ryan77627/guix-dotfiles
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Activity

Compare commits

base: ryan77627:7158bf367c46cf89c75703563662c8038bc7d55b
Branches Tags
ryan77627:main
ryan77627:new-bootloader
ryan77627:pres
ryan77627:broken-new-portal
ryan77627:temp-broken
...
compare: ryan77627:9085012bec6302735f7a5c55e2e32d30b8293fb8
Branches Tags
ryan77627:main
ryan77627:new-bootloader
ryan77627:pres
ryan77627:broken-new-portal
ryan77627:temp-broken

10 commits
7158bf367c ... 9085012bec

Author SHA1 Message Date
Ryan Schanzenbacher 9085012bec
final changes for new schema 2023-05-19 01:32:31 -04:00
ryan77627 21a4d469b0
working base configuration 2023-05-19 01:24:44 -04:00
ryan77627 c04cedc5cf
Working config 2023-05-19 01:23:24 -04:00
ryan77627 f34a9eeda9
Added VM test configuration 2023-05-19 00:34:04 -04:00
ryan77627 c605bf8e4b
convert to thinkpad specific config 2023-05-19 00:29:52 -04:00
ryan77627 f48af547d7
convert to proper module 2023-05-19 00:27:16 -04:00
ryan77627 04498cbd95
Added base system config 2023-05-19 00:09:31 -04:00
ryan77627 12fe2ebbc0
reference new swaylock effects 2023-05-18 21:07:01 -04:00
ryan77627 f3e224d612
bumped version of swaylock-effects to fix screenshot bug 2023-05-18 21:05:18 -04:00
Ryan Schanzenbacher 9a856d3a5b
Nix... Nix home manager.. on MY Guix installation?? More likely than 
you'd think!
 2023-05-18 18:52:05 -04:00
11 changed files with 365 additions and 220 deletions
Show stats Expand all files Collapse all files

3
home-config/bash_profile
View file

@ -4,5 +4,8 @@ export XDG_CURRENT_DESKTOP=sway
export XDG_SESSION_DESKTOP=sway
export _JAVA_AWT_WM_NONREPEATING=1
export XDG_DATA_DIRS=$XDG_DATA_DIRS:~/.nix-profile/share
export PATH=$PATH:~/.nix-profile/bin
# Honor per-interactive-shell startup file
if [ -f ~/.bashrc ]; then . ~/.bashrc; fi

8
home-config/home-configuration.scm
View file

@ -40,8 +40,6 @@
"lsof"
"pavucontrol"
"bind:utils"
"firefox"
"irssi"
"font-cns11643"
"syncthing"
"perl"
@ -97,13 +95,15 @@
("nvim/after/ftplugin/markdown/custom.vim" ,(local-file "nvim/config/after/ftplugin/markdown/custom.vim"))
("sway" ,(local-file "sway" #:recursive? #t))
("waybar" ,(local-file "waybar" #:recursive? #t))
("alacritty" ,(local-file "alacritty" #:recursive? #t)) ))
("alacritty" ,(local-file "alacritty" #:recursive? #t))
("home-manager" ,(local-file "nix-home-manager" #:recursive? #t)) ))
(service home-files-service-type
`((".local/share/nvim/site/autoload/plug.vim" ,(local-file "nvim/plugin-manager/plug.vim"))
(".ssh/config" ,(local-file "ssh/config"))
;(".gnupg/sshcontrol" ,(local-file "gnupg/sshcontrol"))
;(".gnupg/gpg-agent.conf" ,(local-file "gnupg/gpg-agent.conf"))
(".fonts" ,(local-file "fonts" #:recursive? #t))))
(".fonts" ,(local-file "fonts" #:recursive? #t))
(".nix-channels" ,(local-file "nix-channels"))))
(service home-pipewire-service-type)
(service home-dbus-service-type)
(service home-gpg-agent-service-type

2
home-config/nix-channels Normal file
View file

@ -0,0 +1,2 @@
https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager
https://nixos.org/channels/nixpkgs-unstable nixpkgs

