From 4b12e65402efe3ce0b33943fce1e27a19d1f445c Mon Sep 17 00:00:00 2001 From: jdlugosz963 Date: Tue, 19 Dec 2023 23:17:04 +0100 Subject: Add basic hwp package and service template. --- hipis.scm | 186 +++++++++++++++++++++++++++++++++ hipis/hipis.scm | 182 -------------------------------- hipis/packages/source/hwp/hwp-build | 8 ++ hipis/packages/source/hwp/hwp.scm | 13 +++ hipis/packages/source/hwp/hwp/site.scm | 32 ++++++ hipis/packages/source/hwp/hwp/ui.scm | 17 +++ hipis/packages/web.scm | 90 ++++++++++++++++ hipis/services/web.scm | 76 ++++++++++++++ 8 files changed, 422 insertions(+), 182 deletions(-) create mode 100755 hipis.scm delete mode 100755 hipis/hipis.scm create mode 100644 hipis/packages/source/hwp/hwp-build create mode 100644 hipis/packages/source/hwp/hwp.scm create mode 100644 hipis/packages/source/hwp/hwp/site.scm create mode 100644 hipis/packages/source/hwp/hwp/ui.scm create mode 100644 hipis/packages/web.scm create mode 100644 hipis/services/web.scm diff --git a/hipis.scm b/hipis.scm new file mode 100755 index 0000000..6cd5654 --- /dev/null +++ b/hipis.scm @@ -0,0 +1,186 @@ +(define-module (hipis) + #:use-module (guix) + #:use-module (gnu) + #:use-module (gnu system) + #:use-module (gnu packages version-control) + #:use-module (gnu services) + #:use-module (gnu services security) + #:use-module (gnu services networking) + #:use-module (gnu services ssh) + #:use-module (gnu services cgit) + #:use-module (gnu services version-control) + #:use-module (gnu services certbot) + #:use-module (gnu services web) + + #:use-module (hipis services web)) + +(define jdlugosz-ssh-pub + (local-file "./jdlugosz.pub")) + +(define %nginx-deploy-hook + (program-file + "nginx-deploy-hook" + #~(let ((pid (call-with-input-file "/var/run/nginx/pid" read))) + (kill pid SIGHUP)))) + +(define (letsencrypt-certificate domain) + (string-append "/etc/letsencrypt/live/" domain "/fullchain.pem")) + +(define (letsencrypt-key domain) + (string-append "/etc/letsencrypt/live/" domain "/privkey.pem")) + +(define hipis + (operating-system + (locale "en_US.utf8") + (timezone "Europe/Warsaw") + (keyboard-layout (keyboard-layout "pl")) + (host-name "hipis") + + (users (cons* + (user-account + (name "jakub") + (comment "Jakub Dlugosz") + (group "users") + (home-directory "/home/jakub") + (password (crypt "Init14ll-p455w0rd#$" "$6$abc")) + (supplementary-groups '("wheel" ;; sudo + "netdev" ;; network devices + "tty" + "input"))) + %base-user-accounts)) + + (packages (append + (specifications->packages '("emacs-no-x-toolkit" + "exfat-utils" + "git" + "nss-certs" + "nmap" + "curl")) + %base-packages)) + + (services (cons* + (service fail2ban-service-type + (fail2ban-configuration + (extra-jails + (list + (fail2ban-jail-configuration + (name "sshd") + (enabled? #t)))))) + + (service openssh-service-type + (openssh-configuration + (permit-root-login 'prohibit-password) + (allow-empty-passwords? #f) + (password-authentication? #f) + (authorized-keys + `(("jakub" ,jdlugosz-ssh-pub))))) + + (service static-networking-service-type + (list (static-networking + (addresses + (list (network-address + (device "eth0") + (value "193.200.51.92/27")))) + (routes + (list (network-route + (destination "default") + (gateway "193.200.51.89")))) + (name-servers '("195.74.91.4 " "193.200.50.51"))) + + %loopback-static-networking)) + + (service gitolite-service-type + (gitolite-configuration + (admin-pubkey jdlugosz-ssh-pub) + (group "fcgiwrap") + (rc-file + (gitolite-rc-file (umask #o0027) + ;; Allow to set any configuration key + (git-config-keys ".