(define-module (freya system) #:use-module (srfi srfi-1) #:use-module (gnu) #:use-module (gnu packages) #:use-module (gnu packages linux) #:use-module (gnu packages libusb) #:use-module (gnu packages shells) #:use-module (gnu packages security-token) #:use-module (gnu services) #:use-module (gnu services ssh) #:use-module (gnu services nix) #:use-module (gnu services cups) #:use-module (gnu services dbus) #:use-module (gnu services avahi) #:use-module (gnu services linux) #:use-module (gnu services spice) #:use-module (gnu services docker) #:use-module (gnu services desktop) #:use-module (gnu services networking) #:use-module (gnu services security-token) #:use-module (gnu services virtualization) #:use-module (gnu system locale) #:use-module (gnu system setuid) #:use-module (guix packages) #:use-module (nongnu packages linux) #:use-module (freya certs) #:use-module (sakura packages qt) #:use-module (sakura packages sound) #:use-module (sakura packages virtualization) #:use-module (sakura bootloader uki)) ;; locale (define-public %base-freya-locale (list (locale-definition (name "en_US.utf8") (source "en_US") (charset "UTF-8")) (locale-definition (name "ja_JP.utf8") (source "ja_JP") (charset "UTF-8")))) ;; user groups (define %base-freya-user-groups (list "wheel" "audio" "video" "netdev" "tty")) (define %desktop-freya-user-groups (append ;; append desktop freya groups (list "lp" "docker" "plugdev" "libvirt" "kvm") ;; append base freya groups %base-freya-user-groups)) ;; user accounts (define freya-user-accounts (lambda (groups) (cons* (user-account (name "freya") (comment "Freya Murphy") (uid 1000) (group "users") (shell (file-append zsh "/bin/zsh")) (home-directory "/home/freya") (create-home-directory? #t) (supplementary-groups groups)) %base-user-accounts))) (define-public %base-freya-user-accounts (freya-user-accounts %base-freya-user-groups)) (define-public %desktop-freya-user-accounts (freya-user-accounts %desktop-freya-user-groups)) ;; packages (define-public %virt-freya-packages (append ;; append needed virt packages (specifications->packages (list ; video audio "mesa" "mesa-utils" ; terrminal "alsa-utils" "vim" "neovim" ; file sys "parted" "gptfdisk" "ddrescue" "cryptsetup" "dosfstools" "btrfs-progs" "e2fsprogs" "f2fs-tools" ; basic utils "curl" "htop" "git" "zsh" "opendoas" "linux-pam" "bind:utils" "unzip" "p7zip" "acpi" "tree" "rlwrap" "netcat" "ripgrep" "ncurses" "jq" "m4" "openssl")) ;; append freyanet certs (list freya-ca-certs) ;; append guix base packages %base-packages)) (define-public %base-freya-packages (append ;; append needed base packages (specifications->packages (list ; firmware "sof-firmware" "amd-microcode" "v4l2loopback-linux-module")) ;; apend virt freya packages %virt-freya-packages)) (define-public %desktop-freya-packages (append ;; append needed desktop packages (specifications->packages (list ; gtk "wxwidgets" "gtk+" "dconf" "gnome-themes-extra" "adwaita-icon-theme" "hicolor-icon-theme" ; wayland x11 "wl-clipboard" "libx11" "xorg-server-xwayland" "xf86-video-qxl" ; video audio "glu" "libglvnd" "vulkan-loader" "vulkan-validationlayers" "vulkan-tools" "vulkan-headers" "spirv-tools" "spirv-headers" "sdl2" "openal" "freealut" ; xdg "xdg-utils" "xdg-desktop-portal" ; system daemons "docker" "containerd" "avahi" "gnupg" "light" "brightnessctl" "wireguard-tools" "libpcap" ; fonts "font-fira-mono" "font-google-noto-sans-cjk" "font-jetbrains-mono" "font-dejavu" ; misc "qemu")) ;; append custom packages (list ; qt qt5-styleplugins qt6gtk2 ; system virt-manager-ovmf) ;; append base freya backages %base-freya-packages)) ;; services (define-public %base-freya-services (append ;; append needed base services (list ; mtp (simple-service 'mtp udev-service-type (list libmtp)) ; polkit polkit-wheel-service ; font config fontconfig-file-system-service ; networking (service