summaryrefslogtreecommitdiff
path: root/deployment/system/rakan.scm
diff options
context:
space:
mode:
authorMarek Paśnikowski <marek@marekpasnikowski.pl>2026-04-20 17:11:36 +0200
committerMarek Paśnikowski <marek@marekpasnikowski.pl>2026-04-20 17:22:20 +0200
commitda7ee0fa6680fee7cc1d750252c6bb4ef00595cb (patch)
treead4c47212b0c420f9964104371ab57629ca842a0 /deployment/system/rakan.scm
parent8915d2e55e18e1b15e9bbbbd18ea93459ebb7330 (diff)
move system modules to (deployment system) namespace
Diffstat (limited to 'deployment/system/rakan.scm')
-rw-r--r--deployment/system/rakan.scm247
1 files changed, 247 insertions, 0 deletions
diff --git a/deployment/system/rakan.scm b/deployment/system/rakan.scm
new file mode 100644
index 0000000..9e9d77c
--- /dev/null
+++ b/deployment/system/rakan.scm
@@ -0,0 +1,247 @@
+;;; SPDX-License-Identifier: GPL-3.0-or-later
+;;; SPDX-FileCopyrightText: 2024-2025 Marek Paśnikowski <marek@marekpasnikowski.pl>
+
+(define-module (deployment system rakan)
+ #:use-module (guix gexp)
+ #:use-module ( (deployment keys)
+ #:prefix deployment:keys:)
+ #:use-module ( (deployment services databases)
+ #:prefix deployment:services:databases:)
+ #:use-module ( (deployment services matrix)
+ #:prefix deployment:services:matrix:)
+ #:use-module ( (gnu home)
+ #:prefix gnu:home:)
+ #:use-module ( (gnu home services)
+ #:prefix gnu:home:services:)
+ #:use-module ( (gnu packages mail)
+ #:prefix gnu:packages:mail:)
+ #:use-module ( (gnu services)
+ #:prefix gnu:services:)
+ #:use-module ( (gnu services base)
+ #:prefix gnu:services:base:)
+ #:use-module ( (gnu services guix)
+ #:prefix gnu:services:guix:)
+ #:use-module ( (gnu services samba)
+ #:prefix gnu:services:samba:)
+ #:use-module ( (gnu system)
+ #:prefix gnu:system:)
+ #:use-module ( (gnu system file-systems)
+ #:prefix gnu:system:file-systems:)
+ #:use-module ( (gnu system linux-initrd)
+ #:prefix gnu:system:linux-initrd:)
+ #:use-module ( (gnu system locale)
+ #:prefix gnu:system:locale:)
+ #:use-module ( (gnu system nss)
+ #:prefix gnu:system:nss:)
+ #:use-module ( (gnu system pam)
+ #:prefix gnu:system:pam:)
+ #:use-module ( (gnu system shadow)
+ #:prefix gnu:system:shadow:)
+ #:use-module ( (guix diagnostics)
+ #:prefix guix:diagnostics:)
+ #:use-module ( (nongnu packages linux)
+ #:prefix nongnu:packages:linux:)
+ #:use-module ( (nongnu system linux-initrd)
+ #:prefix nongnu:system:linux-initrd:)
+ #:use-module ( (gnu home-services mail)
+ #:prefix rde/gnu:home-services:mail:)
+ #:use-module ( (sovereign devices)
+ #:prefix sovereign:devices:)
+ #:use-module ( (sovereign devices amd64)
+ #:prefix sovereign:devices:amd64:)
+ #:use-module ( (sovereign packages emacs)
+ #:prefix sovereign:packages:emacs:)
+ #:use-module ( (sovereign packages protonmail)
+ #:prefix sovereign:packages:protonmail:)
+ #:use-module ( (sovereign services)
+ #:prefix sovereign:services:)
+ #:use-module ( (sovereign systems)
+ #:prefix sovereign:systems:)
+ #:use-module ( (users id1000)
+ #:prefix users:id1000:))
+
+(define system-name
+ "rakan")
+
+(define file-system-efi
+ (let*
+ ( (l-system-name (string-upcase system-name))
+ (l-device (sovereign:devices:file-system-label l-system-name)))
+ (gnu:system:file-systems:file-system
+ (inherit sovereign:devices:file-system/efi)
+ (device l-device))))
+
+(define file-system-root
+ (let
+ ( (l-device (sovereign:devices:file-system-label system-name
+ "root")))
+ (gnu:system:file-systems:file-system
+ (inherit sovereign:devices:file-system/root)
+ (device l-device))))
+
+(define swap
+ (let
+ ( (l-target (sovereign:devices:file-system-label system-name
+ "swap")))
+ (gnu:system:file-systems:swap-space
+ (inherit sovereign:devices:swap/no-trim)
+ (target l-target))))
+
+(define guix-offload-authorizations
+ (gnu:services:base:guix-extension
+ (authorized-keys (list deployment:keys:aisaka-guix))))
+
+(define (l2md-maildir name)
+ (string-append "~/Publiczne/l2md/"
+ name))
+
+(define l2md-repo-guile-user
+ (rde/gnu:home-services:mail:l2md-repo
+ (name "guile-user")
+ (urls "https://yhetil.org/guile-user/0")
+ (maildir (l2md-maildir name))
+ (pipe "")
+ (initial-import 0)
+ (sync-enabled? #t)))
+
+(define l2md-repo-guix-devel
+ (rde/gnu:home-services:mail:l2md-repo
+ (name "guix-devel")
+ (urls "https://yhetil.org/guix-devel/0")
+ (maildir (l2md-maildir name))
+ (pipe "")
+ (initial-import 0)
