Use forge-nginx-service-type to activate SSL certificatesHEAD main

Use the forge-nginx-service-type rather than the plain nginx-service-type so that we get the SSL certificates setup and maintenance automatically.
author: Frederick Muriuki Muriithi 2024-11-19 11:10:28 -0600
committer: Frederick Muriuki Muriithi 2024-11-26 09:33:07 -0600
commit: 0273e4844f8e14d5b9fe4fd715ff9b87c1bb1e94 (patch)
tree: 969430168319f60233492ef097eed32c26dcb849
parent: b27f75b60d6a75b9ad80562ae8e0ce33f1a2c38b (diff)
download: gn-machines-0273e4844f8e14d5b9fe4fd715ff9b87c1bb1e94.tar.gz
2 files changed, 16 insertions, 9 deletions
diff --git a/public-sparql-deploy.sh b/public-sparql-deploy.sh
index d910747..bee9abf 100755
--- a/public-sparql-deploy.sh
+++ b/public-sparql-deploy.sh
@@ -25,6 +25,7 @@ container_script=$(guix system container \
                         --share=/export2/guix-containers/public-sparql/var/lib/virtuoso=/var/lib/virtuoso \
 			--share=/export2/guix-containers/public-sparql/tmp=/tmp \
 			--share=/export2/guix-containers/public-sparql/var/log=/var/log \
+			--share=/export2/guix-containers/public-sparql/var/lib/acme=/var/lib/acme \
                         public-sparql.scm)
 
 echo $container_script
diff --git a/public-sparql.scm b/public-sparql.scm
index 76c9f3a..f6efb15 100644
--- a/public-sparql.scm
+++ b/public-sparql.scm
@@ -19,15 +19,16 @@
 
 (use-modules (gnu)
              (gn services databases)
-             (gnu services web))
+             (gnu services web)
+             (forge nginx)
+             (forge socket))
 
-(define (virtuoso-reverse-proxy-server-block listen sparql-port)
+(define (virtuoso-reverse-proxy-server-block sparql-port)
   "Return an <nginx-server-configuration> object listening on LISTEN to
 reverse proxy the Virtuoso server. SPARQL-PORT is the port virtuoso's
 SPARQL endpoint is listening on."
   (nginx-server-configuration
    (server-name '("sparql.genenetwork.org"))
-   (listen (list listen))
    (locations
     (list (nginx-location-configuration
            (uri "/")
@@ -35,9 +36,10 @@ SPARQL endpoint is listening on."
                                       (number->string sparql-port) ";")
                        "proxy_set_header Host $host;")))))))
 
-(define %reverse-proxy-port 8990)
+(define %reverse-http-proxy-port 8990)
 (define %virtuoso-port 8981)
 (define %sparql-port 8982)
+(define %reverse-https-proxy-port 8993)
 
 (operating-system
   (host-name "sparql")
@@ -58,10 +60,14 @@ SPARQL endpoint is listening on."
 			     (maximum-dirty-buffers 3000000)
                              (database-file "/var/lib/virtuoso/public-virtuoso.db")
                              (transaction-file "/var/lib/virtuoso/public-virtuoso.trx")))
-                   (service nginx-service-type
-                            (nginx-configuration
+                   (service forge-nginx-service-type
+                            (forge-nginx-configuration
+                             (http-listen (forge-ip-socket
+                                           (ip "0.0.0.0")
+                                           (port %reverse-http-proxy-port)))
+                             (https-listen (forge-ip-socket
+                                            (ip "0.0.0.0")
+                                            (port %reverse-https-proxy-port)))
                              (server-blocks
-                              (list (virtuoso-reverse-proxy-server-block
-                                     (number->string %reverse-proxy-port)
-                                     %sparql-port)))))
+                              (list (virtuoso-reverse-proxy-server-block %sparql-port)))))
                    %base-services)))
author	Frederick Muriuki Muriithi	2024-11-19 11:10:28 -0600
committer	Frederick Muriuki Muriithi	2024-11-26 09:33:07 -0600
commit	0273e4844f8e14d5b9fe4fd715ff9b87c1bb1e94 (patch)
tree	969430168319f60233492ef097eed32c26dcb849
parent	b27f75b60d6a75b9ad80562ae8e0ce33f1a2c38b (diff)
download	gn-machines-0273e4844f8e14d5b9fe4fd715ff9b87c1bb1e94.tar.gz