2024-10-08 18:34:28 +02:00
|
|
|
;;;
|
|
|
|
;;; Configurations GNU Guix des ordinateurs de neox
|
|
|
|
;;;
|
|
|
|
;;; Copyright (C) 2023-2024 Adrien 'neox' Bourmault <neox@a-lec.org>
|
|
|
|
;;;
|
|
|
|
;;; This is free software; you can redistribute it and/or modify it
|
|
|
|
;;; under the terms of the GNU General Public License as published by
|
|
|
|
;;; the Free Software Foundation; either version 3 of the License, or (at
|
|
|
|
;;; your option) any later version.
|
|
|
|
;;;
|
|
|
|
;;; This is distributed in the hope that it will be useful, but
|
|
|
|
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
;;; GNU General Public License for more details.
|
|
|
|
;;;
|
|
|
|
;;; You should have received a copy of the GNU General Public License
|
|
|
|
;;; along with this. If not, see <http://www.gnu.org/licenses/>.
|
2023-01-10 13:21:01 +01:00
|
|
|
|
|
|
|
|
|
|
|
;; Indique quels modules importer pour accéder aux variables
|
|
|
|
;; utilisées dans cette configuration.
|
2024-10-08 18:34:28 +02:00
|
|
|
(use-modules
|
|
|
|
(gnu)
|
|
|
|
(gnu home)
|
|
|
|
(gnu home services gnupg)
|
2024-12-15 13:25:42 +01:00
|
|
|
(gnu home services shells)
|
2024-10-08 18:34:28 +02:00
|
|
|
(gnu packages)
|
2024-12-15 13:25:42 +01:00
|
|
|
(gnu packages autotools)
|
|
|
|
(gnu packages avahi)
|
|
|
|
(gnu packages base)
|
|
|
|
(gnu packages bash)
|
|
|
|
(gnu packages boost)
|
|
|
|
(gnu packages build-tools)
|
|
|
|
(gnu packages compression)
|
2024-10-08 18:34:28 +02:00
|
|
|
(gnu packages cups)
|
2024-12-15 13:25:42 +01:00
|
|
|
(gnu packages freedesktop)
|
|
|
|
(gnu packages freedesktop)
|
|
|
|
(gnu packages ftp)
|
|
|
|
(gnu packages gettext)
|
|
|
|
(gnu packages ghostscript)
|
|
|
|
(gnu packages glib)
|
|
|
|
(gnu packages gnome)
|
|
|
|
(gnu packages gnupg)
|
|
|
|
(gnu packages gtk)
|
|
|
|
(gnu packages image)
|
|
|
|
(gnu packages imagemagick)
|
|
|
|
(gnu packages libusb)
|
|
|
|
(gnu packages linux)
|
|
|
|
(gnu packages messaging)
|
|
|
|
(gnu packages pkg-config)
|
|
|
|
(gnu packages python)
|
|
|
|
(gnu packages scanner)
|
|
|
|
(gnu packages textutils)
|
|
|
|
(gnu packages tls)
|
|
|
|
(gnu packages xml)
|
2024-10-08 18:34:28 +02:00
|
|
|
(gnu services)
|
|
|
|
(gnu services shepherd)
|
|
|
|
(gnu system setuid)
|
2024-12-15 13:25:42 +01:00
|
|
|
(guix build-system gnu)
|
|
|
|
(guix gexp)
|
|
|
|
(guix git-download)
|
|
|
|
(guix download)
|
|
|
|
((guix licenses) #:prefix license:)
|
|
|
|
(guix packages)
|
|
|
|
(guix utils)
|
|
|
|
(srfi srfi-1))
|
2024-10-08 18:34:28 +02:00
|
|
|
|
|
|
|
(use-service-modules
|
|
|
|
cups
|
|
|
|
desktop
|
|
|
|
guix
|
|
|
|
networking
|
|
|
|
ssh
|
|
|
|
xorg
|
|
|
|
virtualization
|
|
|
|
vpn
|
|
|
|
pm
|
|
|
|
security-token)
|
|
|
|
|
|
|
|
;; Service custom fancontrol
|
|
|
|
(define (fancontrol-shepherd-service config)
|
|
|
|
(shepherd-service
|
|
|
|
(documentation "Run the fancontrol daemon (fancontrol-daemon)." )
|
|
|
|
(provision '(fancontrol))
|
|
|
|
(requirement '(udev user-processes))
|
|
|
|
(start #~(make-forkexec-constructor
|
|
|
|
(list #$(file-append (specification->package "lm-sensors") "/sbin/fancontrol")
|
|
|
|
#$config)
|
|
|
|
#:user "root" #:group "root"
|
|
|
|
#:log-file "/var/log/fancontrol.log"))
|
|
|
|
(stop #~(make-kill-destructor))))
|
|
|
|
|
|
|
|
(define fancontrol-service-type
|
|
|
|
(service-type
|
|
|
|
(name 'fancontrol)
|
|
|
|
(description
|
|
|
|
"Run fancontrol as a daemon.")
