[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/02: hydra: bayfront: Change indentation for services.
From: |
Christopher Baines |
Subject: |
01/02: hydra: bayfront: Change indentation for services. |
Date: |
Fri, 26 Mar 2021 07:45:21 -0400 (EDT) |
cbaines pushed a commit to branch master
in repository maintenance.
commit be0f8bcebe18a17c35dfbb0701c63724da833bdb
Author: Christopher Baines <mail@cbaines.net>
AuthorDate: Fri Mar 26 11:41:52 2021 +0000
hydra: bayfront: Change indentation for services.
To reduce line length.
* hydra/bayfront.scm (operating-system)[services]: Change indentation.
---
hydra/bayfront.scm | 287 +++++++++++++++++++++++++++--------------------------
1 file changed, 147 insertions(+), 140 deletions(-)
diff --git a/hydra/bayfront.scm b/hydra/bayfront.scm
index 50589df..6cef52b 100644
--- a/hydra/bayfront.scm
+++ b/hydra/bayfront.scm
@@ -576,143 +576,150 @@ proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;"))
nss-certs
%base-packages))
- (services (cons* ;; TODO: create a bonding interface over ens9 + ens10
- ;; TODO: configure ens10 as with:
- ;; ip a add dev ens10 2a01:474:0::56/48
- ;; ip -6 route add default via 2a01:474:0::126
- (static-networking-service
- "ens10" "185.233.100.56"
- #:netmask "255.255.255.128"
- #:gateway "185.233.100.126"
- #:name-servers '("185.233.100.100" "185.233.100.101"))
-
- ;; Alternate interface.
- (static-networking-service
- "ens9" "185.233.100.57"
- #:netmask "255.255.255.128"
- ;; Don't repeat #:gateway and #:name-servers.
- )
-
- ;; Make SSH and HTTP/HTTPS available over Tor.
- (tor-hidden-service "http"
- '((22 "127.0.0.1:22")
- (80 "127.0.0.1:80")
- (443 "127.0.0.1:443")))
- (service tor-service-type)
-
- (service prometheus-node-exporter-service-type)
-
- (service ntp-service-type)
-
- ;; DNS
- (service knot-service-type
- (knot-configuration
- (zones (list (knot-zone-configuration
- (inherit guix.gnu.org-zone)
- (zonefile-load
'difference-no-serial)
- ;; (dnssec-policy "default")
- (acl '("transfer-allow"
- "gnu-transfer"))
- (notify '("gnu-master")))))
- (acls (list (knot-acl-configuration
- (id "transfer-allow")
- (address (list berlin-ip4))
- (action '(transfer)))
- (knot-acl-configuration
- (id "gnu-transfer")
- (address (list gnu-ns1-ip4))
- (action '(transfer)))))
-
- (remotes (list (knot-remote-configuration
- (id "gnu-master")
- (address (list gnu-ns1-ip4)))))))
-
- ;; Runnning hpc.guix.info.
- (service static-web-site-service-type
- guix-hpc-web-site)
-
- ;; hpcguix-web as it can be seen at
- ;; <https://hpc.guix.info/browse>.
- (service hpcguix-web-service-type
- (hpcguix-web-configuration
- (specs
- #~(begin
- (use-modules (guix channels))
-
- (define site-config
- (hpcweb-configuration
- (title-prefix "Guix-HPC — ")
- (package-filter-proc (const #t))
- (package-page-extension-proc
- (lambda (path)
- (let ((url (string-append
-
"http://data.guix.gnu.org/repository/1/branch/master/package/"
- (basename path))))
- `(div
- (a (@ (href ,url))
- "View package version
history.")))))
- (menu '(("/about" "ABOUT")
- ("/browse" "BROWSE")
- ("/blog" "BLOG")))
- (channels #$%hpcguix-web-channels)))))))
-
- (service certbot-service-type %certbot-configuration)
- (service goggles-service-type)
-
- (service mcron-service-type
- (mcron-configuration
- (jobs
- (let ((threshold (* 800 GiB)))
- (list #~(job '(next-hour '(4))
- (string-append
- #$guix "/bin/guix gc -F"
- #$(number->string threshold)))
-
- ;; Half a day later, make sure
- ;; half of our quota is available.
- #~(job '(next-hour '(16))
- (string-append
- #$guix "/bin/guix gc -F"
- #$(number->string
- (quotient threshold 2)))))))))
-
- firewall-service
-
- (service openssh-service-type)
- (service sysadmin-service-type %sysadmins)
-
- (service nginx-service-type
- (nginx-configuration
- (extra-content
%bayfront-nginx-service-extra-config)
- (server-blocks
- (append %hpc.guix.info-nginx-servers
- %guix-hpc.bordeaux.inria.fr-nginx-servers
- %logs.guix.gnu.org-nginx-servers
- %bayfront.guix.gnu.org-nginx-servers))))
-
- (modify-services %base-services
- (guix-service-type
- config => (guix-configuration
- (substitute-urls
- '("https://bayfront.guix.gnu.org"))
- (authorized-keys
- '())
-
- (max-silent-time 3600)
- (timeout (* 6 3600))
-
- ;; be friendly to 'guix publish' users
- (log-compression 'gzip)
-
- (build-accounts 64)
- (extra-options
- (list "--max-jobs" "4"
- "--cores" "6"))))
- (login-service-type
- config => (login-configuration
- (inherit config)
- (motd %motd)))
- (openssh-service-type
- config => (openssh-configuration
- (inherit config)
- (password-authentication? #f)))))))
+ (services
+ (cons*
+ ;; TODO: create a bonding interface over ens9 + ens10
+ ;; TODO: configure ens10 as with:
+ ;; ip a add dev ens10 2a01:474:0::56/48
+ ;; ip -6 route add default via 2a01:474:0::126
+ (static-networking-service
+ "ens10" "185.233.100.56"
+ #:netmask "255.255.255.128"
+ #:gateway "185.233.100.126"
+ #:name-servers '("185.233.100.100" "185.233.100.101"))
+
+ ;; Alternate interface.
