diff options
author | Vivien Kraus <vivien@planete-kraus.eu> | 2021-03-30 20:25:01 +0200 |
---|---|---|
committer | Vivien Kraus <vivien@planete-kraus.eu> | 2021-06-18 16:52:28 +0200 |
commit | f08763968630de87cd9fbfbc31decd5a15f58bf4 (patch) | |
tree | 8531a8096ae931d4f5908a20367aad361984a814 /guix/vkraus/services/webid-oidc.scm | |
parent | a0efed594740e85e2b95c7d4ee06f4fcd68625b5 (diff) |
Implement a reverse proxy
Diffstat (limited to 'guix/vkraus/services/webid-oidc.scm')
-rw-r--r-- | guix/vkraus/services/webid-oidc.scm | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/guix/vkraus/services/webid-oidc.scm b/guix/vkraus/services/webid-oidc.scm index 931e96a..33b4fae 100644 --- a/guix/vkraus/services/webid-oidc.scm +++ b/guix/vkraus/services/webid-oidc.scm @@ -31,6 +31,21 @@ webid-oidc-issuer-configuration-extra-options (default '()))) +(define-record-type* <webid-oidc-reverse-proxy-configuration> + webid-oidc-reverse-proxy-configuration + make-webid-oidc-reverse-proxy-configuration + webid-oidc-reverse-proxy-configuration? + (webid-oidc webid-oidc-reverse-proxy-configuration-webid-oidc + (default webid-oidc)) + (port webid-oidc-reverse-proxy-port (default 8090)) + (inbound-uri webid-oidc-reverse-proxy-configuration-inbound-uri) + (outbound-uri webid-oidc-reverse-proxy-configuration-outbound-uri) + (header webid-oidc-reverse-proxy-configuration-header + (default "XXX-Agent")) + (extra-options + webid-oidc-reverse-proxy-extra-options + (default '()))) + (define-record-type* <webid-oidc-hello-configuration> webid-oidc-hello-configuration make-webid-oidc-hello-configuration @@ -56,6 +71,17 @@ webid-oidc-issuer-configuration-token-endpoint-uri webid-oidc-issuer-configuration-port webid-oidc-issuer-configuration-extra-options + <webid-oidc-reverse-proxy-configuration> + webid-oidc-reverse-proxy-configuration + make-webid-oidc-reverse-proxy-configuration + webid-oidc-reverse-proxy-configuration? + webid-oidc-reverse-proxy-configuration-webid-oidc + webid-oidc-reverse-proxy-configuration-port + webid-oidc-reverse-proxy-configuration-inbound-uri + webid-oidc-reverse-proxy-configuration-outbound-uri + webid-oidc-reverse-proxy-configuration-header + webid-oidc-reverse-proxy-configuration-extra-options + <webid-oidc-hello-configuration> webid-oidc-hello-configuration make-webid-oidc-hello-configuration webid-oidc-hello-configuration? @@ -113,6 +139,51 @@ "LANG=C")))) (stop #~(make-kill-destructor)))))))) +(define webid-oidc-reverse-proxy-shepherd-service + (match-lambda + (($ <webid-oidc-reverse-proxy-configuration> + webid-oidc port inbound-uri outbound-uri header + extra-options) + (with-imported-modules + (source-module-closure + '((gnu build shepherd) + (gnu system file-systems))) + (list (shepherd-service + (provision '(webid-oidc-reverse-proxy)) + (documentation "Run a proxy to authenticate with Solid.") + (requirement '(user-processes)) + (modules '((gnu build shepherd) + (gnu system file-systems))) + (start + #~(begin + (let* ((user (getpwnam "webid-oidc")) + (prepare-directory + (lambda (dir) + (mkdir-p dir) + (chown dir (passwd:uid user) (passwd:gid user)) + (chmod dir #o700)))) + (prepare-directory "/var/log/webid-oidc") + (prepare-directory "/var/lib/webid-oidc") + (prepare-directory "/var/cache/webid-oidc")) + (make-forkexec-constructor + (list + (string-append #$webid-oidc "/bin/webid-oidc-reverse-proxy") + "--port" (with-output-to-string (lambda () (display #$port))) + "--inbound-uri" #$inbound-uri + "--outbound-uri" #$outbound-uri + "--header" #$header + "--log-file" "reverse-proxy.log" + "--error-file" "reverse-proxy.err" + #$@extra-options) + #:user "webid-oidc" + #:group "webid-oidc" + #:directory "/var/log/webid-oidc" + #:environment-variables + `("XDG_DATA_HOME=/var/lib" + "XDG_CACHE_HOME=/var/cache" + "LANG=C")))) + (stop #~(make-kill-destructor)))))))) + (define webid-oidc-hello-shepherd-service (match-lambda (($ <webid-oidc-hello-configuration> @@ -174,6 +245,17 @@ shepherd-root-service-type webid-oidc-issuer-shepherd-service))))) +(define-public webid-oidc-reverse-proxy-service-type + (service-type + (name 'webid-oidc-reverse-proxy) + (extensions + (list + (service-extension account-service-type + (const %webid-oidc-accounts)) + (service-extension + shepherd-root-service-type + webid-oidc-reverse-proxy-shepherd-service))))) + (define-public webid-oidc-hello-service-type (service-type (name 'webid-oidc-hello) |