diff options
| author | Vivien <vivien@planete-kraus.eu> | 2021-10-20 19:34:43 +0200 |
|---|---|---|
| committer | Vivien <vivien@planete-kraus.eu> | 2021-10-20 19:34:43 +0200 |
| commit | 33f51e64d1e5b23926394467222cfcd3e8f6896e (patch) | |
| tree | af41c04db758237cf09974c7e432f231afbea2ce | |
| parent | d428c1a8ae0f7d8355ef10f8ebb01aec19924d27 (diff) | |
Update package
| -rw-r--r-- | vkraus/packages/disfluid.scm | 4 | ||||
| -rw-r--r-- | vkraus/services/disfluid.scm | 408 | ||||
| -rw-r--r-- | vkraus/systems/test.scm | 131 |
3 files changed, 126 insertions, 417 deletions
diff --git a/vkraus/packages/disfluid.scm b/vkraus/packages/disfluid.scm index 758f36f..61d3c14 100644 --- a/vkraus/packages/disfluid.scm +++ b/vkraus/packages/disfluid.scm @@ -297,6 +297,6 @@ corresponding source, as an AGPL requirement."))) branch-disfluids))))))))) (define-public disfluid-snapshot-debug (disfluid-branch-snapshot #:branch-name "debug" #:version "0.5.3-93-g424d46f" #:manual-mdate "2021-10-11T16:50:26+02:00" #:release-date "2021-10-12T22:03:53+02:00" #:commit-id "424d46f0c00b30d8dacacc6192d1a9d39a78557b" #:hash "01l6rjwy3s0svsbdwwladqpf1scdgxw1hyw24f0crzyrx8009w1n")) (define-public disfluid-snapshot-extensible-server-endpoints (disfluid-branch-snapshot #:branch-name "extensible-server-endpoints" #:version "0.6.0-9-g4397d62" #:manual-mdate "2021-10-20T18:21:11+02:00" #:release-date "2021-10-20T18:21:11+02:00" #:commit-id "4397d62eba35d3fafe44aaa824c8e9bb741d94a3" #:hash "0jhhf6wsfsq5na6my8w70jvpcsdh9ax33dwrrpp1qdkrjvc4rkn4")) -(define-public disfluid (disfluid-release #:version "0.6.0" #:manual-mdate "2021-10-11T16:50:26+02:00" #:release-date "2021-10-12T22:49:48+02:00" #:commit-id "422a2aa12f9753a44e2df18c61c2f280fce32308" #:hash "1d6f86ix75w9g62nlj8xxqbahdm4n9kmyq9il7h0d6fvhfwbp6jr")) -(define-public disfluid-snapshot-master (disfluid-branch-snapshot #:branch-name "master" #:version "0.6.0" #:manual-mdate "2021-10-11T16:50:26+02:00" #:release-date "2021-10-12T22:49:48+02:00" #:commit-id "422a2aa12f9753a44e2df18c61c2f280fce32308" #:hash "1d6f86ix75w9g62nlj8xxqbahdm4n9kmyq9il7h0d6fvhfwbp6jr")) +(define-public disfluid (disfluid-release #:version "0.6.0-9-g4397d62" #:manual-mdate "2021-10-20T18:21:11+02:00" #:release-date "2021-10-20T18:21:11+02:00" #:commit-id "4397d62eba35d3fafe44aaa824c8e9bb741d94a3" #:hash "0jhhf6wsfsq5na6my8w70jvpcsdh9ax33dwrrpp1qdkrjvc4rkn4")) +(define-public disfluid-snapshot-master (disfluid-branch-snapshot #:branch-name "master" #:version "0.6.0-9-g4397d62" #:manual-mdate "2021-10-20T18:21:11+02:00" #:release-date "2021-10-20T18:21:11+02:00" #:commit-id "4397d62eba35d3fafe44aaa824c8e9bb741d94a3" #:hash "0jhhf6wsfsq5na6my8w70jvpcsdh9ax33dwrrpp1qdkrjvc4rkn4")) (define-public disfluid:website (make-website disfluid (list (cons "debug" disfluid-snapshot-debug) (cons "extensible-server-endpoints" disfluid-snapshot-extensible-server-endpoints) (cons "master" disfluid-snapshot-master)))) diff --git a/vkraus/services/disfluid.scm b/vkraus/services/disfluid.scm index 21adca2..7dbcbb3 100644 --- a/vkraus/services/disfluid.scm +++ b/vkraus/services/disfluid.scm @@ -28,339 +28,37 @@ #:use-module (ice-9 match) #:use-module (ice-9 optargs)) -(define-record-type* <disfluid-issuer-configuration> - disfluid-issuer-configuration - make-disfluid-issuer-configuration - disfluid-issuer-configuration? - (disfluid disfluid-issuer-configuration-disfluid - (default disfluid)) +(define-record-type* <disfluid-configuration> + disfluid-configuration + make-disfluid-configuration + disfluid-configuration? + (disfluid