+ (sync-enabled? #t)))
+
+(define l2md-repo-guix-user
+ (rde/gnu:home-services:mail:l2md-repo
+ (name "guix-user")
+ (urls "https://yhetil.org/guix-user/0")
+ (maildir (l2md-maildir name))
+ (pipe "")
+ (initial-import 0)
+ (sync-enabled? #t)))
+
+(define l2md-configuration
+ (rde/gnu:home-services:mail:home-l2md-configuration
+ (l2md gnu:packages:mail:l2md)
+ (autostart? #t)
+ (period 180)
+ (oneshot 0)
+ (maildir "")
+ (pipe "")
+ (base "~/Publiczne/l2md")
+ (repos (list l2md-repo-guile-user
+ l2md-repo-guix-devel
+ l2md-repo-guix-user))))
+
+(define home-l2md
+ (gnu:services:service
+ rde/gnu:home-services:mail:home-l2md-service-type
+ l2md-configuration))
+
+(define samba-configuration
+ (gnu:services:samba:samba-configuration
+ (enable-smbd? #t)
+ (config-file (mixed-text-file "smb.conf"
+ "[global]\n"
+ "map to guest = Bad User\n"
+ "logging = syslog@1\n"
+ "\n"
+ "[public]\n"
+ "browsable = yes\n"
+ "path = /tmp\n"
+ "read only = no\n"
+ "guest ok = yes\n"
+ "guest only = yes\n"))))
+
+(define samba-service
+ (gnu:services:service
+ gnu:services:samba:samba-service-type
+ samba-configuration))
+
+(define named-home-environment-1000
+ (let
+ ( (named-home-environment- users:id1000:named-home-environment))
+ (let
+ ( (home-environment- (car (cdr named-home-environment-)))
+ (name- (car named-home-environment-)))
+ (let*
+ ( (services- (gnu:home:home-environment-user-services home-environment-))
+ (packages- (gnu:home:home-environment-packages home-environment-))
+ (home-environment-* (gnu:home:home-environment
+ (inherit home-environment-)
+ (packages packages-)
+ (services (cons* home-l2md
+ services-)))))
+ (list name-
+ home-environment-*)))))
+
+(define guix-homes
+ (list named-home-environment-1000))
+
+(define guix-home-service
+ (sovereign:systems:guix-home-service guix-homes))
+
+(define offload-auth
+ (gnu:services:simple-service 'offload-authorizations
+ gnu:services:base:guix-service-type
+ guix-offload-authorizations))
+
+(define guix-publish-configuration
+ (gnu:services:base:guix-publish-configuration
+ (host "0.0.0.0")
+ (port 8080)
+ (advertise? #t)))
+
+(define-public guix-publish-service
+ (sovereign:services:guix-publish-service guix-publish-configuration))
+
+(define-public system
+ (gnu:system:operating-system
+ (kernel nongnu:packages:linux:linux)
+ (kernel-loadable-modules (list))
+ (kernel-arguments gnu:system:%default-kernel-arguments)
+ (hurd #f)
+ (bootloader (sovereign:devices:amd64:custom-bootloader-configuration system-name))
+ (label (sovereign:systems:operating-system-label* system-name
+ gnu:system:this-operating-system))
+ (keyboard-layout sovereign:devices:pl-keyboard-layout)
+ (initrd nongnu:system:linux-initrd:microcode-initrd)
+ (initrd-modules (cons* "mei_me"
+ gnu:system:linux-initrd:%base-initrd-modules))
+ (firmware (list nongnu:packages:linux:linux-firmware))
+ (host-name system-name)
+ (hosts-file #f)
+ (mapped-devices (list))
+ (file-systems (cons* file-system-root
+ file-system-efi
+ gnu:system:file-systems:%base-file-systems))
+ (swap-devices (list swap))
+ (users (cons* users:id1000:uid1000-account
+ gnu:system:shadow:%base-user-accounts))
+ (groups gnu:system:shadow:%base-groups)
+ (skeletons (gnu:system:shadow:default-skeletons))
+ (issue (@@ (gnu system) %default-issue))
+ (packages gnu:system:%base-packages)
+ (timezone "Europe/Warsaw")
+ (locale sovereign:systems:pl-locale)
+ (locale-definitions sovereign:systems:%sovereign-locale-definitions)
+ (locale-libcs gnu:system:locale:%default-locale-libcs)
+ (name-service-switch gnu:system:nss:%default-nss)
+ (essential-services (gnu:system:operating-system-default-essential-services gnu:system:this-operating-system))
+ (services (cons* guix-home-service
+ guix-publish-service
+ deployment:services:databases:matrix-postgresql-service
+ deployment:services:matrix:matrix-service-rakan
+ sovereign:packages:protonmail:nogui-profile
+ offload-auth
+ samba-service
+ sovereign:systems:%sovereign-services))
+ (pam-services (gnu:system:pam:base-pam-services))
+ (privileged-programs gnu:system:%default-privileged-programs)
+ (sudoers-file sovereign:systems:%sovereign-sudoers-specification)
+ (location (and=> (current-source-location)
+ guix:diagnostics:source-properties->location))))
+
+(define-public operating-system* system)
generated by cgit v1.3 (git 2.53.0) at 2026-04-21 14:09:59 +0000