;; This is an operating system configuration generated ;; by the graphical installer. ;; ;; Once installation is complete, you can learn and modify ;; this file to tweak the system configuration, and pass it ;; to the 'guix system reconfigure' command to effect your ;; changes. ;; Indicate which modules to import to access the variables ;; used in this configuration. (use-modules (gnu) (gnu packages package-management) ; guix-for-channels (gnu system accounts);for 'subid-range' (gnu system setuid)) (use-service-modules avahi containers cups dbus desktop ;; docker linux messaging networking sddm sound spice ssh virtualization xorg) (use-package-modules games ;for steam-devices-udev-rules gnome ;for libratbag messaging ;for bitlbee and bitlbee plugins pulseaudio) (use-modules (nongnu packages linux) (nongnu system linux-initrd)) (import (srfi 1) (guix channels) (guix inferior) (guix packages)) (define rz/linux linux) (define rz/linux-kernel-modules '()) ;; NOTE: v4l2loopback-linux-module cannot be built against inferior linux ;; Inferior and regular packages cannot be mixed as build inputs ;; TODO FIX ;; (define dslr-webcam-config ;; (plain-file "dslr-webcam.conf" ;; (string-append ;; "alias dslr-webcam v4l2loopback\n" ;; "options v4l2loopback exclusive_caps=1 max_buffers=2 devices=2 video_nr=2,3"))) ;; (define scarlett-config ;; (plain-file "snd_usb_audio.conf" ;; "options snd_usb_audio vid=")) (operating-system (locale "en_GB.utf8") (timezone "America/New_York") (keyboard-layout (keyboard-layout "us")) (host-name "lambda") (kernel rz/linux) ; (kernel-loadable-modules rz/linux-kernel-modules) (initrd microcode-initrd) (firmware (list linux-firmware)) (groups (cons* (user-group (name "spice")) (user-group (name "plugdev")) %base-groups)) ;; The list of user accounts ('root' is implicit). (users (cons* (user-account (name "robby") (comment "Robby Zambito") (group "users") (home-directory "/home/robby") (supplementary-groups '("cgroup" "wheel" "netdev" "audio" "video" "dialout" "libvirt" "kvm" "spice" "plugdev" "lp" ;; "docker" ))) %base-user-accounts)) (packages (append (specifications->packages (list "amdgpu-firmware" "bluez" "bluez-alsa" "dbus" ;; "docker-compose" "emacs" "ffmpeg" "gvfs" "hplip" "htop" "libcamera" "libinput" "ncurses" "ntfs-3g" "pipewire" ;; "purple-mattermost" "podman-compose" "ripgrep" ;; TODO fix ;; "rocm-cmake" ;; "rocm-opencl-runtime" "steam-devices-udev-rules" "sway" "swaylock" "udiskie" "virt-manager" "waypipe" "wireplumber" "xdg-desktop-portal" "xdg-desktop-portal-wlr" "xdg-user-dirs" "xdg-utils")) (list noisetorch) %base-packages)) (setuid-programs (append (list ;(setuid-program (program (file-append (specification->package "swaylock") "/bin/swaylock"))) (setuid-program (program (file-append (specification->package "spice-gtk") "/libexec/spice-client-glib-usb-acl-helper"))) (setuid-program (program (file-append noisetorch "/bin/NoiseTorch")))) %setuid-programs)) ;; Below is the list of system services. To search for available ;; services, run 'guix system search KEYWORD' in a terminal. (services (append (list (service accountsservice-service-type) (service alsa-service-type) (service avahi-service-type) ; (service bitlbee-service-type ; (bitlbee-configuration ; (bitlbee bitlbee-purple) ; (plugins (list bitlbee-discord ; purple-mattermost)))) (service bluetooth-service-type (bluetooth-configuration (auto-enable? #t))) (service colord-service-type) (service cups-pk-helper-service-type) (service cups-service-type (cups-configuration (web-interface? #t))) (service dbus-root-service-type) ;; (service containerd-service-type) ;; (service docker-service-type) (service rootless-podman-service-type (rootless-podman-configuration (subgids (list (subid-range (name "robby")))) (subuids (list (subid-range (name "robby")))))) (service elogind-service-type) ;; (service sddm-service-type ;; (sddm-configuration ;; (display-server "wayland"))) ;; (service gdm-service-type ;; (gdm-configuration ;; (wayland? #t))) (service geoclue-service-type) (simple-service 'add-extra-hosts hosts-service-type (list (host "10.69.0.1" "stream.robbyzambito.me") ;; (host "10.42.0.1" "robbyzambito.me") ;; (host "10.69.0.1" "git.robbyzambito.me") (host "192.168.98.25" "file.pinfosec.dev") (host "144.202.13.55" "mattermost.pinfosec.dev"))) (service libvirt-service-type (libvirt-configuration (unix-sock-group "libvirt"))) (service network-manager-service-type) (service