correction gnome-builder

.gitignore

@@ -0,0 +1,52 @@
+.pwd.lock
+NetworkManager/
+asound.conf
+bashrc
+cups/
+dbus-1
+environment
+fstab
+group
+hostname
+hosts
+issue
+libvirt/
+localtime
+login.defs
+lvm/
+machine-id
+mtab
+nonguix-key.pub
+nsswitch.conf
+os-release
+pam.d
+passwd
+polkit-1
+printcap
+profile
+profile.d/
+protocols
+pulse
+resolv.conf
+resolv.conf.bak
+rottlog
+rpc
+security
+services
+shadow
+shells
+skel
+ssl
+static
+sudoers
+sysconfig/
+syslog.conf
+timezone
+udev
+*.sec
+ssh/ssh_host_*_key
+ssh/authorized_keys.d/
+guix/acl*
+bluetooth
+shadow*
+elogind/

config.scm

@@ -0,0 +1,778 @@
+;;;
+;;; Configurations GNU Guix des ordinateurs de neox
+;;;
+;;; Copyright (C) 2023-2024 Adrien 'neox' Bourmault <neox@a-lec.org>
+;;;
+;;; This is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; This is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with this.  If not, see <http://www.gnu.org/licenses/>.
+
+
+;; Indique quels modules importer pour accéder aux variables
+;; utilisées dans cette configuration.
+(use-modules
+  (gnu)
+  (gnu home)
+  (gnu home services gnupg)
+  (gnu home services shells)
+  (gnu packages)
+  (gnu packages autotools)
+  (gnu packages avahi)
+  (gnu packages backup)
+  (gnu packages base)
+  (gnu packages bash)
+  (gnu packages boost)
+  (gnu packages build-tools)
+  (gnu packages compression)
+  (gnu packages cdrom)
+  (gnu packages cups)
+  (gnu packages curl)
+  (gnu packages freedesktop)
+  (gnu packages freedesktop)
+  (gnu packages ftp)
+  (gnu packages gettext)
+  (gnu packages ghostscript)
+  (gnu packages glib)
+  (gnu packages gnome)
+  (gnu packages gnupg)
+  (gnu packages gtk)
+  (gnu packages image)
+  (gnu packages imagemagick)
+  (gnu packages libusb)
+  (gnu packages linux)
+  (gnu packages messaging)
+  (gnu packages pkg-config)
+  (gnu packages python)
+  (gnu packages package-management)
+  (gnu packages scanner)
+  (gnu packages textutils)
+  (gnu packages tls)
+  (gnu packages xml)
+  (gnu packages xorg)
+  (gnu services)
+  (gnu services shepherd)
+  (gnu system setuid)
+  (guix build-system gnu)
+  (guix gexp)
+  (guix git-download)
+  (guix download)
+  ((guix licenses) #:prefix license:)
+  (guix packages)
+  (guix utils)
+  (srfi srfi-1))
+
+(use-service-modules
+  cups
+  desktop
+  guix
+  networking
+  ssh
+  xorg
+  virtualization
+  vpn
+  pm
+  security-token)
+
+
+;; Paquet Gnome Builder personnalisé
+(define-public gnome-builder-custom
+  (package
+    (inherit gnome-builder)
+    (name "gnome-builder-custom")
+    (native-inputs
+     (list 
+           curl
+           dconf                        ;for flatpak
+           desktop-file-utils           ;for desktop-file-validate
+           `(,glib "bin")
+           gettext-minimal
+           gi-docgen
+           gpgme
+           libarchive
+           libseccomp
+           pkg-config
+           python                       ;for meson scripts
+           vala
+           xorg-server-for-tests))))
+
+;; Service custom fancontrol
+(define (fancontrol-shepherd-service config)
+  (shepherd-service
+   (documentation "Run the fancontrol daemon (fancontrol-daemon)." )
+   (provision '(fancontrol))
+   (requirement '(udev user-processes))
+   (start #~(make-forkexec-constructor
+             (list #$(file-append lm-sensors "/sbin/fancontrol")
+                   #$config)
+             #:user "root" #:group "root"
+             #:log-file "/var/log/fancontrol.log"))
+   (stop #~(make-kill-destructor))))
+
+(define fancontrol-service-type
+  (service-type
+   (name 'fancontrol)
+   (description
+    "Run fancontrol as a daemon.")
+   (extensions
+    (list (service-extension shepherd-root-service-type
+            (compose list fancontrol-shepherd-service))))))
+
+;; Outils GNU Boot
+(define gnuboot-version "0.1-rc4")
+(define gnuboot-source
+  (origin
+   (method url-fetch)
+   (uri (string-append "mirror://gnu/gnuboot/gnuboot-" gnuboot-version
+                       "/gnuboot-" gnuboot-version "_src.tar.xz"))
