guixconfig/config.org
2023-12-18 22:11:28 +01:00

9.9 KiB

GUIX System Configuration

  (org-babel-lob-ingest "./library.org")

Makefile

  reconfigure:
	mkdir -p ~/.config/guix
	cp channels.scm ~/.config/guix/channels.scm
	guix archive --authorize < signing-key.pub
	guix system reconfigure ./config.scm --substitute-urls='https://ci.guix.gnu.org https://bordeaux.guix.gnu.org https://substitutes.nonguix.org'
	make -C /home/zilti/.guix-home/profile/lib/browserpass make hosts-firefox-user
	flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo

System Installation Script

This is to be run after setting up the partitions.

  #!/bin/sh
  set euxo -pipefail
  mount /dev/disk/by-label/guix /mnt
  mkdir -p /mnt/boot/efi
  mount /dev/disk/by-label/EFI /mnt/boot/efi
  herd start cow-store /mnt
  guix pull -C./channels.scm
  GUIX_PROFILE="/root/.config/guix/current"
  . "$GUIX_PROFILE/etc/profile"
  hash guix
  guix system -L. init config.scm /mnt --substitute-urls="https://ci.guix.gnu.org https://bordeaux.guix.gnu.org https://substitutes.nonguix.org"

Modules

  • gnu
  • gnu image
  • gnu packages gnome
  • gnu services admin
  • gnu services authentication
  • gnu services base
  • gnu services configuration
  • gnu services dbus
  • gnu services desktop
  • gnu services linux
  • gnu services networking
  • gnu services pm
  • gnu services virtualization
  • gnu services xorg
  • gnu system nss
  • nongnu packages linux
  • nongnu system linux-initrd

Service Modules

  • desktop
  • xorg

Package Modules

  • bootloaders
  • certs
  • emacs
  • emacs-xyz
  • fonts
  • pciutils
  • readline
  • terminals
  • version-control
  • wm
  • xorg

Configuration Definitions

File System

  (file-systems (append (list
                         (file-system
                          (device (file-system-label "EFI"))
                          (mount-point "/boot/efi")
                          (type "vfat"))
                         (file-system
                          (device (file-system-label "guix"))
                          (mount-point "/")
                          (type "xfs")))
                        %base-file-systems))
  (swap-devices
   (list (swap-space (target (file-system-label "swap")))))

Channels

This adds the Nonguix channel.

  (cons* (channel
          (name 'nonguix)
          (url "https://gitlab.com/nonguix/nonguix")
          ;; Enable signature verification:
          (introduction
           (make-channel-introduction
            "897c1a470da759236cc11798f4e0a5f7d4d59fbc"
            (openpgp-fingerprint
             "2A39 3FFF 68F4 EF7A 3D29  12AF 6F51 20A0 22FB B2D5"))))
         (channel
          (name 'ziltis-channel)
          (url "https://gitea.lyrion.ch/zilti/guixchannel"))
         %default-channels)

Packages

  • emacs
  • emacs-desktop-environment
  • font-terminus
  • git
  • hwdata
  • nss-certs
  • network-manager
  • readline
  (packages
   (append
    <<org-to-scheme-sym-list(input=root-packages)>>
    %base-packages))

Services

Simple Services

These services are unmodified, or have just few settings.

Service Options
tlp ()
thermald ((adaptive? #t))
bluetooth ()
earlyoom ((minimum-available-memory 5) (minimum-free-swap 5))
inputattach ()
libvirt ((unix-sock-group "libvirt"))
fstrim ()
fprintd ()
udev ()
seatd ()
inputattach ()

Unattended Upgrade Service

  (service unattended-upgrade-service-type
   (unattended-upgrade-configuration
    (schedule "5 12 * * 1")
    #;(channels
     <<root-channels>>)))

Modified Desktop Services

  (public-key (ecc (curve Ed25519) (q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)))
(public-key (ecc (curve Ed25519) (q #8D156F295D24B0D9A86FA5741A840FF2D24F60F7B6C4134814AD55625971B394#)))
(public-key (ecc (curve Ed25519) (q #7D602902D3A2DBB83F8A0FB98602A754C5493B0B778C8D1DD4E0F41DE14DE34F#)))

Greeter Service

greetd is a broken mess, yet here we are.

  (service greetd-service-type
           (greetd-configuration
            (greeter-supplementary-groups
             (list "video" "input"))
            (terminals
             (list
              (greetd-terminal-configuration
               (terminal-vt "1"))
              (greetd-terminal-configuration
               (terminal-vt "2"))
              (greetd-terminal-configuration
               (terminal-vt "3"))
              (greetd-terminal-configuration
               (terminal-vt "4"))
              #;(greetd-terminal-configuration
              (terminal-vt "7")
              (terminal-switch #t)
              (default-session-command
              (greetd-wlgreet-session
              (command
              (file-append swayfx "/bin/sway")))))
              (greetd-terminal-configuration
               (terminal-vt "8"))))))

Screen Locker Service

For some reason, this service runs on root level for Guix.

  (service screen-locker-service-type
           (screen-locker-configuration
            (name "swaylock")
            (program
             (file-append swaylock-effects "/bin/swaylock"))
            (using-setuid? #f)))

Operating System

This is the full operating system specification.

  (operating-system
   (host-name "ziltis-machine")
   (timezone "Europe/Berlin")
   (locale "de_DE.utf8")
   (keyboard-layout
    (keyboard-layout "de" #:options '("caps:swapescape")))
   (kernel linux)
   (initrd microcode-initrd)
   (firmware (list linux-firmware))
   (bootloader
    (bootloader-configuration
     (bootloader grub-efi-bootloader)
     (targets
      '("/boot/efi"))
     (keyboard-layout keyboard-layout)))
   #;(file-systems %local-filesystem)
   #;(swap-devices %local-swap)
    <<config-filesystems>>
    <<config-swap>>
   (users
    (cons*
     (user-account
      (name "zilti")
      (group "users")
      (supplementary-groups
       '("users" "wheel" "netdev" "audio" "video" "libvirt" "seat")))
     %base-user-accounts))
    <<root-package-block>>
    <<root-services-block>>
   (name-service-switch %mdns-host-lookup-nss))