diff options
25 files changed, 910 insertions, 1857 deletions
diff --git a/.guix-channel b/.guix-channel index bae567a..5d8f716 100644 --- a/.guix-channel +++ b/.guix-channel @@ -1,19 +1,27 @@ (channel - (version 0) - (dependencies - (channel - (introduction - (channel-introduction - (version 0) - (commit "897c1a470da759236cc11798f4e0a5f7d4d59fbc") - (signer "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5"))) - (name nonguix) - (url "https://gitlab.com/nonguix/nonguix")) - (channel - (introduction - (channel-introduction - (version 0) - (commit "7d17bded11ef1239592e6e5abd40ceee1e99cbb8") - (signer "590E 500F E39D 26B3 E60B 743B 6D81 B120 7711 899F"))) - (name distribution) - (url "https://git.marekpasnikowski.pl/git/distribution.git")))) + (version 0) + (dependencies + (channel + (introduction + (channel-introduction + (version 0) + (commit "897c1a470da759236cc11798f4e0a5f7d4d59fbc") + (signer "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5"))) + (name nonguix) + (url "https://gitlab.com/nonguix/nonguix")) + (channel + (introduction + (channel-introduction + (version 0) + (commit "44a44b4c3c645a878ab8920bf0d250541bf59af0") + (signer "590E 500F E39D 26B3 E60B 743B 6D81 B120 7711 899F"))) + (name sovereign) + (url "https://git.marekpasnikowski.pl/git/sovereign.git")) + (channel + (introduction + (channel-introduction + (version 0) + (commit "7d17bded11ef1239592e6e5abd40ceee1e99cbb8") + (signer "590E 500F E39D 26B3 E60B 743B 6D81 B120 7711 899F"))) + (name distribution) + (url "https://git.marekpasnikowski.pl/git/distribution.git")))) diff --git a/deployment/systems/aisaka.scm b/deployment/systems/aisaka.scm new file mode 100644 index 0000000..c5c687c --- /dev/null +++ b/deployment/systems/aisaka.scm @@ -0,0 +1,431 @@ +;;; SPDX-License-Identifier: GPL-3.0-or-later +;;; SPDX-FileCopyrightText: 2024-2025 Marek Paśnikowski <marek@marekpasnikowski.pl> + +(define-module (deployment systems aisaka) + #:use-module ((gnu bootloader) #:prefix gnu:bootloader:) + #:use-module ((gnu bootloader grub) #:prefix gnu:bootloader:grub:) + #:use-module ((gnu packages tls) #:prefix gnu:packages:tls:) + #:use-module ((gnu services) #:prefix gnu:services:) + #:use-module ((gnu services dns) #:prefix gnu:services:dns:) + #:use-module ((gnu services version-control) #:prefix gnu:services:version-control:) + #:use-module ((gnu services web) #:prefix gnu:services:web:) + #:use-module ((gnu system) #:prefix gnu:system:) + #:use-module ((gnu system file-systems) #:prefix gnu:system:file-systems:) + #:use-module ((gnu system shadow) #:prefix gnu:system:shadow:) + #:use-module ((nongnu packages linux) #:prefix nongnu:packages:linux:) + #:use-module ((nongnu system linux-initrd) #:prefix nongnu:system:linux-initrd:) + #:use-module ((sovereign devices) #:prefix sovereign:devices:) + #:use-module ((sovereign devices amd64) #:prefix sovereign:devices:amd64:) + #:use-module ((sovereign packages jekyll) #:prefix sovereign:packages:jekyll:) + #:use-module ((sovereign systems) #:prefix sovereign:systems:) + #:use-module ((suweren home) #:prefix suweren:home:) + #:use-module ((suweren system) #:prefix suweren:system:) + #:use-module ((suweren update) #:prefix suweren:update:) + #:use-module ((users id1000) #:prefix users:id1000:) + #:use-module ((users vmail) #:prefix users:vmail:)) + +(gnu:services:dns:define-zone-entries marekpasnikowski.pl.zone + ("@" "3600" "IN" "A" "81.190.248.246") + ("@" "3600" "IN" "NS" "ns.marekpasnikowski.pl.") + ("ns" "3600" "IN" "A" "81.190.248.246") + ("@" "3600" "IN" "NS" "ns1.marekpasnikowski.pl.") + ("ns1" "3600" "IN" "A" "81.190.248.246") + ("@" "3600" "IN" "MX" "10 mx1.forwardemail.net.") + ("@" "3600" "IN" "MX" "10 mx2.forwardemail.net.") + ("@" "3600" "IN" "TXT" "\"forward-email-port=49152\"") + ("@" "3600" "IN" "TXT" "\"forward-email=marekpasnikowski.pl\"") + ("@" "3600" "IN" "TXT" "\"v=spf1 ip4:81.190.248.246 -all\"") + ("_caldavs._tcp" "3600" "IN" "SRV" "10 0 443 radicale.marekpasnikowski.pl") + ("_carddavs._tcp" "3600" "IN" "SRV" "10 0 443 radicale.marekpasnikowski.pl") + ("_dmarc" "3600" "IN" "TXT" "\"v=DMARC1; p=reject; sp=reject; pct=100; aspf=s; adkim=s; fo=1; rua=mailto:abuse@marekpasnikowski.pl; ruf=mailto:abuse@marekpasnikowski.pl\"") + ("dkim._domainkey" "3600" "IN" "TXT" "\"v=DKIM1; d=marekpasnikowski.pl; t=s; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/b/WV5EUxqAhBgJ4v5K3sP8QI+IwziRJ/F9SDO3p3QOMjZd9AGVt2/AztZ4EmcOJnTlbQnLE/DKCOq4HAdxSZjIqj5AXyMddvWiO78+ugdame/flV0tjdDGNflx65Twap3qgJ9jzhvJfZ1BDuh2WC06fn2pyFl1TCETEGp6ZDkI41FW5GH8l9Jk7hhCmr+Mau0EpE7V42lBdireItOA1e7jQcub50584QATme4rYxA7WR4AeIsknOkUo4q8vkVrssoP11nSg/sNM9RGn1QDfVMJRX0twtgGnJ8N5QE4Ia9DvXL4Y0PNMC0/frp13pB6m1VQP/Z4jfDy+TQzEdSRaQIDAQAB\"") + ("git" "3600" "IN" "A" "81.190.248.246") + ("radicale" "3600" "IN" "A" "81.190.248.246") + ("test" "3600" "IN" "A" "81.190.248.246") + ("www" "3600" "IN" "A" "81.190.248.246") + ("schron" "3600" "IN" "A" "81.190.248.246")) + +(define master-zone + (gnu:services:dns:knot-zone-configuration + (domain "marekpasnikowski.pl") + (zone + (gnu:services:dns:zone-file + (entries marekpasnikowski.pl.zone) + (origin "marekpasnikowski.pl") + (ns "ns.marekpasnikowski.pl.") + (mail "marek.marekpasnikowski.pl.") + (serial 2025061000))))) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(define radicale-keys "/secrets/radicale/keys") +(define dovecot-keys "/secrets/dovecot") + +(define (nginx-accounts) + (use-modules (gnu packages) + (guix gexp)) + (list ((@ (gnu system accounts) user-group) + (name "nginx") + (system? #t)) + ((@ (gnu system accounts) user-account) + (name "nginx") + (group "nginx") + (supplementary-groups '("git")) + (system? #t) + (comment "nginx server user") + (home-directory "/var/empty") + (shell (file-append (specification->package "shadow") + "/sbin/nologin"))))) + +(define (nginx-service-type*) + (use-modules (gnu services) + (gnu services web) + (gnu system shadow)) + ((@ (gnu services) service-type) + (inherit nginx-service-type) + (extensions (map (lambda (extension) + (if (eq? ((@ (gnu services) service-extension-target) + extension) + account-service-type) + ((@ (gnu services) service-extension) + account-service-type + (const (nginx-accounts))) + extension)) + ((@ (gnu services) service-type-extensions) + nginx-service-type))))) + +(define nginx-service-type* + (nginx-service-type*)) + +(define system-name + "aisaka") + +;;;??????????????????????????????????????????????????????????????????? + +(define (certbot) + (use-modules (gnu services certbot)) + ((@ (gnu services) service) + ((@ (gnu services) service-type) + (inherit certbot-service-type) + (extensions (map (lambda (extension) + (if (eq? ((@ (gnu services) service-extension-target) + extension) + nginx-service-type) + ((@ (gnu services) service-extension) + nginx-service-type* + (@@ (gnu services certbot) + certbot-nginx-server-configurations)) + extension)) + ((@ (gnu services) service-type-extensions) + certbot-service-type)))) + ((@ (gnu services certbot) certbot-configuration) + (certificates + (list + ((@ (gnu services certbot) certificate-configuration) + (deploy-hook + (program-file + "nginx-deploy-hook" + ((@ (guix gexp) gexp) + (let + ((pid (call-with-input-file "/var/run/nginx/pid" read))) + (kill pid SIGHUP))))) + (domains + (list + "marekpasnikowski.pl" + "git.marekpasnikowski.pl" + "radicale.marekpasnikowski.pl" + "schron.marekpasnikowski.pl" + "test.marekpasnikowski.pl" + "www.marekpasnikowski.pl"))))) + (email "marek@marekpasnikowski.pl") + (webroot "/srv/www/marek/marekpasnikowski.pl")))) + +(define (cgit-izumi) + (use-modules (gnu packages version-control) + (gnu services cgit) + (gnu services version-control)) + ((@ (gnu services) service) + ((@ (gnu services) service-type) + (inherit cgit-service-type) + (extensions (map (lambda (extension) + (if (eq? ((@ (gnu services) service-extension-target) + extension) + nginx-service-type) + ((@ (gnu services) service-extension) + nginx-service-type* + cgit-configuration-nginx-config) + extension)) + ((@ (gnu services) service-type-extensions) + cgit-service-type)))) + ((@ (gnu services cgit) cgit-configuration) + (nginx + (list + ((@ (gnu services web) nginx-server-configuration) + (locations + (list + (git-http-nginx-location-configuration + ((@ (gnu services version-control) git-http-configuration) + (git-root "/var/lib/gitolite/repositories") + (uri-path "/git"))) + ((@ (gnu services web) nginx-location-configuration) + (body + (list + "fastcgi_param HTTP_HOST $server_name ;" + "fastcgi_param PATH_INFO $uri ;" + "fastcgi_param QUERY_STRING $args ;" + "fastcgi_param SCRIPT_FILENAME $document_root/lib/cgit/cgit.cgi ;" + "fastcgi_pass 127.0.0.1:9000 ;")) + (uri "@cgit")) + ((@ (gnu services web) nginx-location-configuration) + (body (list "root /srv/www/marek/marekpasnikowski.pl/ ;")) + (uri "/.well-known")))) + (listen (list "192.168.10.2:443 ssl")) + (root cgit) + (server-name (list "git.marekpasnikowski.pl")) + (ssl-certificate + "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem") + (ssl-certificate-key + "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem") + (try-files (list "$uri" "@cgit"))))) + (repositories + (list + ((@ (gnu services cgit) repository-cgit-configuration) + (hide? #t) + (path "/srv/git/marek/packages")))) + (project-list (list "deployment.git" + "distribution.git" + "nonguix.git" + "sovereign.git")) + (repository-directory "/var/lib/gitolite/repositories")))) + +(define (etc-mailname) + (gnu:services:simple-service 'etc-files + etc-service-type + (list `("mailname" ,(plain-file "mailname" + "marekpasnikowski.pl\n"))))) + +(define (fcgiwrap) + ((@ (gnu services) service) + fcgiwrap-service-type + ((@ (gnu services web) fcgiwrap-configuration) + (user "git") + (group "git")))) + +(define file-system-efi + (gnu:system:file-systems:file-system + (device (gnu:system:file-systems:file-system-label "AISAKA")) + (mount-point "/boot") + (type "vfat") + (flags (list)) + (options #f) + (mount? #t) + (mount-may-fail? #t) + (needed-for-boot? #f) + (check? #t) + (skip-check-if-clean? #f) + (repair 'preen) + (create-mount-point? #f) + (dependencies (list)) + (shepherd-requirements (list)) + (location (current-source-location)))) + +(define file-system-root + (gnu:system:file-systems:file-system + (device (gnu:system:file-systems:file-system-label "aisaka-root")) + (mount-point "/") + (type "ext4") + (flags (list)) + (options #f) + (mount? #t) + (mount-may-fail? #f) + (needed-for-boot? #t) + (check? #t) + (skip-check-if-clean? #f) + (repair 'preen) + (create-mount-point? #f) + (dependencies (list)) + (shepherd-requirements (list)) + (location (current-source-location)))) + +(define (gitolite) + ((@ (gnu services) service) + gnu:services:version-control:gitolite-service-type + ((@ (gnu services version-control) gitolite-configuration) + (rc-file ((@ (gnu services version-control) gitolite-rc-file) + (umask #o0027))) + (admin-pubkey (plain-file "gitolite-admin.pub" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4THTYnHCc/ihCJNKJtGTNu1zCnLndbMHnxnrxzJk+N