Add script to run on first boot
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
This commit is contained in:
parent
67922b0c13
commit
f7de8414a3
|
@ -5,6 +5,7 @@ autom4te.cache/**
|
||||||
config.log
|
config.log
|
||||||
config.status
|
config.status
|
||||||
configure
|
configure
|
||||||
|
first-boot.sh
|
||||||
guix-commit.txt
|
guix-commit.txt
|
||||||
id_ed25519
|
id_ed25519
|
||||||
id_ed25519.pub
|
id_ed25519.pub
|
||||||
|
|
|
@ -39,7 +39,14 @@ guix-commit.txt: Makefile
|
||||||
s#LETSENCRYPT_EMAIL#$(LETSENCRYPT_EMAIL)#g ; \
|
s#LETSENCRYPT_EMAIL#$(LETSENCRYPT_EMAIL)#g ; \
|
||||||
s#VM_SSH_PUB_KEY#$(VM_SSH_PUB_KEY)#g" $< > $@
|
s#VM_SSH_PUB_KEY#$(VM_SSH_PUB_KEY)#g" $< > $@
|
||||||
|
|
||||||
|
%.sh: %.sh.tmpl guix-commit.txt Makefile
|
||||||
|
sed \
|
||||||
|
"s#DOMAIN#$(DOMAIN)#g ; \
|
||||||
|
s#LETSENCRYPT_EMAIL#$(LETSENCRYPT_EMAIL)#g" $< > $@
|
||||||
|
chmod +x $@
|
||||||
|
|
||||||
IMAGE_SOURCE = \
|
IMAGE_SOURCE = \
|
||||||
|
first-boot.sh \
|
||||||
guix-commit.txt \
|
guix-commit.txt \
|
||||||
index.html \
|
index.html \
|
||||||
mumble-vm-machine.scm \
|
mumble-vm-machine.scm \
|
||||||
|
|
4
README
4
README
|
@ -11,9 +11,7 @@ it's a good idea to use test domains before deployments.
|
||||||
|
|
||||||
Once the image is booted:
|
Once the image is booted:
|
||||||
- You will need to login inside and run the following command:
|
- You will need to login inside and run the following command:
|
||||||
# certbot certonly --standalone -d audio.experimental.a-lec.org
|
# first-boot.sh
|
||||||
# herd restart nginx
|
|
||||||
# herd restart mumble-server
|
|
||||||
- You then need to set the root password.
|
- You then need to set the root password.
|
||||||
|
|
||||||
License
|
License
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# Copyright (C) 2023 Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
||||||
|
#
|
||||||
|
# This file is free software; you can redistribute it and/or modify it
|
||||||
|
# under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation; either version 3 of the License, or (at
|
||||||
|
# your option) any later version.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with this file. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
set -e
|
||||||
|
|
||||||
|
certbot certonly --standalone -d DOMAIN -m LETSENCRYPT_EMAIL
|
||||||
|
herd restart mumble-server
|
||||||
|
herd restart nginx
|
|
@ -21,6 +21,7 @@
|
||||||
#:use-module (gnu services telephony)
|
#:use-module (gnu services telephony)
|
||||||
#:use-module (gnu services web)
|
#:use-module (gnu services web)
|
||||||
#:use-module (guix build-system copy)
|
#:use-module (guix build-system copy)
|
||||||
|
#:use-module (guix build-system gnu)
|
||||||
#:use-module ((guix licenses) #:prefix license:)
|
#:use-module ((guix licenses) #:prefix license:)
|
||||||
#:use-module (guix packages)
|
#:use-module (guix packages)
|
||||||
#:use-module (guix utils)
|
#:use-module (guix utils)
|
||||||
|
@ -43,6 +44,32 @@ replicate or contribute to it.")
|
||||||
(home-page "DOMAIN")
|
(home-page "DOMAIN")
|
||||||
(license license:gpl3+)))
|
(license license:gpl3+)))
|
||||||
|
|
||||||
|
(define first-boot-script
|
||||||
|
(package
|
||||||
|
(name "first-boot-script")
|
||||||
|
(version "0.1")
|
||||||
|
(source (local-file "first-boot.sh" ))
|
||||||
|
(build-system gnu-build-system)
|
||||||
|
(arguments
|
||||||
|
(list #:tests? #f ;no tests
|
||||||
|
#:phases
|
||||||
|
#~(modify-phases
|
||||||
|
%standard-phases
|
||||||
|
(delete 'build)
|
||||||
|
(delete 'configure)
|
||||||
|
(replace 'install
|
||||||
|
(lambda _
|
||||||
|
(chmod "first-boot.sh" #o755)
|
||||||
|
(install-file
|
||||||
|
"first-boot.sh"
|
||||||
|
(string-append (string-append #$output "/bin"))))))))
|
||||||
|
(synopsis "Script to run on first boot.")
|
||||||
|
(description
|
||||||
|
"The first-boot.sh script generates the TLS certificate and restart
|
||||||
|
the services after that.")
|
||||||
|
(home-page #f)
|
||||||
|
(license license:gpl3+)))
|
||||||
|
|
||||||
(define-public %nginx-deploy-hook
|
(define-public %nginx-deploy-hook
|
||||||
(program-file
|
(program-file
|
||||||
"nginx-deploy-hook"
|
"nginx-deploy-hook"
|
||||||
|
@ -71,6 +98,7 @@ replicate or contribute to it.")
|
||||||
(packages
|
(packages
|
||||||
(append
|
(append
|
||||||
(list certbot
|
(list certbot
|
||||||
|
first-boot-script
|
||||||
htop
|
htop
|
||||||
iftop
|
iftop
|
||||||
`(,isc-bind "utils")
|
`(,isc-bind "utils")
|
||||||
|
|
Loading…
Reference in New Issue