See the tangled file.

1 Config structure

Scheme
#
<<modules>>

<<secrets>>

<<pkg-zinit>>
<<pkg-gitea>>
<<pkg-dendrite>>

<<os>>
modulesScheme
#
(use-modules (gnu) (guix)
             (gnu packages version-control)
             ;; for packaging
             (guix build-system copy) ; zinit
             (guix build-system go) ; gitea, dendrite
             (gnu packages golang) ; gitea, dendrite
             (gnu packages syncthing) ; dendrite
             (gnu packages node) ; gitea
             ((guix licenses) #:prefix license:)
             (guix packages)
             (guix search-paths)
             (guix git-download))

(use-service-modules networking ssh)
(use-package-modules shells)

2 Packages

2.1 Gitea

This is a modified version of guix-bioinformatics/gitea.scm (GPL-3.0). The minimum node version required is 10.13, and Guix just meets this with 10.20.

pkg-giteaScheme
#
(define-public gitea-frontend
  (package
   (name "gitea-frontend")
   (version "1.13.1")
   (source (origin
            (method git-fetch)
            (uri (git-reference
                  (url "https://github.com/go-gitea/gitea.git")
                  (commit (string-append "v" version))))
            (sha256
             (base32
              "11pcyg5r0181g8iggpih418knyjz4dpw9ragr3k13602xrkjhgqi"))))
   (build-system node-build-system)
   (arguments
    '(#:phases
      (modify-phases %standard-phases
                     (replace 'build
                              (lambda _
                                (invoke "make" "frontend"))))))
   (home-page "https://gitea.io/")
   (synopsis "Self-hosted git service")
   (description "Git with a cup of tea, painless self-hosted git service.")
   (license license:bsd-3)))

(define-public gitea
  (package
   (name "gitea")
   (version "1.12.3")
   (source (origin
            (method git-fetch)
            (uri (git-reference
                  (url "https://github.com/go-gitea/gitea.git")
                  (commit (string-append "v" version))))
            (sha256
             (base32
              "11pcyg5r0181g8iggpih418knyjz4dpw9ragr3k13602xrkjhgqi"))))
   (build-system go-build-system)
   (arguments
    `(#:install-source? #f
      #:phases
      (modify-phases %standard-phases
                     (add-before 'build 'prepare-build
                                 (lambda _
                                   (chdir "src")
                                   (setenv "TAGS" "bindata")
                                   ;; npm ERR! correctMkdir failed to make directory /homeless-shelter/.npm/_locks
                                   (setenv "HOME" "/tmp/")
                                   #t))
                     (replace 'build
                              (lambda _
                                (invoke "make" "backend")))
                     (replace 'check
                              (lambda* (#:key tests? #:allow-other-keys)
                                (if tests?
                                    (begin
                                      (invoke "make" "test")
                                      ;; Gitea requires git with lfs support to run tests.
                                        ;(invoke "make" "test-sqlite")
                                      (invoke "make" "test-sqlite-migration"))
                                    #t)))
                     (replace 'install
                              (lambda _
                                (invoke "make" "install")))
                     (add-after 'install 'wrap-program
                                (lambda* (#:key outputs inputs #:allow-other-keys)
                                  (let* ((out (assoc-ref outputs "out"))
                                         (bin (string-append out "/bin/gitea"))
                                         (git (assoc-ref inputs "git")))
                                    (wrap-program bin
                                                  `("PATH" ":" prefix (,(string-append git "/bin")))))
                                  #t)))))
   (native-inputs
    `(("node" ,node)))
   (inputs
    `(("git" ,git)))
   (home-page "https://gitea.io/")
   (synopsis "Self-hosted git service")
   (description "Git with a cup of tea, painless self-hosted git service.")
   (license license:expat)))

2.1.1 Errror

#
building /gnu/store/ga2kb2pm3yn5pvgl01cghlxwgxmsvgis-gitea-1.12.3.drv...
- 'build' phasebuilder for `/gnu/store/ga2kb2pm3yn5pvgl01cghlxwgxmsvgis-gitea-1.12.3.drv' failed with exit code 1
build of /gnu/store/ga2kb2pm3yn5pvgl01cghlxwgxmsvgis-gitea-1.12.3.drv failed

gitea-build-log.txt

The important bit looks to be the following:

