diff --git a/mumble-vm-system.scm.tmpl b/mumble-vm-system.scm.tmpl index 81b9622..dceefce 100644 --- a/mumble-vm-system.scm.tmpl +++ b/mumble-vm-system.scm.tmpl @@ -30,6 +30,34 @@ (define enable-wireguard? (string=? "yes" "ENABLE_WIREGUARD")) +(define mumble-vm-config + (package + (name "mumble-vm-config") + (version "0.1") + ;; TODO: Make that tarball reproducible + (source (local-file "mumble-vm.tar.xz")) + (build-system copy-build-system) + (arguments + (list + #:install-plan + #~(list + '("first-boot.sh" "share/mumble-vm/configs/") + '("guix-commit.txt" "share/mumble-vm/configs/") + '("index.html" "share/mumble-vm/configs/") + '("mumble-vm-machine.scm" "share/mumble-vm/configs/") + '("mumble-vm-system.scm" "share/mumble-vm/configs/") + '("id_ed25519.pub" "share/mumble-vm/configs/") + '("Makefile" "share/mumble-vm/configs/") + '("signing-key.pub" "share/mumble-vm/configs/") + '(#$source + "share/mumble-vm/configs/mumble-vm.tar.xz") + '("wireguard-post-up.sh" "share/mumble-vm/configs/")))) + (synopsis "Full machine configuration.") + (description + "This contains all the configuration files of this machine. This is +needed for unattended upgrades to work.") + (home-page "DOMAIN") + (license license:gpl3+))) (define website (package (name "website") @@ -138,6 +166,7 @@ the services after that.") htop iftop `(,isc-bind "utils") + mumble-vm-config net-tools nmon openssh-sans-x @@ -238,7 +267,12 @@ https://DOMAIN/ `(("root" , (local-file "id_ed25519.pub")) ("gnutoo" ,(local-file "id_ed25519.pub")))))) ;; Unattended Upgrades - (service unattended-upgrade-service-type)) + (service + unattended-upgrade-service-type + (unattended-upgrade-configuration + (operating-system-file (string-append "/run/current-system/profile" + "/share/mumble-vm/configs/" + "mumble-vm-system.scm"))))) (if enable-wireguard? (list (service wireguard-service-type