diff options
Diffstat (limited to 'systems/izumi')
| -rw-r--r-- | systems/izumi/izumi.scm | 954 | ||||
| -rw-r--r-- | systems/izumi/system-files/hosts | 4 |
2 files changed, 510 insertions, 448 deletions
diff --git a/systems/izumi/izumi.scm b/systems/izumi/izumi.scm index 8595e5d..809ccdc 100644 --- a/systems/izumi/izumi.scm +++ b/systems/izumi/izumi.scm @@ -1,430 +1,520 @@ (define-module (systems izumi izumi) - #:use-module (suweren commons sudoers)) + #:use-module (users id1000)) (define radicale-keys "/secrets/radicale/keys") (define dovecot-keys "/secrets/dovecot") -( use-modules - ( gnu ) - ( gnu services syncthing ) - ( guix records ) - ( ice-9 match ) - ( nongnu packages linux ) - ( nongnu system linux-initrd ) - (suweren system)) - -( use-package-modules - admin certs kde-frameworks kde-multimedia kde-pim kde-plasma kde-utils mail - version-control ) - -( use-service-modules - base certbot cgit desktop mail shepherd ssh version-control web xorg ) - -(use-modules (channels) - (gnu) - (gnu home) - (gnu home services) - (gnu home services shells) - (gnu packages emacs-xyz)) - -(use-modules - (gnu) - (gnu home services) - (guix build-system emacs) - (guix git-download) - ((guix licenses) - #:prefix license:) - (guix packages)) - -(use-package-modules base emacs-xyz gawk) - -(use-modules - (gnu services) - (gnu home services) - (gnu packages password-utils) - (guix gexp)) - -(use-modules - (gnu home services shells) - (gnu services) - (gnu services guix)) - -(define nginx-accounts - (list (user-group (name "nginx") - (system? #t)) - (user-account (name "nginx") - (group "nginx") - (supplementary-groups '("git")) - (system? #t) - (comment "nginx server user") - (home-directory "/var/empty") - (shell (file-append (specification->package "shadow") - "/sbin/nologin"))))) +(define (nginx-accounts) + (use-modules (gnu packages) + (guix gexp)) + (list ((@ (gnu system accounts) user-group) + (name "nginx") + (system? #t)) + ((@ (gnu system accounts) user-account) + (name "nginx") + (group "nginx") + (supplementary-groups '("git")) + (system? #t) + (comment "nginx server user") + (home-directory "/var/empty") + (shell (file-append (specification->package "shadow") + "/sbin/nologin"))))) + +(define (nginx-service-type*) + (use-modules (gnu services) + (gnu services web) + (gnu system shadow)) + ((@ (gnu services) service-type) + (inherit nginx-service-type) + (extensions (map (lambda (extension) + (if (eq? ((@ (gnu services) service-extension-target) + extension) + account-service-type) + ((@ (gnu services) service-extension) + account-service-type + (const (nginx-accounts))) + extension)) + ((@ (gnu services) service-type-extensions) + nginx-service-type))))) (define nginx-service-type* - (service-type (inherit nginx-service-type) - (extensions (map (lambda (extension) - (if (eq? (service-extension-target extension) - account-service-type) - (service-extension account-service-type - (const nginx-accounts)) - extension)) - (service-type-extensions nginx-service-type))))) - -(define hosts-izumi - (local-file "system-files/hosts")) + (nginx-service-type*)) ;;;??????????????????????????????????????????????????????????????????? +(define (certbot) + (use-modules (gnu services certbot)) + ((@ (gnu services) service) + ((@ (gnu services) service-type) + (inherit certbot-service-type) + (extensions (map (lambda (extension) + (if (eq? ((@ (gnu services) service-extension-target) + extension) + nginx-service-type) + ((@ (gnu services) service-extension) + nginx-service-type* + (@@ (gnu