config.scm: full declarative config with fancontrol and software list
This commit is contained in:
parent
5088950feb
commit
ba7d07d9d7
566
config.scm
566
config.scm
|
@ -1,29 +1,72 @@
|
||||||
;; Ceci est une configuration de système d'exploitation générée par
|
;;;
|
||||||
;; l'installateur graphique.
|
;;; Configurations GNU Guix des ordinateurs de neox
|
||||||
;;
|
;;;
|
||||||
;; Une fois l'installation terminée, vous pouvez apprendre à modifier
|
;;; Copyright (C) 2023-2024 Adrien 'neox' Bourmault <neox@a-lec.org>
|
||||||
;; ce fichier pour ajuster la configuration du système et le passer à
|
;;;
|
||||||
;; la commande « guix system reconfigure » pour rendre vos changements
|
;;; This is free software; you can redistribute it and/or modify it
|
||||||
;; effectifs.
|
;;; under the terms of the GNU General Public License as published by
|
||||||
|
;;; the Free Software Foundation; either version 3 of the License, or (at
|
||||||
|
;;; your option) any later version.
|
||||||
|
;;;
|
||||||
|
;;; This is distributed in the hope that it will be useful, but
|
||||||
|
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
;;; GNU General Public License for more details.
|
||||||
|
;;;
|
||||||
|
;;; You should have received a copy of the GNU General Public License
|
||||||
|
;;; along with this. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
|
||||||
;; Indique quels modules importer pour accéder aux variables
|
;; Indique quels modules importer pour accéder aux variables
|
||||||
;; utilisées dans cette configuration.
|
;; utilisées dans cette configuration.
|
||||||
(use-modules (gnu))
|
(use-modules
|
||||||
(use-modules (srfi srfi-1))
|
(gnu)
|
||||||
(use-modules (gnu system setuid)
|
(gnu home)
|
||||||
(gnu packages cups)
|
(gnu home services shells)
|
||||||
(gnu packages admin)
|
(gnu home services gnupg)
|
||||||
(gnu services shepherd))
|
(gnu packages)
|
||||||
|
(gnu packages gnupg)
|
||||||
|
(gnu packages freedesktop)
|
||||||
|
(gnu packages cups)
|
||||||
|
(gnu services)
|
||||||
|
(gnu services shepherd)
|
||||||
|
(gnu system setuid)
|
||||||
|
(srfi srfi-1)
|
||||||
|
(guix gexp))
|
||||||
|
|
||||||
(use-service-modules cups
|
(use-service-modules
|
||||||
desktop
|
cups
|
||||||
networking
|
desktop
|
||||||
ssh
|
guix
|
||||||
xorg
|
networking
|
||||||
virtualization
|
ssh
|
||||||
vpn
|
xorg
|
||||||
security-token)
|
virtualization
|
||||||
|
vpn
|
||||||
|
pm
|
||||||
|
security-token)
|
||||||
|
|
||||||
|
;; Service custom fancontrol
|
||||||
|
(define (fancontrol-shepherd-service config)
|
||||||
|
(shepherd-service
|
||||||
|
(documentation "Run the fancontrol daemon (fancontrol-daemon)." )
|
||||||
|
(provision '(fancontrol))
|
||||||
|
(requirement '(udev user-processes))
|
||||||
|
(start #~(make-forkexec-constructor
|
||||||
|
(list #$(file-append (specification->package "lm-sensors") "/sbin/fancontrol")
|
||||||
|
#$config)
|
||||||
|
#:user "root" #:group "root"
|
||||||
|
#:log-file "/var/log/fancontrol.log"))
|
||||||
|
(stop #~(make-kill-destructor))))
|
||||||
|
|
||||||
|
(define fancontrol-service-type
|
||||||
|
(service-type
|
||||||
|
(name 'fancontrol)
|
||||||
|
(description
|
||||||
|
"Run fancontrol as a daemon.")