83
home-config/nix-home-manager/home.nix Normal file
View file

@ -0,0 +1,83 @@
{ config, pkgs, ... }:
{
# Home Manager needs a bit of information about you and the paths it should
# manage.
home.username = "ryan";
home.homeDirectory = "/home/ryan";
# This value determines the Home Manager release that your configuration is
# compatible with. This helps avoid breakage when a new Home Manager release
# introduces backwards incompatible changes.
#
# You should not change this value, even if you update Home Manager. If you do
# want to update the value, then make sure to first check the Home Manager
# release notes.
home.stateVersion = "22.11"; # Please read the comment before changing.
# This value will set some environment variables to allow home-manager to
# function better outside of NixOS
nixpkgs.config.allowUnfree = true;
targets.genericLinux.enable = true;
fonts.fontconfig.enable = true;
# The home.packages option allows you to install Nix packages into your
# environment.
home.packages = with pkgs; [
# # Adds the 'hello' command to your environment. It prints a friendly
# # "Hello, world!" when run.
# pkgs.hello
firefox
dejavu_fonts
cantarell-fonts
liberation_ttf
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
# # It is sometimes useful to fine-tune packages, for example, by applying
# # overrides. You can do that directly here, just don't forget the
# # parentheses. Maybe you want to install Nerd Fonts with a limited number of
# # fonts?
# (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; })
# # You can also create simple shell scripts directly inside your
# # configuration. For example, this adds a command 'my-hello' to your
# # environment:
# (pkgs.writeShellScriptBin "my-hello" ''
# echo "Hello, ${config.home.username}!"
# '')
];
# Home Manager is pretty good at managing dotfiles. The primary way to manage
# plain files is through 'home.file'.
home.file = {
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
# # symlink to the Nix store copy.
# ".screenrc".source = dotfiles/screenrc;
# # You can also set the file content immediately.
# ".gradle/gradle.properties".text = ''
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
};
# You can also manage environment variables but you will have to manually
# source
#
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# /etc/profiles/per-user/ryan/etc/profile.d/hm-session-vars.sh
#
# if you don't want to manage your shell through Home Manager.
home.sessionVariables = {
# EDITOR = "emacs";
};
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}