|
|
|
|
(extensions
|
|
|
|
(list (service-extension shepherd-root-service-type
|
|
|
|
(compose list fancontrol-shepherd-service))))))
|
2023-01-10 13:21:01 +01:00
|
|
|
|
2024-12-02 21:55:55 +01:00
|
|
|
;; Outils GNU Boot
|
|
|
|
(define gnuboot-version "0.1-rc4")
|
|
|
|
(define gnuboot-source
|
|
|
|
(origin
|
|
|
|
(method url-fetch)
|
|
|
|
(uri (string-append "mirror://gnu/gnuboot/gnuboot-" gnuboot-version
|
|
|
|
"/gnuboot-" gnuboot-version "_src.tar.xz"))
|
|
|
|
(sha256
|
|
|
|
(base32
|
|
|
|
"0nc0qjbrnxvs20g36irj11prmrmyk8d8f256xiyxcarnxc0sigfw"))))
|
|
|
|
|
|
|
|
(define
|
|
|
|
(make-gnuboot-utils-package
|
|
|
|
name
|
|
|
|
source
|
|
|
|
version
|
|
|
|
synopsis
|
|
|
|
description)
|
|
|
|
(package
|
|
|
|
(name name)
|
|
|
|
(version version)
|
|
|
|
(source source)
|
|
|
|
(build-system gnu-build-system)
|
|
|
|
(arguments
|
|
|
|
(list
|
|
|
|
#:tests? #f
|
|
|
|
#:make-flags
|
|
|
|
#~(list
|
|
|
|
(string-append "CC=" #$(cc-for-target))
|
|
|
|
(string-append "DESTDIR=" #$output)
|
|
|
|
"INSTALL=install"
|
|
|
|
"PREFIX=/")
|
|
|
|
#:phases
|
|
|
|
#~(modify-phases
|
|
|
|
%standard-phases
|
|
|
|
(delete 'configure)
|
|
|
|
(add-after
|
|
|
|
'unpack 'enter-source
|
|
|
|
(lambda _
|
|
|
|
(chdir (string-append "coreboot/default/util/" #$name)))))))
|
|
|
|
(synopsis synopsis)
|
|
|
|
(description description)
|
|
|
|
(home-page "https://www.gnu.org/software/gnuboot")
|
|
|
|
(license license:gpl2)))
|
|
|
|
|
|
|
|
(define cbfstool
|
|
|
|
(make-gnuboot-utils-package
|
|
|
|
"cbfstool"
|
|
|
|
gnuboot-source
|
|
|
|
gnuboot-version
|
|
|
|
"Tool to manipulate Coreboot image files"
|
|
|
|
"This package provides @command{cbfstool}, a program that can
|
|
|
|
add a wide variety of files (bootblock, stage, payload, configuration
|
|
|
|
files, etc) to Coreboot File System (CBFS) images. It supports
|
|
|
|
original CBFS images as well as images in the newer FMAP format. It
|
|
|
|
also supports compressing files when requested."))
|
|
|
|
|
|
|
|
(define ifdtool
|
|
|
|
(make-gnuboot-utils-package
|
|
|
|
"ifdtool"
|
|
|
|
gnuboot-source
|
|
|
|
gnuboot-version
|
|
|
|
""
|
|
|
|
""))
|
|
|
|
|
|
|
|
(define nvramtool
|
|
|
|
(make-gnuboot-utils-package
|
|
|
|
"nvramtool"
|
|
|
|
gnuboot-source
|
|
|
|
gnuboot-version
|
|
|
|
""
|
|
|
|
""))
|
|
|
|
|
2024-12-15 13:25:42 +01:00
|
|
|
(define gnupload
|
|
|
|
(package
|
|
|
|
(name "gnupload")
|
|
|
|
(version (package-version gnulib))
|
|
|
|
(source (package-source gnulib))
|
|
|
|
(arguments
|
|
|
|
(list #:tests? #f
|
|
|
|
#:phases
|
|
|
|
#~(modify-phases
|
|
|
|
%standard-phases
|
|
|
|
(add-after 'unpack 'chdir
|
|
|
|
(lambda _ (chdir "build-aux")))
|
|
|
|
(delete 'bootstrap)
|
|
|
|
(delete 'configure)
|
|
|
|
(delete 'build)
|
|
|
|
(replace
|
|
|
|
'install
|
|
|
|
(lambda _
|
|
|
|
(install-file
|
|
|
|
"gnupload"
|
|
|
|
(string-append #$output "/bin/")))))))
|
|
|
|
(build-system gnu-build-system)
|
|
|
|
(inputs (list
|
|
|
|
bash ;; case esac break read eval shift exit
|
|
|
|
coreutils ;; echo test shift rm cat
|
|
|
|
gnupg ;; gpg gpg-agent
|
|
|
|
grep ;; grep
|
|
|
|
ncftp ;; ncftpput
|
|
|
|
sed)) ;; sed
|
|
|
|
