freya/dotfiles-guix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor system, add installer config

Browse source
This commit is contained in:
Freya Murphy 2024-10-21 22:51:40 -04:00
parent 11fedb159c
commit fe5b074aae
Signed by: freya
GPG key ID: 744AB800E383AE52
4 changed files with 371 additions and 216 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

230
modules/freya/system.scm
View file

@ -38,18 +38,9 @@
#:use-module (freya packages networking) #:use-module (freya packages networking)
#:use-module (freya packages virtualization)) #:use-module (freya packages virtualization))
(define-public base-operating-system
(operating-system
(kernel linux-6.11)
(firmware (list linux-firmware
amd-microcode
sof-firmware))
(locale "en_US.utf8")
(timezone "America/New_York")
(keyboard-layout (keyboard-layout "us"))
(host-name "ThisWillChange")
(users (cons* (user-account (define-public %freya-user-accounts
(cons* (user-account
(name "freya") (name "freya")
(comment "Freya Murphy") (comment "Freya Murphy")
(group "users") (group "users")
@ -67,47 +58,23 @@
"tty"))) "tty")))
%base-user-accounts)) %base-user-accounts))
(packages (append (specifications->packages (list ; gtk
"wxwidgets"
"gtk+"
"dconf"
"gnome-themes-extra"
"adwaita-icon-theme"
"hicolor-icon-theme"
; wayland x11 (define-public %freya-base-packages
"wl-clipboard" (append
"libx11"
"xorg-server-xwayland"
"xf86-video-qxl"
; video audio ;; append guix and nonguix base packages
(specifications->packages (list ; video audio
"mesa" "mesa"
"mesa-utils" "mesa-utils"
"glu"
"libglvnd"
"vulkan-loader"
"vulkan-validationlayers"
"vulkan-tools"
"vulkan-headers"
"spirv-tools"
"spirv-headers"
"sdl2"
"openal"
"freealut"
; xdg
"xdg-utils"
"xdg-desktop-portal"
; firmware ; firmware
"sof-firmware" "sof-firmware"
"amd-microcode" "amd-microcode"
"v4l2loopback-linux-module" "v4l2loopback-linux-module"
; needed programs ; terrminal
"qemu"
"alsa-utils" "alsa-utils"
"vim"
"neovim" "neovim"
; basic utils ; basic utils
@ -127,7 +94,49 @@
"ripgrep" "ripgrep"
"ncurses" "ncurses"
"jq" "jq"
"openssl" "openssl"))
;; append certs
(list freya-ca-certs)
;; append guix base packages
%base-packages))
(define-public %freya-packages
(append
;; append guix and nonguix packages
(specifications->packages (list ; gtk
"wxwidgets"
"gtk+"
"dconf"
"gnome-themes-extra"
"adwaita-icon-theme"
"hicolor-icon-theme"
; wayland x11
"wl-clipboard"
"libx11"
"xorg-server-xwayland"
"xf86-video-qxl"
; video audio
"glu"
"libglvnd"
"vulkan-loader"
"vulkan-validationlayers"
"vulkan-tools"
"vulkan-headers"
"spirv-tools"
"spirv-headers"
"sdl2"
"openal"
"freealut"
; xdg
"xdg-utils"
"xdg-desktop-portal"
; system daemons ; system daemons
"docker" "docker"
@ -143,7 +152,12 @@
"font-fira-mono" "font-fira-mono"
"font-google-noto-sans-cjk" "font-google-noto-sans-cjk"
"font-jetbrains-mono" "font-jetbrains-mono"
"font-dejavu")) "font-dejavu"
; misc
"qemu"))
;; append custom packages
(list ; qt (list ; qt
qt5-styleplugins qt5-styleplugins
qt6gtk2 qt6gtk2
@ -155,49 +169,21 @@
pulseaudio-new pulseaudio-new
; system ; system
virt-manager-ovmf virt-manager-ovmf)
freya-ca-certs)
%base-packages))
(services ;; append freya base backages
(append (list %freya-base-packages))
; system
(service nix-service-type)
(define-public %freya-base-services
(append
(list ; pam
(service pam-limits-service-type) (service pam-limits-service-type)
(service openssh-service-type) ; openssh
