Modifs globales
This commit is contained in:
parent
14494ab066
commit
11a8df7c18
67
config.scm
67
config.scm
|
@ -10,6 +10,7 @@
|
||||||
;; Indique quels modules importer pour accéder aux variables
|
;; Indique quels modules importer pour accéder aux variables
|
||||||
;; utilisées dans cette configuration.
|
;; utilisées dans cette configuration.
|
||||||
(use-modules (gnu))
|
(use-modules (gnu))
|
||||||
|
(use-modules (gnu system setuid))
|
||||||
(use-modules (nongnu packages linux) (nongnu system linux-initrd))
|
(use-modules (nongnu packages linux) (nongnu system linux-initrd))
|
||||||
(use-service-modules cups desktop networking ssh xorg virtualization vpn)
|
(use-service-modules cups desktop networking ssh xorg virtualization vpn)
|
||||||
|
|
||||||
|
@ -38,14 +39,16 @@ SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
|
||||||
|
|
||||||
(kernel linux)
|
(kernel linux)
|
||||||
|
|
||||||
(kernel-arguments
|
|
||||||
(append
|
|
||||||
(list "modprobe.blacklist=nouveau,pcspkr" "amd_iommu=on" "iommu=pt" "splash")
|
|
||||||
%default-kernel-arguments))
|
|
||||||
|
|
||||||
(initrd microcode-initrd)
|
(initrd microcode-initrd)
|
||||||
(firmware (list linux-firmware))
|
(firmware (list linux-firmware))
|
||||||
|
|
||||||
|
(kernel-arguments
|
||||||
|
(append
|
||||||
|
(list "modprobe.blacklist=nouveau,pcspkr" "amd_iommu=on" "iommu=pt")
|
||||||
|
%default-kernel-arguments))
|
||||||
|
|
||||||
|
(initrd-modules (append (list "vfio-pci" "vfio_iommu_type1" "dm-raid" "dm-cache" "dm-crypt" "radeon") %base-initrd-modules))
|
||||||
|
|
||||||
(sudoers-file %sudoers-specification)
|
(sudoers-file %sudoers-specification)
|
||||||
|
|
||||||
;; La liste des comptes utilisateurs (« root » est implicite).
|
;; La liste des comptes utilisateurs (« root » est implicite).
|
||||||
|
@ -54,9 +57,21 @@ SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
|
||||||
(comment "neox")
|
(comment "neox")
|
||||||
(group "users")
|
(group "users")
|
||||||
(home-directory "/home/neox")
|
(home-directory "/home/neox")
|
||||||
(supplementary-groups '("wheel" "netdev" "audio" "video" "libvirt" "kvm" "scanner" "spice")))
|
(supplementary-groups '("users" "wheel" "netdev" "audio" "video" "libvirt" "kvm" "scanner" "spice" "cdrom" "lpadmin")))
|
||||||
%base-user-accounts))
|
%base-user-accounts))
|
||||||
|
|
||||||
|
(setuid-programs
|
||||||
|
(append (list
|
||||||
|
(setuid-program
|
||||||
|
(program (file-append (specification->package "cdrtools") "/bin/cdrecord")))
|
||||||
|
(setuid-program
|
||||||
|
(program (file-append (specification->package "cdrtools") "/bin/readcd")))
|
||||||
|
(setuid-program
|
||||||
|
(program (file-append (specification->package "cdrtools") "/bin/mkisofs")))
|
||||||
|
(setuid-program
|
||||||
|
(program (file-append (specification->package "cdrdao") "/bin/cdrdao"))))
|
||||||
|
%setuid-programs))
|
||||||
|
|
||||||
;; Packages installed system-wide. Users can also install packages
|
;; Packages installed system-wide. Users can also install packages
|
||||||
;; under their own account: use 'guix search KEYWORD' to search
|
;; under their own account: use 'guix search KEYWORD' to search
|
||||||
;; for packages and 'guix install PACKAGE' to install a package.
|
;; for packages and 'guix install PACKAGE' to install a package.
