diff options
Diffstat (limited to 'system.scm')
| -rw-r--r-- | system.scm | 254 |
1 files changed, 254 insertions, 0 deletions
diff --git a/system.scm b/system.scm new file mode 100644 index 0000000..b59b150 --- /dev/null +++ b/system.scm @@ -0,0 +1,254 @@ +;; This is an operating system configuration generated +;; by the graphical installer. +;; +;; Once installation is complete, you can learn and modify +;; this file to tweak the system configuration, and pass it +;; to the 'guix system reconfigure' command to effect your +;; changes. + + +;; Indicate which modules to import to access the variables +;; used in this configuration. +(use-modules (gnu) + (gnu system setuid)) + +(use-service-modules avahi + cups + dbus + desktop + docker + linux ; for kernel-module-loader-service-type + messaging + networking + sound + spice + ssh + virtualization + xorg) + +(use-package-modules games ;for steam-devices-udev-rules + gnome ;for libratbag + linux ;for v4l2loopback-linux-module + messaging ;for bitlbee and bitlbee plugins + pulseaudio) + +(use-modules (nongnu packages linux) + (nongnu system linux-initrd)) + +(import (srfi 1) + (guix channels) + (guix inferior)) + +(define-values (rz/linux rz/linux-libre-headers rz/linux-kernel-modules) + (let* ((channels + (list (channel + (name 'nonguix) + (url "https://gitlab.com/nonguix/nonguix") + (commit "440720b7b2ca4789298f3150bc82bf1b5ed4b8c9")) + (channel + (name 'guix) + (url "https://git.savannah.gnu.org/git/guix.git") + (commit "d37b467631d5b0e965ea933b8bda8448993580e9")))) + (inferior (inferior-for-channels channels)) + (kernel-version "6.2.2")) + (values (specification->package "linux") + (first (lookup-inferior-packages inferior "linux-libre-headers")) + ;; TODO FIX + (list (specification->package "v4l2loopback-linux-module") + )))) + +;; TODO FIX +;; (define dslr-webcam-config +;; (plain-file "dslr-webcam.conf" +;; (string-append +;; "alias dslr-webcam v4l2loopback\n" +;; "options v4l2loopback exclusive_caps=1 max_buffers=2 devices=2 video_nr=2,3"))) + + +;; (define scarlett-config +;; (plain-file "snd_usb_audio.conf" +;; "options snd_usb_audio vid=")) + +(operating-system + (locale "en_GB.utf8") + (timezone "America/New_York") + (keyboard-layout (keyboard-layout "us")) + (host-name "lambda") + + (kernel rz/linux) + (kernel-loadable-modules rz/linux-kernel-modules) + (initrd microcode-initrd) + (firmware (list linux-firmware)) + + (groups (cons* (user-group (name "spice")) + (user-group (name "plugdev")) + %base-groups)) + ;; The list of user accounts ('root' is implicit). + (users (cons* (user-account + (name "robby") + (comment "Robby Zambito") + (group "users") + (home-directory "/home/robby") + (supplementary-groups '("wheel" "netdev" "audio" "video" "dialout" "libvirt" "kvm" "spice" "plugdev" "lp" "docker"))) + %base-user-accounts)) + (packages (append (specifications->packages (list "amdgpu-firmware" + "bluez" + "bluez-alsa" + "dbus" + "emacs" + "ffmpeg" + "gvfs" + "hplip" + "htop" + "libcamera" + "libinput" + "ncurses" + "ntfs-3g" + "pipewire" + ;; "purple-mattermost" + "ripgrep" +;; TODO fix + ;; "rocm-cmake" + ;; "rocm-opencl-runtime" + "steam-devices-udev-rules" + "sway" + "swaylock" + "udiskie" + "virt-manager" + "waypipe" + "wireplumber" + "xdg-desktop-portal" + "xdg-desktop-portal-wlr" + "xdg-user-dirs" + "xdg-utils")) + (list rz/linux-libre-headers + noisetorch) + %base-packages)) + (setuid-programs + (append + (list ;(setuid-program (program (file-append (specification->package "swaylock") "/bin/swaylock"))) + (setuid-program (program (file-append (specification->package "spice-gtk") "/libexec/spice-client-glib-usb-acl-helper"))) + (setuid-program (program (file-append noisetorch "/bin/NoiseTorch")))) + %setuid-programs)) + + ;; Below is the list of system services. To search for available + ;; services, run 'guix system search KEYWORD' in a terminal. + (services + (append (list + (service accountsservice-service-type) + (service alsa-service-type + (alsa-configuration (pulseaudio? #f))) + (service avahi-service-type) +; (service bitlbee-service-type +; (bitlbee-configuration +; (bitlbee bitlbee-purple) +; (plugins (list bitlbee-discord +; purple-mattermost)))) + (service bluetooth-service-type + (bluetooth-configuration + (auto-enable? #t))) + (service colord-service-type) + (service cups-pk-helper-service-type) + (service cups-service-type + (cups-configuration + (web-interface? #t))) + (service