(synopsis "")
|
|
|
|
(description "")
|
|
|
|
(home-page "")
|
|
|
|
(license license:gpl2+)))
|
|
|
|
|
2023-10-02 22:27:41 +02:00
|
|
|
;; Configuration sudoer personnalisée
|
2023-01-10 13:21:01 +01:00
|
|
|
(define %sudoers-specification
|
|
|
|
(plain-file "sudoers" "\
|
|
|
|
root ALL=(ALL) ALL
|
|
|
|
%wheel ALL=(ALL) NOPASSWD: ALL
|
|
|
|
"))
|
|
|
|
|
2023-10-02 22:27:41 +02:00
|
|
|
;; Configuration spice personnalisée
|
|
|
|
;; Permet le partage de périphériques USB via virt-manager
|
2023-01-10 13:21:01 +01:00
|
|
|
(define %spice-rules
|
|
|
|
(udev-rule
|
2023-10-02 22:27:41 +02:00
|
|
|
"41-spice-and-nitrokey.rules"
|
2023-01-10 13:21:01 +01:00
|
|
|
(string-append "\
|
|
|
|
SUBSYSTEM==\"usb\", GROUP=\"spice\", MODE=\"0660\"
|
|
|
|
SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
|
2023-10-02 22:27:41 +02:00
|
|
|
ACTION!=\"add|change\", GOTO=\"u2f_end\"
|
|
|
|
KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"2581\", ATTRS{idProduct}==\"f1d0\", TAG+=\"uaccess\"
|
|
|
|
KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4287\", TAG+=\"uaccess\"
|
|
|
|
KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42b1\", TAG+=\"uaccess\"
|
|
|
|
KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42b2\", TAG+=\"uaccess\"
|
|
|
|
KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42dd\", TAG+=\"uaccess\"
|
|
|
|
ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42e8\", TAG+=\"uaccess\"
|
|
|
|
LABEL=\"u2f_end\"
|
|
|
|
SUBSYSTEM!=\"usb\", GOTO=\"gnupg_rules_end\"
|
|
|
|
ACTION!=\"add\", GOTO=\"gnupg_rules_end\"
|
|
|
|
ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4107\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
|
|
|
|
ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4108\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
|
|
|
|
ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42b4\", TAG+=\"uaccess\"
|
|
|
|
ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4109\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
|
|
|
|
ATTR{idVendor}==\"03eb\", ATTR{idProduct}==\"2ff1\", TAG+=\"uaccess\"
|
|
|
|
ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4211\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
|
|
|
|
ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4230\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
|
|
|
|
LABEL=\"gnupg_rules_end\"
|
|
|
|
KERNEL==\"sd?1\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4109\", SYMLINK+=\"nitrospace\"
|
2023-01-10 13:21:01 +01:00
|
|
|
")))
|
|
|
|
|
2024-10-08 18:34:28 +02:00
|
|
|
(define %bashrc_content
|
|
|
|
(plain-file "bashrc" "\
|
|
|
|
if [ -n \"$GUIX_ENVIRONMENT\" ]
|
|
|
|
then
|
|
|
|
PS1='\\[\\033[01;32m\\]\\u@\\h\\[\\033[00m\\]:\\[\\033[01;34m\\]\\w\\[\\033[00m\\] [env] \\$ '
|
|
|
|
else
|
|
|
|
PS1='\\[\\033[01;32m\\]\\u@\\h\\[\\033[00m\\]:\\[\\033[01;34m\\]\\w\\[\\033[00m\\]\\$ '
|
|
|
|
fi
|
|
|
|
|
|
|
|
guix() {
|
|
|
|
if [[ \"$1\" == \"install\" ]]; then
|
|
|
|
echo \"Tu es débile, ou bien ?\"
|
|
|
|
elif [[ \"$1\" == \"remove\" ]]; then
|
|
|
|
echo \"Tu es débile, ou bien ?\"
|
|
|
|
else
|
|
|
|
command guix \"$@\"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2024-10-09 12:16:55 +02:00