0
CACerts/ryanca.crt → modules/ryan-config/CACerts/ryanca.crt
View file

0
CACerts/ryancaintermediate.crt → modules/ryan-config/CACerts/ryancaintermediate.crt
View file

205
modules/ryan-config/base-system.scm Normal file
View file

@ -0,0 +1,205 @@
(define-module (ryan-config base-system)
#:use-module (gnu)
#:use-module (nongnu packages linux)
#:use-module (gnu system setuid)
#:use-module (gnu packages admin)
#:use-module (guix packages)
#:use-module (gnu packages shells)
#:use-module (guix build-system trivial)
#:use-module (guix licenses)
#:use-module (gnu packages tls)
#:use-module (srfi srfi-1)
#:use-module (ryan-packages freedesktop)
#:use-module (ryan-packages wm)
#:use-module (gnu packages security-token)
#:use-module (gnu services security-token)
#:use-module (gnu services cups)
#:use-module (gnu services desktop)
#:use-module (gnu services networking)
#:use-module (gnu services xorg)
#:use-module (gnu services ssh)
#:use-module (gnu services nix)
#:use-module (gnu services sound)
#:use-module (gnu services docker)
#:use-module (gnu services virtualization))
; Define package that installs my root ca public keys
(define my-ca-certs
(package
(name "my-ca-certs")
(version "1")
(source (local-file "./CACerts"
#:recursive? #t))
(build-system trivial-build-system)
(license mpl2.0)
(home-page "https://rschanz.org")
(arguments
`(#:modules
((guix build utils))
#:builder
(begin
(use-modules (guix build utils)
(srfi srfi-1)
(srfi srfi-26)
(ice-9 ftw))
(let* ((ca-certificates (assoc-ref %build-inputs "source"))
(crt-suffix ".crt")
(is-certificate? (cut string-suffix? crt-suffix <>))
(certificates (filter is-certificate?
(scandir ca-certificates)))
(out (assoc-ref %outputs "out"))
(certificate-directory (string-append out "/etc/ssl/certs"))
(openssl (string-append (assoc-ref %build-inputs "openssl") "/bin/openssl")))
(mkdir-p certificate-directory)
(for-each
(lambda (cert)
(invoke
openssl "x509"
"-in" (string-append ca-certificates "/" cert)
"-outform" "PEM"
"-out" (string-append certificate-directory "/" cert ".pem")))
certificates)
#t))))
(native-inputs
(list openssl))
(synopsis "My CA Certs")
(description synopsis)))
; Re-define the base packages to remove sudo
(define %my-base-packages
(remove (lambda (package)
(member (package-name package)
(list "sudo" "nano")))
%base-packages ))
(define %backlight-udev-rule
(udev-rule
"90-backlight.rules"
(string-append "ACTION==\"add\", SUBSYSTEM==\"backlight\", "
"RUN+=\"/run/current-system/profile/bin/chgrp video /sys/class/backlight/%k/brightness\""
"\n"
"ACTION==\"add\", SUBSYSTEM==\"backlight\", "
"RUN+=\"/run/current-system/profile/bin/chmod g+w /sys/class/backlight/%k/brightness\"")))
(define-public base-operating-system
(operating-system
(kernel linux)
(firmware (list linux-firmware))
(locale "en_US.utf8")
(timezone "America/New_York")
(keyboard-layout (keyboard-layout "us"))
(host-name "ThisWillChange")
;; The list of user accounts ('root' is implicit).
(users (cons* (user-account
(name "ryan")
(comment "Ryan")
(group "users")
;(shell (file-append zsh "/bin/zsh"))
(home-directory "/home/ryan")
(supplementary-groups '("wheel" "netdev" "audio" "video" "lp" "plugdev" "docker" "libvirt" "kvm")))
%base-user-accounts))
;; Packages installed system-wide. Users can also install packages
;; under their own account: use 'guix search KEYWORD' to search
;; for packages and 'guix install PACKAGE' to install a package.
(packages (append (map specification->package (list "sway"
"swaybg"
"swayidle"
;"swaylock-effects"
"fuzzel"
"alacritty"
"pinentry-qt"
"adwaita-icon-theme"
"hicolor-icon-theme"
"git"
"nss-certs"
"waybar"
"gnupg"
"light"
"mako"
"grim"
"slurp"
"wl-clipboard"
"bluez"
"blueman"
"ldacbt"
"libfreeaptx"
"libfdk"
"opendoas"
;"xdg-desktop-portal-wlr"
"xdg-desktop-portal"
"pipewire"
"docker"
"libvirt"
"virt-manager"
"wireplumber"
"zsh"))
(list my-ca-certs xdg-desktop-portal-wlr-new swaylock-effects-new)
%my-base-packages ))
;; Below is the list of system services. To search for available
;; services, run 'guix system search KEYWORD' in a terminal.
(services
(append (list
;; To configure OpenSSH, pass an 'openssh-configuration'
;; record as a second argument to 'service' below.
(service openssh-service-type)
(service pcscd-service-type)
(service docker-service-type)
(service nix-service-type)
(service libvirt-service-type
(libvirt-configuration
(unix-sock-group "libvirt")))
(service bluetooth-service-type)
(udev-rules-service 'fido2 libfido2 #:groups '("plugdev")))
;; This is the default list of services we
;; are appending to.
(modify-services %desktop-services
(guix-service-type config =>
(guix-configuration
(inherit config)
(substitute-urls
(append (list "https://substitutes.nonguix.org")
%default-substitute-urls))
(authorized-keys
(cons* (plain-file "non-guix.pub"
"(public-key
(ecc
(curve Ed25519)
(q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)
)
)" ) %default-authorized-guix-keys))))
(udev-service-type config =>
(udev-configuration
(inherit config)
(rules (cons %backlight-udev-rule
(udev-configuration-rules config)))))
(delete pulseaudio-service-type)
(delete gdm-service-type)
(delete xorg-server-service-type)
(delete alsa-service-type) )))
(setuid-programs
(append (list (file-like->setuid-program
(file-append
;(specification->package "swaylock-effects")
swaylock-effects-new
"/bin/swaylock"))
(file-like->setuid-program
(file-append
(specification->package "opendoas")
"/bin/doas")))
(delete sudo %setuid-programs)))
(file-systems (cons*
(file-system
(mount-point "/tmp")
(device "none")
(type "tmpfs")
(check? #f))
%base-file-systems))
(bootloader (bootloader-configuration
(bootloader grub-efi-bootloader)
(targets (list "/boot/efi"))
(keyboard-layout keyboard-layout)))))

20
modules/ryan-packages/wm.scm Normal file
View file

@ -0,0 +1,20 @@
(define-module (ryan-packages wm)
#:use-module (guix download)
#:use-module (guix packages)
#:use-module (gnu packages)
#:use-module (guix git-download)
#:use-module (guix utils)
#:use-module (gnu packages wm))
(define-public swaylock-effects-new
(package
(inherit swaylock-effects)
(version "1.6.11")
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/jirutka/swaylock-effects")
(commit (string-append "v" version))))
(sha256
(base32
"0j7dxn66xqlf6iv2arqzz7mxlh7nf85anvpyf30d2frcidarda9h"))))))