|
||||||
|
(extensions
|
||||||
|
(list (service-extension shepherd-root-service-type
|
||||||
|
(compose list fancontrol-shepherd-service))))))
|
||||||
|
|
||||||
;; Configuration sudoer personnalisée
|
;; Configuration sudoer personnalisée
|
||||||
(define %sudoers-specification
|
(define %sudoers-specification
|
||||||
|
@ -34,7 +77,6 @@ root ALL=(ALL) ALL
|
||||||
|
|
||||||
;; Configuration spice personnalisée
|
;; Configuration spice personnalisée
|
||||||
;; Permet le partage de périphériques USB via virt-manager
|
;; Permet le partage de périphériques USB via virt-manager
|
||||||
;; Permet l'utilisation d'une nitrokey
|
|
||||||
(define %spice-rules
|
(define %spice-rules
|
||||||
(udev-rule
|
(udev-rule
|
||||||
"41-spice-and-nitrokey.rules"
|
"41-spice-and-nitrokey.rules"
|
||||||
|
@ -62,26 +104,74 @@ LABEL=\"gnupg_rules_end\"
|
||||||
KERNEL==\"sd?1\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4109\", SYMLINK+=\"nitrospace\"
|
KERNEL==\"sd?1\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4109\", SYMLINK+=\"nitrospace\"
|
||||||
")))
|
")))
|
||||||
|
|
||||||
;; Définition du service de contrôle des ventilateurs
|
(define %bashrc_content
|
||||||
(define (fancontrol-shepherd-service cfg-path)
|
(plain-file "bashrc" "\
|
||||||
(shepherd-service
|
if [ -n \"$GUIX_ENVIRONMENT\" ]
|
||||||
(documentation "Run the fancontrol daemon (fancontrol-daemon)." )
|
then
|
||||||
(provision '(fancontrol))
|
PS1='\\[\\033[01;32m\\]\\u@\\h\\[\\033[00m\\]:\\[\\033[01;34m\\]\\w\\[\\033[00m\\] [env] \\$ '
|
||||||
(requirement '(udev user-processes))
|
else
|
||||||
(start #~(make-forkexec-constructor
|
PS1='\\[\\033[01;32m\\]\\u@\\h\\[\\033[00m\\]:\\[\\033[01;34m\\]\\w\\[\\033[00m\\]\\$ '
|
||||||
(list #$(file-append (specification->package "lm-sensors") "/sbin/fancontrol")
|
fi
|
||||||
#$cfg-path)
|
|
||||||
#:user "root" #:group "root"
|
guix() {
|
||||||
#:log-file "/var/log/fancontrol.log"))
|
if [[ \"$1\" == \"install\" ]]; then
|
||||||
(stop #~(make-kill-destructor))))
|
echo \"Tu es débile, ou bien ?\"
|
||||||
(define fancontrol-service-type
|
elif [[ \"$1\" == \"remove\" ]]; then
|
||||||
(service-type
|
echo \"Tu es débile, ou bien ?\"
|
||||||
(name 'fancontrol)
|
else
|
||||||
(description
|
command guix \"$@\"
|
||||||
"Run fancontrol as a daemon.")
|
fi
|
||||||
(extensions
|
}
|
||||||
(list (service-extension shepherd-root-service-type
|
|
||||||
(compose list fancontrol-shepherd-service))))))
|
if [[ ! -n \"$SSH_CLIENT\" ]]; then
|
||||||
|
unset SSH_AGENT_PID
|
||||||
|
if [ \"${gnupg_SSH_AUTH_SOCK_by:-0}\" -ne $$ ]; then
|
||||||
|
export SSH_AUTH_SOCK=\"$(gpgconf --list-dirs agent-ssh-socket)\"
|
||||||
|
fi
|
||||||
|
fi"))
|
||||||
|
|
||||||
|
(define %profile_content
|
||||||
|
(plain-file "profile" "\
|
||||||
|
if [[ ! -n \"$SSH_CLIENT\" ]]; then
|
||||||
|
unset SSH_AGENT_PID
|
||||||
|
if [ \"${gnupg_SSH_AUTH_SOCK_by:-0}\" -ne $$ ]; then