services certbot) + certbot-nginx-server-configurations)) + extension)) + ((@ (gnu services) service-type-extensions) + certbot-service-type)))) + ((@ (gnu services certbot) certbot-configuration) + (certificates + (list + ((@ (gnu services certbot) certificate-configuration) + (deploy-hook + (program-file + "nginx-deploy-hook" + ((@ (guix gexp) gexp) + (let + ((pid (call-with-input-file "/var/run/nginx/pid" read))) + (kill pid SIGHUP))))) + (domains + (list + "marekpasnikowski.pl" + "git.marekpasnikowski.pl" + "radicale.marekpasnikowski.pl"))))) + (email "marek@marekpasnikowski.pl") + (webroot "/srv/www/marek/marekpasnikowski.pl")))) + +(define (cgit-izumi) + (use-modules (gnu packages version-control) + (gnu services cgit) + (gnu services version-control)) + ((@ (gnu services) service) + ((@ (gnu services) service-type) + (inherit cgit-service-type) + (extensions (map (lambda (extension) + (if (eq? ((@ (gnu services) service-extension-target) + extension) + nginx-service-type) + ((@ (gnu services) service-extension) + nginx-service-type* + cgit-configuration-nginx-config) + extension)) + ((@ (gnu services) service-type-extensions) + cgit-service-type)))) + ((@ (gnu services cgit) cgit-configuration) + (nginx + (list + ((@ (gnu services web) nginx-server-configuration) + (locations + (list + (git-http-nginx-location-configuration + ((@ (gnu services version-control) git-http-configuration) + (git-root "/var/lib/gitolite/repositories") + (uri-path "/git"))) + ((@ (gnu services web) nginx-location-configuration) + (body + (list + "fastcgi_param HTTP_HOST $server_name ;" + "fastcgi_param PATH_INFO $uri ;" + "fastcgi_param QUERY_STRING $args ;" + "fastcgi_param SCRIPT_FILENAME $document_root/lib/cgit/cgit.cgi ;" + "fastcgi_pass 127.0.0.1:9000 ;")) + (uri "@cgit")) + ((@ (gnu services web) nginx-location-configuration) + (body (list "root /srv/www/marek/marekpasnikowski.pl/ ;")) + (uri "/.well-known")))) + (listen (list "192.168.10.2:443 ssl")) + (root cgit) + (server-name (list "git.marekpasnikowski.pl")) + (ssl-certificate + "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem") + (ssl-certificate-key + "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem") + (try-files (list "$uri" "@cgit"))))) + (repositories + (list + ((@ (gnu services cgit) repository-cgit-configuration) + (hide? #t) + (path "/srv/git/marek/packages")))) + (repository-directory "/var/lib/gitolite/repositories")))) + +(define (desktop-services-izumi) + (use-modules (gnu services base) + (gnu services desktop) + (gnu services xorg)) + ((@ (gnu services) modify-services) + (@ (gnu services desktop) %desktop-services) + (elogind-service-type + configuration => + ((@ (gnu services desktop) elogind-configuration) + (inherit configuration) + (handle-lid-switch 'ignore) + (handle-lid-switch-docked 'ignore) + (handle-lid-switch-external-power 'ignore))) + (gdm-service-type + configuration => + ((@ (gnu services xorg) gdm-configuration) + (inherit configuration) + (auto-suspend? #f) + (wayland? #t))) + (guix-service-type + configuration => + (let* + ((non-guix.pub + (string-append + "( public-key ( ecc ( curve Ed25519 )" + "( q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98# ) ) )")) + (authorized-keys + (append + %default-authorized-guix-keys + (list (plain-file "non-guix.pub" non-guix.pub)))) + (extra-options + (list "--gc-keep-derivations=yes" "--gc-keep-outputs=yes")) + (substitute-urls + (append + %default-substitute-urls + (list "https://substitutes.nonguix.org")))) + ((@ (gnu services