|
||||||
|
@ -67,7 +82,9 @@ SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
|
||||||
(specification->package "lvm2")
|
(specification->package "lvm2")
|
||||||
(specification->package "mdadm")
|
(specification->package "mdadm")
|
||||||
(specification->package "network-manager")
|
(specification->package "network-manager")
|
||||||
(specification->package "network-manager-openvpn"))
|
(specification->package "network-manager-openvpn")
|
||||||
|
(specification->package "xf86-video-ati")
|
||||||
|
(specification->package "thin-provisioning-tools"))
|
||||||
%base-packages))
|
%base-packages))
|
||||||
|
|
||||||
;; Voici la liste des services du système. Pour trouver les services disponibles,
|
;; Voici la liste des services du système. Pour trouver les services disponibles,
|
||||||
|
@ -77,9 +94,16 @@ SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
|
||||||
(list
|
(list
|
||||||
(service gnome-desktop-service-type)
|
(service gnome-desktop-service-type)
|
||||||
(service cups-service-type)
|
(service cups-service-type)
|
||||||
(service libvirt-service-type)
|
(service libvirt-service-type
|
||||||
|
(libvirt-configuration
|
||||||
|
(unix-sock-group "libvirt")))
|
||||||
(udev-rules-service 'spice %spice-rules #:groups '("spice"))
|
(udev-rules-service 'spice %spice-rules #:groups '("spice"))
|
||||||
(service virtlog-service-type)
|
(service virtlog-service-type)
|
||||||
|
(pam-limits-service
|
||||||
|
(list
|
||||||
|
(pam-limits-entry "@audio" 'both 'rtprio 99)
|
||||||
|
(pam-limits-entry "@audio" 'both 'memlock 'unlimited)))
|
||||||
|
|
||||||
(set-xorg-configuration
|
(set-xorg-configuration
|
||||||
(xorg-configuration (keyboard-layout keyboard-layout))))
|
(xorg-configuration (keyboard-layout keyboard-layout))))
|
||||||
%desktop-services)
|
%desktop-services)
|
||||||
|
@ -91,10 +115,7 @@ SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
|
||||||
|
|
||||||
(guix-service-type config => (guix-configuration
|
(guix-service-type config => (guix-configuration
|
||||||
(inherit config)
|
(inherit config)
|
||||||
(substitute-urls
|
(extra-options '("--cores=5"))))))
|
||||||
(append (list "https://substitutes.nonguix.org") %default-substitute-urls))
|
|
||||||
(authorized-keys
|
|
||||||
(append (list (local-file "./nonguix-key.pub")) %default-authorized-guix-keys))))))
|
|
||||||
|
|
||||||
(bootloader (bootloader-configuration
|
(bootloader (bootloader-configuration
|
||||||
(bootloader grub-efi-bootloader)
|
(bootloader grub-efi-bootloader)
|
||||||
|
@ -108,21 +129,13 @@ SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
|
||||||
(mapped-devices
|
(mapped-devices
|
||||||
(list
|
(list
|
||||||
(mapped-device
|
(mapped-device
|
||||||
(source (uuid "004c8c71-696f-4aa9-ad87-546a5457c988"))
|
(source "HOMERAID")
|
||||||
(target "luks-004c8c71-696f-4aa9-ad87-546a5457c988")
|
(target "HOMERAID-HOMERAID_data")
|
||||||
(type luks-device-mapping))
|
(type lvm-device-mapping))
|
||||||
(mapped-device
|
(mapped-device
|
||||||
(source (list "/dev/sda1" "/dev/sdb1"))
|
(source "/dev/mapper/HOMERAID-HOMERAID_data")
|
||||||
(target "/dev/md1")
|
(target "luks-f0a72a6c-499b-4445-8d13-21dc99337752")
|
||||||
(type raid-device-mapping))
|
(type luks-device-mapping))))
|
||||||
(mapped-device
|
|
||||||
(source (list "/dev/sde1" "/dev/sdf1"))
|
|
||||||
(target "/dev/md0")
|
|
||||||
(type raid-device-mapping))
|
|
||||||
(mapped-device
|
|
||||||
(source (list "/dev/sdc1" "/dev/sdd1"))
|
|
||||||
(target "/dev/md2")
|
|
||||||
(type raid-device-mapping))))
|
|
||||||
|
|
||||||
(file-systems
|
(file-systems
|
||||||
(cons*
|
(cons*
|
||||||
|
@ -136,7 +149,7 @@ SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
|
||||||
(type "ext4"))
|
(type "ext4"))
|
||||||
(file-system
|
(file-system
|
||||||
(mount-point "/home")
|
(mount-point "/home")
|
||||||
(device (uuid "fb90a589-5eff-403f-bb1c-e4e6156c6ca6" 'ext4))
|
(device "/dev/mapper/luks-f0a72a6c-499b-4445-8d13-21dc99337752")
|
||||||
(type "ext4")
|
(type "ext4")
|
||||||
(dependencies mapped-devices))
|
(dependencies mapped-devices))
|
||||||
(file-system
|
(file-system
|
||||||
|
|
Loading…
Reference in New Issue