611 lines
22 KiB
Scheme
611 lines
22 KiB
Scheme
(use-modules
|
|
(gnu)
|
|
(guix store)
|
|
(guix packages)
|
|
(gnu packages i2p)
|
|
(ajatt packages dictionaries)
|
|
(nongnu packages game-client)
|
|
(ajatt packages suckless)
|
|
(ajatt packages readers)
|
|
(ajatt packages audio)
|
|
(gnu packages zig-xyz)
|
|
(gnu packages databases)
|
|
(gnu packages antivirus)
|
|
(rosenthal packages binaries)
|
|
(rosenthal packages emacs-xyz)
|
|
(gnu packages tor-browsers)
|
|
(small-guix packages mullvad)
|
|
(radix services admin)
|
|
(radix packages xdisorg)
|
|
(radix packages tex)
|
|
(radix packages image-viewers)
|
|
(saayix packages binaries)
|
|
(guix transformations)
|
|
(gnu packages audio)
|
|
(gnu packages sqlite)
|
|
(gnu packages gdb)
|
|
(gnu packages graphics)
|
|
(gnu packages java)
|
|
(gnu packages fcitx5)
|
|
(gnu packages ibus)
|
|
(gnu packages gnuzilla)
|
|
(gnu services mcron)
|
|
(gnu packages haskell)
|
|
(gnu packages ebook)
|
|
(gnu packages lisp-xyz)
|
|
(gnu packages rust-apps)
|
|
(rde features bluetooth)
|
|
(gnu packages jami)
|
|
(gnu packages suckless)
|
|
(gnu packages finance)
|
|
(gnu packages pdf)
|
|
(gnu packages cran)
|
|
(gnu packages kde)
|
|
(gnu packages tex)
|
|
(gnu packages samba)
|
|
(gnu packages docker)
|
|
(gnu services docker)
|
|
(gnu services certbot)
|
|
(gnu services auditd)
|
|
(gnu packages unicode)
|
|
(gnu packages python-build)
|
|
(gnu packages glib)
|
|
(gnu packages mail)
|
|
(gnu packages gcc)
|
|
(gnu packages rust)
|
|
(guix git-download)
|
|
(guix git)
|
|
(gnu packages
|
|
commencement)
|
|
(gnu packages golang)
|
|
(gnu packages haskell-xyz)
|
|
(gnu packages kde-pim)
|
|
(gnu packages guile-xyz)
|
|
(gnu packages python-xyz)
|
|
(gnu packages pulseaudio)
|
|
(gnu packages texinfo)
|
|
(gnu packages cmake)
|
|
(gnu packages mpd)
|
|
(gnu packages disk)
|
|
(gnu packages android)
|
|
(gnu packages freedesktop)
|
|
(gnu packages image)
|
|
(gnu packages terminals)
|
|
(gnu packages music)
|
|
(gnu packages compton)
|
|
(gnu packages version-control)
|
|
(gnu packages lxqt)
|
|
(gnu packages file-systems)
|
|
(gnu services base)
|
|
(gnu packages base)
|
|
(gnu packages xfce)
|
|
(guix channels)
|
|
(guix inferior)
|
|
(srfi srfi-1)
|
|
(gnu packages tor)
|
|
(gnu packages commencement)
|
|
(gnu packages image-viewers)
|
|
(gnu packages messaging)
|
|
(gnu packages vim)
|
|
(gnu packages gstreamer)
|
|
(gnu packages virtualization)
|
|
(gnu packages web-browsers)
|
|
(gnu services)
|
|
(gnu services vpn)
|
|
(gnu services herd)
|
|
(gnu services dbus)
|
|
(gnu services shepherd)
|
|
(gnu system shadow)
|
|
(gnu services configuration)
|
|
(gnu packages build-tools)
|
|
(gnu packages admin)
|
|
(gnu packages qt)
|
|
(gnu packages lxde)
|
|
(gnu packages python)
|
|
(gnu packages bittorrent)
|
|
(gnu packages chromium)
|
|
(gnu packages compression)
|
|
(gnu packages ncurses)
|
|
(gnu packages web)
|
|
(gnu packages fonts)
|
|
(gnu packages vpn)
|
|
(gnu packages curl)
|
|
(gnu packages password-utils)
|
|
(gnu packages emacs)
|
|
(gnu packages node)
|
|
(gnu packages emacs-xyz)
|
|
(gnu packages engineering)
|
|
(gnu packages fontutils)
|
|
(gnu packages gimp)
|
|
(gnu packages gnome)
|
|
(gnu packages gnome-xyz)
|
|
(gnu packages gnupg)
|
|
(gnu packages haskell-apps)
|
|
