deployment/systems/akashi.scm


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125

;;; SPDX-License-Identifier: GPL-3.0-or-later
;;; SPDX-FileCopyrightText: 2024-2025 Marek Paśnikowski <marek@marekpasnikowski.pl>

(define-module (deployment systems akashi)
  #:use-module (guix gexp)
  #:use-module (users id1000)
  #:use-module ((deployment keys)
                #:prefix deployment:keys:)
  #:use-module ((gnu packages linux)
                #:prefix gnu:packages:linux:)
  #:use-module ((gnu services)
                #:prefix gnu:services:)
  #:use-module ((gnu services base)
                #:prefix gnu:services:base:)
  #:use-module ((gnu services guix)
                #:prefix gnu:services:guix:)
  #:use-module ((gnu system)
                #:prefix gnu:system:)
  #:use-module ((gnu system file-systems)
                #:prefix gnu:system:file-systems:)
  #:use-module ((gnu system keyboard)
                #:prefix gnu:system:keyboard:)
  #:use-module ((gnu system linux-initrd)
                #:prefix gnu:system:linux-initrd:)
  #:use-module ((gnu system locale)
                #:prefix gnu:system:locale:)
  #:use-module ((gnu system nss)
                #:prefix gnu:system:nss:)
  #:use-module ((gnu system pam)
                #:prefix gnu:system:pam:)
  #:use-module ((gnu system shadow)
                #:prefix gnu:system:shadow:)
  #:use-module ((guix diagnostics)
                #:prefix guix:diagnostics:)
  #:use-module ((machines thinkpad-x200)
                #:prefix machines:thinkpad-x200:)
  #:use-module ((sovereign systems)
                #:prefix sovereign:systems:))

(define-public architecture "x86_64-linux")

(define-public system-name "akashi")

(define root-partition
  ((@ (gnu system file-systems) file-system)
   (mount-point "/")
   (device ((@ (gnu system file-systems) file-system-label) "akashi-root"))
   (type "ext4")))

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

(define system-keyboard-layout
  (gnu:system:keyboard:keyboard-layout "pl"))

(define offload-hub
  #~(build-machine
     (name        "www.marekpasnikowski.pl")
     (systems     (list "x86_64-linux"
                        "i686-linux"))
     (user        "marek")
     (host-key    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM0Eh0q54myeSEironEP9DEKl+ownYuH7oSgAVuLIDNt root@aisaka")
     (port        23)
     (private-key "/home/marek/.ssh/id_ed25519")))

(define guix-offload-targets
  (gnu:services:base:guix-extension
   (authorized-keys (list deployment:keys:aisaka-guix))
   (build-machines  (list offload-hub))))

(define offload-extension
  (gnu:services:simple-service 'offload-extension
                               gnu:services:base:guix-service-type
                               guix-offload-targets))

(define home-environments
  `((,uid1000-name ,uid1000-home-environment)))

(define guix-home
  (gnu:services:service gnu:services:guix:guix-home-service-type
                        home-environments))

(define-public system
  (gnu:system:operating-system
   (kernel                  gnu:packages:linux:linux-libre)
   (kernel-loadable-modules (list))
   (kernel-arguments        (cons* "thinkpad_acpi.fan_control=1"
                                   "thinkpad_acpi.fan='level 7'"
                                   gnu:system:%default-kernel-arguments))
   (hurd                    #f)
   (bootloader              (machines:thinkpad-x200:bootloader-configuration* system-keyboard-layout))
   (label                   (sovereign:systems:operating-system-label* system-name
                                                                       gnu:system:this-operating-system))
   (keyboard-layout         system-keyboard-layout)
   (initrd                  gnu:system:linux-initrd:base-initrd)
   (initrd-modules          gnu:system:linux-initrd:%base-initrd-modules)
   (firmware                (list))
   (host-name               system-name)
   (hosts-file              #f)
   (mapped-devices          (list))
   (file-systems            (cons* root-partition
                                   gnu:system:file-systems:%base-file-systems))
   (swap-devices            (machines:thinkpad-x200:swap-devices* system-name))
   (users                   (list uid1000-account))
   (groups                  gnu:system:shadow:%base-groups)
   (skeletons               (gnu:system:shadow:default-skeletons))
   (issue                   (@@ (gnu system)
                                %default-issue))
   (packages                gnu:system:%base-packages)
   (timezone                "Europe/Warsaw")
   (locale                  sovereign:systems:pl-locale)
   (locale-definitions      sovereign:systems:%sovereign-locale-definitions)
   (locale-libcs            gnu:system:locale:%default-locale-libcs)
   (name-service-switch     gnu:system:nss:%default-nss)
   (essential-services      (gnu:system:operating-system-default-essential-services gnu:system:this-operating-system))
   (services                (cons* guix-home
                                   offload-extension
                                   sovereign:systems:%sovereign-services))
   (pam-services            (gnu:system:pam:base-pam-services))
   (privileged-programs     gnu:system:%default-privileged-programs)
   (setuid-programs         gnu:system:%setuid-programs)
   (sudoers-file            sovereign:systems:%sovereign-sudoers-specification)
   (location                (and=> (current-source-location)
                                   guix:diagnostics:source-properties->location))))

(define-public operating-system* system)