1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154
(define-module (hidamari-blue captcha) #:use-module (guix packages) #:use-module (guix download) #:use-module (guix records) #:use-module (ice-9 match) #:use-module (guix gexp) #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (gnu services web) #:use-module (gnu system shadow) #:use-module (gnu packages admin) #:use-module (gnu packages web) #:use-module (gnu packages base) #:use-module (guix build-system gnu) #:use-module ((guix licenses) #:prefix license:) #:use-module (gnu packages guile) #:export (captcha-configuration captcha captcha-service-type captcha-nginx-block)) (define captcha (package (name "captcha") (version "0.2") (source (origin (method url-fetch) (uri (string-append "https://hidamari.blue/git/captcha/release/captcha-" version ".tar.bz2")) (sha256 (base32 "0wpnpnxvf3469y2c8vi7avg2qckzbbylbddvqqzrg0dw576lgjwj")))) (build-system gnu-build-system) (arguments `(#:phases (modify-phases %standard-phases (delete 'configure) ;; TODO build with autotools (delete 'build) (delete 'check) (replace 'install (lambda* (#:key outputs #:allow-other-keys) (define out (string-append (assoc-ref %outputs "out"))) (call-with-output-file "run-captcha.sh" (lambda (port) (display (string-append "#!" (which "sh") "\n" "GUILE_LOAD_COMPILED_PATH=" (getenv "GUILE_LOAD_COMPILED_PATH") " GUILE_LOAD_PATH=" (getenv "GUILE_LOAD_PATH") " " (which "guile") "--no-auto-compile -L " out " -e main-fibers" " -s " out "/main.scm") port))) (chmod "run-captcha.sh" #o555) (copy-recursively "." out) #t))))) (inputs `(("guile" ,guile-2.2) ("guile-fibers" ,guile-fibers))) (native-inputs `(("which" ,which))) (synopsis "web captcha server") (description "captcha with 2hus") (home-page "http://captcha.hidamari-blue") (license license:agpl3))) (define-record-type* <captcha-configuration> captcha-configuration make-captcha-configuration captcha-configuration? (captcha captcha-configuration-captcha ;<package> (default captcha)) (guile captcha-configuration-guile ;<package> (default guile-2.2))) (define captcha-shepherd-service (match-lambda (($ <captcha-configuration> captcha guile) ;; TODO get user from config user (let ((user "captcha") (group "captcha")) (list (shepherd-service (provision '(captcha)) (documentation "Run the captcha web service.") (requirement '(networking)) (start #~(make-forkexec-constructor '(;; #$(file-append guix "/bin/guix" "environment" "captcha" "--") ;; #$(file-append guile "/bin/guile") ;; "-L" #$captcha ;; "-e" "main-fibers" ;; "-s" ;; #$(file-append captcha "/main.scm") #$captcha "/run-captcha.sh" ) #:user #$user #:group #$group)) (stop #~(make-kill-destructor)))))))) (define (captcha-accounts _) (filter identity (list (user-group (name "captcha") (system? #t)) (user-account (name "captcha") (group "captcha") (system? #t) (comment "web captcha user") (home-directory "/var/empty") (shell (file-append shadow "/sbin/nologin")))))) (define (captcha-nginx-block site-domain) ;; TODO custom paths and ssl (nginx-server-configuration (server-name (list site-domain)) (root "/var/www/captcha/") ;; (http-port #f) (ssl-certificate "/etc/letsencrypt/live/captcha.hidamari.blue/fullchain.pem") (ssl-certificate-key "/etc/letsencrypt/live/captcha.hidamari.blue/privkey.pem") (server-tokens? #f) (locations (list (nginx-location-configuration (uri "/file") (body (list "alias /var/www/captcha/file;"))) (nginx-location-configuration (uri "/private") (body (list "deny all;"))) (nginx-location-configuration (uri "/") (body (list "if ($scheme = http) {" " return 301 https://$host$request_uri;" "}" "proxy_pass http://127.0.0.1:8084;" "proxy_set_header Host $host;" "proxy_set_header X-Real-IP $remote_addr;" "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;"))))))) (define captcha-service-type (service-type (name 'captcha) (extensions (list (service-extension shepherd-root-service-type captcha-shepherd-service) ;; TODO write init/activation extension for captcha-population (service-extension account-service-type captcha-accounts) )) (default-value (captcha-configuration))))