ryan77627/guix-dotfiles
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Activity

half baked changes that need fixing

Browse source
This commit is contained in:
Ryan Schanzenbacher 2023-05-05 01:22:35 -04:00
parent e7779b9f07
commit b081473eaa
Signed by: ryan77627
GPG key ID: 81B0E222A3E2308E
7 changed files with 280 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
CACerts/ryanca_intermediate.crt → CACerts/ryancaintermediate.crt
View file

7
channels.scm
View file

@ -19,4 +19,9 @@
(make-channel-introduction (make-channel-introduction
"897c1a470da759236cc11798f4e0a5f7d4d59fbc" "897c1a470da759236cc11798f4e0a5f7d4d59fbc"
(openpgp-fingerprint (openpgp-fingerprint
"2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5"))))) "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5"))))
;(channel
; (name 'ryan-home-services)
; (url "https://git.ryanserver.home.arpa")
; (branch "main"))
)

1
home-config/bashrc
View file

@ -38,6 +38,7 @@ alias grep='grep --color=auto'
alias quit='exit' alias quit='exit'
export EDITOR=nvim export EDITOR=nvim
alias cat='bat --paging=never' alias cat='bat --paging=never'
export XDG_DATA_DIRS=$XDG_DATA_DIRS:/var/lib/flatpak/exports/share:/home/ryan/.local/share/flatpak/exports/share
# GPG SETUP FOR SSH # GPG SETUP FOR SSH
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)

3
home-config/home-configuration.scm
View file

@ -68,8 +68,7 @@
"gimp" "gimp"
"python" "python"
"python:tk" "python:tk"
;"tk" "file"
;"tcl"
"python-lsp-server" "python-lsp-server"
"sqlite" "sqlite"
"git")) "git"))

2
home-config/nvim/config/init.vim
View file

@ -53,7 +53,7 @@ require('orgmode').setup({
vim.opt.conceallevel = 2 vim.opt.conceallevel = 2
vim.opt.concealcursor = nc vim.opt.concealcursor = nc
local lspconfig = require('lspconfig') --local lspconfig = require('lspconfig')
END END
"asynccomplete Auto Complete Config "asynccomplete Auto Complete Config

212
sys Normal file
View file

@ -0,0 +1,212 @@
;; This is an operating system configuration generated
;; by the graphical installer.
;;
;; Once installation is complete, you can learn and modify
;; this file to tweak the system configuration, and pass it
;; to the 'guix system reconfigure' command to effect your
;; changes.
;; Indicate which modules to import to access the variables
;; used in this configuration.
(use-modules (gnu) (nongnu packages linux))
(use-modules (gnu system setuid))
(use-modules (gnu packages admin))
(use-modules (guix packages))
(use-modules (gnu services authentication))
(use-modules (gnu packages shells))
(use-modules (guix build-system trivial))
(use-modules (guix licenses))
(use-modules (srfi srfi-1))
(use-package-modules security-token)
(use-service-modules cups desktop networking ssh xorg sound security-token docker)
; Define package that installs my root ca public keys
(define my-ca-certs
(package
(name "my-ca-certs")
(version "1")
(source (local-file "./CACerts"
#:recursive? #t))
(build-system trivial-build-system)
(license mpl2.0)
(home-page "https://rschanz.org")
(arguments
`(#:modules
((guix build utils))
#:builder
(begin
(use-modules (guix build utils)
(srfi srfi-1)
(srfi srfi-26)
(ice-9 ftw))
(let* ((ca-certificates (assoc-ref %build-inputs "source"))
(crt-suffix ".crt")
(is-certificate? (cut string-suffix? crt-suffix <>))
(certificates (filter is-certificate?
(scandir ca-certificates)))
(out (assoc-ref %outputs "out"
"/etc/ssl/certs"))
(openssl (assoc-ref %build-inputs
"openssl")))
(mkdir-p certificate-directory)
(for-each
(lambda (certificate)
(invoke
openssl "x509"
"-in" (string-append ca-certificates "/" certificate)
"-outform" "PEM"
"-out" (string-append
certificate-directory "/"
(basename certificate crt-suffix) ".pem")))
certificates)
#t))))
(native-inputs
(list openssl))
(synopsis "My CA Certs")
(description synopsis)))
; Re-define the base packages to remove sudo
(define %my-base-packages
(remove (lambda (package)
(member (package-name package)
(list "sudo" "nano")))
%base-packages ))
(define %backlight-udev-rule
(udev-rule
"90-backlight.rules"
(string-append "ACTION==\"add\", SUBSYSTEM==\"backlight\", "
"RUN+=\"/run/current-system/profile/bin/chgrp video /sys/class/backlight/%k/brightness\""
"\n"
"ACTION==\"add\", SUBSYSTEM==\"backlight\", "
"RUN+=\"/run/current-system/profile/bin/chmod g+w /sys/class/backlight/%k/brightness\"")))
(operating-system
(kernel linux)
(firmware (list linux-firmware))
(locale "en_US.utf8")
(timezone "America/New_York")
(keyboard-layout (keyboard-layout "us"))
(host-name "RyanThinkpad")
;; The list of user accounts ('root' is implicit).
(users (cons* (user-account
(name "ryan")
(comment "Ryan")
(group "users")
;(shell (file-append zsh "/bin/zsh"))
(home-directory "/home/ryan")
(supplementary-groups '("wheel" "netdev" "audio" "video" "lp" "plugdev" "docker")))
%base-user-accounts))
;; Packages installed system-wide. Users can also install packages
;; under their own account: use 'guix search KEYWORD' to search
;; for packages and 'guix install PACKAGE' to install a package.
(packages (append (map specification->package (list "sway"
"swaybg"
"swayidle"
"swaylock-effects"
"fuzzel"
"alacritty"
"pinentry-qt"
"adwaita-icon-theme"
"hicolor-icon-theme"
"git"
"nss-certs"
"waybar"
"gnupg"
"light"
"mako"
"grim"
"slurp"
"wl-clipboard"
"bluez"
"blueman"
"opendoas"
"xdg-desktop-portal-wlr"
"xdg-desktop-portal"
"pipewire"
"fprintd"
"docker"
"wireplumber"
"zsh"))
(list my-ca-certs)
%my-base-packages ))
;; Below is the list of system services. To search for available
;; services, run 'guix system search KEYWORD' in a terminal.
(services
(append (list
;; To configure OpenSSH, pass an 'openssh-configuration'
;; record as a second argument to 'service' below.
(service openssh-service-type)
(service pcscd-service-type)
(service fprintd-service-type)
(service docker-service-type)
(service bluetooth-service-type)
(udev-rules-service 'fido2 libfido2 #:groups '("plugdev"))
(set-xorg-configuration
(xorg-configuration (keyboard-layout keyboard-layout))))
;; This is the default list of services we
;; are appending to.
(modify-services %desktop-services
(guix-service-type config =>
(guix-configuration
(inherit config)
(substitute-urls
(append (list "https://substitutes.nonguix.org")
%default-substitute-urls))
(authorized-keys
(cons* (plain-file "non-guix.pub"
"(public-key
(ecc
(curve Ed25519)
(q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)
)
)" ) %default-authorized-guix-keys))))
(udev-service-type config =>
(udev-configuration
(inherit config)
(rules (cons %backlight-udev-rule
(udev-configuration-rules config)))))
(delete pulseaudio-service-type)
(delete gdm-service-type) )))
(setuid-programs
(append (list (file-like->setuid-program
(file-append
(specification->package "swaylock-effects")
"/bin/swaylock"))
(file-like->setuid-program
(file-append
(specification->package "opendoas")
"/bin/doas")))
(delete sudo %setuid-programs)))
(bootloader (bootloader-configuration
(bootloader grub-efi-bootloader)
(targets (list "/boot/efi"))
(keyboard-layout keyboard-layout)))
(mapped-devices (list (mapped-device
(source (uuid
"adcaf322-7ee5-48ec-abf6-4a9b10643878"))
(target "sysroot")
(type luks-device-mapping))))
;; The list of file systems that get "mounted". The unique
;; file system identifiers there ("UUIDs") can be obtained
;; by running 'blkid' in a terminal.
(file-systems (cons* (file-system
(mount-point "/")
(device "/dev/mapper/sysroot")
(type "ext4")
(dependencies mapped-devices))
(file-system
(mount-point "/boot/efi")
(device (uuid "DFE8-32EF"
'fat32))
(type "vfat")) %base-file-systems))
(swap-devices
(list
(swap-space (target (uuid "7e1bb7c5-da2a-4509-8263-f707fc752993"))) )))

