.
This commit is contained in:
parent
c0069f400e
commit
7f6d64d599
4 changed files with 132 additions and 56 deletions
75
config.org
75
config.org
|
@ -43,13 +43,13 @@ This is to be run after setting up the partitions.
|
|||
- gnu
|
||||
- gnu image
|
||||
- zilti packages hyprland
|
||||
- gnu packages gnome
|
||||
- gnu services admin
|
||||
- gnu services authentication
|
||||
- gnu services base
|
||||
- gnu services configuration
|
||||
- gnu services dbus
|
||||
- gnu services desktop
|
||||
- gnu services docker
|
||||
- gnu services linux
|
||||
- gnu services networking
|
||||
- gnu services pm
|
||||
|
@ -86,6 +86,8 @@ This is to be run after setting up the partitions.
|
|||
- emacs-xyz
|
||||
- fonts
|
||||
- gl
|
||||
- gnome
|
||||
- linux
|
||||
- pciutils
|
||||
- readline
|
||||
- terminals
|
||||
|
@ -209,6 +211,7 @@ These services are unmodified, or have just few settings.
|
|||
| tlp | () |
|
||||
| thermald | ((adaptive? #t)) |
|
||||
| bluetooth | () |
|
||||
| docker | () |
|
||||
| earlyoom | ((minimum-available-memory 5) (minimum-free-swap 5)) |
|
||||
| inputattach | () |
|
||||
| libvirt | ((unix-sock-group "libvirt")) |
|
||||
|
@ -360,9 +363,77 @@ This is the full operating system specification.
|
|||
(name "zilti")
|
||||
(group "users")
|
||||
(supplementary-groups
|
||||
'("avahi" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "seat")))
|
||||
'("avahi" "docker" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "seat")))
|
||||
%base-user-accounts))
|
||||
<<root-package-block>>
|
||||
<<root-services-block>>
|
||||
(name-service-switch %mdns-host-lookup-nss))
|
||||
#+end_src
|
||||
|
||||
* Other Components
|
||||
|
||||
** Podman
|
||||
|
||||
Podman needs the files =/etc/subuid= and =/etc/subgid=.
|
||||
|
||||
#+begin_src fundamental :tangle etc/subuid :mkdirp yes
|
||||
zilti:1001:65536
|
||||
#+end_src
|
||||
|
||||
#+begin_src fundamental :tangle etc/subgid :mkdirp yes
|
||||
zilti:1000:1000
|
||||
#+end_src
|
||||
|
||||
Then, there is the =policy.json=:
|
||||
|
||||
#+begin_src json :tangle podman/policy.json :mkdirp yes
|
||||
{
|
||||
"default": [
|
||||
{
|
||||
"type": "reject"
|
||||
}
|
||||
],
|
||||
"transports": {
|
||||
"docker": {
|
||||
"docker.io": [
|
||||
{
|
||||
"type": "insecureAcceptAnything"
|
||||
}
|
||||
],
|
||||
"docker.io/library": [
|
||||
{
|
||||
"type": "insecureAcceptAnything"
|
||||
}
|
||||
],
|
||||
"registry.access.redhat.com": [
|
||||
{
|
||||
"type": "signedBy",
|
||||
"keyType": "GPGKeys",
|
||||
"keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"
|
||||
}
|
||||
],
|
||||
"registry.redhat.io": [
|
||||
{
|
||||
"type": "signedBy",
|
||||
"keyType": "GPGKeys",
|
||||
"keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"
|
||||
}
|
||||
]
|
||||
},
|
||||
"docker-daemon": {
|
||||
"": [
|
||||
{
|
||||
"type": "insecureAcceptAnything"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
#+end_src
|
||||
|
||||
And finally the registries.
|
||||
|
||||
#+begin_src conf :tangle podman/registries.conf :mkdirp yes
|
||||
[registries.search]
|
||||
registries = ["docker.io", "registry.access.redhat.com", "quay.io"]
|
||||
#+end_src
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
(gnu)
|
||||
(gnu image)
|
||||
(zilti packages hyprland)
|
||||
(gnu packages gnome)
|
||||
(gnu services admin)
|
||||
(gnu services authentication)
|
||||
(gnu services base)
|
||||
(gnu services configuration)
|
||||
(gnu services dbus)
|
||||
(gnu services desktop)
|
||||
(gnu services docker)
|
||||
(gnu services linux)
|
||||
(gnu services networking)
|
||||
(gnu services pm)
|
||||
|
@ -29,6 +29,8 @@
|
|||
emacs-xyz
|
||||
fonts
|
||||
gl
|
||||
gnome
|
||||
linux
|
||||
pciutils
|
||||
readline
|
||||
terminals
|
||||
|
@ -72,7 +74,7 @@
|
|||
(name "zilti")
|
||||
(group "users")
|
||||
(supplementary-groups
|
||||
'("avahi" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "seat")))
|
||||
'("avahi" "docker" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "seat")))
|
||||
%base-user-accounts))
|
||||
(packages
|
||||
(append
|
||||
|
@ -120,6 +122,9 @@
|
|||
(service
|
||||
bluetooth-service-type
|
||||
(bluetooth-configuration))
|
||||
(service
|
||||
docker-service-type
|
||||
(docker-configuration))
|
||||
(service
|
||||
earlyoom-service-type
|
||||
(earlyoom-configuration
|
||||
|
|
|
@ -906,10 +906,10 @@ Point must be at the beginning of balanced expression (sexp)."
