(use-modules (gnu) ((gnu packages admin) #:select (shepherd)) (forge acme) (forge cgit) (forge nginx) (forge socket)) (operating-system (host-name "forge") (timezone "UTC") (locale "en_US.utf8") (bootloader (bootloader-configuration (bootloader grub-bootloader) (targets (list "/dev/sdX")))) (file-systems %base-file-systems) (sudoers-file (mixed-text-file "sudoers" "@include " %sudoers-specification ;; Permit the acme user to restart nginx. "\nacme ALL = NOPASSWD: " (file-append shepherd "/bin/herd") " restart nginx\n")) (services (cons* (service cgit-service-type (cgit-configuration (server-name "git.example.org") (repository-directory "/srv/git"))) (service forge-nginx-service-type (forge-nginx-configuration (http-listen (forge-ip-socket (ip "0.0.0.0") (port 8080))) (https-listen (forge-ip-socket (ip "0.0.0.0") (port 4443))))) (service acme-service-type (acme-configuration (email "foo@example.org"))) %base-services)))