216
system.scm
View file

@ -1,216 +0,0 @@
;; This is an operating system configuration generated
;; by the graphical installer.
;;
;; Once installation is complete, you can learn and modify
;; this file to tweak the system configuration, and pass it
;; to the 'guix system reconfigure' command to effect your
;; changes.
;; Indicate which modules to import to access the variables
;; used in this configuration.
(use-modules (gnu) (nongnu packages linux))
(use-modules (gnu system setuid))
(use-modules (gnu packages admin))
(use-modules (guix packages))
(use-modules (gnu packages shells))
(use-modules (guix build-system trivial))
(use-modules (guix licenses))
(use-modules (gnu packages tls))
(use-modules (srfi srfi-1))
(use-modules (ryan-packages freedesktop))
(use-package-modules security-token)
(use-service-modules cups desktop networking xorg ssh sound security-token docker virtualization)
; Define package that installs my root ca public keys
(define my-ca-certs
(package
(name "my-ca-certs")
(version "1")
(source (local-file "./CACerts"
#:recursive? #t))
(build-system trivial-build-system)
(license mpl2.0)
(home-page "https://rschanz.org")
(arguments
`(#:modules
((guix build utils))
#:builder
(begin
(use-modules (guix build utils)
(srfi srfi-1)
(srfi srfi-26)
(ice-9 ftw))
(let* ((ca-certificates (assoc-ref %build-inputs "source"))
(crt-suffix ".crt")
(is-certificate? (cut string-suffix? crt-suffix <>))
(certificates (filter is-certificate?
(scandir ca-certificates)))
(out (assoc-ref %outputs "out"))
(certificate-directory (string-append out "/etc/ssl/certs"))
(openssl (string-append (assoc-ref %build-inputs "openssl") "/bin/openssl")))
(mkdir-p certificate-directory)
(for-each
(lambda (cert)
(invoke
openssl "x509"
"-in" (string-append ca-certificates "/" cert)
"-outform" "PEM"
"-out" (string-append certificate-directory "/" cert ".pem")))
certificates)
#t))))
(native-inputs
(list openssl))
(synopsis "My CA Certs")
(description synopsis)))
; Re-define the base packages to remove sudo
(define %my-base-packages
(remove (lambda (package)
(member (package-name package)
(list "sudo" "nano")))
%base-packages ))
(define %backlight-udev-rule
(udev-rule
"90-backlight.rules"
(string-append "ACTION==\"add\", SUBSYSTEM==\"backlight\", "
"RUN+=\"/run/current-system/profile/bin/chgrp video /sys/class/backlight/%k/brightness\""
"\n"
"ACTION==\"add\", SUBSYSTEM==\"backlight\", "
"RUN+=\"/run/current-system/profile/bin/chmod g+w /sys/class/backlight/%k/brightness\"")))
(operating-system
(kernel linux)
(firmware (list linux-firmware))
(locale "en_US.utf8")
(timezone "America/New_York")
(keyboard-layout (keyboard-layout "us"))
(host-name "RyanThinkpad")
;; The list of user accounts ('root' is implicit).
(users (cons* (user-account
(name "ryan")
(comment "Ryan")
(group "users")
;(shell (file-append zsh "/bin/zsh"))
(home-directory "/home/ryan")
(supplementary-groups '("wheel" "netdev" "audio" "video" "lp" "plugdev" "docker" "libvirt" "kvm")))
%base-user-accounts))
;; Packages installed system-wide. Users can also install packages
;; under their own account: use 'guix search KEYWORD' to search
;; for packages and 'guix install PACKAGE' to install a package.
(packages (append (map specification->package (list "sway"
"swaybg"
"swayidle"
"swaylock-effects"
"fuzzel"
"alacritty"
"pinentry-qt"
"adwaita-icon-theme"
"hicolor-icon-theme"
"git"
"nss-certs"
"waybar"
"gnupg"
"light"
"mako"
"grim"
"slurp"
"wl-clipboard"
"bluez"
"blueman"
"ldacbt"
"libfreeaptx"
"libfdk"
"opendoas"
;"xdg-desktop-portal-wlr"
"xdg-desktop-portal"
"pipewire"
"docker"
"libvirt"
"virt-manager"
"wireplumber"
"zsh"))
(list my-ca-certs xdg-desktop-portal-wlr-new)
%my-base-packages ))
;; Below is the list of system services. To search for available
;; services, run 'guix system search KEYWORD' in a terminal.
(services
(append (list
;; To configure OpenSSH, pass an 'openssh-configuration'
;; record as a second argument to 'service' below.
(service openssh-service-type)
(service pcscd-service-type)
(service docker-service-type)
(service libvirt-service-type
(libvirt-configuration
(unix-sock-group "libvirt")))
(service bluetooth-service-type)
(udev-rules-service 'fido2 libfido2 #:groups '("plugdev")))
;; This is the default list of services we
;; are appending to.
(modify-services %desktop-services
(guix-service-type config =>
(guix-configuration
(inherit config)
(substitute-urls
(append (list "https://substitutes.nonguix.org")
%default-substitute-urls))
(authorized-keys
(cons* (plain-file "non-guix.pub"
"(public-key
(ecc
(curve Ed25519)
(q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)
)
)" ) %default-authorized-guix-keys))))
(udev-service-type config =>
(udev-configuration
(inherit config)
(rules (cons %backlight-udev-rule
(udev-configuration-rules config)))))
(delete pulseaudio-service-type)
(delete gdm-service-type)
(delete xorg-server-service-type)
(delete alsa-service-type) )))
(setuid-programs
(append (list (file-like->setuid-program
(file-append
(specification->package "swaylock-effects")
"/bin/swaylock"))
(file-like->setuid-program
(file-append
(specification->package "opendoas")
"/bin/doas")))
(delete sudo %setuid-programs)))
(bootloader (bootloader-configuration
(bootloader grub-efi-bootloader)
(targets (list "/boot/efi"))
(keyboard-layout keyboard-layout)))
(mapped-devices (list (mapped-device
(source (uuid
"adcaf322-7ee5-48ec-abf6-4a9b10643878"))
(target "sysroot")
(type luks-device-mapping))))
;; The list of file systems that get "mounted". The unique
;; file system identifiers there ("UUIDs") can be obtained
;; by running 'blkid' in a terminal.
(file-systems (cons* (file-system
(mount-point "/")
(device "/dev/mapper/sysroot")
(type "ext4")
(dependencies mapped-devices))
(file-system
(mount-point "/boot/efi")
(device (uuid "DFE8-32EF"
'fat32))
(type "vfat")) %base-file-systems))
(swap-devices
(list
(swap-space (target (uuid "7e1bb7c5-da2a-4509-8263-f707fc752993"))) )))