marek@izumi\n"))))) + +(define system-keyboard-layout + ((@ (gnu system keyboard) keyboard-layout) + "pl")) + +(define (nginx-izumi) + ((@ (gnu services) service) + nginx-service-type* + ((@ (gnu services web) nginx-configuration) + (shepherd-requirement (list 'networking)) + (server-blocks + (list + ;; Portal + ((@ (gnu services web) nginx-server-configuration) + (locations + (list + ((@ (gnu services web) nginx-location-configuration) + (uri "/.well-known" ) + (body + (list "root /srv/www/marek/marekpasnikowski.pl ;"))))) + (listen (list "192.168.10.2:443 ssl")) + (root "/home/marek/Publiczne/www") + (server-name (list "marekpasnikowski.pl")) + (ssl-certificate + "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem") + (ssl-certificate-key + "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem")) + ;; WWW + (gnu:services:web:nginx-server-configuration + (listen (list "192.168.10.2:443 ssl")) + (root "/home/marek/Publiczne/www") + (server-name (list "www.marekpasnikowski.pl"))) + ;; Test + (gnu:services:web:nginx-server-configuration + (locations (list (gnu:services:web:nginx-location-configuration + (body (list "proxy_set_header Host $host;" + "proxy_set_header X-Real-IP $remote_addr;" + "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;" + "proxy_set_header X-Forwarded-Proto $scheme;" + "if ($ssl_client_verify != SUCCESS) {return 403;}")) + (uri "/")))) + (listen (list "192.168.10.2:443 ssl")) + (root "/home/marek/Publiczne/schron") + (server-name (list "test.marekpasnikowski.pl")) + (ssl-certificate "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem") + (ssl-certificate-key "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem") + (raw-content (list "ssl_client_certificate /secrets/ca/intermediate/certs/ca-chain.cert.pem;" + "ssl_verify_client on;"))) + ;; Schron + (gnu:services:web:nginx-server-configuration + (locations (list (gnu:services:web:nginx-location-configuration + (body (list "proxy_set_header Host $host;" + "proxy_set_header X-Real-IP $remote_addr;" + "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;" + "proxy_set_header X-Forwarded-Proto $scheme;" + "if ($ssl_client_verify != SUCCESS) {return 403;}")) + (uri "/")))) + (listen (list "192.168.10.2:443 ssl")) + (root "/home/marek/Publiczne/schron") + (server-name (list "schron.marekpasnikowski.pl")) + (ssl-certificate "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem") + (ssl-certificate-key "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem") + (raw-content (list "ssl_client_certificate /secrets/ca/intermediate/certs/ca-chain.cert.pem;" + "ssl_verify_client on;"))) + ;; Radicale + ((@ (gnu services web) nginx-server-configuration) + (locations + (list + ((@ (gnu services web) nginx-location-configuration) + (body + (list + "proxy_pass http://localhost:5232/ ;" + "proxy_set_header X-Script-Name \"\" ;" + "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;" + "proxy_set_header Host $http_host ;" + "proxy_pass_header Authorization ;")) + (uri "/")) + ((@ (gnu services web) nginx-location-configuration) + (body + (list "root /srv/www/marek/marekpasnikowski.pl ;")) + (uri "/.well-known")))) + (listen (list "192.168.10.2:443 ssl")) + (server-name (list "radicale.marekpasnikowski.pl")))))))) + +(define (openssh) + (use-modules (gnu services ssh)) + ((@ (gnu services) service) + openssh-service-type)) + +(define (radicale) + (use-modules (gnu services mail)) + ((@ (gnu services) service) + radicale-service-type + ((@ (gnu services mail) radicale-configuration) + (auth ((@ (gnu services mail) radicale-auth-configuration) + (type 'htpasswd) + (htpasswd-filename radicale-keys) + (htpasswd-encryption 'plain))) + (storage ((@ (gnu services mail) radicale-storage-configuration) + (filesystem-folder "/data/radicale/collections")))))) + +(define swap-device-izumi-1-label + ((@ (gnu system file-systems) file-system-label) + "izumi-swap-f")) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(define system-bootloader + (gnu:bootloader:bootloader-configuration + (bootloader gnu:bootloader:grub:grub-efi-bootloader) + (targets (list "/boot")) + (keyboard-layout sovereign:devices:pl-keyboard-layout))) + +(define system-file-systems + (list file-system-root + file-system-efi)) + +(define system-groups + (list ((@ (gnu system accounts) user-group) + (name "vmail") + (system? #t)))) + +(define system-services + (list users:id1000:dkim-service + users:id1000:dovecot-service + users:id1000:smtp-service + (gnu:services:service gnu:services:dns:knot-service-type + (gnu:services:dns:knot-configuration + (listen-v4 "192.168.10.2") + (zones (list master-zone)))) + (certbot) + (cgit-izumi) + (etc-mailname) + (fcgiwrap) + (gitolite) + (sovereign:systems:guix-home-service (list users:id1000:name/home-environment)) + (nginx-izumi) + (openssh) + (radicale))) + +(define system-users + (list users:id1000:uid1000-account + users:vmail:vmail-account)) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(define-public system + (gnu:system:operating-system + (bootloader system-bootloader) + (label (sovereign:systems:operating-system-label* system-name + (gnu:system:operating-system-default-label gnu:system:this-operating-system))) + (kernel nongnu:packages:linux:linux) + (keyboard-layout system-keyboard-layout) + (initrd nongnu:system:linux-initrd:microcode-initrd) + (firmware (list nongnu:packages:linux:linux-firmware)) + (host-name system-name) + (file-systems (append system-file-systems + gnu:system:file-systems:%base-file-systems)) + (users (append system-users + gnu:system:shadow:%base-user-accounts)) + (groups (append system-groups + gnu:system:shadow:%base-groups)) + (packages (append gnu:system:%base-packages + (list sovereign:packages:jekyll:custom-jekyll + gnu:packages:tls:openssl))) + (timezone "Europe/Warsaw") + (locale sovereign:systems:pl-locale) + (locale-definitions sovereign:systems:%sovereign-locale-definitions) + (services (append system-services + sovereign:systems:%sovereign-services)) + (sudoers-file sovereign:systems:%sovereign-sudoers-specification))) + +(define-public operating-system* + system) diff --git a/deployment/systems/akashi.scm b/deployment/systems/akashi.scm new file mode 100644 index 0000000..dc0545f --- /dev/null +++ b/deployment/systems/akashi.scm @@ -0,0 +1,66 @@ +;;; SPDX-License-Identifier: GPL-3.0-or-later +;;; SPDX-FileCopyrightText: 2024-2025 Marek Paśnikowski <marek@marekpasnikowski.pl> + +(define-module (deployment systems akashi) + #:use-module ((gnu packages linux) #:prefix gnu:packages:linux:) + #:use-module ((gnu services guix) #:prefix gnu:services:guix:) + #:use-module ((gnu system) #:prefix gnu:system:) + #:use-module ((machines thinkpad-x200) #:prefix machines:thinkpad-x200:) + #:use-module ((sovereign systems) #:prefix sovereign:systems:) + #:use-module (users id1000)) + +(define root-partition + ((@ (gnu system file-systems) file-system) + (mount-point "/") + (device ((@ (gnu system file-systems) file-system-label) "akashi-root")) + (type "ext4"))) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(define host-name* + "akashi") + +(define (file-systems) + (use-modules (suweren system)) + (append %suweren-file-systems + (list root-partition))) + +(define keyboard-layout* + ((@ (gnu system keyboard) keyboard-layout) + "pl")) + +(define (services) + (use-modules (suweren system)) + (let* ((home-environments `((,uid1000-name ,uid1000-home-environment))) + (guix-home ((@ (gnu services) service) + gnu:services:guix:guix-home-service-type + home-environments))) + (append sovereign:systems:%sovereign-services + (list guix-home + ((@ (gnu services base) udev-rules-service) + 'adb-udev + (@ (gnu packages android) android-udev-rules)))))) + +(define users + (list uid1000-account)) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(define-public operating-system* + (let* ((patter-placeholder #f) + (timezone* "Europe/Warsaw")) + (gnu:system:operating-system + (kernel gnu:packages:linux:linux-libre) + (bootloader (machines:thinkpad-x200:bootloader-configuration* keyboard-layout*)) + (label (sovereign:systems:operating-system-label* host-name* + (gnu:system:operating-system-default-label gnu:system:this-operating-system))) + (keyboard-layout keyboard-layout*) + (host-name host-name*) + (file-systems (file-systems)) + (swap-devices (machines:thinkpad-x200:swap-devices* host-name*)) + (users users) + (timezone timezone*) + (locale polish-locale-string) + (locale-definitions %suweren-locale-definitions) + (services (services)) + (sudoers-file sovereign:systems:%sovereign-sudoers-specification)))) diff --git a/deployment/systems/ayase.scm b/deployment/systems/ayase.scm new file mode 100644 index 0000000..9606c7b --- /dev/null +++ b/deployment/systems/ayase.scm @@ -0,0 +1,139 @@ +;;; SPDX-License-Identifier: GPL-3.0-or-later +;;; SPDX-FileCopyrightText: 2024-2025 Marek Paśnikowski <marek@marekpasnikowski.pl> + +(define-module (deployment systems ayase) + #:use-module ((gnu system) #:prefix gnu:system:) + #:use-module ((gnu system file-systems) #:prefix gnu:system:file-systems:) + #:use-module ((gnu system uuid) #:prefix gnu:system:uuid:) + #:use-module ((nongnu packages linux) #:prefix nongnu:packages:linux:) + #:use-module ((nongnu system linux-initrd) #:prefix nongnu:system:linux-initrd:) + #:use-module ((sovereign devices amd64) #:prefix sovereign:devices:amd64:) + #:use-module ((sovereign packages protonmail) #:prefix sovereign:packages:protonmail:) + #:use-module ((sovereign systems) #:prefix sovereign:systems:) + #:use-module ((suweren system) #:prefix suweren:system:) + #:use-module ((users id1000) #:prefix users:id1000:)) + +(define efi-filesystem-uuid + (gnu:system:uuid:uuid + "B4FB-CBD9" + 'fat32)) + +(define host-name + "ayase") + +(define (label number) + (gnu:system:file-systems:file-system-label + (string-append host-name + "-swap" + number))) + +(define root-filesystem-uuid + (gnu:system:uuid:uuid + "615a98cd-a632-4ee5-a6f4-e5ebcaa6fb8c")) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(define efi-partition + (gnu:system:file-systems:file-system + (mount-point "/boot") + (device efi-filesystem-uuid) + (type "vfat"))) + +(define keyboard-layout + ((@ (gnu system keyboard) keyboard-layout) + "pl")) + +(define (libvirt-service) + (use-modules (gnu services virtualization)) + ((@ (gnu services) service) + libvirt-service-type)) + +(define (virtlog-service) + (use-modules (gnu services virtualization)) + ((@ (gnu services) service) + virtlog-service-type)) + +(define (openssh-service) + (use-modules (gnu services ssh)) + ((@ (gnu services) service) + openssh-service-type)) + +(define root-partition + (gnu:system:file-systems:file-system + (mount-point "/") + (device root-filesystem-uuid) + (type "ext4"))) + +(define (swap-label number) + (let ((target-label (label number))) + (gnu:system:file-systems:swap-space + (target target-label)))) + +(define (system-packages-service) + (use-modules (gnu packages gnome) + (gnu packages