ntp-service-type) ;; (service oci-container-service-type ;; (list ;; (oci-container-configuration ;; (provision "nats-server") ;; (image "nats") ;; (network "host") ;; (ports '("4222:4222")) ;; (command '("-js" "-sd" "/var/js" "-c" "/etc/nats.conf")) ;; (volumes (list "nats-jetstream:/var/js" ;; (cons (string-append ;"accounts: { SYS: { } }\n" ;; ;"system_account: SYS\n" ;; ) ;; "/etc/nats.conf")))))) (service hostapd-service-type (hostapd-configuration (interface "wlp4s0") (ssid "lambda"))) ;; To configure OpenSSH, pass an 'openssh-configuration' ;; record as a second argument to 'service' below. (service openssh-service-type) (service polkit-service-type ;; (polkit-configuration ;; (actions (list (plain-file "org.spice-space.lowlevelusbaccess.policy" (string-append "\n" "\n" "\n" "\n" " The Spice Project\n" " http://spice-space.org/\n" " spice\n" "\n" " \n" " Low level USB device access\n" " Privileges are required for low level USB device access (for usb device pass through).\n" " \n" " yes\n" " no\n" " yes\n" " \n" " \n" "\n" "\n"))))) ) polkit-wheel-service (simple-service 'ratbagd dbus-root-service-type (list libratbag)) (service screen-locker-service-type (screen-locker-configuration (name "swaylock") (program (file-append (specification->package "swaylock") "/bin/swaylock")) (using-pam? #t) (using-setuid? #f))) ;; (service seatd-service-type) (service tor-service-type) (service udisks-service-type) (udev-rules-service 'steam-devices steam-devices-udev-rules) (udev-rules-service 'spice (udev-rule "50-spice.rules" (string-append "SUBSYSTEM==\"usb\", GROUP=\"spice\", MODE=\"0660\"\n" "SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"\n"))) (udev-rules-service 'zsa (udev-rule "50-zsa.rules" (string-append "# Rules for Oryx web flashing and live training\n" "KERNEL==\"hidraw*\", ATTRS{idVendor}==\"16c0\", MODE=\"0664\", GROUP=\"plugdev\"\n" "KERNEL==\"hidraw*\", ATTRS{idVendor}==\"3297\", MODE=\"0664\", GROUP=\"plugdev\"\n" "# Wally Flashing rules for the Moonlander and Planck EZ\n" "SUBSYSTEMS==\"usb\", ATTRS{idVendor}==\"0483\", ATTRS{idProduct}==\"df11\", MODE:=\"0666\", SYMLINK+=\"stm32_dfu\"\n"))) ;; Removed TODO FIX ; (service kernel-module-loader-service-type '("v4l2loopback")) ;; (simple-service 'v4l2loopback-config etc-service-type ;; (list `("modprobe.d/dslr-webcam.conf" ;; ,dslr-webcam-config))) (service wpa-supplicant-service-type) (service greetd-service-type (greetd-configuration (greeter-supplementary-groups (list "video" "input" "users")) (terminals (list ;; we can make any terminal active by default (greetd-terminal-configuration (extra-shepherd-requirement '(elogind)) (terminal-vt "1") (terminal-switch #t) (default-session-command (greetd-wlgreet-sway-session))) (greetd-terminal-configuration (terminal-vt "2")) (greetd-terminal-configuration (terminal-vt "3")) (greetd-terminal-configuration (terminal-vt "4")) (greetd-terminal-configuration (terminal-vt "5")) (greetd-terminal-configuration (terminal-vt "6"))))))) ;; This is the default list of services we ;; are appending to. (let ((my-channels (cons (channel (name 'guix) (url "https://codeberg.org/guix/guix.git") (branch "master") (introduction (make-channel-introduction "9edb3f66fd807b096b48283debdcddccfea34bad" (openpgp-fingerprint "BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA")))) %default-channels))) (modify-services %base-services (guix-service-type config => (guix-configuration (inherit config) (channels my-channels) (guix (guix-for-channels my-channels)))) ;; greetd-service-type provides "greetd" PAM service (delete login-service-type) ;; and can be used in place of mingetty-service-type (delete mingetty-service-type))) )) (bootloader (bootloader-configuration (bootloader grub-efi-bootloader) (targets (list "/boot/efi")) (keyboard-layout keyboard-layout))) (swap-devices (list (swap-space (target (uuid "7d57b644-4038-4966-8047-fb358ef79d5c"))))) ;; The list of file systems that get "mounted". The unique ;; file system identifiers there ("UUIDs") can be obtained ;; by running 'blkid' in a terminal. (file-systems (cons* (file-system (mount-point "/") (device (uuid "e4742181-2a6c-487f-b4dd-cc26930dbc7b" 'ext4)) (type "ext4")) (file-system (mount-point "/boot/efi") (device (uuid "B1D3-6C95" 'fat32)) (type "vfat")) (file-system (mount-point "/home") (device (uuid "c79fa858-ca01-46f8-b400-c4ab0e218986" 'ext4)) (type "ext4")) %base-file-systems)))