Container for gn2-fred.genenetwork.org

The gn2-fred.genenetwork.org container is mostly like the production
container, other than the domain name used. It is intended to test any
changes to the deployment (e.g. guix commit changes, new definitions,
etc) to catch as many breakages as possible before they hit
production.

2 files changed, 146 insertions, 0 deletions

diff --git a/gn2-fred-deploy.sh b/gn2-fred-deploy.sh
new file mode 100755
index 0000000..742207a
--- /dev/null
+++ b/gn2-fred-deploy.sh
@@ -0,0 +1,48 @@
+#! /bin/sh -e
+
+# genenetwork-machines --- Guix configuration for genenetwork machines
+# Copyright © 2022, 2024 Arun Isaac <arunisaac@systemreboot.net>
+# Copyright © 2024 Frederick Muriuki Muriithi <fredmanglis@protonmail.com>
+#
+# This file is part of genenetwork-machines.
+#
+# genenetwork-machines is free software: you can redistribute it
+# and/or modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation, either version 3 of
+# the License, or (at your option) any later version.
+#
+# genenetwork-machines is distributed in the hope that it will be
+# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with genenetwork-machines.  If not, see
+# <https://www.gnu.org/licenses/>.
+
+# Build and install genenetwork production container on tux02.
+
+container_script=$(guix system container \
+                        --network \
+                        --load-path=. \
+                        --verbosity=3 \
+                        --share=/export/guix-containers/gn2-fred/var/genenetwork=/var/genenetwork \
+                        --share=/export/guix-containers/gn2-fred/var/lib/acme=/var/lib/acme \
+                        --share=/export/guix-containers/gn2-fred/var/lib/redis=/var/lib/redis \
+                        --share=/export/guix-containers/gn2-fred/var/lib/virtuoso=/var/lib/virtuoso \
+                        --share=/export/guix-containers/gn2-fred/var/log=/var/log \
+                        --share=/export/guix-containers/gn2-fred/etc/genenetwork=/etc/genenetwork \
+                        --share=/export/guix-containers/gn2-fred/var/lib/xapian=/var/lib/xapian \
+                        --share=/export/guix-containers/gn2-fred/var/lib/genenetwork/sqlite/gn-auth=/var/lib/genenetwork/sqlite/gn-auth \
+                        --share=/export/guix-containers/gn2-fred/var/lib/genenetwork/sqlite/genenetwork3=/var/lib/genenetwork/sqlite/genenetwork3 \
+                        --share=/var/run/mysqld=/run/mysqld \
+                        --share=/export/guix-containers/gn2-fred/tmp=/opt/gn/tmp \
+                        --share=/export/guix-containers/gn2-fred/var/genenetwork/sessions=/var/genenetwork/sessions \
+                        --share=/export/guix-containers/gn2-fred/var/lib/genenetwork/uploader=/var/lib/genenetwork/uploader \
+                        --share=/export/guix-containers/gn2-fred/var/lib/genenetwork/sqlite/gn-uploader=/var/lib/genenetwork/sqlite/gn-uploader \
+                        --share=/export/guix-containers/gn2-fred/var/lib/genenetwork/gn-guile=/var/lib/genenetwork/gn-guile \
+                        gn2-fred.scm)
+
+echo $container_script
+sudo ln --force --symbolic $container_script /usr/local/bin/gn2-fred-container
+sudo ln --force --symbolic /usr/local/bin/gn2-fred-container /var/guix/gcroots
diff --git a/gn2-fred.scm b/gn2-fred.scm
new file mode 100644
index 0000000..a32888c
--- /dev/null
+++ b/gn2-fred.scm
@@ -0,0 +1,98 @@
+;;; genenetwork-machines --- Guix configuration for genenetwork machines
+;;; Copyright © 2022–2024 Arun Isaac <arunisaac@systemreboot.net>
+;;; Copyright © 2024 Frederick Muriuki Muriithi <fredmanglis@protonmail.com>
+;;;
+;;; This file is part of genenetwork-machines.
+;;;
+;;; genenetwork-machines is free software: you can redistribute it
+;;; and/or modify it under the terms of the GNU General Public License
+;;; as published by the Free Software Foundation, either version 3 of
+;;; the License, or (at your option) any later version.
+;;;
+;;; genenetwork-machines is distributed in the hope that it will be
+;;; useful, but WITHOUT ANY WARRANTY; without even the implied
