guix-channel

  1(define-module (nmeum services web)
  2  #:use-module (nmeum packages misc)
  3  #:use-module (guix gexp)
  4  #:use-module (gnu packages admin)
  5  #:use-module (gnu packages dav)
  6  #:use-module (gnu services)
  7  #:use-module (gnu services base)
  8  #:use-module (gnu services configuration)
  9  #:use-module (gnu services mail)
 10  #:use-module (gnu services shepherd)
 11  #:use-module (gnu services web)
 12  #:use-module (gnu system accounts)
 13  #:use-module (gnu system shadow)
 14  #:use-module (gnu system file-systems)
 15  #:use-module (srfi srfi-1)
 16  #:use-module (srfi srfi-26))
 17
 18(define (webdav-server-shepherd-service args)
 19  (list (shepherd-service
 20          (documentation "webdav-server daemon.")
 21          (provision '(webdav-server))
 22          ;; webdav-server may be bound to a particular IP address, hence
 23          ;; only start it after the networking service has started.
 24          (requirement '(user-processes networking))
 25          (start #~(make-forkexec-constructor
 26                     (list (string-append #$webdav-server "/bin/webdav-server")
 27                           #$@args)
 28                     #:user "webdav-server" #:group "webdav-server"))
 29          (stop #~(make-kill-destructor)))))
 30
 31(define webdav-server-account-service
 32  (list (user-group (name "webdav-server") (system? #t))
 33        (user-account
 34         (name "webdav-server")
 35         (group "webdav-server")
 36         (system? #t)
 37         (comment "webdav-server daemon user")
 38         (home-directory "/var/empty")
 39         (shell (file-append shadow "/sbin/nologin")))))
 40
 41(define-public webdav-server-service-type
 42  (service-type (name 'webdav-server)
 43                (description "Run the WebDAV server.")
 44                (extensions
 45                  (list (service-extension account-service-type
 46                                           (const webdav-server-account-service))
 47                        (service-extension shepherd-root-service-type
 48                                           webdav-server-shepherd-service)))
 49                (compose concatenate)
 50                (default-value '())))
 51
 52;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 53
 54;; XXX: This is hopefully a temporary hack until we come up with a better way
 55;; of using gunicorn-service-type with existing WSGI application services.
 56;;
 57;; See <https://codeberg.org/guix/guix/issues/8185>
 58
 59(define serialize-radicale-configuration
 60  (@@ (gnu services mail) serialize-radicale-configuration))
 61
 62(define radicale-accounts
 63  (@@ (gnu services mail) %radicale-accounts))
 64
 65(define radicale-activation
 66  (@@ (gnu services mail) radicale-activation))
 67
 68(define radicale-configuration-auth
 69  (@@ (gnu services mail) radicale-configuration-auth))
 70
 71(define radicale-auth-configuration-htpasswd-filename
 72  (@@ (gnu services mail) radicale-auth-configuration-htpasswd-filename))
 73
 74(define-public radicale-gunicorn-service-type
 75  (service-type
 76   (name 'radicale-gunicorn)
 77   (description "Run Radicale via the gunicorn WSGI server.")
 78   (extensions
 79    (list (service-extension
 80            gunicorn-service-type
 81            (lambda (conf)
 82              (list (gunicorn-app
 83                      (name "radicale")
 84                      (package radicale)
 85                      (wsgi-app-module "radicale")
 86                      (sockets '("unix:/var/run/radicale/socket"))
 87                      (socket-group "nginx")
 88                      (user "radicale")
 89                      (group "radicale")
 90                      (environment-variables
 91                        '(("RADICALE_CONFIG" . "/etc/radicale.conf")))
 92                      ;; XXX: Don't create a control-socket otherwise gunicorn will
 93                      ;; try to create it in ~ which isn't writable in the container.
 94                      (extra-cli-arguments '("--no-control-socket"))
 95                      (mappings
 96                        (let ((cfg (serialize-radicale-configuration conf))
 97                              (auth (radicale-configuration-auth conf)))
 98                          (cons*
 99                            (file-system-mapping
100                              (source cfg)
101                              (target "/etc/radicale.conf"))
102                            (file-system-mapping
103                              (source "/var/lib/radicale")
104                              (target "/var/lib/radicale")
105                              (writable? #t))
106                            (if (maybe-value-set? auth)
107                              (let ((htpasswd (radicale-auth-configuration-htpasswd-filename auth)))
108                                (list
109                                  (file-system-mapping
110                                    (source htpasswd)
111                                    (target htpasswd))))
112                              '()))))))))
113          (service-extension account-service-type (const radicale-accounts))
114          (service-extension activation-service-type radicale-activation)))
115   (default-value (radicale-configuration))))