Add a guix definition for the server

1 files changed, 98 insertions, 1 deletions

diff --git a/guix/vkraus/services/webid-oidc.scm b/guix/vkraus/services/webid-oidc.scm
index 2100c30..984eced 100644
--- a/guix/vkraus/services/webid-oidc.scm
+++ b/guix/vkraus/services/webid-oidc.scm
@@ -72,6 +72,27 @@
    webid-oidc-client-service-configuration-extra-options
    (default '())))
 
+(define-record-type* <webid-oidc-server-configuration>
+  webid-oidc-server-configuration
+  make-webid-oidc-server-configuration
+  webid-oidc-server-configuration?
+  (webid-oidc webid-oidc-server-configuration-webid-oidc
+              (default webid-oidc))
+  (server-name webid-oidc-server-configuration-server-name)
+  (key-file webid-oidc-server-configuration-key-file
+            (default "/var/lib/webid-oidc/server/key.jwk"))
+  (subject webid-oidc-server-configuration-subject)
+  (password webid-oidc-server-configuration-password)
+  (jwks-uri webid-oidc-server-configuration-jwks-uri)
+  (authorization-endpoint-uri
+   webid-oidc-server-configuration-authorization-endpoint-uri)
+  (token-endpoint-uri
+   webid-oidc-server-configuration-token-endpoint-uri)
+  (port webid-oidc-server-configuration-port (default 8088))
+  (extra-options
+   webid-oidc-issuer-configuration-extra-options
+   (default '())))
+
 (export <webid-oidc-issuer-configuration>
         webid-oidc-issuer-configuration
         make-webid-oidc-issuer-configuration
@@ -113,7 +134,21 @@
         webid-oidc-client-service-configuration-client-name
         webid-oidc-client-service-configuration-client-uri
         webid-oidc-client-service-configuration-port
-        webid-oidc-client-service-configuration-extra-options)
+        webid-oidc-client-service-configuration-extra-options
+        <webid-oidc-server-configuration>
+        webid-oidc-server-configuration
+        make-webid-oidc-server-configuration
+        webid-oidc-server-configuration?
+        webid-oidc-server-configuration-webid-oidc
+        webid-oidc-server-configuration-server-name
+        webid-oidc-server-configuration-key-file
+        webid-oidc-server-configuration-subject
+        webid-oidc-server-configuration-password
+        webid-oidc-server-configuration-jwks-uri
+        webid-oidc-server-configuration-authorization-endpoint-uri
+        webid-oidc-server-configuration-token-endpoint-uri
+        webid-oidc-server-configuration-port
+        webid-oidc-server-configuration-extra-options)
 
 (define webid-oidc-issuer-shepherd-service
   (match-lambda
@@ -294,6 +329,57 @@
                    `("LANG=C"))))
              (stop #~(make-kill-destructor))))))))
 
+(define webid-oidc-server-shepherd-service
+  (match-lambda
+    (($ <webid-oidc-server-configuration>
+        webid-oidc server-name key-file subject password jwks-uri
+        authorization-endpoint-uri token-endpoint-uri port
+        extra-options)
+     (with-imported-modules
+      (source-module-closure
+       '((gnu build shepherd)
+         (gnu system file-systems)))
+      (list (shepherd-service
+             (provision '(webid-oidc-server))
+             (documentation "Run the full Solid server.")
+             (requirement '(user-processes))
+             (modules '((gnu build shepherd)
+                        (gnu system file-systems)))
+             (start
+              #~(begin
+                  (let* ((user (getpwnam "webid-oidc"))
+                         (prepare-directory
+                          (lambda (dir)
+                            (mkdir-p dir)
+                            (chown dir (passwd:uid user) (passwd:gid user))
+                            (chmod dir #o700))))
+                    (prepare-directory "/var/log/webid-oidc")
+                    (prepare-directory "/var/lib/webid-oidc")
+                    (prepare-directory "/var/cache/webid-oidc"))
+                  (make-forkexec-constructor
+                   (list
+                    (string-append #$webid-oidc "/bin/webid-oidc")
+                    "server"
+                    "--server-name" #$server-name
+                    "--key-file" #$key-file
+                    "--subject" #$subject
+                    "--password" #$password
+                    "--jwks-uri" #$jwks-uri
+                    "--authorization-endpoint-uri" #$authorization-endpoint-uri
+                    "--token-endpoint-uri" #$token-endpoint-uri
+                    "--port" (with-output-to-string (lambda () (display #$port)))
+                    "--log-file" "server.log"
+                    "--error-file" "server.err"
+                    #$@extra-options)
+                   #:user "webid-oidc"
+                   #:group "webid-oidc"
+                   #:directory "/var/log/webid-oidc"
+                   #:environment-variables
+                   `("XDG_DATA_HOME=/var/lib"
+                     "XDG_CACHE_HOME=/var/cache"
+                     "LANG=C"))))
+             (stop #~(make-kill-destructor))))))))
+
 (define %webid-oidc-accounts
   (list (user-group (name "webid-oidc")
                     (system? #t))
@@ -348,3 +434,14 @@
      (service-extension
       shepherd-root-service-type
       webid-oidc-client-service-shepherd-service)))))
+
+(define-public webid-oidc-server-service-type
+  (service-type
+   (name 'webid-oidc-server)
+   (extensions
+    (list
+     (service-extension account-service-type
+                        (const %webid-oidc-accounts))
+     (service-extension
+      shepherd-root-service-type
+      webid-oidc-server-shepherd-service)))))