(gnu packages imagemagick)
|
|
(gnu packages linux)
|
|
(gnu packages package-management)
|
|
(gnu packages rsync)
|
|
(gnu packages ssh)
|
|
(gnu packages video)
|
|
(gnu packages wm)
|
|
(gnu packages benchmark)
|
|
(gnu packages xdisorg)
|
|
(gnu packages xorg)
|
|
(gnu home services gnupg)
|
|
(gnu home services xdg)
|
|
(gnu home-services wm)
|
|
(small-guix services mullvad)
|
|
(gnu packages lisp)
|
|
(gnu packages networking)
|
|
(gnu packages security-token)
|
|
(gnu packages tls)
|
|
(nongnu packages compression)
|
|
(nongnu packages clojure)
|
|
(nongnu packages linux)
|
|
(nongnu system linux-initrd))
|
|
|
|
(use-service-modules web security networking base certbot shepherd nix cups desktop networking ssh docker xorg linux virtualization)
|
|
(use-package-modules package-management version-control gcc bash certs admin linux)
|
|
;; general rules for doas
|
|
(define general
|
|
(list (permit (identity ":wheel")
|
|
(setenv
|
|
`(("GUILE_LOAD_PATH" . #t)
|
|
("GUILE_LOAD_COMPILED_PATH" . #t))))))
|
|
|
|
(define my-kernel linux)
|
|
|
|
(operating-system
|
|
(kernel my-kernel)
|
|
(kernel-arguments
|
|
'("quiet" ; Reduces boot verbosity
|
|
"noatime" ; Disables access time updates for performance
|
|
"zswap.enabled=1" ; Enables zswap for compressed caching of swap pages
|
|
"zswap.compressor=zstd" ; Sets zswap compressor to zstd for efficiency
|
|
"zswap.max_pool_percent=36"; Configures zswap to use up to 36% of RAM
|
|
"elevator=deadline" ; Sets the I/O scheduler to deadline for balanced performance
|
|
"mitigations=auto" ; Enables CPU mitigations as appropriate (security vs performance)
|
|
"ksm=1" ; Allows Kernel Samepage Merging for memory efficiency
|
|
"spectre_v2=on" ; Enables Spectre v2 mitigations
|
|
"nopti" ; Disables Page Table Isolation for performance (may impact security)
|
|
"rootflags=data=writeback" ; Improves performance for writes with writeback caching
|
|
"transparent_hugepage=madvise" ; Uses transparent huge pages with advice for allocations
|
|
"maxcpus=4" ; Limits CPU cores for the kernel (can be set to auto for all)
|
|
"noirqdebug" ; Disables IRQ debugging messages
|
|
"watchdog" ; Enables hardware watchdog
|
|
"noreplace-smp" ; Avoids replacing the SMP kernel after a panic
|
|
"softlockup_panic" ; Causes kernel panic if a soft lockup is detected
|
|
"preempt=full" ; Enables full preemptive kernel for better responsiveness
|
|
"sysrq_always_enabled=1" ; Keeps SysRq features enabled
|
|
"ipv6.disable=1" ; Disables IPv6 support to potentially simplify networking
|
|
"oem" ; OEM specific configurations
|
|
"amdgpu.ppfeaturemask=0xffffffff" ; Configures all powerplay features for AMD GPU
|
|
"amdgpu.dc=1" ; Enable Display Core for better graphics handling
|
|
"amdgpu.dpm=1" ; Enable Dynamic Power Management for AMD GPU
|
|
"amdgpu.aspm=1" ; Enable Active State Power Management on AMD GPUs
|
|
"irqaffinity=1" ; Assign IRQs to CPUs to improve stability
|
|
"cpufreq.default_governor=performance"; CPU runs at maximum speed for optimal performance
|
|
))
|
|
|
|
(initrd microcode-initrd)
|
|
(firmware (list linux-firmware))
|
|
|
|
(locale "en_US.utf8")
|
|
(timezone "America/Sao_Paulo")
|
|
(keyboard-layout (keyboard-layout "br"))
|
|
|
|
(host-name "lisp")
|
|
;; The list of user accounts ('root' is implicit).
