aboutsummaryrefslogtreecommitdiff
path: root/production.scm
blob: d8de09d2996c947e0ffc3c07e2d4a511e6737006 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
;;; genenetwork-machines --- Guix configuration for genenetwork machines
;;; Copyright © 2022–2024 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2024 Frederick Muriuki Muriithi <fredmanglis@protonmail.com>
;;;
;;; This file is part of genenetwork-machines.
;;;
;;; genenetwork-machines is free software: you can redistribute it
;;; and/or modify it under the terms of the GNU General Public License
;;; as published by the Free Software Foundation, either version 3 of
;;; the License, or (at your option) any later version.
;;;
;;; genenetwork-machines is distributed in the hope that it will be
;;; useful, but WITHOUT ANY WARRANTY; without even the implied
;;; warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
;;; See the GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with genenetwork-machines.  If not, see
;;; <https://www.gnu.org/licenses/>.

;;; This is the production genenetwork container currently deployed on
;;; tux04.

(use-modules (gnu)
             (genenetwork services genenetwork)
             ((gnu packages admin) #:select (shepherd))
             (gn services databases)
             (gnu services databases)
             (forge acme)
             (forge nginx)
             (forge socket))

(operating-system
  (host-name "genenetwork-production")
  (timezone "UTC")
  (locale "en_US.utf8")
  (bootloader (bootloader-configuration
               (bootloader grub-bootloader)
               (targets (list "/dev/sdX"))))
  (file-systems %base-file-systems)
  (users %base-user-accounts)
  (sudoers-file
   (mixed-text-file "sudoers"
                    "@include " %sudoers-specification
                    "\nacme ALL = NOPASSWD: " (file-append shepherd "/bin/herd") " restart nginx\n"))
  (packages %base-packages)
  (services (cons* (service mysql-service-type
                            (mysql-configuration
                             (auto-upgrade? #f)))
                   (service virtuoso-service-type
                            (virtuoso-configuration
                             (server-port 9892)
                             (http-server-port 9893)
                             (dirs-allowed "/var/lib/virtuoso")
                             (number-of-buffers 4000000)
                             (maximum-dirty-buffers 3000000)
                             (database-file "/var/lib/virtuoso/genenetwork-virtuoso.db")
                             (transaction-file "/var/lib/virtuoso/genenetwork-virtuoso.trx")))
                   (service forge-nginx-service-type
                            (forge-nginx-configuration
                             (http-listen (forge-ip-socket
                                           (ip "0.0.0.0")
                                           (port 9890)))
                             (https-listen (forge-ip-socket
                                            (ip "0.0.0.0")
                                            (port 9891)))))
                   (service acme-service-type
                            (acme-configuration
                             (email "arunisaac@systemreboot.net")))
                   (service redis-service-type
                            (redis-configuration
                             (bind "127.0.0.1")
                             (port 6379)
                             (working-directory "/var/lib/redis")))
                   (service genenetwork-service-type
                            (genenetwork-configuration
                             (server-name "gn2-fred.genenetwork.org")
                             (gn-auth-server-name "auth.genenetwork.org")
                             (gn2-port 9894)
                             (gn3-port 9895)
                             (gn-auth-port 9896)
                             (sql-uri "mysql://webqtlout:webqtlout@localhost/db_webqtl")
                             (xapian-db "/var/lib/xapian")
                             (sparql-endpoint "http://localhost:9893/sparql")
                             (gn3-data-directory "/var/genenetwork/data/genenetwork3")
                             (gn2-secrets "/etc/genenetwork/genenetwork2")
                             (gn3-secrets "/etc/genenetwork/genenetwork3/gn3-secrets.py")
                             (gn-auth-secrets "/etc/genenetwork/gn-auth")
                             (auth-db "/var/lib/genenetwork-sqlite/auth.db")
                             (llm-db-path "/var/lib/genenetwork-gnqa/llm.db")
                             (gn3-alias-server-port 9800)
                             (log-level 'debug)))
                   %base-services)))