|
|
|
PATH=\"$PATH:/home/neox/.local/bin\"
|
|
|
|
|
2024-10-08 18:34:28 +02:00
|
|
|
if [[ ! -n \"$SSH_CLIENT\" ]]; then
|
|
|
|
unset SSH_AGENT_PID
|
|
|
|
if [ \"${gnupg_SSH_AUTH_SOCK_by:-0}\" -ne $$ ]; then
|
|
|
|
export SSH_AUTH_SOCK=\"$(gpgconf --list-dirs agent-ssh-socket)\"
|
|
|
|
fi
|
|
|
|
fi"))
|
|
|
|
|
|
|
|
(define %profile_content
|
|
|
|
(plain-file "profile" "\
|
|
|
|
if [[ ! -n \"$SSH_CLIENT\" ]]; then
|
|
|
|
unset SSH_AGENT_PID
|
|
|
|
if [ \"${gnupg_SSH_AUTH_SOCK_by:-0}\" -ne $$ ]; then
|
|
|
|
export SSH_AUTH_SOCK=\"$(gpgconf --list-dirs agent-ssh-socket)\"
|
|
|
|
fi
|
|
|
|
fi"))
|
|
|
|
|
|
|
|
(define %home_configuration
|
|
|
|
(home-environment
|
|
|
|
(services
|
|
|
|
(list
|
|
|
|
(service home-bash-service-type
|
|
|
|
(home-bash-configuration
|
|
|
|
(environment-variables
|
|
|
|
'(
|
|
|
|
("BSD_GAMES_DIR" . "~/.local/share/bsd-games")
|
2024-10-09 12:16:55 +02:00
|
|
|
("PATH" . "$PATH:/home/neox/.local/bin")
|
2024-10-08 18:34:28 +02:00
|
|
|
("GCC_COLORS" . "'error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'")
|
|
|
|
("GUIX_PACKAGE_PATH" . "$HOME/.config/guix/packages/defs")
|
|
|
|
("XDG_DATA_DIRS" . "$XDG_DATA_DIRS:$HOME/.local/share/flatpak/exports/share:/var/lib/flatpak/exports/share")
|
2024-12-02 21:55:55 +01:00
|
|
|
("LV2_PATH" . "/run/current-system/profile/lib/lv2")))
|
2024-10-08 18:34:28 +02:00
|
|
|
(aliases
|
|
|
|
'(
|
|
|
|
("clear" . "printf '\\033c'")
|
|
|
|
("dir" . "dir --color=auto")
|
|
|
|
("egrep" . "grep -E --color=auto")
|
|
|
|
("fgrep" . "grep -F --color=auto")
|
|
|
|
("grep" . "grep --color=auto")
|
|
|
|
("la" . "ls -lthA -p --color=auto")
|
|
|
|
("ll" . "ls -lth -p --color=auto")
|
|
|
|
("ls" . "ls -p --color=auto")
|
|
|
|
("vdir" . "vdir --color=auto")))
|
|
|
|
(bashrc
|
|
|
|
(list
|
|
|
|
%bashrc_content))))
|
|
|
|
|
|
|
|
(service home-gpg-agent-service-type
|
|
|
|
(home-gpg-agent-configuration
|
|
|
|
(pinentry-program
|
|
|
|
(file-append pinentry-gnome3 "/bin/pinentry-gnome3"))
|
|
|
|
(ssh-support? #t)))))))
|
2024-05-09 12:53:57 +02:00
|
|
|
|
2023-10-02 22:27:41 +02:00
|
|
|
;; Configuration du système
|
|
|
|
;; C'est le point d'entrée de la configuration
|
2023-01-10 13:21:01 +01:00
|
|
|
(operating-system
|
|
|
|
(locale "fr_FR.utf8")
|
|
|
|
(timezone "Europe/Paris")
|
|
|
|
(keyboard-layout (keyboard-layout "fr" "oss"))
|
|
|
|
(host-name "n-guix-fix")
|
|
|
|
|
2023-10-02 22:27:41 +02:00
|
|
|
;; Application de la configuration sudoer personnalisée (définie plus haut)
|
2023-01-10 13:21:01 +01:00
|
|
|
(kernel-arguments
|
2024-10-08 18:34:28 +02:00
|
|
|
(list
|
|
|
|
"nohz=on"
|
|
|
|
"modprobe.blacklist=pcspkr,usbmouse,usbkbd"
|
|
|
|
"iommu=pt"
|
|
|
|
"nouveau.config=NvClkMode=15"))
|
|
|
|
|
|
|
|
(initrd-modules
|
|
|
|
(append
|
|
|
|
(list
|
|
|
|
"w83795"
|
|
|
|
"vfio-pci"
|
|
|
|
"vfio_iommu_type1"
|
|
|
|
"mpt3sas"
|
|
|
|
"dm-raid"
|
|
|
|
"dm-cache"
|
|
|
|
"dm-crypt")
|
|
|
|
%base-initrd-modules))
|
2023-01-10 13:21:01 +01:00
|
|
|
|
|
|
|
(sudoers-file %sudoers-specification)
|
|
|
|
|
|
|
|
;; La liste des comptes utilisateurs (« root » est implicite).
