summaryrefslogtreecommitdiff
path: root/systems/izumi/izumi.scm
diff options
context:
space:
mode:
Diffstat (limited to 'systems/izumi/izumi.scm')
-rw-r--r--systems/izumi/izumi.scm551
1 files changed, 0 insertions, 551 deletions
diff --git a/systems/izumi/izumi.scm b/systems/izumi/izumi.scm
deleted file mode 100644
index 809ccdc..0000000
--- a/systems/izumi/izumi.scm
+++ /dev/null
@@ -1,551 +0,0 @@
-(define-module (systems izumi izumi)
- #:use-module (users id1000))
-
-(define radicale-keys "/secrets/radicale/keys")
-(define dovecot-keys "/secrets/dovecot")
-
-(define (nginx-accounts)
- (use-modules (gnu packages)
- (guix gexp))
- (list ((@ (gnu system accounts) user-group)
- (name "nginx")
- (system? #t))
- ((@ (gnu system accounts) user-account)
- (name "nginx")
- (group "nginx")
- (supplementary-groups '("git"))
- (system? #t)
- (comment "nginx server user")
- (home-directory "/var/empty")
- (shell (file-append (specification->package "shadow")
- "/sbin/nologin")))))
-
-(define (nginx-service-type*)
- (use-modules (gnu services)
- (gnu services web)
- (gnu system shadow))
- ((@ (gnu services) service-type)
- (inherit nginx-service-type)
- (extensions (map (lambda (extension)
- (if (eq? ((@ (gnu services) service-extension-target)
- extension)
- account-service-type)
- ((@ (gnu services) service-extension)
- account-service-type
- (const (nginx-accounts)))
- extension))
- ((@ (gnu services) service-type-extensions)
- nginx-service-type)))))
-
-(define nginx-service-type*
- (nginx-service-type*))
-
-;;;???????????????????????????????????????????????????????????????????
-
-(define (certbot)
- (use-modules (gnu services certbot))
- ((@ (gnu services) service)
- ((@ (gnu services) service-type)
- (inherit certbot-service-type)
- (extensions (map (lambda (extension)
- (if (eq? ((@ (gnu services) service-extension-target)
- extension)
- nginx-service-type)
- ((@ (gnu services) service-extension)
- nginx-service-type*
- (@@ (gnu services certbot)
- certbot-nginx-server-configurations))
- extension))
- ((@ (gnu services) service-type-extensions)
- certbot-service-type))))
- ((@ (gnu services certbot) certbot-configuration)
- (certificates
- (list
- ((@ (gnu services certbot) certificate-configuration)
- (deploy-hook
- (program-file
- "nginx-deploy-hook"
- ((@ (guix gexp) gexp)
- (let
- ((pid (call-with-input-file "/var/run/nginx/pid" read)))
- (kill pid SIGHUP)))))
- (domains
- (list
- "marekpasnikowski.pl"
- "git.marekpasnikowski.pl"
- "radicale.marekpasnikowski.pl")))))
- (email "marek@marekpasnikowski.pl")
- (webroot "/srv/www/marek/marekpasnikowski.pl"))))
-
-(define (cgit-izumi)
- (use-modules (gnu packages version-control)
- (gnu services cgit)
- (gnu services version-control))
- ((@ (gnu services) service)
- ((@ (gnu services) service-type)
- (inherit cgit-service-type)
- (extensions (map (lambda (extension)
- (if (eq? ((@ (gnu services) service-extension-target)
- extension)
- nginx-service-type)
- ((@ (gnu services) service-extension)
- nginx-service-type*
- cgit-configuration-nginx-config)
- extension))
- ((@ (gnu services) service-type-extensions)
- cgit-service-type))))
- ((@ (gnu services cgit) cgit-configuration)
- (nginx
- (list
- ((@ (gnu services web) nginx-server-configuration)
- (locations
- (list
- (git-http-nginx-location-configuration
- ((@ (gnu services version-control) git-http-configuration)
- (git-root "/var/lib/gitolite/repositories")
- (uri-path "/git")))
- ((@ (gnu services web) nginx-location-configuration)
- (body
- (list
- "fastcgi_param HTTP_HOST $server_name ;"
- "fastcgi_param PATH_INFO $uri ;"
- "fastcgi_param QUERY_STRING $args ;"
- "fastcgi_param SCRIPT_FILENAME $document_root/lib/cgit/cgit.cgi ;"
- "fastcgi_pass 127.0.0.1:9000 ;"))
- (uri "@cgit"))
- ((@ (gnu services web) nginx-location-configuration)
- (body (list "root /srv/www/marek/marekpasnikowski.pl/ ;"))
- (uri "/.well-known"))))
- (listen (list "192.168.10.2:443 ssl"))
- (root cgit)
- (server-name (list "git.marekpasnikowski.pl"))