|
||||||
|
export SSH_AUTH_SOCK=\"$(gpgconf --list-dirs agent-ssh-socket)\"
|
||||||
|
fi
|
||||||
|
fi"))
|
||||||
|
|
||||||
|
(define %home_configuration
|
||||||
|
(home-environment
|
||||||
|
(services
|
||||||
|
(list
|
||||||
|
(service home-bash-service-type
|
||||||
|
(home-bash-configuration
|
||||||
|
(environment-variables
|
||||||
|
'(
|
||||||
|
("BSD_GAMES_DIR" . "~/.local/share/bsd-games")
|
||||||
|
("GCC_COLORS" . "'error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'")
|
||||||
|
("GUIX_PACKAGE_PATH" . "$HOME/.config/guix/packages/defs")
|
||||||
|
("XDG_DATA_DIRS" . "$XDG_DATA_DIRS:$HOME/.local/share/flatpak/exports/share:/var/lib/flatpak/exports/share")
|
||||||
|
("LV2_PATH" . "$HOME/.guix-profile/lib/lv2")))
|
||||||
|
(aliases
|
||||||
|
'(
|
||||||
|
("clear" . "printf '\\033c'")
|
||||||
|
("dir" . "dir --color=auto")
|
||||||
|
("egrep" . "grep -E --color=auto")
|
||||||
|
("fgrep" . "grep -F --color=auto")
|
||||||
|
("grep" . "grep --color=auto")
|
||||||
|
("la" . "ls -lthA -p --color=auto")
|
||||||
|
("ll" . "ls -lth -p --color=auto")
|
||||||
|
("ls" . "ls -p --color=auto")
|
||||||
|
("vdir" . "vdir --color=auto")))
|
||||||
|
(bashrc
|
||||||
|
(list
|
||||||
|
%bashrc_content))))
|
||||||
|
|
||||||
|
(service home-gpg-agent-service-type
|
||||||
|
(home-gpg-agent-configuration
|
||||||
|
(pinentry-program
|
||||||
|
(file-append pinentry-gnome3 "/bin/pinentry-gnome3"))
|
||||||
|
(ssh-support? #t)))))))
|
||||||
|
|
||||||
;; Configuration du système
|
;; Configuration du système
|
||||||
;; C'est le point d'entrée de la configuration
|
;; C'est le point d'entrée de la configuration
|
||||||
|
@ -93,21 +183,240 @@ KERNEL==\"sd?1\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4109\", SYMLINK
|
||||||
|
|
||||||
;; Application de la configuration sudoer personnalisée (définie plus haut)
|
;; Application de la configuration sudoer personnalisée (définie plus haut)
|
||||||
(kernel-arguments
|
(kernel-arguments
|
||||||
(list "nohz=on" "libata.force=noncq" "modprobe.blacklist=pcspkr,usbmouse,usbkbd" "iommu=pt" "nouveau.config=NvClkMode=15"))
|
(list
|
||||||
|
"nohz=on"
|
||||||
|
"modprobe.blacklist=pcspkr,usbmouse,usbkbd"
|
||||||
|
"iommu=pt"
|
||||||
|
"nouveau.config=NvClkMode=15"))
|
||||||
|
|
||||||
(initrd-modules (append (list "w83795" "vfio-pci" "vfio_iommu_type1" "dm-raid" "dm-cache" "dm-crypt") %base-initrd-modules))
|
(initrd-modules
|
||||||
|
(append
|
||||||
|
(list
|
||||||
|
"w83795"
|
||||||
|
"vfio-pci"
|
||||||
|
"vfio_iommu_type1"
|
||||||
|
"mpt3sas"
|
||||||
|
"dm-raid"
|
||||||
|
"dm-cache"
|
||||||
|
"dm-crypt")
|
||||||
|
%base-initrd-modules))
|
||||||
|
|
||||||
(sudoers-file %sudoers-specification)
|
(sudoers-file %sudoers-specification)
|
||||||
|
|
||||||
;; La liste des comptes utilisateurs (« root » est implicite).
|
;; La liste des comptes utilisateurs (« root » est implicite).