+   (sha256
+    (base32
+     "0nc0qjbrnxvs20g36irj11prmrmyk8d8f256xiyxcarnxc0sigfw"))))
+
+(define
+  (make-gnuboot-utils-package
+   name
+   source
+   version
+   synopsis
+   description)
+  (package
+   (name name)
+   (version version)
+   (source source)
+   (build-system gnu-build-system)
+   (arguments
+    (list
+     #:tests? #f
+     #:make-flags
+     #~(list
+        (string-append "CC=" #$(cc-for-target))
+        (string-append "DESTDIR=" #$output)
+        "INSTALL=install"
+        "PREFIX=/")
+     #:phases
+     #~(modify-phases
+        %standard-phases
+        (delete 'configure)
+        (add-after
+         'unpack 'enter-source
+         (lambda _
+           (chdir (string-append "coreboot/default/util/" #$name)))))))
+   (synopsis synopsis)
+   (description description)
+   (home-page "https://www.gnu.org/software/gnuboot")
+   (license license:gpl2)))
+
+(define cbfstool
+  (make-gnuboot-utils-package
+   "cbfstool"
+   gnuboot-source
+   gnuboot-version
+   "Tool to manipulate Coreboot image files"
+   "This package provides @command{cbfstool}, a program that can
+add a wide variety of files (bootblock, stage, payload, configuration
+files, etc) to Coreboot File System (CBFS) images.  It supports
+original CBFS images as well as images in the newer FMAP format.  It
+also supports compressing files when requested."))
+
+(define ifdtool
+  (make-gnuboot-utils-package
+   "ifdtool"
+   gnuboot-source
+   gnuboot-version
+   ""
+   ""))
+
+(define nvramtool
+  (make-gnuboot-utils-package
+   "nvramtool"
+   gnuboot-source
+   gnuboot-version
+   ""
+   ""))
+
+(define gnupload
+  (package
+    (name "gnupload")
+    (version (package-version gnulib))
+    (source (package-source gnulib))
+    (arguments
+     (list #:tests? #f
+	   #:phases
+           #~(modify-phases
+              %standard-phases
+              (add-after 'unpack 'chdir
+			 (lambda _ (chdir "build-aux")))
+              (delete 'bootstrap)
+              (delete 'configure)
+              (delete 'build)
+              (replace
+               'install
+               (lambda _
+                 (install-file
+                  "gnupload"
+                  (string-append #$output "/bin/")))))))
+    (build-system gnu-build-system)
+    (inputs (list
+	     bash      ;; case esac break read eval shift exit
+	     coreutils ;; echo test shift rm cat
+	     gnupg     ;; gpg gpg-agent
+	     grep      ;; grep
+	     ncftp     ;; ncftpput
+	     sed))     ;; sed
+    (synopsis "")
+    (description "")
+    (home-page "")
+    (license license:gpl2+)))
+
+;; Configuration sudoer personnalisée
+(define %sudoers-specification
+  (plain-file "sudoers" "\
+root ALL=(ALL) ALL
+%wheel ALL=(ALL) NOPASSWD: ALL
+"))
+
+;; Configuration spice personnalisée
+;; Permet le partage de périphériques USB via virt-manager
+(define %spice-rules
+  (udev-rule
+    "41-spice-and-nitrokey.rules"
+    (string-append "\
+SUBSYSTEM==\"usb\", GROUP=\"spice\", MODE=\"0660\"
+SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\"
+ACTION!=\"add|change\", GOTO=\"u2f_end\"
+KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"2581\", ATTRS{idProduct}==\"f1d0\", TAG+=\"uaccess\"
+KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4287\", TAG+=\"uaccess\"
+KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42b1\", TAG+=\"uaccess\"
+KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42b2\", TAG+=\"uaccess\"
+KERNEL==\"hidraw*\", SUBSYSTEM==\"hidraw\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42dd\", TAG+=\"uaccess\"
+ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42e8\", TAG+=\"uaccess\"
+LABEL=\"u2f_end\"
+SUBSYSTEM!=\"usb\", GOTO=\"gnupg_rules_end\"
+ACTION!=\"add\", GOTO=\"gnupg_rules_end\"
+ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4107\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
+ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4108\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
+ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"42b4\", TAG+=\"uaccess\"
+ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4109\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
+ATTR{idVendor}==\"03eb\", ATTR{idProduct}==\"2ff1\", TAG+=\"uaccess\"
+ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4211\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
+ATTR{idVendor}==\"20a0\", ATTR{idProduct}==\"4230\", ENV{ID_SMARTCARD_READER}=\"1\", ENV{ID_SMARTCARD_READER_DRIVER}=\"gnupg\", TAG+=\"uaccess\"
+LABEL=\"gnupg_rules_end\"
+KERNEL==\"sd?1\", ATTRS{idVendor}==\"20a0\", ATTRS{idProduct}==\"4109\", SYMLINK+=\"nitrospace\"
+")))
+
+(define %bashrc_content
+  (plain-file "bashrc" "\
+if [ -n \"$GUIX_ENVIRONMENT\" ]
+then
+    PS1='\\[\\033[01;32m\\]\\u@\\h\\[\\033[00m\\]:\\[\\033[01;34m\\]\\w\\[\\033[00m\\] [env] \\$ '
+else
+    PS1='\\[\\033[01;32m\\]\\u@\\h\\[\\033[00m\\]:\\[\\033[01;34m\\]\\w\\[\\033[00m\\]\\$ '
+fi
+
+guix() {
+  if [[ \"$1\" == \"install\" ]]; then
+    echo \"Tu es débile, ou bien ?\"
+  elif [[ \"$1\" == \"remove\" ]]; then
+    echo \"Tu es débile, ou bien ?\"
+  else
+    command guix \"$@\"
+  fi
+}
+
+PATH=\"$PATH:/home/neox/.local/bin\"
+
+if [[ ! -n \"$SSH_CLIENT\" ]]; then
+	unset SSH_AGENT_PID
+	if [ \"${gnupg_SSH_AUTH_SOCK_by:-0}\" -ne $$ ]; then
+		export SSH_AUTH_SOCK=\"$(gpgconf --list-dirs agent-ssh-socket)\"
+	fi
+fi"))
+
+(define %profile_content
+  (plain-file "profile" "\
+if [[ ! -n \"$SSH_CLIENT\" ]]; then
+        unset SSH_AGENT_PID
+        if [ \"${gnupg_SSH_AUTH_SOCK_by:-0}\" -ne $$ ]; then
+                export SSH_AUTH_SOCK=\"$(gpgconf --list-dirs agent-ssh-socket)\"
+        fi
+fi"))
+
+(define %home_configuration
+  (home-environment
+    (services
+      (list
+        (service home-bash-service-type
+          (home-bash-configuration
+            (environment-variables
+              '(
+                ("BSD_GAMES_DIR" . "~/.local/share/bsd-games")
+                ("PATH" . "$PATH:/home/neox/.local/bin")
+                ("GCC_COLORS" . "'error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'")
+                ("GUIX_PACKAGE_PATH" . "$HOME/.config/guix/packages/defs")
+                ("XDG_DATA_DIRS" . "$XDG_DATA_DIRS:$HOME/.local/share/flatpak/exports/share:/var/lib/flatpak/exports/share")
+                ("LV2_PATH" . "/run/current-system/profile/lib/lv2")))
+            (aliases 
+              '(
+                ("clear" . "printf '\\033c'")
+                ("dir" . "dir --color=auto")
+                ("egrep" . "grep -E --color=auto")  
+                ("fgrep" . "grep -F --color=auto")
+                ("grep" . "grep --color=auto")
+                ("la" . "ls -lthA -p --color=auto")
+                ("ll" . "ls -lth -p --color=auto")
+                ("ls" . "ls -p --color=auto")
+                ("vdir" . "vdir --color=auto")))
+            (bashrc
+              (list
+                %bashrc_content))))
+        
+        (service home-gpg-agent-service-type
+          (home-gpg-agent-configuration
+            (pinentry-program
+              (file-append pinentry-gnome3 "/bin/pinentry-gnome3"))
+            (ssh-support? #t)))))))
+
+;; Configuration du système
+;; C'est le point d'entrée de la configuration
+(operating-system
+  (locale "fr_FR.utf8")
+  (timezone "Europe/Paris")
+  (keyboard-layout (keyboard-layout "fr" "oss"))
+  (host-name "n-guix-fix")
+
+  ;; Application de la configuration sudoer personnalisée (définie plus haut)
+  (kernel-arguments
+    (list
+      ;"console=ttyS0,1152008n1"
+      "nohz=on"
+      "modprobe.blacklist=pcspkr,usbmouse,usbkbd"
+      "iommu=pt" 
+      "nouveau.config=NvClkMode=15"))
+
+  (initrd-modules
+    (append
+      (list 
+        "w83795"
+        "vfio-pci"
+        "vfio_iommu_type1"
+        "mpt3sas"
+        "dm-raid"
+        "dm-cache"
+        "dm-crypt")
+      %base-initrd-modules))
+
+  (sudoers-file %sudoers-specification)
+
+  ;; La liste des comptes utilisateurs (« root » est implicite).