- (ssl-certificate
- "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem")
- (ssl-certificate-key
- "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem")
- (try-files (list "$uri" "@cgit")))))
- (repositories
- (list
- ((@ (gnu services cgit) repository-cgit-configuration)
- (hide? #t)
- (path "/srv/git/marek/packages"))))
- (repository-directory "/var/lib/gitolite/repositories"))))
-
-(define (desktop-services-izumi)
- (use-modules (gnu services base)
- (gnu services desktop)
- (gnu services xorg))
- ((@ (gnu services) modify-services)
- (@ (gnu services desktop) %desktop-services)
- (elogind-service-type
- configuration =>
- ((@ (gnu services desktop) elogind-configuration)
- (inherit configuration)
- (handle-lid-switch 'ignore)
- (handle-lid-switch-docked 'ignore)
- (handle-lid-switch-external-power 'ignore)))
- (gdm-service-type
- configuration =>
- ((@ (gnu services xorg) gdm-configuration)
- (inherit configuration)
- (auto-suspend? #f)
- (wayland? #t)))
- (guix-service-type
- configuration =>
- (let*
- ((non-guix.pub
- (string-append
- "( public-key ( ecc ( curve Ed25519 )"
- "( q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98# ) ) )"))
- (authorized-keys
- (append
- %default-authorized-guix-keys
- (list (plain-file "non-guix.pub" non-guix.pub))))
- (extra-options
- (list "--gc-keep-derivations=yes" "--gc-keep-outputs=yes"))
- (substitute-urls
- (append
- %default-substitute-urls
- (list "https://substitutes.nonguix.org"))))
- ((@ (gnu services base) guix-configuration)
- (inherit configuration)
- (authorized-keys authorized-keys)
- (extra-options extra-options)
- (substitute-urls substitute-urls))))))
-
-(define (etc-mailname)
- (simple-service 'etc-files
- etc-service-type
- (list `("mailname" ,(plain-file "mailname"
- "marekpasnikowski.pl\n")))))
-
-(define (fcgiwrap)
- ((@ (gnu services) service)
- fcgiwrap-service-type
- ((@ (gnu services web) fcgiwrap-configuration)
- (user "git")
- (group "git"))))
-
-(define (gitolite)
- ((@ (gnu services) service)
- gitolite-service-type
- ((@ (gnu services version-control) gitolite-configuration)
- (rc-file ((@ (gnu services version-control) gitolite-rc-file)
- (umask #o0027)))
- (admin-pubkey (plain-file "gitolite-admin.pub"
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4THTYnHCc/ihCJNKJtGTNu1zCnLndbMHnxnrxzJk+N marek@izumi\n")))))
-
-(define (home-services)
- (use-modules (channels)
- (gnu home services)
- (gnu packages base)
- (gnu packages emacs-xyz)
- (gnu packages gawk)
- (guix build-system emacs)
- (guix git-download)
- ((guix licenses)
- #:prefix license:))
- ((@ (gnu services) service)
- (@ (gnu services guix) guix-home-service-type)
- `(("marek" ,((@ (gnu home) home-environment)
- (packages (map specification->package+output
- (list "dconf-editor"
- "emacs"
- "emacs-org-modern"
- "emacs-paredit"
- "font-google-noto"
- "font-google-noto-emoji"
- "font-google-noto-sans-cjk"
- "font-google-noto-serif-cjk"
- "git"
- "gnupg"
- "gnome-tweaks"
- "noweb"
- "pinentry"
- "pwgen"
- "unzip"
- "zip")))
- (services (append (list izumi-channels-service-type)
- (list
- (simple-service
- 'emacs-home-profile
- home-profile-service-type
- (append
- (list emacs-guix emacs-nix-mode)
- (list
- (let
- ((commit* "wip-algo-tn"))
- ((@ (guix packages) package)
- (name "emacs-org-fc")
- (version (git-version "0.1.2" "0" commit*))
- (source
- ((@ (guix packages) origin)
- (method git-fetch)
- (uri
- ((@ (guix git-download) git-reference)
- (url "https://git.marekpasnikowski.pl/org-fc.git")
- (commit commit*)))
- (file-name (git-file-name name version))
- (sha256 ((@ (guix packages) base32)
- '"1i8ii1garx2pdg08a12yzsd0fhwdzcpxp9m97zj8m5s275i8ccaj"))))
- (build-system emacs-build-system)
- (arguments
- (list
- #:include ((@ (guix gexp) gexp)
- (cons* "\\.awk$" "\\.org$" %default-include))
- #:exclude ((@ (guix gexp) gexp)
- (cons "^test/" %default-exclude))
- #:tests? #t
- #:test-command
- ((@ (guix gexp) gexp)
- (list
- "emacs"
- "--batch"
- "-L" "."
