aboutsummaryrefslogtreecommitdiff
;; -*- mode: scheme; -*-
;; This is an operating system configuration template
;; for a "desktop" setup with GNOME and Xfce where the
;; root partition is encrypted with LUKS, and a swap file.

(use-modules (gnu) (gnu system nss) (guix utils))
(use-service-modules desktop sddm xorg)
(use-package-modules gnome)

(operating-system
  (host-name "antelope")
  (timezone "Europe/Paris")
  (locale "en_US.utf8")

  ;; Choose US English keyboard layout.  The "altgr-intl"
  ;; variant provides dead keys for accented characters.
  (keyboard-layout (keyboard-layout "us" "altgr-intl"))

  ;; Use the UEFI variant of GRUB with the EFI System
  ;; Partition mounted on /boot/efi.
  (bootloader (bootloader-configuration
                (bootloader grub-efi-bootloader)
                (targets '("/boot/efi"))
                (keyboard-layout keyboard-layout)))

  ;; Specify a mapped device for the encrypted root partition.
  ;; The UUID is that returned by 'cryptsetup luksUUID'.
  (mapped-devices
   (list (mapped-device
          (source (uuid "12345678-1234-1234-1234-123456789abc"))
          (target "my-root")
          (type luks-device-mapping))))

  (file-systems (append
                 (list (file-system
                         (device (file-system-label "my-root"))
                         (mount-point "/")
                         (type "ext4")
                         (dependencies mapped-devices))
                       (file-system
                         (device (uuid "1234-ABCD" 'fat))
                         (mount-point "/boot/efi")
                         (type "vfat")))
                 %base-file-systems))

  ;; Specify a swap file for the system, which resides on the
  ;; root file system.
  (swap-devices (list (swap-space
                       (target "/swapfile"))))

  ;; Create user `bob' with `alice' as its initial password.
  (users (cons (user-account
                (name "bob")
                (comment "Alice's brother")
                (password (crypt "alice" "$6$abc"))
                (group "students")
                (supplementary-groups '("wheel" "netdev"
                                        "audio" "video")))
               %base-user-accounts))

  ;; Add the `students' group
  (groups (cons* (user-group
                  (name "students"))
                 %base-groups))

  ;; This is where we specify system-wide packages.
  (packages (append (list
                     ;; for user mounts
                     gvfs)
                    %base-packages))

  ;; Add GNOME and Xfce---we can choose at the log-in screen
  ;; by clicking the gear.  Use the "desktop" services, which
  ;; include the X11 log-in service, networking with
  ;; NetworkManager, and more.
  (services (if (target-x86-64?)
                (append (list (service gnome-desktop-service-type)
                              (service xfce-desktop-service-type)
                              (set-xorg-configuration
                               (xorg-configuration
                                (keyboard-layout keyboard-layout))))
                        %desktop-services)

                ;; FIXME: Since GDM depends on Rust (gdm -> gnome-shell -> gjs
                ;; -> mozjs -> rust) and Rust is currently unavailable on
                ;; non-x86_64 platforms, we use SDDM and Mate here instead of
                ;; GNOME and GDM.
                (append (list (service mate-desktop-service-type)
                              (service xfce-desktop-service-type)
                              (set-xorg-configuration
                               (xorg-configuration
                                (keyboard-layout keyboard-layout))
                               sddm-service-type))
                        %desktop-services)))