|
||||||
(users (cons* (user-account
|
(users
|
||||||
(name "neox")
|
(cons*
|
||||||
(comment "neox")
|
(user-account
|
||||||
(group "users")
|
(name "neox")
|
||||||
(home-directory "/home/neox")
|
(comment "neox")
|
||||||
(supplementary-groups '("users" "wheel" "netdev" "audio" "video" "libvirt" "kvm" "scanner" "spice" "cdrom" "lpadmin")))
|
(password (crypt "password" "$6$abc"))
|
||||||
%base-user-accounts))
|
(group "users")
|
||||||
|
(home-directory "/home/neox")
|
||||||
|
(supplementary-groups
|
||||||
|
'("wheel"
|
||||||
|
"netdev"
|
||||||
|
"audio"
|
||||||
|
"video"
|
||||||
|
"libvirt"
|
||||||
|
"kvm"
|
||||||
|
"scanner"
|
||||||
|
"spice"
|
||||||
|
"cdrom"
|
||||||
|
"lpadmin"
|
||||||
|
"lp")))
|
||||||
|
%base-user-accounts))
|
||||||
|
|
||||||
|
;; Quelques paquets installés au niveau du système.
|
||||||
|
;; On installe notamment network-manager et son extension pour openvpn,
|
||||||
|
;; ou encore libvirt/virt-manager pour la virtualisation
|
||||||
|
(packages
|
||||||
|
(append
|
||||||
|
(specifications->packages
|
||||||
|
(list
|
||||||
|
"adb"
|
||||||
|
"alsa-plugins"
|
||||||
|
"alsa-utils"
|
||||||
|
"ardour"
|
||||||
|
"audacity"
|
||||||
|
"bind:utils"
|
||||||
|
"binutils"
|
||||||
|
"blueman"
|
||||||
|
"cabextract"
|
||||||
|
"cdrdao"
|
||||||
|
"claws-mail"
|
||||||
|
"cmatrix"
|
||||||
|
"cpupower"
|
||||||
|
"cdrtools"
|
||||||
|
"cryptsetup"
|
||||||
|
"curl"
|
||||||
|
"cvs"
|
||||||
|
"dconf-editor"
|
||||||
|
"dino"
|
||||||
|
"emacs"
|
||||||
|
"endeavour"
|
||||||
|
"evolution"
|
||||||
|
"exfatprogs"
|
||||||
|
"fastboot"
|
||||||
|
;"ffmpeg"
|
||||||
|
"file"
|
||||||
|
"flashrom"
|
||||||
|
"flatpak"
|
||||||
|
"font-awesome"
|
||||||
|
"font-liberation"
|
||||||
|
"font-openmoji"
|
||||||
|
"gallery-dl"
|
||||||
|
"gdb"
|
||||||
|
"freehdl"
|
||||||
|
"ghostscript"
|
||||||
|
"ghostwriter"
|
||||||
|
"gimp"
|
||||||
|
"git"
|
||||||
|
"git-lfs"
|
||||||
|
"git:send-email"
|
||||||
|
"glmark2"
|
||||||
|
"gnome-bluetooth"
|
||||||
|
"gnome-builder"
|
||||||
|
"gnome-font-viewer"
|
||||||
|
"gnome-maps"
|
||||||
|
"gnome-power-manager"
|
||||||
|
"gnome-shell-extension-appindicator"
|
||||||
|
"gnome-shell-extension-blur-my-shell"
|
||||||
|
"gnome-shell-extension-burn-my-windows"
|
||||||
|
"gnome-shell-extension-dash-to-dock"
|
||||||
|
"gnome-shell-extension-night-theme-switcher"
|
||||||
|
"gnome-shell-extension-noannoyance"
|
||||||
|
"gnome-shell-extension-vitals"
|
||||||
|
"gnome-tweaks"
|
||||||
|
"gnupg"
|
||||||
|
"gnuplot"
|
||||||
|
"gparted"
|
||||||
|
"gpgme"
|
||||||
|
"graphviz"
|
||||||
|
"grub"
|
||||||
|
"hexchat"
|
||||||
|
"hplip"
|
||||||
|
"htop"
|
||||||
|
"hwloc"
|
||||||
|
"icecat"
|
||||||
|
"inetutils"
|
||||||
|
"inkscape"
|
||||||
|
"iptables"
|
||||||
|
"jack"
|
||||||
|
"jp2a"
|
||||||
|
"kajongg"
|
||||||
|
"kcachegrind"
|
||||||
|
"kgraphviewer"
|
||||||
|
"kicad"
|
||||||
|
"kicad-templates"
|
||||||
|
"kicad-symbols"
|
||||||
|
"kicad-packages3d"
|
||||||
|
"kicad-footprints"
|
||||||
|
