123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340 |
- (add-to-load-path "/home/ton/guixsd/modules/")
- (setenv "GUIX_PACKAGE_PATH" "/home/ton/guixsd/modules/:$GUIX_PACKAGE_PATH")
- (use-modules
- (gnu)
- (gnu system)
- (gnu system nss)
- (gnu packages libusb)
- (guix monads)
- (guix store)
- (ice-9 rdelim)
- (srfi srfi-1)
- (linux-libre)
- ;; (i3-battery-warning)
- ;(cronjobs)
- )
- (use-service-modules
- desktop base xorg ssh avahi dbus networking cups mcron virtualization
- web pm nfs)
- (use-package-modules
- avahi xorg certs wm code wget admin emacs tmux
- ssh linux disk file gnuzilla version-control maths guile crypto gnupg
- password-utils rsync suckless gnome video xdisorg
- terminals ssh image-viewers web-browsers pulseaudio
- tex tor readline adns fontutils gnunet package-management
- networking connman lisp cryptsetup fonts python
- bittorrent engineering graphviz shells compression
- gnome enlightenment dns ghostscript kde-frameworks bash backup nfs)
- (define quercus-ip "192.168.10.42")
- (define (backup-home user)
- #~(let ((borg (string-append #$borg "/bin/borg"))
- (home (format #f "/home/~a" #$user)))
- (system*
- borg "--verbose" "-p"
- "create"
- "--exclude-caches"
- "--exclude" (format #f "~a/.cache/*" home)
- "--one-file-system"
- "--stats" "--list"
- "/mnt/borg::{hostname}-{utcnow}"
- home)
- (system*
- borg "--verbose" "-p"
- "prune"
- "--list"
- "--prefix" "{hostname}-"
- "--keep-within=1w"
- "--keep-daily=7"
- "--keep-weekly=4"
- "--keep-monthly=6"
- "/mnt/borg")))
- ;; test like
- ;; ,use (guix monad-repl)
- ;; ,enter-store-monad
- ;; (gexp->script "test" (backup-home "alex"))
- ;; ;; and note what the derivation produces. That's the script to run.
- ;; (mlet %store-monad ((script (gexp->script "test" (backup-home "alex"))))
- ;; (built-derivations (list script)))
- ;; then, run the script to do a manual backup.
- (define (backup-home-job)
- #~(job '(next-hour '(18))
- #$(backup-home "ton")
- #:user "ton"))
- (define battery-check-job
- #~(job '(next-minute '(5))
- (use-modules ((i3-battery-warning) #:prefix i3-battery-warning:))
- "i3-battery-warning:check&react"
- #:user "ton"
- "Checks battery and notifies user if power is needed"))
- (define updatedb-job
- ;; Run 'updatedb' at 3AM every day. Here we write the
- ;; job's action as a Scheme procedure.
- #~(job '(next-hour '(3))
- (lambda ()
- (execl (string-append #$findutils "/bin/updatedb")
- "updatedb"
- "--prunepaths=/tmp /var/tmp /gnu/store"))))
- ;(define tor-socket-check-job
- ;; Ensure that /var/run/tor/ exists and is owned by tor.
- ; #~(job '(next-hour)
- ; (lambda () ;; unless(not test)/when(test)?
- ; (unless (file-exists? "/var/run/tor")
- ; (mkdir "/var/run/tor" #o770)
- ; (chown "/var/run/tor" "tor" "tor")))))
- ;; Check? WTF!? Switch to python? or BASH? or wat? dis is silly.
- (define wake-up-job
- ;; Run music to wake me up.
- #~(job "03 45 * * *"
- (lambda ()
- (execl (string-append #$mpv "/bin/mpv")
- "mpv"
- "/home/ton/disk/music/electroswing/*"))))
- (define-public %ton-cronjobs (list updatedb-job
- ;;wake-up-job
- battery-check-job
- ;;backup-home-job ;; <- causes system build to fail...
- ))
- ;(define hp-laptop-monitor-settings
- ; (call-with-input-file "/home/ton/guixsd/dotfiles/etc/X11/xorg.conf.d/90-monitor.conf" read-string))
- ;(define mbp-trackpad-settings
- ; (call-with-input-file "/home/ton/guixsd/dotfiles/etc/X11/xorg.conf.d/60-mtrack.conf" read-string))
- (define (remove-services types services)
- (remove (lambda (service)
- (any (lambda (type)
- (eq? (service-kind service) type))
- types))
- services))
- (define ton-desktop-services
- (remove-services (list network-manager-service-type) ; upower-service-type)
- %desktop-services))
- ; (remove (lambda (service)
- ; (eq? (service-kind service) network-manager-service-type upower-service-type))
- ; %desktop-services))
- ;;network-manager-service-type
- (operating-system
- (host-name "merlin")
- (timezone "Europe/Oslo")
- (locale "en_US.UTF-8")
- (kernel linux-libre-4.14)
- (bootloader (bootloader-configuration
- (bootloader grub-efi-bootloader)
- (target "/boot/efi")))
- (kernel-arguments '("syscall.x32=y"
- "acpi_backlight=vendor"))
- (swap-devices '("/swapfile"))
- (file-systems (cons* (file-system
- (device (file-system-label "root"))
- (mount-point "/")
- (type "ext4"))
- (file-system
- (device (file-system-label "BOOT"))
- ;;(device (uuid "7A92-BDAA"))
- ; (title 'uuid)
- (mount-point "/boot/efi")
- (type "vfat"))
- (file-system
- (device (string-append quercus-ip ":/"))
- (mount-point "/home/ton/quercus-home/")
- (type "nfs")
- (mount? #f)
- (create-mount-point? #t))
- %base-file-systems))
- (issue "Mercury.\n")
- (users (list (user-account
- (name "ton")
- (comment "El brownie de casa Merlin")
- (group "users")
- (shell #~(string-append #$bash "/bin/bash"))
- (supplementary-groups '("wheel" "netdev" "audio" "video"
- "avahi" "tor"
- "users" "kvm" "input"
- ;;"libvirt"
- "lp" "lpadmin"
- ))
- (home-directory "/home/ton"))))
- ;;; Maybe use or adapt alezost-guile al/places.scm?
