I tried adapting the code to my config. The system built and reconfigured, but there were errors getting the TLS certificates, and GNOME's WebDAV gave the following error:
Cannot find WebDAV endpoint I did create the user with $ guix shell httpd -- htpasswd -B -c radicale-users caleb See farnsworth.scm for details. -- Caleb Herbert https://calebh.top
;;; farnsworth.scm - Home server config ;;; Copyright (C) 2025 Caleb Herbert <[email protected]> ;;; ;;; This program is free software: you can redistribute it and/or modify ;;; it under the terms of the GNU General Public License as published by ;;; the Free Software Foundation, either version 3 of the License, or ;;; (at your option) any later version. ;;; ;;; This program is distributed in the hope that it will be useful, ;;; but WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with this program. If not, see <https://www.gnu.org/licenses/>. (use-modules (gnu) (guix packages) (guix build-system copy) (gnu packages web)) (use-service-modules mail shepherd certbot web dbus docker cups desktop networking ssh xorg) (define sample-website (package (name "sample-website") (version "post") (source (package-source nginx)) ;; Use Nginx's built-in index.html as "website" (build-system copy-build-system) (arguments ;; NOTE: The double ' is to prevent evaluation and is required! '(#:install-plan '(("html/" "/")))) (home-page #f) (synopsis "Sample \"website\"") (description "Sample \"website\" for a blog post.") (license (package-license nginx)))) (define website-deploy-service (let ((website-dir "/srv/http/calebh.top")) (simple-service 'website-deploy shepherd-root-service-type (list (shepherd-service (requirement '(file-systems)) (provision '(website-deploy)) (documentation "Copy website out of store to @file{/srv/http/calebh.top/}") (start #~(let ((website-in-store #$sample-website)) (lambda _ (mkdir-p #$website-dir) ;; (guix build utils) already in scope for start by ;; #:modules. See (guix) Shepherd Services (copy-recursively website-in-store #$website-dir)))) (stop #~(lambda _ (with-exception-handler (lambda (e) (pk 'caught e)) (lambda () (delete-file-recursively #$website-dir)) #:unwind? #t) #f))))))) (operating-system (locale "en_US.utf8") (timezone "America/Chicago") (keyboard-layout (keyboard-layout "us")) (host-name "farnsworth") ;; The list of user accounts ('root' is implicit). (users (cons* (user-account (name "caleb") (comment "Caleb Herbert") (group "users") (home-directory "/home/caleb") (supplementary-groups '("wheel" "netdev" "audio" "video"))) %base-user-accounts)) ;; Packages installed system-wide. Users can also install packages ;; under their own account: use 'guix search KEYWORD' to search ;; for packages and 'guix install PACKAGE' to install a package. (packages (append (map specification->package '( "bc" "bind" "borg" "bsd-games" "cowsay" "cpio" "cups" "cvs" "daikichi" "fortunes-jkirchartz" "dash" "ed" "emacs" "figlet" "links" "m4" "mailutils" "mg" "ncompress" "oksh" "openldap" "perl" "rcs" "rsync" "screen" "sharutils" "shell-functools" "signify" "sl" "tcsh" "tmux" "toilet" "vim" "w3m" "ytalk" "zutils" )) %base-packages)) ;; Below is the list of system services. To search for available ;; services, run 'guix system search KEYWORD' in a terminal. (services (append (list ;; WebDAV - Contacts, calendar, files (service radicale-service-type (radicale-configuration (web-interface? #f) (auth (radicale-auth-configuration (type 'htpasswd) (htpasswd-encryption 'bcrypt) ;; File is created manually using htpasswd ;; Like: ;; guix shell httpd -- htpasswd -B -c radicale-users caleb (htpasswd-filename "/etc/radicale/users"))))) (simple-service 'radicale-nginx nginx-service-type (list (nginx-server-configuration (listen '("443 ssl")) (server-name '("dav.calebh.top")) (ssl-certificate "/etc/letsencrypt/live/calebh.top/fullchain.pem") (ssl-certificate-key "/etc/letsencrypt/live/calebh.top/privkey.pem") (locations (list (nginx-location-configuration (uri "/") (body (list "proxy_pass http://127.0.0.1:5232/;";; "proxy_pass_header Authorization;" "proxy_set_header Host $host;" "proxy_set_header X-Forwarded- For $proxy_add_x_forwarded_for;" "proxy_set_header X-Forwarded- Proto $scheme;" "proxy_set_header X-Script-Name \"\";")))))))) ;; Website website-deploy-service (service nginx-service-type (nginx-configuration (server-blocks (list (nginx-server-configuration (listen '("443 ssl")) (server-name '("calebh.top")) (root "/srv/http/calebh.top") (ssl-certificate "/etc/letsencrypt/live/calebh.top/fullchain.pem") (ssl-certificate-key "/etc/letsencrypt/live/calebh.top/privkey.pem")))))) (service certbot-service-type (certbot-configuration (certificates (list (certificate-configuration (name "calebh.top") (domains '("calebh.top"))))))) ;; Jellyfin (service elogind-service-type) (service containerd-service-type) (service docker-service-type) (service oci-container-service-type (list (oci-container-configuration (image "jellyfin/jellyfin") (provision "jellyfin") (network "host") (ports '(("8096" . "8096"))) (volumes '("jellyfin-config:/config" "jellyfin-cache:/cache" "/home/caleb/Media:/media"))))) ;; To configure OpenSSH, pass an 'openssh-configuration' ;; record as a second argument to 'service' below. (service openssh-service-type) (service tor-service-type) (service dhcpcd-service-type) (service ntp-service-type)) ;; This is the default list of services we ;; are appending to. %base-services)) (bootloader (bootloader-configuration (bootloader grub-bootloader) (targets (list "/dev/sda")) (keyboard-layout keyboard-layout))) (swap-devices (list (swap-space (target (uuid "889ebe1e-508b-44b8-8a98-e87adf6f25ca"))))) ;; The list of file systems that get "mounted". The unique ;; file system identifiers there ("UUIDs") can be obtained ;; by running 'blkid' in a terminal. (file-systems (cons* (file-system (mount-point "/boot/efi") (device (uuid "8752-E079" 'fat32)) (type "vfat")) (file-system (mount-point "/") (device (uuid "d979d3e7-576e-4405-82c0-f54c95b41c6f" 'ext4)) (type "ext4")) %base-file-systems)))
signature.asc
Description: This is a digitally signed message part