"kicad-doc"
|
||||||
|
"translate2geda"
|
||||||
|
"ldns"
|
||||||
|
"libreoffice"
|
||||||
|
"libtree"
|
||||||
|
"libvirt"
|
||||||
|
"licensecheck"
|
||||||
|
"lm-sensors"
|
||||||
|
"lsof"
|
||||||
|
"lvm2"
|
||||||
|
"lynx"
|
||||||
|
"make"
|
||||||
|
"man-pages"
|
||||||
|
"mdadm"
|
||||||
|
"mediainfo"
|
||||||
|
"megatools"
|
||||||
|
"meld"
|
||||||
|
"microcom"
|
||||||
|
"minetest"
|
||||||
|
"minicom"
|
||||||
|
"minisat"
|
||||||
|
"mpv"
|
||||||
|
"mtr"
|
||||||
|
"mumble"
|
||||||
|
"nbd"
|
||||||
|
"ncftp"
|
||||||
|
"ndisc6"
|
||||||
|
"neofetch"
|
||||||
|
"network-manager"
|
||||||
|
"network-manager-openvpn"
|
||||||
|
"nextcloud-client"
|
||||||
|
"nitrocli"
|
||||||
|
"nmap"
|
||||||
|
"ntfs-3g"
|
||||||
|
"openssh"
|
||||||
|
"openssl"
|
||||||
|
"openvpn"
|
||||||
|
"pam-u2f"
|
||||||
|
"pandoc"
|
||||||
|
"parallel"
|
||||||
|
"parted"
|
||||||
|
"patchelf"
|
||||||
|
"pavucontrol"
|
||||||
|
"perl6-mime-base64"
|
||||||
|
"perl-mime-base64"
|
||||||
|
"perl-email-mime-encodings"
|
||||||
|
"pkg-config"
|
||||||
|
"poppler"
|
||||||
|
"powertop"
|
||||||
|
"profanity"
|
||||||
|
"progress"
|
||||||
|
"pv"
|
||||||
|
"python"
|
||||||
|
"python-wrapper"
|
||||||
|
"python-logutils"
|
||||||
|
"python-markdown"
|
||||||
|
"python-paramiko"
|
||||||
|
"qbittorrent"
|
||||||
|
"qemu"
|
||||||
|
"qjackctl"
|
||||||
|
"qpdf"
|
||||||
|
"recutils"
|
||||||
|
"rsync"
|
||||||
|
"rubber"
|
||||||
|
"ruby-pygmentize"
|
||||||
|
"screen"
|
||||||
|
"seahorse"
|
||||||
|
"setxkbmap"
|
||||||
|
"simplescreenrecorder"
|
||||||
|
"sl"
|
||||||
|
"speedtest-cli"
|
||||||
|
"sqlitebrowser"
|
||||||
|
"sshpass"
|
||||||
|
"system-config-printer"
|
||||||
|
"testdisk"
|
||||||
|
"texlive"
|
||||||
|
"texlive-biber"
|
||||||
|
"texmaker"
|
||||||
|
"thin-provisioning-tools"
|
||||||
|
"tig"
|
||||||
|
"tilix"
|
||||||
|
"transmission"
|
||||||
|
"tree"
|
||||||
|
"eudev"
|
||||||
|
"uefitool"
|
||||||
|
"ungoogled-chromium"
|
||||||
|
"virt-manager"
|
||||||
|
"vlc"
|
||||||
|
"wine64"
|
||||||
|
"python-woob"
|
||||||
|
"xauth"
|
||||||
|
;"xdg-desktop-portal"
|
||||||
|
"xdg-desktop-portal-gnome"
|
||||||
|
"xdg-desktop-portal-gtk"
|
||||||
|
"xdg-utils"
|
||||||
|
"xdot"
|
||||||
|
"xdotool"
|
||||||
|
"xeyes"
|
||||||
|
"xournalpp"
|
||||||
|
"xrdp"
|
||||||
|
"yt-dlp"
|
||||||
|
"zstd"))
|
||||||
|
%base-packages))
|
||||||
|
|
||||||
|
;; Quelques programmes auquels donner des accès spéciaux (setuid)
|
||||||
|
;; (en particulier, logiciels de gravure)
|
||||||
(setuid-programs
|
(setuid-programs
|
||||||
(append (list
|
(append (list
|
||||||
(setuid-program
|
(setuid-program
|
||||||
|
@ -120,76 +429,83 @@ KERNEL==\"sd?1\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4109\", SYMLINK
|
||||||
(program (file-append (specification->package "cdrdao") "/bin/cdrdao"))))
|
(program (file-append (specification->package "cdrdao") "/bin/cdrdao"))))
|
||||||
%setuid-programs))
|
%setuid-programs))
|
||||||
|
|
||||||
;; Quelques paquets installés au niveau du système.
