Upload files to "etc"

etc/config.scm

@@ -2,11 +2,13 @@
 (gnu)
 (guix store)
 (guix packages)
+(gnu packages databases)
 (rosenthal packages binaries)
 (rosenthal packages emacs-xyz)
 (guix transformations)
 (gnu packages audio)
 (gnu packages librewolf)
+(gnu packages sqlite)
 (gnu packages gdb)
 (gnu packages graphics)
 (gnu packages java)
@@ -61,6 +63,7 @@ commencement)
 (gnu packages lxqt)
 (gnu packages file-systems)
 (gnu services base)
+(gnu packages base)
 (gnu packages xfce)
 (guix channels)
 (guix inferior)
@@ -129,25 +132,47 @@ commencement)
 (use-service-modules web security base certbot shepherd nix cups desktop networking ssh docker xorg linux virtualization)
 (use-package-modules package-management version-control gcc bash certs admin linux)
 (define my-kernel linux)
+(define xmonad-0.18.0
+  (package
+    (inherit xmonad)
+    (version "0.18.0")))
+(define my-packages
+  (list
+   xmonad-0.18.0
+   ))
 
 (operating-system
   (kernel my-kernel)
-  (kernel-arguments '("quiet"
-                      "nvme_core.default_ps_max_latency_us=0"
-                      "noatime"
-                      "zswap.enabled=1"
-                      "zswap.compressor=lz4"
-                      "zswap.max_pool_percent=36"
-                      "elevator=deadline"
-                      "intel_pstate=disable"
-                      "mitigations=auto"
-                      "ksm=1"
-                      "spectre_v2=on"
-                      "nopti"
-                      "rootflags=data=writeback"
-                      "cpufreq.default_governor=performance"
-                      "transparent_hugepage=madvise"
-                      "maxcpus=4")) 
+  (kernel-arguments
+ '("quiet"                    ; Reduces boot verbosity
+   "noatime"                  ; Disables access time updates for performance
+   "zswap.enabled=1"          ; Enables zswap for compressed caching of swap pages
+   "zswap.compressor=zstd"    ; Sets zswap compressor to zstd for efficiency
+   "zswap.max_pool_percent=36"; Configures zswap to use up to 36% of RAM
+   "elevator=deadline"        ; Sets the I/O scheduler to deadline for balanced performance
+   "mitigations=auto"         ; Enables CPU mitigations as appropriate (security vs performance)
+   "ksm=1"                    ; Allows Kernel Samepage Merging for memory efficiency
+   "spectre_v2=on"            ; Enables Spectre v2 mitigations
+   "nopti"                    ; Disables Page Table Isolation for performance (may impact security)
+   "rootflags=data=writeback" ; Improves performance for writes with writeback caching
+   "transparent_hugepage=madvise" ; Uses transparent huge pages with advice for allocations
+   "maxcpus=4"                ; Limits CPU cores for the kernel (can be set to auto for all)
+   "noirqdebug"               ; Disables IRQ debugging messages
+   "watchdog"                 ; Enables hardware watchdog
+   "noreplace-smp"            ; Avoids replacing the SMP kernel after a panic
+   "softlockup_panic"         ; Causes kernel panic if a soft lockup is detected
+   "preempt=full"             ; Enables full preemptive kernel for better responsiveness
+   "sysrq_always_enabled=1"   ; Keeps SysRq features enabled
+   "ipv6.disable=1"           ; Disables IPv6 support to potentially simplify networking
+   "oem"                      ; OEM specific configurations
+   "amdgpu.ppfeaturemask=0xffffffff" ; Configures all powerplay features for AMD GPU
+   "amdgpu.dc=1"              ; Enable Display Core for better graphics handling
+   "amdgpu.dpm=1"             ; Enable Dynamic Power Management for AMD GPU
+   "amdgpu.aspm=1"            ; Enable Active State Power Management on AMD GPUs
+   "irqaffinity=1"            ; Assign IRQs to CPUs to improve stability
+   "cpufreq.default_governor=performance"; CPU runs at maximum speed for optimal performance
+))
+
   (initrd microcode-initrd)
   (firmware (list linux-firmware))
 