disfluid-configuration-disfluid + (default disfluid)) (complete-corresponding-source - disfluid-issuer-configuration-complete-corresponding-source) - (issuer disfluid-issuer-configuration-issuer) - (key-file disfluid-issuer-configuration-key-file) - (subject disfluid-issuer-configuration-subject) - (encrypted-password-file disfluid-issuer-configuration-encrypted-password-file) - (jwks-uri disfluid-issuer-configuration-jwks-uri) - (authorization-endpoint-uri - disfluid-issuer-configuration-authorization-endpoint-uri) - (token-endpoint-uri - disfluid-issuer-configuration-token-endpoint-uri) + disfluid-configuration-complete-corresponding-source) + (configuration disfluid-configuration-configuration) (port disfluid-issuer-configuration-port (default 8088)) (extra-options disfluid-issuer-configuration-extra-options (default '()))) -(define-record-type* <disfluid-reverse-proxy-configuration> - disfluid-reverse-proxy-configuration - make-disfluid-reverse-proxy-configuration - disfluid-reverse-proxy-configuration? - (disfluid disfluid-reverse-proxy-configuration-disfluid - (default disfluid)) - (complete-corresponding-source - disfluid-reverse-proxy-configuration-complete-corresponding-source) - (port disfluid-reverse-proxy-port (default 8090)) - (inbound-uri disfluid-reverse-proxy-configuration-inbound-uri) - (outbound-uri disfluid-reverse-proxy-configuration-outbound-uri) - (header disfluid-reverse-proxy-configuration-header - (default "XXX-Agent")) - (extra-options - disfluid-reverse-proxy-extra-options - (default '()))) - -(define-record-type* <disfluid-hello-configuration> - disfluid-hello-configuration - make-disfluid-hello-configuration - disfluid-hello-configuration? - (disfluid disfluid-hello-configuration-disfluid - (default disfluid)) - (complete-corresponding-source - disfluid-hello-configuration-complete-corresponding-source) - (port disfluid-hello-configuration-port (default 8089)) - (extra-options - disfluid-hello-configuration-extra-options - (default '()))) - -(define-record-type* <disfluid-client-service-configuration> - disfluid-client-service-configuration - make-disfluid-client-service-configuration - disfluid-client-service-configuration? - (disfluid disfluid-client-service-configuration-disfluid - (default disfluid)) - (complete-corresponding-source - disfluid-client-service-configuration-complete-corresponding-source) - (client-id disfluid-client-service-configuration-client-id) - (redirect-uri disfluid-client-service-configuration-redirect-uri) - (client-name disfluid-client-service-configuration-client-name (default "Example Solid App")) - (client-uri disfluid-client-service-configuration-client-uri (default "https://webid-oidc.planete-kraus.eu/Running-a-client.html#Running-a-client")) - (port disfluid-client-service-configuration-port (default 8088)) - (extra-options - disfluid-client-service-configuration-extra-options - (default '()))) - -(define-record-type* <disfluid-server-configuration> - disfluid-server-configuration - make-disfluid-server-configuration - disfluid-server-configuration? - (disfluid disfluid-server-configuration-disfluid - (default disfluid)) - (complete-corresponding-source - disfluid-server-configuration-complete-corresponding-source) - (server-name disfluid-server-configuration-server-name) - (key-file disfluid-server-configuration-key-file) - (subject disfluid-server-configuration-subject) - (encrypted-password-file disfluid-server-configuration-encrypted-password-file) - (jwks-uri disfluid-server-configuration-jwks-uri) - (authorization-endpoint-uri - disfluid-server-configuration-authorization-endpoint-uri) - (token-endpoint-uri - disfluid-server-configuration-token-endpoint-uri) - (port disfluid-server-configuration-port (default 8088)) - (extra-options - disfluid-issuer-configuration-extra-options - (default '()))) - -(export <disfluid-issuer-configuration> - disfluid-issuer-configuration - make-disfluid-issuer-configuration - disfluid-issuer-configuration? - disfluid-issuer-configuration-disfluid - disfluid-issuer-configuration-complete-corresponding-source - disfluid-issuer-configuration-issuer - disfluid-issuer-configuration-key-file - disfluid-issuer-configuration-subject - disfluid-issuer-configuration-encrypted-password-file - disfluid-issuer-configuration-jwks-uri - disfluid-issuer-configuration-authorization-endpoint-uri - disfluid-issuer-configuration-token-endpoint-uri +(export <disfluid-configuration> + disfluid-configuration + make-disfluid-configuration + disfluid-configuration? + disfluid-configuration-disfluid + disfluid-configuration-complete-corresponding-source + disfluid-configuration-configuration disfluid-issuer-configuration-port - disfluid-issuer-configuration-extra-options - <disfluid-reverse-proxy-configuration> - disfluid-reverse-proxy-configuration - make-disfluid-reverse-proxy-configuration - disfluid-reverse-proxy-configuration? - disfluid-reverse-proxy-configuration-disfluid - disfluid-reverse-proxy-configuration-complete-corresponding-source - disfluid-reverse-proxy-configuration-port - disfluid-reverse-proxy-configuration-inbound-uri - disfluid-reverse-proxy-configuration-outbound-uri - disfluid-reverse-proxy-configuration-header - disfluid-reverse-proxy-configuration-extra-options - <disfluid-hello-configuration> - disfluid-hello-configuration - make-disfluid-hello-configuration - disfluid-hello-configuration? - disfluid-hello-configuration-disfluid - disfluid-hello-configuration-complete-corresponding-source - disfluid-hello-configuration-port - disfluid-hello-configuration-extra-options - <disfluid-client-service-configuration> - disfluid-client-service-configuration - make-disfluid-client-service-configuration - disfluid-client-service-configuration? - disfluid-client-service-configuration-disfluid - disfluid-client-service-configuration-complete-corresponding-source - disfluid-client-service-configuration-client-id - disfluid-client-service-configuration-redirect-uri - disfluid-client-service-configuration-client-name - disfluid-client-service-configuration-client-uri - disfluid-client-service-configuration-port - disfluid-client-service-configuration-extra-options - <disfluid-server-configuration> - disfluid-server-configuration - make-disfluid-server-configuration - disfluid-server-configuration? - disfluid-server-configuration-disfluid - disfluid-server-configuration-complete-corresponding-source - disfluid-server-configuration-server-name - disfluid-server-configuration-key-file - disfluid-server-configuration-subject - disfluid-server-configuration-encrypted-password-file - disfluid-server-configuration-jwks-uri - disfluid-server-configuration-authorization-endpoint-uri - disfluid-server-configuration-token-endpoint-uri - disfluid-server-configuration-port - disfluid-server-configuration-extra-options) + disfluid-issuer-configuration-extra-options) (define configuration->shepherd-service (match-lambda - ((id . ($ <disfluid-issuer-configuration> - disfluid ccs issuer key-file subject encrypted-password-file jwks-uri - authorization-endpoint-uri token-endpoint-uri port extra-options)) - `(,(shepherd-service - (provision (list (string->symbol (format #f "disfluid-~a" id)))) - (documentation (format #f "Run a Solid identity provider (~a)" id)) - (requirement '(user-processes)) - (modules '((gnu build shepherd) - (gnu system file-systems))) - (start - (with-imported-modules - (source-module-closure - '((gnu build shepherd) - (gnu system file-systems))) - #~(begin - (let* ((user (getpwnam "disfluid")) - (prepare-directory - (lambda (dir) - (mkdir-p dir) - (chown dir (passwd:uid user) (passwd:gid user)) - (chmod dir #o700)))) - (prepare-directory "/var/log/disfluid") - (prepare-directory #$(format #f "/var/lib/disfluid/~a" id)) - (prepare-directory #$(format #f "/var/cache/disfluid/~a" id))) - (make-forkexec-constructor - (list - (string-append #$disfluid "/bin/disfluid") - "identity-provider" - "-S" #$ccs - "-n" #$issuer - "-k" #$key-file - "-s" #$subject - "-W" #$encrypted-password-file - "-j" #$jwks-uri - "-a" #$authorization-endpoint-uri - "-t" #$token-endpoint-uri - "-p" (with-output-to-string (lambda () (display #$port))) - "-l" #$(format #f "issuer-~a.log" id) - "-e" #$(format #f "issuer-~a.err" id) - #$@extra-options) - #:user "disfluid" - #:group "disfluid" - #:directory "/var/log/disfluid" - #:environment-variables - '(#$(format #f "XDG_DATA_HOME=/var/lib/disfluid/~a" id) - #$(format #f "XDG_CACHE_HOME=/var/cache/disfluid/~a" id)))))) - (stop #~(make-kill-destructor))))) - ((id . ($ <disfluid-reverse-proxy-configuration> - disfluid ccs port inbound-uri outbound-uri header extra-options)) - `(,(shepherd-service - (provision (list (string->symbol (format #f "disfluid-~a" id)))) - (documentation (format #f "Run a Solid reverse proxy (~a)" id)) - (requirement '(user-processes)) - (modules '((gnu build shepherd) - (gnu system file-systems))) - (start - (with-imported-modules - (source-module-closure - '((gnu build shepherd) - (gnu system file-systems))) - #~(begin - (let* ((user (getpwnam "disfluid")) - (prepare-directory - (lambda (dir) - (mkdir-p dir) - (chown dir (passwd:uid user) (passwd:gid user)) - (chmod dir #o700)))) - (prepare-directory "/var/log/disfluid") - (prepare-directory #$(format #f "/var/lib/disfluid/~a" id)) - (prepare-directory #$(format #f "/var/cache/disfluid/~a" id))) - (make-forkexec-constructor - (list - (string-append #$disfluid "/bin/disfluid") - "reverse-proxy" - "-S" #$ccs - "-p" (with-output-to-string (lambda () (display #$port))) - "-n" #$inbound-uri - "-b" #$outbound-uri - "-H" #$header - "-l" #$(format #f "reverse-proxy-~a.log" id) - "-e" #$(format #f "reverse-proxy-~a.err" id) - #$@extra-options) - #:user "disfluid" - #:group "disfluid" - #:directory "/var/log/disfluid" - #:environment-variables - '(#$(format #f "XDG_DATA_HOME=/var/lib/disfluid/~a" id) - #$(format #f "XDG_CACHE_HOME=/var/cache/disfluid/~a" id)))))) - (stop #~(make-kill-destructor))))) - ((id . ($ <disfluid-hello-configuration> - disfluid ccs port extra-options)) - `(,(shepherd-service - (provision (list (string->symbol (format #f "disfluid-~a" id)))) - (documentation (format #f "Run a demonstration Solid server (~a)" id)) - (requirement '(user-processes)) - (modules '((gnu build shepherd) - (gnu system file-systems))) - (start - (with-imported-modules - (source-module-closure - '((gnu build shepherd) - (gnu system file-systems))) - #~(begin - (let* ((user (getpwnam "disfluid")) - (prepare-directory - (lambda (dir) - (mkdir-p dir) - (chown dir (passwd:uid user) (passwd:gid user)) - (chmod dir #o700)))) - (prepare-directory "/var/log/disfluid") - (prepare-directory #$(format #f "/var/lib/disfluid/~a" id)) - (prepare-directory #$(format #f "/var/cache/disfluid/~a" id))) - (make-forkexec-constructor - (list - (string-append #$disfluid "/bin/disfluid-hello") - "-S" #$ccs - "-p" (with-output-to-string (lambda () (display #$port))) - "-l" #$(format #f "hello-~a.log" id) - "-e" #$(format #f "hello-~a.err" id) - #$@extra-options) - #:user "disfluid" - #:group "disfluid" - #:directory "/var/log/disfluid" - #:environment-variables - '(#$(format #f "XDG_DATA_HOME=/var/lib/disfluid/~a" id) - #$(format #f "XDG_CACHE_HOME=/var/cache/disfluid/~a" id)))))) - (stop #~(make-kill-destructor))))) - ((id . ($ <disfluid-client-service-configuration> - disfluid ccs client-id redirect-uri client-name client-uri port - extra-options)) - `(,(shepherd-service - (provision (list (string->symbol (format #f "disfluid-~a" id)))) - (documentation (format #f "Serve the public page for an application (~a)" id)) - (requirement '(user-processes)) - (modules '((gnu build shepherd) - (gnu system file-systems))) - (start - (with-imported-modules - (source-module-closure - '((gnu build shepherd) - (gnu system file-systems))) - #~(begin - (let* ((user (getpwnam "disfluid")) - (prepare-directory - (lambda (dir) - (mkdir-p dir) - (chown dir (passwd:uid user) (passwd:gid user)) - (chmod dir #o700)))) - (prepare-directory "/var/log/disfluid") - (prepare-directory #$(format #f "/var/lib/disfluid/~a" id)) - (prepare-directory #$(format #f "/var/cache/disfluid/~a" id))) - (make-forkexec-constructor - (list - (string-append #$disfluid "/bin/disfluid") - "client-service" - "-S" #$ccs - "-c" #$client-id - "-r" #$redirect-uri - "-C" #$client-name - "-u" #$client-uri - "-p" (with-output-to-string (lambda () (display #$port))) - "-l" #$(format #f "client-service-~a.log" id) - "-e" #$(format #f "client-service-~a.err" id) - #$@extra-options) - #:user "disfluid" - #:group "disfluid" - #:directory "/var/log/disfluid" - #:environment-variables - '(#$(format #f "XDG_DATA_HOME=/var/lib/disfluid/~a" id) - #$(format #f "XDG_CACHE_HOME=/var/cache/disfluid/~a" id)))))) - (stop #~(make-kill-destructor))))) - ((id . ($ <disfluid-server-configuration> - disfluid ccs server-name key-file subject encrypted-password-file jwks-uri - authorization-endpoint-uri token-endpoint-uri port - extra-options)) + ((($ <disfluid-configuration> + disfluid ccs configuration port extra-options)) `(,(shepherd-service - (provision (list (string->symbol (format #f "disfluid-~a" id)))) - (documentation (format #f "Run a full server (~a)" id)) + (provision (list "disfluid")) + (documentation (format #f "Run disfluid")) (requirement '(user-processes)) (modules '((gnu build shepherd) (gnu system file-systems))) @@ -377,33 +75,24 @@ (chown dir (passwd:uid user) (passwd:gid user)) (chmod dir #o700)))) (prepare-directory "/var/log/disfluid") - (prepare-directory #$(format #f "/var/lib/disfluid/~a" id)) - (prepare-directory #$(format #f "/var/cache/disfluid/~a" id))) + (prepare-directory "/var/lib/disfluid") + (prepare-directory "/var/cache/disfluid")) (make-forkexec-constructor (list (string-append #$disfluid "/bin/disfluid") - "server" "-S" #$ccs - "-n" #$server-name - "-k" #$key-file - "-s" #$subject - "-W" #$encrypted-password-file - "-j" #$jwks-uri - "-a" #$authorization-endpoint-uri - "-t" #$token-endpoint-uri + "-c" #$configuration "-p" (with-output-to-string (lambda () (display #$port))) - "-l" #$(format #f "server-~a.log" id) - "-e" #$(format #f "server-~a.err" id) + "-l" "server.log" + "-e" "server.err" #$@extra-options) #:user "disfluid" #:group "disfluid" #:directory "/var/log/disfluid" #:environment-variables - '(#$(format #f "XDG_DATA_HOME=/var/lib/disfluid/~a" id) - #$(format #f "XDG_CACHE_HOME=/var/cache/disfluid/~a" id)))))) - (stop #~(make-kill-destructor))))) - ((items ...) - (apply append (map configuration->shepherd-service items))))) + '("XDG_DATA_HOME=/var/lib/disfluid" + "XDG_CACHE_HOME=/var/cache/disfluid"))))) + (stop #~(make-kill-destructor))))))) (define %disfluid-accounts (list (user-group (name "disfluid") @@ -418,48 +107,15 @@ (define configuration->log-rotation (match-lambda - ((id . ($ <disfluid-issuer-configuration>)) - `(,(log-rotation - (frequency 'daily) - (files - (map (lambda (ext) - (format #f "/var/log/disfluid/issuer-~a.~a" id ext)) - '("log err"))) - (options '("sharedscripts" "storedir /var/log/disfluid"))))) - ((id . ($ <disfluid-reverse-proxy-configuration>)) - `(,(log-rotation - (frequency 'daily) - (files - (map (lambda (ext) - (format #f "/var/log/disfluid/reverse-proxy-~a.~a" id ext)) - '("log err"))) - (options '("sharedscripts" "storedir /var/log/disfluid"))))) - ((id . ($ <disfluid-hello-configuration>)) - `(,(log-rotation - (frequency 'daily) - (files - (map (lambda (ext) - (format #f "/var/log/disfluid/hello-~a.~a" id ext)) - '("log err"))) - (options '("sharedscripts" "storedir /var/log/disfluid"))))) - ((id . ($ <disfluid-client-service-configuration>)) - `(,(log-rotation - (frequency 'daily) - (files - (map (lambda (ext) - (format #f "/var/log/disfluid/client-service-~a.~a" id ext)) - '("log err"))) - (options '("sharedscripts" "storedir /var/log/disfluid"))))) - ((id . ($ <disfluid-server-configuration>)) + ((($ <disfluid-configuration> + disfluid ccs configuration port extra-options)) `(,(log-rotation (frequency 'daily) (files (map (lambda (ext) - (format #f "/var/log/disfluid/server-~a.~a" id ext)) + (format #f "/var/log/disfluid/server.~a" ext)) '("log err"))) - (options '("sharedscripts" "storedir /var/log/disfluid"))))) - ((items ...) - (apply append (map configuration->log-rotation items))))) + (options '("sharedscripts" "storedir /var/log/disfluid"))))))) (define-public disfluid-service-type (service-type diff --git a/vkraus/systems/test.scm b/vkraus/systems/test.scm index 1bfc2b8..1ad6af5 100644 --- a/vkraus/systems/test.scm +++ b/vkraus/systems/test.scm @@ -21,12 +21,95 @@ #:use-module (vkraus packages disfluid) #:use-module (vkraus services disfluid)) +(define full-configuration + `((use-modules (webid-oidc server endpoint) + (webid-oidc server endpoint resource-server) + (webid-oidc server endpoint identity-provider) + (webid-oidc server endpoint client) + (webid-oidc oidc-configuration) + (oop goops)) + (make <router> + #:routed + (list + (make <identity-provider> + #:host "alice.localhost" + #:oidc-discovery + (make <oidc-discovery> + #:path "/.well-known/openid-configuration" + #:configuration + (make <oidc-configuration> + #:jwks-uri "http://alice.localhost/keys" + #:authorization-endpoint "http://alice.localhost/authorize" + #:token-endpoint "http://alice.localhost/token")) + #:authorization-endpoint + (make <authorization-endpoint> + #:path "/authorize" + #:subject "http://alice.localhost/profile/card#me" + #:encrypted-password ,(crypt "alice" "$6$.salt.for.Alice.") + #:key-file "/var/lib/disfluid/alice/key.jwk") + #:token-endpoint + (make <token-endpoint> + #:path "/token" + #:issuer "http://alice.localhost" + #:key-file "/var/lib/disfluid/alice/key.jwk") + #:jwks-endpoint + (make <jwks-endpoint> + #:path "/keys" + #:key-file "/var/lib/disfluid/alice/key.jwk") + #:default + (make <authenticator> + #:backend + (make <resource-server> + #:server-name "http://alice.localhost" + #:owner "http://alice.localhost/profile/card#me") + #:server-uri "http://alice.localhost")) + (make <identity-provider> + #:host "bob.localhost" + #:oidc-discovery + (make <oidc-discovery> + #:path "/.well-known/openid-configuration" + #:configuration + (make <oidc-configuration> + #:jwks-uri "http://bob.localhost/keys" + #:authorization-endpoint "http://bob.localhost/authorize" + #:token-endpoint "http://bob.localhost/token")) + #:authorization-endpoint + (make <authorization-endpoint> + #:path "/authorize" + #:subject "http://bob.localhost/profile/card#me" + #:encrypted-password ,(crypt "bob" "$6$And.salt.for.Bob") + #:key-file "/var/lib/disfluid/bob/key.jwk") + #:token-endpoint + (make <token-endpoint> + #:path "/token" + #:issuer "http://bob.localhost" + #:key-file "/var/lib/disfluid/bob/key.jwk") + #:jwks-endpoint + (make <jwks-endpoint> + #:path "/keys" + #:key-file "/var/lib/disfluid/bob/key.jwk") + #:default + (make <authenticator> + #:backend + (make <resource-server> + #:server-name "http://bob.localhost" + #:owner "http://bob.localhost/profile/card#me") + #:server-uri "http://bob.localhost")) + (make <client-id> + #:host "client.localhost" + #:client-id "https://client.localhost/id" + #:redirect-uris '("https://client.localhost/authorized") + #:client-name "Local Client Application" + #:client-uri "https://client.localhost/about" + #:grant-types '(authorization_code refresh_token) + #:response-types '(code)))))) + (operating-system (host-name "disfluid-test-system") (hosts-file (plain-file "hosts" - "127.0.0.1 localhost -::1 localhost + "127.0.0.1 localhost alice.localhost bob.localhost +::1 localhost alice.localhost bob.localhost ")) (users %base-user-accounts) (packages @@ -37,48 +120,18 @@ (append (list (service disfluid-service-type - `(("alice" - . ,(disfluid-server-configuration - (complete-corresponding-source "https://webid-oidc.planete-kraus.eu/complete-corresponding-source.tar.gz") - (server-name "http://localhost:8081") - (subject "http://localhost:8081/alice#me") - (encrypted-password-file - (computed-file "alice-password" - #~(let ((salt "$6$.salt.for.Alice.") - (password "alice")) - (call-with-output-file #$output - (lambda (port) - (format port "~a\n" - (crypt password salt))))))) - (key-file "/var/lib/disfluid/alice/key.jwk") - (jwks-uri "http://localhost:8081/keys") - (authorization-endpoint-uri "http://localhost:8081/authorize") - (token-endpoint-uri "http://localhost:8081/token") - (port 8081))) - ("bob" - . ,(disfluid-server-configuration - (complete-corresponding-source "https://webid-oidc.planete-kraus.eu/complete-corresponding-source.tar.gz") - (server-name "http://localhost:8082") - (subject "http://localhost:8082/bob#me") - (encrypted-password-file - (computed-file "bob-password" - #~(let ((salt "$6$And.salt.for.Bob") - (password "bob")) - (call-with-output-file #$output - (lambda (port) - (format port "~a\n" - (crypt password salt))))))) - (key-file "/var/lib/disfluid/bob/key.jwk") - (jwks-uri "http://localhost:8082/keys") - (authorization-endpoint-uri "http://localhost:8082/authorize") - (token-endpoint-uri "http://localhost:8082/token") - (port 8082)))))) + (disfluid-server-configuration + (complete-corresponding-source "http://ccs.local/disfluid.tar.gz") + (configuration + (scheme-file "disfluid-configuration.scm" + full-configuration)) + (port 8080)))) %base-services)) (timezone "Europe/Paris") (bootloader (bootloader-configuration (bootloader grub-efi-bootloader) - (target "/boot/efi"))) + (targets '("/boot/efi")))) (mapped-devices '()) (file-systems `(,(file-system |