|
|
(users (cons* (user-account
|
|
(name "berkeley")
|
|
(comment "Berkeley")
|
|
(group "users")
|
|
(home-directory "/home/berkeley")
|
|
(supplementary-groups '("wheel" "netdev" "audio" "video" "plugdev")))
|
|
%base-user-accounts))
|
|
|
|
;; Packages installed system-wide. Users can also install packages
|
|
;; under their own account: use 'guix search KEYWORD' to search
|
|
;; for packages and 'guix install PACKAGE' to install a package.
|
|
(packages (append (list
|
|
polybar
|
|
gstreamer
|
|
gst-plugins-bad
|
|
gst-plugins-good
|
|
nyxt
|
|
v4l-utils
|
|
fnott
|
|
ibus
|
|
swww
|
|
waybar
|
|
xdg-utils
|
|
fuzzel-lowercase wl-clipboard wlrctl wlsunset
|
|
curl
|
|
gthumb
|
|
mangohud
|
|
containerd
|
|
qtsolutions
|
|
glances
|
|
zstd
|
|
sqlite
|
|
mpv
|
|
kitty
|
|
maim
|
|
procps
|
|
scrot
|
|
mupdf
|
|
zathura
|
|
matterbridge
|
|
sbcl
|
|
go
|
|
clisp
|
|
fdm
|
|
mullvad-vpn-desktop
|
|
smartmontools
|
|
udevil
|
|
samba
|
|
cifs-utils
|
|
mergerfs
|
|
parted
|
|
net-tools
|
|
ntfs-3g
|
|
youtube-dl
|
|
noisetorch
|
|
linux-firmware
|
|
nix
|
|
dmidecode
|
|
senpai
|
|
texmaker
|
|
texlive-latexmk
|
|
texlive-bibtex
|
|
texlive-hyperref
|
|
texlive-pdfpages
|
|
texlive-biblatex
|
|
texlive-pgf
|
|
texlive-beamer
|
|
texlive-montex
|
|
texlive-pdftex
|
|
texlive-iftex
|
|
texlive-luatex
|
|
texlive-xetex
|
|
texlive-epstopdf
|
|
texlive-pdfcomment
|
|
texlive-luatex85
|
|
texlive-texdoc
|
|
texlive-dvipdfmx
|
|
texlive-pdfextra
|
|
python-pdfminer-six
|
|
texmaker
|
|
emacs-latex-preview-pane
|
|
alacritty
|
|
libxfont
|
|
libxft
|
|
wipe
|
|
imagemagick
|
|
unzip
|
|
compton
|
|
p7zip
|
|
gedit
|
|
htop
|
|
btop
|
|
openjdk
|
|
bluez
|
|
blueman
|
|
fcitx5
|
|
fcitx5-gtk
|
|
fcitx5-qt
|
|
fcitx5-anthy
|
|
fcitx5-gtk4
|
|
fcitx5-configtool
|
|
netdiscover
|
|
fping
|
|
gparted
|
|
bcachefs-tools
|
|
whois
|
|
python-pip
|
|
setxkbmap
|
|
xfe
|
|
clamav
|
|
libbluray
|
|
libaacs
|
|
libbdplus
|
|
vim
|
|
neovim
|
|
cmake
|
|
neofetch
|
|
kleopatra
|
|
flatpak
|
|
pfetch
|
|
icecat
|
|
qutebrowser
|
|
nftables
|
|
git-lfs
|
|
ghc-git-lfs
|
|
hashcat
|
|
haunt
|
|
openssl
|
|
flameshot
|
|
openshot
|
|
obs
|
|
go
|
|
lm-sensors
|
|
vlc
|
|
virt-manager
|
|
guix
|
|
nsxiv
|
|
git
|
|
inxi
|
|
monero-gui
|
|
privoxy
|
|
openvpn
|
|
kiwix-tools
|
|
pavucontrol
|
|
pavucontrol-qt
|
|
emacs
|
|
keepassxc
|
|
