From c4ea8c057fccd4783196f7b6b578afbb949f746f Mon Sep 17 00:00:00 2001 From: Marek Paśnikowski Date: Wed, 20 Mar 2024 14:32:47 +0100 Subject: Move all code into new directory structure --- .bash_profile | 2 - .bashrc | 31 -- aisaka.org | 658 -------------------------------- data/bashrc | 1 - data/emacs-config | 78 ---- data/git-config | 9 - home-configuration.scm | 224 ----------- system-configuration.scm | 134 ------- systems/aisaka/.bash_profile | 2 + systems/aisaka/.bashrc | 31 ++ systems/aisaka/aisaka.org | 658 ++++++++++++++++++++++++++++++++ systems/aisaka/data/bashrc | 1 + systems/aisaka/data/emacs-config | 78 ++++ systems/aisaka/data/git-config | 9 + systems/aisaka/home-configuration.scm | 224 +++++++++++ systems/aisaka/system-configuration.scm | 134 +++++++ 16 files changed, 1137 insertions(+), 1137 deletions(-) delete mode 100644 .bash_profile delete mode 100644 .bashrc delete mode 100644 aisaka.org delete mode 100644 data/bashrc delete mode 100644 data/emacs-config delete mode 100644 data/git-config delete mode 100644 home-configuration.scm delete mode 100644 system-configuration.scm create mode 100644 systems/aisaka/.bash_profile create mode 100644 systems/aisaka/.bashrc create mode 100644 systems/aisaka/aisaka.org create mode 100644 systems/aisaka/data/bashrc create mode 100644 systems/aisaka/data/emacs-config create mode 100644 systems/aisaka/data/git-config create mode 100644 systems/aisaka/home-configuration.scm create mode 100644 systems/aisaka/system-configuration.scm diff --git a/.bash_profile b/.bash_profile deleted file mode 100644 index 37ea25c..0000000 --- a/.bash_profile +++ /dev/null @@ -1,2 +0,0 @@ -# Honor per-interactive-shell startup file -if [ -f ~/.bashrc ]; then . ~/.bashrc; fi diff --git a/.bashrc b/.bashrc deleted file mode 100644 index 78e9cea..0000000 --- a/.bashrc +++ /dev/null @@ -1,31 +0,0 @@ -# Bash initialization for interactive non-login shells and -# for remote shells (info "(bash) Bash Startup Files"). - -# Export 'SHELL' to child processes. Programs such as 'screen' -# honor it and otherwise use /bin/sh. -export SHELL - -if [[ $- != *i* ]] -then - # We are being invoked from a non-interactive shell. If this - # is an SSH session (as in "ssh host command"), source - # /etc/profile so we get PATH and other essential variables. - [[ -n "$SSH_CLIENT" ]] && source /etc/profile - - # Don't do anything else. - return -fi - -# Source the system-wide file. -source /etc/bashrc - -# Adjust the prompt depending on whether we're in 'guix environment'. -if [ -n "$GUIX_ENVIRONMENT" ] -then - PS1='\n\u@\h [env]\$ ' -else - PS1='\n\u@\h \$ ' -fi -alias ls='ls -p --color=auto' -alias ll='ls -l' -alias grep='grep --color=auto' diff --git a/aisaka.org b/aisaka.org deleted file mode 100644 index 6759d2e..0000000 --- a/aisaka.org +++ /dev/null @@ -1,658 +0,0 @@ -#+title: Configuration of the Aisaka computer -*- mode: org -*- -#+startup: overview -#+property: header-args:scheme :noweb yes -#+property: header-args:scheme+ :noweb-prefix yes -#+property: header-args:shell :noweb yes -#+property: Header-args:shell+ :noweb-prefix yes - -* TODO Guix - -https://guix.gnu.org/en/manual/en/html_node/ - -** TODO Installation - -https://guix.gnu.org/en/manual/en/html_node/Installation.html - -*** TODO Invoking guix-daemon - -https://guix.gnu.org/en/manual/en/html_node/Invoking-guix_002ddaemon.html - -#+begin_src scheme :noweb-ref guix-options - "--gc-keep-derivations=yes" - "--gc-keep-outputs=yes" -#+end_src - -** TODO System configuration - -https://guix.gnu.org/en/manual/en/html_node/System-Configuration.html - -#+begin_src scheme :noweb-ref system-dump :tangle system-configuration.scm - (define-module (aisaka-system-configuration) - #:use-module (gnu) - #:use-module (gnu packages commencement) - #:use-module (gnu packages cups) - #:use-module (gnu packages finance) - #:use-module (gnu services cups) - #:use-module (gnu services configuration) - #:use-module (gnu services desktop) - #:use-module (gnu services networking) - #:use-module (gnu services nix) - #:use-module (gnu services ssh) - #:use-module (gnu services version-control) - #:use-module (gnu services xorg)) - - (define keyboard-layout - (keyboard-layout "pl")) - - (operating-system - (locale "pl_PL.utf8") - (timezone "Europe/Warsaw") - (keyboard-layout keyboard-layout) - (host-name "aisaka") - (users (cons* (user-account (name "marek") - (comment "Marek Paśnikowski") - (group "users") - (home-directory "/home/marek") - (supplementary-groups '("audio" - "netdev" - "tor" - "video" - "wheel"))) - %base-user-accounts)) - (packages - (append - (map - <> - '(;; "netcat-openbsd" - "nss-certs" - "ntfs-3g")) - ( map - <> - ( list ) ) - %base-packages)) - (services - <>) - (bootloader (bootloader-configuration (bootloader grub-bootloader) - (targets '("/dev/sda")) - (keyboard-layout keyboard-layout))) - (swap-devices - (list - <>)) - (mapped-devices - (list - <>)) - (file-systems - (append %base-file-systems - (list - <> - <>)))) -#+end_src - -*** TODO Services - -https://guix.gnu.org/en/manual/en/html_node/Services.html - -#+begin_src scheme :noweb-ref system-services - (append - (list - (extra-special-file - "/lib64/ld-linux-x86-64.so.2" - (file-append (canonical-package glibc) "/lib/ld-linux-x86-64.so.2")) - (extra-special-file - "/lib64/libstdc++.so.6" - (file-append (canonical-package gcc-toolchain) "/lib/libstdc++.so.6")) - (extra-special-file - "/usr/lib64/libstdc++.so.6" - (file-append (canonical-package gcc-toolchain) "/lib/libstdc++.so.6")) - <> - <> - <> - <> - (service - cups-service-type - (cups-configuration - (extensions - (list - cups-filters - epson-inkjet-printer-escpr)) - (web-interface? #t))) - (service git-daemon-service-type - (git-daemon-configuration - (export-all? #t))) - (service gnome-desktop-service-type) - (service plasma-desktop-service-type) - (service - tor-service-type - (tor-configuration - (control-socket? #t)))) - (modify-services - %desktop-services - (elogind-service-type - configuration => - (elogind-configuration - (inherit configuration) - (handle-lid-switch 'ignore))) - (gdm-service-type - configuration => - (gdm-configuration - (inherit configuration) - (wayland? #t))) - (delete guix-service-type))) -#+end_src - -**** TODO Base Services - -https://guix.gnu.org/en/manual/en/html_node/Base-Services.html - -#+begin_src scheme :noweb-ref system-base-services - <> - (service - guix-service-type - (guix-configuration - (extra-options - (list - <>)))) -#+end_src - -**** TODO Miscellaneous Services - -https://guix.gnu.org/en/manual/en/html_node/Miscellaneous-Services.html - -#+begin_src scheme :noweb-ref system-miscellaneous-services - (service nix-service-type) -#+end_src - -** TODO Home configuration - -https://guix.gnu.org/en/manual/devel/en/html_node/Home-Configuration.html - -#+begin_src scheme :noweb-ref home-dump :tangle home-configuration.scm - (define-module (aisaka-home-configuration) - #:use-module (gnu home) - #:use-module (gnu home services) - #:use-module (gnu home services shells) - #:use-module (gnu packages) - #:use-module (gnu services) - #:use-module (guix gexp)) - - (define allow-downgrades - "--allow-downgrades ") - - (define config-prefix - "/home/marek/Publiczny/src/guix-config/") - - (define pull-guix - "guix pull ") - - (define pull-guix- - (string-append pull-guix - allow-downgrades - "--disable-authentication ")) - - (define guix-home - "guix home reconfigure ") - - (define home-configuration - "home-configuration.scm ") - - (define reconfigure-home - (string-append