diff options
| author | Franz Geffke <m@f-a.nz> | 2025-03-06 10:32:07 +0000 |
|---|---|---|
| committer | Franz Geffke <m@f-a.nz> | 2025-03-06 10:32:07 +0000 |
| commit | e289445ea280a126ffafe34b18057adf9f2d7f10 (patch) | |
| tree | 583706982c1776ef4b138c784a4a307b9f31338b /px | |
| parent | 0e3cdae9dd10e4a30098d78c8f08d54ac6e3a3e9 (diff) | |
px: New system panther module with simplified system configuration
Diffstat (limited to 'px')
| -rw-r--r-- | px/system/panther.scm | 196 |
1 files changed, 196 insertions, 0 deletions
diff --git a/px/system/panther.scm b/px/system/panther.scm new file mode 100644 index 0000000..f85056b --- /dev/null +++ b/px/system/panther.scm @@ -0,0 +1,196 @@ +;; Simplified configuration for Panther OS + +(define-module (px system panther) + #:use-module (gnu) + #:use-module (gnu system) + #:use-module (gnu services) + #:use-module (gnu services base) + #:use-module (gnu packages package-management) + #:use-module (guix gexp) + #:use-module (guix channels) + + ;; bluetooth-service-type + #:use-module (gnu services desktop) + ;; pulseaudio-service-type + #:use-module (gnu services sound) + + ;; wpa-supplicant + #:use-module (gnu packages admin) + ;; blueman + #:use-module (gnu packages networking) + ;; libimobiledevice + #:use-module (gnu packages libusb) + ;; neovim + #:use-module (gnu packages vim) + ;; pam-u2f libu2f-host libu2f-server + #:use-module (gnu packages security-token) + + #:use-module (nongnu packages linux) + #:use-module (nongnu system linux-initrd) + + ;; nitro-key-udev-rule + #:use-module (px services security-token) + + #:export (%panther-base-services + %panther-desktop-services + %panther-desktop-services-minimal + %panther-base-packages + %panther-desktop-packages + + %panther-os + %panther-desktop-os)) + +(define %px-substitute-server-url + "https://packages.pantherx.org") + +(define %nonguix-substitute-server-url + "https://substitutes.nonguix.org") + +(define %px-substitute-server-key + (plain-file "packages.pantherx.org.pub" + "(public-key + (ecc + (curve Ed25519) + (q #E8322D13EA02C09F06CB70FDA2ABBFD5E463F2AA34C18C692F5E25858F4E315D#) + ) + ) +")) + +(define %nonguix-substitute-server-key + (plain-file "substitutes.nonguix.org.pub" + "(public-key + (ecc + (curve Ed25519) + (q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#) + ) + ) +")) + +(define %pantherx-default-channels + (append (list (channel + (name 'pantherx) + (branch "master") + (url "https://channels.pantherx.org/git/panther.git") + (introduction + (make-channel-introduction + "54b4056ac571611892c743b65f4c47dc298c49da" + (openpgp-fingerprint + "A36A D41E ECC7 A871 1003 5D24 524F EB1A 9D33 C9CB"))))) + %default-channels)) + +(define %panther-services-udev + (list (simple-service 'custom-udev-rules udev-service-type + (list libu2f-host)) + + ;; Adding plugdev group once should suffice + (udev-rules-service 'nitro %nitro-key-udev-rule #:groups '("plugdev")) + (udev-rules-service 'fido2 libfido2) + (udev-rules-service 'yubikey yubikey-personalization) + (udev-rules-service 'coinkite %coinkite-udev-rule))) + +;; +;; BASE +;; +(define %panther-base-services + (modify-services %base-services + (guix-service-type config => + (guix-configuration + (inherit config) + (guix (guix-for-channels %pantherx-default-channels)) + (authorized-keys + (cons* %px-substitute-server-key + %nonguix-substitute-server-key + %default-authorized-guix-keys)) + (substitute-urls + (cons* %px-substitute-server-url + %nonguix-substitute-server-url + %default-substitute-urls)) + (channels %pantherx-default-channels))))) + +(define %panther-base-packages + (cons* wpa-supplicant + libimobiledevice + neovim + %base-packages)) + +;; +;; DESKTOP +;; +(define %desktop-services-modified + (modify-services %desktop-services + (guix-service-type config => + (guix-configuration + (inherit config) + (guix (guix-for-channels %pantherx-default-channels)) + (authorized-keys + (cons* %px-substitute-server-key + %nonguix-substitute-server-key + %default-authorized-guix-keys)) + (substitute-urls + (cons* %px-substitute-server-url + %nonguix-substitute-server-url + %default-substitute-urls)) + (channels %pantherx-default-channels))))) + +(define %panther-desktop-services + (append %panther-services-udev + %desktop-services-modified)) + +(define %panther-desktop-services-minimal + (modify-services %panther-desktop-services + (delete login-service-type) + (delete agetty-service-type) + (delete mingetty-service-type) + (delete pulseaudio-service-type) + (delete alsa-service-type))) + +(define %panther-desktop-packages + (cons* wpa-supplicant + libimobiledevice + neovim + pam-u2f + libu2f-host + libu2f-server + blueman + %panther-base-packages)) + +;; +;; BASE OS +;; +(define %panther-os + (operating-system + (host-name "panther") + (timezone "Europe/Berlin") + (locale "en_US.UTF-8") + (kernel linux) + (firmware (list linux-firmware)) + + (bootloader (bootloader-configuration + (bootloader grub-bootloader) + (targets '("/dev/vda")))) + + (file-systems (cons (file-system + (device (file-system-label "my-root")) + (mount-point "/") + (type "ext4")) + %base-file-systems)) + + (users (cons (user-account + (name "panther") + (comment "Default account") + (group "users") + (password (crypt "pantherx" "$6$abc")) + (supplementary-groups '("wheel" "audio" "video"))) + %base-user-accounts)) + + (services %panther-base-services) + (packages %panther-base-packages))) + +;; +;; DESKTOP OS +;; +(define %panther-desktop-os + (operating-system + (inherit %panther-os) + (services %panther-desktop-services) + (packages %panther-desktop-packages))) |