guix/theodora.scm


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133

(define-module (theodora)
  #:use-module (gnu)
  #:use-module (gnu services)
  #:use-module (gnu services web)
  #:use-module (gnu services dbus)
  #:use-module (gnu services docker)
  #:use-module (gnu services version-control)
  #:use-module (gnu services cgit)
  #:use-module (rosenthal services networking)
  #:use-module (gnu packages databases)
  #:use-module (gnu packages haskell-apps)
  #:use-module (gnu packages version-control))

(use-service-modules cups desktop networking ssh docker xorg)

(make-gitolite (list redis git-annex))

(operating-system
  (locale "en_US.utf8")
  (timezone "Europe/Athens")
  (keyboard-layout (keyboard-layout "us"))
  (host-name "theodora")
  (users (cons* (user-account
                  (name "thanos")
                  (comment "Thanos Apollo")
                  (group "users")
                  (home-directory "/home/thanos")
                  (supplementary-groups '("wheel" "netdev" "audio" "video" "docker")))
		(user-account
		 (name "git")
		 (comment "Git user")
		 (group "users")
		 (home-directory "/home/git")
		 (supplementary-groups '("netdev")))
                %base-user-accounts))
  (packages
   (append (map specification->package '("docker" "dbus" "docker-cli" "sqlite"
					 "docker-compose"))
	   %base-packages))
  (services
   (append (list
            (service openssh-service-type
		      (openssh-configuration
		       (permit-root-login 'prohibit-password)))

	    (service tailscale-service-type)

	    ;; (service gitolite-service-type
	    ;; 	     (gitolite-configuration
	    ;; 	      (admin-pubkey (plain-file
	    ;; 			     "thanosapollo.pub"
	    ;; 			     "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDWbBxe1gu9IQEKSIu22Xz7n/w/kCHWl/+7jgDd2YBeqcnIZ3d/s6TGIFDlrZQpSjwkFHke78jk6OW2/LzGn7MH0mYldqdUlbBrAWK1INeQPsdE6bPysKjufLt/E18as1E+gEd1H4lcw63SU2jr+hm/XMU/pK7sCFEbu1n2kAv5qedg6ik0+Ts9y3U9W11DzShATg1TaotgcXvkO+Iaup7wsaPYfUp6MkNBEE9dXg3hrUrtjozlr9bIfcpLwwkG/ZpQJdSPcB/6X9dBg3Crop6iK272vlyvmGohBrvkvuC8EpDVZu+i5xfwr1VAv/kWKdQQyovlJLHC6+S5gGLIE9RC8J5rHSrUkuOcQOhwvEVXThLbtwiXA3ozsyM6Mh/5jVIKc8erqvLrC9+dGh98mAajme4TGFw/agZ5uo/uKehNFGwBEqjXQHFJfjmW0OhjAtNLg2/4E7TuTV+0qtvvxPLEOKiuHDWsVC06OFj5UbLpvMR790j1WhODHVcVlKskop8= thanos@zeus"))
	    ;; 	      (rc-file
	    ;; 	       (gitolite-rc-file
	    ;; 		(umask #o0027)
	    ;; 		(git-config-keys ".*")
	    ;; 		;; (unsafe-patt "^$")
	    ;; 		))))

	    (service git-daemon-service-type
		     (git-daemon-configuration
		      (export-all? #t)
		      (base-path "/srv/git")
		      (listen '("git.thanosapollo.org" "localhost" "192.168.0.101" "theodora"))))

	    (service cgit-service-type
		     (cgit-configuration
		      (root-desc "Δωρεὰν ἐλάβετε, δωρεὰν δότε. | Freely you have received; freely give.  (Mathew 10:8)")
		      (project-list '("dotfiles" "gnosis" "yeetube" "org-gnosis"
				      "hecate" "pcmpl-emerge" "pcmpl-rc" "hunspell-dict-el" "hunspell-dict-en-med"
				      "pcmpl-tailscale" "greek-polytonic.el" "org-gnosis-ui" "hunspell-dict-el-polytonic"))
		      (repository-directory "/srv/git")
		      (root-title "Thanos Apollo | Git server")
		      (enable-index-owner? #f)
		      (clone-prefix '("https://git.thanosapollo.org"))))

	    (service nginx-service-type
                     (nginx-configuration
                      (server-blocks
                       (list (nginx-server-configuration
                              (server-name '("thanosapollo.org"))
                              (root "/srv/http/thanosapollo.org")
			      (listen '("*:8000"))
			      (ssl-certificate #f)
			      (ssl-certificate-key #f))
			     (nginx-server-configuration
                              (server-name '("bebliotheke.thanosapollo.org"))
                              (root "/srv/http/bebliotheke")
			      (listen '("*:8001"))
			      (ssl-certificate #f)
			      (ssl-certificate-key #f))))))

	    (service elogind-service-type
		     (elogind-configuration
		      (handle-lid-switch 'ignore)))
	    
            (service dhcp-client-service-type)
            (service ntp-service-type)
            (service cups-service-type)
	    (service containerd-service-type)
	    (service docker-service-type)
	    (service oci-container-service-type
		     (list
		      ;; (oci-container-configuration
		      ;;  (image "gitea/gitea")
		      ;;  (network "host")
		      ;;  (volumes
		      ;; 	'(("/home/git/data" . "/gitea")
		      ;; 	  ("/etc/timezone" . "/etc/timezone")
		      ;; 	  ("/etc/localtime" . "/etc/localtime")))
		      ;;  (ports
		      ;; 	'(("3000" . "3000")
		      ;; 	  ("22" . "222"))))
		      )))
           %base-services))
  (bootloader (bootloader-configuration
                (bootloader grub-efi-bootloader)
                (targets (list "/boot/efi"))
                (keyboard-layout keyboard-layout)))
  (swap-devices (list (swap-space
                        (target (uuid
                                 "cc0005c6-0cae-4a38-ae3c-ae32009c7788")))))
  (file-systems (cons* (file-system
                         (mount-point "/boot/efi")
                         (device (uuid "54F2-0DFC"
                                       'fat32))
                         (type "vfat"))
                       (file-system
                         (mount-point "/")
                         (device (uuid
                                  "3575b20f-398d-4f67-9f7e-bd793a0ca332"
                                  'ext4))
                         (type "ext4")) %base-file-systems)))