@@ -171,7 +196,9 @@ commencement)
   (packages (append 	(list
 			 ;emacs-org-roam
 			 ;emacs-org-roam-ui
-	                 polybar
+                         postgresql
+                         ;foliate
+      	                 polybar
               		 gstreamer
 			 gst-plugins-bad
 			 gst-plugins-good
@@ -186,9 +213,11 @@ commencement)
                          qtsolutions
                          glances
 			 zstd
-			 mpv
+			 sqlite
+                         mpv
 			 kitty
 			 maim
+                         ;;
                          procps
 			 scrot
                          mupdf
@@ -198,10 +227,11 @@ commencement)
                          go
                          clisp
                          fdm
-                         jami
+                         ;;jami
                          ;navidrome-bin
                          ;mullvad-vpn
                          smartmontools
+                         ;;
                          udevil
                          samba
                          cifs-utils
@@ -423,9 +453,12 @@ emacs-latex-preview-pane
                 	 neofetch
                          kleopatra
                          flatpak
-			 pfetch
+			 fuse
+                         pfetch
                          icecat
+                         qutebrowser
                          ;;mullvadbrowser
+                         nftables
                          git-lfs
                          ghc-git-lfs
                          hashcat
@@ -566,13 +599,19 @@ extractpdfmark
 poppler-qt5
 poppler
 python-pdfminer-six
+lz4
+zstd
            rust
+           blueman
+           bluez
+           bluez-alsa
            ;goldendict-ng
            ;suckless-dictpopup
            ;;rust-version-check
            ;;rust-deunicode
            nheko
            lf
+           fuse
            ;; lots of fonts from package xorg.scm
            font-adobe100dpi font-adobe75dpi font-cronyx-cyrillic font-dec-misc
            font-isas-misc font-micro-misc font-misc-cyrillic font-misc-ethiopic
@@ -583,7 +622,9 @@ python-pdfminer-six
 			 noisetorch
                          linux-firmware
                          nix
-                           (specification->package "i3-wm")
+                         dmidecode 
+                          (specification->package "i3-wm")
+                          (specification->package "dmidecode")
                           (specification->package "i3status")
                           (specification->package "dmenu")
                           (specification->package "st")
@@ -605,8 +646,8 @@ python-pdfminer-six
 			  (specification->package "unrar")
 			  (specification->package "nicotine+")
 			  (specification->package "icecat")
-			  (specification->package "gimp")
-			  (specification->package "foliate")
+			  (specification->package "qutebrowser")
+                          (specification->package "gimp")
 			  (specification->package "tor-client")
 			  (specification->package "make")
 			  (specification->package "element-desktop")
@@ -615,6 +656,10 @@ python-pdfminer-six
                           (specification->package "xmobar")
                           (specification->package "xmodmap")
                           (specification->package "rofi")
+                          (specification->package "bluez-alsa")
+                          (specification->package "bluez")
+                          (specification->package "fuse")
+                          (specification->package "blueman")
                           (specification->package "navidrome-bin"))
                     %base-packages))
 
