Add system configuration.
This commit is contained in:
parent
224e3ccda1
commit
3719183b30
|
@ -0,0 +1,278 @@
|
|||
(use-modules
|
||||
(gnu)
|
||||
(gnu system nss)
|
||||
(gnu system setuid)
|
||||
(rg packages suckless)
|
||||
(rg services base))
|
||||
(use-package-modules
|
||||
aspell
|
||||
certs
|
||||
disk
|
||||
fonts
|
||||
fontutils
|
||||
freedesktop
|
||||
glib
|
||||
gnome
|
||||
gstreamer
|
||||
kde-frameworks
|
||||
linux
|
||||
lisp
|
||||
polkit
|
||||
qt
|
||||
wm
|
||||
xorg
|
||||
xdisorg)
|
||||
(use-service-modules
|
||||
authentication
|
||||
avahi
|
||||
certbot
|
||||
cups
|
||||
dbus
|
||||
desktop
|
||||
dns
|
||||
linux
|
||||
networking
|
||||
pm
|
||||
security-token
|
||||
sound
|
||||
virtualization
|
||||
vpn
|
||||
xorg)
|
||||
|
||||
(operating-system
|
||||
;; Use LTS versions of the kernel.
|
||||
(kernel linux-libre-lts)
|
||||
(kernel-arguments
|
||||
(append
|
||||
(list
|
||||
;; Enable fan control from userspace.
|
||||
"thinkpad_acpi.fan_control=1")
|
||||
%default-kernel-arguments))
|
||||
(keyboard-layout
|
||||
(keyboard-layout "us"))
|
||||
(bootloader
|
||||
(bootloader-configuration
|
||||
(bootloader
|
||||
;; Don't install Grub binaries on disk,
|
||||
;; but still generate Grub configuration.
|
||||
(bootloader
|
||||
(inherit grub-bootloader)
|
||||
(installer #~(const #t))))
|
||||
(keyboard-layout keyboard-layout)))
|
||||
(label "secondary")
|
||||
(host-name "secondary")
|
||||
(mapped-devices
|
||||
(append
|
||||
;; LUKS
|
||||
(list
|
||||
(mapped-device
|
||||
(source
|
||||
(uuid "7a0cbb90-7f10-4db9-a5cb-0c923f8e560a"))
|
||||
(targets
|
||||
(list
|
||||
"secondary"))
|
||||
(type luks-device-mapping)))
|
||||
;; LVM
|
||||
(list
|
||||
(mapped-device
|
||||
(source "secondary")
|
||||
(targets
|
||||
(list
|
||||
"secondary-root"
|
||||
"secondary-swap"))
|
||||
(type lvm-device-mapping)))))
|
||||
(file-systems
|
||||
(append
|
||||
(list
|
||||
(file-system
|
||||
(type "btrfs")
|
||||
(mount-point "/")
|
||||
(device "/dev/mapper/secondary-root")
|
||||
(flags '(no-atime))
|
||||
(options "space_cache=v2")
|
||||
(needed-for-boot? #t)
|
||||
(dependencies mapped-devices)))
|
||||
%base-file-systems))
|
||||
(swap-devices
|
||||
(append
|
||||
(list
|
||||
(swap-space
|
||||
(target "/dev/mapper/secondary-swap")
|
||||
(dependencies mapped-devices)))))
|
||||
(users
|
||||
(append
|
||||
(list
|
||||
(user-account
|
||||
(name "rg")
|
||||
(comment "Raghav Gururajan")
|
||||
(group "users")
|
||||
(supplementary-groups
|
||||
'("audio" "cdrom" "kvm" "libvirt" "lp"
|
||||
"netdev" "tape" "tor" "video" "wheel"))))
|
||||
%base-user-accounts))
|
||||
(packages
|
||||
(append
|
||||
;; Certificates
|
||||
(list
|
||||
nss-certs)
|
||||
;; Dictionaries
|
||||
(list
|
||||
aspell-dict-en
|
||||
hunspell-dict-en
|
||||
hunspell-dict-en-ca)
|
||||
;; Fonts
|
||||
(list
|
||||
font-google-noto)
|
||||
;; Icons
|
||||
(list
|
||||
adwaita-icon-theme
|
||||
breeze-icons
|
||||
hicolor-icon-theme
|
||||
oxygen-icons)
|
||||
;; Languages
|
||||
(list
|
||||
sbcl)
|
||||
;; Modules
|
||||
(list
|
||||
sbcl-stumpwm-ttf-fonts)
|
||||
;; Plugins
|
||||
(list
|
||||
gst-plugins-base
|
||||
gst-plugins-bad
|
||||
gst-plugins-good
|
||||
gst-plugins-ugly)
|
||||
;; Programs
|
||||
(list
|
||||
dbus
|
||||
desec-certbot-hook
|
||||
network-manager-applet
|
||||
st-custom
|
||||
stumpwm
|
||||
`(,stumpwm "lib")
|
||||
xinit)
|
||||
%base-packages))
|
||||
(timezone "America/Toronto")
|
||||
(locale "en_CA.UTF-8")
|
||||
(name-service-switch %mdns-host-lookup-nss)
|
||||
(services
|
||||
(append
|
||||
;; Device
|
||||
(list
|
||||
(service cups-service-type
|
||||
(cups-configuration
|
||||
(web-interface? #t)))
|
||||
(service inputattach-service-type
|
||||
(inputattach-configuration
|
||||
(device-type "wacom")
|
||||
(device "/dev/ttyS4")
|
||||
(baud-rate 38400)))
|
||||
(service sane-service-type)
|
||||
(service udisks-service-type
|
||||
(udisks-configuration)))
|
||||
;; Display
|
||||
(list
|
||||
(service colord-service-type)
|
||||
(service xorg-server-service-type
|
||||
(xorg-configuration
|
||||
(modules
|
||||
;; Load these driver modules only.
