radix/buer.scm

#|Modules|#
(use-modules
 #|GNU  |# (gnu)
           (gnu artwork)
           (gnu services)
 #|Guix |# (guix gexp)
 #|Misc |# (ice-9 match)
 #|Radix|# (radix packages linux)
           (radix services linux)
           (radix system setuid)
           (radix secrets)
           (radix utils)
           ((radix files doas) #:prefix file:doas-)
           ((radix files thinkfan) #:prefix file:thinkfan-))

(use-system-modules
 #|N|# nss)

(use-service-modules
 #|A|# admin
 #|D|# desktop
 #|M|# mcron
 #|N|# networking
 #|S|# sound sysctl)

(use-package-modules
 #|A|# admin
 #|B|# base
 #|C|# certs compression curl
 #|F|# file
 #|G|# gawk glib guile guile-xyz
 #|L|# less linux
 #|M|# man maths
 #|P|# pulseaudio
 #|S|# shells
 #|T|# texinfo text-editors tmux
 #|V|# vpn)

#|Operating system definition|#
(operating-system
 (host-name "buer")
 (timezone "America/Sao_Paulo")
 (locale "en_US.utf8")

 (keyboard-layout
  (keyboard-layout "us,br"
                   #:options '("grp:menu_switch"
                               "parens:swap_brackets"
                               "caps:swapescape")))

 (bootloader
  (bootloader-configuration
   (bootloader grub-bootloader)
    (targets '("/dev/sda"))
    (theme (grub-theme
            (image (file-append %artwork-repository
                                "/backgrounds/guix-silver-checkered-16-9.svg"))
            (resolution '(1280 . 720))
            (gfxmode '("1280x720x32"))))))

 (kernel linux-libre-6.4)
 (kernel-arguments
  (list "modprobe.blacklist=usbmouse,usbkbd"
        "thinkpad_acpi.fan_control=1"
        "loglevel=5"
        "quiet"))

 (file-systems
  (cons* (file-system
          (device (file-system-label "guix-root"))
          (mount-point "/")
          (type "ext4"))
         (file-system
          (device (file-system-label "HOME")) ;doas e2label /dev/sda5 home
          (mount-point "/home")
          (type "ext4"))
         %base-file-systems))

 (swap-devices
  (list (swap-space
         (target (file-system-label "swap")))))

 (users
  (cons* (user-account
          (name "radio")
          (password %radio-password)
          (shell (file-append dash "/bin/dash"))
          (group "users")
          (supplementary-groups `("audio" "input" "video" "wheel")))
         (user-account
          (name "root")
          (password %root-password)
          (uid 0)
          (group "root")
          (shell (file-append dash "/bin/dash")))
         %base-user-accounts))

 #|System level packages|#
 (packages
  (list #|admin       |# htop inetutils isc-dhcp opendoas shadow
        #|base        |# coreutils diffutils findutils grep patch sed tar which
        #|certs       |# nss-certs
        #|compression |# bzip2 gzip lzip unzip xz zstd
        #|curl        |# curl
        #|gawk        |# gawk
        #|guile       |# guile-3.0-latest guile-colorized guile-readline
        #|less        |# less
        #|linux       |# alsa-lib alsa-plugins alsa-utils e2fsprogs eudev fuse
                         inotify-tools iproute kbd kmod lm-sensors procps psmisc
                         thinkfan-next util-linux
        #|man         |# man-db mandoc man-pages
        #|math        |# libqalculate
        #|pulseaudio  |# pulseaudio
        #|shells      |# dash
        #|texinfo     |# info-reader
        #|text-editors|# kakoune
        #|tmux        |# tmux
        #|vpn         |# wireguard-tools))

 #|Do not generate a sudoers file|#
 (sudoers-file #f)

 #|Run some programs from each package with file owner privileges|#
 (setuid-programs
  (map-setuid-programs
   (shadow     '("passwd" "chfn" "sg" "su" "newgrp" "newuidmap" "newgidmap"))
   (inetutils  '("ping" "ping6"))
   (opendoas   '("doas"))
   (fuse       '("fusermount"))
   (util-linux '("mount" "umount"))))
 
 #|Allow resolution of '.local' host names with mDNS|#
 (name-service-switch %mdns-host-lookup-nss)