  ;; Allow resolution of '.local' host names with mDNS.
  (name-service-switch %mdns-host-lookup-nss))
generated by cgit
to obtain provenance data.Ludovic Courtès Previously, build-time metadata from (guix config) would be ignored when available--e.g., when running /run/current-system/profile/bin/guix. This is a followup to 316fc2acbb112bfa572ae30f95a93bcd56621234. * gnu/services.scm (provenance-entry): Use 'current-channels' instead of 'current-profile' + 'profile-channels'. 2022-05-29gnu: services: Update setuid service description.Tobias Geerinckx-Rice * gnu/services.scm (setuid-program-service-type)[description]: Remove ‘root’, add ‘setgid’. 2022-05-18services: Make <service-type> 'description' field mandatory.Ludovic Courtès * gnu/services.scm (<service-type>)[description]: Remove default value. * tests/services.scm: Add 'description' field to each 'service-type' form. 2022-05-18services: Add more description fields.Ludovic Courtès * gnu/services.scm (simple-service): Add 'description' field. * gnu/services/base.scm (udev-rules-service): Likewise. * gnu/system/install.scm (configuration-template-service-type): Likewise. * gnu/tests.scm (marionette-service-type): Likewise. 2022-03-10services: startup: Add description.Ludovic Courtès * gnu/services.scm (hurd-startup-service-type)[description]: New field. 2021-11-27services: Document the 'delete' clause of 'modify-services'.Ludovic Courtès * doc/guix.texi (Service Reference): Mention the 'delete' clause of 'modify-services'. * gnu/services.scm (modify-services): Likewise in docstring. 2021-08-12system: Handle 'setuid-programs' deprecation handling as a field sanitizer.Ludovic Courtès Previously, evaluating an OS configuration with a childhurd (for instance) would produce tens of lines like: guix system: warning: representing setuid programs with '#<file-append #<package shadow@4.8.1 gnu/packages/admin.scm:798 7ff97f6f7640> "/bin/passwd">' is deprecated; use 'setuid-program' instead Now, it prints this one line: gnu/system/hurd.scm:105:2: warning: representing setuid programs with file-like objects is deprecated; use 'setuid-program' instead This change also means that extensions of 'setuid-program-service-type' now have to provide a list of <setuid-program>, so it's stricter in this sense. * gnu/services.scm (setuid-program-file-like-deprecated): Remove. (setuid-program-service-type)[extend]: Remove 'setuid-program-file-like-deprecated' call. Assume CONFIG and EXTENSIONS are already lists of <setuid-program> records. * gnu/system.scm (<operating-system>)[setuid-programs]: Add 'sanitize' property. Change accessor name from '%operating-system-setuid-programs' to 'operating-system-setuid-programs'. (operating-system-default-essential-services) (hurd-default-essential-services): Adjust accordingly. (ensure-setuid-program-list): New macro. (%ensure-setuid-program-list): New procedure, based on 'setuid-program-file-like-deprecated'. 2021-07-29services: setuid: More configurable setuid support.Chris Lemmer-Webber New record <setuid-program> with fields for setting the specific user and group, as well as specifically selecting the setuid and setgid bits, for a program within the setuid-program-service. * gnu/services.scm (setuid-program-file-like-deprecated): New function. (setuid-program-service-type): Make use of setuid-program->activation-gexp. Adjust the extend property to handle <setuid-program>. * gnu/build/activation.scm (activate-setuid-programs): Update to expect a <setuid-record> list for each program entry. * gnu/system.scm: (operating-system-setuid-programs): Renamed to %operating-system-setuid-programs and replace it with new procedure. (operating-system-default-essential-services, hurd-default-essential-services): Replace operating-system-setuid-programs with %operating-system-setuid-programs. * gnu/system/setuid.scm: New file. * doc/guix.texi (Setuid Programs): Document <setuid-program>. Co-authored-by: Brice Waegeneire <brice@waegenei.re> 2021-05-11gnu: Allow services to install kernel-loadable modules.raid5atemyhomework * gnu/system.scm (operating-system-directory-base-entries): Remove code to handle generation of "kernel" for linux-libre kernels. (operating-system-default-essential-services): Instantiate linux-builder-service-type. (package-for-kernel): Move ... * gnu/services.scm: ... to here. (linux-builder-service-type): New variable. (linux-builder-configuration): New type. (linux-loadable-module-service-type): New variable. * gnu/tests/linux-modules.scm (run-loadable-kernel-modules-test): Move code to ... (run-loadable-kernel-modules-test-base): ... new procedure here. (run-loadable-kernel-modules-service-test): New procedure. (%test-loadable-kernel-modules-service-0): New variable. (%test-loadable-kernel-modules-service-1): New variable. (%test-loadable-kernel-modules-service-2): New variable. * doc/guix.texi: Document linux-loadable-module-service-type. Signed-off-by: Danny Milosavljevic <dannym@scratchpost.org>