; networking (service openssh-service-type))
(simple-service 'wireguard-module
kernel-module-loader-service-type
'("wireguard"))
; printing
(service cups-service-type
(cups-configuration
(web-interface? #t)))
(service avahi-service-type
(avahi-configuration
(publish? #f)
(publish-workstation? #f)))
; docker
(service docker-service-type)
(service containerd-service-type)
; vms
(service libvirt-service-type
(libvirt-configuration
(libvirt libvirt-ovmf)
(unix-sock-group "libvirt")
(tls-port "16555")))
(service virtlog-service-type)
(service spice-vdagent-service-type)
; audio
(service bluetooth-service-type
(bluetooth-configuration
(bluez bluez-new)
(experimental #t)
(fast-connectable? #t)))
; yubikey
(service pcscd-service-type)
(udev-rules-service 'fido2 libfido2 #:groups '("plugdev")))
; base guix desktop services
(modify-services %desktop-services (modify-services %desktop-services
(guix-service-type config => (guix-service-type config =>
(guix-configuration (guix-configuration
@ -217,20 +203,65 @@
(delete alsa-service-type) (delete alsa-service-type)
(delete screen-locker-service-type)))) (delete screen-locker-service-type))))
(name-service-switch %mdns-host-lookup-nss)
(setuid-programs (define-public %freya-services
(append (list (file-like->setuid-program (append
(file-append %freya-base-services
swaylock-effects-new (list ; nix
"/bin/swaylock")) (service nix-service-type)
; wirerguard
(simple-service 'wireguard-module
kernel-module-loader-service-type
'("wireguard"))
; printing
(service cups-service-type
(cups-configuration
(web-interface? #t)))
(service avahi-service-type
(avahi-configuration
(publish? #f)
(publish-workstation? #f)))
; docker
(service docker-service-type)
(service containerd-service-type)
; libvirt
(service libvirt-service-type
(libvirt-configuration
(libvirt libvirt-ovmf)
(unix-sock-group "libvirt")
(tls-port "16555")))
(service virtlog-service-type)
(service spice-vdagent-service-type)
; audio
(service bluetooth-service-type
(bluetooth-configuration
(bluez bluez-new)
(experimental #t)
(fast-connectable? #t)))
; yubikey
(service pcscd-service-type)
(udev-rules-service 'fido2 libfido2 #:groups '("plugdev")))))
(define-public %freya-setuid-programs
(append (list ; doas
(file-like->setuid-program (file-like->setuid-program
(file-append (file-append
(specification->package "opendoas") (specification->package "opendoas")
"/bin/doas"))) "/bin/doas")))
(delete sudo %setuid-programs))) ; base setuid programs
%setuid-programs))
(file-systems (cons*
(define-public %freya-file-systems
(cons*
; /tmp
(file-system (file-system
(mount-point "/tmp") (mount-point "/tmp")
(device "none") (device "none")
@ -238,6 +269,23 @@
(check? #f)) (check? #f))
%base-file-systems)) %base-file-systems))
(define-public base-operating-system
(operating-system
(kernel linux-6.11)
(firmware (list linux-firmware
amd-microcode
sof-firmware))
(locale "en_US.utf8")
(timezone "America/New_York")
(keyboard-layout (keyboard-layout "us"))
(host-name "ThisWillChange")
(users %freya-user-accounts)
(packages %freya-packages)
(services %freya-services)
(name-service-switch %mdns-host-lookup-nss)
(setuid-programs %freya-setuid-programs)
(file-systems %freya-file-systems)
(bootloader (bootloader-configuration (bootloader (bootloader-configuration
(bootloader uefi-uki-bootloader) (bootloader uefi-uki-bootloader)
(targets (list "/boot/efi")) (targets (list "/boot/efi"))