+;;; warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+;;; See the GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with genenetwork-machines.  If not, see
+;;; <https://www.gnu.org/licenses/>.
+
+;;; This is the production genenetwork container currently deployed on
+;;; tux04.
+
+(use-modules (gnu)
+             (genenetwork services genenetwork)
+             ((gnu packages admin) #:select (shepherd))
+             (gn services databases)
+             (gnu services databases)
+             (forge acme)
+             (forge nginx)
+             (forge socket))
+
+(define %sql-uri%
+  (string-append "mysql://webqtlout:webqtlout@localhost/db_webqtl?"
+                 "unix_socket=/run/mysqld/mysqld.sock"
+                 "&charset=utf8"
+                 "&ssl_mode=DISABLED"
+                 "&ssl=False"
+                 "&ssl=False"))
+
+(operating-system
+  (host-name "genenetwork-gn2-fred")
+  (timezone "UTC")
+  (locale "en_US.utf8")
+  (bootloader (bootloader-configuration
+               (bootloader grub-bootloader)
+               (targets (list "/dev/sdX"))))
+  (file-systems %base-file-systems)
+  (users %base-user-accounts)
+  (sudoers-file
+   (mixed-text-file "sudoers"
+                    "@include " %sudoers-specification
+                    "\nacme ALL = NOPASSWD: " (file-append shepherd "/bin/herd") " restart nginx\n"))
+  (packages %base-packages)
+  (services (cons* (service forge-nginx-service-type
+                            (forge-nginx-configuration
+                             (http-listen (forge-ip-socket
+                                           (ip "0.0.0.0")
+                                           (port 10790)))
+                             (https-listen (forge-ip-socket
+                                            (ip "0.0.0.0")
+                                            (port 10791)))))
+                   (service acme-service-type
+                            (acme-configuration
+                             (email "arunisaac@systemreboot.net")))
+                   (service genenetwork-service-type
+                            (genenetwork-configuration
+                             (server-name "gn2-fred.genenetwork.org")
+                             (gn-auth-server-name "gn2-fred-auth.genenetwork.org")
+                             (gn2-port 10794)
+                             (gn3-port 10795)
+                             (gn-auth-port 10796)
+                             (sql-uri %sql-uri%)
+                             (xapian-db "/var/lib/xapian")
+                             (sparql-endpoint "http://localhost:9893/sparql")
+                             (gn3-data-directory "/var/genenetwork/data/genenetwork3")
+                             (gn2-secrets "/etc/genenetwork/genenetwork2")
+                             (gn3-secrets "/etc/genenetwork/genenetwork3/gn3-secrets.py")
+                             (gn-auth-secrets "/etc/genenetwork/gn-auth")
+                             (auth-db "/var/lib/genenetwork/sqlite/gn-auth/auth.db")
+                             (llm-db-path "/var/lib/genenetwork/sqlite/genenetwork3/llm.db")
+                             (gn3-alias-server-port 10700)
+                             (gn-tmpdir "/opt/gn/tmp")
+                             (gn-guile-port 8092)
+                             (gn-doc-git-checkout "/var/lib/genenetwork/gn-guile/gn-docs.git")
+                             (log-level 'debug)))
+                   (service gn-uploader-service-type
+                            (gn-uploader-configuration
+                             (server-name "gn2-fred-uploader.genenetwork.org")
+                             (port 10797)
+                             (secrets "/etc/genenetwork/gn-uploader/gn-uploader-secrets.py")
+                             (sql-uri %sql-uri%)
+                             (data-directory "/var/lib/genenetwork/uploader/data")
+                             (auth-server-url "https://gn2-fred-auth.genenetwork.org/")
+                             (gn2-server-url "https://gn2-fred.genenetwork.org")
+                             (sqlite-databases-directory "/var/lib/genenetwork/sqlite/gn-uploader")
+                             (log-level 'debug)))
+                   %base-services)))