- "-L" "tests/"
- "-l" "tests/org-fc-filter-test.el"
- "-l" "tests/org-fc-indexer-test.el"
- "-l" "tests/org-fc-review-data-test.el"
- "-f" "ert-run-tests-batch-and-exit"))
- #:phases
- ((@ (guix gexp) gexp)
- (modify-phases
- %standard-phases
- (add-after
- 'unpack
- 'qualify-paths
- (lambda*
- (#:key inputs
- #:allow-other-keys)
- (substitute*
- "org-fc-awk.el"
- (("\"find ")
- (string-append
- "\""
- (search-input-file inputs "/bin/find")
- " "))
- (("\"gawk ")
- (string-append
- "\""
- (search-input-file inputs "/bin/gawk")
- " "))
- (("\"xargs ")
- (string-append
- "\""
- (search-input-file inputs "/bin/xargs")
- " ")))))))))
- (inputs (list findutils gawk))
- (propagated-inputs (list emacs-hydra))
- (home-page "https://www.leonrische.me/fc/index.html")
- (synopsis "Spaced repetition system for Emacs Org mode")
- (description
- (string-append
- "Org-fc is a spaced-repetition system for Emacs' Org mode.\n"
- "It allows you to mark headlines in a file as flashcards, turning pieces of\n"
- "knowledge you want to learn into a question-answer test. These cards are\n"
- "reviewed at regular interval. After each review, the next review interval is\n"
- "calculated based on how well you remembered the contents of the card.\n"))
- (license license:gpl3+))))))
- (simple-service 'home-files
- home-files-service-type
- (list (list ".config/emacs/init.el"
- ((@ (guix gexp) local-file)
- "home-files/emacs-configuration.el" ))
- (list ".gnus"
- ((@ (guix gexp) local-file)
- "home-files/gnus-configuration.el"))
- (list ".gitconfig"
- ((@ (guix gexp) local-file)
- "home-files/gitconfig"))
- (list ".config/git/ignore"
- ;; https://github.com/github/gitignore/blob/main/Global/Emacs.gitignore
- ((@ (guix gexp) local-file)
- "home-files/git-ignore.conf"))))
- (simple-service
- 'environment-variables
- home-environment-variables-service-type
- `(("EDITOR" . "emacsclient -nw"))))
- (list
- (let*
- ((and "&& ")
- (collect-garbage "sudo guix gc -d 7d ")
- (configuration-prefix
- "/home/marek/Publiczny/src/deployment/systems/izumi/")
- (pull-guix "guix pull ")
- (reconfigure-home
- (string-append
- "guix home delete-generations 7d ; "
- "guix home reconfigure "
- configuration-prefix
- "home-configuration.scm "))
- (reconfigure-system
- (string-append
- "sudo guix system delete-generations 7d ; "
- "sudo guix system reconfigure "
- configuration-prefix
- "izumi.scm "))
- (update-system
- (string-append
- pull-guix
- and
- reconfigure-system
- ;; and
- ;; reconfigure-home
- and
- collect-garbage)))
- (simple-service
- 'bash-extension
- (@ (gnu home services shells) home-bash-service-type)
- ((@ (gnu home services shells) home-bash-extension)
- (aliases
- `(("collect-garbage" . ,collect-garbage)
- ("edit" . "$EDITOR")
- ("pull-guix" . ,pull-guix)
- ("reconfigure-home" . ,reconfigure-home)
- ("reconfigure-system" . ,reconfigure-system)
- ("update-system" . ,update-system)))
- (bash-profile
- (list
- (mixed-text-file
- "newline-prompt"
- "PS1=${PS1%?}\n"
- "PS1=${PS1%?}\\n'$ '\n"
- "PS1=\"\\n$PS1\""))))))))))))))
-
-(define keyboard-layout-izumi
- ((@ (gnu system keyboard) keyboard-layout)
- "pl"))
-
-(define (mapped-devices-izumi)
- (use-modules (gnu system mapped-devices))
- (list ((@ (gnu system mapped-devices) mapped-device)
- (source "/dev/sda2")
- (target "izumi")
- (type luks-device-mapping))))
-
-(define mapped-devices-izumi
- (mapped-devices-izumi))
-
-(define (nginx-izumi)
- ((@ (gnu services) service)
- nginx-service-type*
- ((@ (gnu services web) nginx-configuration)
- (server-blocks
- (list
- ;; Top-Level
- ((@ (gnu services web) nginx-server-configuration)
- (locations
- (list
- ((@ (gnu services web) nginx-location-configuration)
- (uri "/.well-known" )
- (body
- (list "root /srv/www/marek/marekpasnikowski.pl ;")))))
- (listen (list "192.168.10.2:443 ssl"))
- (root "/srv/www/marek/marekpasnikowski.pl")
- (server-name ( list "marekpasnikowski.pl"))
- (ssl-certificate
- "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem")
