guixconfig/config.org
2024-04-07 14:54:55 +02:00

10 KiB

GUIX System Configuration

  (org-babel-lob-ingest "./library.org")

Makefile

reconfigure:
	guix pull
	sudo guix archive --authorize < keys/non-guix.pub; \
	guix system reconfigure ./config.scm --substitute-urls='https://ci.guix.gnu.org https://bordeaux.guix.gnu.org https://substitutes.nonguix.org'
	guix home reconfigure ./home/home-configuration.scm
	make -C /home/zilti/.guix-home/profile/lib/browserpass hosts-firefox-user
	flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo

System Installation Script

This is to be run after setting up the partitions.

  #!/bin/sh
  set euxo -pipefail
  mount /dev/disk/by-label/guix /mnt
  mkdir -p /mnt/boot/efi
  mount /dev/disk/by-label/EFI /mnt/boot/efi
  herd start cow-store /mnt
  GUIX_PROFILE="/root/.config/guix/current"
  . "$GUIX_PROFILE/etc/profile"
  hash guix
  guix system -L. init config.scm /mnt --substitute-urls="https://ci.guix.gnu.org https://bordeaux.guix.gnu.org https://substitutes.nonguix.org"

Modules

There are many community modules at Whereis.

  • gnu
  • gnu image
  • gnu system nss
  • guix channels
  • rosenthal packages wm
  • zilti packages sway
  • zilti packages hyprland
  • nongnu packages firmware
  • nongnu packages linux
  • nongnu system linux-initrd

Service Modules

  • admin
  • authentication
  • base
  • configuration
  • dbus
  • desktop
  • docker
  • linux
  • networking
  • nix
  • pm
  • sddm
  • sound
  • virtualization
  • xorg

Package Modules

  • bootloaders
  • certs
  • containers
  • freedesktop
  • fonts
  • gl
  • gnome
  • kde-frameworks
  • linux
  • pciutils
  • qt
  • readline
  • terminals
  • version-control
  • virtualization
  • wm
  • xdisorg
  • xorg

Configuration Definitions

File System

  (file-systems (append (list
                         (file-system
                          (device (file-system-label "EFI"))
                          (mount-point "/boot/efi")
                          (type "vfat"))
                         (file-system
                          (device (file-system-label "guix"))
                          (mount-point "/")
                          (type "xfs")))
                        %base-file-systems))
  (swap-devices
   (list (swap-space (target (file-system-label "swap")))))

Channels

This adds the Nonguix channel.

  (cons* (channel
           (name 'nonguix)
           (url "https://gitlab.com/nonguix/nonguix")
           ;; Enable signature verification:
           (introduction
            (make-channel-introduction
             "897c1a470da759236cc11798f4e0a5f7d4d59fbc"
             (openpgp-fingerprint
              "2A39 3FFF 68F4 EF7A 3D29  12AF 6F51 20A0 22FB B2D5"))))
         (channel
           (name 'emacs)
           (url "https://github.com/babariviere/guix-emacs")
           (introduction
            (make-channel-introduction
             "72ca4ef5b572fea10a4589c37264fa35d4564783"
             (openpgp-fingerprint
              "261C A284 3452 FB01 F6DF  6CF4 F9B7 864F 2AB4 6F18"))))
         (channel
           (name 'rosenthal)
           (url "https://codeberg.org/hako/rosenthal.git")
           (branch "trunk")
           (introduction
            (make-channel-introduction
             "7677db76330121a901604dfbad19077893865f35"
             (openpgp-fingerprint
              "13E7 6CD6 E649 C28C 3385  4DF5 5E5A A665 6149 17F7"))))
         (channel
           (name 'ziltis-channel)
           (url "https://gitea.lyrion.ch/zilti/guixchannel"))
         %default-channels)

Packages

  • bluez-firmware
  • egl-wayland
  • eglexternalplatform
  • font-terminus
  • fwupd-nonfree
  • git
  • glu
  • hwdata
  • hyprland
  • i915-firmware
  • libdrm
  • linux-pam
  • mesa
  • nss-certs
  • network-manager
  • kwayland
  • qtwayland
  • readline
  • tuxedo-keyboard
  • xdg-desktop-portal-hyprland
  • xdg-desktop-portal
  • xf86-video-amdgpu
  • xf86-video-intel
  • xorg-server-xwayland
  • xorg-server
  • wayland
  • amdgpu-firmware
  • amd-microcode
  • intel-microcode
  (packages
   (append
    <<org-to-scheme-sym-list(input=root-packages)>>
    %base-packages))

Services

Simple Services

These services are unmodified, or have just few settings.

Service Options
tlp ()
thermald ((adaptive? #t))
bluetooth ()
earlyoom ((minimum-available-memory 5) (minimum-free-swap 5))
inputattach ()
libvirt ((unix-sock-group "libvirt"))
nix ()
virtlog ()
fstrim ()
fprintd ()

Unattended Upgrade Service

  (service unattended-upgrade-service-type
   (unattended-upgrade-configuration
    (schedule "5 12 * * 1")
    (channels #~
     <<root-channels>>)))

Hosts File

  (simple-service  'add-extra-hosts
                   hosts-service-type
                   (list (host "127.0.0.1" "l.redsky.io" '("ld.redsky.io"))
                         (host "::1" "l.redsky.io" '("ld.redsky.io"))))

Modified Desktop Services

  (public-key 
   (ecc 
    (curve Ed25519)
    (q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)
    )
   )
  (public-key 
   (ecc 
    (curve Ed25519)
    (q #8D156F295D24B0D9A86FA5741A840FF2D24F60F7B6C4134814AD55625971B394#)
    )
   )
  (public-key 
   (ecc 
    (curve Ed25519)
    (q #7D602902D3A2DBB83F8A0FB98602A754C5493B0B778C8D1DD4E0F41DE14DE34F#)
    )
   )

Screen Locker Service

For some reason, this service runs on root level for Guix.

  (service screen-locker-service-type
           (screen-locker-configuration
            (name "swaylock")
            (program
             (file-append swaylock-effects "/bin/swaylock"))
            (using-setuid? #f)))

Operating System

This is the full operating system specification.

  (operating-system
   (host-name "ziltis-machine")
   (timezone "Europe/Berlin")
   (locale "de_DE.utf8")
   (keyboard-layout
    (keyboard-layout "de" #:options '("caps:swapescape")))
   (kernel linux)
   (initrd microcode-initrd)
   (firmware (list linux-firmware))
   (bootloader
    (bootloader-configuration
     (bootloader grub-efi-bootloader)
     (targets
      '("/boot/efi"))
     (keyboard-layout keyboard-layout)))
   #;(file-systems %local-filesystem)
   #;(swap-devices %local-swap)
    <<config-filesystems>>
    <<config-swap>>
   (users
    (cons*
     (user-account
      (name "zilti")
      (group "users")
      (supplementary-groups
       '("avahi" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "lp")))
     %base-user-accounts))
    <<root-package-block>>
    <<root-services-block>>
   (name-service-switch %mdns-host-lookup-nss))