|
2024-10-08 18:34:28 +02:00
|
|
|
(users
|
|
|
|
(cons*
|
|
|
|
(user-account
|
|
|
|
(name "neox")
|
|
|
|
(comment "neox")
|
|
|
|
(password (crypt "password" "$6$abc"))
|
|
|
|
(group "users")
|
|
|
|
(home-directory "/home/neox")
|
|
|
|
(supplementary-groups
|
|
|
|
'("wheel"
|
|
|
|
"netdev"
|
|
|
|
"audio"
|
|
|
|
"video"
|
|
|
|
"libvirt"
|
|
|
|
"kvm"
|
|
|
|
"scanner"
|
|
|
|
"spice"
|
|
|
|
"cdrom"
|
|
|
|
"lpadmin"
|
|
|
|
"lp")))
|
|
|
|
%base-user-accounts))
|
|
|
|
|
|
|
|
;; Quelques paquets installés au niveau du système.
|
|
|
|
;; On installe notamment network-manager et son extension pour openvpn,
|
|
|
|
;; ou encore libvirt/virt-manager pour la virtualisation
|
|
|
|
(packages
|
|
|
|
(append
|
|
|
|
(specifications->packages
|
|
|
|
(list
|
|
|
|
"adb"
|
|
|
|
"alsa-plugins"
|
|
|
|
"alsa-utils"
|
|
|
|
"ardour"
|
|
|
|
"audacity"
|
|
|
|
"bind:utils"
|
|
|
|
"binutils"
|
|
|
|
"cabextract"
|
2024-12-02 21:55:55 +01:00
|
|
|
"calf"
|
2024-10-08 18:34:28 +02:00
|
|
|
"cdrdao"
|
2024-12-15 13:25:42 +01:00
|
|
|
"cdrtools"
|
2024-10-08 18:34:28 +02:00
|
|
|
"claws-mail"
|
|
|
|
"cmatrix"
|
|
|
|
"cpupower"
|
|
|
|
"cryptsetup"
|
|
|
|
"curl"
|
|
|
|
"cvs"
|
|
|
|
"dconf-editor"
|
|
|
|
"dino"
|
|
|
|
"emacs"
|
|
|
|
"endeavour"
|
2024-12-15 13:25:42 +01:00
|
|
|
"eudev"
|
2024-10-08 18:34:28 +02:00
|
|
|
"evolution"
|
|
|
|
"exfatprogs"
|
|
|
|
"fastboot"
|
|
|
|
;"ffmpeg"
|
|
|
|
"file"
|
|
|
|
"flashrom"
|
|
|
|
"flatpak"
|
|
|
|
"font-awesome"
|
|
|
|
"font-liberation"
|
|
|
|
"font-openmoji"
|
2024-12-15 13:25:42 +01:00
|
|
|
"freehdl"
|
2024-10-08 18:34:28 +02:00
|
|
|
"gallery-dl"
|
|
|
|
"gdb"
|
2024-12-02 21:55:55 +01:00
|
|
|
"ghex"
|
2024-10-08 18:34:28 +02:00
|
|
|
"ghostscript"
|
|
|
|
"ghostwriter"
|
|
|
|
"gimp"
|
|
|
|
"git"
|
|
|
|
"git-lfs"
|
|
|
|
"git:send-email"
|
|
|
|
"glmark2"
|
|
|
|
"gnome-bluetooth"
|
|
|
|
"gnome-builder"
|
|
|
|
"gnome-font-viewer"
|
|
|
|
"gnome-maps"
|
|
|
|
"gnome-power-manager"
|
|
|
|
"gnome-shell-extension-appindicator"
|
|
|
|
"gnome-shell-extension-blur-my-shell"
|
|
|
|
"gnome-shell-extension-burn-my-windows"
|
|
|
|
"gnome-shell-extension-dash-to-dock"
|
|
|
|
"gnome-shell-extension-night-theme-switcher"
|
|
|
|
"gnome-shell-extension-noannoyance"
|
|
|
|
"gnome-shell-extension-vitals"
|
|
|
|
"gnome-tweaks"
|
|
|
|
"gnupg"
|
|
|
|
"gnuplot"
|
|
|
|
"gparted"
|
|
|
|
"gpgme"
|
|
|
|
"graphviz"
|
|
|
|
"grub"
|
|
|
|
"hexchat"
|
|
|
|
"hplip"
|
|
|
|
"htop"
|
|
|
|
"hwloc"
|
|
|
|
"icecat"
|
|
|
|
"inetutils"
|
|
|
|
"inkscape"
|
|
|
|
"iptables"
|
|
|
|
"jack"
|
|
|
|
"jp2a"
|
|
|
|
"kajongg"
|
|
|
|
"kcachegrind"
|
|
|
|
"kgraphviewer"
|
|
|
|
"kicad"
|
|
|
|
"kicad-doc"
|
2024-12-15 13:25:42 +01:00
|
|
|
"kicad-footprints"
|
|
|
|
"kicad-packages3d"
|
|
|
|
"kicad-symbols"
|
|
|
|
"kicad-templates"
|
2024-10-08 18:34:28 +02:00
|
|
|
"ldns"
|
|
|
|
"libreoffice"
|
|
|
|
"libtree"
|
|
|
|
"libvirt"
|
|
|
|
"licensecheck"
|
|
|
|
"lm-sensors"
|
|
|
|
"lsof"
|
|
|
|
"lvm2"
|
|
|
|
"lynx"
|
|
|
|
"make"
|
|
|
|
"man-pages"
|
|
|
|
"mdadm"
|
|
|
|
"mediainfo"
|
|
|
|
