From 8f13dfa06606b3f4189450eb5f9bc073874a9c4c Mon Sep 17 00:00:00 2001 From: Tissevert Date: Wed, 15 Feb 2023 08:45:26 +0100 Subject: [PATCH] migrate rose to modular services config including pam-mount --- nonguix.signing-key.scm | 6 +++++ rose.system.scm | 28 +++++--------------- system.common.scm | 57 +++++++++++++++++++++++++++++++---------- touchpad.conf | 11 -------- 4 files changed, 56 insertions(+), 46 deletions(-) create mode 100644 nonguix.signing-key.scm mode change 100755 => 100644 system.common.scm delete mode 100644 touchpad.conf diff --git a/nonguix.signing-key.scm b/nonguix.signing-key.scm new file mode 100644 index 0000000..56ee811 --- /dev/null +++ b/nonguix.signing-key.scm @@ -0,0 +1,6 @@ +(public-key + (ecc + (curve Ed25519) + (q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#) + ) + ) diff --git a/rose.system.scm b/rose.system.scm index 93c6c91..96c8fa4 100644 --- a/rose.system.scm +++ b/rose.system.scm @@ -1,4 +1,5 @@ (use-modules (gnu) + (gnu services desktop) (gnu system)) (use-modules (nongnu packages linux) (nongnu system linux-initrd)) @@ -10,32 +11,17 @@ (inherit os) (host-name "rose") (services - (modify-services - (xfce-desktop-services os) - (guix-service-type config => - (guix-configuration - (inherit config) - (substitute-urls - (cons* "https://substitutes.nonguix.org" - %default-substitute-urls)) - (authorized-keys - (cons* (local-file "./nonguix.key.pub") - %default-authorized-guix-keys)))))) + (append + (list (pam-mount + "kook" + "/dev/disk/by-uuid/c896e07f-d2ed-4390-8ce0-b82080d1bdc2")) + (desktop-environment (operating-system-keyboard-layout os)) + (nonguix %desktop-services))) (kernel linux) (initrd microcode-initrd) (firmware (list linux-firmware)) - (mapped-devices - (list (mapped-device - (source (uuid "c896e07f-d2ed-4390-8ce0-b82080d1bdc2")) - (target "HOME") - (type luks-device-mapping)))) (file-systems (cons* (file-system - (mount-point "/home") - (device (uuid "73dc31f8-844d-4a87-bf54-4fb86a49469c" 'ext4)) - (type "ext4") - (dependencies mapped-devices)) - (file-system (mount-point "/boot/efi") (device (uuid "545B-970F" 'fat32)) (type "vfat")) diff --git a/system.common.scm b/system.common.scm old mode 100755 new mode 100644 index d68354f..d933871 --- a/system.common.scm +++ b/system.common.scm @@ -5,7 +5,8 @@ ((gnu packages file-systems) #:select (davfs2)) ((gnu packages ibus) #:select (ibus ibus-anthy)) ((gnu packages wm) #:select (i3-wm)) - ((gnu services desktop) #:select (xfce-desktop-service-type %desktop-services)) + ((gnu services desktop) #:select (xfce-desktop-service-type)) + ((gnu services pam-mount) #:select (pam-mount-service-type pam-mount-configuration)) ((gnu services xorg) #:select (set-xorg-configuration xorg-configuration)) (gnu system) (rnrs io ports)) @@ -15,19 +16,6 @@ (define %utils (list anthy davfs2 gvfs i3-wm ibus ibus-anthy nss-certs)) -(define (read-file file-path) - (get-string-all (open-input-file file-path))) - -(define (xfce-desktop-services os) - (append - (list - (service xfce-desktop-service-type) - (set-xorg-configuration - (xorg-configuration - (keyboard-layout (operating-system-keyboard-layout os)) - (extra-config (list (read-file "touchpad.conf")))))) - %desktop-services)) - (define (install-to root-fs) (operating-system (locale "fr_FR.utf8") @@ -55,3 +43,44 @@ (device root-fs) (type "ext4")) %base-file-systems)))) + +(define (pam-mount userName device) + (service pam-mount-service-type + (pam-mount-configuration + (rules `((debug (@ (enable "0"))) + (volume (@ (user ,userName) + (fstype "crypt") + (path ,device) + (mountpoint "/home/"))) + (mntoptions (@ (allow ,(string-join + '("nosuid" "nodev" "loop" + "encryption" "fsck" "nonempty" + "allow_root" "allow_other") + ",")))) + (mntoptions (@ (require "nosuid,nodev"))) + (logout (@ (wait "0") + (hup "0") + (term "no") + (kill "no"))) + (mkmountpoint (@ (enable "1") + (remove "false")))))))) + +(define (desktop-environment keyboard-layout) + (list + (service xfce-desktop-service-type) + (set-xorg-configuration + (xorg-configuration (keyboard-layout keyboard-layout))))) + +(define nonguix + (lambda (services) + (modify-services services + (guix-service-type + config => + (guix-configuration + (inherit config) + (substitute-urls + (append (list "https://substitutes.nonguix.org") + %default-substitute-urls)) + (authorized-keys + (append (list (local-file "./nonguix.signing-key.scm")) + %default-authorized-guix-keys))))))) diff --git a/touchpad.conf b/touchpad.conf deleted file mode 100644 index 1945a41..0000000 --- a/touchpad.conf +++ /dev/null @@ -1,11 +0,0 @@ -Section "InputClass" - Identifier "touchpad overrides" - # This makes this snippet apply to any device with the "synaptics" driver - # assigned - MatchDriver "synaptics" - - #################################### - ## The lines that you need to add ## - # Enable left mouse button by tapping - Option "TapButton1" "1" -EndSection