base) guix-configuration) + (inherit configuration) + (authorized-keys authorized-keys) + (extra-options extra-options) + (substitute-urls substitute-urls)))))) + +(define (etc-mailname) + (simple-service 'etc-files + etc-service-type + (list `("mailname" ,(plain-file "mailname" + "marekpasnikowski.pl\n"))))) + +(define (fcgiwrap) + ((@ (gnu services) service) + fcgiwrap-service-type + ((@ (gnu services web) fcgiwrap-configuration) + (user "git") + (group "git")))) + +(define (gitolite) + ((@ (gnu services) service) + gitolite-service-type + ((@ (gnu services version-control) gitolite-configuration) + (rc-file ((@ (gnu services version-control) gitolite-rc-file) + (umask #o0027))) + (admin-pubkey (plain-file "gitolite-admin.pub" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4THTYnHCc/ihCJNKJtGTNu1zCnLndbMHnxnrxzJk+N marek@izumi\n"))))) + +(define (home-services) + (use-modules (channels) + (gnu home services) + (gnu packages base) + (gnu packages emacs-xyz) + (gnu packages gawk) + (guix build-system emacs) + (guix git-download) + ((guix licenses) + #:prefix license:)) + ((@ (gnu services) service) + (@ (gnu services guix) guix-home-service-type) + `(("marek" ,((@ (gnu home) home-environment) + (packages (map specification->package+output + (list "dconf-editor" + "emacs" + "emacs-org-modern" + "emacs-paredit" + "font-google-noto" + "font-google-noto-emoji" + "font-google-noto-sans-cjk" + "font-google-noto-serif-cjk" + "git" + "gnupg" + "gnome-tweaks" + "noweb" + "pinentry" + "pwgen" + "unzip" + "zip"))) + (services (append (list izumi-channels-service-type) + (list + (simple-service + 'emacs-home-profile + home-profile-service-type + (append + (list emacs-guix emacs-nix-mode) + (list + (let + ((commit* "wip-algo-tn")) + ((@ (guix packages) package) + (name "emacs-org-fc") + (version (git-version "0.1.2" "0" commit*)) + (source + ((@ (guix packages) origin) + (method git-fetch) + (uri + ((@ (guix git-download) git-reference) + (url "https://git.marekpasnikowski.pl/org-fc.git") + (commit commit*))) + (file-name (git-file-name name version)) + (sha256 ((@ (guix packages) base32) + '"1i8ii1garx2pdg08a12yzsd0fhwdzcpxp9m97zj8m5s275i8ccaj")))) + (build-system emacs-build-system) + (arguments + (list + #:include ((@ (guix gexp) gexp) + (cons* "\\.awk$" "\\.org$" %default-include)) + #:exclude ((@ (guix gexp) gexp) + (cons "^test/" %default-exclude)) + #:tests? #t + #:test-command + ((@ (guix gexp) gexp) + (list + "emacs" + "--batch" + "-L" "." + "-L" "tests/" + "-l" "tests/org-fc-filter-test.el" + "-l" "tests/org-fc-indexer-test.el" + "-l" "tests/org-fc-review-data-test.el" + "-f" "ert-run-tests-batch-and-exit")) + #:phases + ((@ (guix gexp) gexp) + (modify-phases + %standard-phases + (add-after + 'unpack + 'qualify-paths + (lambda* + (#:key inputs + #:allow-other-keys) + (substitute* + "org-fc-awk.el" + (("\"find ") + (string-append + "\"" + (search-input-file inputs "/bin/find") + " ")) + (("\"gawk ") + (string-append + "\"" + (search-input-file inputs "/bin/gawk") + " ")) + (("\"xargs ") + (string-append + "\"" + (search-input-file inputs "/bin/xargs") + " "))))))))) + (inputs (list findutils gawk)) + (propagated-inputs (list emacs-hydra)) + (home-page "https://www.leonrische.me/fc/index.html") + (synopsis "Spaced repetition system for Emacs Org mode") + (description + (string-append + "Org-fc is a spaced-repetition system for Emacs' Org mode.