| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128 |
- ;; This is an operating system configuration template
- ;; for a "bare bones" setup, with no X11 display server.
- (use-modules (gnu))
- (use-service-modules admin auditd cgit databases desktop guix linux mail
- monitoring nfs networking ssh telephony xorg)
- (use-package-modules screen ssh)
- (define %my-desktop-services
- (modify-services %desktop-services
- (delete bluetooth-service)
- (delete network-manager-service-type)
- (delete gdm-service-type)
- (delete geoclue-service)
- (guix-service-type config =>
- (guix-configuration
- (inherit config)
- (substitute-urls
- (append
- (list
- "https://bordeaux-us-east-mirror.cbaines.net/"
- "https://guix.tobias.gr")
- %default-substitute-urls))
- (authorized-keys
- (append
- (list
- (plain-file
- "bordeaux.guix.gnu.org.signing.key"
- "
- (public-key
- (ecc
- (curve Ed25519)
- (q #7D602902D3A2DBB83F8A0FB98602A754C5493B0B778C8D1DD4E0F41DE14DE34F#)
- )
- )"
- )
- (plain-file
- "guix.tobias.gr.signing.key"
- "
- (public-key
- (ecc
- (curve Ed25519)
- (q #E21911E159DB6D031A763509A255B054360A4A96F5668CBBAC48052E67D274D3#)
- )
- )"
- ))
- %default-authorized-guix-keys))))))
- (operating-system
- (host-name "copertino")
- (timezone "America/Indianapolis")
- (locale "en_US.utf8")
- ;; Boot in "legacy" BIOS mode, assuming /dev/sdX is the
- ;; target hard disk, and "my-root" is the label of the target
- ;; root file system.
- (bootloader (bootloader-configuration
- (bootloader grub-bootloader)
- (targets '("/dev/sda"))))
- (file-systems (cons (file-system
- (device (file-system-label "my-root"))
- (mount-point "/")
- (type "btrfs"))
- %base-file-systems))
- ;; This is where user accounts are specified. The "root"
- ;; account is implicit, and is initially created with the
- ;; empty password.
- (users (cons (user-account
- (name "joshua")
- (comment "Joshua Allen Branson")
- (group "users")
- ;; Adding the account to the "wheel" group
- ;; makes it a sudoer. Adding it to "audio"
- ;; and "video" allows the user to play sound
- ;; and access the webcam.
- (supplementary-groups '("wheel"
- "audio" "video")))
- %base-user-accounts))
- ;; Globally-installed packages.
- (packages (cons screen %base-packages))
- ;; Add services to the baseline: a DHCP client and
- ;; an SSH server.
- (services (append (list (service auditd-service-type)
- (service cgit-service-type
- (cgit-configuration
- (repositories
- (list
- (repository-cgit-configuration
- (name "prog")
- (desc "My various progamming experiments.")
- (path "/home/joshua/prog")
- (url "/prog"))
- ))))
- (service dhcp-client-service-type)
- (service earlyoom-service-type)
- (service guix-build-coordinator-service-type)
- (service openssh-service-type
- (openssh-configuration
- (openssh openssh-sans-x)
- (password-authentication? #f)
- (port-number 2222)))
- (service mumble-server-service-type
- (mumble-server-configuration
- (welcome-text
- "Welcome to this Mumble server running on Guix!")
- (cert-required? #f) ;disallow text password logins
- ;;(ssl-cert "/etc/letsencrypt/live/mumble.example.com/fullchain.pem")
- ;;(ssl-key "/etc/letsencrypt/live/mumble.example.com/privkey.pem")
- ))
- (service nfs-service-type
- (nfs-configuration
- (exports
- '(("/home/joshua/share"
- "*(rw,insecure,no_subtree_check,crossmnt,fsid=0)")))))
- (service opensmtpd-service-type
- (opensmtpd-configuration))
- (service postgresql-service-type)
- (service prometheus-node-exporter-service-type)
- (service rasdaemon-service-type)
- (service unattended-upgrade-service-type)
- (service zram-device-service-type)
- )
- %my-desktop-services)))
|
