(define-module (glicid services vpn) #:use-module (guix gexp) #:use-module (gnu packages bash) #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (guix records) #:use-module (gnu system shadow) #:use-module (glicid packages vpn) #:use-module (ice-9 match) #:export ( %netbird-accounts %netbird-user %netbird-group %netbird-activation netbird-configuration netbird-configuration? netbird-shepherd-service netbird-service-type )) (define %netbird-group (user-group (name "netbird") (system? #t))) (define %netbird-user (user-account (name "netbird") (group "netbird") (system? #t) (comment "netbird server user") (home-directory "/etc/netbird") (shell (file-append bash "/bin/bash")))) (define %netbird-accounts (list %netbird-group %netbird-user)) (define-record-type* netbird-configuration make-netbird-configuration netbird-configuration? (instance-name instance-name (default '(netbird))) (netbird netbird (default netbird-cli)) (config-file config-file (default "/etc/netbird/config.json")) (daemon-addr daemon-addr (default "unix:///var/run/netbird.sock")) (log-file log-file (default "/var/log/netbird.log"))) (define %netbird-activation #~(begin (mkdir-p "/etc/netbird") #t)) (define netbird-shepherd-service (match-lambda (($ instance-name netbird config-file daemon-addr log-file) (list (shepherd-service (provision instance-name) (documentation "Run netbird daemon.") (requirement '(user-processes networking)) (respawn? #t) (start #~(make-forkexec-constructor (list (string-append #$netbird "/bin/netbird") "service" "run" "--config" #$config-file "--log-level" "info" "--daemon-addr" #$daemon-addr "--log-file" "console") #:environment-variables (list "PATH=/run/current-system/profile/bin:/run/current-system/profile/sbin:/run/current-system/profile/libexec" "CURL_CA_BUNDLE=/run/current-system/profile/etc/ssl/certs/ca-certificates.crt" "SSL_CERT_FILE=/run/current-system/profile/etc/ssl/certs/ca-certificates.crt" "SSL_CERT_DIR=/run/current-system/profile/etc/ssl/certs") #:log-file #$log-file )) (stop #~(make-kill-destructor))))))) (define netbird-service-type (service-type (name 'netbird) (default-value (netbird-configuration)) (extensions (list (service-extension activation-service-type (const %netbird-activation)) (service-extension shepherd-root-service-type netbird-shepherd-service))) (description "run netbird vpn service")))