gnupg) + (gnu packages kde-pim) + (gnu services)) + (simple-service 'system-packages + profile-service-type + (list gnome-boxes + kgpg + pinentry-qt + pinentry-tty))) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(define (bootloader) + (use-modules (gnu bootloader grub)) + ((@ (gnu bootloader) bootloader-configuration) + (bootloader grub-efi-bootloader) + (targets (list "/boot")) + (keyboard-layout keyboard-layout))) + +(define (file-systems) + (append gnu:system:file-systems:%base-file-systems + (list root-partition + efi-partition))) + +(define services + (let* + ( (l-guix-homes (list users:id1000:name/home-environment)) + (l-guix-home-service (sovereign:systems:guix-home-service l-guix-homes))) + (append sovereign:systems:%sovereign-services + (list sovereign:packages:protonmail:nogui-profile + l-guix-home-service + (openssh-service) + (system-packages-service))))) + +(define swap-device-1 + (swap-label "-1")) + +(define swap-device-2 + (swap-label "-2")) + +(define (users) + (use-modules (gnu system accounts)) + (append (@ (gnu system shadow) %base-user-accounts) + (list users:id1000:uid1000-account))) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(define-public operating-system* + (gnu:system:operating-system + (kernel nongnu:packages:linux:linux) + (bootloader (bootloader)) + (label (sovereign:systems:operating-system-label* host-name + (gnu:system:operating-system-default-label gnu:system:this-operating-system))) + (keyboard-layout keyboard-layout) + (initrd nongnu:system:linux-initrd:microcode-initrd) + (firmware (list nongnu:packages:linux:linux-firmware)) + (host-name host-name) + (file-systems (file-systems)) + (swap-devices (list swap-device-1 + swap-device-2)) + (users (users)) + (timezone "Europe/Warsaw") + (locale suweren:system:polish-locale-string) + (locale-definitions suweren:system:%suweren-locale-definitions) + (services services) + (sudoers-file sovereign:systems:%sovereign-sudoers-specification))) diff --git a/systems/izumi/home-files/git-ignore.conf b/deployment/systems/git-ignore.conf index 98e588f..98e588f 100644 --- a/systems/izumi/home-files/git-ignore.conf +++ b/deployment/systems/git-ignore.conf diff --git a/systems/izumi/home-files/gitconfig b/deployment/systems/gitconfig index 300f906..300f906 100644 --- a/systems/izumi/home-files/gitconfig +++ b/deployment/systems/gitconfig diff --git a/deployment/systems/mcdowell.scm b/deployment/systems/mcdowell.scm new file mode 100644 index 0000000..6f9c86a --- /dev/null +++ b/deployment/systems/mcdowell.scm @@ -0,0 +1,101 @@ +;;; SPDX-License-Identifier: GPL-3.0-or-later +;;; SPDX-FileCopyrightText: 2024-2025 Marek Paśnikowski <marek@marekpasnikowski.pl> + +(define-module (deployment systems mcdowell) + #:use-module ((gnu services) #:prefix gnu:services:) + #:use-module ((gnu services base) #:prefix gnu:services:base:) + #:use-module ((gnu services guix) #:prefix gnu:services:guix:) + #:use-module ((gnu services ssh) #:prefix gnu:services:ssh:) + #:use-module ((gnu system) #:prefix gnu:system:) + #:use-module ((gnu system file-systems) #:prefix gnu:system:file-systems:) + #:use-module ((gnu system linux-initrd) #:prefix gnu:system:linux-initrd:) + #:use-module ((gnu system shadow) #:prefix gnu:system:shadow:) + #:use-module ((nongnu packages linux) #:prefix nongnu:packages:linux:) + #:use-module ((nongnu system linux-initrd) #:prefix nongnu:system:linux-initrd:) + #:use-module ((sovereign channels) #:prefix sovereign:channels:) + #:use-module ((sovereign devices) #:prefix sovereign:devices:) + #:use-module ((sovereign devices amd64) #:prefix sovereign:devices:amd64:) + #:use-module ((sovereign packages protonmail) #:prefix sovereign:packages:protonmail:) + #:use-module ((sovereign systems) #:prefix sovereign:systems:) + #:use-module ((users id1000) #:prefix users:id1000:)) + +(define system-name + "mcdowell") + +(define file-system-efi + (let* + ( (l-system-name (string-upcase system-name)) + (l-device (sovereign:devices:file-system-label l-system-name))) + (gnu:system:file-systems:file-system + (inherit sovereign:devices:file-system/efi) + (device l-device)))) + +(define file-system-root + (let + ( (l-device (sovereign:devices:file-system-label system-name + "root"))) + (gnu:system:file-systems:file-system + (inherit sovereign:devices:file-system/root) + (device l-device)))) + +(define swap + (let + ( (l-target (sovereign:devices:file-system-label system-name + "swap"))) + (gnu:system:file-systems:swap-space + (inherit sovereign:devices:swap/no-trim) + (target l-target)))) + +(define (guix-configuration record) + (gnu:services:base:guix-configuration + (inherit record) + (channels (list sovereign:channels:default-guix-channel + sovereign:channels:deployment-channel-staging + sovereign:channels:distribution-channel + sovereign:channels:nonguix-channel + sovereign:channels:sovereign-channel-staging)))) + +(define %sovereign-services* + (gnu:services:modify-services sovereign:systems:%sovereign-services + (gnu:services:base:guix-service-type + record => (guix-configuration record)))) + +(define system + (let* + ( (l-guix-homes (list users:id1000:name/home-environment)) + (l-guix-home-service (sovereign:systems:guix-home-service l-guix-homes)) + (l-bootloader (sovereign:devices:amd64:custom-bootloader-configuration system-name)) + (l-file-systems (cons* file-system-root + file-system-efi + gnu:system:file-systems:%base-file-systems)) + (l-firmware (list nongnu:packages:linux:linux-firmware)) + (l-initrd-modules (cons* "mei_me" + gnu:system:linux-initrd:%base-initrd-modules)) + (l-services (cons* l-guix-home-service + (gnu:services:service gnu:services:ssh:openssh-service-type) + sovereign:packages:protonmail:nogui-profile + %sovereign-services*)) + (l-swap-devices (list swap)) + (l-users (cons* users:id1000:uid1000-account + gnu:system:shadow:%base-user-accounts))) + (gnu:system:operating-system + (kernel nongnu:packages:linux:linux) + (bootloader l-bootloader) + (label (sovereign:systems:operating-system-label* system-name + (gnu:system:operating-system-default-label gnu:system:this-operating-system))) + (keyboard-layout sovereign:devices:pl-keyboard-layout) + (initrd nongnu:system:linux-initrd:microcode-initrd) + (initrd-modules l-initrd-modules) + (firmware l-firmware) + (host-name system-name) + (file-systems l-file-systems) + (swap-devices l-swap-devices) + (users l-users) + (timezone "Europe/Warsaw") + (locale sovereign:systems:pl-locale) + (locale-definitions sovereign:systems:%sovereign-locale-definitions) + (services l-services) + (sudoers-file sovereign:systems:%sovereign-sudoers-specification)))) + +(define-public operating-system* + system) diff --git a/machines/portable-bios.scm b/machines/amd64.scm index 5364300..4730607 100644 --- a/machines/portable-bios.scm +++ b/machines/amd64.scm @@ -1,10 +1,4 @@ -(define-module (machines portable-bios) - ;; bootloader-configuration - #:use-module (gnu bootloader) - - ;; grub-bootloader - #:use-module (gnu bootloader grub) - +(define-module (machines amd64) ;; file-system ;; swap-space #:use-module (gnu system file-systems) @@ -16,15 +10,6 @@ ;; microcode-initrd #:use-module (nongnu system linux-initrd)) -;; bootloader-configuration -(define-public (bootloader-configuration* keyboard-layout*) - (let ((bootloader* grub-bootloader) - (bootloader-targets (list "/dev/sdb")) ; TODO: generalize the target - ) - (bootloader-configuration (bootloader bootloader*) - (targets bootloader-targets) - (keyboard-layout keyboard-layout*)))) - ;; string -> ;; (list record* file-system) (define-public (file-systems* host-name*) @@ -35,7 +20,8 @@ (file-system-root (file-system (type "ext4") (mount-point "/") (device root-device)))) - (list file-system-root))) + (append %base-file-systems + (list file-system-root)))) ;; (list record* package) (define-public firmware* @@ -46,7 +32,7 @@ microcode-initrd) ;; record* package -(define-public kernel* +(define-public kernel-amd64 linux) ;; string -> @@ -58,3 +44,22 @@ (swap-space* (swap-space (target target*)))) (list swap-space*))) + +;;;??????????????????????????????????????????????????????????????????? + +(define-public (bootloader-device-path host-name) + (let* + ((close-pipe (@ (ice-9 popen) close-pipe)) + (open-input-pipe (@ (ice-9 popen) open-input-pipe)) + (read-line (@ (ice-9 rdelim) read-line)) + (command-chain (string-append "findmnt -o SOURCE,LABEL " + "| grep " + host-name + " " + "| head -n 1 " + "| awk '{print $1}' " + "| sed 's/[0-9]*$//' ")) + (port (open-input-pipe command-chain)) + (output (read-line port))) + (close-pipe port) + output)) diff --git a/machines/thinkpad-x200.scm b/machines/thinkpad-x200.scm index faca5b0..b9bcbc7 100644 --- a/machines/thinkpad-x200.scm +++ b/machines/thinkpad-x200.scm @@ -7,14 +7,7 @@ ;; file-system ;; swap-space - #:use-module (gnu system file-systems) - - ;; linux - ;; linux-firmware - #:use-module (nongnu packages linux) - - ;; microcode-initrd - #:use-module (nongnu system linux-initrd)) + #:use-module (gnu system file-systems)) ;; bootloader-configuration (define-public (bootloader-configuration* keyboard-layout*) @@ -26,30 +19,6 @@ (keyboard-layout keyboard-layout*)))) ;; string -> -;; (list record* file-system) -(define-public (file-systems* host-name*) - (let* ((root-device-string (string-append host-name* "-root")) - - (root-device (file-system-label root-device-string)) - - (file-system-root (file-system (type "ext4") - (mount-point "/") - (device root-device)))) - (list file-system-root))) - -;; (list record* package) -(define-public firmware* - (list linux-firmware)) - -;; record* package -(define-public initrd* - microcode-initrd) - -;; record* package -(define-public kernel* - linux) - -;; string -> ;; (list record* swap-space) (define-public (swap-devices* host-name*) (let* ((label* (string-append host-name* "-swap")) diff --git a/packages/ruby-nano-bots.scm b/packages/ruby-nano-bots.scm index d98f79e..bbc3407 100644 --- a/packages/ruby-nano-bots.scm +++ b/packages/ruby-nano-bots.scm @@ -1,7 +1,8 @@ (define-module (packages ruby-nano-bots) #:use-module (gnu packages) #:use-module (gnu packages curl) - #:use-module (gnu packages ruby) + #:use-module (gnu packages ruby-check) + #:use-module (gnu packages ruby-xyz) #:use-module (guix build-system ruby) #:use-module (guix download) #:use-module ((guix licenses) diff --git a/systems/aisaka.scm b/systems/aisaka.scm deleted file mode 100644 index b5db185..0000000 --- a/systems/aisaka.scm +++ /dev/null @@ -1,67 +0,0 @@ -(define-module (systems aisaka) - ;; service - #:use-module (gnu services) - - ;; guix-home-service-type - #:use-module (gnu services guix) - - ;; keyboard-layout - #:use-module (gnu system keyboard) - - ;; bootloader-configuration* - ;; file-systems* - ;; firmware* - ;; hardware-groups - ;; initrd* - ;; kernel* - ;; swap-devices* - #:use-module (machines inspiron) - - ;; %suweren-operating-system - #:use-module (suweren system) - - ;; uid1000-account - ;; uid1000-home-environment - ;; uid1000-name - #:use-module (users id1000) - - ;; uid1001-account - ;; uid1001-home-environment - ;; uid1001-name - #:use-module (users id1001)) - -;; string -(define host-name* - "aisaka") - -;; (record user-account) -(define users* - (list uid1000-account - uid1001-account)) - -;; record operating-system -(define-public operating-system* - (let* ((home-environments `((,uid1000-name ,(uid1000-home-environment host-name*)) - (,uid1001-name ,(uid1001-home-environment host-name*)))) - - (guix-home (service guix-home-service-type - home-environments)) - - (keyboard-layout* (keyboard-layout "pl")) - (services* (list guix-home)) - (timezone* "Europe/Warsaw") - (locale* "pl_PL.utf8")) - (%suweren-operating-system kernel* - (bootloader-configuration* keyboard-layout*) - keyboard-layout* - initrd* - firmware* - host-name* - (file-systems* host-name*) - (swap-devices* host-name*) - users* - timezone* - locale* - services*))) - -operating-system* diff --git a/systems/akashi.scm b/systems/akashi.scm deleted file mode 100644 index 57debb5..0000000 --- a/systems/akashi.scm +++ /dev/null @@ -1,59 +0,0 @@ -(define-module (systems akashi) - ;; service - #:use-module (gnu services) - - ;; guix-home-service-type - #:use-module (gnu services guix) - - ;; keyboard-layout - #:use-module (gnu system keyboard) - - ;; bootloader-configuration* - ;; file-systems* - ;; firmware* - ;; initrd* - ;; kernel* - ;; swap-devices* - #:use-module (machines thinkpad-x200) - - ;; %suweren-operating-system - #:use-module (suweren system) - - ;; uid1000-account - ;; uid1000-home-environment - ;; uid1000-name - #:use-module (users id1000)) - -;; string -(define host-name* - "akashi") - -;; (record* user-account) -(define users* - (list uid1000-account)) - -;; record* operating-system -(define-public operating-system* - (let* ((home-environments `((,uid1000-name ,(uid1000-home-environment host-name*)))) - - (guix-home (service guix-home-service-type - home-environments)) - - (keyboard-layout* (keyboard-layout "pl")) - (services* (list guix-home)) - (timezone* "Europe/Warsaw") - (locale* "pl_PL.utf8")) - (%suweren-operating-system kernel* - (bootloader-configuration* keyboard-layout*) - keyboard-layout* - initrd* - firmware* - host-name* - (file-systems* host-name*) - (swap-devices* host-name*) - users* - timezone* - locale* - services*))) - -operating-system* diff --git a/systems/ayase.scm b/systems/ayase.scm deleted file mode 100644 index aef4771..0000000 --- a/systems/ayase.scm +++ /dev/null @@ -1,168 +0,0 @@ -(define-module (systems ayase) - ;; uuid - #:use-module (gnu) - - ;; grub - #:use-module (gnu packages bootloaders) - - ;; gnome-boxes - #:use-module (gnu packages gnome) - - ;; pinentry-qt - ;; pinentry-tty - #:use-module (gnu packages gnupg) - - ;; kgpg - #:use-module (gnu packages kde-pim) - - ;; python-pip - #:use-module (gnu packages python-build) - - ;; ruby - #:use-module (gnu packages ruby) - - ;; profile-service-type - ;; service - ;; simple-service - #:use-module (gnu services) - - ;; guix-home-service-type - #:use-module (gnu services guix) - - ;; tor-service-type - #:use-module (gnu services networking) - - ;; openssh-service-type - #:use-module (gnu services ssh) - - ;; libvirt-service-type - #:use-module (gnu services virtualization) - - ;; uid1000-account - ;; uid1000-home-environment - ;; uid1000-name - #:use-module (users id1000) - - ;; linux - ;; linux-firmware - #:use-module (nongnu packages linux) - - ;; microcode-initrd - #:use-module (nongnu system linux-initrd) - - ;; %sudoers-specification* - #:use-module (suweren commons sudoers) - - ;; %distribution-services - #:use-module (suweren services)) - -;; string -(define host-name - "ayase") - -;;; - -;; (alist string #<home-environment>) -(define home-environments - `((,uid1000-name ,(uid1000-home-environment host-name)))) - -;; #<file-system-label> -(define (swap-label number) - (file-system-label (string-append host-name - "-swap" - number))) - -;; #<service> -(define home-services - (service guix-home-service-type - home-environments)) - -;; #<swap-space> -(define swap-1 - (swap-space (target (swap-label "-1")))) - -;; #<swap-space> -(define swap-2 - (swap-space (target (swap-label "-2")))) - -;; (list #<service>) -(define system-services - (list (service libvirt-service-type) - (service openssh-service-type) - (service tor-service-type) - (simple-service 'gc-workaround - profile-service-type - (list grub - python-pip - ruby)) - (simple-service 'system-packages - profile-service-type - (list gnome-boxes - kgpg - pinentry-qt - pinentry-tty)))) - -;;; - -;; (list #<service>) -(define services - (append %distribution-services - (list ;; (@ (users id1000) - ;; dovecot) - home-services) - system-services)) - -;; (list #<swap-space>) -(define swap-devices - (list swap-1 - swap-2)) - -;; (list #<user-account>) -(define users - (append %base-user-accounts - (list uid1000-account))) - -;;; - -;; #<operating-system> -(define-public operating-system* - (let* ((bootloader-targets (list "/boot/efi")) - (efi-filesystem-id (uuid "B4FB-CBD9" 'fat32)) - (root-filesystem-id (uuid "615a98cd-a632-4ee5-a6f4-e5ebcaa6fb8c")) - - (efi-partition (file-system (mount-point "/boot/efi") - (device efi-filesystem-id) - (type "vfat"))) - (root-partition (file-system (mount-point "/") - (device root-filesystem-id) - (type "ext4"))) - - (ayase-file-systems (list root-partition - efi-partition)) - (keyboard-layout (keyboard-layout "pl")) - (bootloader (bootloader-configuration (bootloader grub-efi-bootloader) - (targets bootloader-targets) - (keyboard-layout keyboard-layout))) - (file-systems (append %base-file-systems - ;; %distribution-file-systems - ayase-file-systems)) - (firmware (list linux-firmware)) - (packages (append %base-packages - ;; %distribution-packages - ;; system-packages - ))) - (operating-system (kernel linux) - (bootloader bootloader) - (keyboard-layout keyboard-layout) - (initrd microcode-initrd) - (firmware firmware) - (host-name host-name) - (file-systems file-systems) - (swap-devices swap-devices) - (users users) - (timezone "Europe/Warsaw") - (locale "pl_PL.utf8") - (services services) - (sudoers-file %sudoers-specification*)))) - -operating-system* diff --git a/systems/izumi/home-configuration.scm b/systems/izumi/home-configuration.scm deleted file mode 100644 index dcb6ace..0000000 --- a/systems/izumi/home-configuration.scm +++ /dev/null @@ -1,189 +0,0 @@ -(define-module (systems izumi home-configuration)) - -(use-modules - ( channels ) - (gnu home) - (gnu home services shells)) - -(use-modules - (gnu) - (gnu home services)) - -(use-package-modules emacs-xyz) - -(use-service-modules) -(use-modules - (gnu) - (gnu home services) - (guix build-system emacs) - (guix git-download) - ((guix licenses) - #:prefix license:) - (guix packages)) - -(use-package-modules base emacs-xyz gawk) -(use-modules - (gnu services) - (gnu home services) - (gnu packages password-utils) - (guix gexp)) -(use-modules - (gnu home services shells) - (gnu services)) - -(home-environment (packages (map specification->package+output - (list "dconf-editor" - "emacs" - "emacs-org-modern" - "emacs-paredit" - "font-google-noto" - "font-google-noto-emoji" - "font-google-noto-sans-cjk" - "font-google-noto-serif-cjk" - "git" - "gnupg" - "gnome-tweaks" - "noweb" - "pinentry" - "pwgen" - "unzip" - "zip"))) - (services (append (list izumi-channels-service-type) - (list - (simple-service - 'emacs-home-profile - home-profile-service-type - (append - (list emacs-guix emacs-nix-mode) - (list - (let - ((commit* "wip-algo-tn")) - (package - (name "emacs-org-fc") - (version (git-version "0.1.2" "0" commit*)) - (source - (origin - (method git-fetch) - (uri - (git-reference - (url "https://git.marekpasnikowski.pl/org-fc.git") - (commit commit*))) - (file-name (git-file-name name version)) - (sha256 (base32 "1i8ii1garx2pdg08a12yzsd0fhwdzcpxp9m97zj8m5s275i8ccaj")))) - (build-system emacs-build-system) - (arguments - (list - #:include #~ (cons* "\\.awk$" "\\.org$" %default-include) - #:exclude #~ (cons "^test/" %default-exclude) - #:tests? #t - #:test-command - #~ - (list - "emacs" - "--batch" - "-L" "." - "-L" "tests/" - "-l" "tests/org-fc-filter-test.el" - "-l" "tests/org-fc-indexer-test.el" - "-l" "tests/org-fc-review-data-test.el" - "-f" "ert-run-tests-batch-and-exit") - #:phases - #~ - (modify-phases - %standard-phases - (add-after - 'unpack - 'qualify-paths - (lambda* - (#:key inputs - #:allow-other-keys) - (substitute* - "org-fc-awk.el" - (("\"find ") - (string-append - "\"" - (search-input-file inputs "/bin/find") - " ")) - (("\"gawk ") - (string-append - "\"" - (search-input-file inputs "/bin/gawk") - " ")) - (("\"xargs ") - (string-append - "\"" - (search-input-file inputs "/bin/xargs") - " ")))))))) - (inputs (list findutils gawk)) - (propagated-inputs (list emacs-hydra)) - (home-page "https://www.leonrische.me/fc/index.html") - (synopsis "Spaced repetition system for Emacs Org mode") - (description - (string-append - "Org-fc is a spaced-repetition system for Emacs' Org mode.\n" - "It allows you to mark headlines in a file as flashcards, turning pieces of\n" - "knowledge you want to learn into a question-answer test. These cards are\n" - "reviewed at regular interval. After each review, the next review interval is\n" - "calculated based on how well you remembered the contents of the card.\n")) - (license license:gpl3+)))))) - (simple-service 'home-files - home-files-service-type - (list (list ".config/emacs/init.el" - (local-file "home-files/emacs-configuration.el" )) - (list ".gnus" - (local-file "home-files/gnus-configuration.el")) - (list ".gitconfig" - (local-file "home-files/gitconfig")) - (list ".config/git/ignore" - ;; https://github.com/github/gitignore/blob/main/Global/Emacs.gitignore - (local-file "home-files/git-ignore.conf")))) - (simple-service - 'environment-variables - home-environment-variables-service-type - `(("EDITOR" . "emacsclient -nw")))) - (list - (let* - ((and "&& ") - (collect-garbage "sudo guix gc -d 7d ") - (configuration-prefix - "/home/marek/Publiczny/src/deployment/systems/izumi/") - (pull-guix "guix pull ") - (reconfigure-home - (string-append - "guix home delete-generations 7d ; " - "guix home reconfigure " - configuration-prefix - "home-configuration.scm ")) - (reconfigure-system - (string-append - "sudo guix system delete-generations 7d ; " - "sudo guix system reconfigure " - configuration-prefix - "system-configuration.scm ")) - (update-system - (string-append - pull-guix - and - reconfigure-system - and - reconfigure-home - and - collect-garbage))) - (simple-service - 'bash-extension - home-bash-service-type - (home-bash-extension - (aliases - `(("collect-garbage" . ,collect-garbage) - ("edit" . "$EDITOR") - ("pull-guix" . ,pull-guix) - ("reconfigure-home" . ,reconfigure-home) - ("reconfigure-system" . ,reconfigure-system) - ("update-system" . ,update-system))) - (bash-profile - (list - (mixed-text-file - "newline-prompt" - "PS1=${PS1%?}\n" - "PS1=${PS1%?