;; This is an operating system configuration generated ;; by the graphical installer. ;; ;; Once installation is complete, you can learn and modify ;; this file to tweak the system configuration, and pass it ;; to the 'guix system reconfigure' command to effect your ;; changes. ;; Indicate which modules to import to access the variables ;; used in this configuration. (use-modules (gnu) (guix store) (guix packages) (gnu packages glib) (gnu packages pulseaudio) (gnu packages texinfo) (gnu packages disk) (gnu packages freedesktop) (gnu packages gnuzilla) (gnu packages image) (gnu packages image-viewers) (gnu packages messaging) ;; for nyxt (gnu packages gstreamer) (gnu packages virtualization) (gnu packages web-browsers) ;;--------- (gnu services) (gnu services vpn) (gnu services dbus) (gnu services shepherd) (gnu system shadow) (gnu services configuration) (gnu packages build-tools) (gnu packages admin) (gnu packages lxde) (gnu packages python) (gnu packages bittorrent) (gnu packages chromium) (gnu packages compression) (gnu packages tor) (gnu packages ncurses) (gnu packages web) (gnu packages fonts) (gnu packages vpn) (gnu packages curl) (gnu packages password-utils) (gnu packages emacs) (gnu packages emacs-xyz) (gnu packages engineering) (gnu packages fontutils) (gnu packages gimp) (gnu packages gnome) (gnu packages gnome-xyz) (gnu packages gnupg) (gnu packages haskell-apps) (gnu packages imagemagick) (gnu packages java) (gnu packages libreoffice) (gnu packages linux) (gnu packages mpd) (gnu packages package-management) (gnu packages rsync) (gnu packages ssh) (gnu packages telegram) (gnu packages video) (gnu packages wm) (gnu packages xdisorg) (gnu packages xorg) (gnu home services gnupg) (gnu home services xdg) (gnu packages terminals) (gnu packages music) (gnu packages compton) (gnu packages version-control) (gnu packages lxqt) (gnu packages file-systems) (gnu packages lisp) (gnu packages networking) (gnu home services gnupg) (gnu home services xdg) (gnu packages security-token) (gnu packages tls) (nongnu packages compression) (nongnu packages clojure) (nongnu packages linux) (nongnu system linux-initrd)) (use-service-modules base cups desktop networking ssh xorg linux virtualization) (use-package-modules linux ) (define my-kernel linux-6.7) (define-public bitmask-service-type (service-type (name 'bitmask) (description "Setup the @uref{https://bitmask.net, Bitmask} VPN application.") (default-value bitmask) (extensions (list ;; To configure polkit policy of bitmask. (service-extension polkit-service-type list) ;; To add bitmask to the system profile. (service-extension profile-service-type list))))) (operating-system (kernel my-kernel) (initrd microcode-initrd) (firmware (list linux-firmware)) (locale "en_US.utf8") (timezone "America/Sao_Paulo") (keyboard-layout (keyboard-layout "br")) (host-name "lisp") ;; The list of user accounts ('root' is implicit). (users (cons* (user-account (name "berkeley") (comment "Berkeley") (group "users") (home-directory "/home/berkeley") (supplementary-groups '("wheel" "netdev" "audio" "video" "plugdev"))) (user-account (name "leti") (comment "Letícia") (group "users") (home-directory "/home/leti") (supplementary-groups '("wheel" "netdev" "audio" "video" "plugdev"))) %base-user-accounts)) ;; Packages installed system-wide. Users can also install packages ;; under their own account: use 'guix search KEYWORD' to search ;; for packages and 'guix install PACKAGE' to install a package. (packages (append (list ;;emacs-org-roam ;;emacs-org-roam-ui ;; ----- ;;necessary for nyxt gstreamer gst-plugins-bad gst-plugins-good ;;------ nyxt ;;------ cmus glances zstd mpv kitty maim procps scrot alacritty anki wipe unzip compton p7zip gedit htop netdiscover fping gparted bcachefs-tools whois setxkbmap xfe neofetch pfetch icecat hashcat openssl flameshot openshot obs ffmpeg lm-sensors vlc guix nsxiv git inxi tor torsocks tor-client privoxy terminator openvpn pavucontrol pavucontrol-qt emacs keepassxc wireshark tcpdump nmap firejail bitmask ;; xf86-video-amdgpu alsa-lib alsa-utils binutils dbus xset lxrandr dosfstools elogind qtox exfat-utils exfatprogs fuse-exfat gnupg libinput texinfo xf86-input-keyboard xf86-input-libinput xf86-input-mouse xf86-input-synaptics ;;emacs-org-timeblock xrandr ungoogled-chromium qbittorrent macchanger ;;guile emacs-geiser emacs-geiser-guile fontconfig picom feh gimp fzf xmodmap rofi coreutils qemu xwininfo xprop xpra libfido2 grep iptables jq python sed nomacs meson ncurses ;; lots of fonts from package fonts.scm font-adobe-source-code-pro font-adobe-source-han-sans font-adobe-source-sans-pro font-adobe-source-serif-pro font-anonymous-pro