#
starting phase `prepare-build'
phase `prepare-build' succeeded after 0.0 seconds
starting phase `build'
fatal: not a git repository (or any of the parent directories): .git
npm install --no-save
npm ERR! code ENOTFOUND
npm ERR! errno ENOTFOUND
npm ERR! network request to https://registry.npmjs.org/core-js/-/core-js-2.6.11.tgz failed, reason: getaddrinfo ENOTFOUND registry.npmjs.org registry.npmjs.org:443
npm ERR! network This is a problem related to network connectivity.
npm ERR! network In most cases you are behind a proxy or have bad network settings.
npm ERR! network
npm ERR! network If you are behind a proxy, please make sure that the
npm ERR! network 'proxy' config is set properly.  See: 'npm help config'

npm ERR! A complete log of this run can be found in:
npm ERR!     /tmp/.npm/_logs/2021-01-13T16_21_51_709Z-debug.log
make: *** [Makefile:581: node_modules] Error 1
command "make" "build" failed with status 2

Some googling gives results for NixOS, but no solutions that I could see.

2.2 Caddy

I like the look of this, it seems nicer for hobbyist usage than nginx.

Scheme
#
(define-public caddy
  (package
   (name "caddy")
   (version "2.3.0")
   (source (origin
            (method git-fetch)
            (uri (git-reference
                  (url "https://github.com/caddyserver/caddy.git")
                  (commit (string-append "v" version))))
            (sha256
             (base32
              "03cbbr8z9g156lgx7pyn1p1i4mh8ayhhhv24r1z3h1vgq6y4ka7r"))))
   (build-system go-build-system)
   (arguments
    `(#:install-source? #f
      #:phases
      (modify-phases %standard-phases
                     (add-before 'build 'prepare-build
                                 (lambda _
                                   (invoke "go" "mod" "init" "caddy")
                                   (setenv "GO111MODULE" "on")
                                   #t)))))
   (home-page "https://caddyserver.com")
   (synopsis "Fast, multi-platform web server with automatic HTTPS")
   (description "Fast, multi-platform web server with automatic HTTPS")
   (license license:expat)))

2.2.1 Error

#
building /gnu/store/frp9rp3my938kp1z3839qimai815hwxb-caddy-2.3.0.drv...
\ 'build' phasebuilder for `/gnu/store/frp9rp3my938kp1z3839qimai815hwxb-caddy-2.3.0.drv' failed with exit code 1
build of /gnu/store/frp9rp3my938kp1z3839qimai815hwxb-caddy-2.3.0.drv failed

caddy-build-log.txt

This fishy section

#
starting phase `prepare-build'
go: creating new go.mod: module caddy
phase `prepare-build' succeeded after 0.0 seconds
starting phase `build'
go: warning: ignoring go.mod in system temp root /tmp/guix-build-caddy-2.3.0.drv-0
$GOPATH/go.mod exists but should not
Building '' failed.
Here are the results of `go env`:
go: warning: ignoring go.mod in system temp root /tmp/guix-build-caddy-2.3.0.drv-0
$GOPATH/go.mod exists but should not
command "go" "env" failed with status 1

2.3 zinit

pkg-zinitScheme
#
(define-public zinit
  (package
   (name "zinit")
   (version "3.5")
   (source (origin
            (method git-fetch)
            (uri (git-reference
                  (url "https://github.com/zdharma/zinit.git")
                  (commit (string-append "v" version))))
            (sha256
             (base32
              "0wx6561j8xc88j664k1gnbijfjrc2wax6bwms16ri5cni9qdqsjc"))))
   (build-system copy-build-system)
   (arguments
    `(#:install-plan
      (let ((destination "")
            (sources '("zinit.zsh" "zinit-side.zsh" "zinit-autoload.zsh"
                       "zinit-install.zsh" "_zinit"
                       ;; folders
                       "zmodules/" "share/")))
        (map (lambda (source)
               (list source (string-append destination source))) sources))))
   (inputs `(("zsh" ,zsh)))
   (native-search-paths
    (list (search-path-specification
           (variable "ZINIT_BIN_DIR")
           (files (list "/some/random/dir")))))
   (synopsis "Ultra-flexible and fast Zsh plugin manager with clean fpath, reports, completion management, Turbo, annexes, services, packages.")
   (description "Ultra-flexible and fast Zsh plugin manager with clean fpath, reports, completion management, Turbo, annexes, services, packages.")
   (home-page "https://github.com/zdharma/zinit")
   (license license:expat)))

2.3.1 Setting up env an init files

Kindly provided example from someone else:

so first I needed to create a conf file for my server

Scheme
#
(define %gemini-config
  (mixed-text-file
   "gmnisrv.ini" "
# Space-separated list of hosts
listen=0.0.0.0:1965 [::]:1965