dbus-root-service-type) + (service containerd-service-type) + (service docker-service-type) + (service elogind-service-type) + (service geoclue-service-type) + (simple-service 'add-extra-hosts + hosts-service-type + (list (host "10.69.0.1" "stream.robbyzambito.me") + ;; (host "10.42.0.1" "robbyzambito.me") + (host "10.69.0.1" "git.robbyzambito.me") + (host "192.168.98.25" "file.pinfosec.dev") + (host "144.202.13.55" "mattermost.pinfosec.dev"))) + (service libvirt-service-type + (libvirt-configuration + (unix-sock-group "libvirt"))) + (service network-manager-service-type) + (service ntp-service-type) + ;; (service oci-container-service-type + ;; (list + ;; (oci-container-configuration + ;; (provision "nats-server") + ;; (image "nats") + ;; (network "host") + ;; (ports '("4222:4222")) + ;; (command '("-js" "-sd" "/var/js" "-c" "/etc/nats.conf")) + ;; (volumes (list "nats-jetstream:/var/js" + ;; (cons (string-append ;"accounts: { SYS: { } }\n" + ;; ;"system_account: SYS\n" + ;; ) + ;; "/etc/nats.conf")))))) + (service hostapd-service-type + (hostapd-configuration + (interface "wlp4s0") + (ssid "lambda"))) + ;; To configure OpenSSH, pass an 'openssh-configuration' + ;; record as a second argument to 'service' below. + (service openssh-service-type) + (service polkit-service-type + ;; (polkit-configuration + ;; (actions (list (plain-file "org.spice-space.lowlevelusbaccess.policy" (string-append "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" "<!DOCTYPE policyconfig PUBLIC\n" " \"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN\"\n" " \"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd\">\n" "<policyconfig>\n" "\n" " <vendor>The Spice Project</vendor>\n" " <vendor_url>http://spice-space.org/</vendor_url>\n" " <icon_name>spice</icon_name>\n" "\n" " <action id=\"org.spice-space.lowlevelusbaccess\">\n" " <description>Low level USB device access</description>\n" " <message>Privileges are required for low level USB device access (for usb device pass through).</message>\n" " <defaults>\n" " <allow_any>yes</allow_any>\n" " <allow_inactive>no</allow_inactive>\n" " <allow_active>yes</allow_active>\n" " </defaults>\n" " </action>\n" "\n" "</policyconfig>\n"))))) + ) + polkit-wheel-service + (simple-service 'ratbagd dbus-root-service-type (list libratbag)) + (service screen-locker-service-type + (screen-locker-configuration + (name "swaylock") + (program (file-append (specification->package "swaylock") "/bin/swaylock")) + (using-pam? #t) + (using-setuid? #f))) + (service tor-service-type) + (service udisks-service-type) + (udev-rules-service 'steam-devices steam-devices-udev-rules) + (udev-rules-service 'spice (udev-rule "50-spice.rules" + (string-append + "SUBSYSTEM==\"usb\", GROUP=\"spice\", MODE=\"0660\"\n" + "SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"\n"))) + (udev-rules-service 'zsa (udev-rule "50-zsa.rules" + (string-append + "# Rules for Oryx web flashing and live training\n" + "KERNEL==\"hidraw*\", ATTRS{idVendor}==\"16c0\", MODE=\"0664\", GROUP=\"plugdev\"\n" + "KERNEL==\"hidraw*\", ATTRS{idVendor}==\"3297\", MODE=\"0664\", GROUP=\"plugdev\"\n" + "# Wally Flashing rules for the Moonlander and Planck EZ\n" + "SUBSYSTEMS==\"usb\", ATTRS{idVendor}==\"0483\", ATTRS{idProduct}==\"df11\", MODE:=\"0666\", SYMLINK+=\"stm32_dfu\"\n"))) + ;; TODO FIX + (service kernel-module-loader-service-type '("v4l2loopback")) + ;; (simple-service 'v4l2loopback-config etc-service-type + ;; (list `("modprobe.d/dslr-webcam.conf" + ;; ,dslr-webcam-config))) + (service wpa-supplicant-service-type)) + ;; This is the default list of services we + ;; are appending to. + %base-services)) + (bootloader (bootloader-configuration + (bootloader grub-efi-bootloader) + (targets (list "/boot/efi")) + (keyboard-layout keyboard-layout))) + (swap-devices (list (swap-space + (target (uuid + "7d57b644-4038-4966-8047-fb358ef79d5c"))))) + + ;; The list of file systems that get "mounted". The unique + ;; file system identifiers there ("UUIDs") can be obtained + ;; by running 'blkid' in a terminal. + (file-systems (cons* (file-system + (mount-point "/") + (device (uuid + "e4742181-2a6c-487f-b4dd-cc26930dbc7b" + 'ext4)) + (type "ext4")) + (file-system + (mount-point "/boot/efi") + (device (uuid "B1D3-6C95" + 'fat32)) + (type "vfat")) + (file-system + (mount-point "/home") + (device (uuid "c79fa858-ca01-46f8-b400-c4ab0e218986" + 'ext4)) + (type "ext4")) + %base-file-systems))) |