|
|
||||||
;; On installe notamment network-manager et son extension pour openvpn,
|
|
||||||
;; ou encore libvirt/virt-manager pour la virtualisation
|
|
||||||
(packages (append (list (specification->package "qemu")
|
|
||||||
(specification->package "virt-manager")
|
|
||||||
(specification->package "libvirt")
|
|
||||||
(specification->package "lm-sensors")
|
|
||||||
(specification->package "lvm2")
|
|
||||||
(specification->package "mdadm")
|
|
||||||
(specification->package "network-manager")
|
|
||||||
(specification->package "network-manager-openvpn")
|
|
||||||
(specification->package "xf86-video-ati")
|
|
||||||
(specification->package "thin-provisioning-tools"))
|
|
||||||
%base-packages))
|
|
||||||
|
|
||||||
;; Services du système.
|
;; Services du système.
|
||||||
;; On en profite pour modifier le comportement par défaut de quelques services.
|
;; On en profite pour modifier le comportement par défaut de quelques services.
|
||||||
(services
|
(services
|
||||||
(modify-services (append (list
|
(modify-services
|
||||||
(service gnome-desktop-service-type)
|
(append
|
||||||
|
|
||||||
;; Service de contrôle des ventilateurs
|
|
||||||
(service fancontrol-service-type "/etc/fancontrol")
|
|
||||||
|
|
||||||
;; Service de gestion des clés de chiffrement physique
|
|
||||||
(service pcscd-service-type)
|
|
||||||
|
|
||||||
(service openssh-service-type
|
|
||||||
(openssh-configuration
|
|
||||||
(x11-forwarding? #t)
|
|
||||||
(permit-root-login 'prohibit-password)))
|
|
||||||
|
|
||||||
;; Service impression et scanner
|
|
||||||
(service cups-service-type
|
|
||||||
(cups-configuration
|
|
||||||
(web-interface? #t)
|
|
||||||
(extensions
|
|
||||||
(list cups-filters epson-inkjet-printer-escpr hplip-minimal))))
|
|
||||||
|
|
||||||
(service sane-service-type)
|
|
||||||
|
|
||||||
;; Service KVM/Libvirt pour virt-manager
|
|
||||||
(service libvirt-service-type)
|
|
||||||
(service virtlog-service-type)
|
|
||||||
|
|
||||||
;; Application de la configuration spice personnalisée (définie plus haut)
|
|
||||||
(udev-rules-service 'spice %spice-rules #:groups '("spice"))
|
|
||||||
|
|
||||||
;; Modification des limites mémoires pour les accès audio temps réel
|
|
||||||
;; (utile notamment pour Ardour)
|
|
||||||
(service pam-limits-service-type
|
|
||||||
(list
|
(list
|
||||||
(pam-limits-entry "@audio" 'both 'rtprio 99)
|
;; Service guix home (reconfiguration auto des profils)
|
||||||
(pam-limits-entry "@audio" 'both 'memlock 'unlimited)))
|
(service guix-home-service-type
|
||||||
|
`(("neox" ,%home_configuration)))
|
||||||
|
|
||||||
;; Configuration de l'environnement graphique (notamment clavier)
|
;; Service bluetooth
|
||||||
(set-xorg-configuration
|
(service bluetooth-service-type)
|
||||||
(xorg-configuration (keyboard-layout keyboard-layout))))
|
|
||||||
|
;; Service de contrôle des ventilateurs
|
||||||
|
(service fancontrol-service-type "/etc/fancontrol")
|
||||||
|
|
||||||
|
;; Service de gestion des clés de chiffrement physique
|
||||||
|
(service pcscd-service-type)
|
||||||
|
|
||||||
|
;; Service OpenSSH
|
||||||
|
(service openssh-service-type
|
||||||
|
(openssh-configuration
|
||||||
|
(x11-forwarding? #t)
|
||||||
|
(password-authentication? #f)
|
||||||
|
(permit-root-login 'prohibit-password)))
|
||||||
|
|
||||||
|
;; Service d'impression
|
