From 8e7938a87ed0fd092b8462b6d2076be44f7ea756 Mon Sep 17 00:00:00 2001 From: Daniel Ziltener Date: Tue, 26 Mar 2024 19:09:53 +0100 Subject: [PATCH] . --- config.org | 74 ++----------------------------------- config.scm | 10 ++--- home/home-configuration.scm | 1 + 3 files changed, 9 insertions(+), 76 deletions(-) diff --git a/config.org b/config.org index fe9f23a..e8cdd5c 100644 --- a/config.org +++ b/config.org @@ -94,6 +94,7 @@ This is to be run after setting up the partitions. - readline - terminals - version-control +- virtualization - wm - xdisorg - xorg @@ -176,7 +177,6 @@ This adds the Nonguix channel. - mesa - nss-certs - network-manager -- podman - readline - swayfx-0.3.2 - tuxedo-keyboard @@ -228,10 +228,10 @@ These services are unmodified, or have just few settings. | tlp | () | | thermald | ((adaptive? #t)) | | bluetooth | () | -| docker | () | | earlyoom | ((minimum-available-memory 5) (minimum-free-swap 5)) | | inputattach | () | | libvirt | ((unix-sock-group "libvirt")) | +| virtlog | () | | fstrim | () | | fprintd | () | | plasma-desktop | () | @@ -390,77 +390,9 @@ This is the full operating system specification. (name "zilti") (group "users") (supplementary-groups - '("avahi" "docker" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "lp"))) + '("avahi" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "lp"))) %base-user-accounts)) <> <> (name-service-switch %mdns-host-lookup-nss)) #+end_src - -* Other Components - -** Podman - -Podman needs the files =/etc/subuid= and =/etc/subgid=. - -#+begin_src fundamental :tangle etc/subuid :mkdirp yes -zilti:1001:65536 -#+end_src - -#+begin_src fundamental :tangle etc/subgid :mkdirp yes -zilti:1000:1000 -#+end_src - -Then, there is the =policy.json=: - -#+begin_src json :tangle podman/policy.json :mkdirp yes -{ - "default": [ - { - "type": "reject" - } - ], - "transports": { - "docker": { - "docker.io": [ - { - "type": "insecureAcceptAnything" - } - ], - "docker.io/library": [ - { - "type": "insecureAcceptAnything" - } - ], - "registry.access.redhat.com": [ - { - "type": "signedBy", - "keyType": "GPGKeys", - "keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release" - } - ], - "registry.redhat.io": [ - { - "type": "signedBy", - "keyType": "GPGKeys", - "keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release" - } - ] - }, - "docker-daemon": { - "": [ - { - "type": "insecureAcceptAnything" - } - ] - } - } -} -#+end_src - -And finally the registries. - -#+begin_src conf :tangle podman/registries.conf :mkdirp yes -[registries.search] -registries = ["docker.io", "registry.access.redhat.com", "quay.io"] -#+end_src diff --git a/config.scm b/config.scm index 1f3635c..1a9c97e 100644 --- a/config.scm +++ b/config.scm @@ -37,6 +37,7 @@ readline terminals version-control + virtualization wm xdisorg xorg) @@ -76,7 +77,7 @@ (name "zilti") (group "users") (supplementary-groups - '("avahi" "docker" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "lp"))) + '("avahi" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "lp"))) %base-user-accounts)) (packages (append @@ -96,7 +97,6 @@ mesa nss-certs network-manager - podman readline swayfx-0.3.2 tuxedo-keyboard @@ -134,9 +134,6 @@ (service bluetooth-service-type (bluetooth-configuration)) - (service - docker-service-type - (docker-configuration)) (service earlyoom-service-type (earlyoom-configuration @@ -149,6 +146,9 @@ libvirt-service-type (libvirt-configuration (unix-sock-group "libvirt"))) + (service + virtlog-service-type + (virtlog-configuration)) (service fstrim-service-type (fstrim-configuration)) diff --git a/home/home-configuration.scm b/home/home-configuration.scm index 26d0d29..83f20ce 100644 --- a/home/home-configuration.scm +++ b/home/home-configuration.scm @@ -208,6 +208,7 @@ "tree-sitter" "ungoogled-chromium-wayland" "unzip" + "virt-manager" "visidata" "waybar" "wlogout"