guix-home - config-prefix - home-configuration)) - - (define reconfigure-home- - (string-append reconfigure-home - allow-downgrades)) - - (define guix-system - "sudo guix system reconfigure ") - - (define system-configuration - "system-configuration.scm ") - - (define reconfigure-system - (string-append guix-system - config-prefix - system-configuration)) - - (define reconfigure-system- - (string-append reconfigure-system - allow-downgrades)) - - (define and - "&& ") - - (define system-update - (string-append pull-guix - and - reconfigure-system - and - reconfigure-home - and - "sudo guix gc -d 7d")) - - (define system-update- - (string-append pull-guix- - and - reconfigure-system- - and - reconfigure-home- - and - "sudo guix gc -d 7d")) - - (home-environment - (packages - (map - <> - '("adwaita-icon-theme" - "alacritty" - "clamav" - "cpupower" - "dconf-editor" - "emacs-next" - "emacs-aggressive-indent" - "emacs-eldoc" - "emacs-geiser" - "emacs-geiser-guile" - "emacs-nix-mode" - "emacs-nov-el" - "emacs-org-contacts" - "emacs-org-contrib" - "emacs-paredit" - "font-google-noto" - "git" - "git-lfs" - "gnome-tweaks" - "gnupg" - "hicolor-icon-theme" - "icecat" - "jami" - "libadwaita" - "libreoffice" - "nm-tray" - "pwgen" - "seahorse" - "sicp" - "strace" - "unzip" - "zip"))) - (services - (list - <> - <> - (service - (service-type - (name 'org-fc-tn-package) - (extensions - (list - (service-extension home-profile-service-type - (lambda (_) - (map specification->package - (list - "emacs-org-fc-tn")))))) - (description "Custom version of ORG-FC.") - (default-value #f))) - <> - ;; <> - (service home-bash-service-type - (home-bash-configuration - (environment-variables '(("EDITOR" . "emacs -nw") - ("GUILE_AUTO_COMPILE" . "0") - ("PATH" . "$PATH:/home/marek/.nix-profile/bin"))) - (aliases `(("grep" . "grep --color=auto ") - ("ll" . "ls -l ") - ("ls" . "ls -p --color=auto ") - ("nix" . "nix --extra-experimental-features flakes --extra-experimental-features nix-command") - ("pull-guix" . ,pull-guix) - ("pull-guix-" . ,pull-guix-) - ("reconfigure-home" . ,reconfigure-home) - ("reconfigure-home-" . ,reconfigure-home-) - ("reconfigure-system" . ,reconfigure-system) - ("reconfigure-system-" . ,reconfigure-system-) - ("system-update" . ,system-update) - ("system-update-" . ,system-update-))) - (bashrc (list - (local-file "data/bashrc"))))) - ;; (service - ;; home-channels-service-type - ;; (list - ;; (channel - ;; (name 'guix) - ;; (url "https://git.savannah.gnu.org/git/guix.git")) - ;; (channel - ;; (name 'jeko) - ;; (url "https://framagit.org/Jeko/guix-jeko-channel.git")) - ;; (channel - ;; (name 'nonguix) - ;; (url "https://gitlab.com/nonguix/nonguix") - ;; ;; Enable signature verification: - ;; (introduction - ;; (make-channel-introduction - ;; "897c1a470da759236cc11798f4e0a5f7d4d59fbc" - ;; (openpgp-fingerprint "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5")))) - ;; (channel (name 'org-fc-tn) - ;; (url "file:///home/marek/src/org-fc") - ;; (branch "repository")) - ;; (channel (name 'packages) - ;; (url "file:///home/marek/src/packages") - ;; (branch "master")) - ;; (channel (name 'channel) - ;; (url "https://git.marekpasnikowski.pl/git/channel.git") - ;; (branch "wip-channel") - ;; ( introduction - ;; ( make-channel-introduction - ;; "f8ccfe8f3e5c8bafe06665cbd4b0c9301e1a64b6" - ;; ( openpgp-fingerprint - ;; "590E 500F E39D 26B3 E60B 743B 6D81 B120 7711 899F" ) ) )))) - (simple-service 'configuration-files - home-files-service-type - `((".config/git/config" ,(local-file "data/git-config")) - (".emacs" ,(local-file "data/emacs-config"))))))) -#+end_src - -*** TODO bashrc - -#+begin_src shell :tangle data/bashrc - export LD_LIBRARY_PATH=$LIBRARY_PATH -#+end_src - -*** TODO emacs - -#+begin_src elisp :tangle data/emacs-config - ;;; Disable auto-backup - (setq-default make-backup-files nil) - - ;;; https://github.com/fimblo/dot.emacs - ;;; Theme Activation - (load-theme 'manoj-dark) - - ;;; Enable ParEdit - (add-hook 'prog-mode-hook 'enable-paredit-mode) - - ;;; https://elpa.gnu.org/packages/aggressive-indent.html - ;;; Automatic Activation of Aggressive Indent - (global-aggressive-indent-mode) - - ;; Highlight the pair of delimiters under the cursor - (setq-default show-paren-mode 1 - show-paren-delay 0) - - ;;; https://guix.gnu.org/manual/en/html_node/The-Perfect-Setup.html - ;;; Copyright Information - (setq-default user-full-name "Marek Paśnikowski" - user-mail-address "marekpasnikowski@protonmail.com") - - ;;; Startup Screen Inhibition - (setq-default inhibit-startup-screen t) - - ;; Enable the column-80 line - (setq-default display-fill-column-indicator 1 - display-fill-column-indicator-column 80) - (global-display-fill-column-indicator-mode) - - ;; Prepare Literate Programming - (setq-default - org-startup-indented t - org-confirm-babel-evaluate nil - org-src-fontify-natively t - org-src-tab-acts-natively t) - (org-babel-do-load-languages 'org-babel-load-languages '((emacs-lisp . t) - (scheme . t ) - (shell . t ))) - - (add-to-list 'auto-mode-alist '("\\.epub\\'" . nov-mode)) - - ;; Monospace Font in Ebook Reader - (setq-default nov-variable-pitch nil) - - ;; Disable Toolbar - (tool-bar-mode -1) - - ;; GNUS Configuration - (setq-default gnus-auto-select-first nil - gnus-select-method '(nnnil "") - gnus-secondary-select-methods '((nnimap "outlook" - (nnimap-address "outlook.office365.com") - (nnimap-server-port 993) - (nnimap-stream ssl) - (nnimap-authinfo-file "~/.authinfo")) - (nnimap "home" - (nnimap-address "serwer1930490.home.pl") - (nnimap-server-port 993) - (nnimap-stream ssl) - (nnimap-authinfo-file "~/.authinfo"))) - nnmail-split-method 'nnmail-split-fancy - nnmail-split-fancy '(| "normal")) - (add-hook 'gnus-group-mode-hook 'gnus-topic-mode) - - ;; Org Configuration - (setq-default org-contacts-files '("~/Dokumenty/UWM/filia w Ełku/Samorząd 2022/starostowie.org")) - - ;; ORG-FC Configuration - (require 'org-fc-hydra) - (setq-default - org-fc-algorithm 'tn - org-fc-directories '("~/Dokumenty/fiszki")) - - ;; Nix Mode - (require 'nix-mode) - (add-to-list 'auto-mode-alist '("\\.nix\\'" . nix-mode)) -#+end_src - -*** TODO git-config - -#+begin_src shell :tangle data/git-config - <> - <> -#+end_src - -**** TODO User Configuration - -#+begin_src shell :noweb-ref git-user-config - [user] - name = "Marek Paśnikowski" - email = "marekpasnikowski@protonmail.com" -#+end_src - -* TODO Git Send Email - -https://git-send-email.io/ - -** TODO Installation - -https://git-send-email.io/#step-1 - -#+begin_src scheme :noweb-ref git-sendemail-packages - (service - (service-type - (name 'git-sendemail-packages) - (extensions - (list - (service-extension home-profile-service-type - (lambda (_) - (map - <> - (list - "git" - "git:send-email")))))) - (description "Git Send Email") - (default-value #f))) -#+end_src - -** TODO Configuration - -https://git-send-email.io/#step-2 - -#+begin_src shell :noweb-ref git-sendemail-config - [sendemail] - smtpencryption = tls - smtpserver = localhost - smtpserverport = 1025 - smtpsslcertpath = "" - smtpuser = marekpasnikowski@protonmail.com -#+end_src - -* TODO LIBREBOOT - -The first layer of computing is the firmware. The Lenovo Thinkpad X200 has -a free Libreboot firmware installed. It is a good idea to keep it up to date. - -** TODO Flashrom - -Flashrom program is needed to write the computer firmware. The -program needs a relaxed kernel security feature. - -#+begin_src scheme :noweb-ref flashrom-package - (service - (service-type - (name 