wireshark
|
|
tcpdump
|
|
nmap
|
|
firejail
|
|
radeontop
|
|
xf86-video-amdgpu
|
|
asciinema
|
|
alsa-lib
|
|
alsa-utils
|
|
binutils
|
|
dbus
|
|
xset
|
|
lxrandr
|
|
dosfstools
|
|
elogind
|
|
qtox
|
|
exfat-utils
|
|
exfatprogs
|
|
fuse-exfat
|
|
gnupg
|
|
libinput
|
|
texinfo
|
|
xf86-input-keyboard
|
|
xf86-input-libinput
|
|
xf86-input-mouse
|
|
xf86-input-synaptics
|
|
xrandr
|
|
qbittorrent
|
|
macchanger
|
|
guile-ncurses
|
|
fontconfig
|
|
picom
|
|
mpd
|
|
brightnessctl
|
|
feh
|
|
gimp
|
|
fzf
|
|
xmodmap
|
|
rofi
|
|
coreutils
|
|
qemu
|
|
xwininfo
|
|
xprop
|
|
xpra
|
|
libfido2
|
|
grep
|
|
iptables
|
|
node
|
|
jq
|
|
python
|
|
sed
|
|
nomacs
|
|
meson
|
|
ncurses
|
|
;; lots of fonts from package fonts.scm
|
|
font-adobe-source-code-pro font-adobe-source-han-sans
|
|
font-adobe-source-sans-pro font-adobe-source-serif-pro
|
|
font-anonymous-pro font-anonymous-pro-minus font-awesome
|
|
font-cns11643 font-cns11643-swjz font-comic-neue font-culmus
|
|
font-dejavu font-dosis font-dseg font-fantasque-sans font-fira-code
|
|
font-fira-mono font-fira-sans font-fontna-yasashisa-antique
|
|
font-google-material-design-icons font-google-noto font-google-roboto
|
|
font-hack font-hermit font-ibm-plex font-inconsolata font-iosevka
|
|
font-iosevka-aile font-iosevka-etoile font-iosevka-slab
|
|
font-iosevka-term font-iosevka-term-slab
|
|
font-ipa-mj-mincho font-jetbrains-mono font-lato font-liberation
|
|
font-linuxlibertine font-lohit font-meera-inimai font-mononoki
|
|
font-mplus-testflight
|
|
font-public-sans font-rachana font-sarasa-gothic font-sil-andika
|
|
font-sil-charis font-sil-gentium font-tamzen font-terminus
|
|
font-tex-gyre font-un font-vazir font-wqy-microhei
|
|
font-wqy-zenhei
|
|
python-emoji
|
|
ghc-emojis
|
|
ghc
|
|
guile-semver
|
|
ranger
|
|
xmessage
|
|
xrdb
|
|
sysbench
|
|
xmobar
|
|
ghc-xmonad-contrib
|
|
gcc
|
|
gcc-toolchain
|
|
linux-libre-headers
|
|
yt-dlp
|
|
rofi
|
|
emacs-emojify
|
|
unicode-emoji
|
|
r-emojifont
|
|
font-google-noto-emoji
|
|
emacs-company-emoji
|
|
font-openmoji
|
|
vim-characterize
|
|
poppler-qt5
|
|
poppler
|
|
lz4
|
|
zstd
|
|
rust
|
|
blueman
|
|
bluez
|
|
bluez-alsa
|
|
nheko
|
|
lf
|
|
;; lots of fonts from package xorg.scm
|
|
font-adobe100dpi font-adobe75dpi font-cronyx-cyrillic font-dec-misc
|
|
font-isas-misc font-micro-misc font-misc-cyrillic font-misc-ethiopic