[:tls]
# Path to store certificates on disk
store=/var/lib/gemini/certs

# Optional details for new certificates
organization=gmnisrv user

[mugglesinparis.com]
root=" muggles-in-paris "/dist"))

the mixed-text-file takes string arguments. The car of this list is the name of the file the other strings are concatinated I added it to my operating-system configuration

Scheme
#
      (service gmnisrv-service-type
               (gmnisrv-configuration
                (config-file %gemini-config))) ; here

What it does is create a file in the store and symlinks it to the correct place I also did the same for my guix channels

Scheme
#
      (extra-special-file "/etc/guix/channels.scm"
              %guix-channels) ; guix-channels is a scheme file-like object

it looks like this

Scheme
#
(define %guix-channels
  (scheme-file
        "channels.scm"
        #~(cons* (channel
                  (name 'orange)
                  (url "https://git.sr.ht/~elais/orange")
                  (introduction
                   (make-channel-introduction
                    "07371d9115e710bfa485bf10c62c2cff70571742"
                    (openpgp-fingerprint
                     "70E3 D738 9976 71A6 E8F7 A36B E433 58CF A463 9133"))))
                 %default-channels)))

scheme-file takes a scheme expression and outputs it to a file so what you would want to do is something like

Scheme
#
(define %zinit-variables
  (text-file
   "zinitvars"
"
ZINIT_BIN = $XDG_CONFIG_HOME
...
"

Then add this service

Scheme
#
(extra-special-file "/etc/zinit/vars" %zinit-variables)

I’m theorycrafting this so you should play around with it

3 OS Declaration

osScheme
#
(operating-system
 (locale "en_AU.utf8")
 (timezone "Australia/Perth")
 (keyboard-layout (keyboard-layout "us" "altgr-intl"))
 (host-name "vanguard")
 <<users>>
 <<packages>>
 (services
  (cons*
   (service openssh-service-type
            (openssh-configuration
             (permit-root-login 'without-password)
             (authorized-keys `(("root" ,(plain-file "ssh-auth-key" (assoc-ref secrets 'ssh-auth-key)))
                                ("tec"  ,(plain-file "ssh-auth-key" (assoc-ref secrets 'ssh-auth-key)))))))
   (service dhcp-client-service-type)
   %base-services))
 (bootloader
  (bootloader-configuration
   (bootloader grub-efi-bootloader)
   (target "/boot/efi")
   (keyboard-layout keyboard-layout)))
 (swap-devices (list "/dev/sda2"))
 (file-systems
  (cons* (file-system
          (mount-point "/boot/efi")
          (device (uuid "DE79-E3DB" 'fat32))
          (type "vfat"))
         (file-system
          (mount-point "/")
          (device
           (uuid "347490f2-eebc-4302-b0ef-c0a43bb50f83"
                 'ext4))
          (type "ext4"))
         %base-file-systems)))
usersScheme
#
(users (cons*
        (user-account
         (name "root")
         (uid 0)
         (group "root")
         (home-directory "/root")
         (password (assoc-ref secrets 'root-pwd-hash)))
        (user-account
         (name "tec")
         (group "users")
         (supplementary-groups '("wheel")) ; the good ol' CD-ROM
         (home-directory "/home/tec")
         (password (assoc-ref secrets 'tec-pwd-hash))
         (shell #~(string-append #$zsh "/bin/zsh")))
        %base-user-accounts))
packagesScheme
#
(packages
 (cons*
  git git-lfs
  zsh ; zinit
  dendrite
  ;; gitea
  ;; caddy
  (specification->package "nss-certs")
  %base-packages))

3.1 Secrets

secretsScheme
#
(define secrets
  '((ssh-auth-key  . "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOZZqcJOLdN+QFHKyW8ST2zz750+8TdvO9IT5geXpQVt tranquillity")
    (root-pwd-hash . "$6$3z1JnRksTay42Ino$/UVob0Bt8ctNzLkcfU1XYxpKX3X.4jhhuwYZxxzmkZtOzEZRtA3dUZvedndwwnbB5qWXWTdphBqoJ1cdGVpxK1")
    (tec-pwd-hash  . "$6$xmJvSf.vf0zjvBEr$RQfGYGhwFXVvbonnkrYIHjkpR6PKJMKWdgmYt3rSUtgqKvEqQs/KzSxwN.41j56vxU34QUIpH8XXO/9qGOCQS1")))

Date: 2021-01-02

Author: TEC

Created: 2021-01-31 Sun 01:21