Berkeley
parent
423f4d4cb6
commit
543c60ca08
|
|
@ -0,0 +1,360 @@
|
|||
;; This is an operating system configuration generated
|
||||
;; by the graphical installer.
|
||||
;;
|
||||
;; Once installation is complete, you can learn and modify
|
||||
;; this file to tweak the system configuration, and pass it
|
||||
;; to the 'guix system reconfigure' command to effect your
|
||||
;; changes.
|
||||
|
||||
|
||||
;; Indicate which modules to import to access the variables
|
||||
;; used in this configuration.
|
||||
(use-modules
|
||||
(gnu)
|
||||
(guix store)
|
||||
(guix packages)
|
||||
(gnu packages glib)
|
||||
(gnu packages pulseaudio)
|
||||
(gnu packages texinfo)
|
||||
(gnu packages disk)
|
||||
(gnu packages freedesktop)
|
||||
(gnu packages gnuzilla)
|
||||
(gnu packages image)
|
||||
(gnu packages image-viewers)
|
||||
;; for nyxt
|
||||
(gnu packages gstreamer)
|
||||
(gnu packages virtualization)
|
||||
(gnu packages web-browsers)
|
||||
;;---------
|
||||
(gnu services)
|
||||
(gnu packages build-tools)
|
||||
(gnu packages admin)
|
||||
(gnu packages lxde)
|
||||
(gnu packages python)
|
||||
(gnu packages bittorrent)
|
||||
(gnu packages chromium)
|
||||
(gnu packages compression)
|
||||
(gnu packages tor)
|
||||
(gnu packages ncurses)
|
||||
(gnu packages web)
|
||||
(gnu packages fonts)
|
||||
(gnu packages vpn)
|
||||
(gnu packages curl)
|
||||
(gnu packages password-utils)
|
||||
(gnu packages emacs)
|
||||
(gnu packages emacs-xyz)
|
||||
(gnu packages engineering)
|
||||
(gnu packages fontutils)
|
||||
(gnu packages gimp)
|
||||
(gnu packages gnome)
|
||||
(gnu packages gnome-xyz)
|
||||
(gnu packages gnupg)
|
||||
(gnu packages haskell-apps)
|
||||
(gnu packages imagemagick)
|
||||
(gnu packages java)
|
||||
(gnu packages libreoffice)
|
||||
(gnu packages linux)
|
||||
(gnu packages mpd)
|
||||
(gnu packages package-management)
|
||||
(gnu packages rsync)
|
||||
(gnu packages ssh)
|
||||
(gnu packages telegram)
|
||||
(gnu packages video)
|
||||
(gnu packages wm)
|
||||
(gnu packages xdisorg)
|
||||
(gnu packages xorg)
|
||||
(gnu home services gnupg)
|
||||
(gnu home services xdg)
|
||||
(gnu packages terminals)
|
||||
(gnu packages music)
|
||||
(gnu packages compton)
|
||||
(gnu packages version-control)
|
||||
(gnu packages lxqt)
|
||||
(gnu packages file-systems)
|
||||
(gnu packages lisp)
|
||||
(gnu packages networking)
|
||||
(gnu home services gnupg)
|
||||
(gnu home services xdg)
|
||||
(gnu packages security-token)
|
||||
(nongnu packages compression)
|
||||
(nongnu packages clojure)
|
||||
(nongnu packages linux)
|
||||
(nongnu system linux-initrd))
|
||||
|
||||
|
||||
(use-service-modules base cups desktop networking ssh xorg linux virtualization)
|
||||
(use-package-modules linux )
|
||||
(define my-kernel linux-6.7)
|
||||
|
||||
(operating-system
|
||||
(kernel my-kernel)
|
||||
(initrd microcode-initrd)
|
||||
(firmware (list linux-firmware))
|
||||
|
||||
(locale "en_US.utf8")
|
||||
(timezone "America/Sao_Paulo")
|
||||
(keyboard-layout (keyboard-layout "br"))
|
||||
|
||||
(host-name "lisp")
|
||||
;; The list of user accounts ('root' is implicit).
|
||||
(users (cons* (user-account
|
||||
(name "berkeley")
|
||||
(comment "Berkeley")
|
||||
(group "users")
|
||||
(home-directory "/home/berkeley")
|
||||
(supplementary-groups '("wheel" "netdev" "audio" "video" "plugdev")))
|
||||
(user-account
|
||||
(name "leti")
|
||||
(comment "Letícia")
|
||||
(group "users")
|
||||
(home-directory "/home/leti")
|
||||
(supplementary-groups '("wheel" "netdev" "audio" "video" "plugdev")))
|
||||
%base-user-accounts))
|
||||
|
||||
;; Packages installed system-wide. Users can also install packages
|
||||
;; under their own account: use 'guix search KEYWORD' to search
|
||||
;; for packages and 'guix install PACKAGE' to install a package.