'flashrom-package) - (extensions - `(,(service-extension home-profile-service-type - (lambda (_) - (map specification->package - '("flashrom")))))) - (description "Flashrom installation.") - (default-value #f))) -#+end_src - -* TODO File Systems - -This system has a very simple file system - a boot partition, main partition -for everything else and swap. The main partition is encrypted. - -** Mapped Devices - -Data encryption layer, password protected. The LUKS encryption type is -used. - -#+begin_src scheme :noweb-ref luks - (mapped-device - (source (uuid "887ac37f-2919-41a0-a62a-e1ff5ea2d6cc")) - (target "aisaka-root") - (type luks-device-mapping)) -#+end_src - -** File Systems - -The data is split into an unencrypted boot partition and encrypted root -filesystem. - -*** Root File System - -The root filesystem is mounted on the encryption layer. Its type is -BTRFS. - -#+begin_src scheme :noweb-ref rootfs - (file-system - (mount-point "/") - (device "/dev/mapper/aisaka-root") - (type "btrfs") - (dependencies mapped-devices)) -#+end_src - -*** Boot File System - -The boot partition is on EXT4 filesystem. - -#+begin_src scheme :noweb-ref bootfs - (file-system - (mount-point "/boot") - (device (uuid "4f77b5fc-56ad-43ae-b6ec-e5adc8c48587")) - (type "ext4")) -#+end_src - -** Swap Devices - -Swap takes half the storage space in order to facilitate edge cases of -memory without overprovisioning, as well as to prolog the lifetime of SSD. - -#+begin_src scheme :noweb-ref swap - (swap-space (target (uuid "73bed3f9-be07-40ad-a228-577cd24f2e1d"))) -#+end_src - -* TODO System Servers - -** TODO Secure Shell - -*** TODO SSH Installation - -#+begin_src scheme :noweb-ref ssh-system-service - (service openssh-service-type) -#+end_src - -*** TODO SSH Configuration - -#+begin_src scheme :noweb-ref ssh-user-configuration - (simple-service 'ssh-configuration* home-files-service-type - `((".ssh/config" ,(plain-file "ssh-config" "\ - <>\n")))) -#+end_src - -**** TODO SSH Configuration File - -#+begin_src shell :noweb-ref ssh-config - Host *.onion - ProxyCommand nc -x localhost:9050 -X5 %h %p - - Host kynio.onion - User kynio - Hostname prnpi5oblk35gzcihbgu3227xvanisouxgbejri57bnzjawcksq4l7yd.onion - Port 22 -#+end_src - -* TODO Device Management - -https://www.linuxfromscratch.org/lfs/view/11.1/chapter09/symlinks.html - -** TODO Trezor - -https://trezor.io/trezor-model-t - -*** TODO Trezor System Packages - -#+begin_src scheme :noweb-ref trezor-system-packages - (service - (service-type - (name 'trezor-system-packages) - (extensions - (list - (service-extension profile-service-type - (lambda (_) - (map specification->package - (list - "trezord" - "trezord-udev-rules")))))) - (description "TrezorD packages needed by the system.") - (default-value #f))) -#+end_src - -*** TODO Trezor User Packages - -#+begin_src scheme :noweb-ref trezor-user-packages - (service - (service-type - (name 'trezor-user-packages) - (extensions - (list - (service-extension home-profile-service-type - (lambda (_) - (map specification->package - (list - "trezor-agent")))))) - (description "Trezor packages for the user.") - (default-value #f))) -#+end_src - -*** TODO Trezor Udev Services - -#+begin_src scheme :noweb-ref trezor-udev-rules - (udev-rules-service 'trezord trezord-udev-rules) -#+end_src - -* TODO Helpers -** TODO String to Package - -#+begin_src scheme :noweb-ref to-package+output - (compose list - specification->package+output) -#+end_src diff --git a/data/bashrc b/data/bashrc deleted file mode 100644 index 6486547..0000000 --- a/data/bashrc +++ /dev/null @@ -1 +0,0 @@ -export LD_LIBRARY_PATH=$LIBRARY_PATH diff --git a/data/emacs-config b/data/emacs-config deleted file mode 100644 index 272c20b..0000000 --- a/data/emacs-config +++ /dev/null @@ -1,78 +0,0 @@ -;;; Disable auto-backup -(setq-default make-backup-files nil) - -;;; https://github.com/fimblo/dot.emacs -;;; Theme Activation -(load-theme 'manoj-dark) - -;;; Enable ParEdit -(add-hook 'prog-mode-hook 'enable-paredit-mode) - -;;; https://elpa.gnu.org/packages/aggressive-indent.html -;;; Automatic Activation of Aggressive Indent -(global-aggressive-indent-mode) - -;; Highlight the pair of delimiters under the cursor -(setq-default show-paren-mode 1 - show-paren-delay 0) - -;;; https://guix.gnu.org/manual/en/html_node/The-Perfect-Setup.html -;;; Copyright Information -(setq-default user-full-name "Marek Paśnikowski" - user-mail-address "marekpasnikowski@protonmail.com") - -;;; Startup Screen Inhibition -(setq-default inhibit-startup-screen t) - -;; Enable the column-80 line -(setq-default display-fill-column-indicator 1 - display-fill-column-indicator-column 80) -(global-display-fill-column-indicator-mode) - -;; Prepare Literate Programming -(setq-default - org-startup-indented t - org-confirm-babel-evaluate nil - org-src-fontify-natively t - org-src-tab-acts-natively t) -(org-babel-do-load-languages 'org-babel-load-languages '((emacs-lisp . t) - (scheme . t ) - (shell . t ))) - -(add-to-list 'auto-mode-alist '("\\.epub\\'" . nov-mode)) - -;; Monospace Font in Ebook Reader -(setq-default nov-variable-pitch nil) - -;; Disable Toolbar -(tool-bar-mode -1) - -;; GNUS Configuration -(setq-default gnus-auto-select-first nil - gnus-select-method '(nnnil "") - gnus-secondary-select-methods '((nnimap "outlook" - (nnimap-address "outlook.office365.com") - (nnimap-server-port 993) - (nnimap-stream ssl) - (nnimap-authinfo-file "~/.authinfo")) - (nnimap "home" - (nnimap-address "serwer1930490.home.pl") - (nnimap-server-port 993) - (nnimap-stream ssl) - (nnimap-authinfo-file "~/.authinfo"))) - nnmail-split-method 'nnmail-split-fancy - nnmail-split-fancy '(| "normal")) -(add-hook 'gnus-group-mode-hook 'gnus-topic-mode) - -;; Org Configuration -(setq-default org-contacts-files '("~/Dokumenty/UWM/filia w Ełku/Samorząd 2022/starostowie.org")) - -;; ORG-FC Configuration -(require 'org-fc-hydra) -(setq-default - org-fc-algorithm 'tn - org-fc-directories '("~/Dokumenty/fiszki")) - -;; Nix Mode -(require 'nix-mode) -(add-to-list 'auto-mode-alist '("\\.nix\\'" . nix-mode)) diff --git a/data/git-config b/data/git-config deleted file mode 100644 index e2d58a5..0000000 --- a/data/git-config +++ /dev/null @@ -1,9 +0,0 @@ -[sendemail] -smtpencryption = tls -smtpserver = localhost -smtpserverport = 1025 -smtpsslcertpath = "" -smtpuser = marekpasnikowski@protonmail.com -[user] -name = "Marek Paśnikowski" -email = "marekpasnikowski@protonmail.com" diff --git a/home-configuration.scm b/home-configuration.scm deleted file mode 100644 index f785e41..0000000 --- a/home-configuration.scm +++ /dev/null @@ -1,224 +0,0 @@ -(define-module (aisaka-home-configuration) - #:use-module (gnu home) - #:use-module (gnu home services) - #:use-module (gnu home services shells) - #:use-module (gnu packages) - #:use-module (gnu services) - #:use-module (guix gexp)) - -(define allow-downgrades - "--allow-downgrades ") - -(define config-prefix - "/home/marek/Publiczny/src/guix-config/") - -(define pull-guix - "guix pull ") - -(define pull-guix- - (string-append pull-guix - allow-downgrades - "--disable-authentication ")) - -(define guix-home - "guix home reconfigure ") - -(define home-configuration - "home-configuration.scm ") - -(define reconfigure-home - (string-append guix-home - config-prefix - home-configuration)) - -(define reconfigure-home- - (string-append reconfigure-home - allow-downgrades)) - -(define guix-system - "sudo guix system reconfigure ") - -(define system-configuration - "system-configuration.scm ") - -(define