(use-modules (gnu) (guix store) (guix packages) (gnu packages databases) (rosenthal packages binaries) (rosenthal packages emacs-xyz) (guix transformations) (gnu packages audio) (gnu packages librewolf) (gnu packages sqlite) (gnu packages gdb) (gnu packages graphics) (gnu packages java) (gnu packages fcitx5) (gnu packages ibus) (gnu packages gnuzilla) (gnu services mcron) (gnu packages haskell) (gnu packages ebook) (gnu packages lisp-xyz) (gnu packages rust-apps) (rde features bluetooth) (gnu packages jami) (gnu packages suckless) (gnu packages finance) (gnu packages pdf) (gnu packages cran) (gnu packages kde) (gnu packages tex) (gnu packages samba) (gnu packages docker) (gnu services docker) (gnu services certbot) (gnu services auditd) (gnu packages unicode) (gnu packages python-build) (gnu packages glib) (gnu packages mail) (gnu packages gcc) (gnu packages rust) (guix git-download) (guix git) (gnu packages commencement) (gnu packages golang) (gnu packages haskell-xyz) (gnu packages kde-pim) (gnu packages guile-xyz) (gnu packages python-xyz) (gnu packages pulseaudio) (gnu packages texinfo) (gnu packages cmake) (gnu packages mpd) (gnu packages disk) (gnu packages android) (gnu packages freedesktop) (gnu packages image) (gnu packages terminals) (gnu packages music) (gnu packages compton) (gnu packages version-control) (gnu packages lxqt) (gnu packages file-systems) (gnu services base) (gnu packages base) (gnu packages xfce) (guix channels) (guix inferior) (srfi srfi-1) (gnu packages tor) (gnu packages commencement) (gnu packages image-viewers) (gnu packages messaging) (gnu packages vim) (gnu packages gstreamer) (gnu packages virtualization) (gnu packages web-browsers) (gnu services) (gnu services vpn) (gnu services dbus) (gnu services shepherd) (gnu system shadow) (gnu services configuration) (gnu packages build-tools) (gnu packages admin) (gnu packages qt) (gnu packages lxde) (gnu packages python) (gnu packages bittorrent) (gnu packages chromium) (gnu packages compression) (gnu packages ncurses) (gnu packages web) (gnu packages fonts) (gnu packages vpn) (gnu packages curl) (gnu packages password-utils) (gnu packages emacs) (gnu packages node) (gnu packages emacs-xyz) (gnu packages engineering) (gnu packages fontutils) (gnu packages gimp) (gnu packages gnome) (gnu packages gnome-xyz) (gnu packages gnupg) (gnu packages haskell-apps) (gnu packages imagemagick) (gnu packages libreoffice) (gnu packages linux) (gnu packages package-management) (gnu packages rsync) (gnu packages ssh) (gnu packages telegram) (gnu packages video) (gnu packages wm) (gnu packages benchmark) (gnu packages xdisorg) (gnu packages xorg) (gnu home services gnupg) (gnu home services xdg) (gnu packages lisp) (gnu packages networking) (gnu packages security-token) (gnu packages tls) (nongnu packages compression) (nongnu packages clojure) (nongnu packages linux) (nongnu system linux-initrd)) (use-service-modules web security base certbot shepherd nix cups desktop networking ssh docker xorg linux virtualization) (use-package-modules package-management version-control gcc bash certs admin linux) (define my-kernel linux) (define xmonad-0.18.0 (package (inherit xmonad) (version "0.18.0"))) (define my-packages (list xmonad-0.18.0 )) (operating-system (kernel my-kernel) (kernel-arguments '("quiet" ; Reduces boot verbosity "noatime" ; Disables access time updates for performance "zswap.enabled=1" ; Enables zswap for compressed caching of swap pages "zswap.compressor=zstd" ; Sets zswap compressor to zstd for efficiency "zswap.max_pool_percent=36"; Configures zswap to use up to 36% of RAM "elevator=deadline" ; Sets the I/O scheduler to deadline for balanced performance "mitigations=auto" ; Enables CPU mitigations as appropriate (security vs performance) "ksm=1" ; Allows Kernel Samepage Merging for memory efficiency "spectre_v2=on" ; Enables Spectre v2 mitigations "nopti" ; Disables Page Table Isolation for performance (may impact security) "rootflags=data=writeback" ; Improves performance for writes with writeback caching "transparent_hugepage=madvise" ; Uses transparent huge pages with advice for allocations "maxcpus=4" ; Limits CPU cores for the kernel (can be set to auto for all) "noirqdebug" ; Disables IRQ debugging messages "watchdog" ; Enables hardware watchdog "noreplace-smp" ; Avoids replacing the SMP kernel after a panic "softlockup_panic" ; Causes kernel panic if a soft lockup is detected "preempt=full" ; Enables full preemptive kernel for better responsiveness "sysrq_always_enabled=1" ; Keeps SysRq features enabled "ipv6.disable=1" ; Disables IPv6 support to potentially simplify networking "oem" ; OEM specific configurations "amdgpu.ppfeaturemask=0xffffffff" ; Configures all powerplay features for AMD GPU "amdgpu.dc=1" ; Enable Display Core for better graphics handling "amdgpu.dpm=1" ; Enable Dynamic Power Management for AMD GPU "amdgpu.aspm=1" ; Enable Active State Power Management on AMD GPUs "irqaffinity=1" ; Assign IRQs to CPUs to improve stability "cpufreq.default_governor=performance"; CPU runs at maximum speed for optimal performance )) (initrd microcode-initrd) (firmware (list linux-firmware)) (locale "en_US.utf8") (timezone "America/Sao_Paulo") (keyboard-layout (keyboard-layout "br")) (host-name "lisp") ;; The list of user accounts ('root' is implicit). (users (cons* (user-account (name "berkeley") (comment "Berkeley") (group "users") (home-directory "/home/berkeley") (supplementary-groups '("wheel" "netdev" "audio" "video" "plugdev"))) %base-user-accounts)) ;; Packages installed system-wide. Users can also install packages ;; under their own account: use 'guix search KEYWORD' to search ;; for packages and 'guix install PACKAGE' to install a package. (packages (append (list ;emacs-org-roam ;emacs-org-roam-ui postgresql ;foliate polybar gstreamer gst-plugins-bad gst-plugins-good nyxt cmus v4l-utils xdg-utils curl gthumb mangohud containerd qtsolutions glances zstd sqlite mpv kitty maim ;; procps scrot mupdf zathura matterbridge sbcl go clisp fdm ;;jami ;navidrome-bin ;mullvad-vpn smartmontools ;; udevil samba cifs-utils mergerfs parted net-tools ntfs-3g texlive-lua-uni-algos texlive-csplain texlive-lua-uni-algos texlive-pwebmac texlive-olsak-misc texlive-pdfoverlay texlive-texosquery texlive-pdfx texlive-pdfprivacy texlive-pdfcomment texlive-iftex texlive-tex texlive-montex texlive-pdfescape texlive-texdef texlive-pdfpages extractpdfmark texlive-csplain poppler-qt5 poppler texlive-pdf14 texlive-thumbpdf texlive-pax texlive-etex texlive-axodraw2 texlive-repltext texlive-luatex texlive-hyperref texlive-xetex texlive-pdftexcmds texlive-epstopdf texlive-epsf-dvipdfmx texlive-dvipdfmx texlive-texsurgery texlive-ptex2pdf texlive-jadetex texlive-texlogfilter texlive-svg-inkscape texlive-purifyeps texlive-navigator texlive-latex-uni8 texlive-biblatex texlive-latex-make texlive-pgf texlive-pdftricks texlive-pdflatexpicscale texlive-pdfmanagement-testphase texlive-pdflatexpicscale texlive-pdfextra texlive-tagpdf texlive-pdfreview texlive-pdfmsym texlive-mptopdf texlive-inter texlive-pdftex-quiet texlive-pdftex texlive-knuth-pdf texlive-xmltexconfig texlive-pdfjam texlive-luatex85 texlive-grayhints texlive-fig4latex