+  (users
+    (cons*
+      (user-account
+        (name "offload")
+        (comment "guix offload account")
+        (group "users")
+        (system? #t))
+      (user-account
+        (name "neox")
+        (comment "neox")
+        (password (crypt "password" "$6$abc"))
+        (group "users")
+        (home-directory "/home/neox")
+        (supplementary-groups
+          '("wheel"
+            "netdev"
+            "audio"
+            "dialout"
+            "video"
+            "libvirt"
+            "kvm"
+            "scanner"
+            "spice"
+            "cdrom"
+            "lpadmin"
+            "lp")))
+      %base-user-accounts))
+
+  ;; Quelques paquets installés au niveau du système.
+  ;; On installe notamment network-manager et son extension pour openvpn, 
+  ;; ou encore libvirt/virt-manager pour la virtualisation
+  (packages
+    (append
+      (specifications->packages
+        (list
+          "adb"
+          "alsa-plugins"
+          "alsa-utils"
+          "ardour"
+          "audacity"
+          "bind:utils"
+          "binutils"
+          "cabextract"
+          "calf"
+          "cdrdao"
+          "cdrtools"
+          "claws-mail"
+          "cmatrix"
+          "cpupower"
+          "cryptsetup"
+          "curl"
+          "cvs"
+          "dconf-editor"
+          "dino"
+          "emacs-no-x"
+          "endeavour"
+          "eudev"
+          "evolution"
+          "exfatprogs"
+          "fastboot"
+          ;"ffmpeg"
+          "file"
+          "flashrom"
+          "flatpak"
+          "font-awesome"
+          "font-liberation"
+          "font-openmoji"
+          "freehdl"
+          "gallery-dl"
+          "gdb"
+          "ghex"
+          "ghostscript"
+          "ghostwriter"
+          "gimp"
+          "git"
+          "git-lfs"
+          "git:send-email"
+          "glmark2"
+          ;"gnome-bluetooth"
+          ;"gnome-builder"
+          "gnome-font-viewer"
+          "gnome-maps"
+          "gnome-power-manager"
+          "gnome-shell-extension-appindicator"
+          "gnome-shell-extension-blur-my-shell"
+          "gnome-shell-extension-burn-my-windows"
+          "gnome-shell-extension-dash-to-dock"
+          "gnome-shell-extension-night-theme-switcher"
+          "gnome-shell-extension-noannoyance"
+          "gnome-shell-extension-vitals"
+          "gnome-tweaks"
+          "gnunet"
+          "gnunet-gtk"
+          "gnupg"
+          "gnuplot"
+          "gparted"
+          "gpgme"
+          "graphviz"
+          "grub"
+          "hexchat"
+          "hplip"
+          "htop"
+          "hwloc"
+          "icecat"
+          "inetutils"
+          "inkscape"
+          "iptables"
+          "jack"
+          "jp2a"
+          "kajongg"
+          "kcachegrind"
+          "kexec-tools"
+          "kgraphviewer"
+          "kicad"
+          "kicad-doc"
+          "kicad-footprints"
+          "kicad-packages3d"
+          "kicad-symbols"
+          "kicad-templates"
+          "ldns"
+          "libreoffice"
+          "libtree"
+          "libvirt"
+          "licensecheck"
+          "lm-sensors"
+          "lsof"
+          "lvm2"
+          "lynx"
+          "make"
+          "man-pages"
+          "mdadm"
+          "mediainfo"
+          "megatools"
+          "meld"
+          "microcom"
+          "minetest"
+          "minicom"
+          "minisat"
+          "mpv"
+          "mtr"
+          "mumble"
+          "nbd"
+          "ncftp"
+          "ndisc6"
+          "neofetch"
+          "network-manager"
+          "network-manager-openvpn"
+          "nextcloud-client"
+          "nitrocli"
+          "nmap"
+          "ntfs-3g"
+          "openssh"
+          "openssl"
+          "openvpn"
+          "pam-u2f"
+          "pandoc"
+          "parallel"
+          "parted"
+          "patchelf"
+          "pavucontrol"
+          "perl6-mime-base64"
+          "perl-email-mime-encodings"
+          "perl-mime-base64"
+          "pkg-config"