reconfigure-system - (string-append guix-system - config-prefix - system-configuration)) - -(define reconfigure-system- - (string-append reconfigure-system - allow-downgrades)) - -(define and - "&& ") - -(define system-update - (string-append pull-guix - and - reconfigure-system - and - reconfigure-home - and - "sudo guix gc -d 7d")) - -(define system-update- - (string-append pull-guix- - and - reconfigure-system- - and - reconfigure-home- - and - "sudo guix gc -d 7d")) - -(home-environment - (packages - (map - (compose list - specification->package+output) - '("adwaita-icon-theme" - "alacritty" - "clamav" - "cpupower" - "dconf-editor" - "emacs-next" - "emacs-aggressive-indent" - "emacs-eldoc" - "emacs-geiser" - "emacs-geiser-guile" - "emacs-nix-mode" - "emacs-nov-el" - "emacs-org-contacts" - "emacs-org-contrib" - "emacs-paredit" - "font-google-noto" - "git" - "git-lfs" - "gnome-tweaks" - "gnupg" - "hicolor-icon-theme" - "icecat" - "jami" - "libadwaita" - "libreoffice" - "nm-tray" - "pwgen" - "seahorse" - "sicp" - "strace" - "unzip" - "zip"))) - (services - (list - (service - (service-type - (name 'flashrom-package) - (extensions - `(,(service-extension home-profile-service-type - (lambda (_) - (map specification->package - '("flashrom")))))) - (description "Flashrom installation.") - (default-value #f))) - (service - (service-type - (name 'git-sendemail-packages) - (extensions - (list - (service-extension home-profile-service-type - (lambda (_) - (map - (compose list - specification->package+output) - (list - "git" - "git:send-email")))))) - (description "Git Send Email") - (default-value #f))) - (service - (service-type - (name 'org-fc-tn-package) - (extensions - (list - (service-extension home-profile-service-type - (lambda (_) - (map specification->package - (list - "emacs-org-fc-tn")))))) - (description "Custom version of ORG-FC.") - (default-value #f))) - (simple-service 'ssh-configuration* home-files-service-type - `((".ssh/config" ,(plain-file "ssh-config" "\ - Host *.onion - ProxyCommand nc -x localhost:9050 -X5 %h %p - - Host kynio.onion - User kynio - Hostname prnpi5oblk35gzcihbgu3227xvanisouxgbejri57bnzjawcksq4l7yd.onion - Port 22\n")))) - ;; (service - ;; (service-type - ;; (name 'trezor-user-packages) - ;; (extensions - ;; (list - ;; (service-extension home-profile-service-type - ;; (lambda (_) - ;; (map specification->package - ;; (list - ;; "trezor-agent")))))) - ;; (description "Trezor packages for the user.") - ;; (default-value #f))) - (service home-bash-service-type - (home-bash-configuration - (environment-variables '(("EDITOR" . "emacs -nw") - ("GUILE_AUTO_COMPILE" . "0") - ("PATH" . "$PATH:/home/marek/.nix-profile/bin"))) - (aliases `(("grep" . "grep --color=auto ") - ("ll" . "ls -l ") - ("ls" . "ls -p --color=auto ") - ("nix" . "nix --extra-experimental-features flakes --extra-experimental-features nix-command") - ("pull-guix" . ,pull-guix) - ("pull-guix-" . ,pull-guix-) - ("reconfigure-home" . ,reconfigure-home) - ("reconfigure-home-" . ,reconfigure-home-) - ("reconfigure-system" . ,reconfigure-system) - ("reconfigure-system-" . ,reconfigure-system-) - ("system-update" . ,system-update) - ("system-update-" . ,system-update-))) - (bashrc (list - (local-file "data/bashrc"))))) - ;; (service - ;; home-channels-service-type - ;; (list - ;; (channel - ;; (name 'guix) - ;; (url "https://git.savannah.gnu.org/git/guix.git")) - ;; (channel - ;; (name 'jeko) - ;; (url "https://framagit.org/Jeko/guix-jeko-channel.git")) - ;; (channel - ;; (name 'nonguix) - ;; (url "https://gitlab.com/nonguix/nonguix") - ;; ;; Enable signature verification: - ;; (introduction - ;; (make-channel-introduction - ;; "897c1a470da759236cc11798f4e0a5f7d4d59fbc" - ;; (openpgp-fingerprint "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5")))) - ;; (channel (name 'org-fc-tn) - ;; (url "file:///home/marek/src/org-fc") - ;; (branch "repository")) - ;; (channel (name 'packages) - ;; (url "file:///home/marek/src/packages") - ;; (branch "master")) - ;; (channel (name 'channel) - ;; (url "https://git.marekpasnikowski.pl/git/channel.git") - ;; (branch "wip-channel") - ;; ( introduction - ;; ( make-channel-introduction - ;; "f8ccfe8f3e5c8bafe06665cbd4b0c9301e1a64b6" - ;; ( openpgp-fingerprint - ;; "590E 500F E39D 26B3 E60B 743B 6D81 B120 7711 899F" ) ) )))) - (simple-service 'configuration-files - home-files-service-type - `((".config/git/config" ,(local-file "data/git-config")) - (".emacs" ,(local-file "data/emacs-config"))))))) diff --git a/system-configuration.scm b/system-configuration.scm deleted file mode 100644 index 388bf06..0000000 --- a/system-configuration.scm +++ /dev/null @@ -1,134 +0,0 @@ -(define-module (aisaka-system-configuration) - #:use-module (gnu) - #:use-module (gnu packages commencement) - #:use-module (gnu packages cups) - #:use-module (gnu packages finance) - #:use-module (gnu services cups) - #:use-module (gnu services configuration) - #:use-module (gnu services desktop) - #:use-module (gnu services networking) - #:use-module (gnu services nix) - #:use-module (gnu services ssh) - #:use-module (gnu services version-control) - #:use-module (gnu services xorg)) - -(define keyboard-layout - (keyboard-layout "pl")) - -(operating-system - (locale "pl_PL.utf8") - (timezone "Europe/Warsaw") - (keyboard-layout keyboard-layout) - (host-name "aisaka") - (users (cons* (user-account (name "marek") - (comment "Marek Paśnikowski") - (group "users") - (home-directory "/home/marek") - (supplementary-groups '("audio" - "netdev" - "tor" - "video" - "wheel"))) - %base-user-accounts)) - (packages - (append - (map - (compose list - specification->package+output) - '(;; "netcat-openbsd" - "nss-certs" - "ntfs-3g")) - ( map - (compose list - specification->package+output) - ( list ) ) - %base-packages)) - (services - (append - (list - (extra-special-file - "/lib64/ld-linux-x86-64.so.2" - (file-append (canonical-package glibc) "/lib/ld-linux-x86-64.so.2")) - (extra-special-file - "/lib64/libstdc++.so.6" - (file-append (canonical-package gcc-toolchain) "/lib/libstdc++.so.6")) - (extra-special-file - "/usr/lib64/libstdc++.so.6" - (file-append (canonical-package gcc-toolchain) "/lib/libstdc++.so.6")) - (service openssh-service-type) - (udev-rules-service 'trezord trezord-udev-rules) - (service - guix-service-type - (guix-configuration - (extra-options - (list - "--gc-keep-derivations=yes" - "--gc-keep-outputs=yes")))) - (service nix-service-type) - (service - (service-type - (name 'trezor-system-packages) - (extensions - (list - (service-extension profile-service-type - (lambda (_) - (map specification->package - (list - "trezord" - "trezord-udev-rules")))))) - (description "TrezorD packages needed by the system.") - (default-value #f))) - (service - cups-service-type - (cups-configuration - (extensions - (list - cups-filters - epson-inkjet-printer-escpr)) - (web-interface? #t))) - (service git-daemon-service-type - (git-daemon-configuration - (export-all? #t))) - (service gnome-desktop-service-type) - (service plasma-desktop-service-type) - (service - tor-service-type - (tor-configuration - (control-socket? #t)))) - (modify-services - %desktop-services - (elogind-service-type - configuration => - (elogind-configuration - (inherit configuration) - (handle-lid-switch 'ignore))) - (gdm-service-type - configuration => - (gdm-configuration - (inherit configuration) - (wayland? #t))) - (delete guix-service-type)))) - (bootloader (bootloader-configuration (bootloader grub-bootloader) - (targets '("/dev/sda")) - (keyboard-layout keyboard-layout))) - (swap-devices - (list - (swap-space (target (uuid "73bed3f9-be07-40ad-a228-577cd24f2e1d"))))) - (mapped-devices - (list - (mapped-device - (source (uuid "887ac37f-2919-41a0-a62a-e1ff5ea2d6cc")) - (target "aisaka-root") - (type luks-device-mapping)))) - (file-systems - (append %base-file-systems - (list - (file-system - (mount-point "/") - (device "/dev/mapper/aisaka-root") - (type "btrfs") - (dependencies mapped-devices)) - (file-system - (mount-point "/boot") - (device (uuid "4f77b5fc-56ad-43ae-b6ec-e5adc8c48587")) - (type "ext4")))))) diff --git a/systems/aisaka/.bash_profile b/systems/aisaka/.bash_profile new file mode 100644 index 0000000..37ea25c --- /dev/null +++ b/systems/aisaka/.bash_profile @@ -0,0 +1,2 @@ +# Honor per-interactive-shell startup file +if [ -f ~/.bashrc ]; then . ~/.bashrc; fi diff --git a/systems/aisaka/.bashrc b/systems/aisaka/.bashrc new file mode 100644 index 0000000..78e9cea --- /dev/null +++ b/systems/aisaka/.bashrc @@ -0,0 +1,31 @@ +# Bash initialization for interactive non-login shells and +# for remote shells (info "(bash) Bash Startup Files"). + +# Export 'SHELL' to child processes. Programs such as 'screen' +# honor it and otherwise use /bin/sh. +export SHELL + +if [[ $- != *i* ]] +then + # We are being invoked from a non-interactive shell. If this + # is an SSH session (as in "ssh host command"), source + # /etc/profile so we get PATH and other essential variables. + [[ -n "$SSH_CLIENT" ]] && source /etc/profile + + # Don't do anything else. + return +fi + +# Source the system-wide file. +source /etc/bashrc + +# Adjust the prompt depending on whether we're in 'guix environment'. +if [ -n "$GUIX_ENVIRONMENT" ] +then + PS1='\n\u@\h [env]\$ ' +else + PS1='\n\u@\h \$ ' +fi +alias ls='ls -p --color=auto' +alias ll='ls -l' +alias grep='grep --color=auto' diff --git a/systems/aisaka/aisaka.org b/systems/aisaka/aisaka.org new file mode 100644 index 0000000..6759d2e --- /dev/null +++ b/systems/aisaka/aisaka.org @@ -0,0 +1,658 @@ +#+title: Configuration of the Aisaka computer -*- mode: org -*- +#+startup: overview +#+property: header-args:scheme :noweb yes +#+property: header-args:scheme+ :noweb-prefix yes +#+property: header-args:shell :noweb yes +#+property: Header-args:shell+ :noweb-prefix yes + +* TODO Guix + +https://guix.gnu.org/en/manual/en/html_node/ + +** TODO Installation + +https://guix.gnu.org/en/manual/en/html_node/Installation.html + +*** TODO Invoking guix-daemon + +https://guix.gnu.org/en/manual/en/html_node/Invoking-guix_002ddaemon.html + +#+begin_src scheme :noweb-ref guix-options + "--gc-keep-derivations=yes" + "--gc-keep-outputs=yes" +#+end_src + +** TODO System configuration + +https://guix.gnu.org/en/manual/en/html_node/System-Configuration.html + +#+begin_src scheme :noweb-ref system-dump :tangle system-configuration.scm + (define-module (aisaka-system-configuration) + #:use-module (gnu) + #:use-module (gnu packages commencement) + #:use-module (gnu packages cups) + #:use-module (gnu packages finance) + #:use-module (gnu services cups) + #:use-module (gnu services configuration) + #:use-module (gnu services desktop) + #:use-module (gnu services networking) + #:use-module (gnu services nix) + #:use-module (gnu services ssh) + #:use-module (gnu services version-control) + #:use-module (gnu services xorg)) + + (define keyboard-layout + (keyboard-layout "pl")) + + (operating-system + (locale "pl_PL.utf8") + (timezone "Europe/Warsaw") + (keyboard-layout keyboard-layout) + (host-name "aisaka") + (users (cons* (user-account (name "marek") + (comment "Marek Paśnikowski") + (group "users") + (home-directory "/home/marek") + (supplementary-groups '("audio" + "netdev" + "tor" + "video" + "wheel"))) + %base-user-accounts)) + (packages + (append + (map + <> + '(;; "netcat-openbsd" + "nss-certs" + "ntfs-3g")) + ( map + <> + ( list ) ) + %base-packages)) + (services + <>) + (bootloader (bootloader-configuration (bootloader grub-bootloader) + (targets '("/dev/sda")) + (keyboard-layout keyboard-layout))) + (swap-devices + (list + <>)) + (mapped-devices + (list + <>)) + (file-systems + (append %base-file-systems + (list + <> + <>)))) +#+end_src + +*** TODO Services + +https://guix.gnu.org/en/manual/en/html_node/Services.html + +#+begin_src scheme :noweb-ref system-services + (append + (list + (extra-special-file + "/lib64/ld-linux-x86-64.so.2" + (file-append (canonical-package glibc) "/lib/ld-linux-x86-64.so.2")) + (extra-special-file + "/lib64/libstdc++.so.6" + (file-append (canonical-package gcc-toolchain) "/lib/libstdc++.so.6")) + (extra-special-file + "/usr/lib64/libstdc++.so.6" + (file-append (canonical-package gcc-toolchain) "/lib/libstdc++.so.6")) + <> + <> + <> + <> + (service + cups-service-type + (cups-configuration + (extensions + (list + cups-filters + epson-inkjet-printer-escpr)) + (web-interface? #t))) + (service git-daemon-service-type + (git-daemon-configuration + (export-all? #t))) + (service gnome-desktop-service-type) + (service plasma-desktop-service-type) + (service + tor-service-type + (tor-configuration + (control-socket? #t)))) + (modify-services + %desktop-services + (elogind-service-type + configuration => + (elogind-configuration + (inherit configuration) + (handle-lid-switch 'ignore))) + (gdm-service-type + configuration => + (gdm-configuration + (inherit configuration) + (wayland? #t))) + (delete guix-service-type))) +#+end_src + +**** TODO Base Services + +https://guix.gnu.org/en/manual/en/html_node/Base-Services.html + +#+begin_src scheme :noweb-ref system-base-services + <> + (service + guix-service-type + (guix-configuration + (extra-options + (list + <>)))) +#+end_src + +**** TODO Miscellaneous Services + +https://guix.gnu.org/en/manual/en/html_node/Miscellaneous-Services.html + +#+begin_src scheme :noweb-ref system-miscellaneous-services + (service nix-service-type) +#+end_src + +** TODO Home configuration + +https://guix.gnu.org/en/manual/devel/en/html_node/Home-Configuration.html + +#+begin_src scheme :noweb-ref home-dump :tangle home-configuration.scm + (define-module (aisaka-home-configuration) + #:use-module (gnu home) + #:use-module (gnu home services) + #:use-module (gnu home services shells) + #:use-module (gnu packages) + #:use-module (gnu services) + #:use-module (guix gexp)) + + (define allow-downgrades + "--allow-downgrades ") + + (define config-prefix + "/home/marek/Publiczny/src/guix-config/") + + (define pull-guix + "guix pull ") + + (define pull-guix- + (string-append pull-guix + allow-downgrades + "--disable-authentication ")) + + (define guix-home + "guix home reconfigure ") + + (define home-configuration + "home-configuration.scm ") + + (define reconfigure-home + (string-append guix-home + config-prefix + home-configuration)) + + (define reconfigure-home- + (string-append reconfigure-home + allow-downgrades)) + + (define guix-system + "sudo guix system reconfigure ") + + (define system-configuration + "system-configuration.scm ") + + (define reconfigure-system + (string-append guix-system + config-prefix + system-configuration)) + + (define reconfigure-system- + (string-append reconfigure-system + allow-downgrades)) + + (define and + "&& ") + + (define system-update + (string-append pull-guix + and + reconfigure-system + and + reconfigure-home + and + "sudo guix gc -d 7d")) + + (define system-update- + (string-append pull-guix- + and + reconfigure-system- + and + reconfigure-home- + and + "sudo guix gc -d 7d")) + + (home-environment + (packages + (map + <> + '("adwaita-icon-theme" + "alacritty" + "clamav" + "cpupower" + "dconf-editor" + "emacs-next" + "emacs-aggressive-indent" + "emacs-eldoc" + "emacs-geiser" + "emacs-geiser-guile" + "emacs-nix-mode" + "emacs-nov-el" + "emacs-org-contacts" + "emacs-org-contrib" + "emacs-paredit" + "font-google-noto" + "git" + "git-lfs" + "gnome-tweaks" + "gnupg" + "hicolor-icon-theme" + "icecat" + "jami" + "libadwaita" + "libreoffice" + "nm-tray" + "pwgen" + "seahorse" + "sicp" + "strace" + "unzip" + "zip"))) + (services + (list + <> + <> + (service + (service-type + (name 'org-fc-tn-package) + (extensions + (list + (service-extension home-profile-service-type + (lambda (_) + (map specification->package + (list + "emacs-org-fc-tn")))))) + (description "Custom version of ORG-FC.") + (default-value #f))) + <> + ;; <> + (service home-bash-service-type + (home-bash-configuration + (environment-variables '(("EDITOR" . "emacs -nw") + ("GUILE_AUTO_COMPILE" . "0") + ("PATH" . "$PATH:/home/marek/.nix-profile/bin"))) + (aliases `(("grep" . "grep --color=auto ") + ("ll" . "ls -l ") + ("ls" . "ls -p --color=auto ") + ("nix" . "nix --extra-experimental-features flakes --extra-experimental-features nix-command") + ("pull-guix" . ,pull-guix) + ("pull-guix-" . ,pull-guix-) + ("reconfigure-home" . ,reconfigure-home) + ("reconfigure-home-" . ,reconfigure-home-) + ("reconfigure-system" . ,reconfigure-system) + ("reconfigure-system-" . ,reconfigure-system-) + ("system-update" . ,system-update) + ("system-update-" . ,system-update-))) + (bashrc (list + (local-file "data/bashrc"))))) + ;; (service + ;; home-channels-service-type + ;; (list + ;; (channel + ;; (name 'guix) + ;; (url "https://git.savannah.gnu.org/git/guix.git")) + ;; (channel + ;; (name 'jeko) + ;; (url "https://framagit.org/Jeko/guix-jeko-channel.git")) + ;; (channel + ;; (name 'nonguix) + ;; (url "https://gitlab.com/nonguix/nonguix") + ;; ;; Enable signature verification: + ;; (introduction + ;; (make-channel-introduction + ;; "897c1a470da759236cc11798f4e0a5f7d4d59fbc" + ;; (openpgp-fingerprint "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5")))) + ;; (channel (name 'org-fc-tn) + ;; (url "file:///home/marek/src/org-fc") + ;; (branch "repository")) + ;; (channel (name 'packages) + ;; (url "file:///home/marek/src/packages") + ;; (branch "master")) + ;; (channel (name 'channel) + ;; (url "https://git.marekpasnikowski.pl/git/channel.git") + ;; (branch "wip-channel") + ;; ( introduction + ;; ( make-channel-introduction + ;; "f8ccfe8f3e5c8bafe06665cbd4b0c9301e1a64b6" + ;; ( openpgp-fingerprint + ;; "590E 500F E39D 26B3 E60B 743B 6D81 B120 7711 899F" ) ) )))) + (simple-service 'configuration-files + home-files-service-type + `((".config/git/config" ,(local-file "data/git-config")) + (".emacs" ,(local-file "data/emacs-config"))))))) +#+end_src + +*** TODO bashrc + +#+begin_src shell :tangle data/bashrc + export LD_LIBRARY_PATH=$LIBRARY_PATH +#+end_src + +*** TODO emacs + +#+begin_src elisp :tangle data/emacs-config + ;;; Disable auto-backup + (setq-default make-backup-files nil) + + ;;; https://github.com/fimblo/dot.emacs + ;;; Theme Activation + (load-theme 'manoj-dark) + + ;;; Enable ParEdit + (add-hook 'prog-mode-hook 'enable-paredit-mode) + + ;;; https://elpa.gnu.org/packages/aggressive-indent.html + ;;; Automatic Activation of Aggressive Indent + (global-aggressive-indent-mode) + + ;; Highlight the pair of delimiters under the cursor + (setq-default show-paren-mode 1 + show-paren-delay 0) + + ;;; https://guix.gnu.org/manual/en/html_node/The-Perfect-Setup.html + ;;; Copyright Information + (setq-default user-full-name "Marek Paśnikowski" + user-mail-address "marekpasnikowski@protonmail.com") + + ;;; Startup Screen Inhibition + (setq-default inhibit-startup-screen t) + + ;; Enable the column-80 line + (setq-default display-fill-column-indicator 1 + display-fill-column-indicator-column 80) + (global-display-fill-column-indicator-mode) + + ;; Prepare Literate Programming + (setq-default + org-startup-indented t + org-confirm-babel-evaluate nil + org-src-fontify-natively t + org-src-tab-acts-natively t) + (org-babel-do-load-languages 'org-babel-load-languages '((emacs-lisp . t) + (scheme . t ) + (shell . t ))) + + (add-to-list 'auto-mode-alist '("\\.epub\\'" . nov-mode)) + + ;; Monospace Font in Ebook Reader + (setq-default nov-variable-pitch nil) + + ;; Disable Toolbar + (tool-bar-mode -1) + + ;; GNUS Configuration + (setq-default gnus-auto-select-first nil + gnus-select-method '(nnnil "") + gnus-secondary-select-methods '((nnimap "outlook" + (nnimap-address "outlook.office365.com") + (nnimap-server-port 993) + (nnimap-stream ssl) + (nnimap-authinfo-file "~/.authinfo")) + (nnimap "home" + (nnimap-address "serwer1930490.home.pl") + (nnimap-server-port 993) + (nnimap-stream ssl) + (nnimap-authinfo-file "~/.authinfo"))) + nnmail-split-method 'nnmail-split-fancy + nnmail-split-fancy '(| "normal")) + (add-hook 'gnus-group-mode-hook 'gnus-topic-mode) + + ;; Org Configuration + (setq-default org-contacts-files '("~/Dokumenty/UWM/filia w Ełku/Samorząd 2022/starostowie.org")) + + ;; ORG-FC Configuration + (require 'org-fc-hydra) + (setq-default + org-fc-algorithm 'tn + org-fc-directories '("~/Dokumenty/fiszki")) + + ;; Nix Mode + (require 'nix-mode) + (add-to-list 'auto-mode-alist '("\\.nix\\'" . nix-mode)) +#+end_src + +*** TODO git-config + +#+begin_src shell :tangle data/git-config + <> + <> +#+end_src + +**** TODO User Configuration + +#+begin_src shell :noweb-ref git-user-config + [user] + name = "Marek Paśnikowski" + email = "marekpasnikowski@protonmail.com" +#+end_src + +* TODO Git Send Email + +https://git-send-email.io/ + +** TODO Installation + +https://git-send-email.io/#step-1 + +#+begin_src scheme :noweb-ref git-sendemail-packages + (service + (service-type + (name 'git-sendemail-packages) + (extensions + (list + (service-extension home-profile-service-type + (lambda (_) + (map + <> + (list + "git" + "git:send-email")))))) + (description "Git Send Email") + (default-value #f))) +#+end_src + +** TODO Configuration + +https://git-send-email.io/#step-2 + +#+begin_src shell :noweb-ref git-sendemail-config + [sendemail] + smtpencryption = tls + smtpserver = localhost + smtpserverport = 1025 + smtpsslcertpath = "" + smtpuser = marekpasnikowski@protonmail.com +#+end_src + +* TODO LIBREBOOT + +The first layer of computing is the firmware. The Lenovo Thinkpad X200 has +a free Libreboot firmware installed. It is a good idea to keep it up to date. + +** TODO Flashrom + +Flashrom program is needed to write the computer firmware. The +program needs a relaxed kernel security feature. + +#+begin_src scheme :noweb-ref flashrom-package + (service + (service-type + (name 'flashrom-package) + (extensions + `(,(service-extension home-profile-service-type + (lambda (_) + (map specification->package + '("flashrom")))))) + (description "Flashrom installation.") + (default-value #f))) +#+end_src + +* TODO File Systems + +This system has a very simple file system - a boot partition, main partition +for everything else and swap. The main partition is encrypted. + +** Mapped Devices + +Data encryption layer, password protected. The LUKS encryption type is +used. + +#+begin_src scheme :noweb-ref luks + (mapped-device + (source (uuid "887ac37f-2919-41a0-a62a-e1ff5ea2d6cc")) + (target "aisaka-root") + (type luks-device-mapping)) +#+end_src + +** File Systems + +The data is split into an unencrypted boot partition and encrypted root +filesystem. + +*** Root File System + +The root