"megatools"
|
|
|
|
"meld"
|
|
|
|
"microcom"
|
|
|
|
"minetest"
|
|
|
|
"minicom"
|
|
|
|
"minisat"
|
|
|
|
"mpv"
|
|
|
|
"mtr"
|
|
|
|
"mumble"
|
|
|
|
"nbd"
|
|
|
|
"ncftp"
|
|
|
|
"ndisc6"
|
|
|
|
"neofetch"
|
|
|
|
"network-manager"
|
|
|
|
"network-manager-openvpn"
|
|
|
|
"nextcloud-client"
|
|
|
|
"nitrocli"
|
|
|
|
"nmap"
|
|
|
|
"ntfs-3g"
|
|
|
|
"openssh"
|
|
|
|
"openssl"
|
|
|
|
"openvpn"
|
|
|
|
"pam-u2f"
|
|
|
|
"pandoc"
|
|
|
|
"parallel"
|
|
|
|
"parted"
|
|
|
|
"patchelf"
|
|
|
|
"pavucontrol"
|
|
|
|
"perl6-mime-base64"
|
|
|
|
"perl-email-mime-encodings"
|
2024-12-15 13:25:42 +01:00
|
|
|
"perl-mime-base64"
|
2024-10-08 18:34:28 +02:00
|
|
|
"pkg-config"
|
|
|
|
"poppler"
|
|
|
|
"powertop"
|
|
|
|
"profanity"
|
|
|
|
"progress"
|
|
|
|
"pv"
|
|
|
|
"python"
|
|
|
|
"python-logutils"
|
|
|
|
"python-markdown"
|
|
|
|
"python-paramiko"
|
2024-10-09 12:16:55 +02:00
|
|
|
"python-virtualenv"
|
2024-12-15 13:25:42 +01:00
|
|
|
;"python-woob"
|
|
|
|
"python-wrapper"
|
2024-10-08 18:34:28 +02:00
|
|
|
"qbittorrent"
|
|
|
|
"qemu"
|
|
|
|
"qjackctl"
|
|
|
|
"qpdf"
|
|
|
|
"recutils"
|
|
|
|
"rsync"
|
|
|
|
"rubber"
|
|
|
|
"ruby-pygmentize"
|
|
|
|
"screen"
|
|
|
|
"seahorse"
|
|
|
|
"setxkbmap"
|
|
|
|
"simplescreenrecorder"
|
|
|
|
"sl"
|
|
|
|
"speedtest-cli"
|
|
|
|
"sqlitebrowser"
|
|
|
|
"sshpass"
|
|
|
|
"system-config-printer"
|
|
|
|
"testdisk"
|
|
|
|
"texlive"
|
|
|
|
"texlive-biber"
|
|
|
|
"texmaker"
|
|
|
|
"thin-provisioning-tools"
|
|
|
|
"tig"
|
|
|
|
"tilix"
|
2024-12-02 21:55:55 +01:00
|
|
|
"tor"
|
|
|
|
"torbrowser"
|
2024-12-15 13:25:42 +01:00
|
|
|
"translate2geda"
|
2024-10-08 18:34:28 +02:00
|
|
|
"transmission"
|
|
|
|
"tree"
|
|
|
|
"uefitool"
|
|
|
|
"ungoogled-chromium"
|
|
|
|
"virt-manager"
|
|
|
|
"vlc"
|
|
|
|
"wine64"
|
|
|
|
"xauth"
|
|
|
|
;"xdg-desktop-portal"
|
|
|
|
"xdg-desktop-portal-gnome"
|
|
|
|
"xdg-desktop-portal-gtk"
|
|
|
|
"xdg-utils"
|
|
|
|
"xdot"
|
|
|
|
"xdotool"
|
|
|
|
"xeyes"
|
|
|
|
"xournalpp"
|
|
|
|
"xrdp"
|
|
|
|
"yt-dlp"
|
|
|
|
"zstd"))
|
2024-12-15 13:25:42 +01:00
|
|
|
|
|
|
|
(list
|
|
|
|
gnupload)
|
|
|
|
|
2024-10-08 18:34:28 +02:00
|
|
|
%base-packages))
|
2023-01-10 13:21:01 +01:00
|
|
|
|
2024-12-15 13:25:42 +01:00
|
|
|
|
2024-10-08 18:34:28 +02:00
|
|
|
;; Quelques programmes auquels donner des accès spéciaux (setuid)
|
|
|
|
;; (en particulier, logiciels de gravure)
|
2023-06-13 00:00:22 +02:00
|
|
|
(setuid-programs
|
2024-10-08 18:34:28 +02:00
|
|
|
(append (list
|
2023-06-13 00:00:22 +02:00
|
|
|
(setuid-program
|
|
|
|
(program (file-append (specification->package "cdrtools") "/bin/cdrecord")))
|
|
|
|
(setuid-program
|
|
|
|
(program (file-append (specification->package "cdrtools") "/bin/readcd")))
|
|
|
|
(setuid-program
|
|
|
|
(program (file-append (specification->package "cdrtools") "/bin/mkisofs")))
|
|
|
|
(setuid-program
|
2024-10-08 18:34:28 +02:00
|
|
|
(program (file-append (specification->package "cdrdao") "/bin/cdrdao"))))
|
2023-06-13 00:00:22 +02:00
|
|
|
%setuid-programs))
|
|
|
|
|
2023-10-02 22:27:41 +02:00
|
|
|
;; Services du système.
