(deployment systems aisaka): implement public substitute serverHEAD test master

author: Marek Paśnikowski <marek@marekpasnikowski.pl> 2026-03-17 18:03:21 +0100
committer: Marek Paśnikowski <marek@marekpasnikowski.pl> 2026-03-17 18:03:21 +0100
commit: ca5dee05f66a930a3ba19f3b0a93b034de12a80f (patch)
tree: 4944e2b175653ad6268ae26391f4a317ae63b84e
parent: 8b66cf3a502ba1281a0d981a5eef4ca67160ed77 (diff)
1 files changed, 30 insertions, 3 deletions
diff --git a/deployment/systems/aisaka.scm b/deployment/systems/aisaka.scm
index a0a2766..5174e61 100644
--- a/deployment/systems/aisaka.scm
+++ b/deployment/systems/aisaka.scm
@@ -98,6 +98,7 @@
  ("_dmarc"          ttl "IN" "TXT"   "\"v=DMARC1; p=reject; sp=reject; pct=100; aspf=s; adkim=s; fo=1; rua=mailto:abuse@marekpasnikowski.pl; ruf=mailto:abuse@marekpasnikowski.pl\"")
  ("dkim._domainkey" ttl "IN" "TXT"   "\"v=DKIM1; d=marekpasnikowski.pl; t=s; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/b/WV5EUxqAhBgJ4v5K3sP8QI+IwziRJ/F9SDO3p3QOMjZd9AGVt2/AztZ4EmcOJnTlbQnLE/DKCOq4HAdxSZjIqj5AXyMddvWiO78+ugdame/flV0tjdDGNflx65Twap3qgJ9jzhvJfZ1BDuh2WC06fn2pyFl1TCETEGp6ZDkI41FW5GH8l9Jk7hhCmr+Mau0EpE7V42lBdireItOA1e7jQcub50584QATme4rYxA7WR4AeIsknOkUo4q8vkVrssoP11nSg/sNM9RGn1QDfVMJRX0twtgGnJ8N5QE4Ia9DvXL4Y0PNMC0/frp13pB6m1VQP/Z4jfDy+TQzEdSRaQIDAQAB\"")
  ("git"             ttl "IN" "CNAME" "www")
+ ("guix"            ttl "IN" "CNAME" "www")
  ("radicale"        ttl "IN" "CNAME" "www")
  ("schron"          ttl "IN" "CNAME" "www")
  ("sejf"            ttl "IN" "CNAME" "www")
@@ -109,7 +110,7 @@
    (origin  "marekpasnikowski.pl")
    (ns      "ns1.marekpasnikowski.pl.")
    (mail    "marek.marekpasnikowski.pl.")
-   (serial  2026031601)))
+   (serial  2026031700)))
 
 (define master-zone
   (gnu:services:dns:knot-zone-configuration
@@ -215,7 +216,7 @@
                "fastcgi_pass 127.0.0.1:9000 ;"))
    (uri  "@cgit")))
 
-(define nginx-location-proxy
+(define nginx-location-proxy-guix
   (gnu:services:web:nginx-location-configuration
    (body (list "proxy_pass http://localhost:5232/ ;"
                "proxy_set_header X-Script-Name \"\" ;"
@@ -224,6 +225,15 @@
                "proxy_pass_header Authorization ;"))
    (uri  "/")))
 
+(define nginx-location-proxy-radicale
+  (gnu:services:web:nginx-location-configuration
+   (body (list "proxy_pass http://localhost:8080/ ;"
+               "proxy_set_header X-Script-Name \"\" ;"
+               "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;"
+               "proxy_set_header Host $http_host ;"
+               "proxy_pass_header Authorization ;"))
+   (uri  "/")))
+
 (define nginx-location-proxy-auth
   (gnu:services:web:nginx-location-configuration
    (body (list "proxy_set_header Host $host;"
@@ -252,6 +262,12 @@
      (ssl-certificate-key "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem")
      (try-files           (list "$uri" "@cgit")))))
 
+(define nginx-server-guix
+  (gnu:services:web:nginx-server-configuration
+   (locations   (list nginx-location-proxy-guix))
+   (listen      (list "192.168.10.2:443 ssl"))
+   (server-name (list "guix.marekpasnikowski.pl"))))
+
 (define nginx-server-portal
   (gnu:services:web:nginx-server-configuration
    (locations           (list nginx-location-well-known))
@@ -263,7 +279,7 @@
 
 (define nginx-server-radicale
   (gnu:services:web:nginx-server-configuration
-   (locations   (list nginx-location-proxy
+   (locations   (list nginx-location-proxy-radicale
                       nginx-location-well-known))
    (listen      (list "192.168.10.2:443 ssl"))
    (server-name (list "radicale.marekpasnikowski.pl"))))
@@ -321,6 +337,7 @@
    (shepherd-requirement (list 'networking))
    (server-blocks        (list nginx-server-portal
                                nginx-server-www
+                               nginx-server-guix
                                nginx-server-test
                                nginx-server-schron
                                nginx-server-sejf
@@ -360,6 +377,7 @@
                               nginx-deploy-hook-file))
    (domains     (list "marekpasnikowski.pl"
                       "git.marekpasnikowski.pl"
+                      "guix.marekpasnikowski.pl"
                       "radicale.marekpasnikowski.pl"
                       "schron.marekpasnikowski.pl"
                       "sejf.marekpasnikowski.pl"
@@ -634,6 +652,15 @@
    (name "vmail")
    (system? #t)))
 
+(define guix-publish-service
+  (let
+      ((configuration (gnu:services:base:guix-publish-configuration
+                       (host       "192.168.10.2")
+                       (port       8080)
+                       (advertise? #t))))
+    (gnu:services:service gnu:services:base:guix-publish-service-type
+                          configuration)))
+
 (define-public system
   (let*
       ((home-environments- (list users:id1000:name/home-environment))
author	Marek Paśnikowski <marek@marekpasnikowski.pl>	2026-03-17 18:03:21 +0100
committer	Marek Paśnikowski <marek@marekpasnikowski.pl>	2026-03-17 18:03:21 +0100
commit	ca5dee05f66a930a3ba19f3b0a93b034de12a80f (patch)
tree	4944e2b175653ad6268ae26391f4a317ae63b84e
parent	8b66cf3a502ba1281a0d981a5eef4ca67160ed77 (diff)