\n" + "It allows you to mark headlines in a file as flashcards, turning pieces of\n" + "knowledge you want to learn into a question-answer test. These cards are\n" + "reviewed at regular interval. After each review, the next review interval is\n" + "calculated based on how well you remembered the contents of the card.\n")) + (license license:gpl3+)))))) + (simple-service 'home-files + home-files-service-type + (list (list ".config/emacs/init.el" + ((@ (guix gexp) local-file) + "home-files/emacs-configuration.el" )) + (list ".gnus" + ((@ (guix gexp) local-file) + "home-files/gnus-configuration.el")) + (list ".gitconfig" + ((@ (guix gexp) local-file) + "home-files/gitconfig")) + (list ".config/git/ignore" + ;; https://github.com/github/gitignore/blob/main/Global/Emacs.gitignore + ((@ (guix gexp) local-file) + "home-files/git-ignore.conf")))) + (simple-service + 'environment-variables + home-environment-variables-service-type + `(("EDITOR" . "emacsclient -nw")))) + (list + (let* + ((and "&& ") + (collect-garbage "sudo guix gc -d 7d ") + (configuration-prefix + "/home/marek/Publiczny/src/deployment/systems/izumi/") + (pull-guix "guix pull ") + (reconfigure-home + (string-append + "guix home delete-generations 7d ; " + "guix home reconfigure " + configuration-prefix + "home-configuration.scm ")) + (reconfigure-system + (string-append + "sudo guix system delete-generations 7d ; " + "sudo guix system reconfigure " + configuration-prefix + "izumi.scm ")) + (update-system + (string-append + pull-guix + and + reconfigure-system + ;; and + ;; reconfigure-home + and + collect-garbage))) + (simple-service + 'bash-extension + (@ (gnu home services shells) home-bash-service-type) + ((@ (gnu home services shells) home-bash-extension) + (aliases + `(("collect-garbage" . ,collect-garbage) + ("edit" . "$EDITOR") + ("pull-guix" . ,pull-guix) + ("reconfigure-home" . ,reconfigure-home) + ("reconfigure-system" . ,reconfigure-system) + ("update-system" . ,update-system))) + (bash-profile + (list + (mixed-text-file + "newline-prompt" + "PS1=${PS1%?}\n" + "PS1=${PS1%?}\\n'$ '\n" + "PS1=\"\\n$PS1\"")))))))))))))) + (define keyboard-layout-izumi - (keyboard-layout "pl")) + ((@ (gnu system keyboard) keyboard-layout) + "pl")) + +(define (mapped-devices-izumi) + (use-modules (gnu system mapped-devices)) + (list ((@ (gnu system mapped-devices) mapped-device) + (source "/dev/sda2") + (target "izumi") + (type luks-device-mapping)))) + +(define mapped-devices-izumi + (mapped-devices-izumi)) + +(define (nginx-izumi) + ((@ (gnu services) service) + nginx-service-type* + ((@ (gnu services web) nginx-configuration) + (server-blocks + (list + ;; Top-Level + ((@ (gnu services web) nginx-server-configuration) + (locations + (list + ((@ (gnu services web) nginx-location-configuration) + (uri "/.well-known" ) + (body + (list "root /srv/www/marek/marekpasnikowski.pl ;"))))) + (listen (list "192.168.10.2:443 ssl")) + (root "/srv/www/marek/marekpasnikowski.pl") + (server-name ( list "marekpasnikowski.pl")) + (ssl-certificate + "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem") + (ssl-certificate-key + "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem")) + ;; Radicale + ((@ (gnu services web) nginx-server-configuration) + (locations + (list + ((@ (gnu services web) nginx-location-configuration) + (body + (list + "proxy_pass http://localhost:5232/ ;" + "proxy_set_header X-Script-Name \"\" ;" + "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;" + "proxy_set_header Host $http_host ;" + "proxy_pass_header Authorization ;")) + (uri "/")) + ((@ (gnu services web) nginx-location-configuration) + (body + (list "root /srv/www/marek/marekpasnikowski.pl ;")) + (uri "/.well-known")))) + (listen (list "192.168.10.2:443 ssl")) + (server-name (list "radicale.marekpasnikowski.pl")))))))) + +(define (openssh) + (use-modules (gnu services ssh)) + ((@ (gnu services) service) + openssh-service-type)) + +(define (plasma-desktop) + ((@ (gnu services) service) + plasma-desktop-service-type)) + +(define (radicale) + (use-modules (gnu services mail)) + ((@ (gnu services) service) + radicale-service-type + ((@ (gnu services mail) radicale-configuration) + (auth ((@ (gnu services mail) radicale-auth-configuration) + (type 'htpasswd) + (htpasswd-filename radicale-keys) + (htpasswd-encryption 'plain))) + (storage ((@ (gnu services mail) radicale-storage-configuration) + (filesystem-folder "/data/radicale/collections")))))) + +(define swap-device-izumi-1-label + ((@ (gnu system file-systems) file-system-label) + "izumi-swap-f")) + +(define (syncthing) + (use-modules (gnu services syncthing)) + ((@ (gnu services) service) + syncthing-service-type + ((@ (gnu services syncthing) syncthing-configuration) + (user "marek")))) + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +(define (bootloader-izumi) + (use-modules (gnu bootloader grub)) + ((@ (gnu bootloader) bootloader-configuration) + (bootloader grub-efi-bootloader) + (keyboard-layout keyboard-layout-izumi) + (targets (list "/boot/efi")))) + +(define (file-systems-izumi) + (use-modules (gnu system file-systems)) + (append %base-file-systems + (list ((@ (gnu system file-systems) file-system) + (device "/dev/sda1") + (mount-point "/boot/efi") + (type "vfat")) + ((@ (gnu system file-systems) file-system) + (dependencies mapped-devices-izumi) + (device "/dev/mapper/izumi") + (mount-point "/") + (type "xfs"))))) + +(define (groups-izumi) + (use-modules (gnu system shadow)) + (append %base-groups + (list + ((@ (gnu system accounts) user-group) + (name "vmail") + (system? #t))))) + +(define host-name-izumi + "izumi") (define services-izumi - (append - ( modify-services - %desktop-services - ( elogind-service-type - configuration => - ( elogind-configuration - ( inherit configuration ) - ( handle-lid-switch 'ignore ) - ( handle-lid-switch-docked 'ignore ) - ( handle-lid-switch-external-power 'ignore ) ) ) - ( gdm-service-type - configuration => - ( gdm-configuration - ( inherit configuration ) - ( auto-suspend? #f ) - ( wayland? #t ) ) ) - ( guix-service-type - configuration => - ( let* - ( ( non-guix.pub - ( string-append - "( public-key ( ecc ( curve Ed25519 )" - "( q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98# ) ) )" ) ) - ( authorized-keys - ( append - %default-authorized-guix-keys - ( list ( plain-file "non-guix.pub" non-guix.pub ) ) ) ) - ( extra-options - ( list "--gc-keep-derivations=yes" "--gc-keep-outputs=yes" ) ) - ( substitute-urls - ( append - %default-substitute-urls - ( list "https://substitutes.nonguix.org" ) ) ) ) - ( guix-configuration - ( inherit configuration ) - ( authorized-keys authorized-keys ) - ( extra-options extra-options ) - ( substitute-urls substitute-urls ) ) ) ) ) - ( list - (@ (users id1000) dkim-service) - (@ (users id1000) dovecot-service) - (@ (users id1000) smtp-service) - (service (service-type (inherit certbot-service-type) - (extensions (map (lambda (extension) - (if (eq? (service-extension-target extension) - nginx-service-type) - (service-extension nginx-service-type* - (@@ (gnu services certbot) - certbot-nginx-server-configurations)) - extension)) - (service-type-extensions certbot-service-type)))) - ( certbot-configuration - ( certificates - ( list - ( certificate-configuration - ( deploy-hook - ( program-file - "nginx-deploy-hook" - #~ - ( let - ( ( pid ( call-with-input-file "/var/run/nginx/pid" read ) ) ) - ( kill pid SIGHUP ) ) ) ) - ( domains - ( list - "marekpasnikowski.pl" - "git.marekpasnikowski.pl" - "radicale.marekpasnikowski.pl" ) ) ) ) ) - ( email "marek@marekpasnikowski.pl" ) - ( webroot "/srv/www/marek/marekpasnikowski.pl" ) ) ) - (service (service-type (inherit cgit-service-type) - (extensions (map (lambda (extension) - (if (eq? (service-extension-target extension) - nginx-service-type) - (service-extension nginx-service-type* - cgit-configuration-nginx-config) - extension)) - (service-type-extensions cgit-service-type)))) - ( cgit-configuration - ( nginx - ( list - ( nginx-server-configuration - ( locations - ( list - ( git-http-nginx-location-configuration - ( git-http-configuration - ( git-root "/var/lib/gitolite/repositories" ) - ( uri-path "/git" ) ) ) - ( nginx-location-configuration - ( body - ( list - "fastcgi_param HTTP_HOST $server_name ;" - "fastcgi_param PATH_INFO $uri ;" - "fastcgi_param QUERY_STRING $args ;" - "fastcgi_param SCRIPT_FILENAME $document_root/lib/cgit/cgit.cgi ;" - "fastcgi_pass 127.0.0.1:9000 ;" ) ) - ( uri "@cgit" ) ) - ( nginx-location-configuration - ( body ( list "root /srv/www/marek/marekpasnikowski.pl/ ;" ) ) - ( uri "/.well-known" ) ) ) ) - ( listen ( list "192.168.10.2:443 ssl" ) ) - ( root cgit ) - ( server-name ( list "git.marekpasnikowski.pl" ) ) - ( ssl-certificate - "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" ) - ( ssl-certificate-key - "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) - ( try-files ( list "$uri" "@cgit" ) ) ) ) ) - ( repositories - ( list - ( repository-cgit-configuration - ( hide? #t ) - ( path "/srv/git/marek/packages" ) ) ) ) - ( repository-directory "/var/lib/gitolite/repositories" ) ) ) - (service fcgiwrap-service-type - (fcgiwrap-configuration (user "git") - (group "git"))) - ( service gitolite-service-type - ( gitolite-configuration - ( rc-file ( gitolite-rc-file ( umask #o0027 ) ) ) - ( admin-pubkey ( plain-file "gitolite-admin.pub" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4THTYnHCc/ihCJNKJtGTNu1zCnLndbMHnxnrxzJk+N marek@izumi\n") ) ) ) - ( service plasma-desktop-service-type ) - ( service syncthing-service-type ( syncthing-configuration ( user "marek" ) ) ) - (service nginx-service-type* - ( nginx-configuration - ( server-blocks - ( list - ;; Top-Level - ( nginx-server-configuration - ( locations - ( list - ( nginx-location-configuration - ( uri "/.well-known" ) - ( body - ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) ) ) ) - ( listen ( list "192.168.10.2:443 ssl" ) ) - ( root "/srv/www/marek/marekpasnikowski.pl" ) - ( server-name ( list "marekpasnikowski.pl" ) ) - ( ssl-certificate - "/etc/letsencrypt/live/marekpasnikowski.pl/fullchain.pem" ) - ( ssl-certificate-key - "/etc/letsencrypt/live/marekpasnikowski.pl/privkey.pem" ) ) - ;; Radicale - ( nginx-server-configuration - ( locations - ( list - ( nginx-location-configuration - ( body - ( list - "proxy_pass http://localhost:5232/ ;" - "proxy_set_header X-Script-Name \"\" ;" - "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;" - "proxy_set_header Host $http_host ;" - "proxy_pass_header Authorization ;" ) ) - ( uri "/" ) ) - ( nginx-location-configuration - ( body - ( list "root /srv/www/marek/marekpasnikowski.pl ;" ) ) - ( uri "/.well-known" ) ) ) ) - ( listen ( list "192.168.10.2:443 