+ (static-networking-service
+ "ens9" "185.233.100.57"
+ #:netmask "255.255.255.128"
+ ;; Don't repeat #:gateway and #:name-servers.
+ )
+
+ ;; Make SSH and HTTP/HTTPS available over Tor.
+ (tor-hidden-service "http"
+ '((22 "127.0.0.1:22")
+ (80 "127.0.0.1:80")
+ (443 "127.0.0.1:443")))
+ (service tor-service-type)
+
+ (service prometheus-node-exporter-service-type)
+
+ (service ntp-service-type)
+
+ ;; DNS
+ (service knot-service-type
+ (knot-configuration
+ (zones (list (knot-zone-configuration
+ (inherit guix.gnu.org-zone)
+ (zonefile-load 'difference-no-serial)
+ ;; (dnssec-policy "default")
+ (acl '("transfer-allow"
+ "gnu-transfer"))
+ (notify '("gnu-master")))))
+ (acls (list (knot-acl-configuration
+ (id "transfer-allow")
+ (address (list berlin-ip4))
+ (action '(transfer)))
+ (knot-acl-configuration
+ (id "gnu-transfer")
+ (address (list gnu-ns1-ip4))
+ (action '(transfer)))))
+
+ (remotes (list (knot-remote-configuration
+ (id "gnu-master")
+ (address (list gnu-ns1-ip4)))))))
+
+ ;; Runnning hpc.guix.info.
+ (service static-web-site-service-type
+ guix-hpc-web-site)
+
+ ;; hpcguix-web as it can be seen at
+ ;; <https://hpc.guix.info/browse>.
+ (service hpcguix-web-service-type
+ (hpcguix-web-configuration
+ (specs
+ #~(begin
+ (use-modules (guix channels))
+
+ (define site-config
+ (hpcweb-configuration
+ (title-prefix "Guix-HPC — ")
+ (package-filter-proc (const #t))
+ (package-page-extension-proc
+ (lambda (path)
+ (let ((url (string-append
+ "http://data.guix.gnu.org"
+ "/repository/1/branch/master/package/"
+ (basename path))))
+ `(div
+ (a (@ (href ,url))
+ "View package version history.")))))
+ (menu '(("/about" "ABOUT")
+ ("/browse" "BROWSE")
+ ("/blog" "BLOG")))
+ (channels #$%hpcguix-web-channels)))))))
+
+ (service certbot-service-type %certbot-configuration)
+ (service goggles-service-type)
+
+ (service mcron-service-type
+ (mcron-configuration
+ (jobs
+ (let ((threshold (* 800 GiB)))
+ (list #~(job '(next-hour '(4))
+ (string-append
+ #$guix "/bin/guix gc -F"
+ #$(number->string threshold)))
+
+ ;; Half a day later, make sure
+ ;; half of our quota is available.
+ #~(job '(next-hour '(16))
+ (string-append
+ #$guix "/bin/guix gc -F"
+ #$(number->string
+ (quotient threshold 2)))))))))
+
+ firewall-service
+
+ (service openssh-service-type)
+ (service sysadmin-service-type %sysadmins)
+
+ (service nginx-service-type
+ (nginx-configuration
+ (extra-content %bayfront-nginx-service-extra-config)
+ (server-blocks
+ (append %hpc.guix.info-nginx-servers
+ %guix-hpc.bordeaux.inria.fr-nginx-servers
+ %logs.guix.gnu.org-nginx-servers
+ %bayfront.guix.gnu.org-nginx-servers))))
+
+ (modify-services %base-services
+ (guix-service-type
+ config => (guix-configuration
+ (substitute-urls
+ '("https://bayfront.guix.gnu.org"))
+ (authorized-keys
+ '())
+
+ (max-silent-time 3600)
+ (timeout (* 6 3600))
+
+ ;; be friendly to 'guix publish' users
+ (log-compression 'gzip)
+
+ (build-accounts 64)
+ (extra-options
+ (list "--max-jobs" "4"
+ "--cores" "6"))))
+ (login-service-type
+ config => (login-configuration
+ (inherit config)
+ (motd %motd)))
+ (openssh-service-type
+ config => (openssh-configuration
+ (inherit config)
+ (password-authentication? #f)))))))
+
+;; Local Variables:
+;; eval: (put 'modify-services 'scheme-indent-function 1)
+;; End: