guixconfig/config.org
2024-04-04 12:04:30 +02:00

12 KiB

GUIX System Configuration

  (org-babel-lob-ingest "./library.org")

Makefile

  reconfigure:
	mkdir -p ~/.config/guix
	ln -sf `pwd`/channels.scm ~/.config/guix/channels.scm
	guix archive --authorize < signing-key.pub
	guix system reconfigure ./config.scm --substitute-urls='https://ci.guix.gnu.org https://bordeaux.guix.gnu.org https://substitutes.nonguix.org'
	make -C /home/zilti/.guix-home/profile/lib/browserpass hosts-firefox-user
	flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo

System Installation Script

This is to be run after setting up the partitions.

  #!/bin/sh
  set euxo -pipefail
  mount /dev/disk/by-label/guix /mnt
  mkdir -p /mnt/boot/efi
  mount /dev/disk/by-label/EFI /mnt/boot/efi
  herd start cow-store /mnt
  guix pull -C./channels.scm
  GUIX_PROFILE="/root/.config/guix/current"
  . "$GUIX_PROFILE/etc/profile"
  hash guix
  guix system -L. init config.scm /mnt --substitute-urls="https://ci.guix.gnu.org https://bordeaux.guix.gnu.org https://substitutes.nonguix.org"

Modules

There are many community modules at Whereis.

  • gnu
  • gnu image
  • gnu services admin
  • gnu services authentication
  • gnu services base
  • gnu services configuration
  • gnu services dbus
  • gnu services desktop
  • gnu services docker
  • gnu services linux
  • gnu services networking
  • gnu services nix
  • gnu services pm
  • gnu services sddm
  • gnu services sound
  • gnu services virtualization
  • gnu services xorg
  • gnu system nss
  • rosenthal packages wm
  • zilti packages sway
  • zilti packages hyprland
  • nongnu packages firmware
  • nongnu packages linux
  • nongnu system linux-initrd

Service Modules

  • desktop
  • xorg

Package Modules

  • bootloaders
  • certs
  • containers
  • freedesktop
  • fonts
  • gl
  • gnome
  • linux
  • pciutils
  • qt
  • readline
  • terminals
  • version-control
  • virtualization
  • wm
  • xdisorg
  • xorg

Configuration Definitions

File System

  (file-systems (append (list
                         (file-system
                          (device (file-system-label "EFI"))
                          (mount-point "/boot/efi")
                          (type "vfat"))
                         (file-system
                          (device (file-system-label "guix"))
                          (mount-point "/")
                          (type "xfs")))
                        %base-file-systems))
  (swap-devices
   (list (swap-space (target (file-system-label "swap")))))

Channels

This adds the Nonguix channel.

  (append %default-channels
          (list
           (channel
            (name 'nonguix)
            (url "https://gitlab.com/nonguix/nonguix")
            ;; Enable signature verification:
            (introduction
             (make-channel-introduction
              "897c1a470da759236cc11798f4e0a5f7d4d59fbc"
              (openpgp-fingerprint
               "2A39 3FFF 68F4 EF7A 3D29  12AF 6F51 20A0 22FB B2D5"))))
           (channel
            (name 'emacs)
            (url "https://github.com/babariviere/guix-emacs")
            (introduction
             (make-channel-introduction
              "72ca4ef5b572fea10a4589c37264fa35d4564783"
              (openpgp-fingerprint
               "261C A284 3452 FB01 F6DF  6CF4 F9B7 864F 2AB4 6F18"))))
           (channel
            (name 'rosenthal)
            (url "https://codeberg.org/hako/rosenthal.git")
            (branch "trunk")
            (introduction
             (make-channel-introduction
              "7677db76330121a901604dfbad19077893865f35"
              (openpgp-fingerprint
               "13E7 6CD6 E649 C28C 3385  4DF5 5E5A A665 6149 17F7"))))
           (channel
            (name 'ziltis-channel)
            (url "https://gitea.lyrion.ch/zilti/guixchannel")
            #;(introduction
             (make-channel-introduction
              "2aa768893d7da14d9831d45e6f1b1625240ff222"
              (openpgp-fingerprint
               "37F6 55BA F43B C0FF 300A  91A1 B389 76E8 2C9D AE42")))))
         )

Packages

  • bluez-firmware
  • egl-wayland
  • eglexternalplatform
  • font-terminus
  • fwupd-nonfree
  • git
  • glu
  • hwdata
  • hyprland
  • i915-firmware
  • libdrm
  • mesa
  • nss-certs
  • network-manager
  • qtwayland
  • readline
  • tuxedo-keyboard
  • xdg-desktop-portal
  • xdg-desktop-portal-hyprland
  • xf86-video-amdgpu
  • xf86-video-intel
  • xorg-server-xwayland
  • amdgpu-firmware
  • amd-microcode
  • intel-microcode
  (packages
   (append
    <<org-to-scheme-sym-list(input=root-packages)>>
    %base-packages))

Services

Simple Services

These services are unmodified, or have just few settings.

Service Options
tlp ()
thermald ((adaptive? #t))
bluetooth ()
earlyoom ((minimum-available-memory 5) (minimum-free-swap 5))
inputattach ()
libvirt ((unix-sock-group "libvirt"))
nix ()
virtlog ()
fstrim ()
fprintd ()
sddm ()

Unattended Upgrade Service

  (service unattended-upgrade-service-type
   (unattended-upgrade-configuration
    (schedule "5 12 * * 1")
    (channels #~
     <<root-channels>>)))

Hosts File

  (simple-service  'add-extra-hosts
                   hosts-service-type
                   (list (host "127.0.0.1" "l.redsky.io" '("ld.redsky.io"))
                         (host "::1" "l.redsky.io" '("ld.redsky.io"))))

Modified Desktop Services

  (public-key 
   (ecc 
    (curve Ed25519)
    (q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)
    )
   )
  (public-key 
   (ecc 
    (curve Ed25519)
    (q #8D156F295D24B0D9A86FA5741A840FF2D24F60F7B6C4134814AD55625971B394#)
    )
   )
  (public-key 
   (ecc 
    (curve Ed25519)
    (q #7D602902D3A2DBB83F8A0FB98602A754C5493B0B778C8D1DD4E0F41DE14DE34F#)
    )
   )

Greeter Service

greetd is a broken mess, yet here we are.

  (service greetd-service-type
           (greetd-configuration
            (greeter-supplementary-groups
             (list "video" "input"))
            (terminals
             (list
              (greetd-terminal-configuration
               (terminal-vt "1"))
              (greetd-terminal-configuration
               (terminal-vt "2"))
              (greetd-terminal-configuration
               (terminal-vt "3"))
              (greetd-terminal-configuration
               (terminal-vt "4"))
              #;(greetd-terminal-configuration
              (terminal-vt "7")
              (terminal-switch #t)
              (default-session-command
              (greetd-wlgreet-session
              (command
              (file-append swayfx "/bin/sway")))))
              (greetd-terminal-configuration
               (terminal-vt "8"))))))

Screen Locker Service

For some reason, this service runs on root level for Guix.

  (service screen-locker-service-type
           (screen-locker-configuration
            (name "swaylock")
            (program
             (file-append swaylock-effects "/bin/swaylock"))
            (using-setuid? #f)))

Operating System

This is the full operating system specification.

  (operating-system
   (host-name "ziltis-machine")
   (timezone "Europe/Berlin")
   (locale "de_DE.utf8")
   (keyboard-layout
    (keyboard-layout "de" #:options '("caps:swapescape")))
   (kernel linux)
   (initrd microcode-initrd)
   (firmware (list linux-firmware))
   (bootloader
    (bootloader-configuration
     (bootloader grub-efi-bootloader)
     (targets
      '("/boot/efi"))
     (keyboard-layout keyboard-layout)))
   #;(file-systems %local-filesystem)
   #;(swap-devices %local-swap)
    <<config-filesystems>>
    <<config-swap>>
   (users
    (cons*
     (user-account
      (name "zilti")
      (group "users")
      (supplementary-groups
       '("avahi" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "lp")))
     %base-user-accounts))
    <<root-package-block>>
    <<root-services-block>>
   (name-service-switch %mdns-host-lookup-nss))