2023-03-11 23:28:19 +01:00
|
|
|
(use-modules (gnu)
|
|
|
|
((gnu packages anthy) #:select (anthy))
|
|
|
|
((gnu packages certs) #:select (nss-certs))
|
|
|
|
((gnu packages gnome) #:select (gvfs))
|
|
|
|
((gnu packages file-systems) #:select (davfs2))
|
|
|
|
((gnu packages ibus) #:select (ibus ibus-anthy))
|
|
|
|
((gnu packages wm) #:select (i3-wm))
|
|
|
|
((gnu services desktop) #:select (xfce-desktop-service-type))
|
|
|
|
((gnu services pam-mount) #:select (pam-mount-service-type pam-mount-configuration))
|
|
|
|
((gnu services xorg) #:select (set-xorg-configuration xorg-configuration))
|
|
|
|
(gnu system))
|
|
|
|
|
|
|
|
(define %utils
|
|
|
|
(list anthy davfs2 gvfs i3-wm ibus ibus-anthy nss-certs))
|
|
|
|
|
|
|
|
(define (install-to root-fs)
|
|
|
|
(operating-system
|
|
|
|
(locale "fr_FR.utf8")
|
|
|
|
(timezone "Europe/Paris")
|
|
|
|
(keyboard-layout (keyboard-layout "fr" "bepo" #:options '("ctrl:swapcaps")))
|
|
|
|
(host-name "stub")
|
|
|
|
(users (cons* (user-account
|
|
|
|
(name "kook")
|
|
|
|
(comment "Grou-grou")
|
|
|
|
(group "users")
|
|
|
|
(home-directory "/home")
|
|
|
|
(supplementary-groups
|
|
|
|
'("wheel" "netdev" "audio" "video" "kvm")))
|
|
|
|
%base-user-accounts))
|
|
|
|
(packages
|
|
|
|
(append %utils %base-packages))
|
|
|
|
(bootloader
|
|
|
|
(bootloader-configuration
|
|
|
|
(bootloader grub-efi-bootloader)
|
|
|
|
(targets '("/boot/efi"))
|
|
|
|
(keyboard-layout keyboard-layout)))
|
|
|
|
(file-systems
|
|
|
|
(cons (file-system
|
|
|
|
(mount-point "/")
|
|
|
|
(device root-fs)
|
|
|
|
(type "ext4"))
|
|
|
|
%base-file-systems))))
|
|
|
|
|
|
|
|
(define pam-audio
|
2023-12-09 18:36:48 +01:00
|
|
|
(service pam-limits-service-type
|
2023-03-11 23:28:19 +01:00
|
|
|
(list
|
|
|
|
(pam-limits-entry "@audio" 'both 'rtprio 99)
|
|
|
|
(pam-limits-entry "@audio" 'both 'memlock 'unlimited))))
|
|
|
|
|
|
|
|
(define (pam-mount userName device)
|
|
|
|
(service pam-mount-service-type
|
|
|
|
(pam-mount-configuration
|
|
|
|
(rules `((debug (@ (enable "0")))
|
|
|
|
(volume (@ (user ,userName)
|
|
|
|
(fstype "crypt")
|
|
|
|
(path ,device)
|
|
|
|
(mountpoint "/home/")))
|
|
|
|
(mntoptions (@ (allow ,(string-join
|
|
|
|
'("nosuid" "nodev" "loop"
|
|
|
|
"encryption" "fsck" "nonempty"
|
|
|
|
"allow_root" "allow_other")
|
|
|
|
","))))
|
|
|
|
(mntoptions (@ (require "nosuid,nodev")))
|
|
|
|
(logout (@ (wait "0")
|
|
|
|
(hup "0")
|
|
|
|
(term "no")
|
|
|
|
(kill "no")))
|
|
|
|
(mkmountpoint (@ (enable "1")
|
|
|
|
(remove "false"))))))))
|
|
|
|
|
|
|
|
(define (desktop-environment keyboard-layout)
|
|
|
|
(list
|
|
|
|
(service xfce-desktop-service-type)
|
|
|
|
(set-xorg-configuration
|
|
|
|
(xorg-configuration (keyboard-layout keyboard-layout)))))
|
|
|
|
|
|
|
|
(define (ssh-only authorized-keys)
|
|
|
|
(service openssh-service-type
|
|
|
|
(openssh-configuration
|
|
|
|
(password-authentication? #f)
|
|
|
|
(permit-root-login #f)
|
|
|
|
(authorized-keys authorized-keys))))
|
|
|
|
|
|
|
|
(define nonguix
|
|
|
|
(lambda (services)
|
|
|
|
(modify-services services
|
|
|
|
(guix-service-type
|
|
|
|
config =>
|
|
|
|
(guix-configuration
|
|
|
|
(inherit config)
|
|
|
|
(substitute-urls
|
|
|
|
(append (list "https://substitutes.nonguix.org")
|
|
|
|
%default-substitute-urls))
|
|
|
|
(authorized-keys
|
|
|
|
(append (list (local-file "./nonguix.signing-key.scm"))
|
|
|
|
%default-authorized-guix-keys)))))))
|