texlive-tpic2pdftex texlive-pst2pdf texlive-pdfslide texlive-minim-pdf texlive-hvextern texlive-flippdf texlive-combinedgraphics texlive-autopdf texlive-xetex-pstricks texlive-texonly texlive-scikgtex texlive-pdfsync texlive-mathastext texlive-luainputenc texlive-pdfcomment texlive-pdfprivacy texlive-pdfoverlay texlive-pdfpages texlive-latexmk texlive-hyperxmp texlive-datetime2-en-fulltext texlive-commonunicode texlive-pict2e texlive-intopdf texlive-filemod texlive-textcsc texlive-texpower texlive-texdoc texlive-pst-pdf texlive-pdfpc-movie texlive-pdfmarginpar texlive-pdfbook2 texlive-pdf-trans texlive-lobster2 texlive-hitex texlive-epstopdf-pkg texlive-epspdfconversion texlive-collection-luatex texlive-bxpdfver texlive-asmeconf texlive-synctex texlive-pdfcolmk texlive-pdfcolfoot texlive-lapdf texlive-fixpdfmag python-pdfminer-six texlive-zhmetrics-uptex texlive-xpdfopen texlive-xcpdftips texlive-quattrocento texlive-pdfxup texlive-pdfpc texlive-pdfarticle texlive-oswald texlive-nunito texlive-magra texlive-librebaskerville texlive-l3experimental texlive-knuth-hint texlive-forum texlive-epspdf texlive-dickimaw texlive-convbkmk texlive-changebar texlive-cascadia-code texlive-cabin texlive-bitter texlive-auto-pst-pdf-lua texlive-arvo texlive-archivo texlive-sanitize-umlaut texlive-protex texlive-pdftricks2 texlive-pdflscape texlive-ocg-p texlive-minim-xmp texlive-gregoriotex texlive-docshots texlive-biber emacs-latex-preview-pane texlive-pwebmac texlive-olsak-misc texlive-pdfoverlay texlive-texosquery texlive-pdfx texlive-pdfprivacy texlive-pdfcomment texlive-iftex texlive-tex texlive-montex texlive-pdfescape texlive-texdef texlive-pdfpages texlive-twemoji-colr texlive-noto-emoji texlive-hwemoji texlive-byo-twemojis unicode-emoji texlive-twemojis texlive-emojicite texlive-emoji texlive-scheme-basic texlive-cm-super texlive-listings texmaker texlive-pgf texlive-beamer texlive-hyperref alacritty libxfont libxft ;;protonup-ng wipe imagemagick unzip compton p7zip gedit htop openjdk ;;element-desktop ;; bluetooth bluez blueman ;; ime fcitx5 fcitx5-gtk fcitx5-qt fcitx5-anthy fcitx5-gtk4 fcitx5-configtool netdiscover fping gparted texstudio texlive-bibtex bcachefs-tools whois python-pip setxkbmap xfe ;;clamav libbluray libaacs libbdplus vim neovim ;emacs-telega cmake neofetch kleopatra flatpak fuse pfetch icecat qutebrowser ;;mullvadbrowser nftables git-lfs ghc-git-lfs hashcat haunt openssl flameshot openshot obs go ;ffmpeg-vvdec lm-sensors vlc virt-manager guix nsxiv git inxi tor monero-gui ; emacs-org-roam torsocks tor-client privoxy terminator openvpn kiwix-tools librewolf pavucontrol pavucontrol-qt emacs keepassxc wireshark tcpdump nmap firejail xf86-video-amdgpu asciinema alsa-lib alsa-utils binutils dbus xset lxrandr dosfstools elogind qtox exfat-utils exfatprogs fuse-exfat gnupg libinput texinfo xf86-input-keyboard xf86-input-libinput xf86-input-mouse xf86-input-synaptics ;;emacs-org-timeblock xrandr ungoogled-chromium qbittorrent macchanger ;ghc-ncurses guile-ncurses ;ncurses ;guile ;emacs-geiser ;emacs-geiser-guile fontconfig picom mpd brightnessctl feh gimp fzf xmodmap rofi coreutils qemu xwininfo xprop xpra libfido2 grep iptables node jq python sed nomacs meson ncurses ;;ueberzug++ ;; lots of fonts from package fonts.scm font-adobe-source-code-pro font-adobe-source-han-sans font-adobe-source-sans-pro font-adobe-source-serif-pro font-anonymous-pro font-anonymous-pro-minus font-awesome font-cns11643 font-cns11643-swjz font-comic-neue font-culmus font-dejavu font-dosis font-dseg font-fantasque-sans font-fira-code font-fira-mono font-fira-sans