ssl" ) ) - ( server-name ( list "radicale.marekpasnikowski.pl" ) ) ) ) ) ) ) - ( service openssh-service-type ) - ( service radicale-service-type - ( radicale-configuration - ( auth - ( radicale-auth-configuration - ( type 'htpasswd ) - ( htpasswd-filename radicale-keys ) - ( htpasswd-encryption 'plain ) ) ) ) ) - ( simple-service 'base-profile profile-service-type - ( append %base-packages - ( list ) ) ) - ( simple-service - 'nss-profile - profile-service-type - ( list nss-certs ) ) - ( simple-service - 'etc-files - etc-service-type - ( list - `( "mailname" ,( plain-file "mailname" "marekpasnikowski.pl\n" ) ) ) ) - (service guix-home-service-type - `(("marek" ,(home-environment (packages (map specification->package+output - (list "dconf-editor" - "emacs" - "emacs-org-modern" - "emacs-paredit" - "font-google-noto" - "font-google-noto-emoji" - "font-google-noto-sans-cjk" - "font-google-noto-serif-cjk" - "git" - "gnupg" - "gnome-tweaks" - "noweb" - "pinentry" - "pwgen" - "unzip" - "zip"))) - (services (append (list izumi-channels-service-type) - (list - (simple-service - 'emacs-home-profile - home-profile-service-type - (append - (list emacs-guix emacs-nix-mode) - (list - (let - ((commit* "wip-algo-tn")) - (package - (name "emacs-org-fc") - (version (git-version "0.1.2" "0" commit*)) - (source - (origin - (method git-fetch) - (uri - (git-reference - (url "https://git.marekpasnikowski.pl/org-fc.git") - (commit commit*))) - (file-name (git-file-name name version)) - (sha256 (base32 "1i8ii1garx2pdg08a12yzsd0fhwdzcpxp9m97zj8m5s275i8ccaj")))) - (build-system emacs-build-system) - (arguments - (list - #:include #~ (cons* "\\.awk$" "\\.org$" %default-include) - #:exclude #~ (cons "^test/" %default-exclude) - #:tests? #t - #:test-command - #~ - (list - "emacs" - "--batch" - "-L" "." - "-L" "tests/" - "-l" "tests/org-fc-filter-test.el" - "-l" "tests/org-fc-indexer-test.el" - "-l" "tests/org-fc-review-data-test.el" - "-f" "ert-run-tests-batch-and-exit") - #:phases - #~ - (modify-phases - %standard-phases - (add-after - 'unpack - 'qualify-paths - (lambda* - (#:key inputs - #:allow-other-keys) - (substitute* - "org-fc-awk.el" - (("\"find ") - (string-append - "\"" - (search-input-file inputs "/bin/find") - " ")) - (("\"gawk ") - (string-append - "\"" - (search-input-file inputs "/bin/gawk") - " ")) - (("\"xargs ") - (string-append - "\"" - (search-input-file inputs "/bin/xargs") - " ")))))))) - (inputs (list findutils gawk)) - (propagated-inputs (list emacs-hydra)) - (home-page "https://www.leonrische.me/fc/index.html") - (synopsis "Spaced repetition system for Emacs Org mode") - (description - (string-append - "Org-fc is a spaced-repetition system for Emacs' Org mode.\n" - "It allows you to mark headlines in a file as flashcards, turning pieces of\n" - "knowledge you want to learn into a question-answer test. These cards are\n" - "reviewed at regular interval. After each review, the next review interval is\n" - "calculated based on how well you remembered the contents of the card.