2024-03-08 14:32:05 +00:00
|
|
|
(define-module (operating-systems buer)
|
2024-07-07 01:31:57 +00:00
|
|
|
#|GNU bootloader|#
|
|
|
|
#|•|# #:use-module (gnu bootloader)
|
|
|
|
#|G|# #:use-module (gnu bootloader grub)
|
2024-03-08 14:32:05 +00:00
|
|
|
|
|
|
|
#|GNU packages|#
|
|
|
|
#|A|# #:use-module (gnu packages admin)
|
|
|
|
#|B|# #:use-module (gnu packages base)
|
2024-11-21 14:39:06 +00:00
|
|
|
#:use-module (gnu packages bash)
|
2024-03-08 14:32:05 +00:00
|
|
|
#|C|# #:use-module (gnu packages certs)
|
|
|
|
#:use-module (gnu packages compression)
|
|
|
|
#|G|# #:use-module (gnu packages gawk)
|
|
|
|
#:use-module (gnu packages guile)
|
|
|
|
#:use-module (gnu packages guile-xyz)
|
|
|
|
#|L|# #:use-module (gnu packages less)
|
|
|
|
#:use-module (gnu packages linux)
|
|
|
|
#|M|# #:use-module (gnu packages man)
|
2024-04-26 21:55:38 +00:00
|
|
|
#|P|# #:use-module (gnu packages package-management)
|
|
|
|
#:use-module (gnu packages pciutils)
|
2024-03-08 14:32:05 +00:00
|
|
|
#|T|# #:use-module (gnu packages texinfo)
|
|
|
|
|
|
|
|
#|GNU services|#
|
2024-07-07 01:31:57 +00:00
|
|
|
#|•|# #:use-module (gnu services)
|
2024-03-08 14:32:05 +00:00
|
|
|
#|A|# #:use-module (gnu services admin)
|
2024-11-09 11:54:30 +00:00
|
|
|
#|B|# #:use-module ((gnu services base) #:hide (greetd-service-type))
|
2024-03-08 14:32:05 +00:00
|
|
|
#|D|# #:use-module (gnu services dbus)
|
|
|
|
#:use-module (gnu services desktop)
|
2024-06-10 23:24:55 +00:00
|
|
|
#|G|# #:use-module (gnu services guix)
|
2024-07-07 01:31:57 +00:00
|
|
|
#|L|# #:use-module (gnu services linux)
|
|
|
|
#|N|# #:use-module (gnu services networking)
|
2024-03-08 14:32:05 +00:00
|
|
|
#|P|# #:use-module (gnu services pm)
|
2024-11-24 16:42:32 +00:00
|
|
|
#|S|# #:use-module (gnu services shepherd)
|
|
|
|
#:use-module (gnu services sysctl)
|
2024-07-07 01:31:57 +00:00
|
|
|
|
|
|
|
#|GNU system|#
|
2024-10-29 00:13:05 +00:00
|
|
|
#|•|# #:use-module (gnu system)
|
2024-07-07 01:31:57 +00:00
|
|
|
#|A|# #:use-module (gnu system accounts)
|
|
|
|
#|F|# #:use-module (gnu system file-systems)
|
|
|
|
#|K|# #:use-module (gnu system keyboard)
|
|
|
|
#|N|# #:use-module (gnu system nss)
|
|
|
|
#|S|# #:use-module (gnu system shadow)
|
2024-03-08 14:32:05 +00:00
|
|
|
|
|
|
|
#|Guix|#
|
2024-07-07 01:31:57 +00:00
|
|
|
#|G|# #:use-module (guix gexp)
|
2024-03-08 14:32:05 +00:00
|
|
|
|
2024-06-10 23:24:55 +00:00
|
|
|
#|Home environments|#
|
|
|
|
#|R|# #:use-module ((home-environments radio)
|
2024-10-29 00:13:05 +00:00
|
|
|
#:prefix home-environment:)
|
2024-06-10 23:24:55 +00:00
|
|
|
|
2024-03-08 14:32:05 +00:00
|
|
|
#|Radix|#
|
|
|
|
#|A|# #:use-module (radix artwork)
|
|
|
|
#|C|# #:use-module (radix combinators)
|
|
|
|
#|U|# #:use-module (radix utils)
|
|
|
|
|
|
|
|
#|Radix packages|#
|
|
|
|
#|A|# #:use-module (radix packages admin)
|
|
|
|
#|L|# #:use-module (radix packages linux)
|
2024-03-26 20:37:13 +00:00
|
|
|
#|T|# #:use-module (radix packages text-editors)
|
2024-03-08 14:32:05 +00:00
|
|
|
|
|
|