+          "poppler"
+          "powertop"
+          "profanity"
+          "progress"
+          "pv"
+          "python"
+          "python-logutils"
+          "python-markdown"
+          "python-paramiko"
+          "python-virtualenv"
+          ;"python-woob"
+          "python-wrapper"
+          "qbittorrent"
+          "qemu"
+          "qjackctl"
+          "qpdf"
+          "recutils"
+          "rsync"
+          "rubber"
+          "ruby-pygmentize"
+          "screen"
+          "seahorse"
+          "setxkbmap"
+          "simplescreenrecorder"
+          "sl"
+          ;"speed-dreams"
+          "speedtest-cli"
+          "sqlitebrowser"
+          "sshpass"
+          "system-config-printer"
+          "testdisk"
+          "texlive"
+          "texlive-biber"
+          "texmaker"
+          "texstudio"
+          "thin-provisioning-tools"
+          "tig"
+          "tilix"
+          "tor"
+          "torbrowser"
+          "translate2geda"
+          "transmission"
+          "tree"
+          "uefitool"
+          "ungoogled-chromium"
+          "virt-manager"
+          "vlc"
+          "wine64"
+          "xauth"
+          ;"xdg-desktop-portal"
+          "xdg-desktop-portal-gnome"
+          "xdg-desktop-portal-gtk"
+          "xdg-utils"
+          "xdot"
+          "xdotool"
+          "xeyes"
+          "xournalpp"
+          "xrdp"
+          "yt-dlp"))
+	
+      (list
+        cbfstool
+        gnupload
+        gnome-builder-custom
+        nvramtool)
+
+      %base-packages))
+
+
+  ;; Quelques programmes auquels donner des accès spéciaux (setuid)
+  ;; (en particulier, logiciels de gravure)
+  (setuid-programs
+    (append (list
+              (setuid-program
+                (program (file-append cdrtools "/bin/cdrecord")))
+              (setuid-program
+                (program (file-append cdrtools "/bin/readcd")))
+              (setuid-program
+                (program (file-append cdrtools "/bin/mkisofs")))
+              (setuid-program
+                (program (file-append cdrdao "/bin/cdrdao"))))       
+            %setuid-programs))
+
+  ;; Services du système.
+  ;; On en profite pour modifier le comportement par défaut de quelques services.
+  (services
+    (modify-services 
+      (append 
+        (list
+          ;; Service guix home (reconfiguration auto des profils)
+          (service guix-home-service-type
+            `(("neox" ,%home_configuration)))
+
+          ;; Service bluetooth
+          ;;(service bluetooth-service-type)
+
+          ;; Service de contrôle des ventilateurs
+          (service fancontrol-service-type "/etc/fancontrol")
+
+          ;; Service de gestion des clés de chiffrement physique
+          (service pcscd-service-type)
+
+          ;; Service OpenSSH
+          (service openssh-service-type
+            (openssh-configuration
+              (authorized-keys
+                `(("neox" ,(local-file "/etc/ssh/ssh_neox_ed25519_key.pub"))
+                  ("offload" ,(local-file "/etc/ssh/ssh_n-t400s_ed25519_key.pub") ,(local-file "/etc/ssh/ssh_libre-warmachine_ed25519_key.pub"))))
+              (x11-forwarding? #t)
+              (password-authentication? #f)
+              (permit-root-login 'prohibit-password)))
+          ;; Service Tor
+          (service tor-service-type)
+       
+          ;; Service d'impression
+          (service cups-service-type
+            (cups-configuration
+              (web-interface? #f)
+              (extensions
+                (list cups-filters epson-inkjet-printer-escpr hplip-minimal))))
+
+          ;; Service KVM/Libvirt pour virt-manager
+          (service libvirt-service-type)
+          (service virtlog-service-type)
+
+          ;; Application de la configuration spice personnalisée (définie plus haut)
+          (udev-rules-service 'spice %spice-rules #:groups '("spice"))
+
+          ;; Modification des limites mémoires pour les accès audio temps réel
+          ;; (utile notamment pour Ardour)