}\\n'$ '\n" - "PS1=\"\\n$PS1\"")))))))))) diff --git a/systems/izumi/home-files/emacs-configuration.el b/systems/izumi/home-files/emacs-configuration.el deleted file mode 100644 index e4a1d70..0000000 --- a/systems/izumi/home-files/emacs-configuration.el +++ /dev/null @@ -1,111 +0,0 @@ -;; Disable Backup Files -(setq make-backup-files nil) - -;;; https://github.com/fimblo/dot.emacs -;;; Theme Activation -(load-theme 'modus-vivendi) - -;;; Disable Org Indent Mode -(add-hook 'org-mode-hook (lambda () (org-indent-mode -1))) - -;;; Enable ParEdit -(add-hook 'prog-mode-hook 'enable-paredit-mode) - -;;; https://elpa.gnu.org/packages/aggressive-indent.html -;;; Automatic Activation of Aggressive Indent -;; (global-aggressive-indent-mode) - -;; Highlight the pair of delimiters under the cursor -(setq-default show-paren-mode 1 - show-paren-delay 0) - -;;; https://guix.gnu.org/manual/en/html_node/The-Perfect-Setup.html -;;; Copyright Information -(setq-default user-full-name "Marek Paśnikowski" - user-mail-address "marek@marekpasnikowski.pl") - -(setq-default epg-gpg-program "gpg2") - -;;;https://github.com/redguardtoo/mastering-emacs-in-one-year-guide/blob/master/gnus-guide-en.org#my-gnusel -(setq-default send-mail-function 'smtpmail-send-it - smtpmail-stream-type 'ssl - smtpmail-smtp-server "marekpasnikowski.pl" - smtpmail-smtp-service 465 - ;; smtpmail-local-domain "izumi.lan" - smtpmail-debug-info t) - -(require 'smtpmail) - -;;; https://github.com/redguardtoo/mastering-emacs-in-one-year-guide/blob/master/gnus-guide-en.org#my-gnusel -(add-hook 'message-mode-hook - (lambda () - (flyspell-mode t) - (local-set-key (kbd "TAB") - 'bbdb-complete-name))) - -;;; Startup Screen Inhibition -(setq-default inhibit-startup-screen t) - -;; Enable the column-100 line -(setq-default display-fill-column-indicator-column 100 - fill-column 100 - org-startup-truncated nil) -(set-face-attribute 'fill-column-indicator nil :foreground "green") -(global-display-fill-column-indicator-mode) - -;;; Enable Org Modern Style - ;(with-eval-after-load 'org (global-org-modern-mode)) - -;; Prepare Literate Programming -(setq-default - org-startup-indented t - org-confirm-babel-evaluate nil - org-src-fontify-natively t - org-src-tab-acts-natively t) -(org-babel-do-load-languages 'org-babel-load-languages '((emacs-lisp . t) - (scheme . t ) - (shell . t ))) - -(add-to-list 'auto-mode-alist '("\\.epub\\'" . nov-mode)) - -;; Monospace Font in Ebook Reader -(setq-default nov-variable-pitch nil) - -;; Disable Toolbar -(tool-bar-mode -1) - -;; GNUS Configuration -;; (setq-default gnus-auto-select-first nil -;; gnus-select-method '(nnnil "") -;; gnus-secondary-select-methods '((nnimap "outlook" -;; (nnimap-address "outlook.office365.com") -;; (nnimap-server-port 993) -;; (nnimap-stream ssl) -;; (nnimap-authinfo-file "~/.authinfo")) -;; (nnimap "home" -;; (nnimap-address "serwer1930490.home.pl") -;; (nnimap-server-port 993) -;; (nnimap-stream ssl) -;; (nnimap-authinfo-file "~/.authinfo"))) -;; nnmail-split-method 'nnmail-split-fancy -;; nnmail-split-fancy '(| "normal")) -;; (add-hook 'gnus-group-mode-hook 'gnus-topic-mode) - -;; ORG-FC Configuration -(require 'org-fc-hydra) -(setq-default - org-fc-algorithm 'tn - org-fc-shuffle-positions t - org-fc-directories '("~/Dokumenty/fiszki")) - -;; Nix Mode -;; (require 'nix-mode) -;; (add-to-list 'auto-mode-alist '("\\.nix\\'" . nix-mode)) - -;; (setq tramp-remote-path -;; (append tramp-remote-path -;; '(tramp-own-remote-path -;; "~/.guix-profile/bin" -;; "~/.guix-profile/sbin" -;; "/run/current-system/profile/bin" -;; "/run/current-system/profile/sbin"))) diff --git a/systems/izumi/home-files/gnus-configuration.el b/systems/izumi/home-files/gnus-configuration.el deleted file mode 100644 index 570b8fd..0000000 --- a/systems/izumi/home-files/gnus-configuration.el +++ /dev/null @@ -1,85 +0,0 @@ -;;; https://github.com/redguardtoo/mastering-emacs-in-one-year-guide/blob/master/gnus-guide-en.org#my-gnusel -;; (require 'nnir) - -;; (setq-default gnus-select-method '(nntp "news.gwene.org")) - -(setq-default epa-file-cache-passphrase-for-symmetric-encryption t) - -(setq-default gnus-select-method - '(nnimap "marekpasnikowski.pl" - (nnimap-address "marekpasnikowski.pl") - (nnimap-server-port 993) - (nnimap-stream ssl) - ;; (nnir-search-engine imap) - (nnmail-expiry-wait 90))) - -(setq-default gnus-thread-sort-functions - '(gnus-thread-sort-by-most-recent-date - (not gnus-thread-sort-by-number))) - -(setq-default gnus-use-cache t) - -(defun my-gnus-group-list-subscribed-groups () - "List all subscribed groups with or without un-read messages" - () - (interactive) - (gnus-group-list-all-groups 5)) - -(define-key gnus-group-mode-map - (kbd "o") 'my-gnus-group-list-subscribed-groups) - -;; (add-to-list 'load-path "~/Dokumenty/bbdb") -;; (require 'bbdb) -;; (bbdb-initialize 'message 'gnus 'sendmail) -;; (add-hook 'gnus-startup-hook 'bbdb-insinuate-gnus) -;; (setq-default bbdb/mail-auto-create-p t -;; bbdb/news-auto-create-p t) - -(setq-default gnus-read-active-file 'some) - -(eval-after-load 'mailcap - '(progn (cond ((eq system-type 'darwin)) - ((eq system-type 'windows-nt)) - (t (mailcap-parse-mailcaps))))) - -(add-hook 'gnus-group-mode-hook - 'gnus-topic-mode) - -(setq-default gnus-summary-thread-gathering-function - 'gnus-gather-threads-by-subject) - -(setq-default gnus-thread-hide-subtree t) -(setq-default gnus-thread-ignore-subject t) - -(setq-default gnus-use-correct-string-widths nil) - - -(eval-after-load 'gnus-topic - '(progn (setq-default gnus-message-archive-group - '((format-time-string "sent.%Y"))) - (setq-default gnus-server-alist - '(("archive" - nnfolder - "archive" - (nnfolder-directory "~/Mail/archive") - (nnfolder-active-file "~/Mail/archive/active") - (nnfolder-get-new-mail nil) - (nnfolder-inhibit-expiry t)))) - (setq-default gnus-topic-topology - '(("Gnus" visible) - (("marekpasnikowski.pl" visible nil nil)) - (("misc" visible)))) - (setq-default gnus-topic-alist - '(("marekpasnikowski.pl" - "nnimap+marekpasnikowski.pl:Inbox" - "nnimap+marekpasnikowski.pl:Drafts" - "nnimap+marekpasnikowski.pl:Sent" - "nnimap+marekpasnikowski.pl:Archive" - "nnimap+marekpasnikowski.pl:Junk" - "nnimap+marekpasnikowski.pl:Trash") - ("misc" - "nnfolder+archive:sent.2024" - "nndraft:drafts") - ("Gnus"))) - (gnus-topic-set-parameters "marekpasnikowski.pl" - '((display . 200))))) diff --git a/systems/izumi/izumi.org b/systems/izumi/izumi.org deleted file mode 100644 index afe2fe1..0000000 --- a/systems/izumi/izumi.org +++ /dev/null @@ -1,592 +0,0 @@ -#+TITLE: Configuration of the Izumi computer -#+AUTHOR: Marek Paśnikowski -#+STARTUP: showall -#+PROPERTY: header-args:scheme :noweb yes -#+PROPERTY: header-args:scheme+ :noweb-prefix yes - -* DONE The Monolith - -#+NAME: OPERATING-SYSTEM -#+BEGIN_SRC scheme :tangle system-configuration.scm - (define-module (systems izumi system-configuration) - #:use-module (suweren commons sudoers)) - - (define radicale-keys "/secrets/radicale/keys") - (define dovecot-keys "/secrets/dovecot") - - ( use-modules - ( gnu ) - ( gnu services syncthing ) - ( guix records ) - ( ice-9 match ) - ( nongnu packages linux ) - ( nongnu system linux-initrd ) ) - - ( use-package-modules - admin certs kde-frameworks kde-multimedia kde-pim kde-plasma kde-utils mail - version-control ) - - ( use-service-modules - base certbot cgit desktop mail shepherd ssh version-control web xorg ) - - (define nginx-accounts - (list (user-group (name "nginx") - (system? #t)) - (user-account (name "nginx") - (group "nginx") - (supplementary-groups '("git")) - (system? #t) - (comment "nginx server user") - (home-directory "/var/empty") - (shell (file-append (specification->package "shadow") - "/sbin/nologin"))))) - - (define nginx-service-type* - (service-type (inherit nginx-service-type) - (extensions (map (lambda (extension) - (if (eq? (service-extension-target extension) - account-service-type) - (service-extension account-service-type - (const nginx-accounts)) - extension)) - (service-type-extensions nginx-service-type))))) - - (define hosts-izumi - (local-file "system-files/hosts")) - - ( operating-system - ( bootloader - ( bootloader-configuration - ( bootloader grub-efi-bootloader ) - ( keyboard-layout ( keyboard-layout "pl" ) ) - ( targets ( list "/boot/efi" ) ) ) ) - ( mapped-devices - ( list - ( mapped-device - ( source "/dev/sda2" ) - ( target "izumi" ) - ( type luks-device-mapping ) ) ) ) - ( file-systems - ( append - %base-file-systems - ( list - ( file-system - ( device "/dev/sda1" ) - ( mount-point "/boot/efi" ) - ( type "vfat" ) ) - ( file-system - ( dependencies mapped-devices ) - ( device "/dev/mapper/izumi" ) - ( mount-point "/" ) - ( type "xfs" ) ) ) ) ) - ( firmware ( list linux-firmware ) ) - ( groups - ( append - %base-groups - ( list - ( user-group - ( name "vmail" ) - ( system? #t ) )) ) ) - ( host-name "izumi" ) - (hosts-file hosts-izumi) - ( initrd microcode-initrd ) - ( kernel linux ) - ( keyboard-layout ( keyboard-layout "pl" ) ) - ( locale "pl_PL.utf8" ) - ( services - ( append - ( modify-services - %desktop-services - ( elogind-service-type - configuration => - ( elogind-configuration - ( inherit configuration ) - ( handle-lid-switch 'ignore ) - ( handle-lid-switch-docked 'ignore ) - ( handle-lid-switch-external-power 'ignore ) ) ) - ( gdm-service-type - configuration => - ( gdm-configuration - ( inherit configuration ) - ( auto-suspend? #f ) - ( wayland? #t ) ) ) - ( guix-service-type - configuration => - ( let* - ( ( non-guix.pub - ( string-append - "( public-key ( ecc ( curve Ed25519 )" - "( q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98# ) ) )" ) ) - ( authorized-keys - ( append - %default-authorized-guix-keys - ( list ( plain-file "non-guix.pub" non-guix.pub ) ) ) ) - ( extra-options - ( list "--gc-keep-derivations=yes" "--gc-keep-outputs=yes" ) ) - ( substitute-urls - ( append - %default-substitute-urls - ( list "https://substitutes.nonguix.org" ) ) ) ) - ( guix-configuration - ( inherit configuration ) - ( authorized-keys authorized-keys ) - ( extra-options extra-options ) - ( substitute-urls substitute-urls ) ) ) ) ) - ( list - (@ (users id1000) dkim-service) - (@ (users id1000) dovecot-service) - (@ (users id1000) smtp-service) - (service (service-type (inherit certbot-service-type) - (extensions (map (lambda (extension) - (if (eq? (service-extension-target extension) - nginx-service-type) - (service-extension nginx-service-type* - (@@ (gnu services certbot) - certbot-nginx-server-configurations)) - extension)) - (service-type-extensions certbot-service-type)))) - ( certbot-configuration - ( certificates - ( list - ( certificate-configuration - ( deploy-hook - ( program-file - "nginx-deploy-hook" - #~ - ( let - ( ( pid ( call-with-input-file "/var/run/nginx/pid" read ) ) ) - ( kill pid SIGHUP ) ) ) ) - ( domains - ( list - "marekpasnikowski.pl" - "git.marekpasnikowski.pl" - "radicale.marekpasnikowski.pl" ) ) ) ) ) - ( email "marek@marekpasnikowski.pl" ) - ( webroot "/srv/www/marek/marekpasnikowski.pl" ) ) ) - (service (service-type (inherit cgit-service-type) - (extensions (map (lambda (extension) - (if (eq? (service-extension-target extension) - nginx-service-type) - (service-extension nginx-service-type* - cgit-configuration-nginx-config) - extension)) - (service-type-extensions cgit-service-type)))) - ( cgit-configuration - ( nginx - ( list - ( nginx-server-configuration - ( locations - ( list - ( git-http-nginx-location-configuration - ( git-http-configuration - ( git-root "/var/lib/gitolite/repositories" ) - ( uri-path "/git" ) ) ) - ( nginx-location-configuration - ( body - ( list - "fastcgi_param HTTP_HOST $server_name ;" - "fastcgi_param PATH_INFO $uri ;" - "fastcgi_param QUERY_STRING $args ;" - "fastcgi_param SCRIPT_FILENAME $document_root/lib/cgit/cgit.cgi ;" - "fastcgi_pass 127.0.0.1:9000 ;" ) ) - ( uri "@cgit" ) ) - ( nginx-location-configuration - ( body ( list "root /srv/www/marek/marekpasnikowski.pl/ ;" ) ) - ( uri "/.well-known" ) ) ) ) - ( listen ( list "192.168.10.2:443 ssl" ) ) - ( root cgit ) - ( server-name ( list "git.marekpasnikowski.pl" ) ) - ( ssl-certificate - "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" ) - ( ssl-certificate-key - "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) - ( try-files ( list "$uri" "@cgit" ) ) ) ) ) - ( repositories - ( list - ( repository-cgit-configuration - ( hide? #t ) - ( path "/srv/git/marek/packages" ) ) ) ) - ( repository-directory "/var/lib/gitolite/repositories" ) ) ) - (service fcgiwrap-service-type - (fcgiwrap-configuration (user "git") - (group "git"))) - ( service gitolite-service-type - ( gitolite-configuration - ( rc-file ( gitolite-rc-file ( umask #o0027 ) ) ) - ( admin-pubkey ( plain-file "gitolite-admin.pub" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4THTYnHCc/ihCJNKJtGTNu1zCnLndbMHnxnrxzJk+N marek@izumi\n") ) ) ) - ( service plasma-desktop-service-type ) - ( service syncthing-service-type ( syncthing-configuration ( user "marek" ) ) ) - (service nginx-service-type* - ( nginx-configuration - ( server-blocks - ( list - ;; Top-Level - ( nginx-server-configuration - ( locations - ( list - ( nginx-location-configuration - ( uri "/.well-known" ) - ( body - ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) ) ) ) - ( listen ( list "192.168.10.2:443 ssl" ) ) - ( root "/srv/www/marek/marekpasnikowski.pl" ) - ( server-name ( list "marekpasnikowski.pl" ) ) - ( ssl-certificate - "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" ) - ( ssl-certificate-key - "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) - ;; Radicale - ( nginx-server-configuration - ( locations - ( list - ( nginx-location-configuration - ( body - ( list - "proxy_pass http://localhost:5232/ ;" - "proxy_set_header X-Script-Name \"\" ;" - "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;" - "proxy_set_header Host $http_host ;" - "proxy_pass_header Authorization ;" ) ) - ( uri "/" ) ) - ( nginx-location-configuration - ( body - ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) - ( uri "/.well-known" ) ) ) ) - ( listen ( list "192.168.10.2:443 ssl" ) ) - ( server-name ( list "radicale.marekpasnikowski.pl" ) ) ) ) ) ) ) - ( service openssh-service-type ) - ( service radicale-service-type - ( radicale-configuration - ( auth - ( radicale-auth-configuration - ( type 'htpasswd ) - ( htpasswd-filename radicale-keys ) - ( htpasswd-encryption 'plain ) ) ) ) ) - ( simple-service 'base-profile profile-service-type - ( append %base-packages - ( list ) ) ) - ( simple-service - 'nss-profile - profile-service-type - ( list nss-certs ) ) - ( simple-service - 'etc-files - etc-service-type - ( list - `( "mailname" ,( plain-file "mailname" "marekpasnikowski.pl\n" ) ) ) ) ) ) ) - ( sudoers-file %sudoers-specification* ) - ( swap-devices - ( list - ( swap-space - ( target "/dev/sda3" ) ) ) ) - ( timezone "Europe/Warsaw" ) - ( users - ( append - %base-user-accounts - ( list - ( user-account - ( comment "vmail" ) - ( group "vmail" ) - ( home-directory "/home/vmail" ) - ( name "vmail" ) - ( system? #t ) ) - ( user-account - ( comment "Marek Paśnikowski" ) - ( group "users" ) - ( home-directory "/home/marek" ) - ( name "marek" ) - ( supplementary-groups - ( list "audio" "netdev" "video" "wheel" ) ) ) ) ) ) ) -#+END_SRC - -#+NAME: OPENSMTPD-CONFIGURATION-FILE -#+BEGIN_SRC conf :tangle system-files/smtpd.conf - # The prefix on GUIX is not the default one — it is /etc . - table aliases file:/etc/aliases - - # The mail certificates are issued by Let‘s Encrypt and served by NGINX - pki marekpasnikowski.pl cert "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" - pki marekpasnikowski.pl key "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" - - # Listen for local messages. - listen on lo - - # Listen for messages from the internet. - listen on enp1s0 tls port 25 pki "marekpasnikowski.pl" - listen on enp1s0 smtps port 465 pki "marekpasnikowski.pl" - - # There is no filtering in the design, so the two actions are enough. - action receive maildir alias <aliases> - action send relay - - # Match incoming messages. - match from local for local action receive - match from any for domain "marekpasnikowski.pl" action receive - - # Match outgoing messages. - match for any action send -#+END_SRC - -* [[https://guix.gnu.org/manual/en/html_node/Home-Configuration.html][13 Home Configuration]] - -#+BEGIN_SRC scheme :tangle home-configuration.scm - (define-module (systems izumi home-configuration)) - - (use-modules - ( channels ) - (gnu home) - (gnu home services shells)) - - <<EMACS-GUIX-MODULES>> - <<EMACS-ORG-FC-TN-MODULES>> - <<ESSENTIAL-HOME-MODULES>> - <<SHELLS-MODULES>> - - (home-environment (packages (map specification->package+output - (list "dconf-editor" - "emacs" - "emacs-org-modern" - "emacs-paredit" - "font-google-noto" - "font-google-noto-emoji" - "font-google-noto-sans-cjk" - "font-google-noto-serif-cjk" - "git" - "gnupg" - "gnome-tweaks" - "noweb" - "pinentry" - "pwgen" - "unzip" - "zip"))) - (services (append (list izumi-channels-service-type) - <<ESSENTIAL-HOME-SERVICES>> - <<SHELLS>>))) -#+END_SRC - -** [[https://guix.gnu.org/manual/en/html_node/Home-Services.html][13.3 Home Services]] - -#+NAME: ESSENTIAL-HOME-SERVICES -#+BEGIN_SRC scheme - (list - <<EMACS-HOME-PROFILE>> - <<HOME-FILES-SERVICE-TYPE>> - (simple-service - 'environment-variables - home-environment-variables-service-type - `(("EDITOR" . "emacsclient -nw")))) -#+END_SRC - -#+NAME: SHELLS -#+BEGIN_SRC scheme - (list - <<HOME-BASH-SERVICE-TYPE>>) -#+END_SRC - -*** [[https://guix.gnu.org/manual/en/html_node/Essential-Home-Services.html][13.3.1 Essential Home Services]] - -#+NAME: ESSENTIAL-HOME-MODULES -#+BEGIN_SRC scheme - (use-modules - (gnu services) - (gnu home services) - (gnu packages password-utils) - (guix gexp)) -#+END_SRC - -#+NAME: EMACS-HOME-PROFILE -#+BEGIN_SRC scheme - (simple-service - 'emacs-home-profile - home-profile-service-type - (append - <<EMACS-GUIX-PACKAGES>> - <<EMACS-ORG-FC-TN-PACKAGES>>)) -#+END_SRC - -#+NAME: HOME-FILES-SERVICE-TYPE -#+BEGIN_SRC scheme - (simple-service 'home-files - home-files-service-type - (list (list ".config/emacs/init.el" - (local-file "home-files/emacs-configuration.el" )) - (list ".gnus" - (local-file "home-files/gnus-configuration.el")) - (list ".gitconfig" - (local-file "home-files/gitconfig")) - (list ".config/git/ignore" - ;; https://github.com/github/gitignore/blob/main/Global/Emacs.gitignore - (local-file "home-files/git-ignore.conf")))) -#+END_SRC - -*** [[https://guix.gnu.org/manual/en/html_node/Shells-Home-Services.html][13.3.2 Shells]] - -#+NAME: SHELLS-MODULES -#+BEGIN_SRC scheme - (use-modules - (gnu home services shells) - (gnu services)) -#+END_SRC - -#+NAME: HOME-BASH-SERVICE-TYPE -#+BEGIN_SRC scheme - (let* - ((and "&& ") - (collect-garbage "sudo guix gc -d 7d ") - (configuration-prefix - "/home/marek/Publiczny/src/deployment/systems/izumi/") - (pull-guix "guix pull ") - (reconfigure-home - (string-append - "guix home delete-generations 7d ; " - "guix home reconfigure " - configuration-prefix - "home-configuration.scm ")) - (reconfigure-system - (string-append - "sudo guix system delete-generations 7d ; " - "sudo guix system reconfigure " - configuration-prefix - "system-configuration.scm ")) - (update-system - (string-append - pull-guix - and - reconfigure-system - and - reconfigure-home - and - collect-garbage))) - (simple-service - 'bash-extension - home-bash-service-type - (home-bash-extension - (aliases - `(("collect-garbage" . ,collect-garbage) - ("edit" . "$EDITOR") - ("pull-guix" . ,pull-guix) - ("reconfigure-home" . ,reconfigure-home) - ("reconfigure-system" . ,reconfigure-system) - ("update-system" . ,update-system))) - (bash-profile - (list - (mixed-text-file - "newline-prompt" - "PS1=${PS1%?}\n" - "PS1=${PS1%?}\\n'$ '\n" - "PS1=\"\\n$PS1\"")))))) -#+END_SRC - -* [[https://www.leonrische.me/fc/][Emacs-Org-FC-TN]] - -#+NAME: EMACS-ORG-FC-TN-MODULES -#+BEGIN_SRC scheme - (use-modules - (gnu) - (gnu home services) - (guix build-system emacs) - (guix git-download) - ((guix licenses) - #:prefix license:) - (guix packages)) - - (use-package-modules base emacs-xyz gawk) -#+END_SRC - -#+NAME: EMACS-ORG-FC-TN-PACKAGES -#+BEGIN_SRC scheme - (list - (let - ((commit* "wip-algo-tn")) - (package - (name "emacs-org-fc") - (version (git-version "0.1.2" "0" commit*)) - (source - (origin - (method git-fetch) - (uri - (git-reference - (url "https://git.marekpasnikowski.pl/org-fc.git") - (commit commit*))) - (file-name (git-file-name name version)) - (sha256 (base32 "1i8ii1garx2pdg08a12yzsd0fhwdzcpxp9m97zj8m5s275i8ccaj")))) - (build-system emacs-build-system) - (arguments - (list - #:include #~ (cons* "\\.awk$" "\\.org$" %default-include) - #:exclude #~ (cons "^test/" %default-exclude) - #:tests? #t - #:test-command - #~ - (list - "emacs" - "--batch" - "-L" "." - "-L" "tests/" - "-l" "tests/org-fc-filter-test.el" - "-l" "tests/org-fc-indexer-test.el" - "-l" "tests/org-fc-review-data-test.el" - "-f" "ert-run-tests-batch-and-exit") - #:phases - #~ - (modify-phases - %standard-phases - (add-after - 'unpack - 'qualify-paths - (lambda* - (#:key inputs - #:allow-other-keys) - (substitute* - "org-fc-awk.el" - (("\"find ") - (string-append - "\"" - (search-input-file inputs "/bin/find") - " ")) - (("\"gawk ") - (string-append - "\"" - (search-input-file inputs "/bin/gawk") - " ")) - (("\"xargs ") - (string-append - "\"" - (search-input-file inputs "/bin/xargs") - " ")))))))) - (inputs (list findutils gawk)) - (propagated-inputs (list emacs-hydra)) - (home-page "https://www.leonrische.me/fc/index.html") - (synopsis "Spaced repetition system for Emacs Org mode") - (description - (string-append - "Org-fc is a spaced-repetition system for Emacs' Org mode.\n" - "It allows you to mark headlines in a file as flashcards, turning pieces of\n" - "knowledge you want to learn into a question-answer test. These cards are\n" - "reviewed at regular interval. After each review, the next review interval is\n" - "calculated based on how well you remembered the contents of the card.