guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: hydra: milano-guix-1: Add the Guix Data Service.

From: Christopher Baines
Subject: 01/01: hydra: milano-guix-1: Add the Guix Data Service.
Date: Tue, 1 Oct 2019 11:58:28 -0400 (EDT) 
cbaines pushed a commit to branch wip-guix-data-service
in repository maintenance.

commit dbc09d861822a6279d78be442b3a1d1072884a4c
Author: Christopher Baines <address@hidden>
Date:   Sat Jun 15 08:54:22 2019 +0100

    hydra: milano-guix-1: Add the Guix Data Service.
    
    Along with PostgreSQL that it depends on.
    
    * hydra/milano-guix-1.scm (operating-system)[packages]: Add nss-certs.
    [services] Add PostgreSQL, and the Guix Data Service.
---
 hydra/milano-guix-1.scm | 91 +++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 88 insertions(+), 3 deletions(-)

diff --git a/hydra/milano-guix-1.scm b/hydra/milano-guix-1.scm
index 255e407..c192590 100644
--- a/hydra/milano-guix-1.scm
+++ b/hydra/milano-guix-1.scm
@@ -3,9 +3,10 @@
 ;; Copyright © 2019 Giovanni Biscuolo <address@hidden>
 ;; Released under the GNU GPLv3 or any later version.
 
-(use-modules (gnu))
-(use-service-modules networking mcron ssh virtualization)
-(use-package-modules screen ssh linux)
+(use-modules (gnu)
+             (guix gexp))
+(use-service-modules databases getmail guix networking mcron ssh 
virtualization)
+(use-package-modules certs screen ssh linux)
 
 ;; The following definition are **almost** copied from dover.scm: a
 ;; quick hack to have a(n almost) self contained config file
@@ -54,6 +55,63 @@
          (string-append #$btrfs-progs "/bin/btrfs balance "
                         "start -dusage=50 -musage=70 /")))
 
+(define %nginx-configuration
+  (nginx-configuration
+   (server-names-hash-bucket-size 64)
+   (extra-content
+    "
+    proxy_cache_path /var/cache/nginx/guix-data-service
+                     levels=2
+                     inactive=2d
+                     keys_zone=guix-data-service:4m  # ~32K keys
+                     max_size=1g
+                     use_temp_path=off;")
+   (upstream-blocks
+    (list
+     (nginx-upstream-configuration
+      (name "guix-data-service-proxy")
+      (servers '("localhost:8765")))))
+   (server-blocks
+    (list
+     (nginx-server-configuration
+      (server-name '("_"))
+      (locations
+       (list
+        (nginx-location-configuration
+         (uri "/")
+         (body '("return 404;"))))))
+     (nginx-server-configuration
+      (server-name '("data.guix.gnu.org"))
+      (listen '("80"))
+      (locations
+       (list
+        (nginx-location-configuration
+         (uri "/")
+         (body '("try_files $uri $uri/ @guix-data-service;")))
+        (nginx-named-location-configuration
+         (name "guix-data-service")
+         (body '("proxy_pass http://guix-data-service-proxy;";
+                 "proxy_set_header Host            $host;"
+                 "proxy_set_header X-Forwarded-For $remote_addr;"
+
+                 "proxy_cache guix-data-service;"
+                 "proxy_cache_revalidate on;"
+                 "proxy_cache_min_uses 3;"
+                 "proxy_cache_use_stale error timeout updating http_500 
http_502 http_503 http_504;"
+                 "proxy_cache_background_update on;"
+                 "proxy_cache_lock on;"
+                 "add_header X-Cache-Status $upstream_cache_status;"
+
+                 "gzip on;"
+                 "gzip_types text/html application/json;"
+                 "gzip_proxied any;")))
+        (nginx-location-configuration
+         (uri "^~ /.well-known/acme-challenge/")
+         (body '("root /srv/http/data.guix.gnu.org;")))
+        (nginx-location-configuration
+         (uri "= /.well-known/acme-challenge/")
+         (body '("return 404;"))))))))))
+
 ;; The actual machine
 
 (operating-system
@@ -88,6 +146,9 @@
   (users (append %accounts %base-user-accounts))
 
   (packages (cons* btrfs-progs screen openssh strace %base-packages))
+  (packages (cons* btrfs-progs screen openssh strace
+                   nss-certs ; Needed for the Guix Data Service
+                   %base-packages))
 
   ;; Services
   (services
@@ -114,6 +175,30 @@
                       (platforms (lookup-qemu-platforms "arm" "aarch64"))
                       (guix-support? #t)))
 
+            (service postgresql-service-type
+                     (postgresql-configuration
+                      (config-file
+                       (postgresql-config-file
+                        (extra-config
+                         '(("work_mem" "'500MB'")))))))
+
+            (service guix-data-service-type
+                     (guix-data-service-configuration
+                      (getmail-idle-mailboxes '("Commits"))
+                      (commits-getmail-retriever-configuration
+                       (getmail-retriever-configuration
+                        (type "SimpleIMAPSSLRetriever")
+                        (server "imap.cbaines.net")
+                        (port 993)
+                        (username "patchwork")
+                        (password-command
+                         (list (file-append coreutils "/bin/cat")
+                               "/etc/guix-data-service-commits-imap-password"))
+                        (extra-parameters
+                         '((mailboxes . ("Commits"))))))))
+
+            (service nginx-service-type %nginx-configuration)
+
             (service mcron-service-type
                      (mcron-configuration
                       (jobs (list gc-job btrfs-job)))))
reply via email to
[Prev in Thread] Current Thread [Next in Thread]