|
||||
(list
|
||||
xf86-input-libinput
|
||||
xf86-video-intel))
|
||||
(drivers
|
||||
;; Use intel specific video driver.
|
||||
(list
|
||||
"intel"))
|
||||
(keyboard-layout keyboard-layout))))
|
||||
;; Memory
|
||||
(list
|
||||
(service earlyoom-service-type))
|
||||
;; Network
|
||||
(list
|
||||
(service avahi-service-type)
|
||||
(service bitmask-service-type)
|
||||
(service bluetooth-service-type
|
||||
(bluetooth-configuration
|
||||
(auto-enable? #t)))
|
||||
(service dnsmasq-service-type
|
||||
(dnsmasq-configuration
|
||||
(no-resolv? #t)
|
||||
(servers
|
||||
(list
|
||||
"9.9.9.9"
|
||||
"2620:fe::fe"
|
||||
"149.112.112.112"
|
||||
"2620:fe::9"))))
|
||||
(service modem-manager-service-type)
|
||||
(service network-manager-service-type
|
||||
(network-manager-configuration
|
||||
(dns "none")))
|
||||
(service ntp-service-type)
|
||||
(service tor-service-type)
|
||||
(service usb-modeswitch-service-type)
|
||||
(service wpa-supplicant-service-type))
|
||||
;; Power
|
||||
(list
|
||||
(service thermald-service-type
|
||||
(thermald-configuration
|
||||
(ignore-cpuid-check? #t)))
|
||||
(service tlp-service-type)
|
||||
(service upower-service-type))
|
||||
;; Security
|
||||
(list
|
||||
(service accountsservice-service-type)
|
||||
(service certbot-service-type
|
||||
(certbot-configuration
|
||||
(email "admin@raghavgururajan.name")
|
||||
(certificates
|
||||
(list
|
||||
(certificate-configuration
|
||||
(name "nearlyfreespeech")
|
||||
(domains '("www.raghavgururajan.name"))
|
||||
(challenge "dns")
|
||||
(authentication-hook "/run/current-system/profile/etc/desec/hook.sh")
|
||||
(cleanup-hook "/run/current-system/profile/etc/desec/hook.sh"))))))
|
||||
(service elogind-service-type)
|
||||
(service fprintd-service-type)
|
||||
(service polkit-service-type)
|
||||
(service pcscd-service-type))
|
||||
;; Sound
|
||||
(list
|
||||
(service alsa-service-type)
|
||||
(service pulseaudio-service-type))
|
||||
;; Virtualization
|
||||
(list
|
||||
(service libvirt-service-type)
|
||||
(service qemu-binfmt-service-type
|
||||
(qemu-binfmt-configuration
|
||||
(platforms
|
||||
(lookup-qemu-platforms "x86_64"))))
|
||||
(service virtlog-service-type))
|
||||
(modify-services %base-services
|
||||
;; Automatically login at startup.
|
||||
(mingetty-service-type config =>
|
||||
(auto-login-to-tty
|
||||
config "tty2" "rg"))
|
||||
(guix-service-type config =>
|
||||
(guix-configuration
|
||||
(inherit config)
|
||||
(substitute-urls
|
||||
(append
|
||||
(list
|
||||
"https://substitutes.nonguix.org")
|
||||
%default-substitute-urls))
|
||||
(authorized-keys
|
||||
(append
|
||||
(list
|
||||
(plain-file "0cool.pub" "(public-key (ecc (curve Ed25519) (q #284DEDDA9B73063F7CFCDFDF06DD7C543DF25E5254621388D3152320A5A5EF14#)))")
|
||||
(plain-file "guixrus.pub" "(public-key (ecc (curve Ed25519) (q #5397B4B2CF9034070FB4248EFFBD794000E4AEA4741E65D48081064AD8FC65DA#)))")
|
||||
(plain-file "nonguix.pub" "(public-key (ecc (curve Ed25519) (q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)))"))
|
||||
%default-authorized-guix-keys)))))))
|
||||
(setuid-programs
|
||||
(append
|
||||
(list
|
||||
(setuid-program
|
||||
(program
|
||||
(file-append util-linux "/sbin/losetup"))))
|
||||
%setuid-programs)))
|
||||
|
Loading…
Reference in New Issue