\n")) - (license license:gpl3+)))))) - (simple-service 'home-files - home-files-service-type - (list (list ".config/emacs/init.el" - (local-file "home-files/emacs-configuration.el" )) - (list ".gnus" - (local-file "home-files/gnus-configuration.el")) - (list ".gitconfig" - (local-file "home-files/gitconfig")) - (list ".config/git/ignore" - ;; https://github.com/github/gitignore/blob/main/Global/Emacs.gitignore - (local-file "home-files/git-ignore.conf")))) - (simple-service - 'environment-variables - home-environment-variables-service-type - `(("EDITOR" . "emacsclient -nw")))) - (list - (let* - ((and "&& ") - (collect-garbage "sudo guix gc -d 7d ") - (configuration-prefix - "/home/marek/Publiczny/src/deployment/systems/izumi/") - (pull-guix "guix pull ") - (reconfigure-home - (string-append - "guix home delete-generations 7d ; " - "guix home reconfigure " - configuration-prefix - "home-configuration.scm ")) - (reconfigure-system - (string-append - "sudo guix system delete-generations 7d ; " - "sudo guix system reconfigure " - configuration-prefix - "izumi.scm ")) - (update-system - (string-append - pull-guix - and - reconfigure-system - ;; and - ;; reconfigure-home - and - collect-garbage))) - (simple-service - 'bash-extension - home-bash-service-type - (home-bash-extension - (aliases - `(("collect-garbage" . ,collect-garbage) - ("edit" . "$EDITOR") - ("pull-guix" . ,pull-guix) - ("reconfigure-home" . ,reconfigure-home) - ("reconfigure-system" . ,reconfigure-system) - ("update-system" . ,update-system))) - (bash-profile - (list - (mixed-text-file - "newline-prompt" - "PS1=${PS1%?}\n" - "PS1=${PS1%?}\\n'$ '\n" - "PS1=\"\\n$PS1\"")))))))))))))))) + (append (desktop-services-izumi) + (list dkim-service + dovecot-service + smtp-service + (certbot) + (cgit-izumi) + (etc-mailname) + (fcgiwrap) + (gitolite) + (home-services) + (nginx-izumi) + (openssh) + (plasma-desktop) + (radicale) + (syncthing)))) (define swap-device-izumi-1 - (swap-space (target "/dev/sda3"))) + ((@ (gnu system file-systems) swap-space) + (target swap-device-izumi-1-label))) (define (users-izumi) (use-modules (gnu system shadow) - (users id1000) (users vmail)) (append %base-user-accounts (list uid1000-account @@ -433,46 +523,22 @@ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; (define (operating-system-izumi) - (operating-system - ( bootloader - ( bootloader-configuration - ( bootloader grub-efi-bootloader ) - ( keyboard-layout keyboard-layout-izumi ) - ( targets ( list "/boot/efi" ) ) ) ) - ( mapped-devices - ( list - ( mapped-device - ( source "/dev/sda2" ) - ( target "izumi" ) - ( type luks-device-mapping ) ) ) ) - ( file-systems - ( append - %base-file-systems - ( list - ( file-system - ( device "/dev/sda1" ) - ( mount-point "/boot/efi" ) - ( type "vfat" ) ) - ( file-system - ( dependencies mapped-devices ) - ( device "/dev/mapper/izumi" ) - ( mount-point "/" ) - ( type "xfs" ) ) ) ) ) - ( firmware ( list linux-firmware ) ) - ( groups - ( append - %base-groups - ( list - ( user-group - ( name "vmail" ) - ( system? #t ) )) ) ) - ( host-name "izumi" ) - (hosts-file hosts-izumi) + (use-modules (nongnu packages linux) + (nongnu system linux-initrd) + (suweren commons sudoers) + (suweren system)) + ((@ (gnu system) operating-system) + (bootloader (bootloader-izumi)) (kernel linux) (keyboard-layout keyboard-layout-izumi) (initrd microcode-initrd) + (firmware (list linux-firmware)) + (host-name host-name-izumi) + (mapped-devices mapped-devices-izumi) + (file-systems (file-systems-izumi)) (swap-devices (list swap-device-izumi-1)) (users (users-izumi)) + (groups (groups-izumi)) (timezone "Europe/Warsaw") (locale polish-locale-string) (locale-definitions %suweren-locale-definitions) diff --git a/systems/izumi/system-files/hosts b/systems/izumi/system-files/hosts deleted file mode 100644 index bc92c36..0000000 --- a/systems/izumi/system-files/hosts +++ /dev/null @@ -1,4 +0,0 @@ -127.0.0.1 localhost izumi -::1 localhost izumi - -81.190.248.246 marekpasnikowski git.marekpasnikowski.pl
\ No newline at end of file |