+          (service pam-limits-service-type
+            (list
+              (pam-limits-entry "@audio" 'both 'rtprio 99)
+              (pam-limits-entry "@audio" 'both 'memlock 'unlimited)))
+
+          ;; Service Gnome/GDM
+          (service gnome-desktop-service-type)
+
+          ;; Configuration de Guix publish
+          (service guix-publish-service-type
+            (guix-publish-configuration
+              (host "0.0.0.0")
+              (advertise? #t)
+              (cache "/var/cache/guix/publish")))
+
+          ;; Configuration de l'environnement graphique (notamment clavier)
+          (set-xorg-configuration
+            (xorg-configuration (keyboard-layout keyboard-layout))))
+        
+        ;; Services par défaut du système
+        %desktop-services)
+  
+      ;; Modification de services par défaut
+        ;; Configuration du service upower pour éviter la mise en veille lors
+        ;; de la fermeture de capot
+        (upower-service-type config => (upower-configuration
+          (inherit config)
+          (ignore-lid? #t)))
+
+        ;; Configuration du service elogind pour éviter la mise en veille lors
+        ;; de la fermeture du capot
+        (elogind-service-type config => (elogind-configuration
+          (inherit config)
+          (handle-lid-switch 'ignore)
+          (handle-lid-switch-external-power 'ignore)))
+
+        ;; Configuration du service Guix
+        (guix-service-type config => (guix-configuration
+          (inherit config)
+          (authorize-key? #t)
+          (authorized-keys
+            (append
+              (list
+                (local-file "/etc/guix/libre-warmachine.pub")
+                (local-file "/etc/guix/n-t400s.pub"))
+              %default-authorized-guix-keys))
+          (extra-options '("--gc-keep-derivations=yes" "--gc-keep-output=yes"))))
+
+        ;; Configuration du service network-manager pour prendre en charge
+        ;; OpenVPN
+        (network-manager-service-type config => (network-manager-configuration 
+          (inherit config)
+          (vpn-plugins
+            (list network-manager-openvpn))))))
+
+  ;; Chargeur de démarrage (GRUB)
+  ;; On indique ici où il doit être installé et comment le configurer
+  (bootloader
+    (bootloader-configuration
+      (bootloader grub-bootloader)
+      (targets (list "/dev/nvme0n1"))
+      (terminal-outputs '(console))
+      (keyboard-layout keyboard-layout)
+      (theme
+        (grub-theme
+          (inherit (grub-theme))
+          (gfxmode '("640x480-24"))))))
+  
+  ;; Périphériques mappés
+  ;; On configure notamment ici les partitions chiffrées (LUKS)
+  (mapped-devices
+   (list
+    (mapped-device
+      (source (uuid "ecac05ea-298a-4565-a054-dc8e5bf4a2f8"))
+      (target "luks-ecac05ea-298a-4565-a054-dc8e5bf4a2f8")
+      (type luks-device-mapping))))
+
+  ;; Specify a swap file for the system, which resides on the
+  ;; root file system.
+  ;(swap-devices 
+  ;  (list
+  ;    (swap-space
+  ;      (target "/swapfile"))))
+
+  ;; La liste des systèmes de fichiers montés au démarrage
+  ;; On configure ici le montage des partitions chiffrées et non chiffrées
+  (file-systems
+    (cons*
+      (file-system
+        (mount-point "/")
+        (device (uuid "2e44f3f7-bb6b-43ac-933a-e8992bf10d29" 'ext4))
+        (type "ext4"))
+      (file-system
+        (mount-point "/home")
+        (device "/dev/mapper/luks-ecac05ea-298a-4565-a054-dc8e5bf4a2f8")
+        (type "ext4")
+        (dependencies mapped-devices))
+      (file-system
+        (mount-point "/home/neox/.local/share/flatpak")
+        (device (uuid "6e27560f-62c7-434f-a278-45fd3aaf27ba" 'ext4))
+        (type "ext4")
+        (dependencies
+          (list
+            (file-system
+              (mount-point "/home")
+              (device "/dev/mapper/luks-ecac05ea-298a-4565-a054-dc8e5bf4a2f8")
+              (type "ext4")
+              (dependencies mapped-devices)))))
+     %base-file-systems)))