|
||||
(packages (append (list
|
||||
;;emacs-org-roam
|
||||
;;emacs-org-roam-ui
|
||||
;; -----
|
||||
;;necessary for nyxt
|
||||
gstreamer
|
||||
gst-plugins-bad
|
||||
gst-plugins-good
|
||||
;;------
|
||||
nyxt
|
||||
;;------
|
||||
cmus
|
||||
zstd
|
||||
mpv
|
||||
kitty
|
||||
maim
|
||||
procps
|
||||
scrot
|
||||
alacritty
|
||||
wipe
|
||||
gedit
|
||||
htop
|
||||
netdiscover
|
||||
fping
|
||||
gparted
|
||||
bcachefs-tools
|
||||
whois
|
||||
setxkbmap
|
||||
xfe
|
||||
neofetch
|
||||
pfetch
|
||||
icecat
|
||||
hashcat
|
||||
flameshot
|
||||
openshot
|
||||
obs
|
||||
ffmpeg
|
||||
vlc
|
||||
guix
|
||||
nsxiv
|
||||
git
|
||||
vmware-open-vm-tools
|
||||
tor
|
||||
torsocks
|
||||
tor-client
|
||||
privoxy
|
||||
terminator
|
||||
openvpn
|
||||
pavucontrol
|
||||
pavucontrol-qt
|
||||
emacs
|
||||
keepassxc
|
||||
wireshark
|
||||
tcpdump
|
||||
nmap
|
||||
firejail
|
||||
bitmask
|
||||
;;
|
||||
xf86-video-amdgpu
|
||||
alsa-lib
|
||||
alsa-utils
|
||||
binutils
|
||||
dbus
|
||||
xset
|
||||
lxrandr
|
||||
dosfstools
|
||||
elogind
|
||||
exfat-utils
|
||||
exfatprogs
|
||||
fuse-exfat
|
||||
gnupg
|
||||
libinput
|
||||
texinfo
|
||||
xf86-input-keyboard
|
||||
xf86-input-libinput
|
||||
xf86-input-mouse
|
||||
xf86-input-synaptics
|
||||
;;emacs-org-timeblock
|
||||
xrandr
|
||||
ungoogled-chromium
|
||||
qbittorrent
|
||||
macchanger
|
||||
;;guile
|
||||
emacs-geiser
|
||||
emacs-geiser-guile
|
||||
fontconfig
|
||||
picom
|
||||
feh
|
||||
gimp
|
||||
fzf
|
||||
xmodmap
|
||||
rofi
|
||||
coreutils
|
||||
qemu
|
||||
libfido2
|
||||
grep
|
||||
iptables
|
||||
jq
|
||||
python
|
||||
sed
|
||||
nomacs
|
||||
meson
|
||||
ncurses
|
||||
;; lots of fonts from package fonts.scm
|
||||
font-adobe-source-code-pro font-adobe-source-han-sans
|
||||
font-adobe-source-sans-pro font-adobe-source-serif-pro
|
||||
font-anonymous-pro font-anonymous-pro-minus font-awesome
|
||||
font-cns11643 font-cns11643-swjz font-comic-neue font-culmus
|
||||
font-dejavu font-dosis font-dseg font-fantasque-sans font-fira-code
|
||||
font-fira-mono font-fira-sans font-fontna-yasashisa-antique
|
||||
font-google-material-design-icons font-google-noto font-google-roboto
|
||||
font-hack font-hermit font-ibm-plex font-inconsolata font-iosevka
|
||||
font-iosevka-aile font-iosevka-etoile font-iosevka-slab
|
||||
font-iosevka-term font-iosevka-term-slab
|
||||
font-ipa-mj-mincho font-jetbrains-mono font-lato font-liberation
|
||||
font-linuxlibertine font-lohit font-meera-inimai font-mononoki
|
||||
font-mplus-testflight
|
||||
font-public-sans font-rachana font-sarasa-gothic font-sil-andika
|
||||
font-sil-charis font-sil-gentium font-tamzen font-terminus
|
||||
font-tex-gyre font-un font-vazir font-wqy-microhei
|
||||
font-wqy-zenhei
|
||||
;; lots of fonts from package xorg.scm
|
||||
font-adobe100dpi font-adobe75dpi font-cronyx-cyrillic font-dec-misc
|
||||
font-isas-misc font-micro-misc font-misc-cyrillic font-misc-ethiopic
|
||||
font-misc-misc font-mutt-misc font-schumacher-misc
|
||||
font-screen-cyrillic font-sony-misc font-sun-misc font-util
|
||||
font-winitzki-cyrillic font-xfree86-type1
|
||||
sbcl-stumpwm-swm-gaps
|
||||
sbcl-stumpwm-pamixer
|
||||
sbcl-stumpwm-screenshot
|
||||
sbcl-stumpwm-disk
|
||||
sbcl-stumpwm-ttf-fonts
|
||||
stumpwm `(,stumpwm "lib")
|
||||
sbcl-stumpwm-mem
|
||||
sbcl-stumpwm-cpu
|
||||
sbcl-stumpwm-net
|
||||
emacs-stumpwm-mode
|
||||
stumpish
|
||||
youtube-dl
|
||||
linux-firmware
|
||||
(specification->package "i3-wm")
|
||||
(specification->package "i3status")
|
||||
(specification->package "dmenu")
|
||||
(specification->package "st")
|
||||
(specification->package "emacs")
|
||||
(specification->package "emacs-exwm")
|
||||
(specification->package
|
||||
"emacs-desktop-environment")
|
||||
(specification->package "nss-certs"))
|
||||
%base-packages))
|
||||
|
||||
;; Below is the list of system services. To search for available
|
||||
;; services, run 'guix system search KEYWORD' in a terminal.
