;; This is an operating system configuration generated ;; by the graphical installer. ;; ;; Once installation is complete, you can learn and modify ;; this file to tweak the system configuration, and pass it ;; to the 'guix system reconfigure' command to effect your ;; changes. ;; Indicate which modules to import to access the variables ;; used in this configuration. (use-modules (gnu) (gnu system setuid)) (use-service-modules avahi cups dbus desktop docker linux ; for kernel-module-loader-service-type messaging networking sound spice ssh virtualization xorg) (use-package-modules games ;for steam-devices-udev-rules gnome ;for libratbag linux ;for v4l2loopback-linux-module messaging ;for bitlbee and bitlbee plugins pulseaudio) (use-modules (nongnu packages linux) (nongnu system linux-initrd)) (import (srfi 1) (guix channels) (guix inferior)) (define-values (rz/linux rz/linux-libre-headers rz/linux-kernel-modules) (let* ((channels (list (channel (name 'nonguix) (url "https://gitlab.com/nonguix/nonguix") (commit "440720b7b2ca4789298f3150bc82bf1b5ed4b8c9")) (channel (name 'guix) (url "https://git.savannah.gnu.org/git/guix.git") (commit "d37b467631d5b0e965ea933b8bda8448993580e9")))) (inferior (inferior-for-channels channels)) (kernel-version "6.2.2")) (values (specification->package "linux") (first (lookup-inferior-packages inferior "linux-libre-headers")) ;; TODO FIX (list (specification->package "v4l2loopback-linux-module") )))) ;; TODO FIX ;; (define dslr-webcam-config ;; (plain-file "dslr-webcam.conf" ;; (string-append ;; "alias dslr-webcam v4l2loopback\n" ;; "options v4l2loopback exclusive_caps=1 max_buffers=2 devices=2 video_nr=2,3"))) ;; (define scarlett-config ;; (plain-file "snd_usb_audio.conf" ;; "options snd_usb_audio vid=")) (operating-system (locale "en_GB.utf8") (timezone "America/New_York") (keyboard-layout (keyboard-layout "us")) (host-name "lambda") (kernel rz/linux) (kernel-loadable-modules rz/linux-kernel-modules) (initrd microcode-initrd) (firmware (list linux-firmware)) (groups (cons* (user-group (name "spice")) (user-group (name "plugdev")) %base-groups)) ;; The list of user accounts ('root' is implicit). (users (cons* (user-account (name "robby") (comment "Robby Zambito") (group "users") (home-directory "/home/robby") (supplementary-groups '("wheel" "netdev" "audio" "video" "dialout" "libvirt" "kvm" "spice" "plugdev" "lp" "docker"))) %base-user-accounts)) (packages (append (specifications->packages (list "amdgpu-firmware" "bluez" "bluez-alsa" "dbus" "emacs" "ffmpeg" "gvfs" "hplip" "htop" "libcamera" "libinput" "ncurses" "ntfs-3g" "pipewire" ;; "purple-mattermost" "ripgrep" ;; TODO fix ;; "rocm-cmake" ;; "rocm-opencl-runtime" "steam-devices-udev-rules" "sway" "swaylock" "udiskie" "virt-manager" "waypipe" "wireplumber" "xdg-desktop-portal" "xdg-desktop-portal-wlr" "xdg-user-dirs" "xdg-utils")) (list rz/linux-libre-headers noisetorch) %base-packages)) (setuid-programs (append (list ;(setuid-program (program (file-append (specification->package "swaylock") "/bin/swaylock"))) (setuid-program (program (file-append (specification->package "spice-gtk") "/libexec/spice-client-glib-usb-acl-helper"))) (setuid-program (program (file-append noisetorch "/bin/NoiseTorch")))) %setuid-programs)) ;; Below is the list of system services. To search for available ;; services, run 'guix system search KEYWORD' in a terminal. (services (append (list (service accountsservice-service-type) (service alsa-service-type (alsa-configuration (pulseaudio? #f))) (service avahi-service-type) ; (service bitlbee-service-type ; (bitlbee-configuration ; (bitlbee bitlbee-purple) ; (plugins (list bitlbee-discord ; purple-mattermost)))) (service bluetooth-service-type (bluetooth-configuration (auto-enable? #t))) (service colord-service-type) (service