24
testvm.scm Normal file
View file

@ -0,0 +1,24 @@
(use-modules (ryan-config base-system)
(gnu))
(operating-system
(inherit base-operating-system)
(host-name "GuixVM")
(mapped-devices (list (mapped-device
(source (uuid
"0b98fe74-ed99-424e-b7d7-514284190528"))
(target "sysroot")
(type luks-device-mapping))))
(file-systems (cons* (file-system
(mount-point "/")
(device "/dev/mapper/sysroot")
(type "ext4")
(dependencies mapped-devices))
(file-system
(mount-point "/boot/efi")
(device (uuid "74F2-CFDC"
'fat32))
(type "vfat")) %base-file-systems))
(swap-devices
(list
(swap-space (target (uuid "277a198e-a3bf-4dba-9077-b1a95cb34869"))))))

24
thinkpad.scm Normal file
View file

@ -0,0 +1,24 @@
(use-modules (ryan-config base-system)
(gnu))
(operating-system
(inherit base-operating-system)
(host-name "RyanThinkpad")
(mapped-devices (list (mapped-device
(source (uuid
"adcaf322-7ee5-48ec-abf6-4a9b10643878"))
(target "sysroot")
(type luks-device-mapping))))
(file-systems (cons* (file-system
(mount-point "/")
(device "/dev/mapper/sysroot")
(type "ext4")
(dependencies mapped-devices))
(file-system
(mount-point "/boot/efi")
(device (uuid "DFE8-32EF"
'fat32))
(type "vfat")) %base-file-systems))
(swap-devices
(list
(swap-space (target (uuid "7e1bb7c5-da2a-4509-8263-f707fc752993"))))))