diff options
| author | Frederick Muriuki Muriithi | 2024-11-19 11:10:28 -0600 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2024-11-26 09:33:07 -0600 |
| commit | 0273e4844f8e14d5b9fe4fd715ff9b87c1bb1e94 (patch) | |
| tree | 969430168319f60233492ef097eed32c26dcb849 | |
| parent | b27f75b60d6a75b9ad80562ae8e0ce33f1a2c38b (diff) | |
| download | gn-machines-0273e4844f8e14d5b9fe4fd715ff9b87c1bb1e94.tar.gz | |
Use forge-nginx-service-type to activate SSL certificates
Use the forge-nginx-service-type rather than the plain nginx-service-type so that we get the SSL certificates setup and maintenance automatically.
| -rwxr-xr-x | public-sparql-deploy.sh | 1 | ||||
| -rw-r--r-- | public-sparql.scm | 24 |
2 files changed, 16 insertions, 9 deletions
diff --git a/public-sparql-deploy.sh b/public-sparql-deploy.sh index d910747..bee9abf 100755 --- a/public-sparql-deploy.sh +++ b/public-sparql-deploy.sh @@ -25,6 +25,7 @@ container_script=$(guix system container \ --share=/export2/guix-containers/public-sparql/var/lib/virtuoso=/var/lib/virtuoso \ --share=/export2/guix-containers/public-sparql/tmp=/tmp \ --share=/export2/guix-containers/public-sparql/var/log=/var/log \ + --share=/export2/guix-containers/public-sparql/var/lib/acme=/var/lib/acme \ public-sparql.scm) echo $container_script diff --git a/public-sparql.scm b/public-sparql.scm index 76c9f3a..f6efb15 100644 --- a/public-sparql.scm +++ b/public-sparql.scm @@ -19,15 +19,16 @@ (use-modules (gnu) (gn services databases) - (gnu services web)) + (gnu services web) + (forge nginx) + (forge socket)) -(define (virtuoso-reverse-proxy-server-block listen sparql-port) +(define (virtuoso-reverse-proxy-server-block sparql-port) "Return an <nginx-server-configuration> object listening on LISTEN to reverse proxy the Virtuoso server. SPARQL-PORT is the port virtuoso's SPARQL endpoint is listening on." (nginx-server-configuration (server-name '("sparql.genenetwork.org")) - (listen (list listen)) (locations (list (nginx-location-configuration (uri "/") @@ -35,9 +36,10 @@ SPARQL endpoint is listening on." (number->string sparql-port) ";") "proxy_set_header Host $host;"))))))) -(define %reverse-proxy-port 8990) +(define %reverse-http-proxy-port 8990) (define %virtuoso-port 8981) (define %sparql-port 8982) +(define %reverse-https-proxy-port 8993) (operating-system (host-name "sparql") @@ -58,10 +60,14 @@ SPARQL endpoint is listening on." (maximum-dirty-buffers 3000000) (database-file "/var/lib/virtuoso/public-virtuoso.db") (transaction-file "/var/lib/virtuoso/public-virtuoso.trx"))) - (service nginx-service-type - (nginx-configuration + (service forge-nginx-service-type + (forge-nginx-configuration + (http-listen (forge-ip-socket + (ip "0.0.0.0") + (port %reverse-http-proxy-port))) + (https-listen (forge-ip-socket + (ip "0.0.0.0") + (port %reverse-https-proxy-port))) (server-blocks - (list (virtuoso-reverse-proxy-server-block - (number->string %reverse-proxy-port) - %sparql-port))))) + (list (virtuoso-reverse-proxy-server-block %sparql-port))))) %base-services))) |