|
|||
|
||||
;; Magit requires 'transient' >= 0.5.0, but due to bad defaults, Emacs' package manager refuses to
|
||||
;; upgrade this and other built-in packages to higher releases from GNU Elpa.
|
||||
(use-package transient
|
||||
:init
|
||||
(progn (unload-feature 'transient t)
|
||||
(require 'transient)))
|
||||
;; (use-package transient
|
||||
;; :init
|
||||
;; (progn (unload-feature 'transient t)
|
||||
;; (require 'transient)))
|
||||
;; To fix this, you have to add this to your init file:
|
||||
;; (setq package-install-upgrade-built-in t)
|
||||
;; You must also make sure the updated version is loaded, by evaluating the `progn` form below.
|
||||
|
|
|
@ -205,63 +205,63 @@
|
|||
"xdg-desktop-portal"
|
||||
"xdg-desktop-portal-wlr"
|
||||
|
||||
"emacs-el-patch"
|
||||
"emacs-guix"
|
||||
"emacs-org"
|
||||
"emacs-org-roam"
|
||||
"emacs-consult-notes"
|
||||
"emacs-websocket"
|
||||
"emacs-org-roam-ui"
|
||||
"emacs-org-modern"
|
||||
"emacs-org-rainbow-tags"
|
||||
"emacs-color-theme-modern"
|
||||
"emacs-moe-theme"
|
||||
"emacs-catppuccin-theme"
|
||||
"emacs-unicode-fonts"
|
||||
"emacs-ligature"
|
||||
"emacs-visual-fill-column"
|
||||
"emacs-adaptive-wrap"
|
||||
"emacs-keychain-environment"
|
||||
"emacs-pass"
|
||||
"emacs-evil"
|
||||
"emacs-evil-collection"
|
||||
"emacs-orderless"
|
||||
"emacs-embark-consult"
|
||||
"emacs-wgrep"
|
||||
"emacs-vertico"
|
||||
"emacs-marginalia"
|
||||
"emacs-nerd-icons-completion"
|
||||
"emacs-which-key"
|
||||
"emacs-cape"
|
||||
"emacs-catppuccin-theme"
|
||||
"emacs-cider@1.12.0"
|
||||
;;"emacs-code-review"
|
||||
"emacs-color-theme-modern"
|
||||
"emacs-consult-eglot"
|
||||
"emacs-consult-notes"
|
||||
"emacs-corfu"
|
||||
"emacs-nerd-icons-corfu"
|
||||
;; "emacs-corfu-terminal"
|
||||
"emacs-tempel"
|
||||
"emacs-xref-union"
|
||||
"emacs-goto-chg"
|
||||
"emacs-evil-easymotion"
|
||||
"emacs-evil-snipe"
|
||||
"emacs-paredit"
|
||||
"emacs-dhall-mode"
|
||||
"emacs-editorconfig"
|
||||
"emacs-eglot"
|
||||
"emacs-consult-eglot"
|
||||
"emacs-tree-sitter"
|
||||
"emacs-clojure-mode"
|
||||
"emacs-cider"
|
||||
"emacs-el-patch"
|
||||
"emacs-embark-consult"
|
||||
"emacs-envrc"
|
||||
"emacs-evil"
|
||||
"emacs-evil-collection"
|
||||
"emacs-evil-easymotion"
|
||||
"emacs-evil-snipe"
|
||||
"emacs-forge"
|
||||
"emacs-geiser"
|
||||
"emacs-paren-face"
|
||||
"emacs-highlight-parentheses"
|
||||
"emacs-geiser-chicken"
|
||||
"emacs-geiser-guile"
|
||||
"emacs-zig-mode"
|
||||
"emacs-dhall-mode"
|
||||
"emacs-transient"
|
||||
"emacs-git-gutter"
|
||||
"emacs-goto-chg"
|
||||
"emacs-guix"
|
||||
"emacs-highlight-parentheses"
|
||||
"emacs-keychain-environment"
|
||||
"emacs-ligature"
|
||||
"emacs-magit"
|
||||
"emacs-magit-todos"
|
||||
"emacs-forge"
|
||||
"emacs-code-review"
|
||||
"emacs-git-gutter"
|
||||
"emacs-envrc"
|
||||
"emacs-marginalia"
|
||||
"emacs-moe-theme"
|
||||
"emacs-nerd-icons-completion"
|
||||
"emacs-nerd-icons-corfu"
|
||||
"emacs-orderless"
|
||||
"emacs-org"
|
||||
"emacs-org-modern"
|
||||
"emacs-org-rainbow-tags"
|
||||
"emacs-org-roam"
|
||||
"emacs-org-roam-ui"
|
||||
"emacs-paredit"
|
||||
"emacs-paren-face"
|
||||
"emacs-pass"
|
||||
"emacs-seq"
|
||||
"emacs-tempel"
|
||||
"emacs-transient"
|
||||
"emacs-tree-sitter"
|
||||
"emacs-unicode-fonts"
|
||||
"emacs-vertico"
|
||||
"emacs-visual-fill-column"
|
||||
"emacs-websocket"
|
||||
"emacs-wgrep"
|
||||
"emacs-which-key"
|
||||
"emacs-xref-union"
|
||||
"emacs-zig-mode"
|
||||
;; "emacs-corfu-terminal"
|
||||
)))
|
||||
(service home-openssh-service-type
|
||||
(home-openssh-configuration
|
||||
|
|
Loading…
Reference in a new issue