#+TITLE: Configuration of the Aisaka computer -*- mode: org -*- #+STARTUP: content * TODO LIBREBOOT The first layer of computing is the firmware. The Lenovo Thinkpad X200 has a free Libreboot firmware installed. It is a good idea to keep it up to date. ** TODO Flashrom Flashrom program is needed to write the computer firmware. The program needs a relaxed kernel security feature. #+name: flashrom-tangle #+begin_src scheme :tangle services/flashrom.scm :noweb yes (define-module (flashrom) #:use-module (gnu) #:use-module (gnu home) #:use-module (gnu home services) #:use-module (gnu home services shells)) <> #+end_src *** TODO Flashrom Package This service installs flashrom. #+name: flashrom-package #+begin_src scheme (define-public flashrom-service-type (service-type (name 'flashrom) (extensions `(,(service-extension home-profile-service-type (lambda (_) (map specification->package '("flashrom")))))) (description "Flashrom installation.") (default-value #f))) #+end_src * TODO System Servers ** TODO Secure Shell #+name: ssh-server #+begin_src scheme :tangle services/ssh-server.scm :noweb yes (define-module (ssh-server) #:use-module (gnu) #:use-module (gnu home) #:use-module (gnu home services) #:use-module (gnu services ssh)) <> <> #+end_src *** TODO SSH Installation #+name: ssh-service #+begin_src scheme (define-public ssh-service (service openssh-service-type)) #+end_src *** TODO SSH Configuration #+name: ssh-configuration #+begin_src scheme (define-public ssh-configuration (simple-service 'ssh-configuration* home-files-service-type `((".ssh/config" ,(local-file "../ssh.config"))))) #+end_src * TODO Desktop Environment Sway is the currently chosen operating environment. ** TODO Sway Window Manager The Sway Window Manager consists of Sway packages and relevant configurations. #+name: sway #+begin_src scheme :tangle services/sway.scm :noweb yes (add-to-load-path "./services") (define-module (sway) #:use-module (gnu) #:use-module (gnu home) #:use-module (gnu home services) #:use-module (gnu home services shells)) <> <> #+end_src *** TODO Sway Installation #+name: sway-packages #+begin_src scheme (define-public sway-service-type (service-type (name 'sway) (extensions `(,(service-extension home-profile-service-type (lambda (_) (map specification->package '("sway" "waybar")))))) (description "Sway Window Manager installation.") (default-value #f))) #+end_src *** TODO Sway configuration #+name: sway-configuration #+begin_src scheme (define-public sway-configuration (simple-service 'configuration-files home-files-service-type `((".config/sway/config" ,(local-file "../sway.config")) (".config/waybar/config" ,(local-file "../waybar.config"))))) #+end_src * imported configuration dump ** TODO System configuration #+name: system-dump #+begin_src scheme :tangle system-configuration.scm (add-to-load-path "./services") (define-module (aisaka-system-configuration) #:use-module (gnu) #:use-module (gnu packages cups) #:use-module (gnu packages finance) #:use-module (gnu services cups) #:use-module (gnu services configuration) #:use-module (gnu services desktop) #:use-module (gnu services networking) #:use-module (gnu services ssh) #:use-module (gnu services xorg) #:use-module (ssh-server)) (define keyboard-layout (keyboard-layout "pl")) (define mapped-devices `(,(mapped-device (source (uuid "887ac37f-2919-41a0-a62a-e1ff5ea2d6cc")) (target "aisaka-root") (type luks-device-mapping)))) (operating-system (locale "pl_PL.utf8") (timezone "Europe/Warsaw") (keyboard-layout keyboard-layout) (host-name "aisaka") (users (cons* (user-account (name "marek") (comment "Marek Paśnikowski") (group "users") (home-directory "/home/marek") (supplementary-groups '("audio" "netdev" "tor" "video" "wheel"))) %base-user-accounts)) (packages (append (map (compose list specification->package+output) '("netcat-openbsd" "nss-certs" "trezord" "trezord-udev-rules")) %base-packages)) (services (cons* ssh-service (service cups-service-type (cups-configuration (extensions `(,cups-filters ,epson-inkjet-printer-escpr)) (web-interface? #t))) (service tor-service-type (tor-configuration (config-file (local-file "torrc")) (control-socket? #t))) (udev-rules-service 'trezord trezord-udev-rules) (modify-services %desktop-services (elogind-service-type configuration => (elogind-configuration (inherit configuration) (handle-lid-switch 'ignore))) (delete gdm-service-type)))) (bootloader (bootloader-configuration (bootloader grub-bootloader) (targets '("/dev/sda")) (keyboard-layout keyboard-layout))) (swap-devices `(,(swap-space (target (uuid "73bed3f9-be07-40ad-a228-577cd24f2e1d"))))) (mapped-devices mapped-devices) (file-systems (cons* (file-system (mount-point "/") (device "/dev/mapper/aisaka-root") (type "btrfs") (dependencies mapped-devices)) (file-system (mount-point "/boot") (device (uuid "4f77b5fc-56ad-43ae-b6ec-e5adc8c48587")) (type "ext4")) %base-file-systems))) #+end_src ** TODO Home configuration #+name: home-dump #+begin_src scheme :tangle home-configuration.scm (add-to-load-path "./services") (define-module (aisaka-home-configuration) #:use-module (flashrom) #:use-module (gnu home) #:use-module (gnu home services) #:use-module (gnu home services shells) #:use-module (gnu packages) #:use-module (gnu services) #:use-module (guix gexp) #:use-module (ssh-server) #:use-module (sway)) (define allow-downgrades "--allow-downgrades ") (define config-prefix "/home/marek/src/guix-config/") (define pull-guix "guix pull ") (define pull-guix- (string-append pull-guix allow-downgrades "--disable-authentication ")) (define guix-home "guix home reconfigure ") (define home-configuration "home-configuration.scm ") (define reconfigure-home (string-append guix-home config-prefix home-configuration)) (define reconfigure-home- (string-append reconfigure-home allow-downgrades)) (define guix-system "sudo guix system reconfigure ") (define system-configuration "system-configuration.scm ") (define reconfigure-system (string-append guix-system config-prefix system-configuration)) (define reconfigure-system- (string-append reconfigure-system allow-downgrades)) (define and "&& ") (define system-update (string-append pull-guix and reconfigure-system and reconfigure-home)) (define system-update- (string-append pull-guix- and reconfigure-system- and reconfigure-home-)) (home-environment (packages (map (compose list specification->package+output) '("adwaita-icon-theme" "alacritty" "clamav" "cpupower" "dconf-editor" "dmenu" "emacs" "emacs-aggressive-indent" "emacs-eldoc" "emacs-geiser" "emacs-geiser-guile" "emacs-nov-el" "emacs-org-auto-tangle" "emacs-org-contacts" "emacs-org-contrib" "font-google-noto" "git" "git-lfs" "gnome-tweaks" "gnupg" "guile" "guile-spec" "hicolor-icon-theme" "icecat" "jami" "libadwaita" "libreoffice" "newsboat" "nm-tray" "pwgen" "seahorse" "sicp" "strace" "trezor-agent" "unzip" "zip"))) (services `(,ssh-configuration ,sway-configuration ,(service flashrom-service-type) ,(service home-bash-service-type (home-bash-configuration (environment-variables '(("EDITOR" . "emacs -nw") ("LIBGL_ALWAYS_SOFTWARE" . "1") ("NVM_DIR" . "$HOME/src/nvm") ("GUILE_AUTO_COMPILE" . "0"))) (aliases `(("grep" . "grep --color=auto ") ("ll" . "ls -l ") ("ls" . "ls -p --color=auto ") ("pull-guix" . ,pull-guix) ("pull-guix-" . ,pull-guix-) ("reconfigure-home" . ,reconfigure-home) ("reconfigure-home-" . ,reconfigure-home-) ("reconfigure-system" . ,reconfigure-system) ("reconfigure-system-" . ,reconfigure-system-) ("system-update" . ,system-update) ("system-update-" . ,system-update-))) (bash-profile `(,(local-file "bash_profile"))) (bashrc `(,(local-file "bashrc"))))) ,(service sway-service-type) ,(simple-service 'configuration-files home-files-service-type `((".config/git/config" ,(local-file "git.config")) (".config/guix/shell-authorized-directories" ,(local-file "guix-shell-authorized-directories")) (".emacs" ,(local-file "emacs.el"))))))) #+end_src