|
|
|
|
;; On en profite pour modifier le comportement par défaut de quelques services.
|
2023-01-10 13:21:01 +01:00
|
|
|
(services
|
2024-10-08 18:34:28 +02:00
|
|
|
(modify-services
|
|
|
|
(append
|
2023-10-02 22:27:41 +02:00
|
|
|
(list
|
2024-10-08 18:34:28 +02:00
|
|
|
;; Service guix home (reconfiguration auto des profils)
|
|
|
|
(service guix-home-service-type
|
|
|
|
`(("neox" ,%home_configuration)))
|
|
|
|
|
|
|
|
;; Service bluetooth
|
|
|
|
(service bluetooth-service-type)
|
|
|
|
|
|
|
|
;; Service de contrôle des ventilateurs
|
|
|
|
(service fancontrol-service-type "/etc/fancontrol")
|
|
|
|
|
|
|
|
;; Service de gestion des clés de chiffrement physique
|
|
|
|
(service pcscd-service-type)
|
|
|
|
|
|
|
|
;; Service OpenSSH
|
|
|
|
(service openssh-service-type
|
|
|
|
(openssh-configuration
|
|
|
|
(x11-forwarding? #t)
|
|
|
|
(password-authentication? #f)
|
|
|
|
(permit-root-login 'prohibit-password)))
|
2024-12-02 21:55:55 +01:00
|
|
|
;; Service Tor
|
|
|
|
(service tor-service-type)
|
|
|
|
|
2024-10-08 18:34:28 +02:00
|
|
|
;; Service d'impression
|
|
|
|
(service cups-service-type
|
|
|
|
(cups-configuration
|
|
|
|
(web-interface? #f)
|
|
|
|
(extensions
|
|
|
|
(list cups-filters epson-inkjet-printer-escpr hplip-minimal))))
|
|
|
|
|
|
|
|
;; Service KVM/Libvirt pour virt-manager
|
|
|
|
(service libvirt-service-type)
|
|
|
|
(service virtlog-service-type)
|
2023-10-02 22:27:41 +02:00
|
|
|
|
2024-10-08 18:34:28 +02:00
|
|
|
;; Application de la configuration spice personnalisée (définie plus haut)
|
|
|
|
(udev-rules-service 'spice %spice-rules #:groups '("spice"))
|
|
|
|
|
|
|
|
;; Modification des limites mémoires pour les accès audio temps réel
|
|
|
|
;; (utile notamment pour Ardour)
|
|
|
|
(service pam-limits-service-type
|
|
|
|
(list
|
|
|
|
(pam-limits-entry "@audio" 'both 'rtprio 99)
|
|
|
|
(pam-limits-entry "@audio" 'both 'memlock 'unlimited)))
|
|
|
|
|
|
|
|
;; Service Gnome/GDM
|
|
|
|
(service gnome-desktop-service-type)
|
|
|
|
|
|
|
|
;; Configuration de l'environnement graphique (notamment clavier)
|
|
|
|
(set-xorg-configuration
|
|
|
|
(xorg-configuration (keyboard-layout keyboard-layout))))
|
|
|
|
|
|
|
|
;; Services par défaut du système
|
2023-10-02 22:27:41 +02:00
|
|
|
%desktop-services)
|
2024-10-08 18:34:28 +02:00
|
|
|
|
|
|
|
;; Modification de services par défaut
|
|
|
|
;; Configuration du service upower pour éviter la mise en veille lors
|
|
|
|
;; de la fermeture de capot
|
|
|
|
(upower-service-type config => (upower-configuration
|
|
|
|
(inherit config)
|
|
|
|
(ignore-lid? #t)))
|
2023-10-02 22:27:41 +02:00
|
|
|
|
2024-10-08 18:34:28 +02:00
|
|
|
;; Configuration du service elogind pour éviter la mise en veille lors
|
|
|
|
;; de la fermeture du capot
|
|
|
|
(elogind-service-type config => (elogind-configuration
|
|
|
|
(inherit config)
|
|
|
|
(handle-lid-switch 'ignore)
|
|
|
|
(handle-lid-switch-external-power 'ignore)))
|
2023-01-10 13:21:01 +01:00
|
|
|
|
2024-10-08 18:34:28 +02:00
|
|
|
;; Configuration du service network-manager pour prendre en charge
|
|
|
|
;; OpenVPN
|
|
|
|
(network-manager-service-type config => (network-manager-configuration
|
|
|
|
(inherit config)
|
|
|
|
(vpn-plugins
|
|
|
|
(list (specification->package "network-manager-openvpn")))))))
|
2023-01-10 13:21:01 +01:00
|
|
|
|
2023-10-02 22:27:41 +02:00
|
|
|
;; Chargeur de démarrage (GRUB)
|
|
|
|
;; On indique ici où il doit être installé et comment le configurer
|
2024-10-08 18:34:28 +02:00
|
|
|
(bootloader
|
2024-05-09 12:53:57 +02:00
|
|
|
(bootloader-configuration
|
|
|
|
(bootloader grub-bootloader)
|
|
|
|
(targets (list "/dev/nvme0n1"))
|
|
|
|
(terminal-outputs '(console))
|
|
|
|
(keyboard-layout keyboard-layout)
|
2024-10-08 18:34:28 +02:00
|
|
|
(theme
|
2024-05-09 12:53:57 +02:00
|
|
|
(grub-theme
|
|
|
|
(inherit (grub-theme))
|
|
|
|
(gfxmode '("640x480-24"))))))
|
2024-10-08 18:34:28 +02:00
|
|
|
|
2023-10-02 22:27:41 +02:00
|
|
|
;; Périphériques mappés
|
|
|
|
;; On configure notamment ici les partitions chiffrées (LUKS)
|
2023-01-10 13:21:01 +01:00
|
|
|
(mapped-devices
|
|
|
|
(list
|
|
|
|
(mapped-device
|
2024-10-08 18:34:28 +02:00
|
|
|
(source (uuid "ecac05ea-298a-4565-a054-dc8e5bf4a2f8"))
|
|
|
|
(target "luks-ecac05ea-298a-4565-a054-dc8e5bf4a2f8")
|
2023-06-13 00:00:22 +02:00
|
|
|
(type luks-device-mapping))))
|
2023-01-10 13:21:01 +01:00
|
|
|
|
2024-10-08 18:34:28 +02:00
|
|
|
;; Specify a swap file for the system, which resides on the
|
|
|
|
;; root file system.
|
|
|
|
;(swap-devices
|
|
|
|
; (list
|
|
|
|
; (swap-space
|
|
|
|
; (target "/swapfile"))))
|
|
|
|
|
2023-10-02 22:27:41 +02:00
|
|
|
;; La liste des systèmes de fichiers montés au démarrage
|
2024-10-08 18:34:28 +02:00
|
|
|
;; On configure ici le montage des partitions chiffrées et non chiffrées
|
|
|
|
(file-systems
|
|
|
|
(cons*
|
2023-01-10 13:21:01 +01:00
|
|
|
(file-system
|
|
|
|
(mount-point "/")
|
|
|
|
(device (uuid "2e44f3f7-bb6b-43ac-933a-e8992bf10d29" 'ext4))
|
|
|
|
(type "ext4"))
|
|
|
|
(file-system
|
|
|
|
(mount-point "/home")
|
2024-10-08 18:34:28 +02:00
|
|
|
(device "/dev/mapper/luks-ecac05ea-298a-4565-a054-dc8e5bf4a2f8")
|
2023-01-10 13:21:01 +01:00
|
|
|
(type "ext4")
|
|
|
|
(dependencies mapped-devices))
|
2024-10-08 18:34:28 +02:00
|
|
|
(file-system
|
|
|
|
(mount-point "/home/neox/.local/share/flatpak")
|
|
|
|
(device (uuid "6e27560f-62c7-434f-a278-45fd3aaf27ba" 'ext4))
|
|
|
|
(type "ext4")
|
|
|
|
(dependencies
|
|
|
|
(list
|
|
|
|
(file-system
|
|
|
|
(mount-point "/home")
|
|
|
|
(device "/dev/mapper/luks-ecac05ea-298a-4565-a054-dc8e5bf4a2f8")
|
|
|
|
(type "ext4")
|
|
|
|
(dependencies mapped-devices)))))
|
2023-01-10 13:21:01 +01:00
|
|
|
%base-file-systems)))
|