config.scm 5.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128
  1. ;; This is an operating system configuration template
  2. ;; for a "bare bones" setup, with no X11 display server.
  3. (use-modules (gnu))
  4. (use-service-modules admin auditd cgit databases desktop guix linux mail
  5. monitoring nfs networking ssh telephony xorg)
  6. (use-package-modules screen ssh)
  7. (define %my-desktop-services
  8. (modify-services %desktop-services
  9. (delete bluetooth-service)
  10. (delete network-manager-service-type)
  11. (delete gdm-service-type)
  12. (delete geoclue-service)
  13. (guix-service-type config =>
  14. (guix-configuration
  15. (inherit config)
  16. (substitute-urls
  17. (append
  18. (list
  19. "https://bordeaux-us-east-mirror.cbaines.net/"
  20. "https://guix.tobias.gr")
  21. %default-substitute-urls))
  22. (authorized-keys
  23. (append
  24. (list
  25. (plain-file
  26. "bordeaux.guix.gnu.org.signing.key"
  27. "
  28. (public-key
  29. (ecc
  30. (curve Ed25519)
  31. (q #7D602902D3A2DBB83F8A0FB98602A754C5493B0B778C8D1DD4E0F41DE14DE34F#)
  32. )
  33. )"
  34. )
  35. (plain-file
  36. "guix.tobias.gr.signing.key"
  37. "
  38. (public-key
  39. (ecc
  40. (curve Ed25519)
  41. (q #E21911E159DB6D031A763509A255B054360A4A96F5668CBBAC48052E67D274D3#)
  42. )
  43. )"
  44. ))
  45. %default-authorized-guix-keys))))))
  46. (operating-system
  47. (host-name "copertino")
  48. (timezone "America/Indianapolis")
  49. (locale "en_US.utf8")
  50. ;; Boot in "legacy" BIOS mode, assuming /dev/sdX is the
  51. ;; target hard disk, and "my-root" is the label of the target
  52. ;; root file system.
  53. (bootloader (bootloader-configuration
  54. (bootloader grub-bootloader)
  55. (targets '("/dev/sda"))))
  56. (file-systems (cons (file-system
  57. (device (file-system-label "my-root"))
  58. (mount-point "/")
  59. (type "btrfs"))
  60. %base-file-systems))
  61. ;; This is where user accounts are specified. The "root"
  62. ;; account is implicit, and is initially created with the
  63. ;; empty password.
  64. (users (cons (user-account
  65. (name "joshua")
  66. (comment "Joshua Allen Branson")
  67. (group "users")
  68. ;; Adding the account to the "wheel" group
  69. ;; makes it a sudoer. Adding it to "audio"
  70. ;; and "video" allows the user to play sound
  71. ;; and access the webcam.
  72. (supplementary-groups '("wheel"
  73. "audio" "video")))
  74. %base-user-accounts))
  75. ;; Globally-installed packages.
  76. (packages (cons screen %base-packages))
  77. ;; Add services to the baseline: a DHCP client and
  78. ;; an SSH server.
  79. (services (append (list (service auditd-service-type)
  80. (service cgit-service-type
  81. (cgit-configuration
  82. (repositories
  83. (list
  84. (repository-cgit-configuration
  85. (name "prog")
  86. (desc "My various progamming experiments.")
  87. (path "/home/joshua/prog")
  88. (url "/prog"))
  89. ))))
  90. (service dhcp-client-service-type)
  91. (service earlyoom-service-type)
  92. (service guix-build-coordinator-service-type)
  93. (service openssh-service-type
  94. (openssh-configuration
  95. (openssh openssh-sans-x)
  96. (password-authentication? #f)
  97. (port-number 2222)))
  98. (service mumble-server-service-type
  99. (mumble-server-configuration
  100. (welcome-text
  101. "Welcome to this Mumble server running on Guix!")
  102. (cert-required? #f) ;disallow text password logins
  103. ;;(ssl-cert "/etc/letsencrypt/live/mumble.example.com/fullchain.pem")
  104. ;;(ssl-key "/etc/letsencrypt/live/mumble.example.com/privkey.pem")
  105. ))
  106. (service nfs-service-type
  107. (nfs-configuration
  108. (exports
  109. '(("/home/joshua/share"
  110. "*(rw,insecure,no_subtree_check,crossmnt,fsid=0)")))))
  111. (service opensmtpd-service-type
  112. (opensmtpd-configuration))
  113. (service postgresql-service-type)
  114. (service prometheus-node-exporter-service-type)
  115. (service rasdaemon-service-type)
  116. (service unattended-upgrade-service-type)
  117. (service zram-device-service-type)
  118. )
  119. %my-desktop-services)))