filesystem is mounted on the encryption layer. Its type is +BTRFS. + +#+begin_src scheme :noweb-ref rootfs + (file-system + (mount-point "/") + (device "/dev/mapper/aisaka-root") + (type "btrfs") + (dependencies mapped-devices)) +#+end_src + +*** Boot File System + +The boot partition is on EXT4 filesystem. + +#+begin_src scheme :noweb-ref bootfs + (file-system + (mount-point "/boot") + (device (uuid "4f77b5fc-56ad-43ae-b6ec-e5adc8c48587")) + (type "ext4")) +#+end_src + +** Swap Devices + +Swap takes half the storage space in order to facilitate edge cases of +memory without overprovisioning, as well as to prolog the lifetime of SSD. + +#+begin_src scheme :noweb-ref swap + (swap-space (target (uuid "73bed3f9-be07-40ad-a228-577cd24f2e1d"))) +#+end_src + +* TODO System Servers + +** TODO Secure Shell + +*** TODO SSH Installation + +#+begin_src scheme :noweb-ref ssh-system-service + (service openssh-service-type) +#+end_src + +*** TODO SSH Configuration + +#+begin_src scheme :noweb-ref ssh-user-configuration + (simple-service 'ssh-configuration* home-files-service-type + `((".ssh/config" ,(plain-file "ssh-config" "\ + <>\n")))) +#+end_src + +**** TODO SSH Configuration File + +#+begin_src shell :noweb-ref ssh-config + Host *.onion + ProxyCommand nc -x localhost:9050 -X5 %h %p + + Host kynio.onion + User kynio + Hostname prnpi5oblk35gzcihbgu3227xvanisouxgbejri57bnzjawcksq4l7yd.onion + Port 22 +#+end_src + +* TODO Device Management + +https://www.linuxfromscratch.org/lfs/view/11.1/chapter09/symlinks.html + +** TODO Trezor + +https://trezor.io/trezor-model-t + +*** TODO Trezor System Packages + +#+begin_src scheme :noweb-ref trezor-system-packages + (service + (service-type + (name 'trezor-system-packages) + (extensions + (list + (service-extension profile-service-type + (lambda (_) + (map specification->package + (list + "trezord" + "trezord-udev-rules")))))) + (description "TrezorD packages needed by the system.") + (default-value #f))) +#+end_src + +*** TODO Trezor User Packages + +#+begin_src scheme :noweb-ref trezor-user-packages + (service + (service-type + (name 'trezor-user-packages) + (extensions + (list + (service-extension home-profile-service-type + (lambda (_) + (map specification->package + (list + "trezor-agent")))))) + (description "Trezor packages for the user.") + (default-value #f))) +#+end_src + +*** TODO Trezor Udev Services + +#+begin_src scheme :noweb-ref trezor-udev-rules + (udev-rules-service 'trezord trezord-udev-rules) +#+end_src + +* TODO Helpers +** TODO String to Package + +#+begin_src scheme :noweb-ref to-package+output + (compose list + specification->package+output) +#+end_src diff --git a/systems/aisaka/data/bashrc b/systems/aisaka/data/bashrc new file mode 100644 index 0000000..6486547 --- /dev/null +++ b/systems/aisaka/data/bashrc @@ -0,0 +1 @@ +export LD_LIBRARY_PATH=$LIBRARY_PATH diff --git a/systems/aisaka/data/emacs-config b/systems/aisaka/data/emacs-config new file mode 100644 index 0000000..272c20b --- /dev/null +++ b/systems/aisaka/data/emacs-config @@ -0,0 +1,78 @@ +;;; Disable auto-backup +(setq-default make-backup-files nil) + +;;; https://github.com/fimblo/dot.emacs +;;; Theme Activation +(load-theme 'manoj-dark) + +;;; Enable ParEdit +(add-hook 'prog-mode-hook 'enable-paredit-mode) + +;;; https://elpa.gnu.org/packages/aggressive-indent.html +;;; Automatic Activation of Aggressive Indent +(global-aggressive-indent-mode) + +;; Highlight the pair of delimiters under the cursor +(setq-default show-paren-mode 1 + show-paren-delay 0) + +;;; https://guix.gnu.org/manual/en/html_node/The-Perfect-Setup.html +;;; Copyright Information +(setq-default user-full-name "Marek Paśnikowski" + user-mail-address "marekpasnikowski@protonmail.com") + +;;; Startup Screen Inhibition +(setq-default inhibit-startup-screen t) + +;; Enable the column-80 line +(setq-default display-fill-column-indicator 1 + display-fill-column-indicator-column 80) +(global-display-fill-column-indicator-mode) + +;; Prepare Literate Programming +(setq-default + org-startup-indented t + org-confirm-babel-evaluate nil + org-src-fontify-natively t + org-src-tab-acts-natively t) +(org-babel-do-load-languages 'org-babel-load-languages '((emacs-lisp . t) + (scheme . t ) + (shell . t ))) + +(add-to-list 'auto-mode-alist '("\\.epub\\'" . nov-mode)) + +;; Monospace Font in Ebook Reader +(setq-default nov-variable-pitch nil) + +;; Disable Toolbar +(tool-bar-mode -1) + +;; GNUS Configuration +(setq-default gnus-auto-select-first nil + gnus-select-method '(nnnil "") + gnus-secondary-select-methods '((nnimap "outlook" + (nnimap-address "outlook.office365.com") + (nnimap-server-port 993) + (nnimap-stream ssl) + (nnimap-authinfo-file "~/.authinfo")) + (nnimap "home" + (nnimap-address "serwer1930490.home.pl") + (nnimap-server-port 993) + (nnimap-stream ssl) + (nnimap-authinfo-file "~/.authinfo"))) + nnmail-split-method 'nnmail-split-fancy + nnmail-split-fancy '(| "normal")) +(add-hook 'gnus-group-mode-hook 'gnus-topic-mode) + +;; Org Configuration +(setq-default org-contacts-files '("~/Dokumenty/UWM/filia w Ełku/Samorząd 2022/starostowie.org")) + +;; ORG-FC Configuration +(require 'org-fc-hydra) +(setq-default + org-fc-algorithm 'tn + org-fc-directories '("~/Dokumenty/fiszki")) + +;; Nix Mode +(require 'nix-mode) +(add-to-list 'auto-mode-alist '("\\.nix\\'" . nix-mode)) diff --git a/systems/aisaka/data/git-config b/systems/aisaka/data/git-config new file mode 100644 index 0000000..e2d58a5 --- /dev/null +++ b/systems/aisaka/data/git-config @@ -0,0 +1,9 @@ +[sendemail] +smtpencryption = tls +smtpserver = localhost +smtpserverport = 1025 +smtpsslcertpath = "" +smtpuser = marekpasnikowski@protonmail.com +[user] +name = "Marek Paśnikowski" +email = "marekpasnikowski@protonmail.com" diff --git a/systems/aisaka/home-configuration.scm b/systems/aisaka/home-configuration.scm new file mode 100644 index 0000000..f785e41 --- /dev/null +++ b/systems/aisaka/home-configuration.scm @@ -0,0 +1,224 @@ +(define-module (aisaka-home-configuration) + #:use-module (gnu home) + #:use-module (gnu home services) + #:use-module (gnu home services shells) + #:use-module (gnu packages) + #:use-module (gnu services) + #:use-module (guix gexp)) + +(define allow-downgrades + "--allow-downgrades ") + +(define config-prefix + "/home/marek/Publiczny/src/guix-config/") + +(define pull-guix + "guix pull ") + +(define pull-guix- + (string-append pull-guix + allow-downgrades + "--disable-authentication ")) + +(define guix-home + "guix home reconfigure ") + +(define home-configuration + "home-configuration.scm ") + +(define reconfigure-home + (string-append guix-home + config-prefix + home-configuration)) + +(define reconfigure-home- + (string-append reconfigure-home + allow-downgrades)) + +(define guix-system + "sudo guix system reconfigure ") + +(define system-configuration + "system-configuration.scm ") + +(define reconfigure-system + (string-append guix-system + config-prefix + system-configuration)) + +(define reconfigure-system- + (string-append reconfigure-system + allow-downgrades)) + +(define and + "&& ") + +(define system-update + (string-append pull-guix + and + reconfigure-system + and + reconfigure-home + and + "sudo guix gc -d 7d")) + +(define system-update- + (string-append pull-guix- + and + reconfigure-system- + and + reconfigure-home- + and + "sudo guix gc -d 7d")) + +(home-environment + (packages + (map + (compose list + specification->package+output) + '("adwaita-icon-theme" + "alacritty" + "clamav" + "cpupower" + "dconf-editor" + "emacs-next" + "emacs-aggressive-indent" + "emacs-eldoc" + "emacs-geiser" + "emacs-geiser-guile" + "emacs-nix-mode" + "emacs-nov-el" + "emacs-org-contacts" + "emacs-org-contrib" + "emacs-paredit" + "font-google-noto" + "git" + "git-lfs" + "gnome-tweaks" + "gnupg" + "hicolor-icon-theme" + "icecat" + "jami" + "libadwaita" + "libreoffice" + "nm-tray" + "pwgen" + "seahorse" + "sicp" + "strace" + "unzip" + "zip"))) + (services + (list + (service + (service-type + (name 'flashrom-package) + (extensions + `(,(service-extension home-profile-service-type + (lambda (_) + (map specification->package + '("flashrom")))))) + (description "Flashrom installation.") + (default-value #f))) + (service + (service-type + (name 'git-sendemail-packages) + (extensions + (list + (service-extension home-profile-service-type + (lambda (_) + (map + (compose list + specification->package+output) + (list + "git" + "git:send-email")))))) + (description "Git Send Email") + (default-value #f))) + (service + (service-type + (name 'org-fc-tn-package) + (extensions + (list + (service-extension home-profile-service-type + (lambda (_) + (map specification->package + (list + "emacs-org-fc-tn")))))) + (description "Custom version of ORG-FC.") + (default-value #f))) + (simple-service 'ssh-configuration* home-files-service-type + `((".ssh/config" ,(plain-file "ssh-config" "\ + Host *.onion + ProxyCommand nc -x localhost:9050 -X5 %h %p + + Host kynio.onion + User kynio + Hostname prnpi5oblk35gzcihbgu3227xvanisouxgbejri57bnzjawcksq4l7yd.onion + Port 22\n")))) + ;; (service + ;; (service-type + ;; (name 'trezor-user-packages) + ;; (extensions + ;; (list + ;; (service-extension home-profile-service-type + ;; (lambda (_) + ;; (map specification->package + ;; (list + ;; "trezor-agent")))))) + ;; (description "Trezor packages for the user.") + ;; (default-value #f))) + (service home-bash-service-type + (home-bash-configuration + (environment-variables '(("EDITOR" . "emacs -nw") + ("GUILE_AUTO_COMPILE" . "0") + ("PATH" . "$PATH:/home/marek/.nix-profile/bin"))) + (aliases `(("grep" . "grep --color=auto ") + ("ll" . "ls -l ") + ("ls" . "ls -p --color=auto ") + ("nix" . "nix --extra-experimental-features flakes --extra-experimental-features nix-command") + ("pull-guix" . ,pull-guix) + ("pull-guix-" . ,pull-guix-) + ("reconfigure-home" . ,reconfigure-home) + ("reconfigure-home-" . ,reconfigure-home-) + ("reconfigure-system" . ,reconfigure-system) + ("reconfigure-system-" . ,reconfigure-system-) + ("system-update" . ,system-update) + ("system-update-" . ,system-update-))) + (bashrc (list + (local-file "data/bashrc"))))) + ;; (service + ;; home-channels-service-type + ;; (list + ;; (channel + ;; (name 'guix) + ;; (url "https://git.savannah.gnu.org/git/guix.git")) + ;; (channel + ;; (name 'jeko) + ;; (url "https://framagit.org/Jeko/guix-jeko-channel.git")) + ;; (channel + ;; (name 'nonguix) + ;; (url "https://gitlab.com/nonguix/nonguix") + ;; ;; Enable signature verification: + ;; (introduction + ;; (make-channel-introduction + ;; "897c1a470da759236cc11798f4e0a5f7d4d59fbc" + ;; (openpgp-fingerprint "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5")))) + ;; (channel (name 'org-fc-tn) + ;; (url "file:///home/marek/src/org-fc") + ;; (branch "repository")) + ;; (channel (name 'packages) + ;; (url "file:///home/marek/src/packages") + ;; (branch "master")) + ;; (channel (name 'channel) + ;; (url "https://git.marekpasnikowski.pl/git/channel.git") + ;; (branch "wip-channel") + ;; ( introduction + ;; ( make-channel-introduction + ;; "f8ccfe8f3e5c8bafe06665cbd4b0c9301e1a64b6" + ;; ( openpgp-fingerprint + ;; "590E 500F E39D 26B3 E60B 743B 6D81 B120 7711 899F" ) ) )))) + (simple-service 'configuration-files + home-files-service-type + `((".config/git/config" ,(local-file "data/git-config")) + (".emacs" ,(local-file "data/emacs-config"))))))) diff --git a/systems/aisaka/system-configuration.scm b/systems/aisaka/system-configuration.scm new file mode 100644 index 0000000..388bf06 --- /dev/null +++ b/systems/aisaka/system-configuration.scm @@ -0,0 +1,134 @@ +(define-module (aisaka-system-configuration) + #:use-module (gnu) + #:use-module (gnu packages commencement) + #:use-module (gnu packages cups) + #:use-module (gnu packages finance) + #:use-module (gnu services cups) + #:use-module (gnu services configuration) + #:use-module (gnu services desktop) + #:use-module (gnu services networking) + #:use-module (gnu services nix) + #:use-module (gnu services ssh) + #:use-module (gnu services version-control) + #:use-module (gnu services xorg)) + +(define keyboard-layout + (keyboard-layout "pl")) + +(operating-system + (locale "pl_PL.utf8") + (timezone "Europe/Warsaw") + (keyboard-layout keyboard-layout) + (host-name "aisaka") + (users (cons* (user-account (name "marek") + (comment "Marek Paśnikowski") + (group "users") + (home-directory "/home/marek") + (supplementary-groups '("audio" + "netdev" + "tor" + "video" + "wheel"))) + %base-user-accounts)) + (packages + (append + (map + (compose list + specification->package+output) + '(;; "netcat-openbsd" + "nss-certs" + "ntfs-3g")) + ( map + (compose list + specification->package+output) + ( list ) ) + %base-packages)) + (services + (append + (list + (extra-special-file + "/lib64/ld-linux-x86-64.so.2" + (file-append (canonical-package glibc) "/lib/ld-linux-x86-64.so.2")) + (extra-special-file + "/lib64/libstdc++.so.6" + (file-append (canonical-package gcc-toolchain) "/lib/libstdc++.so.6")) + (extra-special-file + "/usr/lib64/libstdc++.so.6" + (file-append (canonical-package gcc-toolchain) "/lib/libstdc++.so.6")) + (service openssh-service-type) + (udev-rules-service 'trezord trezord-udev-rules) + (service + guix-service-type + (guix-configuration + (extra-options + (list + "--gc-keep-derivations=yes" + "--gc-keep-outputs=yes")))) + (service nix-service-type) + (service + (service-type + (name 'trezor-system-packages) + (extensions + (list + (service-extension profile-service-type + (lambda (_) + (map specification->package + (list + "trezord" + "trezord-udev-rules")))))) + (description "TrezorD packages needed by the system.") + (default-value #f))) + (service + cups-service-type + (cups-configuration + (extensions + (list + cups-filters + epson-inkjet-printer-escpr)) + (web-interface? #t))) + (service git-daemon-service-type + (git-daemon-configuration + (export-all? #t))) + (service gnome-desktop-service-type) + (service plasma-desktop-service-type) + (service + tor-service-type + (tor-configuration + (control-socket? #t)))) + (modify-services + %desktop-services + (elogind-service-type + configuration => + (elogind-configuration + (inherit configuration) + (handle-lid-switch 'ignore))) + (gdm-service-type + configuration => + (gdm-configuration + (inherit configuration) + (wayland? #t))) + (delete guix-service-type)))) + (bootloader (bootloader-configuration (bootloader grub-bootloader) + (targets '("/dev/sda")) + (keyboard-layout keyboard-layout))) + (swap-devices + (list + (swap-space (target (uuid "73bed3f9-be07-40ad-a228-577cd24f2e1d"))))) + (mapped-devices + (list + (mapped-device + (source (uuid "887ac37f-2919-41a0-a62a-e1ff5ea2d6cc")) + (target "aisaka-root") + (type luks-device-mapping)))) + (file-systems + (append %base-file-systems + (list + (file-system + (mount-point "/") + (device "/dev/mapper/aisaka-root") + (type "btrfs") + (dependencies mapped-devices)) + (file-system + (mount-point "/boot") + (device (uuid "4f77b5fc-56ad-43ae-b6ec-e5adc8c48587")) + (type "ext4")))))) -- cgit v1.2.3