;; This is an operating system configuration template ;; for a "desktop" setup without full-blown desktop ;; environments. ;; This is an operating system configuration template ;; for a "bare bones" setup, with no X11 display server. ;(use-modules (gnu)) (use-modules (gnu) (gnu system nss) (guix gexp)) (use-service-modules ssh) (use-service-modules base desktop xorg) (use-package-modules certs linux suckless wm) ;(use-package-modules admin) (define cyborg-quirk "Section \"InputClass\" Identifier \"Saitek Cyborg R.A.T.5 Mouse\" MatchIsPointer \"on\" MatchProduct \"Saitek Cyborg R.A.T.5 Mouse\" MatchVendor \"Saitek|SAITEK\" MatchDevicePath \"/dev/input/event*\" Option \"ButtonMapping\" \"1 2 3 4 5 6 7 2 9 4 5 12 0 0 0\" Option \"ZAxisMapping\" \"10 11\" # Option \"AutoReleaseButtons\" \"12 13 14 15\" EndSection ") (define xneo "Section \"InputClass\" Identifier \"keyboard-all\" Option \"XkbLayout\" \"neo\" MatchIsKeyboard \"on\" EndSection ") (define %my-xorg-conf (xorg-configuration-file #:extra-config (list cyborg-quirk xneo))) (define %my-startx (xorg-start-command #:configuration-file %my-xorg-conf)) (define %my-services ;; My very own list of services. (modify-services %desktop-services (guix-service-type config => (guix-configuration (inherit config) (extra-options '("-M4")) (substitute-urls (cons* "https://berlin.guixsd.org" "https://hydra.gnu.org" (guix-configuration-substitute-urls config))))) (openssh-service-type config => (openssh-configuration (inherit config) (x11-forwarding? (openssh-configuration-x11-forwarding? config)))) (slim-service-type config => (slim-configuration (inherit config) (startx %my-startx) (default-user "mcd"))))) (define (openssh-config-file config) "Return the sshd configuration file corresponding to CONFIG." (computed-file "sshd_config" #~(begin (use-modules (ice-9 match)) (call-with-output-file #$output (lambda (port) (display "# Generated by 'openssh-service'.\n" port) (format port "Port ~a\n" #$(number->string (openssh-configuration-port-number config))) (format port "PermitRootLogin ~a\n" #$(match (openssh-configuration-permit-root-login config) (#t "yes") (#f "no") ('without-password "without-password"))) (format port "PermitEmptyPasswords ~a\n" #$(if (openssh-configuration-allow-empty-passwords? config) "yes" "no")) (format port "PasswordAuthentication ~a\n" #$(if (openssh-configuration-password-authentication? config) "yes" "no")) (format port "PubkeyAuthentication ~a\n" #$(if (openssh-configuration-public-key-authentication? config) "yes" "no")) (format port "X11Forwarding ~a\n" #$(if (openssh-configuration-x11-forwarding? config) "yes" "no")) (format port "PidFile ~a\n" #$(openssh-configuration-pid-file config)) (format port "ChallengeResponseAuthentication ~a\n" #$(if (openssh-challenge-response-authentication? config) "yes" "no")) (format port "UsePAM ~a\n" #$(if (openssh-configuration-use-pam? config) "yes" "no")) (format port "PrintLastLog ~a\n" #$(if (openssh-configuration-print-last-log? config) "yes" "no")) ;; Add '/etc/authorized_keys.d/%u', which we populate. (format port "AuthorizedKeysFile \ .ssh/authorized_keys .ssh/authorized_keys2 /etc/ssh/authorized_keys.d/%u\n") (for-each (lambda (s) (format port "AcceptEnv ~a\n" s)) '#$(openssh-configuration-accepted-environment config)) ; (for-each ; (match-lambda ; ((name command) (format port "Subsystem\t~a\t~a\n" name command))) ; '#$(openssh-configuration-subsystems config)) #t))))) (define (my-openssh-shepherd-service config) "Return a for openssh with CONFIG." (define openssh-command #~(list (string-append #$(openssh-configuration-openssh config) "/sbin/sshd") "-D" "-f" #$(openssh-config-file config) "-d" "-E" "/var/log/sshd.debug")) (list (shepherd-service (documentation "OpenSSH server.") (requirement '(syslogd)) (provision '(ssh-daemon)) (start #~(make-forkexec-constructor #$openssh-command #:pid-file "/var/run/sshd.pid")) ; #:pid-file #$pid-file)) (stop #~(make-kill-destructor)) (auto-start? (openssh-auto-start? config))))) (operating-system (host-name "komputilo") (timezone "Europe/Berlin") (locale "de_DE.UTF-8") (hosts-file (plain-file "hosts" "127.0.0.1 localhost komputilo ::1 localhost komputilo 192.168.178.20 pi.fritz.box pi")) ;; Assuming /dev/sdX is the target hard disk, and "my-root" is ;; the label of the target root file system. (bootloader (bootloader-configuration (bootloader (bootloader (inherit grub-bootloader) (installer #~(const #t)))))) ; (bootloader (bootloader-configuration (bootloader grub-bootloader) ; (target "/dev/sda3") ;(menu-entries '((menu-entry ; (label "Grub Nixos") ; (multiboot "(hd0)") ; still unsupported ; ))) ; )) (file-systems (cons (file-system (device "guix-root") (title 'label) (mount-point "/") (type "ext4")) %base-file-systems)) ;; This is where user accounts are specified. The "root" ;; account is implicit, and is initially created with the ;; empty password. (users (cons (user-account (name "mcd") (comment "Martin Castillo") (group "users") ;; Adding the account to the "wheel" group ;; makes it a sudoer. Adding it to "audio" ;; and "video" allows the user to play sound ;; and access the webcam. (supplementary-groups '("wheel" ; "plugdev" ? für mtp? ist aber undefiniert "audio" "video" "netdev")) ;workmanager")) (home-directory "/home/mcd")) %base-user-accounts)) ;; Globally-installed packages. ;(packages (cons tcpdump %base-packages)) ;; Add a bunch of window managers; we can choose one at ;; the log-in screen with F1. (packages (cons* dmenu ;window managers nss-certs ;for HTTPS access kbd-neo %base-packages)) ;; Add services to the baseline: a DHCP client and ;; an SSH server. (services (cons* ;(dhcp-client-service) ; (gpm-service) ;mouse in vt (console-keymap-service (file-append kbd-neo "/share/keymaps/neo.map"));; ; (my-openssh-shepherd-service ; (openssh-configuration ; (accepted-environment '("COLORTERM")) ; (port-number 2222))) (service openssh-service-type (openssh-configuration (accepted-environment '("COLORTERM")) (port-number 2222))) (simple-service 'store-my-config etc-service-type `(("config.scm" ,(local-file (assoc-ref (current-source-location) 'filename))))) (xfce-desktop-service) %my-services)) ;; Use the "desktop" services, which include the X11 ;; log-in service, networking with Wicd, and more. ;(services %desktop-services) ;; Allow resolution of '.local' host names with mDNS. (name-service-switch %mdns-host-lookup-nss))