diff --git a/etc/config.scm b/etc/config.scm new file mode 100644 index 0000000..587c843 --- /dev/null +++ b/etc/config.scm @@ -0,0 +1,746 @@ +(use-modules +(gnu) +(guix store) +(guix packages) +(rosenthal packages binaries) +(rosenthal packages emacs-xyz) +(guix transformations) +(gnu packages audio) +(gnu packages librewolf) +(gnu packages gdb) +(gnu packages graphics) +(gnu packages java) +(gnu packages fcitx5) +(gnu packages ibus) +(gnu packages gnuzilla) +(gnu services mcron) +(gnu packages haskell) +(gnu packages ebook) +(gnu packages lisp-xyz) +(gnu packages rust-apps) +(rde features bluetooth) +(gnu packages jami) +(gnu packages suckless) +(gnu packages finance) +(gnu packages pdf) +(gnu packages cran) +(gnu packages kde) +(gnu packages tex) +(gnu packages samba) +(gnu packages docker) +(gnu services docker) +(gnu services certbot) +(gnu services auditd) +(gnu packages unicode) +(gnu packages python-build) +(gnu packages glib) +(gnu packages mail) +(gnu packages gcc) +(gnu packages rust) +(guix git-download) +(guix git) +(gnu packages +commencement) +(gnu packages golang) +(gnu packages haskell-xyz) +(gnu packages kde-pim) +(gnu packages guile-xyz) +(gnu packages python-xyz) +(gnu packages pulseaudio) +(gnu packages texinfo) +(gnu packages cmake) +(gnu packages mpd) +(gnu packages disk) +(gnu packages android) +(gnu packages freedesktop) +(gnu packages image) +(gnu packages terminals) +(gnu packages music) +(gnu packages compton) +(gnu packages version-control) +(gnu packages lxqt) +(gnu packages file-systems) +(gnu services base) +(gnu packages xfce) +(guix channels) +(guix inferior) +(srfi srfi-1) +(gnu packages tor) +(gnu packages commencement) +(gnu packages image-viewers) +(gnu packages messaging) +(gnu packages vim) +(gnu packages gstreamer) +(gnu packages virtualization) +(gnu packages web-browsers) +(gnu services) +(gnu services vpn) +(gnu services dbus) +(gnu services shepherd) +(gnu system shadow) +(gnu services configuration) +(gnu packages build-tools) +(gnu packages admin) +(gnu packages qt) +(gnu packages lxde) +(gnu packages python) +(gnu packages bittorrent) +(gnu packages chromium) +(gnu packages compression) +(gnu packages ncurses) +(gnu packages web) +(gnu packages fonts) +(gnu packages vpn) +(gnu packages curl) +(gnu packages password-utils) +(gnu packages emacs) +(gnu packages node) +(gnu packages emacs-xyz) +(gnu packages engineering) +(gnu packages fontutils) +(gnu packages gimp) +(gnu packages gnome) +(gnu packages gnome-xyz) +(gnu packages gnupg) +(gnu packages haskell-apps) +(gnu packages imagemagick) +(gnu packages libreoffice) +(gnu packages linux) +(gnu packages package-management) +(gnu packages rsync) +(gnu packages ssh) +(gnu packages telegram) +(gnu packages video) +(gnu packages wm) +(gnu packages benchmark) +(gnu packages xdisorg) +(gnu packages xorg) +(gnu home services gnupg) +(gnu home services xdg) +(gnu packages lisp) +(gnu packages networking) +(gnu packages security-token) +(gnu packages tls) +(nongnu packages compression) +(nongnu packages clojure) +(nongnu packages linux) +(nongnu system linux-initrd)) + +(use-service-modules web security base certbot shepherd nix cups desktop networking ssh docker xorg linux virtualization) +(use-package-modules package-management version-control gcc bash certs admin linux) +(define my-kernel linux) + +(operating-system + (kernel my-kernel) + (kernel-arguments '("quiet" + "nvme_core.default_ps_max_latency_us=0" + "noatime" + "intel_pstate=disable" + "mitigations=on" + "transparent_hugepage=madvise" + "maxcpus=4")) + (initrd microcode-initrd) + (firmware (list linux-firmware)) + + (locale "en_US.utf8") + (timezone "America/Sao_Paulo") + (keyboard-layout (keyboard-layout "br")) + + (host-name "lisp") + ;; The list of user accounts ('root' is implicit). + (users (cons* (user-account + (name "berkeley") + (comment "Berkeley") + (group "users") + (home-directory "/home/berkeley") + (supplementary-groups '("wheel" "netdev" "audio" "video" "plugdev"))) + %base-user-accounts)) + + ;; Packages installed system-wide. Users can also install packages + ;; under their own account: use 'guix search KEYWORD' to search + ;; for packages and 'guix install PACKAGE' to install a package. + (packages (append (list + ;emacs-org-roam + ;emacs-org-roam-ui + polybar + gstreamer + gst-plugins-bad + gst-plugins-good + nyxt + cmus + v4l-utils + xdg-utils + curl + gthumb + mangohud + containerd + qtsolutions + glances + zstd + mpv + kitty + maim + procps + scrot + mupdf + zathura + matterbridge + sbcl + go + clisp + fdm + jami + ;navidrome-bin + ;mullvad-vpn + smartmontools + udevil + samba + cifs-utils + mergerfs + parted + net-tools + ntfs-3g + texlive-lua-uni-algos + texlive-csplain + texlive-lua-uni-algos +texlive-pwebmac +texlive-olsak-misc +texlive-pdfoverlay +texlive-texosquery +texlive-pdfx +texlive-pdfprivacy +texlive-pdfcomment +texlive-iftex +texlive-tex +texlive-montex +texlive-pdfescape +texlive-texdef +texlive-pdfpages +extractpdfmark +texlive-csplain +poppler-qt5 +poppler +texlive-pdf14 +texlive-thumbpdf +texlive-pax +texlive-etex +texlive-axodraw2 +texlive-repltext +texlive-luatex +texlive-hyperref +texlive-xetex +texlive-pdftexcmds +texlive-epstopdf +texlive-epsf-dvipdfmx +texlive-dvipdfmx +texlive-texsurgery +texlive-ptex2pdf +texlive-jadetex +texlive-texlogfilter +texlive-svg-inkscape +texlive-purifyeps +texlive-navigator +texlive-latex-uni8 +texlive-biblatex +texlive-latex-make +texlive-pgf +texlive-pdftricks +texlive-pdflatexpicscale +texlive-pdfmanagement-testphase +texlive-pdflatexpicscale +texlive-pdfextra +texlive-tagpdf +texlive-pdfreview +texlive-pdfmsym +texlive-mptopdf +texlive-inter +texlive-pdftex-quiet +texlive-pdftex +texlive-knuth-pdf +texlive-xmltexconfig +texlive-pdfjam +texlive-luatex85 +texlive-grayhints +texlive-fig4latex +texlive-tpic2pdftex +texlive-pst2pdf +texlive-pdfslide +texlive-minim-pdf +texlive-hvextern +texlive-flippdf +texlive-combinedgraphics +texlive-autopdf +texlive-xetex-pstricks +texlive-texonly +texlive-scikgtex +texlive-pdfsync +texlive-mathastext +texlive-luainputenc +texlive-pdfcomment +texlive-pdfprivacy +texlive-pdfoverlay +texlive-pdfpages +texlive-latexmk +texlive-hyperxmp +texlive-datetime2-en-fulltext +texlive-commonunicode +texlive-pict2e +texlive-intopdf +texlive-filemod +texlive-textcsc +texlive-texpower +texlive-texdoc +texlive-pst-pdf +texlive-pdfpc-movie +texlive-pdfmarginpar +texlive-pdfbook2 +texlive-pdf-trans +texlive-lobster2 +texlive-hitex +texlive-epstopdf-pkg +texlive-epspdfconversion +texlive-collection-luatex +texlive-bxpdfver +texlive-asmeconf +texlive-synctex +texlive-pdfcolmk +texlive-pdfcolfoot +texlive-lapdf +texlive-fixpdfmag +python-pdfminer-six +texlive-zhmetrics-uptex +texlive-xpdfopen +texlive-xcpdftips +texlive-quattrocento +texlive-pdfxup +texlive-pdfpc +texlive-pdfarticle +texlive-oswald +texlive-nunito +texlive-magra +texlive-librebaskerville +texlive-l3experimental +texlive-knuth-hint +texlive-forum +texlive-epspdf +texlive-dickimaw +texlive-convbkmk +texlive-changebar +texlive-cascadia-code +texlive-cabin +texlive-bitter +texlive-auto-pst-pdf-lua +texlive-arvo +texlive-archivo +texlive-sanitize-umlaut +texlive-protex +texlive-pdftricks2 +texlive-pdflscape +texlive-ocg-p +texlive-minim-xmp +texlive-gregoriotex +texlive-docshots +emacs-latex-preview-pane + texlive-pwebmac + texlive-olsak-misc + texlive-pdfoverlay + texlive-texosquery + texlive-pdfx + texlive-pdfprivacy + texlive-pdfcomment + texlive-iftex + texlive-tex + texlive-montex + texlive-pdfescape + texlive-texdef + texlive-pdfpages + texlive-twemoji-colr + texlive-noto-emoji + texlive-hwemoji + texlive-byo-twemojis + unicode-emoji + texlive-twemojis + texlive-emojicite + texlive-emoji + texlive-scheme-basic + texlive-cm-super + texlive-listings + texmaker + texlive-pgf + texlive-beamer + texlive-hyperref + alacritty + libxfont + libxft + ;;protonup-ng + wipe + imagemagick + unzip + compton + p7zip + gedit + htop + openjdk + ;;element-desktop + ;; bluetooth + bluez + blueman + ;; ime + fcitx5 + fcitx5-gtk + fcitx5-qt + fcitx5-anthy + fcitx5-gtk4 + fcitx5-configtool + netdiscover + fping + gparted + texstudio + texlive-bibtex + bcachefs-tools + whois + python-pip + setxkbmap + xfe + ;;clamav + libbluray + libaacs + libbdplus + vim + neovim + ;emacs-telega + cmake + neofetch + kleopatra + flatpak + pfetch + icecat + ;;mullvadbrowser + git-lfs + ghc-git-lfs + hashcat + haunt + openssl + flameshot + openshot + obs + go + ffmpeg + lm-sensors + vlc + virt-manager + guix + nsxiv + git + inxi + tor + monero-gui + ; emacs-org-roam + torsocks + tor-client + privoxy + terminator + openvpn + kiwix-tools + librewolf + pavucontrol + pavucontrol-qt + emacs + keepassxc + wireshark + tcpdump + nmap + firejail + xf86-video-amdgpu + asciinema + alsa-lib + alsa-utils + binutils + dbus + xset + lxrandr + dosfstools + elogind + qtox + exfat-utils + exfatprogs + fuse-exfat + gnupg + libinput + texinfo + xf86-input-keyboard + xf86-input-libinput + xf86-input-mouse + xf86-input-synaptics + ;;emacs-org-timeblock + xrandr + ungoogled-chromium + qbittorrent + macchanger + ;ghc-ncurses + guile-ncurses + ;ncurses + ;guile + ;emacs-geiser + ;emacs-geiser-guile + fontconfig + picom + mpd + brightnessctl + feh + gimp + fzf + xmodmap + rofi + coreutils + qemu + xwininfo + xprop + xpra + libfido2 + grep + iptables + node + jq + python + sed + nomacs + meson + ncurses + ;;ueberzug++ + ;; lots of fonts from package fonts.scm + font-adobe-source-code-pro font-adobe-source-han-sans + font-adobe-source-sans-pro font-adobe-source-serif-pro + font-anonymous-pro font-anonymous-pro-minus font-awesome + font-cns11643 font-cns11643-swjz font-comic-neue font-culmus + font-dejavu font-dosis font-dseg font-fantasque-sans font-fira-code + font-fira-mono font-fira-sans font-fontna-yasashisa-antique + font-google-material-design-icons font-google-noto font-google-roboto + font-hack font-hermit font-ibm-plex font-inconsolata font-iosevka + font-iosevka-aile font-iosevka-etoile font-iosevka-slab + font-iosevka-term font-iosevka-term-slab + font-ipa-mj-mincho font-jetbrains-mono font-lato font-liberation + font-linuxlibertine font-lohit font-meera-inimai font-mononoki + font-mplus-testflight + font-public-sans font-rachana font-sarasa-gothic font-sil-andika + font-sil-charis font-sil-gentium font-tamzen