|
#|Radix services|#
|
|
|
|
#|A|# #:use-module (radix services admin)
|
2024-11-09 11:54:30 +00:00
|
|
|
#|G|# #:use-module (radix services greetd)
|
2024-03-08 14:32:05 +00:00
|
|
|
#|P|# #:use-module (radix services pm)
|
|
|
|
|
|
|
|
#|Radix system|#
|
|
|
|
#|S|# #:use-module (radix system security)
|
|
|
|
#:use-module (radix system setuid)
|
|
|
|
#|M|# #:use-module (radix system monitoring)
|
|
|
|
|
2024-03-09 14:04:18 +00:00
|
|
|
#|Buer|#
|
2024-07-07 01:31:57 +00:00
|
|
|
#|B|# #:use-module ((buer build-machines)
|
|
|
|
#:prefix build-machine:)
|
|
|
|
#|C|# #:use-module ((buer channels)
|
|
|
|
#:prefix channel:)
|
2024-09-26 13:39:45 +00:00
|
|
|
#|F|# #:use-module ((buer files)
|
|
|
|
#:prefix file:)
|
2024-11-11 15:07:10 +00:00
|
|
|
#:use-module ((buer file-systems)
|
2024-11-03 04:43:37 +00:00
|
|
|
#:prefix file-system:)
|
2024-08-22 03:03:41 +00:00
|
|
|
#|P|# #:use-module ((buer privilege)
|
|
|
|
#:prefix privileged-programs:)
|
2024-09-22 18:46:29 +00:00
|
|
|
#|R|# #:use-module ((buer rules)
|
|
|
|
#:prefix rules:)
|
2024-11-25 01:06:13 +00:00
|
|
|
#|S|# #:use-module ((buer shepherd-services)
|
|
|
|
#:prefix shepherd-service:)
|
|
|
|
#:use-module ((buer substitute-keys)
|
2024-09-26 13:39:45 +00:00
|
|
|
#:prefix substitute-key:)
|
2024-07-07 01:31:57 +00:00
|
|
|
#|U|# #:use-module ((buer users)
|
|
|
|
#:prefix user:)
|
2024-03-09 14:04:18 +00:00
|
|
|
|
2024-03-08 14:32:05 +00:00
|
|
|
#|SRFIs|#
|
2024-03-11 00:17:47 +00:00
|
|
|
#|1|# #:use-module (srfi srfi-1)
|
2024-03-08 14:32:05 +00:00
|
|
|
|
2024-11-11 15:08:12 +00:00
|
|
|
#:export (buer buer.scm))
|
|
|
|
|
|
|
|
(define buer.scm
|
|
|
|
(search-path %load-path (module-filename (current-module))))
|
2024-03-08 14:32:05 +00:00
|
|
|
|
2024-10-29 00:13:05 +00:00
|
|
|
(define buer
|
|
|
|
(operating-system
|
2024-03-08 14:32:05 +00:00
|
|
|
(host-name "buer")
|
|
|
|
(timezone "America/Sao_Paulo")
|
|
|
|
(locale "en_US.utf8")
|
|
|
|
|
|
|
|
(keyboard-layout
|
|
|
|
(keyboard-layout "us,br"
|
|
|
|
#:options `("grp:menu_switch"
|
|
|
|
"parens:swap_brackets"
|
|
|
|
"caps:swapescape")))
|
|
|
|
|
|
|
|
(bootloader
|
|
|
|
(bootloader-configuration
|
|
|
|
(bootloader grub-bootloader)
|
2024-11-03 04:43:37 +00:00
|
|
|
(targets `("/dev/disk/by-id/wwn-0x50026b7785a0a591"))
|
2024-03-08 14:32:05 +00:00
|
|
|
(theme (grub-theme
|
|
|
|
(color-normal
|
|
|
|
'((fg . light-gray) (bg . black)))
|
|
|
|
(color-highlight
|
|
|
|
'((fg . black) (bg . light-gray)))
|
|
|
|
(image (file-append %artwork-repository
|
|
|
|
"/backgrounds/guix-silver-16-9.svg"))
|
|
|
|
(gfxmode `("1280x720x32"))))))
|
|
|
|
|
2024-10-23 02:07:08 +00:00
|
|
|
(kernel linux-libre-6.11)
|
2024-03-08 14:32:05 +00:00
|
|
|
(kernel-arguments
|
2024-11-19 14:51:37 +00:00
|
|
|
(cons* "resume=/swap/swapfile"
|
|
|
|
"modprobe.blacklist=usbmouse,usbkbd,pcspkr"
|
2024-03-08 14:32:05 +00:00
|
|
|
"thinkpad_acpi.fan_control=1"
|
2024-08-29 00:59:14 +00:00
|
|
|
(filter (negate ((on disjoin
|
|
|
|
(partial partial string-prefix?))