 #|System services|#
 (services
  (list #|TTY services|#
        (service virtual-terminal-service-type)
        (service console-font-service-type
                 (associate-right
                  (%default-console-font '("tty1" "tty2"))))
        (service agetty-service-type
                 (agetty-configuration
                  (extra-options '("-L"))
                  (term "vt100")
                  (tty #f)))
        (service mingetty-service-type
                 (mingetty-configuration (tty "tty1")))
        (service mingetty-service-type
                 (mingetty-configuration (tty "tty2")))

        #|Login services|#
        (service login-service-type)
        (service elogind-service-type)

        #|Log services|#
        (service rottlog-service-type)
        (service syslog-service-type
                 (syslog-configuration
                  (syslogd (file-append inetutils "/libexec/syslogd"))
                  (config-file %default-syslog.conf)))
        (service log-cleanup-service-type
                 (log-cleanup-configuration
                  (directory "/var/log/guix/drvs")
                  (expiry (* 3 30 24 3600))))

        #|Guix services|#
        (service guix-service-type
                 (guix-configuration
                  (build-accounts 16)
                  (extra-options '("--max-jobs=8" "--cores=4"))))

        #|Mcron service|#
        (simple-service 'mcron-jobs mcron-service-type
                        (list #~(job "5 0 * * *"
                                     "guix gc --optimize -F 5G")))

        #|Device management services|#
        (service udev-service-type
                 (udev-configuration
                  (udev eudev)
                  (rules (list lvm2 fuse alsa-utils crda))))

        #|Sound services|#
        (service alsa-service-type)

        #|Network services|#
        (service static-networking-service-type
                 (list (static-networking
                        (addresses
                         (list (network-address
                                (device "lo")
                                (value "127.0.0.1/8"))))
                        (provision '(loopback)))))
        (service wpa-supplicant-service-type
                 (wpa-supplicant-configuration
                  (config-file "/etc/wpa_supplicant.conf")
                  (interface "wlp2s0")
                  (extra-options '("-B"))))
        (service dhcp-client-service-type
                 (dhcp-client-configuration
                  (interfaces 'all)))

        #|Thinkfan services|#
        (simple-service 'thinkfan-config etc-service-type
                        `(("modprobe.d/thinkfan.conf" ,file:thinkfan-modprobe-config)
                          ("thinkfan.conf"            ,file:thinkfan-config)))
        (service thinkfan-service-type
                 (thinkfan-configuration
                  (config-file file:thinkfan-config)
                  (respawn? #f)))

        #|Doas config service|#
        (simple-service 'doas-config etc-service-type
                        `(("doas.conf" ,file:doas-config)))

        #|Special file services|#
        (service special-files-service-type
                 `(("/bin/sh"      ,(file-append dash      "/bin/dash"))
                   ("/usr/bin/env" ,(file-append coreutils "/bin/env"))))

        #|Miscellaneous services|#
        (service urandom-seed-service-type)
        (service nscd-service-type)
        (service sysctl-service-type
                 (sysctl-configuration
                  (sysctl (file-append procps "/sbin/sysctl"))
                  (settings '(("fs.protected_hardlinks" . "1")
                              ("fs.protected_symlinks"  . "1"))))))))
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`#\|Modules\|#`
			`(use-modules`
Add dotfiles 2023-08-06 02:30:22 +00:00			`#\|GNU \|# (gnu)`
			`(gnu artwork)`
			`(gnu services)`
			`#\|Guix \|# (guix gexp)`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`#\|Misc \|# (ice-9 match)`
Add dotfiles 2023-08-06 02:30:22 +00:00			`#\|Radix\|# (radix packages linux)`
			`(radix services linux)`
			`(radix system setuid)`
			`(radix secrets)`
refactor: remove doas and thinkfan configuration files from the system definition 2023-08-06 19:20:09 +00:00			`(radix utils)`
			`((radix files doas) #:prefix file:doas-)`
			`((radix files thinkfan) #:prefix file:thinkfan-))`
Add dotfiles 2023-08-06 02:30:22 +00:00
			`(use-system-modules`
			`#\|N\|# nss)`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00
			`(use-service-modules`
			`#\|A\|# admin`
			`#\|D\|# desktop`
			`#\|M\|# mcron`
			`#\|N\|# networking`
chore: remove imports of unused guile modules 2023-08-08 01:32:20 +00:00			`#\|S\|# sound sysctl)`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00
			`(use-package-modules`
			`#\|A\|# admin`
feat: remove bash and bash-completion from system definition 2023-08-07 23:50:30 +00:00			`#\|B\|# base`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`#\|C\|# certs compression curl`
			`#\|F\|# file`
			`#\|G\|# gawk glib guile guile-xyz`
			`#\|L\|# less linux`
			`#\|M\|# man maths`
			`#\|P\|# pulseaudio`
feat: remove bash and bash-completion from system definition 2023-08-07 23:50:30 +00:00			`#\|S\|# shells`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`#\|T\|# texinfo text-editors tmux`
			`#\|V\|# vpn)`

