Add config for pine and rework services a bit

This commit is contained in:
Tissevert 2023-03-11 23:28:19 +01:00
parent c7a7424533
commit be3d2b5d0e
9 changed files with 197 additions and 99 deletions

View file

@ -1,85 +0,0 @@
(use-modules (gnu)
((gnu packages anthy) #:select (anthy))
((gnu packages certs) #:select (nss-certs))
((gnu packages gnome) #:select (gvfs))
((gnu packages file-systems) #:select (davfs2))
((gnu packages ibus) #:select (ibus ibus-anthy))
((gnu packages wm) #:select (i3-wm))
((gnu services desktop) #:select (xfce-desktop-service-type %desktop-services))
((gnu services xorg) #:select (set-xorg-configuration xorg-configuration))
(gnu system))
(use-modules (nongnu packages linux)
(nongnu system linux-initrd))
(define %utils
(list anthy davfs2 gvfs i3-wm ibus ibus-anthy nss-certs))
(define (my-services keyboard-layout)
(append
(list
(service xfce-desktop-service-type)
(set-xorg-configuration
(xorg-configuration (keyboard-layout keyboard-layout))))
(modify-services %desktop-services
(guix-service-type config =>
(guix-configuration
(inherit config)
(substitute-urls
(cons* "https://substitutes.nonguix.org"
%default-substitute-urls))
(authorized-keys
(cons* (local-file "./nonguix.key.pub")
%default-authorized-guix-keys)))))))
(operating-system
(locale "fr_FR.utf8")
(timezone "Europe/Paris")
(keyboard-layout (keyboard-layout "fr" "bepo" #:options '("ctrl:swapcaps")))
(host-name "rose")
(users (cons* (user-account
(name "kook")
(comment "Grou-grou")
(group "users")
(home-directory "/home")
(supplementary-groups
'("wheel" "netdev" "audio" "video" "kvm")))
%base-user-accounts))
(packages
(append
%utils
%base-packages))
(services (my-services keyboard-layout))
(kernel linux)
(initrd microcode-initrd)
(firmware (list linux-firmware))
(bootloader
(bootloader-configuration
(bootloader grub-efi-bootloader)
(targets '("/boot/efi"))
(keyboard-layout keyboard-layout)))
(mapped-devices
(list (mapped-device
(source (uuid "c896e07f-d2ed-4390-8ce0-b82080d1bdc2"))
(target "HOME")
(type luks-device-mapping))))
(file-systems
(cons* (file-system
(mount-point "/")
(device (uuid "60c115b5-08f2-435b-95e5-d3b81ffba4f4" 'ext4))
(type "ext4"))
(file-system
(mount-point "/home")
(device (uuid "73dc31f8-844d-4a87-bf54-4fb86a49469c" 'ext4))
(type "ext4")
(dependencies mapped-devices))
(file-system
(mount-point "/boot/efi")
(device (uuid "545B-970F" 'fat32))
(type "vfat"))
(file-system
(mount-point "/tmp")
(device "tmpfs")
(type "tmpfs")
(check? #f)
(options "size=50%"))
%base-file-systems)))

1
files/authorized_keys Normal file
View file

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGOChJhdXFjPLFb218mVPSD9IsL7kyHqFdh/u2qcyJsjc5hFNPdnTvHHjQhsX33PaA5IfKM830AziWX/pwnePQQHR1nfw8knEpQaCNPmmHLQkepTeHlXKdSIXrv5fa9I27AWH+8NtAtJIY1F8jbEAGWXF8F6p8vZLybEljsmVOygWrkQmKtmYn/aOo+R7DlX4SnBfXmqWkzoilgI9FmNfaomv6FeU9VVQtemO4XPz/PMIYYvUNCJ2zaVbjNBmA6ZhHmZf3XlK4swnMW49Py2HboKs/MXLPpfwfU+KlLXYUs2wAtL+UFK/6/IUcIpaFdfTid183KQ07jf+uxtpUTEVT kook@burra

6
nonguix.signing-key.scm Normal file
View file

@ -0,0 +1,6 @@
(public-key
(ecc
(curve Ed25519)
(q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)
)
)

View file

@ -23,40 +23,49 @@
(gnu packages vim)
(gnu packages virtualization)
(gnu packages wm)
(gnu packages web)
(gnu packages xfce)
(gnu packages xorg))
(gnu packages xorg)
(loom packages eyecandy))
(define %desktop
(list
arc-icon-theme
arc-theme
claws-mail
evince
font-google-noto
font-openmoji
gcc-toolchain
ghc
git
;guide
htop
mplayer
nitrogen
openssh
pavucontrol
pragha
pwgen
quodlibet
recutils
rsync
tmux
ungoogled-chromium
toon-cursors
unzip
vim-full
vim-solarized
xarchiver
xfce4-screenshooter
xrandr
yaru-theme
zip))
(define %dev
(list
gcc-toolchain
ghc
git
jq))
(define %web
(list
claws-mail
ungoogled-chromium
))
(define %heavy
(list
libreoffice
@ -64,10 +73,9 @@
pandoc
qemu))
(define %network
(list
curl
netcat))
(packages->manifest (append %desktop %heavy %network))
netcat
openssh
rsync))

3
pine.packages.scm Normal file
View file

@ -0,0 +1,3 @@
(load "packages.scm")
(packages->manifest (append %desktop %dev %heavy %network %web))