59
system.scm
View file

@ -15,10 +15,68 @@
(use-modules (guix packages)) (use-modules (guix packages))
(use-modules (gnu services authentication)) (use-modules (gnu services authentication))
(use-modules (gnu packages shells)) (use-modules (gnu packages shells))
(use-modules (gnu packages perl))
(use-modules (guix build-system trivial))
(use-modules (guix licenses))
(use-modules (srfi srfi-1)) (use-modules (srfi srfi-1))
(use-package-modules security-token) (use-package-modules security-token)
(use-service-modules cups desktop networking ssh xorg sound security-token docker) (use-service-modules cups desktop networking ssh xorg sound security-token docker)
; Define package that installs my root ca public keys
(define my-ca-certs
(package
(name "my-ca-certs")
(version "1")
(source (local-file "./CACerts/"
#:recursive? #t))
(home-page "https://rschanz.org")
(license agpl3+)
(build-system trivial-build-system)
(arguments
`(#:modules
((guix build utils))
#:builder
(begin
(use-modules (guix build utils)
(srfi srfi-1)
(srfi srfi-26)
(ice-9 ftw))
(let* ((ca-certificates (assoc-ref %build-inputs "source"))
(crt-suffix ".crt")
(is-certificate? (cut string-suffix? crt-suffix <>))
(certificates (filter is-certificate?
(scandir ca-certificates)))
(out (assoc-ref %outputs "out"))
(certificate-directory (string-append out
"/etc/ssl/certs"))
(openssl (string-append (assoc-ref %build-inputs
"openssl")
"/bin/openssl")))
(mkdir-p certificate-directory)
;; When this package is installed into a profile, any files in the
;; package output's etc/ssl/certs directory ending in ".pem" will
;; also be put into a ca-certificates.crt bundle. In the case of a
;; system profile, this bundle will be made available to the system
;; at activation time. See the profile hooks defined in (guix
;; profiles) and the etc-service-type define in (gnu services) for
;; details.
(for-each
;; Ensure the certificate is in an appropriate format.
(lambda (certificate)
(invoke
openssl "x509"
"-in" (string-append ca-certificates "/" certificate)
"-outform" "PEM"
"-out" (string-append
certificate-directory "/"
(basename certificate crt-suffix) ".pem")))
certificates)
#t))))
(inputs
(list openssl))
(synopsis "My certificate authority certificates")
(description synopsis)))
; Re-define the base packages to remove sudo ; Re-define the base packages to remove sudo
(define %my-base-packages (define %my-base-packages
(remove (lambda (package) (remove (lambda (package)
@ -84,6 +142,7 @@
"docker" "docker"
"wireplumber" "wireplumber"
"zsh")) "zsh"))
(list my-ca-certs)
%my-base-packages )) %my-base-packages ))
;; Below is the list of system services. To search for available ;; Below is the list of system services. To search for available