||||||
|
(service cups-service-type
|
||||||
|
(cups-configuration
|
||||||
|
(web-interface? #f)
|
||||||
|
(extensions
|
||||||
|
(list cups-filters epson-inkjet-printer-escpr hplip-minimal))))
|
||||||
|
|
||||||
|
;; Service KVM/Libvirt pour virt-manager
|
||||||
|
(service libvirt-service-type)
|
||||||
|
(service virtlog-service-type)
|
||||||
|
|
||||||
|
;; Application de la configuration spice personnalisée (définie plus haut)
|
||||||
|
(udev-rules-service 'spice %spice-rules #:groups '("spice"))
|
||||||
|
|
||||||
|
;; Modification des limites mémoires pour les accès audio temps réel
|
||||||
|
;; (utile notamment pour Ardour)
|
||||||
|
(service pam-limits-service-type
|
||||||
|
(list
|
||||||
|
(pam-limits-entry "@audio" 'both 'rtprio 99)
|
||||||
|
(pam-limits-entry "@audio" 'both 'memlock 'unlimited)))
|
||||||
|
|
||||||
|
;; Service Gnome/GDM
|
||||||
|
(service gnome-desktop-service-type)
|
||||||
|
|
||||||
|
;; Configuration de l'environnement graphique (notamment clavier)
|
||||||
|
(set-xorg-configuration
|
||||||
|
(xorg-configuration (keyboard-layout keyboard-layout))))
|
||||||
|
|
||||||
|
;; Services par défaut du système
|
||||||
%desktop-services)
|
%desktop-services)
|
||||||
|
|
||||||
;; Configuration du service network-manager pour prendre en charge
|
;; Modification de services par défaut
|
||||||
;; OpenVPN
|
;; Configuration du service upower pour éviter la mise en veille lors
|
||||||
(network-manager-service-type config => (network-manager-configuration
|
;; de la fermeture de capot
|
||||||
(inherit config)
|
(upower-service-type config => (upower-configuration
|
||||||
(vpn-plugins
|
(inherit config)
|
||||||
(list (specification->package "network-manager-openvpn")))))
|
(ignore-lid? #t)))
|
||||||
|
|
||||||
(guix-service-type config => (guix-configuration
|
;; Configuration du service elogind pour éviter la mise en veille lors
|
||||||
(inherit config)
|
;; de la fermeture du capot
|
||||||
(extra-options '("--cores=10"))))))
|
(elogind-service-type config => (elogind-configuration
|
||||||
|
(inherit config)
|
||||||
|
(handle-lid-switch 'ignore)
|
||||||
|
(handle-lid-switch-external-power 'ignore)))
|
||||||
|
|
||||||
|
;; Configuration du service network-manager pour prendre en charge
|
||||||
|
;; OpenVPN
|
||||||
|
(network-manager-service-type config => (network-manager-configuration
|
||||||
|
(inherit config)
|
||||||
|
(vpn-plugins
|
||||||
|
(list (specification->package "network-manager-openvpn")))))))
|
||||||
|
|
||||||
;; Chargeur de démarrage (GRUB)
|
;; Chargeur de démarrage (GRUB)
|
||||||
;; On indique ici où il doit être installé et comment le configurer
|
;; On indique ici où il doit être installé et comment le configurer
|
||||||
|
@ -209,10 +525,17 @@ KERNEL==\"sd?1\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4109\", SYMLINK
|
||||||
(mapped-devices
|
(mapped-devices
|
||||||
(list
|
(list
|
||||||
(mapped-device
|
(mapped-device
|
||||||
(source "/dev/nvme0n1p3")
|
(source (uuid "ecac05ea-298a-4565-a054-dc8e5bf4a2f8"))
|
||||||
(target "luks-d1673001-bea6-4d19-8ed7-88e3643aac3e")
|
(target "luks-ecac05ea-298a-4565-a054-dc8e5bf4a2f8")
|
||||||
(type luks-device-mapping))))
|
(type luks-device-mapping))))
|
||||||
|
|
||||||
|
;; Specify a swap file for the system, which resides on the
|
||||||
|
;; root file system.
