diff options
| -rw-r--r-- | .examples/server-os.scm | 48 | ||||
| -rw-r--r-- | DOCS.md | 24 | ||||
| -rw-r--r-- | px/services/device.scm | 48 |
3 files changed, 104 insertions, 16 deletions
diff --git a/.examples/server-os.scm b/.examples/server-os.scm new file mode 100644 index 0000000..20c4f93 --- /dev/null +++ b/.examples/server-os.scm @@ -0,0 +1,48 @@ +;; PantherX OS Server Configuration + +(use-modules (gnu) + (gnu system) + (px system config) + (px services device)) + +(define %ssh-public-key + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7gcLZzs2JiEx2kWCc8lTHOC0Gqpgcudv0QVJ4QydPg franz") + +(px-server-os + (operating-system + (host-name "px-base") + (timezone "Europe/Berlin") + (locale "en_US.utf8") + + (bootloader (bootloader-configuration + (bootloader grub-bootloader) + (targets '("/dev/vda")))) + + (file-systems (cons (file-system + (device (file-system-label "my-root")) + (mount-point "/") + (type "ext4")) + %base-file-systems)) + + (users (cons (user-account + (name "panther") + (comment "panther's account") + (group "users") + ;; Set the default password to 'pantherx' + ;; Important: Change with 'passwd panther' after first login + (password (crypt "pantherx" "$6$abc")) + (supplementary-groups '("wheel" + "audio" "video")) + (home-directory "/home/panther")) + %base-user-accounts)) + + (services (cons* + (service px-device-identity-service-type + (px-device-identity-configuration + (port 8000) + (config-dir "/etc/px-device-identity") + (key-dir "/etc/px-device-identity/keys"))) + %px-server-services))) + + #:open-ports '(("tcp" "ssh")) + #:authorized-keys `(("root" ,(plain-file "panther.pub" %ssh-public-key)))) @@ -0,0 +1,24 @@ + +## Services + +### Device Identity Service + +Options: + +- `port` - The port the service will listen on. +- `config-dir` - The directory where the configuration files are stored. +- `key-dir` - The directory where the keys are stored. + +```scheme +(service px-device-identity-service-type + (px-device-identity-configuration + (port 8000) + (config-dir "/etc/px-device-identity") + (key-dir "/root/.local/share/px-device-identity"))) +``` + +### User Identity Service + +```scheme +(service px-user-identity-service-type) +```
\ No newline at end of file diff --git a/px/services/device.scm b/px/services/device.scm index b9150fa..ac405e5 100644 --- a/px/services/device.scm +++ b/px/services/device.scm @@ -1,5 +1,14 @@ (define-module (px services device) - #:use-module (gnu) + #:use-module (guix gexp) + #:use-module (guix records) + #:use-module (srfi srfi-1) + #:use-module (ice-9 match) + #:use-module (ice-9 pretty-print) + + #:use-module (gnu system) + #:use-module (gnu system shadow) + #:use-module (gnu services) + #:use-module (gnu services configuration) #:use-module (gnu packages admin) #:use-module (gnu packages base) #:use-module (gnu packages linux) @@ -7,24 +16,15 @@ #:use-module (gnu packages video) #:use-module (gnu services mcron) #:use-module (gnu services shepherd) - #:use-module (gnu system) - #:use-module (gnu system shadow) #:use-module (px packages device) #:use-module (px packages security-token) #:use-module (px packages tpm) - #:use-module (guix gexp) - #:use-module (guix records) - #:use-module (ice-9 match) - #:use-module (ice-9 pretty-print) - - #:export (<px-device-identity-configuration> - px-device-identity-configuration + #:export (px-device-identity-configuration px-device-identity-configuration? px-device-identity-service-type - <px-device-identity-configuration> px-user-identity-configuration px-user-identity-configuration? px-user-identity-service-type @@ -39,7 +39,7 @@ btuart-service-type)) ;; -;; Device Identity API SERVICE +;; Device Identity Service ;; (define-record-type* <px-device-identity-configuration> @@ -48,11 +48,21 @@ px-device-identity-configuration? (package px-device-identity-configuration-package - (default px-device-identity-service))) + (default px-device-identity-service) + (docstring "The package to use for the device identity service")) + (port px-device-identity-configuration-port + (default 8000) + (docstring "The port to listen on")) + (config-dir px-device-identity-configuration-config-dir + (default "/etc/px-device-identity") + (docstring "The directory to store the configuration file")) + (key-dir px-device-identity-configuration-key-dir + (default "/root/.local/share/px-device-identity") + (docstring "The directory to store the key files"))) (define px-device-identity-shepherd-service (match-lambda - (($ <px-device-identity-configuration> package) + (($ <px-device-identity-configuration> package port config-dir key-dir) (list (shepherd-service (provision '(px-device-identity)) (documentation "Run px-device-identity-service as a daemon") @@ -64,7 +74,13 @@ "-S" "identity-api" (string-append #$package - "/bin/px-device-identity-service")))) + "/bin/px-device-identity-service") + "--port" + (number->string #$port) + "--config-dir" + #$config-dir + "--key-dir" + #$key-dir))) (stop #~(make-kill-destructor))))))) (define px-device-identity-service-type @@ -277,4 +293,4 @@ delete_on_success = ~a" shepherd-root-service-type btuart-shepherd-service))) (default-value (btuart-configuration)) - (description "Attach serial lines as Bluetooth HCI interfaces")))
\ No newline at end of file + (description "Attach serial lines as Bluetooth HCI interfaces"))) |