;; This is an operating system configuration template ;; for a "desktop" setup with GNOME and Xfce where the ;; root partition is encrypted with LUKS. (use-modules (gnu) (gnu packages) (gnu packages cups) (gnu packages audio) (gnu packages xorg) (gnu services pm) (gnu services sound) (gnu services networking) (gnu system nss)) (use-service-modules desktop xorg ssh avahi mcron nfs cups) (use-package-modules certs gnome) (operating-system (host-name "*****") (timezone "Europe/Warsaw") (locale "pl_PL.utf8") (keyboard-layout (keyboard-layout "pl")) ;; Use the UEFI variant of GRUB with the EFI System ;; Partition mounted on /boot/efi. (bootloader (bootloader-configuration (bootloader grub-efi-bootloader) (target "/boot/efi"))) ;; Specify a mapped device for the encrypted root partition. ;; The UUID is that returned by 'cryptsetup luksUUID'. (mapped-devices (list (mapped-device (source (uuid "f45c2a51d-fc66-4033-8d15-e87016ab5542")) (target "my-root") (type luks-device-mapping)))) (swap-devices '("/swapfile")) (file-systems (append (list (file-system (device (file-system-label "my-root")) (mount-point "/") (type "ext4") (dependencies mapped-devices)) (file-system (device (uuid "8646-7E06" 'fat)) (mount-point "/boot/efi") (type "vfat"))) %base-file-systems)) (users (cons (user-account (name "user") (comment "user") (group "users") (home-directory "/home/user") (supplementary-groups '("wheel" "netdev" "audio" "video" "lp" "input" "kvm" "lpadmin" "users" "avahi"))) %base-user-accounts)) ;; This is where we specify system-wide packages. (packages (append (map specification->package '("nss-certs" "gvfs" "dosfstools" "nfs-utils" "xclip" "xterm" "xbacklight" "xprop" "gs-fonts" "pulseaudio" "pavucontrol" "acpi" "tor" "torsocks" "emacs" "htop" "avahi" "zip" "unzip" "tmux" "gnupg" "screen" "mutt" "offlineimap" "msmtp" "wget" "file" "openssh" "lvm2" "icecat" "cryptsetup" "mosh" "iptables" "openvpn" "network-manager-openvpn" "git" "bash-completion" "seahorse" "gnome-tweaks" "rtorrent" "libreoffice" "keepassxc" "password-store" "syncthing" "inkscape" "gimp" "aspell" "hunspell" "rsync" "perl" "dconf-editor" "cups" "ghc-pandoc" "texlive" "ghostscript-with-cups" "psutils" "recutils" "gptfdisk" "font-gnu-freefont-ttf" "font-liberation" "font-terminus" "font-ubuntu" "font-dejavu" "font-open-dyslexic" "font-inconsolata" "font-comic-neue" "font-anonymous-pro" "freetype" "font-lato" "tlp" "smartmontools" "thinkfan" "ntp" "font-liberation")) %base-packages)) (services (append (list (service gnome-desktop-service-type) (service cups-service-type (cups-configuration (web-interface? #t) (browsing? #t) (default-paper-size "A4") (extensions (list cups-filters cups-pk-helper foomatic-filters hplip-minimal)))) (service mcron-service-type) (service tor-service-type) (service tlp-service-type (tlp-configuration (cpu-boost-on-ac? #t))) (set-xorg-configuration (xorg-configuration (keyboard-layout keyboard-layout) (modules (filter (lambda (mod) (not (eq? mod xf86-input-synaptics))) %default-xorg-modules))))) (modify-services %desktop-services (alsa-service-type config => (alsa-configuration (inherit config) (pulseaudio? #t))) (bluetooth-service-type config => (bluetooth-configuration (inherit config) (auto-enable? #t)))) )) ;; Allow resolution of '.local' host names with mDNS. (name-service-switch %mdns-host-lookup-nss))