@@ -629,38 +674,37 @@ python-pdfminer-six
   
   (services
    (append (list
+      (service bluetooth-service-type
+               (bluetooth-configuration
+                 (auto-enable? #t)))
      (udev-rules-service 'fido2 libfido2 #:groups '("plugdev"))
-        (service iptables-service-type
-         (iptables-configuration
-          (ipv4-rules (plain-file "iptables.rules" "*filter
+
+(service iptables-service-type
+ (iptables-configuration
+  (ipv4-rules (plain-file "iptables.rules" "*filter
 :INPUT DROP
-:FORWARD ACCEPT
+:FORWARD DROP
 :OUTPUT ACCEPT
 -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
--A INPUT -j REJECT --reject-with icmp-port-unreachable
 -A INPUT -p tcp -s 127.0.0.1 -j ACCEPT
--A FORWARD -p tcp -s 127.0.0.1 -j ACCEPT
+-A INPUT -p tcp --dport 631 -j REJECT --reject-with icmp-port-unreachable
+-A INPUT -p udp --dport 631 -j REJECT --reject-with icmp-port-unreachable
+-A INPUT -j REJECT --reject-with icmp-port-unreachable
 -A FORWARD -m state --state INVALID -j DROP
--A OUTPUT -p tcp -s 127.0.0.1 -j ACCEPT
--A OUTPUT -m state --state INVALID -j DROP
 -A OUTPUT -o lo -j ACCEPT
 -A OUTPUT -o tun+ -j ACCEPT
 -A OUTPUT -m owner --gid-owner openvpn -j ACCEPT
+-A OUTPUT -m state --state INVALID -j DROP
 -t nat -A OUTPUT -p tcp -m owner --uid-owner berkeley -m tcp -j REDIRECT --to-ports 9040
 -t nat -A OUTPUT -p udp -m owner --uid-owner berkeley -m udp --dport 53 -j REDIRECT --to-ports 53
 -t filter -A OUTPUT -p tcp -m owner --uid-owner berkeley -m tcp --dport 9040 -j ACCEPT
 -t filter -A OUTPUT -p udp -m owner --uid-owner berkeley -m udp --dport 53 -j ACCEPT
 -t filter -A OUTPUT -m owner --uid-owner berkeley -j DROP
 COMMIT
-"))
-         (ipv6-rules (plain-file "ip6tables.rules" "*filter
-:INPUT DROP
-:FORWARD DROP
-:OUTPUT DROP
--A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
--A INPUT -j REJECT --reject-with icmp6-port-unreachable
-COMMIT
-")))) 
+"))))
+
+
+  (simple-service 'blueman dbus-root-service-type (list blueman))
 		 (simple-service 'my-jp-ime-env session-environment-service-type
 				 '(("GTK_IM_MODULE" . "fcitx")
 				   ("QT_IM_MODULE" . "fcitx")
@@ -718,7 +762,7 @@ COMMIT
                 (targets (list "/dev/nvme0n1"))
                 (theme (grub-theme
                          (resolution '(1920 . 1080))
-                         (image (local-file "/home/berkeley/Downloads/thebigj2.png"))))))
+                         (image (local-file "/var/cache/wallpaper.png"))))))
   (swap-devices (list (swap-space
                       (priority 50)    
                       (target (uuid
@@ -732,25 +776,22 @@ COMMIT
                          (device (uuid "02E2-0AB2"
                                        'fat32))
                                  (type "vfat"))                      
+                      
                          (file-system
                          (mount-point "/")
-                         (device (uuid
-                                  "38467002-a282-4387-8319-cff6d93cd23b"
-                                  'ext4))
-                         (type "ext4")) 
-                        (file-system
-                        (mount-point "/files")
-                        (device (uuid
-                                "7b2cbf88-bc71-49ad-b2fa-a4bbdb71f886"
-                                'ext4))
-                         (type "ext4")) 
-                        (file-system
-                        (mount-point "/virt")
-                        (device (uuid
-                                "9d009d01-d635-4d56-987a-ffc2699da9fb"
-                                'ext4))
-                         (type "ext4"))     
-   
+                         (device (uuid "38467002-a282-4387-8319-cff6d93cd23b" 'ext4))
+                         (type "ext4"))
+
+                         (file-system
+                         (mount-point "/files")
+                         (device (uuid "7b2cbf88-bc71-49ad-b2fa-a4bbdb71f886" 'ext4))
+                         (type "ext4"))
+
+                         (file-system
+                         (mount-point "/var/cache")
+                         (device (uuid "9d009d01-d635-4d56-987a-ffc2699da9fb" 'ext4))
+                         (type "ext4"))
+
  %base-file-systems)))