@@ 0,0 1,161 @@
+;; -*- mode: scheme; -*-
+;; This is an operating system configuration for a VM image.
+;; Modify it as you see fit and instantiate the changes by running:
+;;
+;; guix system reconfigure /etc/config.scm
+;;
+
+(use-modules (gnu)
+ (guix)
+ (srfi srfi-1)
+ (ice-9 match)
+ (guix channels)
+ (gnu system image))
+(use-service-modules desktop mcron networking spice ssh xorg sddm)
+(use-package-modules bootloaders fonts
+ package-management xdisorg xorg)
+
+(define vm-image-motd (plain-file "motd" "
+\x1b[1;37mThis is the GNU system. Welcome!\x1b[0m
+
+This instance of Guix is a template for virtualized environments.
+You can reconfigure the whole system by adjusting /etc/config.scm
+and running:
+
+ guix system reconfigure /etc/config.scm
+
+Run '\x1b[1;37minfo guix\x1b[0m' to browse documentation.
+
+\x1b[1;33mConsider setting a password for the 'root' and 'guest' \
+accounts.\x1b[0m
+"))
+
+(define (guix-package-commit guix)
+ ;; Extract the commit of the GUIX package.
+ (match (package-source guix)
+ ((? channel? source)
+ (channel-commit source))
+ (_
+ (apply (lambda* (#:key commit #:allow-other-keys) commit)
+ (package-arguments guix)))))
+
+(operating-system
+ (host-name "gnu")
+ (timezone "Etc/UTC")
+ (locale "en_US.utf8")
+ (keyboard-layout (keyboard-layout "us" "altgr-intl"))
+
+ ;; Label for the GRUB boot menu.
+ (label (string-append "GNU Guix "
+ (or (getenv "GUIX_DISPLAYED_VERSION")
+ (package-version guix))))
+
+ (firmware '())
+
+ ;; On AArch64, support SCSI CDROMs and HDs.
+ (initrd-modules (cons* "sd_mod" "sr_mod"
+ %base-initrd-modules))
+
+ (bootloader
+ (bootloader-configuration
+ (bootloader grub-efi-bootloader)
+ (targets '("/boot/efi"))
+ (terminal-outputs '(console))))
+ (file-systems (cons* (file-system
+ (mount-point "/")
+ (device (file-system-label root-label))
+ (type "ext4"))
+ (file-system
+ (mount-point "/boot/efi")
+ (device (file-system-label "GNU-ESP"))
+ (type "vfat"))
+ %base-file-systems))
+
+ (users (cons (user-account
+ (name "guest")
+ (comment "GNU Guix Live")
+ (password "") ;no password
+ (group "users")
+ (supplementary-groups '("wheel" "netdev"
+ "audio" "video")))
+ %base-user-accounts))
+
+ ;; Our /etc/sudoers file. Since 'guest' initially has an empty password,
+ ;; allow for password-less sudo.
+ (sudoers-file (plain-file "sudoers" "\
+root ALL=(ALL) ALL
+%wheel ALL=NOPASSWD: ALL\n"))
+
+ (pam-services
+ ;; Explicitly allow for empty passwords.
+ (base-pam-services #:allow-empty-passwords? #t))
+
+ (packages
+ (append (list font-bitstream-vera
+ ;; Auto-started script providing SPICE dynamic resizing for
+ ;; Xfce (see:
+ ;; https://gitlab.xfce.org/xfce/xfce4-settings/-/issues/142).
+ x-resize)
+ %base-packages))
+
+ (services
+ (append (list (service xfce-desktop-service-type)
+
+ ;; Choose SLiM, which is lighter than the default GDM.
+ (service slim-service-type
+ (slim-configuration
+ (auto-login? #t)
+ (default-user "guest")
+ (xorg-configuration
+ (xorg-configuration
+ ;; The QXL virtual GPU driver is added to provide
+ ;; a better SPICE experience.
+ (modules (cons xf86-video-qxl
+ %default-xorg-modules))
+ (keyboard-layout keyboard-layout)))))
+
+ ;; Uncomment the line below to add an SSH server.
+ ;;(service openssh-service-type)
+
+ ;; Add support for the SPICE protocol, which enables dynamic
+ ;; resizing of the guest screen resolution, clipboard
+ ;; integration with the host, etc.
+ (service spice-vdagent-service-type)
+
+ ;; Use the DHCP client service rather than NetworkManager.
+ (service dhcpcd-service-type))
+
+ ;; Remove some services that don't make sense in a VM.
+ (remove (lambda (service)
+ (let ((type (service-kind service)))
+ (or (memq type
+ (list gdm-service-type
+ sddm-service-type
+ wpa-supplicant-service-type
+ cups-pk-helper-service-type
+ network-manager-service-type
+ modem-manager-service-type))
+ (eq? 'network-manager-applet
+ (service-type-name type)))))
+ (modify-services %desktop-services
+ (login-service-type config =>
+ (login-configuration
+ (inherit config)
+ (motd vm-image-motd)))
+
+ ;; Install and run the current Guix rather than an older
+ ;; snapshot.
+ (guix-service-type config =>
+ (guix-configuration
+ (inherit config)
+ (guix
+ (let ((guix (current-guix)))
+ (package
+ (inherit guix)
+ ;; Do not leak the local checkout URL.
+ (source (channel
+ (inherit %default-guix-channel)
+ (commit (guix-package-commit guix)))))))))))))
+
+ ;; Allow resolution of '.local' host names with mDNS.
+ (name-service-switch %mdns-host-lookup-nss))