font-fontna-yasashisa-antique font-google-material-design-icons font-google-noto font-google-roboto font-hack font-hermit font-ibm-plex font-inconsolata font-iosevka font-iosevka-aile font-iosevka-etoile font-iosevka-slab font-iosevka-term font-iosevka-term-slab font-ipa-mj-mincho font-jetbrains-mono font-lato font-liberation font-linuxlibertine font-lohit font-meera-inimai font-mononoki font-mplus-testflight font-public-sans font-rachana font-sarasa-gothic font-sil-andika font-sil-charis font-sil-gentium font-tamzen font-terminus font-tex-gyre font-un font-vazir font-wqy-microhei font-wqy-zenhei python-emoji ghc-emojis ghc guile-semver ranger xmessage xrdb xmonad sysbench xmobar ghc ghc-xmonad-contrib gcc gcc-toolchain linux-libre-headers yt-dlp rofi emacs-emojify unicode-emoji ;;rust-unic-emoji-char r-emojifont font-google-noto-emoji ;; font-apple-color-emoji emacs-company-emoji font-openmoji vim-characterize extractpdfmark poppler-qt5 poppler python-pdfminer-six lz4 zstd rust blueman bluez bluez-alsa ;goldendict-ng ;suckless-dictpopup ;;rust-version-check ;;rust-deunicode nheko lf fuse ;; lots of fonts from package xorg.scm font-adobe100dpi font-adobe75dpi font-cronyx-cyrillic font-dec-misc font-isas-misc font-micro-misc font-misc-cyrillic font-misc-ethiopic font-misc-misc font-mutt-misc font-schumacher-misc font-screen-cyrillic font-sony-misc font-sun-misc font-util font-winitzki-cyrillic font-xfree86-type1 youtube-dl noisetorch linux-firmware nix dmidecode (specification->package "i3-wm") (specification->package "dmidecode") (specification->package "i3status") (specification->package "dmenu") (specification->package "st") (specification->package "emacs") (specification->package "jami") (specification->package "steam") (specification->package "texstudio") (specification->package "libreoffice") (specification->package "qemu") (specification->package "telegram-desktop") (specification->package "alacritty") (specification->package "xkill") (specification->package "guile") (specification->package "ueberzug++") (specification->package "fcitx5-gtk4") (specification->package "fcitx5-qt") (specification->package "fcitx5-gtk") (specification->package "torbrowser") (specification->package "unrar") (specification->package "nicotine+") (specification->package "icecat") (specification->package "qutebrowser") (specification->package "gimp") (specification->package "tor-client") (specification->package "make") (specification->package "element-desktop") (specification->package "font-apple-color-emoji") (specification->package "xmonad") (specification->package "xmobar") (specification->package "xmodmap") (specification->package "rofi") (specification->package "bluez-alsa") (specification->package "bluez") (specification->package "fuse") (specification->package "blueman") (specification->package "navidrome-bin")) %base-packages)) ;; Below is the list of system services. To search for available ;; services, run 'guix system search KEYWORD' in a terminal. ;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here ;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here ;; Below is the list of system services. To search for available ;; services, run 'guix system search KEYWORD' in a terminal. (services (append (list (service bluetooth-service-type (bluetooth-configuration (auto-enable? #t))) (udev-rules-service 'fido2 libfido2 #:groups '("plugdev")) (service iptables-service-type (iptables-configuration (ipv4-rules (plain-file "iptables.rules" "*filter :INPUT DROP :FORWARD DROP :OUTPUT ACCEPT -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -A INPUT -p tcp -s 127.0.0.1 -j ACCEPT -A INPUT -p tcp --dport 631 -j REJECT --reject-with icmp-port-unreachable -A INPUT -p udp --dport 631 -j REJECT --reject-with icmp-port-unreachable -A INPUT -j REJECT --reject-with icmp-port-unreachable -A FORWARD -m state --state INVALID -j DROP -A OUTPUT -o lo -j ACCEPT -A OUTPUT -o tun+ -j ACCEPT -A OUTPUT -m owner --gid-owner openvpn -j ACCEPT -A OUTPUT -m state --state INVALID -j DROP -t nat -A OUTPUT -p tcp -m owner --uid-owner berkeley -m tcp -j REDIRECT --to-ports 9040 -t nat -A OUTPUT -p udp -m owner --uid-owner berkeley -m udp --dport 53 -j REDIRECT --to-ports 53 -t filter -A OUTPUT -p tcp -m owner --uid-owner berkeley -m tcp --dport 9040 -j ACCEPT -t filter -A OUTPUT -p udp -m owner --uid-owner berkeley -m udp --dport 53 -j ACCEPT -t filter -A OUTPUT -m owner --uid-owner berkeley -j DROP COMMIT ")))) (simple-service 'blueman dbus-root-service-type (list blueman)) (simple-service 'my-jp-ime-env session-environment-service-type '(("GTK_IM_MODULE" . "fcitx") ("QT_IM_MODULE" . "fcitx") ("GUIX_GTK2_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-2.0/2.10.0/immodules-gtk2.cache") ("GUIX_GTK3_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-3.0/3.0.0/immodules-gtk3.cache") ("XMODIFIERS=@im=" . "fcitx") ("INPUT_METHOD" . "fcitx") ("XIM_PROGRAM" . "fcitx") ("GLFW_IM_MODULE" . "ibus"))) (service docker-service-type) (service containerd-service-type) (service nix-service-type) (service tor-service-type (tor-configuration (config-file (plain-file "torrc" "HttpTunnelPort 9050\n\ VirtualAddrNetwork 10.192.0.0/10\n\ AutomapHostsOnResolve 1\n\ TransPort 9040\n\ DNSPort 53\n\ SOCKSPort 0\n\ ORPort 443\n\ BridgeRelay 1\n\ ExitRelay 0")))) (service libvirt-service-type (libvirt-configuration (unix-sock-group "libvirt") (tls-port "16555"))) (simple-service 'my-jp-ime-env session-environment-service-type '(("GTK_IM_MODULE" . "fcitx") ("QT_IM_MODULE" . "fcitx") ("GUIX_GTK2_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-2.0/2.10.0/immodules-gtk2.cache") ("GUIX_GTK3_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-3.0/3.0.0/immodules-gtk3.cache") ("XMODIFIERS=@im=" . "fcitx") ("INPUT_METHOD" . "fcitx") ("XIM_PROGRAM" . "fcitx") ("GLFW_IM_MODULE" . "ibus"))) (service zram-device-service-type (zram-device-configuration (size (* 2 (expt 2 30))) (compression-algorithm 'zstd) (priority 100))) (service mcron-service-type (mcron-configuration (jobs (list #~(job "10 15 * * *" "find /tmp/mpv-screenshots/ -type f \\( -iname '*.png' -o -iname '*.jpg' \\) -exec sh -c 'cwebp -q 80 \"$0\" -o \"${0%.*}.webp\" && rm \"$0\"' {} \\;"))))) (set-xorg-configuration (xorg-configuration (keyboard-layout keyboard-layout)))) %desktop-services)) (bootloader (bootloader-configuration (bootloader grub-bootloader) (targets (list "/dev/nvme0n1")) (theme (grub-theme (resolution '(1920 . 1080)) (image (local-file "/var/cache/wallpaper.png")))))) (swap-devices (list (swap-space (priority 50) (target (uuid "85b7b3d8-657a-443c-b010-52d224bc4483"))))) ;; The list of file systems that get "mounted". The unique ;; file system identifiers there ("UUIDs") can be obtained ;; by running 'blkid' in a terminal. (file-systems (cons* (file-system (mount-point "/boot/efi") (device (uuid "02E2-0AB2" 'fat32)) (type "vfat")) (file-system (mount-point "/") (device (uuid "38467002-a282-4387-8319-cff6d93cd23b" 'ext4)) (type "ext4")) (file-system (mount-point "/files") (device (uuid "7b2cbf88-bc71-49ad-b2fa-a4bbdb71f886" 'ext4)) (type "ext4")) (file-system (mount-point "/var/cache") (device (uuid "9d009d01-d635-4d56-987a-ffc2699da9fb" 'ext4)) (type "ext4")) %base-file-systems)))