Extract common server packages and services

This should improve maintainability a bit by combining common services
running on the servers.

Additionally, this parameterises common parts by servers' host names
instead of the host-name-like symbols as before.

1 files changed, 13 insertions, 52 deletions

diff --git a/tw/system/lud.scm b/tw/system/lud.scm
index fcf86279..5e0ffda0 100644
--- a/tw/system/lud.scm
+++ b/tw/system/lud.scm
@@ -215,51 +215,29 @@ ProxyPass \"/\" \"https://127.0.0.1:48448/\"
   ;; under their own account: use 'guix search KEYWORD' to search
   ;; for packages and 'guix install PACKAGE' to install a package.
   (packages
-   (append (list
-            ;; For nightly yt-dlp.
-            ffmpeg
-            ;; For video downloader.
-            python tor
-            ;; For Nextcloud backup script.
-            btrfs-progs mariadb rsync
-            ;; For Nextcloud. PHP modules must be installed in system
-            ;; profile, as that's referred to in Nextcloud's php.ini.
-            php php-apcu)
-           %common-system-packages
-           %base-packages))
+   (cons*
+    ffmpeg tor   ; for video downloader
+    mariadb      ; for Nextcloud backup script
+    ;; For Nextcloud. PHP modules must be installed in system
+    ;; profile, as that's referred to in Nextcloud's php.ini.
+    php php-apcu
+    %base-system-packages))
 
   ;; Below is the list of system services.  To search for available
   ;; services, run 'guix system search KEYWORD' in a terminal.
   (services
    (append
-    (list (service openssh-service-type
-            (openssh-configuration
-             (port-number 22022)
-             (password-authentication? #f)
-             (accepted-environment '("LANG" "LC_*"))
-             (authorized-keys
-              `(("timo"
-                 ,(local-file "files/timo.pub"))
-                ("ira"   ; for Duplicity backups
-                 ,(local-file "files/kitchen-pc.pub")
-                 ,(local-file "files/wilken-laptop.pub"))))))
+    (list (simple-service 'duplicity-backup-access openssh-service-type
+            `(("ira"   ; for Duplicity backups
+               ,(local-file "files/kitchen-pc.pub")
+               ,(local-file "files/wilken-laptop.pub"))))
 
           (service tor-service-type)
 
-          (service dhcp-client-service-type)
-
-          (service ntp-service-type)
-
           (service thermald-service-type
             (thermald-configuration
              (adaptive? #t)))
 
-          (simple-service 'cronjobs mcron-service-type
-            (list #~(job "0 21 * * *" "guix gc -d 2w -F 25G")
-                  #~(job "0 22 * * *"  ; after guix gc
-                         (string-append #$(file-append util-linux "/sbin/fstrim")
-                                        " --fstab --verbose"))))
-
           ;; Transmission (torrents)
           (service transmission-daemon-service-type
             (transmission-daemon-configuration
@@ -329,31 +307,14 @@ innodb_buffer_pool_size = 1G
 innodb_io_capacity = 4000
 ")))
 
-          ;; Prometheus node exporter
-          (service prometheus-node-exporter-service-type
-            (prometheus-node-exporter-configuration
-             (web-listen-address "10.0.0.2:9100")))
-
           ;; TODO: JSON exporter (Nextcloud)
-
           ;; TODO: Syncthing exporter
-
           ;; TODO: Transmission exporter
-
-          ;; TODO: git-daemon-service-type / cgit-service-type?
-
-          (wireguard-service 'lud))
+          )
 
     nextcloud-services
     matrix-services
-
-    (modify-services %base-services
-      (login-service-type
-       config =>
-       (login-configuration
-        (inherit config)
-        (motd (plain-file "no-motd" ""))
-        (allow-empty-passwords? #f))))))
+    (server-base-services host-name)))
 
   ;; The list of user accounts ('root' is implicit).
   (users