(define-module (hosts kirsty system) #:use-module (gnu) #:use-module (gnu packages bash) #:use-module (gnu packages certs) #:use-module (gnu packages linux) #:use-module (gnu packages ncurses) #:use-module (gnu packages rsync) #:use-module (gnu packages wm) #:use-module (gnu services desktop) #:use-module (gnu services networking) #:use-module (gnu services security-token) #:use-module (gnu services shepherd) #:use-module (gnu services sound) #:use-module (gnu services virtualization) #:use-module (gnu services xorg) #:use-module (gnu system locale) #:use-module (gnu system setuid) #:use-module (nongnu packages linux) #:use-module (nongnu system linux-initrd) #:use-module (packages shepherd) #:use-module (config base)) (define host-dir (dirname (module-filename (current-module)))) (operating-system (host-name "kirsty") (timezone "Europe/Ljubljana") (locale-definitions (cons* (locale-definition (name "sl_SI.utf8") (source "sl_SI")) %default-locale-definitions)) (locale "en_US.utf8") (kernel (customize-linux #:linux linux #:defconfig (local-file (string-append host-dir "/kernel.config")))) (kernel-arguments '("mitigations=auto")) (firmware (cons* intel-microcode linux-firmware wireless-regdb %base-firmware)) (initrd microcode-initrd) (initrd-modules '("dm-crypt")) (bootloader (bootloader-configuration (bootloader grub-bootloader) (targets '("/dev/nvme0n1")))) (mapped-devices (list (mapped-device (source (uuid "c725b7b7-b4d9-49e0-8c2c-3624b3cde7e3")) (target "root") (type luks-device-mapping)))) (file-systems (cons* (file-system (device "/dev/mapper/root") (mount-point "/") (type "ext4")) %base-file-systems)) (swap-devices (list (swap-space (target "/swap")))) (users (cons* (user-account (name "timotej") (comment "Timotej Lazar") (group "users") (supplementary-groups '("audio" "cdrom" "dialout" "kvm" "netdev" "seat" "wheel")) (home-directory "/home/timotej")) %base-user-accounts)) (packages (cons* ncurses nss-certs rsync %base-packages)) (essential-services (modify-services (operating-system-default-essential-services this-operating-system) (shepherd-root-service-type config => (shepherd-configuration (shepherd shepherd/fibers-1.1))))) (services (cons* (extra-special-file "/usr/bin/env" (file-append coreutils "/bin/env")) (extra-special-file "/bin/bash" (file-append bash "/bin/bash")) (service seatd-service-type) (service greetd-service-type (greetd-configuration (greeter-supplementary-groups '("input" "video")) (terminals (map (lambda (tty) (greetd-terminal-configuration (terminal-vt tty) (terminal-switch #t))) '("1" "2" "3" "4" "5" "6"))))) ;; Networking. (service network-manager-service-type) (service wpa-supplicant-service-type) (service modem-manager-service-type) (service usb-modeswitch-service-type) (service tor-service-type (tor-configuration (config-file (plain-file "torrc" "SocksPort 127.0.0.1:9050 IsolateDestAddr")))) ;; Desktop. (service udisks-service-type) (service upower-service-type) (service alsa-service-type) (service pcscd-service-type) (service screen-locker-service-type (screen-locker-configuration (name "swaylock") (program (file-append swaylock "/bin/swaylock")) (using-pam? #t) (using-setuid? #f))) (service qemu-binfmt-service-type (qemu-binfmt-configuration (platforms (lookup-qemu-platforms "arm" "aarch64" "mips64el" "x86")))) (modify-services (base-services) (delete login-service-type) (delete mingetty-service-type) (delete mingetty-service-type) (delete mingetty-service-type) (delete mingetty-service-type) (delete mingetty-service-type) (delete mingetty-service-type) ;; Don’t use up all CPU (and RAM) when compiling. (guix-service-type config => (guix-configuration (inherit config) (extra-options '("--cores=2"))))))))