font-anonymous-pro-minus font-awesome font-cns11643 font-cns11643-swjz font-comic-neue font-culmus font-dejavu font-dosis font-dseg font-fantasque-sans font-fira-code font-fira-mono font-fira-sans font-fontna-yasashisa-antique font-google-material-design-icons font-google-noto font-google-roboto font-hack font-hermit font-ibm-plex font-inconsolata font-iosevka font-iosevka-aile font-iosevka-etoile font-iosevka-slab font-iosevka-term font-iosevka-term-slab font-ipa-mj-mincho font-jetbrains-mono font-lato font-liberation font-linuxlibertine font-lohit font-meera-inimai font-mononoki font-mplus-testflight font-public-sans font-rachana font-sarasa-gothic font-sil-andika font-sil-charis font-sil-gentium font-tamzen font-terminus font-tex-gyre font-un font-vazir font-wqy-microhei font-wqy-zenhei ;; lots of fonts from package xorg.scm font-adobe100dpi font-adobe75dpi font-cronyx-cyrillic font-dec-misc font-isas-misc font-micro-misc font-misc-cyrillic font-misc-ethiopic font-misc-misc font-mutt-misc font-schumacher-misc font-screen-cyrillic font-sony-misc font-sun-misc font-util font-winitzki-cyrillic font-xfree86-type1 sbcl-stumpwm-swm-gaps sbcl-stumpwm-pamixer sbcl-stumpwm-screenshot sbcl-stumpwm-disk sbcl-stumpwm-ttf-fonts stumpwm `(,stumpwm "lib") sbcl-stumpwm-mem sbcl-stumpwm-cpu sbcl-stumpwm-net emacs-stumpwm-mode stumpish youtube-dl linux-firmware (specification->package "i3-wm") (specification->package "i3status") (specification->package "dmenu") (specification->package "st") (specification->package "emacs") (specification->package "emacs-exwm") (specification->package "emacs-desktop-environment") (specification->package "nss-certs")) %base-packages)) ;; Below is the list of system services. To search for available ;; services, run 'guix system search KEYWORD' in a terminal. ;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here ;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here ;; Below is the list of system services. To search for available ;; services, run 'guix system search KEYWORD' in a terminal. (services (append (list (udev-rules-service 'fido2 libfido2 #:groups '("plugdev")) (service iptables-service-type (iptables-configuration (ipv4-rules (plain-file "iptables.rules" "*filter :INPUT DROP :FORWARD ACCEPT :OUTPUT ACCEPT -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -A INPUT -j REJECT --reject-with icmp-port-unreachable -A FORWARD -m state --state INVALID -j DROP -A OUTPUT -m state --state INVALID -j DROP -A OUTPUT -o lo -j ACCEPT -A OUTPUT -o tun+ -j ACCEPT -A OUTPUT -m owner --gid-owner openvpn -j ACCEPT ;-t nat -A OUTPUT -p tcp -m owner --uid-owner berkeley -m tcp -j REDIRECT --to-ports 9040 ;-t nat -A OUTPUT -p udp -m owner --uid-owner berkeley -m udp --dport 53 -j REDIRECT --to-ports 53 ;-t filter -A OUTPUT -p tcp -m owner --uid-owner berkeley -m tcp --dport 9040 -j ACCEPT ;-t filter -A OUTPUT -p udp -m owner --uid-owner berkeley -m udp --dport 53 -j ACCEPT ;-t filter -A OUTPUT -m owner --uid-owner berkeley -j DROP COMMIT ")) (ipv6-rules (plain-file "ip6tables.rules" "*filter :INPUT DROP :FORWARD DROP :OUTPUT DROP -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -A INPUT -j REJECT --reject-with icmp6-port-unreachable COMMIT ")))) (service tor-service-type (tor-configuration (config-file (plain-file "tor-config" "HttpTunnelPort 9050" ; "VirtualAddrNetwork 10.192.0.0/10 ; AutomapHostsOnResolve 1 ; TransPort 9040 ; DNSPort 53 ; SOCKSPort 0 ; ORPort 443 ; BridgeRelay 1 ; ExitRelay 0" )))) (service libvirt-service-type (libvirt-configuration (unix-sock-group "libvirt") (tls-port "16555"))) (service zram-device-service-type (zram-device-configuration (size (* 2 (expt 2 30))) (compression-algorithm 'zstd) (priority 100))) (set-xorg-configuration (xorg-configuration (keyboard-layout keyboard-layout)))) %desktop-services)) (bootloader (bootloader-configuration (bootloader grub-bootloader) (targets (list "/dev/nvme0n1")) (keyboard-layout keyboard-layout))) (swap-devices (list (swap-space (priority 50) (target (uuid "85b7b3d8-657a-443c-b010-52d224bc4483"))))) ;; The list of file systems that get "mounted". The unique ;; file system identifiers there ("UUIDs") can be obtained ;; by running 'blkid' in a terminal. (file-systems (cons* (file-system (mount-point "/boot/efi") (device (uuid "02E2-0AB2" 'fat32)) (type "vfat")) (file-system (mount-point "/") (device (uuid "38467002-a282-4387-8319-cff6d93cd23b" 'ext4)) (type "ext4")) (file-system (mount-point "/files") (device (uuid "7b2cbf88-bc71-49ad-b2fa-a4bbdb71f886" 'ext4)) (type "ext4")) (file-system (mount-point "/virt") (device (uuid "9d009d01-d635-4d56-987a-ffc2699da9fb" 'ext4)) (type "ext4")) %base-file-systems)))