|
|
font-misc-misc font-mutt-misc font-schumacher-misc
|
|
font-screen-cyrillic font-sony-misc font-sun-misc font-util
|
|
font-winitzki-cyrillic font-xfree86-type1
|
|
(specification->package "xmonad")
|
|
(specification->package "i3-wm")
|
|
(specification->package "dmidecode")
|
|
(specification->package "i3status")
|
|
(specification->package "dmenu")
|
|
(specification->package "kitty")
|
|
(specification->package "mullvad-vpn-desktop")
|
|
(specification->package "tor")
|
|
(specification->package "emacs")
|
|
(specification->package "jami")
|
|
(specification->package "steam")
|
|
(specification->package "protonup-ng")
|
|
(specification->package "texstudio")
|
|
(specification->package "qemu")
|
|
(specification->package "alacritty")
|
|
(specification->package "xkill")
|
|
(specification->package "guile")
|
|
(specification->package "ueberzug++")
|
|
(specification->package "fcitx5-gtk4")
|
|
(specification->package "fcitx5-qt")
|
|
(specification->package "fcitx5-gtk")
|
|
(specification->package "torbrowser")
|
|
(specification->package "i2pd")
|
|
(specification->package "tor")
|
|
(specification->package "unrar")
|
|
(specification->package "nicotine+")
|
|
(specification->package "icecat")
|
|
(specification->package "qutebrowser")
|
|
(specification->package "gimp")
|
|
(specification->package "tor-client")
|
|
(specification->package "make")
|
|
(specification->package "element-desktop")
|
|
(specification->package "font-apple-color-emoji")
|
|
(specification->package "zen-browser-bin-generic")
|
|
(specification->package "xmobar")
|
|
(specification->package "xmodmap")
|
|
(specification->package "rofi")
|
|
(specification->package "bluez-alsa")
|
|
(specification->package "bluez")
|
|
(specification->package "fuse")
|
|
(specification->package "blueman")
|
|
(specification->package "cmus")
|
|
(specification->package "navidrome-bin"))
|
|
%base-packages))
|
|
|
|
|
|
;; Below is the list of system services. To search for available
|
|
;; services, run 'guix system search KEYWORD' in a terminal.
|
|
;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here
|
|
;;(home-environment (packages (cons* anki ))) ;; figure out how to install it from here
|
|
|
|
;; Below is the list of system services. To search for available
|
|
;; services, run 'guix system search KEYWORD' in a terminal.
