;;; ;;; Configurations GNU Guix système ;;; ;;; Copyright (C) 2024 Adrien 'neox' Bourmault ;;; ;;; This is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; This is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with this. If not, see . ;;; Déclarations et importations ;; Indique quels modules importer pour accéder aux variables ;; utilisées dans cette configuration. (use-modules (gnu)) (use-modules (gnu packages freedesktop)) (use-modules (gnu packages cups)) (use-modules (gnu packages scanner)) (use-modules (srfi srfi-1)) (use-service-modules cups desktop networking ssh xorg virtualization vpn) ;; Configuration sudoer personnalisée (define %sudoers-specification (plain-file "sudoers" "\ root ALL=(ALL) ALL %wheel ALL=(ALL) NOPASSWD: ALL ")) ;; Configuration spice personnalisée ;; Permet le partage de périphériques USB via virt-manager (define %spice-rules (udev-rule "50-spice.rules" (string-append "\ SUBSYSTEM==\"usb\", GROUP=\"spice\", MODE=\"0660\" SUBSYSTEM==\"usb_device\", GROUP=\"spice\", MODE=\"0660\" "))) ;;; Configuration du système ;; C'est le point d'entrée de la configuration (operating-system (locale "fr_FR.utf8") (timezone "Europe/Paris") (keyboard-layout (keyboard-layout "fr" "oss")) (host-name "popol") ;; Application de la configuration sudoer personnalisée (définie plus haut) (sudoers-file %sudoers-specification) ;;; La liste des comptes utilisateurs (« root » est implicite). (users (cons* (user-account (name "jerome") (comment "Jérôme") (group "users") (home-directory "/home/jerome") ;; ajout de groupes pour virt-manager (supplementary-groups '("wheel" "netdev" "audio" "video" "libvirt" "kvm" "scanner" "spice"))) %base-user-accounts)) ;;; Paquets installés au niveau du système. ;; On installe notamment network-manager et son extension pour openvpn, ;; ou encore libvirt/virt-manager pour la virtualisation, et plein de paquets ;; utiles. (packages (append (specifications->packages (list "adb" "alsa-plugins" "alsa-utils" "ardour" "audacity" "bind:utils" "binutils" "blueman" "bmaptools" "cabextract" "claws-mail" "cmatrix" "cpupower" "cryptsetup" "curl" "cvs" "dconf-editor" "dino" "emacs" "endeavour" "evolution" "exfatprogs" "fastboot" "ffmpeg" "file" "flashrom" "flatpak" "font-awesome" "font-liberation" "font-openmoji" "gallery-dl" "gdb" "ghostscript" "ghostwriter" "gimp" "git" "git-lfs" "git:send-email" "glmark2" "gnome-bluetooth" "gnome-builder" "gnome-font-viewer" "gnome-maps" "gnome-power-manager" "gnome-shell-extension-appindicator" "gnome-shell-extension-blur-my-shell" "gnome-shell-extension-burn-my-windows" "gnome-shell-extension-dash-to-dock" "gnome-shell-extension-night-theme-switcher" "gnome-shell-extension-noannoyance" "gnome-shell-extension-vitals" "gnome-tweaks" "gnupg" "gnuplot" "gparted" "gpgme" "graphviz" "grub" "hexchat" "hplip" "htop" "hwloc" "icecat" "inetutils" "inkscape" "jack" "jp2a" "kcachegrind" "kgraphviewer" "libreoffice" "libtree" "libvirt" "lm-sensors" "lsof" "lvm2" "lynx" "make" "man-pages" "mdadm" "mediainfo" "megatools" "meld" "microcom" "minetest" "minicom" "minisat" "mpv" "mtr" "mumble" "nbd" "ncftp" "ndisc6" "neofetch" "nextcloud-client" "nitrocli" "nmap" "nss-certs" "ntfs-3g" "openssh" "openssl" "openvpn" "openvpn" "pandoc" "parted" "patchelf" "pavucontrol" "pkg-config" "poppler" "powertop" "profanity" "python" "python2" "python-logutils" "python-markdown" "python-paramiko" "qbittorrent" "qemu" "qjackctl" "qpdf" "recutils" "rsync" "rubber" "screen" "seahorse" "setxkbmap" "simplescreenrecorder" "sl" "speedtest-cli" "sqlitebrowser" "sshpass" "system-config-printer" "testdisk" "texlive" "texlive-biber" "texmaker" "tig" "tilix" "transmission" "tree" "uefitool" "ungoogled-chromium" "virt-manager" "vlc" "wine64" "xauth" "xdg-desktop-portal" "xdg-desktop-portal-gnome" "xdg-desktop-portal-gtk" "xdg-utils" "xdot" "xdotool" "xeyes" "xournalpp" "xrdp" "yt-dlp" "zstd")) %base-packages)) ;;; Services du système. ;; On en profite pour modifier le comportement par défaut de quelques services. (services (modify-services ;; Ajouts de services (append (list (service gnome-desktop-service-type) ;; Service d'impression (service cups-service-type (cups-configuration (web-interface? #t) (extensions (list cups-filters epson-inkjet-printer-escpr hplip-minimal)))) ;; Service du scanner (service sane-service-type) ;; Service KVM/Libvirt pour virt-manager (service libvirt-service-type) (service virtlog-service-type) ;; Application de la configuration spice personnalisée (définie plus haut) (udev-rules-service 'spice %spice-rules #:groups '("spice")) ;; Modification des limites mémoires pour les accès audio temps réel ;; (utile notamment pour Ardour) (service pam-limits-service-type (list (pam-limits-entry "@audio" 'both 'rtprio 99) (pam-limits-entry "@audio" 'both 'memlock 'unlimited))) ;; Service du client OpenVPN (pré-configuré pour FDN) (service openvpn-client-service-type (openvpn-client-configuration (remote (list (openvpn-remote-configuration (name "vpn.fdn.fr") (port 1194)) (openvpn-remote-configuration (name "vpn-rw.fdn.fr") (port 80)) (openvpn-remote-configuration (name "vpn-rw.fdn.fr") (port 53)))) (proto 'tcp) (fast-io? #t) (ca "/etc/openvpn/fdn.crt") (auth-user-pass "/etc/openvpn/fdn.creds"))) ;; Service Xorg (set-xorg-configuration (xorg-configuration (keyboard-layout keyboard-layout)))) ;; Services par défaut du système %desktop-services) ;; Modification de services par défaut ;; SANE (numérisation) (sane-service-type _ => sane-backends))) ;;; Chargeur de démarrage (GRUB) ;; On indique ici où il doit être installé et comment le configurer (bootloader (bootloader-configuration (bootloader grub-efi-bootloader) (targets (list "/boot/efi")) (keyboard-layout keyboard-layout))) ;;; Périphériques mappés ;; On configure notamment ici les partitions chiffrées (LUKS) (mapped-devices (list (mapped-device (source (uuid "CHANGE_THIS_UUID")) (target "ROOT") (type luks-device-mapping)))) ;;; Systèmes de fichiers qui seront « montés ». ;; Les identifiants de systèmes de fichiers uniques (« UUIDs ») ;; qui se trouvent ici s'obtiennent en exécutant « blkid » dans un terminal. (file-systems (cons* (file-system (mount-point "/boot/efi") (device "/dev/CHANGE_THIS_DISK") (type "vfat")) (file-system (mount-point "/") (device "/dev/mapper/ROOT") (type "ext4") (dependencies mapped-devices)) %base-file-systems)))