fancontrol

@@ -0,0 +1,11 @@
+# Configuration file generated by pwmconfig, changes will be lost
+INTERVAL=10
+DEVPATH=hwmon11=devices/pci0000:00/0000:00:14.0/i2c-1/1-002f
+DEVNAME=hwmon11=w83795g
+FCTEMPS= hwmon11/device/pwm1=hwmon11/device/temp7_input
+FCFANS= hwmon11/device/pwm1=hwmon11/device/fan2_input+hwmon11/device/fan1_input
+MINTEMP= hwmon11/device/pwm1=20
+MAXTEMP= hwmon11/device/pwm1=60
+MINSTART= hwmon11/device/pwm1=150
+MINSTOP= hwmon11/device/pwm1=0
+AVERAGE=4

guix/libre-warmachine.pub

@@ -0,0 +1,4 @@
+(public-key 
+  (ecc 
+   (curve Ed25519)
+   (q #7F8EB1AE40F138A9DF5F61C57CC4E33F4F1E42244CE71D855806CDE06113A245#)))

guix/n-t400s.pub

@@ -0,0 +1,4 @@
+(public-key 
+  (ecc 
+   (curve Ed25519)
+   (q #7F8EB1AE40F138A9DF5F61C57CC4E33F4F1E42244CE71D855806CDE06113A245#)))

guix/signing-key.pub

@@ -0,0 +1,6 @@
+(public-key 
+ (ecc 
+  (curve Ed25519)
+  (q #8E46170F0B43CC3C0AD67F162CB1707246D18F322C3EA040898FBB15F2A18963#)
+  )
+ )

ssh/ssh_host_ecdsa_key.pub

@@ -0,0 +1 @@
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDcoUEi/0n73KeDWFYKwTM3UVSnCEhNFAPdTWgDRwiqkpwtMn04AsXyzxEGMdNlBTWBBsw58ZzVSeSBVh/gq9zI= root@n-guix-fix

ssh/ssh_host_ed25519_key.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyGPO723z8cE1PHKTbxqQUMalvmYrXeF88hwoS/SuRI root@n-guix-fix

ssh/ssh_host_rsa_key.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDJgG3TWIl2J8BVkhLmca1t4YOC2YmdYDeplq+zni2v/gOdrfNxjORNFlc8qwL1mGkUEvOppU1xH00NQgM4G0wI6a8fS5Cc5x6zWz837qlKy0sl523Y3/e3fZFgJqySZPH1byUYo7XL9dok7yLDluBJ0LxYMidAQBtLLT7RPTahTP9Fy36d2xAaZMmZscKt4etOwxgQ1jsJQnqJU88lQpS/Wb+nLG6p4ukOW9kjKusyqT17XNxXvNlw4K+++OsZXNSx0/FFUG21QPrn/mzbeyNFF/WgeN/DolTsKgeRxmf4DNdZzVctzAnbyZ34VuK3MNQMWTPyE9H225Kkg3bCwLvK6nPgRw8IB3jVrGIl41Tgar3MrtGkf8RKREOya1nidwIAGvMqOia3YZy38AiR9wVyRQhFUtC+rXoGoyWaFyu4Obb5jWwDyY5r3BlIdBikH52PdvHioaQHhkb/5VDAgxxNE6a5qXolG+6Os6Nudjez6KwAK07E1bEth3MaLfiFkGU= root@n-guix-fix

ssh/ssh_libre-warmachine_ed25519_key.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPhNNT9tFGTTGQ9e+L5u1gJiPpiivE04r8iQ4zapXpSU root@(none)

ssh/ssh_n-t400s_ed25519_key.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPhNNT9tFGTTGQ9e+L5u1gJiPpiivE04r8iQ4zapXpSU root@(none)

ssh/ssh_neox_ed25519_key.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZQd7U/DRPK5/qk35dzeG5dpnS/0FesbRrgZTSMHEsv openpgp:0x18D3885F