			`#\|Operating system definition\|#`
			`(operating-system`
			`(host-name "buer")`
			`(timezone "America/Sao_Paulo")`
			`(locale "en_US.utf8")`

			`(keyboard-layout`
			`(keyboard-layout "us,br"`
			`#:options '("grp:menu_switch"`
			`"parens:swap_brackets"`
			`"caps:swapescape")))`

			`(bootloader`
			`(bootloader-configuration`
			`(bootloader grub-bootloader)`
			`(targets '("/dev/sda"))`
			`(theme (grub-theme`
			`(image (file-append %artwork-repository`
			`"/backgrounds/guix-silver-checkered-16-9.svg"))`
			`(resolution '(1280 . 720))`
			`(gfxmode '("1280x720x32"))))))`

			`(kernel linux-libre-6.4)`
feat: remove bash and bash-completion from system definition 2023-08-07 23:50:30 +00:00			`(kernel-arguments`
style: fix identation 2023-08-08 18:27:49 +00:00			`(list "modprobe.blacklist=usbmouse,usbkbd"`
			`"thinkpad_acpi.fan_control=1"`
			`"loglevel=5"`
			`"quiet"))`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00
			`(file-systems`
			`(cons* (file-system`
			`(device (file-system-label "guix-root"))`
			`(mount-point "/")`
			`(type "ext4"))`
			`(file-system`
			`(device (file-system-label "HOME")) ;doas e2label /dev/sda5 home`
			`(mount-point "/home")`
			`(type "ext4"))`
			`%base-file-systems))`

			`(swap-devices`
			`(list (swap-space`
			`(target (file-system-label "swap")))))`

			`(users`
feat: remove bash and bash-completion from system definition 2023-08-07 23:50:30 +00:00			`(cons* (user-account`
			`(name "radio")`
			`(password %radio-password)`
			`(shell (file-append dash "/bin/dash"))`
			`(group "users")`
			(supplementary-groups `("audio" "input" "video" "wheel")))
			`(user-account`
			`(name "root")`
			`(password %root-password)`
			`(uid 0)`
			`(group "root")`
			`(shell (file-append dash "/bin/dash")))`
			`%base-user-accounts))`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00
			`#\|System level packages\|#`
			`(packages`
			`(list #\|admin \|# htop inetutils isc-dhcp opendoas shadow`
feat: remove unecessary packages 2023-08-07 23:38:40 +00:00			`#\|base \|# coreutils diffutils findutils grep patch sed tar which`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`#\|certs \|# nss-certs`
feat: remove unecessary packages 2023-08-07 23:38:40 +00:00			`#\|compression \|# bzip2 gzip lzip unzip xz zstd`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`#\|curl \|# curl`
			`#\|gawk \|# gawk`
chore: move guile-reader to home declaration 2023-08-06 23:03:29 +00:00			`#\|guile \|# guile-3.0-latest guile-colorized guile-readline`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`#\|less \|# less`
feat: remove acpi from system definition 2023-08-06 23:12:53 +00:00			`#\|linux \|# alsa-lib alsa-plugins alsa-utils e2fsprogs eudev fuse`
style: remove repeated inetutils declaration on system packages 2023-08-08 11:51:38 +00:00			`inotify-tools iproute kbd kmod lm-sensors procps psmisc`
			`thinkfan-next util-linux`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`#\|man \|# man-db mandoc man-pages`
			`#\|math \|# libqalculate`
			`#\|pulseaudio \|# pulseaudio`
feat: remove bash and bash-completion from system definition 2023-08-07 23:50:30 +00:00			`#\|shells \|# dash`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`#\|texinfo \|# info-reader`
feat: remove unecessary packages 2023-08-07 23:38:40 +00:00			`#\|text-editors\|# kakoune`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`#\|tmux \|# tmux`
			`#\|vpn \|# wireguard-tools))`