|
|
|
|
"debugfs" "l1tf" "mds" "mitigations" "nosmt"))
|
2024-03-08 14:32:05 +00:00
|
|
|
%kicksecure-kernel-arguments)))
|
|
|
|
|
|
|
|
(file-systems
|
2024-11-03 04:43:37 +00:00
|
|
|
(append file-system:volumes
|
|
|
|
file-system:persistent-directories))
|
2024-11-19 14:51:37 +00:00
|
|
|
(swap-devices
|
|
|
|
(list (swap-space
|
|
|
|
(target "/swap/swapfile")
|
|
|
|
(dependencies
|
|
|
|
(filter (file-system-mount-point-predicate "/swap")
|
|
|
|
file-systems)))))
|
2024-03-08 14:32:05 +00:00
|
|
|
(users
|
2024-04-05 05:06:48 +00:00
|
|
|
(cons* user:radio
|
|
|
|
user:root
|
2024-03-08 14:32:05 +00:00
|
|
|
%base-user-accounts))
|
|
|
|
|
|
|
|
#|System level packages|#
|
|
|
|
(packages
|
2024-09-22 18:46:29 +00:00
|
|
|
(list #|admin |# btop inetutils isc-dhcp shadow zzz
|
2024-03-08 14:32:05 +00:00
|
|
|
#|base |# coreutils diffutils findutils grep patch sed tar which
|
2024-10-06 12:06:20 +00:00
|
|
|
#|bash |# bash bash-completion
|
2024-03-08 14:32:05 +00:00
|
|
|
#|certs |# nss-certs
|
|
|
|
#|compression |# gzip xz zstd
|
|
|
|
#|gawk |# gawk
|
|
|
|
#|guile |# guile-next guile-colorized guile-readline
|
|
|
|
#|less |# less
|
2024-11-21 14:40:46 +00:00
|
|
|
#|linux |# e2fsprogs iproute kmod procps usbutils util-linux
|
2024-03-08 14:32:05 +00:00
|
|
|
#|man |# man-db man-pages
|
2024-04-26 21:55:38 +00:00
|
|
|
#|pciutils |# pciutils
|
2024-03-08 14:32:05 +00:00
|
|
|
#|texinfo |# info-reader
|
2024-11-21 14:39:40 +00:00
|
|
|
#|text-editors|# kakoune))
|
2024-03-08 14:32:05 +00:00
|
|
|
|
|
|
|
#|Do not generate a sudoers file|#
|
|
|
|
(sudoers-file #f)
|
|
|
|
|
2024-08-22 03:03:41 +00:00
|
|
|
#|Run some programs from with file privileges|#
|
|
|
|
(privileged-programs
|
|
|
|
(append privileged-programs:authentication
|
|
|
|
privileged-programs:file-systems
|
|
|
|
privileged-programs:network))
|
2024-03-08 14:32:05 +00:00
|
|
|
|
|
|
|
#|Allow resolution of '.local' host names with mDNS|#
|
|
|
|
(name-service-switch %mdns-host-lookup-nss)
|
2024-11-24 16:42:32 +00:00
|
|
|
(essential-services
|
|
|
|
(modify-services
|
|
|
|
(operating-system-default-essential-services this-operating-system)
|
|
|
|
(shepherd-root-service-type
|
|
|
|
_ => (shepherd-configuration
|
2024-11-25 01:06:13 +00:00
|
|
|
(shepherd (@ (shepherd-package) shepherd))
|
|
|
|
(services (list shepherd-service:guix-gc
|
|
|
|
shepherd-service:snapshot-@home
|
|
|
|
shepherd-service:timer))))))
|
2024-03-08 14:32:05 +00:00
|
|
|
|
|
|
|
#|System services|#
|
|
|
|
(services
|
|
|
|
(list #|TTY services|#
|
|
|
|
(service virtual-terminal-service-type)
|
|
|
|
(service console-font-service-type
|
|
|
|
(associate-right
|
|
|
|
(%default-console-font `("tty1" "tty2"))))
|
|
|
|
|
|
|
|
#|Login services|#
|
2024-04-05 05:06:48 +00:00
|
|
|
(service seatd-service-type)
|
|
|
|
(service greetd-service-type
|