*"))))) + + ;;; Note to myself: + ;;; + ;;; After fresh installation, nginx wont be working, + ;;; because the ssl certifications aren't generated yet, + ;;; you have to comment out the cgit and nginx service type + ;;; and after system reconfigure, run this script: + ;;; /var/lib/certbot/renew-certicates + ;;; after it, new certificates should appear in: + ;;; /etc/letsencrypt/live/{domain} directory + ;;; now you can uncomment cgit and nginx service type + ;;; and after system reconfigure everything should be up and running. + (service certbot-service-type + (certbot-configuration + (email "me@jdlugosz.com") + (certificates + (list + (certificate-configuration + (domains '("jdlugosz.com" "git.jdlugosz.com")) + (deploy-hook %nginx-deploy-hook)))))) + + (service cgit-service-type + (cgit-configuration + (enable-commit-graph? #t) + (enable-html-serving? #t) + (remove-suffix? #t) + (nocache? #t) + (enable-log-filecount? #t) + (enable-log-linecount? #t) + (side-by-side-diffs? #t) + (enable-git-config? #t) + (section-from-path 1) + (repository-directory "/var/lib/gitolite/repositories/public/") + (source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py")) + (about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh")) + (max-stats "year") + (snapshots '("tar.gz" "zip")) + (readme "CGIT README") + + (nginx + (list + (nginx-server-configuration + (inherit %cgit-configuration-nginx) + (server-name '("git.jdlugosz.com")) + (listen '("443 ssl")) + (ssl-certificate (letsencrypt-certificate "jdlugosz.com")) + (ssl-certificate-key (letsencrypt-key "jdlugosz.com"))))))) + + (service nginx-service-type + (nginx-configuration + (server-blocks + (list + (nginx-server-configuration + (server-name '("jdlugosz.com")) + (listen '("443 ssl")) + (ssl-certificate (letsencrypt-certificate "jdlugosz.com")) + (ssl-certificate-key (letsencrypt-key "jdlugosz.com")) + (root "/srv/http/jdlugosz.com")))))) + + (service hwp-service-type + (hwp-site-configuration + (name "hwp-base"))) + + (modify-services %base-services + (delete static-networking-service-type)))) + + (bootloader (bootloader-configuration + (bootloader grub-bootloader) + (targets (list "/dev/sda")) + (keyboard-layout keyboard-layout))) + (initrd-modules (append '("virtio_scsi") %base-initrd-modules)) + (swap-devices (list (swap-space + (target (uuid + "1510f063-9936-494a-97ee-488fda7ff0fe"))))) + + ;; The list of file systems that get "mounted". The unique + ;; file system identifiers there ("UUIDs") can be obtained + ;; by running 'blkid' in a terminal. + (file-systems (cons* (file-system + (mount-point "/") + (device (uuid + "21ea8fcd-d031-4f00-9e57-0bd4ed5b0230" + 'ext4)) + (type "ext4")) %base-file-systems)))) + +hipis + diff --git a/hipis/hipis.scm b/hipis/hipis.scm deleted file mode 100755 index 3660782..0000000 --- a/hipis/hipis.scm +++ /dev/null @@ -1,182 +0,0 @@ -(define-module (hipis) - #:use-module (guix) - #:use-module (gnu) - #:use-module (gnu system) - #:use-module (gnu packages version-control) - #:use-module (gnu services) - #:use-module (gnu services security) - #:use-module (gnu services networking) - #:use-module (gnu services ssh) - #:use-module (gnu services cgit) - #:use-module (gnu services version-control) - #:use-module (gnu services certbot) - #:use-module (gnu services web) - - #:use-module (hipis services web)) - -(define jdlugosz-ssh-pub - (local-file "./jdlugosz.pub")) - -(define %nginx-deploy-hook - (program-file - "nginx-deploy-hook" - #~(let ((pid (call-with-input-file "/var/run/nginx/pid" read))) - (kill pid SIGHUP)))) - -(define (letsencrypt-certificate domain) - (string-append "/etc/letsencrypt/live/" domain "/fullchain.pem")) - -(define (letsencrypt-key domain) - (string-append "/etc/letsencrypt/live/" domain "/privkey.pem")) - -(define hipis - (operating-system - (locale "en_US.utf8") - (timezone "Europe/Warsaw") - (keyboard-layout (keyboard-layout "pl")) - (host-name "hipis") - - (users (cons* - (user-account - (name "jakub") - (comment "Jakub Dlugosz") - (group "users") - (home-directory "/home/jakub") - (password (crypt "Init14ll-p455w0rd#$" "$6$abc")) - (supplementary-groups '("wheel" ;; sudo - "netdev" ;; network devices - "tty" - "input"))) - %base-user-accounts)) - - (packages (append - (specifications->packages '("emacs-no-x-toolkit" - "exfat-utils" - "git" - "nss-certs" - "nmap" - "curl")) - %base-packages)) - - (services (cons* - (service fail2ban-service-type - (fail2ban-configuration - (extra-jails - (list - (fail2ban-jail-configuration - (name "sshd") - (enabled? #t)))))) - - (service openssh-service-type - (openssh-configuration - (permit-root-login 'prohibit-password) - (allow-empty-passwords? #f) - (password-authentication? #f) - (authorized-keys - `(("jakub" ,jdlugosz-ssh-pub))))) - - (service static-networking-service-type - (list (static-networking - (addresses - (list (network-address - (device "eth0") - (value "193.200.51.92/27")))) - (routes - (list (network-route - (destination "default") - (gateway "193.200.51.89")))) - (name-servers '("195.74.91.4 " "193.200.50.51"))) - - %loopback-static-networking)) - - (service gitolite-service-type - (gitolite-configuration - (admin-pubkey jdlugosz-ssh-pub) - (group "fcgiwrap") - (rc-file - (gitolite-rc-file (umask #o0027) - ;; Allow to set any configuration key - (git-config-keys ".*"))))) - - ;;; Note to myself: - ;;; - ;;; After fresh installation, nginx wont be working, - ;;; because the ssl certifications aren't generated yet, - ;;; you have to comment out the cgit and nginx service type - ;;; and after system reconfigure, run this script: - ;;; /var/lib/certbot/renew-certicates - ;;; after it, new certificates should appear in: - ;;; /etc/letsencrypt/live/{domain} directory - ;;; now you can uncomment cgit and nginx service type - ;;; and after system reconfigure everything should be up and running. - (service certbot-service-type - (certbot-configuration - (email "me@jdlugosz.com") - (certificates - (list - (certificate-configuration - (domains '("jdlugosz.com" "git.jdlugosz.com")) - (deploy-hook %nginx-deploy-hook)))))) - - (service cgit-service-type - (cgit-configuration - (enable-commit-graph? #t) - (enable-html-serving? #t) - (remove-suffix? #t) - (nocache? #t) - (enable-log-filecount? #t) - (enable-log-linecount? #t) - (side-by-side-diffs? #t) - (enable-git-config? #t) - (section-from-path 1) - (repository-directory "/var/lib/gitolite/repositories/public/") - (source-filter (file-append cgit "/lib/cgit/filters/syntax-highlighting.py")) - (about-filter (file-append cgit "/lib/cgit/filters/about-formatting.sh")) - (max-stats "year") - (snapshots '("tar.gz" "zip")) - (readme "CGIT README") - - (nginx - (list - (nginx-server-configuration - (inherit %cgit-configuration-nginx) - (server-name '("git.jdlugosz.com")) - (listen '("443 ssl")) - (ssl-certificate (letsencrypt-certificate "jdlugosz.com")) - (ssl-certificate-key (letsencrypt-key "jdlugosz.com"))))))) - - (service nginx-service-type - (nginx-configuration - (server-blocks - (list - (nginx-server-configuration - (server-name '("jdlugosz.com")) - (listen '("443 ssl")) - (ssl-certificate (letsencrypt-certificate "jdlugosz.com")) - (ssl-certificate-key (letsencrypt-key "jdlugosz.com")) - (root "/srv/http/jdlugosz.com")))))) - - (modify-services %base-services - (delete static-networking-service-type)))) - - (bootloader (bootloader-configuration - (bootloader grub-bootloader) - (targets (list "/dev/sda")) - (keyboard-layout keyboard-layout))) - (initrd-modules (append '("virtio_scsi") %base-initrd-modules)) - (swap-devices (list (swap-space - (target (uuid - "1510f063-9936-494a-97ee-488fda7ff0fe"))))) - - ;; The list of file systems that get "mounted". The unique - ;; file system identifiers there ("UUIDs") can be obtained - ;; by running 'blkid' in a terminal. - (file-systems (cons* (file-system - (mount-point "/") - (device (uuid - "21ea8fcd-d031-4f00-9e57-0bd4ed5b0230" - 'ext4)) - (type "ext4")) %base-file-systems)))) - -hipis - diff --git a/hipis/packages/source/hwp/hwp-build b/hipis/packages/source/hwp/hwp-build new file mode 100644 index 0000000..cf1e97e --- /dev/null +++ b/hipis/packages/source/hwp/hwp-build @@ -0,0 +1,8 @@ +#!