Commit Graph

36 Commits

Author SHA1 Message Date
Denis 'GNUtoo' Carikli 858c70fcd5
Automatic updates: restart basic daemons
By default only mcron is restarted. It was verified within the
guix-installer-vm that this change worked by looking at the pid of
guix-daemon, waiting for an automatic update to happen and looking at
the (new) pid of guix-daemon.

The mumble-server and nginx daemons were not added to the list because
we don't have the audio.experimental.a-lec.org domain setup yet in the
Libre en Communs DNS.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 16:04:04 +02:00
Denis 'GNUtoo' Carikli e18c55b064
Automatic updates: schedule it every hours.
This enables easier testing and updates typically takes less than one
hour.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 16:01:25 +02:00
Denis 'GNUtoo' Carikli a8e16c12d9
networking: Fix IPv6 gateway
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:17:44 +02:00
Denis 'GNUtoo' Carikli 0b1b9b15f5
networking: update the SSH VM public key
This uses the public key of the deployed VM.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:14:20 +02:00
Denis 'GNUtoo' Carikli 49c9a6f0ee
first-boot.sh: resize filesystem and add better status reporting.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:04 +02:00
Denis 'GNUtoo' Carikli bd5799967f
Add base64 tarball target
The tarball can be copied to the VM through the serial port with the
following command:
    # cat > mumble-vm.tar.xz.b64
the user then pastes the base64 content and types ctrl+d and this
results in the file being written.

The content can then be extracted with the following commands:
    # base64 -d mumble-vm.tar.xz.b64 > mumble-vm.tar.xz
    # tar xf mumble-vm.tar.xz

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:04 +02:00
Denis 'GNUtoo' Carikli aa3f17d69c
configure.ac: vm-ipv6-gateway: Fix copy-paste error in help
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:04 +02:00
Denis 'GNUtoo' Carikli 8c09af074b
Fix IPv4 netmask
Running dhclient on eth0 gives a /16, and this is necessary anyway to
reach the gateway.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:04 +02:00
Denis 'GNUtoo' Carikli 0bee712a15
Add nss-certs
We at least need nss-certs for running guix system reconfigure
manually, so it's a good idea to have it.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:04 +02:00
Denis 'GNUtoo' Carikli 7b663f9813
Fix automatic updates
According to the operating-system-file fileld of
unattended-upgrade-configuration in the manual, automatic updates
don't work when "/run/current-system/configuration.scm [...] refers to
extra files (SSH public keys, extra configuration files, etc.) via
local-file and similar constructs.".

So we need these files in the store and to point to them to make the
automatic updates work.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:03 +02:00
Denis 'GNUtoo' Carikli 61c1a2da98
Provide the service source code on the web page
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:03 +02:00
Denis 'GNUtoo' Carikli 026cbbd453
Add default id_ed25519.pub and signing-key.pub
This makes it easier to deploy the VM to the Libre En Communs
infrastructure as it doesn't require to also copy these files to the
VM producing the image.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 15:08:02 +02:00
Denis 'GNUtoo' Carikli 90d97041e3
Update mumble-vm.xml to match the one deployed at Libre en Communs
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-02 21:25:08 +02:00
Denis 'GNUtoo' Carikli a25039268f
Makefile.am: mumble-vm.img: remove sudo
Copying an image from Guix should not require sudo, and make isn't
supposed to bypass permissions anyway.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-02 21:25:08 +02:00
Denis 'GNUtoo' Carikli 8b5be47720
index.html: Fix HTML compliance issues.
Icecat complained with the invalid syntax when looking at the
page source code.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-02 21:25:08 +02:00
Denis 'GNUtoo' Carikli f709ef6b0e
configure.ac: bail out if guix and sed are not detected
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-02 21:25:08 +02:00
Denis 'GNUtoo' Carikli bee3614a59
Whitespace and line length fixes
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-02 21:25:04 +02:00
Denis 'GNUtoo' Carikli b4eb83df6e
README: document missing files
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-19 22:43:49 +02:00
Denis 'GNUtoo' Carikli 7bbeec490a
Make WireGuard disabled by default.
WireGuard is hardcoded to my configuration, so it needs to be
disabled by default.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 23:46:46 +02:00
Denis 'GNUtoo' Carikli 251664e2e9
Make the VM SSH address configurable
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 22:37:48 +02:00
Denis 'GNUtoo' Carikli 058dc74299
Add VM DNS IPv6
The default DNS server address is supposed to be used by Libre En
Communs for the deployed VM.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 22:33:25 +02:00
Denis 'GNUtoo' Carikli c5d394f0f6
Make the VM DNS IPv4 configurable
The default DNS server address is supposed to be used by Libre En
Communs for the deployed VM.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 22:32:55 +02:00
Denis 'GNUtoo' Carikli d512df0345
Add IPv6 gateway
The default gateway IP address is supposed to be used by Libre En
Communs for the deployed VM.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 22:32:38 +02:00
Denis 'GNUtoo' Carikli 9d3a27157e
Make the VM gateway IPv4 configurable
The default gateway IP address is supposed to be used by Libre En
Communs for the deployed VM.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 22:32:18 +02:00
Denis 'GNUtoo' Carikli 52e483228f
Add configurable IPv6 for the VM
The default IP address is supposed to be used by Libre En Communs for
the deployed VM.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 22:31:58 +02:00
Denis 'GNUtoo' Carikli eb7b6eb78a
Make the VM IPv4 configurable
The default IP address is supposed to be used by Libre En Communs for
the deployed VM.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 22:31:39 +02:00
Denis 'GNUtoo' Carikli 495c347e77
Add Public IP address through WireGuard
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 22:30:52 +02:00
Denis 'GNUtoo' Carikli 31da868705
Add Serial consoles
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 22:30:52 +02:00
Denis 'GNUtoo' Carikli f7de8414a3
Add script to run on first boot
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 22:30:52 +02:00
Denis 'GNUtoo' Carikli 67922b0c13
Make the VM SSH public key configurable
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-18 22:30:51 +02:00
Denis 'GNUtoo' Carikli 669c708331
Make the Let's Encrypt email configurable
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-13 07:21:21 +02:00
Denis 'GNUtoo' Carikli 375df9954e
Make the domain configurable
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-13 07:21:20 +02:00
Denis 'GNUtoo' Carikli 41e8b2fed0
Add Mumble service
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-13 07:21:00 +02:00
Denis 'GNUtoo' Carikli 32475794b1
Add website
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-13 07:21:00 +02:00
Denis 'GNUtoo' Carikli 7fe191c90d
Add machine definition
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-13 07:20:59 +02:00
Denis 'GNUtoo' Carikli 3b8d7f2763
Add license
This project is under the GPLv3 and not AGPLv3 in order to be able
to share code back and forth with Guix.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-09-12 21:56:04 +02:00