|
||||
;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here
|
||||
;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here
|
||||
|
||||
;; Below is the list of system services. To search for available
|
||||
;; services, run 'guix system search KEYWORD' in a terminal.
|
||||
(services
|
||||
(append (list
|
||||
(udev-rules-service 'fido2 libfido2 #:groups '("plugdev"))
|
||||
(service iptables-service-type
|
||||
(iptables-configuration
|
||||
(ipv4-rules (plain-file "iptables.rules" "*filter
|
||||
:INPUT DROP
|
||||
:FORWARD ACCEPT
|
||||
:OUTPUT ACCEPT
|
||||
-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
|
||||
-A INPUT -j REJECT --reject-with icmp-port-unreachable
|
||||
-A FORWARD -m state --state INVALID -j DROP
|
||||
-A OUTPUT -m state --state INVALID -j DROP
|
||||
-A FORWARD -m recent --name portscan --rcheck --seconds 86400 -j DROP
|
||||
-A FORWARD -m recent --name portscan --remove
|
||||
-A FORWARD -p tcp -m tcp --dport 139 -m recent --name portscan --set -j LOG --log-prefix "Portscan:"
|
||||
-A FORWARD -p tcp -m tcp --dport 139 -m recent --name portscan --set -j DROP
|
||||
-A OUTPUT -o lo -j ACCEPT
|
||||
-A OUTPUT -o tun+ -j ACCEPT
|
||||
-A OUTPUT -m owner --gid-owner openvpn -j ACCEPT
|
||||
COMMIT
|
||||
"))
|
||||
(ipv6-rules (plain-file "ip6tables.rules" "*filter
|
||||
:INPUT DROP
|
||||
:FORWARD DROP
|
||||
:OUTPUT DROP
|
||||
-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
|
||||
-A INPUT -j REJECT --reject-with icmp6-port-unreachable
|
||||
COMMIT
|
||||
"))))
|
||||
(service tor-service-type)
|
||||
|
||||
(service libvirt-service-type
|
||||
(libvirt-configuration
|
||||
(unix-sock-group "libvirt")
|
||||
(tls-port "16555")))
|
||||
|
||||
(service zram-device-service-type
|
||||
(zram-device-configuration
|
||||
(size (* 2 (expt 2 30)))
|
||||
(compression-algorithm 'zstd)
|
||||
(priority 100)))
|
||||
|
||||
(set-xorg-configuration
|
||||
(xorg-configuration
|
||||
(keyboard-layout keyboard-layout))))
|
||||
%desktop-services))
|
||||
(bootloader (bootloader-configuration
|
||||
(bootloader grub-bootloader)
|
||||
(targets (list "/dev/nvme0n1"))
|
||||
(keyboard-layout keyboard-layout)))
|
||||
(swap-devices (list (swap-space
|
||||
(priority 50)
|
||||
(target (uuid
|
||||
"85b7b3d8-657a-443c-b010-52d224bc4483")))))
|
||||
;; The list of file systems that get "mounted". The unique
|
||||
;; file system identifiers there ("UUIDs") can be obtained
|
||||
;; by running 'blkid' in a terminal.
|
||||
(file-systems (cons* (file-system
|
||||
(mount-point "/boot/efi")
|
||||
(device (uuid "02E2-0AB2"
|
||||
'fat32))
|
||||
(type "vfat"))
|
||||
(file-system
|
||||
(mount-point "/")
|
||||
(device (uuid
|
||||
"38467002-a282-4387-8319-cff6d93cd23b"
|
||||
'ext4))
|
||||
(type "ext4"))
|
||||
(file-system
|
||||
(mount-point "/files")
|
||||
(device (uuid
|
||||
"7b2cbf88-bc71-49ad-b2fa-a4bbdb71f886"
|
||||
'ext4))
|
||||
(type "ext4"))
|
||||
(file-system
|
||||
(mount-point "/virt")
|
||||
(device (uuid
|
||||
"9d009d01-d635-4d56-987a-ffc2699da9fb"
|
||||
'ext4))
|
||||
(type "ext4"))
|
||||
|
||||
%base-file-systems)))
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue