10 KiB
10 KiB
GUIX System Configuration
(org-babel-lob-ingest "./library.org")
Makefile
reconfigure:
guix pull
sudo guix archive --authorize < keys/non-guix.pub; \
guix system reconfigure ./config.scm --substitute-urls='https://ci.guix.gnu.org https://bordeaux.guix.gnu.org https://substitutes.nonguix.org'
guix home reconfigure ./home/home-configuration.scm
make -C /home/zilti/.guix-home/profile/lib/browserpass hosts-firefox-user
flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
System Installation Script
This is to be run after setting up the partitions.
#!/bin/sh
set euxo -pipefail
mount /dev/disk/by-label/guix /mnt
mkdir -p /mnt/boot/efi
mount /dev/disk/by-label/EFI /mnt/boot/efi
herd start cow-store /mnt
GUIX_PROFILE="/root/.config/guix/current"
. "$GUIX_PROFILE/etc/profile"
hash guix
guix system -L. init config.scm /mnt --substitute-urls="https://ci.guix.gnu.org https://bordeaux.guix.gnu.org https://substitutes.nonguix.org"
Modules
There are many community modules at Whereis.
- gnu
- gnu image
- gnu system nss
- guix channels
- rosenthal packages wm
- zilti packages sway
- zilti packages hyprland
- nongnu packages firmware
- nongnu packages linux
- nongnu system linux-initrd
Service Modules
- admin
- authentication
- base
- configuration
- dbus
- desktop
- docker
- linux
- networking
- nix
- pm
- sddm
- sound
- virtualization
- xorg
Package Modules
- bootloaders
- certs
- containers
- freedesktop
- fonts
- gl
- gnome
- kde-frameworks
- linux
- pciutils
- qt
- readline
- terminals
- version-control
- virtualization
- wm
- xdisorg
- xorg
Configuration Definitions
File System
Update the file system labels:
# XFS
xfs_io -c "label -s NEWLABEL" /
# FAT
fatlabel /dev/device NEWLABEL
(file-systems (append (list
(file-system
(device (file-system-label "EFI"))
(mount-point "/boot/efi")
(type "vfat"))
(file-system
(device (file-system-label "guix"))
(mount-point "/")
(type "xfs")))
%base-file-systems))
(swap-devices
(list (swap-space (target (file-system-label "swap")))))
Channels
This adds the Nonguix channel.
(cons* (channel
(name 'nonguix)
(url "https://gitlab.com/nonguix/nonguix")
;; Enable signature verification:
(introduction
(make-channel-introduction
"897c1a470da759236cc11798f4e0a5f7d4d59fbc"
(openpgp-fingerprint
"2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5"))))
(channel
(name 'emacs)
(url "https://github.com/babariviere/guix-emacs")
(introduction
(make-channel-introduction
"72ca4ef5b572fea10a4589c37264fa35d4564783"
(openpgp-fingerprint
"261C A284 3452 FB01 F6DF 6CF4 F9B7 864F 2AB4 6F18"))))
(channel
(name 'rosenthal)
(url "https://codeberg.org/hako/rosenthal.git")
(branch "trunk")
(introduction
(make-channel-introduction
"7677db76330121a901604dfbad19077893865f35"
(openpgp-fingerprint
"13E7 6CD6 E649 C28C 3385 4DF5 5E5A A665 6149 17F7"))))
(channel
(name 'ziltis-channel)
(url "https://gitea.lyrion.ch/zilti/guixchannel"))
%default-channels)
Packages
- bluez-firmware
- egl-gbm
- egl-wayland
- eglexternalplatform
- font-terminus
- fwupd-nonfree
- git
- glu
- hwdata
- hyprland
- i915-firmware
- libdrm
- libglvnd
- linux-pam
- mesa
- nss-certs
- network-manager
- kwayland
- qtwayland
- readline
- tuxedo-keyboard
- xdg-desktop-portal-hyprland
- xdg-desktop-portal
- xf86-video-amdgpu
- xf86-video-intel
- xorg-server-xwayland
- xorg-server
- wayland
- amdgpu-firmware
- amd-microcode
- intel-microcode
(packages
(append
<<org-to-scheme-sym-list(input=root-packages)>>
%base-packages))
Services
Simple Services
These services are unmodified, or have just few settings.
Service | Options |
---|---|
tlp | () |
thermald | ((adaptive? #t)) |
bluetooth | () |
earlyoom | ((minimum-available-memory 5) (minimum-free-swap 5)) |
inputattach | () |
libvirt | ((unix-sock-group "libvirt")) |
nix | () |
virtlog | () |
fstrim | () |
fprintd | () |
Unattended Upgrade Service
(service unattended-upgrade-service-type
(unattended-upgrade-configuration
(schedule "5 12 * * 1")
(channels #~
<<root-channels>>)))
Hosts File
(simple-service 'add-extra-hosts
hosts-service-type
(list (host "127.0.0.1" "l.redsky.io" '("ld.redsky.io"))
(host "::1" "l.redsky.io" '("ld.redsky.io"))))
Modified Desktop Services
(public-key
(ecc
(curve Ed25519)
(q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)
)
)
(public-key
(ecc
(curve Ed25519)
(q #8D156F295D24B0D9A86FA5741A840FF2D24F60F7B6C4134814AD55625971B394#)
)
)
(public-key
(ecc
(curve Ed25519)
(q #7D602902D3A2DBB83F8A0FB98602A754C5493B0B778C8D1DD4E0F41DE14DE34F#)
)
)
Screen Locker Service
For some reason, this service runs on root level for Guix.
(service screen-locker-service-type
(screen-locker-configuration
(name "swaylock")
(program
(file-append swaylock-effects "/bin/swaylock"))
(using-setuid? #f)))
Operating System
This is the full operating system specification.
(operating-system
(host-name "ziltis-machine")
(timezone "Europe/Berlin")
(locale "de_DE.utf8")
(keyboard-layout
(keyboard-layout "de" #:options '("caps:swapescape")))
(kernel linux)
(initrd microcode-initrd)
(firmware (list linux-firmware))
(bootloader
(bootloader-configuration
(bootloader grub-efi-bootloader)
(targets
'("/boot/efi"))
(keyboard-layout keyboard-layout)))
#;(file-systems %local-filesystem)
#;(swap-devices %local-swap)
<<config-filesystems>>
<<config-swap>>
(users
(cons*
(user-account
(name "zilti")
(group "users")
(supplementary-groups
'("avahi" "users" "input" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "lp")))
%base-user-accounts))
<<root-package-block>>
<<root-services-block>>
(name-service-switch %mdns-host-lookup-nss))