			`#\|Do not generate a sudoers file\|#`
			`(sudoers-file #f)`

			`#\|Run some programs from each package with file owner privileges\|#`
			`(setuid-programs`
			`(map-setuid-programs`
			`(shadow '("passwd" "chfn" "sg" "su" "newgrp" "newuidmap" "newgidmap"))`
			`(inetutils '("ping" "ping6"))`
			`(opendoas '("doas"))`
			`(fuse '("fusermount"))`
			`(util-linux '("mount" "umount"))))`

			`#\|Allow resolution of '.local' host names with mDNS\|#`
			`(name-service-switch %mdns-host-lookup-nss)`

			`#\|System services\|#`
			`(services`
			`(list #\|TTY services\|#`
			`(service virtual-terminal-service-type)`
			`(service console-font-service-type`
			`(associate-right`
			`(%default-console-font '("tty1" "tty2"))))`
			`(service agetty-service-type`
			`(agetty-configuration`
			`(extra-options '("-L"))`
			`(term "vt100")`
			`(tty #f)))`
			`(service mingetty-service-type`
			`(mingetty-configuration (tty "tty1")))`
			`(service mingetty-service-type`
			`(mingetty-configuration (tty "tty2")))`

			`#\|Login services\|#`
			`(service login-service-type)`
			`(service elogind-service-type)`

			`#\|Log services\|#`
			`(service rottlog-service-type)`
			`(service syslog-service-type`
			`(syslog-configuration`
			`(syslogd (file-append inetutils "/libexec/syslogd"))`
			`(config-file %default-syslog.conf)))`
			`(service log-cleanup-service-type`
			`(log-cleanup-configuration`
			`(directory "/var/log/guix/drvs")`
			`(expiry (* 3 30 24 3600))))`

			`#\|Guix services\|#`
			`(service guix-service-type`
			`(guix-configuration`
			`(build-accounts 16)`
			`(extra-options '("--max-jobs=8" "--cores=4"))))`

			`#\|Mcron service\|#`
			`(simple-service 'mcron-jobs mcron-service-type`
style: fix identation 2023-08-08 18:27:49 +00:00			`(list #~(job "5 0 * * *"`
			`"guix gc --optimize -F 5G")))`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00
			`#\|Device management services\|#`
			`(service udev-service-type`
			`(udev-configuration`
			`(udev eudev)`
			`(rules (list lvm2 fuse alsa-utils crda))))`

			`#\|Sound services\|#`
			`(service alsa-service-type)`

			`#\|Network services\|#`
			`(service static-networking-service-type`
			`(list (static-networking`
			`(addresses`
style: fix identation 2023-08-08 18:27:49 +00:00			`(list (network-address`
			`(device "lo")`
			`(value "127.0.0.1/8"))))`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`(provision '(loopback)))))`
			`(service wpa-supplicant-service-type`
			`(wpa-supplicant-configuration`
			`(config-file "/etc/wpa_supplicant.conf")`
			`(interface "wlp2s0")`
			`(extra-options '("-B"))))`
			`(service dhcp-client-service-type`
			`(dhcp-client-configuration`
			`(interfaces 'all)))`

			`#\|Thinkfan services\|#`
			`(simple-service 'thinkfan-config etc-service-type`
style: fix identation 2023-08-08 18:27:49 +00:00			`(("modprobe.d/thinkfan.conf" ,file:thinkfan-modprobe-config)
			`("thinkfan.conf" ,file:thinkfan-config)))`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`(service thinkfan-service-type`
			`(thinkfan-configuration`
refactor: remove doas and thinkfan configuration files from the system definition 2023-08-06 19:20:09 +00:00			`(config-file file:thinkfan-config)`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00			`(respawn? #f)))`

			`#\|Doas config service\|#`
			`(simple-service 'doas-config etc-service-type`
style: fix identation 2023-08-08 18:27:49 +00:00			`(("doas.conf" ,file:doas-config)))
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00
			`#\|Special file services\|#`
			`(service special-files-service-type`
style: fix identation 2023-08-08 18:27:49 +00:00			`(("/bin/sh" ,(file-append dash "/bin/dash"))
			`("/usr/bin/env" ,(file-append coreutils "/bin/env"))))`
Merge radix and radix-config repositories 2023-08-05 22:21:37 +00:00
			`#\|Miscellaneous services\|#`
			`(service urandom-seed-service-type)`
			`(service nscd-service-type)`
			`(service sysctl-service-type`
			`(sysctl-configuration`
			`(sysctl (file-append procps "/sbin/sysctl"))`
			`(settings '(("fs.protected_hardlinks" . "1")`
			`("fs.protected_symlinks" . "1"))))))))`