111
systems/installer.scm Normal file
View file

@ -0,0 +1,111 @@
; base system for creating installer images
(use-modules (freya system)
(gnu packages disk)
(gnu packages linux)
(gnu packages cryptsetup)
(gnu packages file-systems)
(gnu services shepherd)
(guix modules)
(gnu))
; copy over installer disk utilites
(define %installer-disk-utilities
(list parted gptfdisk ddrescue
lvm2-static
cryptsetup mdadm
dosfstools
btrfs-progs
e2fsprogs
f2fs-tools
jfsutils
xfsprogs))
; copy over cow store
(define %backing-directory
;; Sub-directory used as the backing store for copy-on-write.
"/tmp/guix-inst")
(define cow-store-service-type
(shepherd-service-type
'cow-store
(lambda _
(define (import-module? module)
;; Since we don't use deduplication support in 'populate-store', don't
;; import (guix store deduplication) and its dependencies, which
;; includes Guile-Gcrypt.
(and (guix-module-name? module)
(not (equal? module '(guix store deduplication)))))
(shepherd-service
(requirement '(root-file-system user-processes))
(provision '(cow-store))
(documentation
"Make the store copy-on-write, with writes going to \
the given target.")
;; This is meant to be explicitly started by the user.
(auto-start? #f)
(modules `((gnu build install)
,@%default-modules))
(start
(with-imported-modules (source-module-closure
'((gnu build install))
#:select? import-module?)
#~(case-lambda
((target)
(mount-cow-store target #$%backing-directory)
target)
(else
;; Do nothing, and mark the service as stopped.
#f))))
(stop #~(lambda (target)
;; Delete the temporary directory, but leave everything
;; mounted as there may still be processes using it since
;; 'user-processes' doesn't depend on us. The 'user-file-systems'
;; service will unmount TARGET eventually.
(delete-file-recursively
(string-append target #$%backing-directory))))))
(description "Make the store copy-on-write, with writes going to \
the given target.")))
(define (cow-store-service)
"Return a service that makes the store copy-on-write, such that writes go to
the user's target storage device rather than on the RAM disk."
;; See <http://bugs.gnu.org/18061> for the initial report.
(service cow-store-service-type 'mooooh!))
; installer system
(operating-system
(inherit base-operating-system)
(host-name "installer")
(file-systems
(append %base-live-file-systems
%base-file-systems))
(users (list (user-account
(name "root")
(group "root")
(supplementary-groups '("wheel")) ; allow use of sudo
(password "")
(comment "root"))))
(pam-services
;; Explicitly allow for empty passwords.
(base-pam-services #:allow-empty-passwords? #t))
(packages (append %installer-disk-utilities
%freya-base-packages))
(services (append %freya-base-services
(list (cow-store-service))))
(bootloader (bootloader-configuration
(bootloader grub-bootloader)
(targets '("/dev/sda")))))

3
systems/kaworu.scm
View file

@ -20,4 +20,5 @@
(mount-point "/boot/efi") (mount-point "/boot/efi")
(device (uuid "099A-D668" (device (uuid "099A-D668"
'fat32)) 'fat32))
(type "vfat")) %base-file-systems))) (type "vfat"))
%freya-file-systems)))

9
systems/shinji.scm
View file

@ -5,12 +5,6 @@
(inherit base-operating-system) (inherit base-operating-system)
(host-name "shinji") (host-name "shinji")
(kernel-arguments (append (list "intel_iommu=on")
%default-kernel-arguments))
(initrd-modules (cons* "vfio_pci" "vfio" "vfio_iommu_type1"
%base-initrd-modules))
(mapped-devices (list (mapped-device (mapped-devices (list (mapped-device
(source (uuid (source (uuid
"5c5dcb22-62b1-41af-9116-b8fdfba83ca2")) "5c5dcb22-62b1-41af-9116-b8fdfba83ca2"))
@ -26,4 +20,5 @@
(mount-point "/boot/efi") (mount-point "/boot/efi")
(device (uuid "AD5A-4DF3" (device (uuid "AD5A-4DF3"
'fat32)) 'fat32))
(type "vfat")) %base-file-systems))) (type "vfat"))
%freya-file-systems)))