From 1cd51a1728a34aaf85b964bff7636733ef732999 Mon Sep 17 00:00:00 2001 From: Vivien Kraus Date: Mon, 7 Dec 2020 22:20:53 +0100 Subject: Create a hello world server --- guix/vkraus/packages/webid-oidc.scm | 2 +- guix/vkraus/services/webid-oidc.scm | 87 +++++++++++++++++++++++++++---- guix/vkraus/systems/webid-oidc-issuer.scm | 50 ------------------ guix/vkraus/systems/webid-oidc.scm | 80 ++++++++++++++++++++++++++++ 4 files changed, 158 insertions(+), 61 deletions(-) delete mode 100644 guix/vkraus/systems/webid-oidc-issuer.scm create mode 100644 guix/vkraus/systems/webid-oidc.scm (limited to 'guix/vkraus') diff --git a/guix/vkraus/packages/webid-oidc.scm b/guix/vkraus/packages/webid-oidc.scm index a47d5da..58e5913 100644 --- a/guix/vkraus/packages/webid-oidc.scm +++ b/guix/vkraus/packages/webid-oidc.scm @@ -79,7 +79,7 @@ (format #f "~a/bin/webid-oidc-~a" out program) `("GUILE_LOAD_PATH" ":" = ,mod-paths) `("GUILE_LOAD_COMPILED_PATH" ":" = ,go-paths))) - '(issuer)))))))) + '(hello issuer)))))))) (native-inputs `(("pkg-config" ,pkg-config) ("guile" ,guile-3.0) diff --git a/guix/vkraus/services/webid-oidc.scm b/guix/vkraus/services/webid-oidc.scm index 4c7834c..931e96a 100644 --- a/guix/vkraus/services/webid-oidc.scm +++ b/guix/vkraus/services/webid-oidc.scm @@ -31,6 +31,17 @@ webid-oidc-issuer-configuration-extra-options (default '()))) +(define-record-type* + webid-oidc-hello-configuration + make-webid-oidc-hello-configuration + webid-oidc-hello-configuration? + (webid-oidc webid-oidc-hello-configuration-webid-oidc + (default webid-oidc)) + (port webid-oidc-hello-configuration-port (default 8089)) + (extra-options + webid-oidc-hello-configuration-extra-options + (default '()))) + (export webid-oidc-issuer-configuration make-webid-oidc-issuer-configuration @@ -44,7 +55,13 @@ webid-oidc-issuer-configuration-authorization-endpoint-uri webid-oidc-issuer-configuration-token-endpoint-uri webid-oidc-issuer-configuration-port - webid-oidc-issuer-configuration-extra-options) + webid-oidc-issuer-configuration-extra-options + webid-oidc-hello-configuration + make-webid-oidc-hello-configuration + webid-oidc-hello-configuration? + webid-oidc-hello-configuration-webid-oidc + webid-oidc-hello-configuration-port + webid-oidc-hello-configuration-extra-options) (define webid-oidc-issuer-shepherd-service (match-lambda @@ -64,7 +81,7 @@ (gnu system file-systems))) (start #~(begin - (let* ((user (getpwnam "webid-oidc-issuer")) + (let* ((user (getpwnam "webid-oidc")) (prepare-directory (lambda (dir) (mkdir-p dir) @@ -87,8 +104,8 @@ "--log-file" "issuer.log" "--error-file" "issuer.err" #$@extra-options) - #:user "webid-oidc-issuer" - #:group "webid-oidc-issuer" + #:user "webid-oidc" + #:group "webid-oidc" #:directory "/var/log/webid-oidc" #:environment-variables `("XDG_DATA_HOME=/var/lib" @@ -96,14 +113,53 @@ "LANG=C")))) (stop #~(make-kill-destructor)))))))) -(define %webid-oidc-issuer-accounts - (list (user-group (name "webid-oidc-issuer") +(define webid-oidc-hello-shepherd-service + (match-lambda + (($ + webid-oidc port extra-options) + (with-imported-modules + (source-module-closure + '((gnu build shepherd) + (gnu system file-systems))) + (list (shepherd-service + (provision '(webid-oidc-hello)) + (documentation "Run a demonstration Solid server.") + (requirement '(user-processes)) + (modules '((gnu build shepherd) + (gnu system file-systems))) + (start + #~(begin + (let* ((user (getpwnam "webid-oidc")) + (prepare-directory + (lambda (dir) + (mkdir-p dir) + (chown dir (passwd:uid user) (passwd:gid user)) + (chmod dir #o700)))) + (prepare-directory "/var/log/webid-oidc") + (prepare-directory "/var/lib/webid-oidc") + (prepare-directory "/var/cache/webid-oidc")) + (make-forkexec-constructor + (list + (string-append #$webid-oidc "/bin/webid-oidc-hello") + "--port" (with-output-to-string (lambda () (display #$port))) + #$@extra-options) + #:user "webid-oidc" + #:group "webid-oidc" + #:directory "/var/log/webid-oidc" + #:environment-variables + `("XDG_DATA_HOME=/var/lib" + "XDG_CACHE_HOME=/var/cache" + "LANG=C")))) + (stop #~(make-kill-destructor)))))))) + +(define %webid-oidc-accounts + (list (user-group (name "webid-oidc") (system? #t)) (user-account - (name "webid-oidc-issuer") - (group "webid-oidc-issuer") + (name "webid-oidc") + (group "webid-oidc") (system? #t) - (comment "The user that runs the webid-oidc issuer.") + (comment "The user that runs the webid-oidc issuer and resource server.") (home-directory "/var/empty") (shell (file-append shadow "/sbin/nologin"))))) @@ -113,7 +169,18 @@ (extensions (list (service-extension account-service-type - (const %webid-oidc-issuer-accounts)) + (const %webid-oidc-accounts)) (service-extension shepherd-root-service-type webid-oidc-issuer-shepherd-service))))) + +(define-public webid-oidc-hello-service-type + (service-type + (name 'webid-oidc-hello) + (extensions + (list + (service-extension account-service-type + (const %webid-oidc-accounts)) + (service-extension + shepherd-root-service-type + webid-oidc-hello-shepherd-service))))) diff --git a/guix/vkraus/systems/webid-oidc-issuer.scm b/guix/vkraus/systems/webid-oidc-issuer.scm deleted file mode 100644 index 103f49f..0000000 --- a/guix/vkraus/systems/webid-oidc-issuer.scm +++ /dev/null @@ -1,50 +0,0 @@ -(define-module (vkraus systems webid-oidc-issuer) - #:use-module (gnu) - #:use-module (guix) - #:use-module (guix packages) - #:use-module (guix download) - #:use-module (vkraus services webid-oidc) - #:use-module (vkraus packages webid-oidc)) - -(operating-system - (locale "fr_FR.utf8") - (timezone "Europe/Paris") - (keyboard-layout (keyboard-layout "fr")) - (host-name "webid-oidc-issuer") - (users (cons* (user-account - (name "admin") - (comment "Administrator") - (group "users") - (home-directory "/home/admin") - (supplementary-groups - '("wheel" "netdev"))) - %base-user-accounts)) - (packages - (append - (list (specification->package "nss-certs")) - %base-packages)) - (services - (append - (cons* - (service webid-oidc-issuer-service-type - (webid-oidc-issuer-configuration - (webid-oidc webid-oidc-snapshot) - (issuer "http://localhost:8080") - (subject "http://localhost:8080/profile/card#me") - (password "p4ssw0rd") - (jwks-uri "http://localhost:8080/keys") - (authorization-endpoint-uri "http://localhost:8080/authorize") - (token-endpoint-uri "http://localhost:8080/token") - (port 8080))) - %base-services))) - (bootloader - (bootloader-configuration - (bootloader grub-efi-bootloader) - (target "/boot/efi") - (keyboard-layout keyboard-layout))) - (file-systems - (cons* (file-system - (mount-point "/") - (device "/dev/sda") - (type "ext4")) - %base-file-systems))) diff --git a/guix/vkraus/systems/webid-oidc.scm b/guix/vkraus/systems/webid-oidc.scm new file mode 100644 index 0000000..704c746 --- /dev/null +++ b/guix/vkraus/systems/webid-oidc.scm @@ -0,0 +1,80 @@ +(define-module (vkraus systems webid-oidc) + #:use-module (gnu) + #:use-module (guix) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (vkraus services webid-oidc) + #:use-module (vkraus packages webid-oidc) + #:use-module (gnu services web)) + +(operating-system + (locale "fr_FR.utf8") + (timezone "Europe/Paris") + (keyboard-layout (keyboard-layout "fr")) + (host-name "webid-oidc-issuer") + (users %base-user-accounts) + (packages + (append + (list (specification->package "nss-certs")) + %base-packages)) + (services + (append + (cons* + (service webid-oidc-issuer-service-type + (webid-oidc-issuer-configuration + (webid-oidc webid-oidc-snapshot) + (issuer "http://localhost:8080") + (subject "http://localhost:8080/profile/card#me") + (password "p4ssw0rd") + (jwks-uri "http://localhost:8080/keys") + (authorization-endpoint-uri "http://localhost:8080/authorize") + (token-endpoint-uri "http://localhost:8080/token") + (port 8080))) + (service webid-oidc-hello-service-type + (webid-oidc-hello-configuration + (webid-oidc webid-oidc-snapshot) + (port 8081))) + (service nginx-service-type + (nginx-configuration + (upstream-blocks + (list + (nginx-upstream-configuration + (name "issuer") + (servers (list "localhost:8080"))) + (nginx-upstream-configuration + (name "server") + (servers (list "localhost:8081"))))) + (server-blocks + (list + (nginx-server-configuration + (server-name '("localhost")) + (listen '("80")) + (locations + (list + (nginx-location-configuration + (uri "/profile/card") + (body (list "proxy_pass http://issuer;"))) + (nginx-location-configuration + (uri "/keys") + (body (list "proxy_pass http://issuer;"))) + (nginx-location-configuration + (uri "/authorize") + (body (list "proxy_pass http://issuer;"))) + (nginx-location-configuration + (uri "/token") + (body (list "proxy_pass http://issuer;"))) + (nginx-location-configuration + (uri "/") + (body (list "proxy_pass http://server;")))))))))) + %base-services))) + (bootloader + (bootloader-configuration + (bootloader grub-efi-bootloader) + (target "/boot/efi") + (keyboard-layout keyboard-layout))) + (file-systems + (cons* (file-system + (mount-point "/") + (device "/dev/sda") + (type "ext4")) + %base-file-systems))) -- cgit v1.2.3