\n")) - (license license:gpl3+)))) -#+END_SRC - -* [[https://emacs-guix.gitlab.io/website/manual/latest/html_node/index.html][Emacs-Guix]] - -** [[https://emacs-guix.gitlab.io/website/manual/latest/html_node/Installation.html][2. Installation]] - -#+NAME: EMACS-GUIX-MODULES -#+BEGIN_SRC scheme - (use-modules - (gnu) - (gnu home services)) - - (use-package-modules emacs-xyz) - - (use-service-modules) -#+END_SRC - -#+NAME: EMACS-GUIX-PACKAGES -#+BEGIN_SRC scheme - (list emacs-guix emacs-nix-mode) -#+END_SRC - -* EOF diff --git a/systems/izumi/system-configuration.scm b/systems/izumi/system-configuration.scm deleted file mode 100644 index d8f6997..0000000 --- a/systems/izumi/system-configuration.scm +++ /dev/null @@ -1,290 +0,0 @@ -(define-module (systems izumi system-configuration) - #:use-module (suweren commons sudoers)) - -(define radicale-keys "/secrets/radicale/keys") -(define dovecot-keys "/secrets/dovecot") - -( use-modules - ( gnu ) - ( gnu services syncthing ) - ( guix records ) - ( ice-9 match ) - ( nongnu packages linux ) - ( nongnu system linux-initrd ) ) - -( use-package-modules - admin certs kde-frameworks kde-multimedia kde-pim kde-plasma kde-utils mail - version-control ) - -( use-service-modules - base certbot cgit desktop mail shepherd ssh version-control web xorg ) - -(define nginx-accounts - (list (user-group (name "nginx") - (system? #t)) - (user-account (name "nginx") - (group "nginx") - (supplementary-groups '("git")) - (system? #t) - (comment "nginx server user") - (home-directory "/var/empty") - (shell (file-append (specification->package "shadow") - "/sbin/nologin"))))) - -(define nginx-service-type* - (service-type (inherit nginx-service-type) - (extensions (map (lambda (extension) - (if (eq? (service-extension-target extension) - account-service-type) - (service-extension account-service-type - (const nginx-accounts)) - extension)) - (service-type-extensions nginx-service-type))))) - -(define hosts-izumi - (local-file "system-files/hosts")) - -( operating-system - ( bootloader - ( bootloader-configuration - ( bootloader grub-efi-bootloader ) - ( keyboard-layout ( keyboard-layout "pl" ) ) - ( targets ( list "/boot/efi" ) ) ) ) - ( mapped-devices - ( list - ( mapped-device - ( source "/dev/sda2" ) - ( target "izumi" ) - ( type luks-device-mapping ) ) ) ) - ( file-systems - ( append - %base-file-systems - ( list - ( file-system - ( device "/dev/sda1" ) - ( mount-point "/boot/efi" ) - ( type "vfat" ) ) - ( file-system - ( dependencies mapped-devices ) - ( device "/dev/mapper/izumi" ) - ( mount-point "/" ) - ( type "xfs" ) ) ) ) ) - ( firmware ( list linux-firmware ) ) - ( groups - ( append - %base-groups - ( list - ( user-group - ( name "vmail" ) - ( system? #t ) )) ) ) - ( host-name "izumi" ) - (hosts-file hosts-izumi) - ( initrd microcode-initrd ) - ( kernel linux ) - ( keyboard-layout ( keyboard-layout "pl" ) ) - ( locale "pl_PL.utf8" ) - ( services - ( append - ( modify-services - %desktop-services - ( elogind-service-type - configuration => - ( elogind-configuration - ( inherit configuration ) - ( handle-lid-switch 'ignore ) - ( handle-lid-switch-docked 'ignore ) - ( handle-lid-switch-external-power 'ignore ) ) ) - ( gdm-service-type - configuration => - ( gdm-configuration - ( inherit configuration ) - ( auto-suspend? #f ) - ( wayland? #t ) ) ) - ( guix-service-type - configuration => - ( let* - ( ( non-guix.pub - ( string-append - "( public-key ( ecc ( curve Ed25519 )" - "( q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98# ) ) )" ) ) - ( authorized-keys - ( append - %default-authorized-guix-keys - ( list ( plain-file "non-guix.pub" non-guix.pub ) ) ) ) - ( extra-options - ( list "--gc-keep-derivations=yes" "--gc-keep-outputs=yes" ) ) - ( substitute-urls - ( append - %default-substitute-urls - ( list "https://substitutes.nonguix.org" ) ) ) ) - ( guix-configuration - ( inherit configuration ) - ( authorized-keys authorized-keys ) - ( extra-options extra-options ) - ( substitute-urls substitute-urls ) ) ) ) ) - ( list - (@ (users id1000) dkim-service) - (@ (users id1000) dovecot-service) - (@ (users id1000) smtp-service) - (service (service-type (inherit certbot-service-type) - (extensions (map (lambda (extension) - (if (eq? (service-extension-target extension) - nginx-service-type) - (service-extension nginx-service-type* - (@@ (gnu services certbot) - certbot-nginx-server-configurations)) - extension)) - (service-type-extensions certbot-service-type)))) - ( certbot-configuration - ( certificates - ( list - ( certificate-configuration - ( deploy-hook - ( program-file - "nginx-deploy-hook" - #~ - ( let - ( ( pid ( call-with-input-file "/var/run/nginx/pid" read ) ) ) - ( kill pid SIGHUP ) ) ) ) - ( domains - ( list - "marekpasnikowski.pl" - "git.marekpasnikowski.pl" - "radicale.marekpasnikowski.pl" ) ) ) ) ) - ( email "marek@marekpasnikowski.pl" ) - ( webroot "/srv/www/marek/marekpasnikowski.pl" ) ) ) - (service (service-type (inherit cgit-service-type) - (extensions (map (lambda (extension) - (if (eq? (service-extension-target extension) - nginx-service-type) - (service-extension nginx-service-type* - cgit-configuration-nginx-config) - extension)) - (service-type-extensions cgit-service-type)))) - ( cgit-configuration - ( nginx - ( list - ( nginx-server-configuration - ( locations - ( list - ( git-http-nginx-location-configuration - ( git-http-configuration - ( git-root "/var/lib/gitolite/repositories" ) - ( uri-path "/git" ) ) ) - ( nginx-location-configuration - ( body - ( list - "fastcgi_param HTTP_HOST $server_name ;" - "fastcgi_param PATH_INFO $uri ;" - "fastcgi_param QUERY_STRING $args ;" - "fastcgi_param SCRIPT_FILENAME $document_root/lib/cgit/cgit.cgi ;" - "fastcgi_pass 127.0.0.1:9000 ;" ) ) - ( uri "@cgit" ) ) - ( nginx-location-configuration - ( body ( list "root /srv/www/marek/marekpasnikowski.pl/ ;" ) ) - ( uri "/.well-known" ) ) ) ) - ( listen ( list "192.168.10.2:443 ssl" ) ) - ( root cgit ) - ( server-name ( list "git.marekpasnikowski.pl" ) ) - ( ssl-certificate - "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" ) - ( ssl-certificate-key - "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) - ( try-files ( list "$uri" "@cgit" ) ) ) ) ) - ( repositories - ( list - ( repository-cgit-configuration - ( hide? #t ) - ( path "/srv/git/marek/packages" ) ) ) ) - ( repository-directory "/var/lib/gitolite/repositories" ) ) ) - (service fcgiwrap-service-type - (fcgiwrap-configuration (user "git") - (group "git"))) - ( service gitolite-service-type - ( gitolite-configuration - ( rc-file ( gitolite-rc-file ( umask #o0027 ) ) ) - ( admin-pubkey ( plain-file "gitolite-admin.pub" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4THTYnHCc/ihCJNKJtGTNu1zCnLndbMHnxnrxzJk+N marek@izumi\n") ) ) ) - ( service plasma-desktop-service-type ) - ( service syncthing-service-type ( syncthing-configuration ( user "marek" ) ) ) - (service nginx-service-type* - ( nginx-configuration - ( server-blocks - ( list - ;; Top-Level - ( nginx-server-configuration - ( locations - ( list - ( nginx-location-configuration - ( uri "/.well-known" ) - ( body - ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) ) ) ) - ( listen ( list "192.168.10.2:443 ssl" ) ) - ( root "/srv/www/marek/marekpasnikowski.pl" ) - ( server-name ( list "marekpasnikowski.pl" ) ) - ( ssl-certificate - "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" ) - ( ssl-certificate-key - "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) - ;; Radicale - ( nginx-server-configuration - ( locations - ( list - ( nginx-location-configuration - ( body - ( list - "proxy_pass http://localhost:5232/ ;" - "proxy_set_header X-Script-Name \"\" ;" - "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;" - "proxy_set_header Host $http_host ;" - "proxy_pass_header Authorization ;" ) ) - ( uri "/" ) ) - ( nginx-location-configuration - ( body - ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) - ( uri "/.well-known" ) ) ) ) - ( listen ( list "192.168.10.2:443 ssl" ) ) - ( server-name ( list "radicale.marekpasnikowski.pl" ) ) ) ) ) ) ) - ( service openssh-service-type ) - ( service radicale-service-type - ( radicale-configuration - ( auth - ( radicale-auth-configuration - ( type 'htpasswd ) - ( htpasswd-filename radicale-keys ) - ( htpasswd-encryption 'plain ) ) ) ) ) - ( simple-service 'base-profile profile-service-type - ( append %base-packages - ( list ) ) ) - ( simple-service - 'nss-profile - profile-service-type - ( list nss-certs ) ) - ( simple-service - 'etc-files - etc-service-type - ( list - `( "mailname" ,( plain-file "mailname" "marekpasnikowski.pl\n" ) ) ) ) ) ) ) - ( sudoers-file %sudoers-specification* ) - ( swap-devices - ( list - ( swap-space - ( target "/dev/sda3" ) ) ) ) - ( timezone "Europe/Warsaw" ) - ( users - ( append - %base-user-accounts - ( list - ( user-account - ( comment "vmail" ) - ( group "vmail" ) - ( home-directory "/home/vmail" ) - ( name "vmail" ) - ( system? #t ) ) - ( user-account - ( comment "Marek Paśnikowski" ) - ( group "users" ) - ( home-directory "/home/marek" ) - ( name "marek" ) - ( supplementary-groups - ( list "audio" "netdev" "video" "wheel" ) ) ) ) ) ) ) diff --git a/systems/izumi/system-files/hosts b/systems/izumi/system-files/hosts deleted file mode 100644 index bc92c36..0000000 --- a/systems/izumi/system-files/hosts +++ /dev/null @@ -1,4 +0,0 @@ -127.0.0.1 localhost izumi -::1 localhost izumi - -81.190.248.246 marekpasnikowski git.marekpasnikowski.pl