- ;;; Add visudo check into sudoers-file PROC - patch into GuixSD?
- (sudoers-file (local-file "/home/ton/guixsd/dotfiles/etc/sudoers"))
- (hosts-file (local-file "/home/ton/guixsd/dotfiles/etc/hosts"))
- (setuid-programs (cons*
- #~(string-append #$wireshark "/bin/dumpcap")
- %setuid-programs))
- (packages
- (cons* ;desktop environment scrot is "necessary" for i3lock-fancy
- i3-wm i3status i3lock-fancy scrot hicolor-icon-theme
- ;useful tools
- avahi zip unzip tmux htop tree mosh mcron
- the-silver-searcher psmisc wget file strace
- inotify-tools wgetpaste rsync dmenu openssh lsh
- feh stow mcelog readline libcap wcalc graphviz xdotool
- sudo
- ;; gvfs ; for automounting as user, check gvfsd as a service before
- ;; enabling
- ; fstools
- dosfstools nfs-utils
- ; X
- xbindkeys xterm xmodmap setxkbmap xclip xkill xbacklight
- xev xdpyinfo xrdb xrandr xfontsel gs-fonts
- ; audio
- pulseaudio pulsemixer
- ; laptop specific
- acpi cpupower ;;(TODO:cpupower... wat?)
- ; dev
- gnu-make python-3 binutils
- guile-lib
- ; misc tools
- units gnuplot
- ; terminals and emulators
- st termite xonsh fish bash
- ; Networking, crypto & security
- ;;tomb
- gnupg pwgen tor torsocks nmap adns iodine
- connman transmission pinentry pinentry-gtk2
- ;; password-store?
- ;;gnunet gnunet-gtk
- ;;isc-bind:utils
- ;;onionshare
- ;for HTTPS access
- nss-certs
- ; emacs
- emacs emacs-guix emacs-magit-popup emacs-smart-mode-line
- emacs-rainbow-delimiters emacs-rainbow-identifiers
- emacs-scheme-complete emacs-neotree emacs-ag flycheck
- emacs-undo-tree emacs-fill-column-indicator
- emacs-yasnippet emacs-yasnippet-snippets
- emacs-scheme-complete emacs-danneskjold-theme
- geiser guile-2.2 paredit emacs-debbugs
- %base-packages))
- (services
- (cons*
- (console-keymap-service "us")
- (service cups-service-type
- (cups-configuration
- (web-interface? #t)
- (browsing? #t)
- (default-paper-size "a4")))
- (service connman-service-type
- (connman-configuration
- (disable-vpn? #f)))
- ;; (service wpa-supplicant-service-type wpa-supplicant)
- (tor-service (local-file "/home/ton/guixsd/dotfiles/etc/tor/torrc"))
- ; (service libvirt-service-type
- ; (libvirt-configuration
- ; (unix-sock-group "libvirt")))
- (mcron-service %ton-cronjobs)
- (service nginx-service-type
- (nginx-configuration
- (server-blocks
- (list (nginx-server-configuration
- (server-name '("merlin.local"))
- (root "/home/ton/www/")
- ;;(https-port #f)
- (ssl-certificate #f)
- (ssl-certificate-key #f))))))
- (service rpcbind-service-type
- (rpcbind-configuration))
- ; Because i3lock-fancy is a wrapper around i3lock, this is correct...
- (screen-locker-service i3lock-color "i3lock")
- (service tlp-service-type
- (tlp-configuration
- (cpu-boost-on-ac? #t)))
- (service thermald-service-type)
- ; (upower-service
- ; #:use-percentage-for-policy? #t
- ; #:percentage-low 25
- ; #:percentage-critical 10
- ; #:percentage-action 5)
- ; #:critical-power-action 'suspend)
- ;Modify services! Xorg and so on!
- (modify-services ton-desktop-services
- ; (dbus-service config =>
- ; #:services (list connman
- ; avahi udisks upower accountsservice
- ; colord geoclue polkit elogind))
- (slim-service-type config =>
- (slim-configuration
- (inherit config)
- (startx (xorg-start-command))))
- ; #:configuration-file
- ; (xorg-configuration-file
- ; ;; #:modules (list xf86-input-mtrack)
- ; #:extra-config
- ; (list mbp-trackpad-settings))))))
- (upower-service-type config =>
- (upower-configuration
- (use-percentage-for-policy? #t)
- (percentage-low 25)
- (percentage-critical 10)
- (percentage-action 5)
- (ignore-lid? #:f)
- (watts-up-pro? #:f)
- (poll-batteries? #:t)
- (time-low 1200)
- (time-critical 300)
- (time-action 120)
- (critical-power-action 'hybrid-sleep)))
- ;; (guix-service-type config =>
- ;; (guix-configuration
- ;; (inherit config)
- ;; (extra-options '("--max-jobs=2" "--cores=2"))))
- )
- )) ; end services
- ;; Allow resolution of '.local' host names with mDNS.
- (name-service-switch %mdns-host-lookup-nss)
- )
|