1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
;; -*- mode: scheme; -*-
;; This is an operating system configuration template
;; for a "desktop" setup with GNOME and Xfce where the
;; root partition is encrypted with LUKS, and a swap file.
(use-modules
(nongnu packages linux)
(nongnu system linux-initrd)
(gnu)
(gnu system nss)
(guix utils)
(gnu services sound)
(gnu packages vim)
(gnu packages wget)
(gnu packages curl)
(gnu packages bash)
(gnu packages compression))
(use-service-modules desktop sddm xorg base nix pm)
(use-package-modules gnome package-management shells)
(operating-system
(kernel linux)
(initrd microcode-initrd)
(firmware (cons* linux-firmware
%base-firmware))
(host-name "laptop-ruther")
(timezone "Europe/Prague")
(locale "en_US.utf8")
;; Choose US English keyboard layout. The "altgr-intl"
;; variant provides dead keys for accented characters.
(keyboard-layout (keyboard-layout "us" "altgr-intl"))
;; Use the UEFI variant of GRUB with the EFI System
;; Partition mounted on /boot/efi.
(bootloader (bootloader-configuration
(bootloader grub-efi-bootloader)
(targets '("/boot"))
(keyboard-layout keyboard-layout)))
;; Specify a mapped device for the encrypted root partition.
;; The UUID is that returned by 'cryptsetup luksUUID'.
(mapped-devices
(list (mapped-device
(source (uuid "55787ccb-decb-46b6-a190-6597dff68c68"))
(target "cryptedguix")
(type luks-device-mapping))))
(file-systems (append
(list (file-system
(device (file-system-label "guix-root"))
;; (device "/dev/mapper/cryptedguix")
(mount-point "/")
(type "ext4")
(dependencies mapped-devices))
(file-system
(device (file-system-label "BOOT"))
(mount-point "/boot")
(type "vfat")))
%base-file-systems))
;; Specify a swap file for the system, which resides on the
;; root file system.
(swap-devices (list ;; (swap-space
;; (target "/swapfile"))
))
;; Create user `bob' with `alice' as its initial password.
(users (cons (user-account
(name "ruther")
(comment "My main account")
(group "users")
(supplementary-groups '("wheel" "netdev"
"audio" "video"))
(shell (file-append zsh "/bin/zsh")))
%base-user-accounts))
;; Add the `students' group
(groups (cons* ;; (user-group
;; (name "users"))
%base-groups))
;; This is where we specify system-wide packages.
(packages (append (list
;; for user mounts
gvfs
zip unzip
wget curl
vim
nix)
%base-packages))
(services
(append (list (service gnome-desktop-service-type)
(set-xorg-configuration
(xorg-configuration
(keyboard-layout keyboard-layout)))
(service bluetooth-service-type)
(service nix-service-type)
(service power-profiles-daemon-service-type))
(modify-services
%desktop-services
(elogind-service-type config => (elogind-configuration
(handle-lid-switch-external-power 'ignore)))
(pulseaudio-service-type config => (pulseaudio-configuration
(inherit config)
(client-conf
(append
(pulseaudio-configuration-client-conf config)
'((autospawn . no))))))
(guix-service-type config => (guix-configuration
(inherit config)
(substitute-urls
(append (list "https://substitutes.nonguix.org")
%default-substitute-urls))
(authorized-keys
(append (list (local-file "keys/nonguix-signing-key.pub"))
%default-authorized-guix-keys))))))) ;; todo remove gdm
;; Allow resolution of '.local' host names with mDNS.
(name-service-switch %mdns-host-lookup-nss))