|
|
|
|
(services
|
|
(append (list
|
|
(service bluetooth-service-type
|
|
(bluetooth-configuration
|
|
(auto-enable? #t)))
|
|
(udev-rules-service 'fido2 libfido2 #:groups '("plugdev"))
|
|
(service nftables-service-type)
|
|
|
|
(simple-service 'blueman dbus-root-service-type (list blueman))
|
|
(simple-service 'my-jp-ime-env session-environment-service-type
|
|
'(("GTK_IM_MODULE" . "fcitx")
|
|
("QT_IM_MODULE" . "fcitx")
|
|
("GUIX_GTK2_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-2.0/2.10.0/immodules-gtk2.cache")
|
|
("GUIX_GTK3_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-3.0/3.0.0/immodules-gtk3.cache")
|
|
("XMODIFIERS=@im=" . "fcitx")
|
|
("INPUT_METHOD" . "fcitx")
|
|
("XIM_PROGRAM" . "fcitx")
|
|
("GLFW_IM_MODULE" . "ibus")
|
|
;; this makes qt programs looks sharper
|
|
("QML_DISABLE_DISTANCEFIELD" . "1")
|
|
("QT_QUICK_CONTROLS_STYLE" . "Fusion")
|
|
("QT_ENABLE_HIGHDPI_SCALING" . "0")
|
|
("R600_TEX_ANISO" . "16")
|
|
))
|
|
(service mullvad-daemon-service-type)
|
|
(service docker-service-type)
|
|
(service containerd-service-type)
|
|
(service nix-service-type)
|
|
(service tor-service-type
|
|
(tor-configuration
|
|
(config-file (plain-file "tor.conf" "
|
|
Log stdout
|
|
DataDirectory /var/lib/tor
|
|
SOCKSPort 9050
|
|
ControlPort 9051"))))
|
|
(service libvirt-service-type
|
|
(libvirt-configuration
|
|
(unix-sock-group "libvirt")
|
|
(tls-port "16555")))
|
|
(simple-service 'my-jp-ime-env session-environment-service-type
|
|
'(("GTK_IM_MODULE" . "fcitx")
|
|
("QT_IM_MODULE" . "fcitx")
|
|
("GUIX_GTK2_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-2.0/2.10.0/immodules-gtk2.cache")
|
|
("GUIX_GTK3_IM_MODULE_FILE" . "/run/current-system/profile/lib/gtk-3.0/3.0.0/immodules-gtk3.cache")
|
|
("XMODIFIERS=@im=" . "fcitx")
|
|
("INPUT_METHOD" . "fcitx")
|
|
("XIM_PROGRAM" . "fcitx")
|
|
("GLFW_IM_MODULE" . "ibus")))
|
|
(service zram-device-service-type
|
|
(zram-device-configuration
|
|
(size (* 2 (expt 2 30)))
|
|
(compression-algorithm 'zstd)
|
|
(priority 100)))
|
|
(service mcron-service-type
|
|
(mcron-configuration
|
|
(jobs (list #~(job "10 15 * * *"
|
|
"find /tmp/mpv-screenshots/ -type f \\( -iname '*.png' -o -iname '*.jpg' \\) -exec sh -c 'cwebp -q 80 \"$0\" -o \"${0%.*}.webp\" && rm \"$0\"' {} \\;")))))
|
|
(set-xorg-configuration
|
|
(xorg-configuration
|
|
(keyboard-layout keyboard-layout))))
|
|
%desktop-services))
|
|
|
|
|
|
(bootloader (bootloader-configuration
|
|
(bootloader grub-bootloader)
|
|
(targets (list "/dev/nvme0n1"))
|
|
(theme (grub-theme
|
|
(resolution '(1920 . 1080))
|
|
(image (local-file "/home/berkeley/grub.png"))))))
|
|
(swap-devices (list (swap-space
|
|
(priority 50)
|
|
(target (uuid
|
|
"85b7b3d8-657a-443c-b010-52d224bc4483")))))
|
|
|
|
;; The list of file systems that get "mounted". The unique
|
|
;; file system identifiers there ("UUIDs") can be obtained
|
|
;; by running 'blkid' in a terminal.
|
|
(file-systems (cons* (file-system
|
|
(mount-point "/boot/efi")
|
|
(device (uuid "02E2-0AB2"
|
|
'fat32))
|
|
(type "vfat"))
|
|
|
|
(file-system
|
|
(mount-point "/")
|
|
(device (uuid "38467002-a282-4387-8319-cff6d93cd23b" 'ext4))
|
|
(type "ext4"))
|
|
|
|
(file-system
|
|
(mount-point "/files")
|
|
(device (uuid "7b2cbf88-bc71-49ad-b2fa-a4bbdb71f886" 'ext4))
|
|
(type "ext4"))
|
|
|
|
(file-system
|
|
(mount-point "/steam/")
|
|
(device (uuid "9d009d01-d635-4d56-987a-ffc2699da9fb" 'ext4))
|
|
(type "ext4"))
|
|
|
|
%base-file-systems)))
|
|
|
|
|