/usr/bin/guile --no-auto-compile +-*- scheme -*- +!# + +(use-modules (hwp)) + +(hwp-run (command-line)) + diff --git a/hipis/packages/source/hwp/hwp.scm b/hipis/packages/source/hwp/hwp.scm new file mode 100644 index 0000000..6770b5b --- /dev/null +++ b/hipis/packages/source/hwp/hwp.scm @@ -0,0 +1,13 @@ +(define-module (hwp) + #:use-module (hwp site) + #:use-module (hwp ui) + #:use-module (ice-9 match) + #:export (hwp-run)) + +(define (hwp-run args) + (match args + ((cmd) + (display "To create site: hwp-build [input-path] [output-path]") + (newline)) + ((cmd in out) + (hipis-site in out)))) diff --git a/hipis/packages/source/hwp/hwp/site.scm b/hipis/packages/source/hwp/hwp/site.scm new file mode 100644 index 0000000..7fdb2f0 --- /dev/null +++ b/hipis/packages/source/hwp/hwp/site.scm @@ -0,0 +1,32 @@ +(define-module (hwp site) + #:use-module (haunt asset) + #:use-module (haunt builder blog) + #:use-module (haunt builder atom) + #:use-module (haunt builder assets) + #:use-module (haunt reader commonmark) + #:use-module (haunt site) + + #:use-module (ice-9 match) + + #:export (hipis-site)) + + +(define (hipis-site site-directory build-directory) + (build-site + (site #:title "Built with Guile" + #:domain "jdlugosz.com" + #:default-metadata + '((author . "Jakub Długosz") + (email . "jdlugosz963@gmail.com")) + #:readers (list commonmark-reader) + #:builders (list (blog) + (atom-feed) + (atom-feeds-by-tag) + (static-directory (string-append site-directory + "/assets/images") + "/assets/images")) + #:build-directory build-directory + #:posts-directory (string-append site-directory + "/posts")))) + + diff --git a/hipis/packages/source/hwp/hwp/ui.scm b/hipis/packages/source/hwp/hwp/ui.scm new file mode 100644 index 0000000..ec11a31 --- /dev/null +++ b/hipis/packages/source/hwp/hwp/ui.scm @@ -0,0 +1,17 @@ +(define-module (hwp ui) + #:use-module (srfi srfi-9)) + +(define-record-type + (make-theme-configuration primary-color + secondary-color) + theme-configuration? + (primary-color theme-configuration-primary-color) + (secondary-color theme-configuration-secondary-color)) + + +(define* (theme-configuration #:key + (primary-color "#000") + (secondary-color "#111")) + (make-theme-configuration primary-color + secondary-color)) + diff --git a/hipis/packages/web.scm b/hipis/packages/web.scm new file mode 100644 index 0000000..e4f4f6c --- /dev/null +++ b/hipis/packages/web.scm @@ -0,0 +1,90 @@ +(define-module (hipis packages web) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix profiles) + #:use-module (guix gexp) + #:use-module (guix build-system copy) + #:use-module (guix build-system guile) + + #:use-module (gnu packages) + #:use-module (guix download) + #:use-module (gnu packages python-xyz) + #:use-module (gnu packages python-web) + #:use-module (gnu packages python-crypto) + #:use-module (gnu packages python-check) + #:use-module (gnu packages check) + #:use-module (gnu packages guile-xyz) + #:use-module (gnu packages guile) + #:use-module (guix git-download) + ) ;; (guix utils) + +(define-public hipis-web-site + (package + (name "emacs-hipis-web-site") + (version "1.0") + (synopsis "Build scripts to *.jdlugosz.com pages.") + (description "Build scripts to *.jdlugosz.com pages.") + (home-page "https://git.jdlugosz.com/hipis/hipis-system/") + (source + (local-file "/home/jakub/Projects/hipis/hipis/packages/source/hwp" #:recursive? #t)) + (build-system guile-build-system) + + (arguments + `(#:phases (modify-phases %standard-phases + (add-before 'install 'move-files + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin/")) + (haunt (assoc-ref inputs "haunt")) + (hwp "hwp-build")) + (mkdir-p bin) + (chmod hwp #o555) + (copy-recursively hwp (string-append bin hwp)) + (delete-file-recursively hwp)))) + + (add-before 'install 'wrap-hipis-build-web-page + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin")) + (deps (list (assoc-ref inputs "haunt") + (assoc-ref inputs "guile-commonmark") + (assoc-ref inputs "guile-reader") + out))) + (wrap-program (string-append bin "/hwp-build") + #:sh "/bin/sh" + `("GUILE_LOAD_PATH" ":" prefix + (,@(map (lambda (dep) + (string-append dep + "/share/guile/site/3.0/")) + deps))) + `("GUILE_LOAD_COMPILED_PATH" ":" prefix + (,@(map (lambda (dep) + (string-append dep + "/lib/guile/3.0/site-ccache")) + deps)))))))))) + + ;; (native-inputs (list haunt)) + (inputs (list guile-3.0 + guile-reader + guile-commonmark)) + (propagated-inputs (list haunt)) + (license license:gpl3+))) + + +;; (use-modules (guix store) +;; (guix derivations)) + +;; (define (test-hipis-web-site-pacakge) +;; (let* ((con (open-connection)) +;; (drv (run-with-store con (package->derivation hipis-web-site))) +;; (drv-file-name (derivation-file-name drv)) +;; (drv-output-path (derivation->output-path drv))) +;; (build-things con (list drv-file-name)) +;; drv-output-path)) + +;; (test-hipis-web-site-pacakge) + + +(packages->manifest + (list hipis-web-site + guile-3.0-latest)) diff --git a/hipis/services/web.scm b/hipis/services/web.scm new file mode 100644 index 0000000..52cc6db --- /dev/null +++ b/hipis/services/web.scm @@ -0,0 +1,76 @@ +(define-module (hipis services web) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix packages) + #:use-module (guix profiles) + #:use-module (guix gexp) + #:use-module (guix build-system copy) + #:use-module (guix build-system guile) + #:use-module (guix records) + + #:use-module (gnu packages) + #:use-module (guix download) + #:use-module (gnu packages python-xyz) + #:use-module (gnu packages python-web) + #:use-module (gnu packages python-crypto) + #:use-module (gnu packages python-check) + #:use-module (gnu packages check) + #:use-module (gnu packages guile-xyz) + #:use-module (gnu packages guile) + #:use-module (guix git-download) + #:use-module (gnu services) + #:use-module (gnu services guix) + #:use-module (hipis packages web) + + #:export (hwp-service-type + hwp-theme-configuration + hwp-site-configuration)) + + +(define-record-type* + hwp-theme-configuration make-hwp-theme-configuration + hwp-theme-configuration-configuration? + (primary-color hwp-theme-configuration-primary-color + (default "#000"))) + +(define-record-type* + hwp-site-configuration make-hwp-theme-configuration + hwp-site-configuration-configuration? + (name hwp-site-configuration-name) + (theme hwp-site-configuration-theme + (default #nil))) + + +(define (make-hwp-start-script config) + (match-record config + (name) + (program-file (string-append "hwp-" name) + (with-extensions (cons + hipis-web-site + (map cadr + (append (package-inputs hipis-web-site) + (package-propagated-inputs hipis-web-site)))) + #~(begin + (use-modules (hwp)) + (hwp-run '(_ "/tmp/in" "/tmp/out"))))))) + +(define (hwp-activation config) + (match-record config + (name theme) + (let* ((hwp-directory "/var/lib/hwp") + (hwp-site-script (string-append hwp-directory "/hwp-" name)) + (message (string-append "Script for building websites is generated in: " + hwp-site-script))) + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (mkdir-p #$hwp-directory) + (copy-file #$(make-hwp-start-script config) #$hwp-site-script) + (display #$message)))))) + +(define hwp-service-type + (service-type (name 'hwp) + (extensions + (list (service-extension activation-service-type + hwp-activation))) + (description + "hipis-web-page: Automatically build guile haunt pages."))) -- cgit v1.2.3