|
|
|
(greetd-configuration
|
2024-09-28 01:27:27 +00:00
|
|
|
(greeter-supplementary-groups `("seat"))
|
2024-04-05 05:06:48 +00:00
|
|
|
(terminals
|
|
|
|
(map (lambda (x)
|
|
|
|
(greetd-terminal-configuration
|
|
|
|
(terminal-vt (number->string x))
|
2024-11-09 11:54:30 +00:00
|
|
|
(terminal-switch (= x 1))))
|
2024-04-05 05:06:48 +00:00
|
|
|
(iota 2 1)))))
|
2024-03-08 14:32:05 +00:00
|
|
|
|
2024-06-10 23:24:55 +00:00
|
|
|
#|Home environment services|#
|
|
|
|
(service guix-home-service-type
|
|
|
|
(if (file-exists? "/run/current-system/provenance") '()
|
2024-09-15 19:06:07 +00:00
|
|
|
`(("radio" ,home-environment:radio))))
|
2024-06-10 23:24:55 +00:00
|
|
|
|
2024-03-08 14:32:05 +00:00
|
|
|
#|Log services|#
|
|
|
|
(service rottlog-service-type)
|
2024-09-29 02:56:18 +00:00
|
|
|
(service syslog-service-type)
|
2024-03-08 14:32:05 +00:00
|
|
|
(service log-cleanup-service-type
|
|
|
|
(log-cleanup-configuration
|
|
|
|
(directory "/var/log/guix/drvs")
|
2024-09-29 02:57:26 +00:00
|
|
|
(expiry (* 2 30 24 3600))))
|
2024-03-08 14:32:05 +00:00
|
|
|
|
|
|
|
#|IPC services|#
|
|
|
|
(service dbus-root-service-type)
|
|
|
|
|
|
|
|
#|Guix services|#
|
|
|
|
(service guix-service-type
|
|
|
|
(guix-configuration
|
|
|
|
(build-accounts 16)
|
2024-07-09 22:27:37 +00:00
|
|
|
(authorized-keys
|
2024-07-18 02:30:05 +00:00
|
|
|
(cons* substitute-key:genenetwork.pub
|
2024-10-30 11:14:57 +00:00
|
|
|
substitute-key:inria.pub
|
2024-09-26 13:39:45 +00:00
|
|
|
substitute-key:yumiko.pub
|
2024-07-18 02:30:05 +00:00
|
|
|
%default-authorized-guix-keys))
|
2024-03-13 18:51:37 +00:00
|
|
|
(substitute-urls
|
2024-10-30 11:14:57 +00:00
|
|
|
`("https://bordeaux.guix.gnu.org"
|
2024-07-09 22:27:37 +00:00
|
|
|
"https://cuirass.genenetwork.org"
|
2024-10-30 11:14:57 +00:00
|
|
|
"https://ci.guix.gnu.org"
|
|
|
|
"https://guix.bordeaux.inria.fr"))
|
2024-06-09 05:25:14 +00:00
|
|
|
(extra-options
|
|
|
|
`("--max-jobs=8"
|
|
|
|
"--cores=4"
|
|
|
|
"--gc-keep-derivations=yes"
|
|
|
|
"--gc-keep-outputs=yes"))))
|
2024-03-08 14:32:05 +00:00
|
|
|
|
|
|
|
#|Device management services|#
|
|
|
|
(service udev-service-type
|
|
|
|
(udev-configuration
|
2024-09-29 10:47:33 +00:00
|
|
|
(rules (list alsa-utils crda fuse))))
|
2024-03-08 14:32:05 +00:00
|
|
|
|
|
|
|
#|Network services|#
|
|
|
|
(service static-networking-service-type
|
2024-09-29 02:58:18 +00:00
|
|
|
(list %loopback-static-networking))
|
2024-03-08 14:32:05 +00:00
|
|
|
(service ntp-service-type)
|
|
|
|
(service wpa-supplicant-service-type
|
|
|
|
(wpa-supplicant-configuration
|
2024-07-04 00:16:46 +00:00
|
|
|
(config-file "/etc/wpa-supplicant.conf")
|
2024-03-08 14:32:05 +00:00
|
|
|
(interface "wlp2s0")
|
|
|
|
(extra-options `("-B"))))
|
|
|
|
(service dhcp-client-service-type
|
|
|
|
(dhcp-client-configuration
|
|
|
|
(interfaces 'all)))