\ No newline at end of file diff --git a/systems/izumi/system-files/smtpd.conf b/systems/izumi/system-files/smtpd.conf deleted file mode 100644 index 9fe7503..0000000 --- a/systems/izumi/system-files/smtpd.conf +++ /dev/null @@ -1,24 +0,0 @@ -# The prefix on GUIX is not the default one — it is /etc . -table aliases file:/etc/aliases - -# The mail certificates are issued by Let‘s Encrypt and served by NGINX -pki marekpasnikowski.pl cert "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" -pki marekpasnikowski.pl key "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" - -# Listen for local messages. -listen on lo - -# Listen for messages from the internet. -listen on enp1s0 tls port 25 pki "marekpasnikowski.pl" -listen on enp1s0 smtps port 465 pki "marekpasnikowski.pl" - -# There is no filtering in the design, so the two actions are enough. -action receive maildir alias <aliases> -action send relay - -# Match incoming messages. -match from local for local action receive -match from any for domain "marekpasnikowski.pl" action receive - -# Match outgoing messages. -match for any action send diff --git a/systems/izumi/system-files/sudoers b/systems/izumi/system-files/sudoers deleted file mode 100644 index 6af6e3b..0000000 --- a/systems/izumi/system-files/sudoers +++ /dev/null @@ -1,3 +0,0 @@ -root ALL=(ALL) ALL -%wheel ALL=(ALL) ALL -Defaults passwd_timeout=0 diff --git a/systems/mcdowell.scm b/systems/mcdowell.scm deleted file mode 100644 index ecf4407..0000000 --- a/systems/mcdowell.scm +++ /dev/null @@ -1,50 +0,0 @@ -(define-module (systems mcdowell) - #:use-module (gnu services) ; service - #:use-module (gnu services guix) ; guix-home-service-type - #:use-module (gnu system keyboard) ; keyboard-layout - #:use-module (machines portable-bios) ; bootloader-configuration* - ; file-systems* - ; firmware* - ; hardware-groups - ; initrd* - ; kernel* - ; swap-devices* - #:use-module (suweren system) ; %suweren-operating-system - #:use-module (users id1000) ; uid1000-account - ; uid1000-home-environment - ; uid1000-name - ) - -;; string -(define host-name* - "mcdowell") - -;; (record user-account) -(define users* - (list uid1000-account)) - -;; record operating-system -(define-public operating-system* - (let* ((home-environments `((,uid1000-name ,(uid1000-home-environment host-name*)))) - - (guix-home (service guix-home-service-type - home-environments)) - - (keyboard-layout* (keyboard-layout "pl")) - (services* (list guix-home)) - (timezone* "Europe/Warsaw") - (locale* "pl_PL.utf8")) - (%suweren-operating-system kernel* - (bootloader-configuration* keyboard-layout*) - keyboard-layout* - initrd* - firmware* - host-name* - (file-systems* host-name*) - (swap-devices* host-name*) - users* - timezone* - locale* - services*))) - -operating-system* diff --git a/users/id1000.scm b/users/id1000.scm index cfc4827..056654f 100644 --- a/users/id1000.scm +++ b/users/id1000.scm @@ -1,40 +1,34 @@ (define-module (users id1000) - ;; home-environment - #:use-module (gnu home) - - ;; home-profile-service-type - ;; home-xdg-configuration-files-service-type - #:use-module (gnu home services) - - ;; gparted - #:use-module (gnu packages disk) - - ;; emacs - #:use-module (gnu packages emacs) - - ;; emacs-org-roam - ;; emacs-paredit - #:use-module (gnu packages emacs-xyz) - - ;; git - #:use-module (gnu packages version-control) - - ;; simple-service - #:use-module (gnu services) - - ;; user-account - #:use-module (gnu system shadow) - - ;; local-file #:use-module (guix gexp) - - ;; %suweren-home-services - #:use-module (suweren home) - - #:use-module (guix records) - #:use-module (ice-9 match)) - -(define-record-type* <dkimproxy-out-signature-configuration> + #:use-module (ice-9 match) + #:use-module ( (gnu home) + #:prefix gnu:home:) + #:use-module ( (gnu home services) + #:prefix gnu:home:services:) + #:use-module ( (gnu home services shells) + #:prefix gnu:home:services:shells:) + #:use-module ( (gnu packages audio) + #:prefix gnu:packages:audio:) + #:use-module ( (gnu packages disk) + #:prefix gnu:packages:disk:) + #:use-module ( (gnu packages kde) + #:prefix gnu:packages:kde:) + #:use-module ( (gnu packages version-control) + #:prefix gnu:packages:version-control:) + #:use-module ( (gnu services) + #:prefix gnu:services:) + #:use-module ( (gnu system accounts) + #:prefix gnu:system:accounts:) + #:use-module ( (guix records) + #:prefix guix:records:) + #:use-module ( (sovereign services fontutils) + #:prefix sovereign:services:fontutils:) + #:use-module ( (sovereign systems) + #:prefix sovereign:systems:) + #:use-module ( (suweren home) + #:prefix suweren:home:)) + +(guix:records:define-record-type* <dkimproxy-out-signature-configuration> dkimproxy-out-signature-configuration make-dkimproxy-out-signature-configuration dkimproxy-out-signature-configuration? @@ -94,7 +88,7 @@ ")") ""))))) -(define-record-type* <dkimproxy-out-configuration> +(guix:records:define-record-type* <dkimproxy-out-configuration> dkimproxy-out-configuration make-dkimproxy-out-configuration dkimproxy-out-configuration? @@ -225,27 +219,29 @@ (stop #~ (make-kill-destructor))))))) (define %dkimproxy-accounts - (list (user-group (name "dkimproxy") - (system? #t)) - (user-account (name "dkimproxy") - (group "dkimproxy") - (system? #t) - (comment "Dkimproxy user") - (home-directory "/var/empty") - (shell (file-append (@ (gnu packages admin) - shadow) - "/sbin/nologin"))))) + (list (gnu:system:accounts:user-group + (name "dkimproxy") + (system? #t)) + (gnu:system:accounts:user-account + (name "dkimproxy") + (group "dkimproxy") + (system? #t) + (comment "Dkimproxy user") + (home-directory "/var/empty") + (shell (file-append (@ (gnu packages admin) + shadow) + "/sbin/nologin"))))) (define dkimproxy-out-service-type - (service-type + (gnu:services:service-type (name 'dkimproxy-out) (description "stub") (extensions (list - (service-extension - account-service-type + (gnu:services:service-extension + (@ (gnu system shadow) account-service-type) (const %dkimproxy-accounts)) - (service-extension + (gnu:services:service-extension (@ (gnu services shepherd) shepherd-root-service-type) dkimproxy-out-shepherd-service))))) @@ -440,8 +436,8 @@ "\n" "# We define some actions\n" "action receive lmtp \"/var/run/dovecot/lmtp\" rcpt-to virtual <aliases>\n" + "action godkim relay host smtp://localhost:10027\n" "action outbound relay helo \"" domain "\"\n" - "action godkim relay host smtp://127.0.0.1:10027\n" "\n" "# We accept to relay any mail from authenticated users\n" "match for any from any auth action godkim\n" @@ -471,10 +467,17 @@ ;;; +(define bash + (gnu:services:simple-service 'bash-tab-completion + gnu:home:services:shells:home-bash-service-type + (gnu:home:services:shells:home-bash-extension + (bashrc (list (plain-file "tab-completion" + "bind 'set disable-completion on'")))))) + (define dkimproxy-out-configuration* (dkimproxy-out-configuration (listen "127.0.0.1:10027") - (relay "172.0.0.1:10028") + (relay "127.0.0.1:10028") (sender-map `(,dkimproxy-sender-marekpasnikowski)))) (define dovecot-configuration* @@ -494,76 +497,79 @@ (userdbs (list dovecot-userdb-static-configuration)))) (define groups - (list "kvm" + (list "audio" + ;; "libvirt" + "netdev" + "video" "wheel")) (define opensmtpd-configuration* ((@ (gnu services mail) opensmtpd-configuration) + (shepherd-requirement (list 'dkimproxy-out + 'networking)) (config-file (opensmtpd-config "enp1s0" "marekpasnikowski.pl")))) ;;; +(define environment-variables + (let + ( (l-variables (list '("EDITOR" . "kate -s sesja -b")))) + (gnu:services:simple-service 'id1000-environment-variables + gnu:home:services:home-environment-variables-service-type + l-variables))) + (define-public dkim-service - (service dkimproxy-out-service-type + (gnu:services:service dkimproxy-out-service-type dkimproxy-out-configuration*)) (define-public dovecot-service - (service (@ (gnu services mail) dovecot-service-type) + (gnu:services:service (@ (gnu services mail) dovecot-service-type) dovecot-configuration*)) (define-public smtp-service - (service (@ (gnu services mail) opensmtpd-service-type) + (gnu:services:service (@ (gnu services mail) opensmtpd-service-type) opensmtpd-configuration*)) (define-public uid1000-name "marek") (define-public uid1000-account - (user-account (name uid1000-name) - (group "users") - (supplementary-groups groups) - (uid 1000) - (comment "Marek Paśnikowski") - (home-directory "/home/marek"))) + (gnu:system:accounts:user-account + (name uid1000-name) + (group "users") + (supplementary-groups groups) + (uid 1000) + (comment "Marek Paśnikowski") + (home-directory "/home/marek"))) (define-public uid1000-home-environment - (lambda (host-name*) - (let* ((gitconfig-file (local-file "uid1000-gitconfig")) ; TODO modularize - (gitignore-file (local-file "uid1000-gitignore")) ; TODO review the contents - - (gitconfig (list "git/config" - gitconfig-file)) - (gitignore (list "git/ignore" - gitignore-file)) - - (emacs-packages (list emacs - emacs-org-roam - emacs-paredit)) - (git-configuration-files (list gitconfig - gitignore)) - (git-packages (list git)) - (packages (list gparted)) - - (emacs-software (simple-service 'emacs-packages - home-profile-service-type - emacs-packages)) - (git-configuration (simple-service 'git-configuration - home-xdg-configuration-files-service-type - git-configuration-files)) - (git-software (simple-service 'git-packages - home-profile-service-type - git-packages)) - (profile (simple-service 'user-packages - home-profile-service-type - packages)) - - (%suweren-home-services* (%suweren-home-services host-name*)) - (user-services (list emacs-software - git-configuration - git-software - profile)) - - (services* (append %suweren-home-services* - user-services))) - (home-environment (services services*))))) + (let* + ( (gitconfig-file (local-file "uid1000-gitconfig")) ; TODO modularize + (gitignore-file (local-file "uid1000-gitignore")) ; TODO review the contents + (gitconfig (list "git/config" + gitconfig-file)) + (gitignore (list "git/ignore" + gitignore-file)) + (git-configuration-files (list gitconfig + gitignore)) + (git-configuration (gnu:services:simple-service 'git-configuration + gnu:home:services:home-xdg-configuration-files-service-type + git-configuration-files)) + (user-services (list bash + sovereign:systems:bash-configuration + environment-variables + git-configuration + sovereign:services:fontutils:home-fontconfig-service-type)) + (l-services (append suweren:home:%suweren-home-services + user-services))) + (gnu:home:home-environment + (packages (cons* gnu:packages:audio:easyeffects + gnu:packages:version-control:git + gnu:packages:disk:gparted + sovereign:systems:common-home-environment-packages)) + (services l-services)))) + +(define-public name/home-environment + (list uid1000-name + uid1000-home-environment)) diff --git a/users/id1001.scm b/users/id1001.scm deleted file mode 100644 index 26a76f6..0000000 --- a/users/id1001.scm +++ /dev/null @@ -1,45 +0,0 @@ -(define-module (users id1001) - ;; home-environment - #:use-module (gnu home) - - ;; home-profile-service-type - ;; home-xdg-configuration-files-service-type - #:use-module (gnu home services) - - ;; simple-service - #:use-module (gnu services) - - ;; user-account - #:use-module (gnu system shadow) - - ;; %suweren-home-services - #:use-module (suweren home)) - -;; string -(define-public uid1001-name - "lilia") - -;; (string) -> -;; record user-account -(define-public uid1001-account - (user-account (name uid1001-name) - (group "users") - (uid 1001) - (comment "Liliana Ruszuk") - (home-directory "/home/lilia"))) - -;; record home-environment -(define-public uid1001-home-environment - (lambda (host-name*) - (let* ((packages (list )) - - (profile (simple-service 'user-packages - home-profile-service-type - packages)) - - (%suweren-home-services* (%suweren-home-services host-name*)) - (user-services (list profile)) - - (services* (append %suweren-home-services* - user-services))) - (home-environment (services services*))))) diff --git a/users/vmail.scm b/users/vmail.scm new file mode 100644 index 0000000..95ba916 --- /dev/null +++ b/users/vmail.scm @@ -0,0 +1,14 @@ +(define-module (users vmail) + #:use-module ((gnu system accounts) + #:prefix gnu:system:accounts:)) + +(define vmail-name + "vmail") + +(define-public vmail-account + (gnu:system:accounts:user-account + (name vmail-name) + (group vmail-name) + (comment "used to own and manage mailboxes") + (home-directory "/home/vmail") + (system? #t))) |