font-terminus + font-tex-gyre font-un font-vazir font-wqy-microhei + font-wqy-zenhei + python-emoji + ghc-emojis + ghc + guile-semver + ranger + xmessage + xrdb + xmonad + sysbench + xmobar + ghc + ghc-xmonad-contrib + gcc + gcc-toolchain + linux-libre-headers + yt-dlp + rofi + emacs-emojify + unicode-emoji + ;;rust-unic-emoji-char + r-emojifont + font-google-noto-emoji + ;; font-apple-color-emoji + emacs-company-emoji + font-openmoji + vim-characterize +extractpdfmark +poppler-qt5 +poppler +python-pdfminer-six + rust + ;goldendict-ng + ;suckless-dictpopup + ;;rust-version-check + ;;rust-deunicode + nheko + lf + ;; lots of fonts from package xorg.scm + font-adobe100dpi font-adobe75dpi font-cronyx-cyrillic font-dec-misc + font-isas-misc font-micro-misc font-misc-cyrillic font-misc-ethiopic + font-misc-misc font-mutt-misc font-schumacher-misc + font-screen-cyrillic font-sony-misc font-sun-misc font-util + font-winitzki-cyrillic font-xfree86-type1 + youtube-dl + noisetorch + linux-firmware + nix + (specification->package "i3-wm") + (specification->package "i3status") + (specification->package "dmenu") + (specification->package "st") + (specification->package "emacs") + (specification->package "jami") + (specification->package "steam") + (specification->package "texstudio") + (specification->package "libreoffice") + (specification->pacakge "qemu") + (specification->package "telegram-desktop") + (specification->package "alacritty") + (specification->package "xkill") + (specification->package "guile") + (specification->package "ueberzug++") + (specification->package "fcitx5-gtk4") + (specification->package "fcitx5-qt") + (specification->package "fcitx5-gtk") + (specification->package "torbrowser") + (specification->package "unrar") + (specification->package "nicotine+") + (specification->package "icecat") + (specification->package "gimp") + (specification->package "foliate") + (specification->package "tor-client") + (specification->package "make") + (specification->package "element-desktop") + (specification->package "font-apple-color-emoji") + (specification->package "xmonad") + (specification->package "xmobar") + (specification->package "xmodmap") + (specification->package "rofi") + (specification->package "navidrome-bin")) + %base-packages)) + + + ;; Below is the list of system services. To search for available + ;; services, run 'guix system search KEYWORD' in a terminal. +;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here + ;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here + + ;; Below is the list of system services. To search for available + ;; services, run 'guix system search KEYWORD' in a terminal. + + (services + (append (list + (udev-rules-service 'fido2 libfido2 #:groups '("plugdev")) + (service iptables-service-type + (iptables-configuration + (ipv4-rules (plain-file "iptables.rules" "*filter +:INPUT DROP +:FORWARD ACCEPT +:OUTPUT ACCEPT +-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT +-A INPUT -j REJECT --reject-with icmp-port-unreachable +-A INPUT -p tcp -s 127.0.0.1 -j ACCEPT +-A FORWARD -p tcp -s 127.0.0.1 -j ACCEPT +-A FORWARD -m state --state INVALID -j DROP +-A OUTPUT -p tcp -s 127.0.0.1 -j ACCEPT +-A OUTPUT -m state --state INVALID -j DROP +-A OUTPUT -o lo -j ACCEPT +-A OUTPUT -o tun+ -j ACCEPT +-A OUTPUT -m owner --gid-owner openvpn -j ACCEPT +-t nat -A OUTPUT -p tcp -m owner --uid-owner berkeley -m tcp -j REDIRECT --to-ports 9040 +-t nat -A OUTPUT -p udp -m owner --uid-owner berkeley -m udp --dport 53 -j REDIRECT --to-ports 53 +-t filter -A OUTPUT -p tcp -m owner --uid-owner berkeley -m tcp --dport 9040 -j ACCEPT +-t filter -A OUTPUT -p udp -m owner --uid-owner berkeley -m udp --dport 53 -j ACCEPT +-t filter -A OUTPUT -m owner --uid-owner berkeley -j DROP +COMMIT +")) + (ipv6-rules (plain-file "ip6tables.rules" "*filter +:INPUT DROP +:FORWARD DROP +:OUTPUT DROP +-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT +-A INPUT -j REJECT --reject-with icmp6-port-unreachable +COMMIT +")))) + (simple-service 'my-jp-ime-env session-environment-service-type + '(("GTK_IM_MODULE" . "fcitx") + ("QT_IM_MODULE" . "fcitx") + ("GUIX_GTK2_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-2.0/2.10.0/immodules-gtk2.cache") + ("GUIX_GTK3_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-3.0/3.0.0/immodules-gtk3.cache") + ("XMODIFIERS=@im=" . "fcitx") + ("INPUT_METHOD" . "fcitx") + ("XIM_PROGRAM" . "fcitx") + ("GLFW_IM_MODULE" . "ibus"))) + (service docker-service-type) + (service containerd-service-type) + (service nix-service-type) + (service tor-service-type + (tor-configuration + (config-file (plain-file "torrc" + "HttpTunnelPort 9050\n\ + VirtualAddrNetwork 10.192.0.0/10\n\ + AutomapHostsOnResolve 1\n\ + TransPort 9040\n\ + DNSPort 53\n\ + SOCKSPort 0\n\ + ORPort 443\n\ + BridgeRelay 1\n\ + ExitRelay 0")))) + (service libvirt-service-type + (libvirt-configuration + (unix-sock-group "libvirt") + (tls-port "16555"))) + (simple-service 'my-jp-ime-env session-environment-service-type + '(("GTK_IM_MODULE" . "fcitx") + ("QT_IM_MODULE" . "fcitx") + ("GUIX_GTK2_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-2.0/2.10.0/immodules-gtk2.cache") + ("GUIX_GTK3_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-3.0/3.0.0/immodules-gtk3.cache") + ("XMODIFIERS=@im=" . "fcitx") + ("INPUT_METHOD" . "fcitx") + ("XIM_PROGRAM" . "fcitx") + ("GLFW_IM_MODULE" . "ibus"))) + (service zram-device-service-type + (zram-device-configuration + (size (* 2 (expt 2 30))) + (compression-algorithm 'zstd) + (priority 100))) + (service mcron-service-type + (mcron-configuration + (jobs (list #~(job "10 15 * * *" + "find /tmp/mpv-screenshots/ -type f \\( -iname '*.png' -o -iname '*.jpg' \\) -exec sh -c 'cwebp -q 80 \"$0\" -o \"${0%.*}.webp\" && rm \"$0\"' {} \\;"))))) + (set-xorg-configuration + (xorg-configuration + (keyboard-layout keyboard-layout)))) + %desktop-services)) + + + (bootloader (bootloader-configuration + (bootloader grub-bootloader) + (targets (list "/dev/nvme0n1")) + (theme (grub-theme + (resolution '(1920 . 1080)) + (image (local-file "/home/berkeley/Downloads/thebigj2.png")))))) + (swap-devices (list (swap-space + (priority 50) + (target (uuid + "85b7b3d8-657a-443c-b010-52d224bc4483"))))) + + ;; The list of file systems that get "mounted". The unique + ;; file system identifiers there ("UUIDs") can be obtained + ;; by running 'blkid' in a terminal. + (file-systems (cons* (file-system + (mount-point "/boot/efi") + (device (uuid "02E2-0AB2" + 'fat32)) + (type "vfat")) + (file-system + (mount-point "/") + (device (uuid + "38467002-a282-4387-8319-cff6d93cd23b" + 'ext4)) + (type "ext4")) + (file-system + (mount-point "/files") + (device (uuid + "7b2cbf88-bc71-49ad-b2fa-a4bbdb71f886" + 'ext4)) + (type "ext4")) + (file-system + (mount-point "/virt") + (device (uuid + "9d009d01-d635-4d56-987a-ffc2699da9fb" + 'ext4)) + (type "ext4")) + + %base-file-systems))) + +