|
||||||
|
;(swap-devices
|
||||||
|
; (list
|
||||||
|
; (swap-space
|
||||||
|
; (target "/swapfile"))))
|
||||||
|
|
||||||
;; La liste des systèmes de fichiers montés au démarrage
|
;; La liste des systèmes de fichiers montés au démarrage
|
||||||
;; On configure ici le montage des partitions chiffrées et non chiffrées
|
;; On configure ici le montage des partitions chiffrées et non chiffrées
|
||||||
(file-systems
|
(file-systems
|
||||||
|
@ -223,7 +546,18 @@ KERNEL==\"sd?1\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4109\", SYMLINK
|
||||||
(type "ext4"))
|
(type "ext4"))
|
||||||
(file-system
|
(file-system
|
||||||
(mount-point "/home")
|
(mount-point "/home")
|
||||||
(device "/dev/mapper/luks-d1673001-bea6-4d19-8ed7-88e3643aac3e")
|
(device "/dev/mapper/luks-ecac05ea-298a-4565-a054-dc8e5bf4a2f8")
|
||||||
(type "ext4")
|
(type "ext4")
|
||||||
(dependencies mapped-devices))
|
(dependencies mapped-devices))
|
||||||
|
(file-system
|
||||||
|
(mount-point "/home/neox/.local/share/flatpak")
|
||||||
|
(device (uuid "6e27560f-62c7-434f-a278-45fd3aaf27ba" 'ext4))
|
||||||
|
(type "ext4")
|
||||||
|
(dependencies
|
||||||
|
(list
|
||||||
|
(file-system
|
||||||
|
(mount-point "/home")
|
||||||
|
(device "/dev/mapper/luks-ecac05ea-298a-4565-a054-dc8e5bf4a2f8")
|
||||||
|
(type "ext4")
|
||||||
|
(dependencies mapped-devices)))))
|
||||||
%base-file-systems)))
|
%base-file-systems)))
|
||||||
|
|
16
fancontrol
16
fancontrol
|
@ -1,11 +1,11 @@
|
||||||
# Configuration file generated by pwmconfig, changes will be lost
|
# Configuration file generated by pwmconfig, changes will be lost
|
||||||
INTERVAL=10
|
INTERVAL=10
|
||||||
DEVPATH=hwmon7=devices/pci0000:00/0000:00:14.0/i2c-1/1-002f
|
DEVPATH=hwmon11=devices/pci0000:00/0000:00:14.0/i2c-1/1-002f
|
||||||
DEVNAME=hwmon7=w83795g
|
DEVNAME=hwmon11=w83795g
|
||||||
FCTEMPS= hwmon7/device/pwm1=hwmon7/device/temp7_input
|
FCTEMPS= hwmon11/device/pwm1=hwmon11/device/temp7_input
|
||||||
FCFANS= hwmon7/device/pwm1=hwmon7/device/fan2_input+hwmon7/device/fan1_input
|
FCFANS= hwmon11/device/pwm1=hwmon11/device/fan2_input+hwmon11/device/fan1_input
|
||||||
MINTEMP= hwmon7/device/pwm1=20
|
MINTEMP= hwmon11/device/pwm1=20
|
||||||
MAXTEMP= hwmon7/device/pwm1=60
|
MAXTEMP= hwmon11/device/pwm1=60
|
||||||
MINSTART= hwmon7/device/pwm1=150
|
MINSTART= hwmon11/device/pwm1=150
|
||||||
MINSTOP= hwmon7/device/pwm1=0
|
MINSTOP= hwmon11/device/pwm1=0
|
||||||
AVERAGE=4
|
AVERAGE=4
|
||||||
|
|
Loading…
Reference in New Issue