guix gexp)
		8	#:use-module (guix records)
		9	#:use-module (guix download)
		10
		11	#:use-module (gnu packages)
		12	#:use-module (gnu packages web)
		13	#:use-module (gnu packages base)
		14	#:use-module (gnu packages dav)
		15	#:use-module (gnu packages admin)
		16
		17	#:use-module (gnu services)
		18	#:use-module (gnu services web)
		19	#:use-module (gnu services guix)
		20	#:use-module (gnu services shepherd)
		21
		22	#:use-module (gnu system shadow)
		23
		24	#:export (radicale-service-type
		25	radicale-configuration
		26	radicale-nginx-server-configuration
		27	%radicale-config-file
		28	%radicale-nginx-server-configuration))
		29
		30	(define %radicale-config-file
		31	(plain-file "radicale.conf" "
		32	[auth]
		33	type = htpasswd
		34	htpasswd_filename = /var/lib/radicale/users
		35	htpasswd_encryption = md5
		36
		37	[server]
		38	hosts = localhost:5232
		39	"))
		40
		41
		42	(define %radicale-nginx-server-configuration
		43	(nginx-server-configuration
		44	(locations
		45	(list
		46	(nginx-location-configuration
		47	(uri "/radicale/")
		48	(body '("proxy_pass http://localhost:5232/;"
		49	"proxy_set_header X-Script-Name /radicale;"
		50	"proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;"
		51	"proxy_set_header Host $http_host;"
		52	"proxy_pass_header Authorization;")))))
		53	(root "")
		54	(try-files #nil)
		55	(index #nil)
		56	(listen '("80"))
		57	(ssl-certificate #f)
		58	(ssl-certificate-key #f)))
		59
		60	(define %radicale-accounts
		61	(list (user-group
		62	(name "radicale")
		63	(system? #t))
		64	(user-account
		65	(name "radicale")
		66	(group "radicale")
		67	(system? #t)
		68	(comment "Radicale Daemon")
		69	(home-directory "/var/empty")
		70	(shell (file-append shadow "/sbin/nologin")))))
		71
		72	(define-record-type* <radicale-configuration>
		73	radicale-configuration make-radicale-configuration
		74	radicale-configuration-configuration?
		75	(radicale-nginx-server-configuration radicale-configuration-radicale-nginx-server-configuration
		76	(default %radicale-nginx-server-configuration))
		77	(package radicale-configuration-package
		78	(default radicale))
		79	(config-file radicale-configuration-config-file
		80	(default %radicale-config-file))
		81	(users radicale-configuration-users
		82	(default '())))
		83
		84	(define (radicale-nginx-service config)
		85	(list (radicale-configuration-radicale-nginx-server-configuration
		86	config)))
		87
		88	(define (radicale-activation config)
		89	(match-record config <radicale-configuration>
		90	(users)
		91	(with-imported-modules '((guix build utils))
		92	#~(begin
		93	(use-modules (guix build utils)
		94	(ice-9 match))
		95	(let* ((uid (passwd:uid (getpw "radicale")))
		96	(gid (group:gid (getgr "radicale")))
		97	(radicale-lib "/var/lib/radicale")
		98	(radicale-collections
		99	(string-append radicale-lib "/collections"))
		100	(radicale-users
		101	(string-append radicale-lib "/users")))
		102	(mkdir-p radicale-collections)
		103	(chown radicale-collections uid gid)
		104	(chown radicale-lib uid gid)
		105	(chmod radicale-lib #o700)
		106	(when (file-exists? radicale-users)
		107	(system* #$(file-append coreutils "/bin/rm")
		108	radicale-users))
		109	(system* #$(file-append coreutils "/bin/touch")
		110	radicale-users)
		111	(chown radicale-users uid gid)
		112	(map (match-lambda
		113	((user . pass)
		114	(system* #$(file-append httpd "/bin/htpasswd")
		115	"-b" radicale-users user pass))
		116	(_ (error "Expected list of cons lists with username and password.")))
		117	'#$users))))))
		118
		119
		120	(define (radicale-shepherd-service config)
		121	(match-record config <radicale-configuration>
		122	(package config-file)
		123	(list (shepherd-service
		124	(provision '(radicale))
		125	(documentation "Run the radicale daemon.")
		126	(requirement '(networking))
		127	(start #~(make-forkexec-constructor
		128	(list #$(file-append package "/bin/radicale")
		129	"-C" #$config-file)
		130	#:user "radicale"
		131	#:group "radicale"))
		132	(stop #~(make-kill-destructor))))))
		133
		134	(define radicale-service-type
		135	(service-type
		136	(name 'radicale)
		137	(extensions
		138	(list (service-extension nginx-service-type
		139	radicale-nginx-service)
		140	(service-extension shepherd-root-service-type
		141	radicale-shepherd-service)
		142	(service-extension account-service-type
		143	(const %radicale-accounts))
		144	(service-extension activation-service-type
		145	radicale-activation)))
		146	(default-value (radicale-configuration))
		147	(description
		148	"Create static raports for various types of web server using goaccess.")))
		149