36
pine.system.scm Normal file
View file

@ -0,0 +1,36 @@
(use-modules (gnu)
(gnu services desktop)
(gnu services ssh)
(gnu system))
(use-modules (nongnu packages linux)
(nongnu system linux-initrd))
(load "system.scm")
(let ((os (install-to (uuid "a942a6ac-012a-46c5-984e-5f53532a3253" 'ext4))))
(operating-system
(inherit os)
(host-name "pine")
(services
(append
(list
(pam-mount "kook" "/dev/md0")
pam-audio
(ssh-only `(("kook" ,(local-file "files/authorized_keys")))))
(desktop-environment (operating-system-keyboard-layout os))
(nonguix %desktop-services)))
(kernel linux)
(initrd microcode-initrd)
(firmware (list linux-firmware))
(mapped-devices
(list (mapped-device
(source (list "/dev/sdb" "/dev/sdc"))
(target "/dev/md0")
(type raid-device-mapping))
))
(file-systems
(cons* (file-system
(mount-point "/boot/efi")
(device (uuid "7974-61F4" 'fat32))
(type "vfat"))
(operating-system-file-systems os)))))

3
rose.packages.scm Normal file
View file

@ -0,0 +1,3 @@
(load "packages.scm")
(packages->manifest (append %desktop %dev %heavy %network %web))

30
rose.system.scm Normal file
View file

@ -0,0 +1,30 @@
(use-modules (gnu)
(gnu services desktop)
(gnu system))
(use-modules (nongnu packages linux)
(nongnu system linux-initrd))
(load "system.scm")
(let ((os (install-to (uuid "60c115b5-08f2-435b-95e5-d3b81ffba4f4" 'ext4))))
(operating-system
(inherit os)
(host-name "rose")
(services
(append
(list
(pam-mount
"kook"
"/dev/disk/by-uuid/c896e07f-d2ed-4390-8ce0-b82080d1bdc2")
pam-audio)
(desktop-environment (operating-system-keyboard-layout os))
(nonguix %desktop-services)))
(kernel linux)
(initrd microcode-initrd)
(firmware (list linux-firmware))
(file-systems
(cons* (file-system
(mount-point "/boot/efi")
(device (uuid "545B-970F" 'fat32))
(type "vfat"))
(operating-system-file-systems os)))))

96
system.scm Normal file
View file

@ -0,0 +1,96 @@
(use-modules (gnu)
((gnu packages anthy) #:select (anthy))
((gnu packages certs) #:select (nss-certs))
((gnu packages gnome) #:select (gvfs))
((gnu packages file-systems) #:select (davfs2))
((gnu packages ibus) #:select (ibus ibus-anthy))
((gnu packages wm) #:select (i3-wm))
((gnu services desktop) #:select (xfce-desktop-service-type))
((gnu services pam-mount) #:select (pam-mount-service-type pam-mount-configuration))
((gnu services xorg) #:select (set-xorg-configuration xorg-configuration))
(gnu system))
(define %utils
(list anthy davfs2 gvfs i3-wm ibus ibus-anthy nss-certs))
(define (install-to root-fs)
(operating-system
(locale "fr_FR.utf8")
(timezone "Europe/Paris")
(keyboard-layout (keyboard-layout "fr" "bepo" #:options '("ctrl:swapcaps")))
(host-name "stub")
(users (cons* (user-account
(name "kook")
(comment "Grou-grou")
(group "users")
(home-directory "/home")
(supplementary-groups
'("wheel" "netdev" "audio" "video" "kvm")))
%base-user-accounts))
(packages
(append %utils %base-packages))
(bootloader
(bootloader-configuration
(bootloader grub-efi-bootloader)
(targets '("/boot/efi"))
(keyboard-layout keyboard-layout)))
(file-systems
(cons (file-system
(mount-point "/")
(device root-fs)
(type "ext4"))
%base-file-systems))))
(define pam-audio
(pam-limits-service
(list
(pam-limits-entry "@audio" 'both 'rtprio 99)
(pam-limits-entry "@audio" 'both 'memlock 'unlimited))))
(define (pam-mount userName device)
(service pam-mount-service-type
(pam-mount-configuration
(rules `((debug (@ (enable "0")))
(volume (@ (user ,userName)
(fstype "crypt")
(path ,device)
(mountpoint "/home/")))
(mntoptions (@ (allow ,(string-join
'("nosuid" "nodev" "loop"
"encryption" "fsck" "nonempty"
"allow_root" "allow_other")
","))))
(mntoptions (@ (require "nosuid,nodev")))
(logout (@ (wait "0")
(hup "0")
(term "no")
(kill "no")))
(mkmountpoint (@ (enable "1")
(remove "false"))))))))
(define (desktop-environment keyboard-layout)
(list
(service xfce-desktop-service-type)
(set-xorg-configuration
(xorg-configuration (keyboard-layout keyboard-layout)))))
(define (ssh-only authorized-keys)
(service openssh-service-type
(openssh-configuration
(password-authentication? #f)
(permit-root-login #f)
(authorized-keys authorized-keys))))
(define nonguix
(lambda (services)
(modify-services services
(guix-service-type
config =>
(guix-configuration
(inherit config)
(substitute-urls
(append (list "https://substitutes.nonguix.org")
%default-substitute-urls))
(authorized-keys
(append (list (local-file "./nonguix.signing-key.scm"))
%default-authorized-guix-keys)))))))