|
|
|
|
(simple-service 'extra-hosts
|
|
|
|
hosts-service-type
|
|
|
|
(list (host "192.168.100.33" "yumiko.local"
|
|
|
|
`("yumiko" "substitutes.yumiko"))))
|
|
|
|
|
|
|
|
#|Power management services|#
|
|
|
|
(service tlp-service-type
|
|
|
|
(tlp-configuration
|
|
|
|
(cpu-scaling-governor-on-ac `("performance"))
|
|
|
|
(cpu-scaling-governor-on-bat `("powersave"))
|
|
|
|
(cpu-scaling-min-freq-on-ac 1500000)
|
|
|
|
(cpu-scaling-max-freq-on-ac 3500000)
|
|
|
|
(cpu-scaling-min-freq-on-bat 1000000)
|
|
|
|
(cpu-scaling-max-freq-on-bat 3000000)
|
|
|
|
(cpu-min-perf-on-ac 0)
|
|
|
|
(cpu-max-perf-on-ac 100)
|
|
|
|
(cpu-min-perf-on-bat 0)
|
|
|
|
(cpu-max-perf-on-bat 40)
|
|
|
|
(cpu-boost-on-ac? #t)
|
|
|
|
(cpu-boost-on-bat? #f)
|
|
|
|
(nmi-watchdog? #t)
|
|
|
|
(start-charge-thresh-bat0 70)
|
|
|
|
(stop-charge-thresh-bat0 90)))
|
|
|
|
(service thinkfan-service-type
|
|
|
|
(thinkfan-configuration
|
|
|
|
(thinkfan thinkfan-next)
|
|
|
|
(config-file file:thinkfan-config)))
|
|
|
|
|
|
|
|
#|Memory management services|#
|
|
|
|
(service zram-device-service-type
|
|
|
|
(zram-device-configuration
|
2024-11-19 14:51:37 +00:00
|
|
|
(priority 100)
|
2024-11-09 11:54:30 +00:00
|
|
|
(size (* 2 (ram-total)))
|
2024-03-08 14:32:05 +00:00
|
|
|
(compression-algorithm 'lz4)))
|
|
|
|
|
2024-09-22 18:46:29 +00:00
|
|
|
#|Permission services|#
|
|
|
|
(service opendoas-service-type
|
|
|
|
(opendoas-configuration
|
|
|
|
(rules (append rules:general
|
|
|
|
rules:text-editors
|
|
|
|
rules:power-management
|
|
|
|
rules:service-management))))
|
2024-04-26 21:55:38 +00:00
|
|
|
|
2024-03-08 14:32:05 +00:00
|
|
|
#|Special file services|#
|
|
|
|
(service special-files-service-type
|
2024-10-06 12:06:20 +00:00
|
|
|
`(("/bin/sh" ,(file-append bash "/bin/bash"))
|
2024-11-11 15:08:12 +00:00
|
|
|
("/usr/bin/env" ,(file-append coreutils "/bin/env"))
|
|
|
|
("/etc/config.scm" ,buer.scm)))
|
|
|
|
(simple-service 'persistent-files
|
2024-11-03 04:43:37 +00:00
|
|
|
special-files-service-type
|
|
|
|
(map (juxt identity
|
2024-11-19 14:50:20 +00:00
|
|
|
(partial string-append "/gnu/persist"))
|
2024-11-03 04:43:37 +00:00
|
|
|
file-system:persistent-files))
|
2024-03-08 14:32:05 +00:00
|
|
|
|
2024-04-26 21:55:38 +00:00
|
|
|
#|Sysctl services|#
|
2024-03-08 14:32:05 +00:00
|
|
|
(simple-service 'extra-sysctl-settings sysctl-service-type
|
|
|
|
`(("vm.swappiness" . "180")
|
|
|
|
("vm.watermark_boost_factor" . "0")
|
|
|
|
("vm.watermark_scale_factor" . "125")
|
|
|
|
("vm.page-cluster" . "0")))
|
|
|
|
(simple-service 'security-syctl-settings sysctl-service-type
|
|
|
|
(alist-delete "net.core.bpf_jit_harden"
|
|
|
|
%kicksecure-sysctl-rules))
|
|
|
|
|
|
|
|
#|Base services|#
|
|
|
|
(service urandom-seed-service-type)
|
|
|
|
(service nscd-service-type)))))
|
2024-10-29 00:13:05 +00:00
|
|
|
buer
|