xhrpb-guix-config/guix-test01.scm

(use-modules (gnu)
             (gnu system mapped-devices)
             (gnu system nss)
             (gnu packages linux)
             (gnu packages tmux)
             (gnu packages shells)
             (gnu packages emacs)
             (gnu packages vim)
             (gnu packages certs)
             (gnu packages admin)
             (gnu packages version-control))

(use-service-modules networking ssh mcron)
(use-package-modules screen ssh)

(define ssh-authorized-bjorn-pub (plain-file "bjornpub" "
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFAUQBM+p7ET8XRQE+UN6wa9DxQTMWlqErny7URZRtKE bjorn@regular
"))

(let ((output-port (open-file "/data/cronjob.sh" "w")))
  (display "#!/usr/bin/env -S guix shell bash -- bash

set -x

export SSL_CERT_DIR=\"$HOME/.guix-profile/etc/ssl/certs\"
export SSL_CERT_FILE=\"$HOME/.guix-profile/etc/ssl/certs/ca-certificates.crt\"
export GIT_SSL_CAINFO=\"$SSL_CERT_FILE\"

cd /data

if test -d xhrpb-guix-config
then
  cd xhrpb-guix-config
  git pull --force
else
  git clone https://src.xhrpb.com/human.equivalent/xhrpb-guix-config.git xhrpb-guix-config
  cd xhrpb-guix-config
fi

echo 'repo updated'

cd cron-scripts

find . -type f -executable | sort | while read script
do
  echo running $script
  $script
done
" output-port)
  (newline output-port)
  (close output-port))

(define ssh-authorized-bjorn-pub (plain-file "bjornpub" "
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFAUQBM+p7ET8XRQE+UN6wa9DxQTMWlqErny7URZRtKE bjorn@regular
"))


(define mcron-xhrpb-git
  #~(job "* * * * *"
         "bash /data/cronjob.sh"))

(operating-system
  (host-name "guix-test01")
  (timezone "Europe/Stockholm")
  (locale "en_US.utf8")

  (bootloader (bootloader-configuration
                (bootloader grub-bootloader)
                (targets '("/dev/sda"))))

  (kernel-arguments (list "console=ttyS0,115200"))

  (mapped-devices
    (list (mapped-device
            (source "sys")
            (targets (list "sys-data"))
            (type lvm-device-mapping))))

  (file-systems (cons* (file-system
                        (device (file-system-label "root"))
                        (mount-point "/")
                        (type "ext4"))
                      (file-system
                        (device "/dev/mapper/sys-data")
                        (mount-point "/data")
                        (type "ext4")
                        (dependencies mapped-devices))
                      %base-file-systems))

  (users (cons (user-account
                (name "bjorn")
                (group "users")
                (supplementary-groups '("wheel"))
                (shell (file-append zsh "/bin/zsh")))
               %base-user-accounts))

  ;; Globally-installed packages.
  ;; orig: (packages (cons lvm2 tmux %base-packages))
  (packages (append (list
    lvm2-static tmux zsh emacs-no-x neovim git nss-certs tcpdump)
    %base-packages))

  ;; Add services to the baseline: a DHCP client and
  ;; an SSH server.
  (services (append (list (service dhcp-client-service-type)
                          (simple-service 'my-cron-jobs
                                          mcron-service-type
                                          (list mcron-xhrpb-git))
                          (service openssh-service-type
                                   (openssh-configuration
                                     (openssh openssh-sans-x)
                                     (permit-root-login 'prohibit-password)
                                     (authorized-keys `(("bjorn", ssh-authorized-bjorn-pub)))
                                     (port-number 22))))
                    %base-services)))