cups-pk-helper-service-type) (service cups-service-type (cups-configuration (web-interface? #t))) (service dbus-root-service-type) (service containerd-service-type) (service docker-service-type) (service elogind-service-type) (service geoclue-service-type) (simple-service 'add-extra-hosts hosts-service-type (list (host "10.69.0.1" "stream.robbyzambito.me") ;; (host "10.42.0.1" "robbyzambito.me") (host "10.69.0.1" "git.robbyzambito.me") (host "192.168.98.25" "file.pinfosec.dev") (host "144.202.13.55" "mattermost.pinfosec.dev"))) (service libvirt-service-type (libvirt-configuration (unix-sock-group "libvirt"))) (service network-manager-service-type) (service ntp-service-type) ;; (service oci-container-service-type ;; (list ;; (oci-container-configuration ;; (provision "nats-server") ;; (image "nats") ;; (network "host") ;; (ports '("4222:4222")) ;; (command '("-js" "-sd" "/var/js" "-c" "/etc/nats.conf")) ;; (volumes (list "nats-jetstream:/var/js" ;; (cons (string-append ;"accounts: { SYS: { } }\n" ;; ;"system_account: SYS\n" ;; ) ;; "/etc/nats.conf")))))) (service hostapd-service-type (hostapd-configuration (interface "wlp4s0") (ssid "lambda"))) ;; To configure OpenSSH, pass an 'openssh-configuration' ;; record as a second argument to 'service' below. (service openssh-service-type) (service polkit-service-type ;; (polkit-configuration ;; (actions (list (plain-file "org.spice-space.lowlevelusbaccess.policy" (string-append "\n" "\n" "\n" "\n" " The Spice Project\n" " http://spice-space.org/\n" " spice\n" "\n" " \n" " Low level USB device access\n" " Privileges are required for low level USB device access (for usb device pass through).\n" " \n" " yes\n" " no\n" " yes\n" " \n" " \n" "\n" "\n"))))) ) polkit-wheel-service (simple-service 'ratbagd dbus-root-service-type (list libratbag)) (service screen-locker-service-type (screen-locker-configuration (name "swaylock") (program (file-append (specification->package "swaylock") "/bin/swaylock")) (using-pam? #t) (using-setuid? #f))) (service tor-service-type) (service udisks-service-type) (udev-rules-service 'steam-devices steam-devices-udev-rules) (udev-rules-service 'spice (udev-rule "50-spice.rules" (string-append "SUBSYSTEM==\"usb\", GROUP=\"spice\", MODE=\"0660\"\n" "SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"\n"))) (udev-rules-service 'zsa (udev-rule "50-zsa.rules" (string-append "# Rules for Oryx web flashing and live training\n" "KERNEL==\"hidraw*\", ATTRS{idVendor}==\"16c0\", MODE=\"0664\", GROUP=\"plugdev\"\n" "KERNEL==\"hidraw*\", ATTRS{idVendor}==\"3297\", MODE=\"0664\", GROUP=\"plugdev\"\n" "# Wally Flashing rules for the Moonlander and Planck EZ\n" "SUBSYSTEMS==\"usb\", ATTRS{idVendor}==\"0483\", ATTRS{idProduct}==\"df11\", MODE:=\"0666\", SYMLINK+=\"stm32_dfu\"\n"))) ;; TODO FIX (service kernel-module-loader-service-type '("v4l2loopback")) ;; (simple-service 'v4l2loopback-config etc-service-type ;; (list `("modprobe.d/dslr-webcam.conf" ;; ,dslr-webcam-config))) (service wpa-supplicant-service-type)) ;; This is the default list of services we ;; are appending to. %base-services)) (bootloader (bootloader-configuration (bootloader grub-efi-bootloader) (targets (list "/boot/efi")) (keyboard-layout keyboard-layout))) (swap-devices (list (swap-space (target (uuid "7d57b644-4038-4966-8047-fb358ef79d5c"))))) ;; The list of file systems that get "mounted". The unique ;; file system identifiers there ("UUIDs") can be obtained ;; by running 'blkid' in a terminal. (file-systems (cons* (file-system (mount-point "/") (device (uuid "e4742181-2a6c-487f-b4dd-cc26930dbc7b" 'ext4)) (type "ext4")) (file-system (mount-point "/boot/efi") (device (uuid "B1D3-6C95" 'fat32)) (type "vfat")) (file-system (mount-point "/home") (device (uuid "c79fa858-ca01-46f8-b400-c4ab0e218986" 'ext4)) (type "ext4")) %base-file-systems)))