ntp-service-type) (service network-manager-service-type) (service wpa-supplicant-service-type) (service modem-manager-service-type) (service usb-modeswitch-service-type) ; dbus (service upower-service-type) (service polkit-service-type) (service pam-limits-service-type) (service elogind-service-type) (service dbus-root-service-type) ; openssh (service openssh-service-type (openssh-configuration (authorized-keys `(("freya" ,(local-file "../../files/keys/freya-ssh.pub")) ("root" ,(local-file "../../files/keys/freya-ssh.pub")))) (permit-root-login #t) (allow-empty-passwords? #t) (password-authentication? #f) (public-key-authentication? #t) (x11-forwarding? #t) (allow-tcp-forwarding? #t)))) ;; append guix base services (modify-services %base-services (guix-service-type config => (guix-configuration (inherit config) (substitute-urls (append (list "https://substitutes.nonguix.org" "https://substitutes.freya.cat") %default-substitute-urls)) (authorized-keys (append (list (local-file "../../files/keys/nonguix.pub") (local-file "../../files/keys/sakura.pub")) %default-authorized-guix-keys))))))) (define-public %desktop-freya-services (append ;; append needed desktop services (list ; nix (service nix-service-type) ; wirerguard (simple-service 'wireguard-module kernel-module-loader-service-type '("wireguard")) ; printing (service cups-service-type (cups-configuration (web-interface? #t))) (service avahi-service-type (avahi-configuration (publish? #f) (publish-workstation? #f))) ; docker (service docker-service-type) (service containerd-service-type) ; libvirt (service libvirt-service-type (libvirt-configuration (libvirt libvirt-ovmf) (unix-sock-group "libvirt") (tls-port "16555"))) (service virtlog-service-type) (service spice-vdagent-service-type) ; bluetooth (service bluetooth-service-type (bluetooth-configuration (bluez bluez-sakura) (experimental #t) (fast-connectable? #t) (auto-enable? #t))) ; yubikey (service pcscd-service-type) (udev-rules-service 'fido2 libfido2 #:groups '("plugdev"))) ;; append freya base services %base-freya-services)) ;; setuid programs (define-public %base-freya-setuid-programs (append ;; append needed setuid programs (list ; doas (file-like->setuid-program (file-append (specification->package "opendoas") "/bin/doas"))) ;; append guix setuid programs %setuid-programs)) ;; file systems (define-public %base-freya-file-systems (cons* ;; /tmp (file-system (mount-point "/tmp") (device "none") (type "tmpfs") (check? #f)) ;; append guix base file systems %base-file-systems)) ;; firmware (define-public %base-freya-firmware (append ;; append needed base firmware (list linux-firmware sof-firmware amd-microcode) ;; append guix base firmware %base-firmware)) ;; operating system (define-public %base-freya-operating-system (operating-system (kernel linux) (firmware %base-freya-firmware) (locale "en_US.UTF-8") (locale-definitions %base-freya-locale) (timezone "America/New_York") (keyboard-layout (keyboard-layout "us")) (host-name "guix") (users %base-freya-user-accounts) (packages %base-freya-packages) (services %base-freya-services) (name-service-switch %mdns-host-lookup-nss) (setuid-programs %base-freya-setuid-programs) (file-systems %base-freya-file-systems) (bootloader (bootloader-configuration (bootloader uefi-uki-bootloader) (targets (list "/boot/efi")) (keyboard-layout keyboard-layout))))) (define-public %virt-freya-operating-system (operating-system (inherit %base-freya-operating-system) (initrd-modules (cons* "virtio_scsi" "mptspi" (operating-system-initrd-modules %base-freya-operating-system))) (kernel linux-libre-lts) (firmware %base-firmware) (packages %virt-freya-packages))) (define-public %desktop-freya-operating-system (operating-system (inherit %base-freya-operating-system) (users %desktop-freya-user-accounts) (packages %desktop-freya-packages) (services %desktop-freya-services)))