- (ssl-certificate-key
- "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem"))
- ;; Radicale
- ((@ (gnu services web) nginx-server-configuration)
- (locations
- (list
- ((@ (gnu services web) nginx-location-configuration)
- (body
- (list
- "proxy_pass http://localhost:5232/ ;"
- "proxy_set_header X-Script-Name \"\" ;"
- "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;"
- "proxy_set_header Host $http_host ;"
- "proxy_pass_header Authorization ;"))
- (uri "/"))
- ((@ (gnu services web) nginx-location-configuration)
- (body
- (list "root /srv/www/marek/marekpasnikowski.pl ;"))
- (uri "/.well-known"))))
- (listen (list "192.168.10.2:443 ssl"))
- (server-name (list "radicale.marekpasnikowski.pl"))))))))
-
-(define (openssh)
- (use-modules (gnu services ssh))
- ((@ (gnu services) service)
- openssh-service-type))
-
-(define (plasma-desktop)
- ((@ (gnu services) service)
- plasma-desktop-service-type))
-
-(define (radicale)
- (use-modules (gnu services mail))
- ((@ (gnu services) service)
- radicale-service-type
- ((@ (gnu services mail) radicale-configuration)
- (auth ((@ (gnu services mail) radicale-auth-configuration)
- (type 'htpasswd)
- (htpasswd-filename radicale-keys)
- (htpasswd-encryption 'plain)))
- (storage ((@ (gnu services mail) radicale-storage-configuration)
- (filesystem-folder "/data/radicale/collections"))))))
-
-(define swap-device-izumi-1-label
- ((@ (gnu system file-systems) file-system-label)
- "izumi-swap-f"))
-
-(define (syncthing)
- (use-modules (gnu services syncthing))
- ((@ (gnu services) service)
- syncthing-service-type
- ((@ (gnu services syncthing) syncthing-configuration)
- (user "marek"))))
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(define (bootloader-izumi)
- (use-modules (gnu bootloader grub))
- ((@ (gnu bootloader) bootloader-configuration)
- (bootloader grub-efi-bootloader)
- (keyboard-layout keyboard-layout-izumi)
- (targets (list "/boot/efi"))))
-
-(define (file-systems-izumi)
- (use-modules (gnu system file-systems))
- (append %base-file-systems
- (list ((@ (gnu system file-systems) file-system)
- (device "/dev/sda1")
- (mount-point "/boot/efi")
- (type "vfat"))
- ((@ (gnu system file-systems) file-system)
- (dependencies mapped-devices-izumi)
- (device "/dev/mapper/izumi")
- (mount-point "/")
- (type "xfs")))))
-
-(define (groups-izumi)
- (use-modules (gnu system shadow))
- (append %base-groups
- (list
- ((@ (gnu system accounts) user-group)
- (name "vmail")
- (system? #t)))))
-
-(define host-name-izumi
- "izumi")
-
-(define services-izumi
- (append (desktop-services-izumi)
- (list dkim-service
- dovecot-service
- smtp-service
- (certbot)
- (cgit-izumi)
- (etc-mailname)
- (fcgiwrap)
- (gitolite)
- (home-services)
- (nginx-izumi)
- (openssh)
- (plasma-desktop)
- (radicale)
- (syncthing))))
-
-(define swap-device-izumi-1
- ((@ (gnu system file-systems) swap-space)
- (target swap-device-izumi-1-label)))
-
-(define (users-izumi)
- (use-modules (gnu system shadow)
- (users vmail))
- (append %base-user-accounts
- (list uid1000-account
- vmail-account)))
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(define (operating-system-izumi)
- (use-modules (nongnu packages linux)
- (nongnu system linux-initrd)
- (suweren commons sudoers)
- (suweren system))
- ((@ (gnu system) operating-system)
- (bootloader (bootloader-izumi))
- (kernel linux)
- (keyboard-layout keyboard-layout-izumi)
- (initrd microcode-initrd)
- (firmware (list linux-firmware))
- (host-name host-name-izumi)
- (mapped-devices mapped-devices-izumi)
- (file-systems (file-systems-izumi))
- (swap-devices (list swap-device-izumi-1))
- (users (users-izumi))
- (groups (groups-izumi))
- (timezone "Europe/Warsaw")
- (locale polish-locale-string)
- (locale-definitions %suweren-locale-definitions)
- (services services-izumi)
- (sudoers-file %sudoers-specification*)))
-
-(define-public operating-system-izumi
- (operating-system-izumi))
-
-operating-system-izumi
generated by cgit v1.2.3 (git 2.49.0) at 2025-07-01 15:13:44 +0000