(define-module (home-config base-system) #:use-module (gnu) #:use-module (gnu system setuid) #:use-module (gnu packages) #:use-module (gnu packages admin) #:use-module (gnu packages avahi) #:use-module (gnu packages shells) #:use-module (gnu packages tls) #:use-module (gnu packages vpn) #:use-module (gnu packages security-token) #:use-module (gnu packages virtualization) #:use-module (guix packages) #:use-module (nongnu packages linux) #:use-module (srfi srfi-1) #:use-module (gnu services) #:use-module (gnu services linux) #:use-module (gnu services authentication) #:use-module (gnu services security-token) #:use-module (gnu services cups) #:use-module (gnu services desktop) #:use-module (gnu services networking) #:use-module (gnu services xorg) #:use-module (gnu services ssh) #:use-module (gnu services nix) #:use-module (gnu services sound) #:use-module (gnu services docker) #:use-module (gnu services avahi) #:use-module (gnu services spice) #:use-module (gnu services virtualization) #:use-module (home-services ntp) #:use-module (home-packages wm) #:use-module (home-packages certs) #:use-module (home-packages virtualization)) (define %my-base-packages (remove (lambda (package) (member (package-name package) (list "sudo" "nano"))) %base-packages)) (define %backlight-udev-rule (udev-rule "90-backlight.rules" (string-append "ACTION==\"add\", SUBSYSTEM==\"backlight\", " "RUN+=\"/run/current-system/profile/bin/chgrp video /sys/class/backlight/%k/brightness\"" "\n" "ACTION==\"add\", SUBSYSTEM==\"backlight\", " "RUN+=\"/run/current-system/profile/bin/chmod g+w /sys/class/backlight/%k/brightness\""))) (define-public base-operating-system (operating-system (kernel linux) (firmware (list linux-firmware intel-microcode sof-firmware)) (locale "en_US.utf8") (timezone "America/New_York") (keyboard-layout (keyboard-layout "us")) (host-name "ThisWillChange") ;; The list of user accounts ('root' is implicit). (users (cons* (user-account (name "tylerm") (comment "Tyler Murphy") (group "users") (home-directory "/home/tylerm") (shell (file-append zsh "/bin/zsh")) (supplementary-groups '("wheel" "audio" "lp" "docker" "plugdev" "libvirt" "kvm" "netdev" "video" "tty"))) %base-user-accounts)) (packages (append (map specification->package (list "swayfx" "swaybg" "wlogout" "sof-firmware" "intel-microcode" "alsa-utils" "chrony" "swayidle" "dconf" "alacritty" "gnome-themes-extra" "adwaita-icon-theme" "hicolor-icon-theme" "git" "nss-certs" "gvfs" "gnupg" "light" "waybar" "avahi" "mako" "grim" "slurp" "wl-clipboard" "bluez" "blueman" "opendoas" "wireguard-tools" "xdg-desktop-portal" "xdg-desktop-portal-wlr" "v4l2loopback-linux-module" "docker" "linux-pam" "pulseaudio" "libx11" "xorg-server-xwayland" "fprintd" "wireplumber" "qemu" "spice" "xf86-video-qxl" "zsh" "mesa" "mesa-utils" "glu" "vulkan-loader" "vulkan-validationlayers" "vulkan-tools" "vulkan-headers" "spirv-tools" "spirv-headers" "sdl2" "openal" "freealut" "wxwidgets" "libpcap" "v4l2loopback-linux-module" "neovim")) (list swaylock-effects-new virt-manager-new freya-ca-certs) %my-base-packages)) ;; Below is the list of system services. TO search for available ;; services. run 'guix system search KEYWORD' in a terminal. (services (append (list ;; To configure OpenSSH, pass an 'openssh-configuration' ;; record as a second argument to 'service' below. (service openssh-service-type) (service pcscd-service-type) (service spice-vdagent-service-type) (simple-service 'wireguard-module kernel-module-loader-service-type '("wireguard")) (service cups-service-type (cups-configuration (web-interface? #t))) ;; Avahi is only present for CUPS to support "automagic" printing (service avahi-service-type (avahi-configuration (publish? #f) ;; do not advertise this machiene (publish-workstation? #f))) ; do not advertise, I want this to be as silent as possible (service docker-service-type) ;(service chrony-sericve-type) (service nix-service-type) (service libvirt-service-type (libvirt-configuration (libvirt libvirt-new) (unix-sock-group "libvirt") (tls-port "16555"))) (service virtlog-service-type) (service bluetooth-service-type (bluetooth-configuration (experimental #t) (fast-connectable? #t))) (service pam-limits-service-type) (service fprintd-service-type) (udev-rules-service 'fido2 libfido2 #:groups '("plugdev"))) ;; This is the default list of services we ;; are appending to. (modify-services %desktop-services (guix-service-type config => (guix-configuration (inherit config) (substitute-urls (append (list "https://substitutes.nonguix.org") %default-substitute-urls)) (authorized-keys (cons* (plain-file "non-guix.pub" "(public-key (ecc (curve Ed25519) (q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#) ) )" ) %default-authorized-guix-keys)))) (udev-service-type config => (udev-configuration (inherit config))) (delete pulseaudio-service-type) (delete gdm-service-type) (delete avahi-service-type) (delete alsa-service-type)))) (name-service-switch %mdns-host-lookup-nss) (setuid-programs (append (list (file-like->setuid-program (file-append swaylock-effects-new "/bin/swaylock")) (file-like->setuid-program (file-append (specification->package "opendoas") "/bin/doas"))) (delete sudo %setuid-programs))) (file-systems (cons* (file-system (mount-point "/tmp") (device "none") (type "tmpfs") (check? #f)) %base-file-systems)) (bootloader (bootloader-configuration (bootloader grub-efi-bootloader) (targets (list "/boot/efi")) (keyboard-layout keyboard-layout)))))