(use-modules (gnu) ((guix packages) #:select (origin base32 modify-inputs package-source package-inputs package)) ((guix download) #:select (url-fetch)) ((guix gexp) #:select(file-append)) ((gnu packages freedesktop) #:select(fprintd)) ((gnu packages suckless) #:select(slock)) ((gnu packages games) #:select (steam-devices-udev-rules)) ((gnu packages linux) #:select (brightnessctl)) ((gnu packages wm) #:select (swaylock)) ((gnu packages cups) #:select (cups cups-filters epson-inkjet-printer-escpr hplip-minimal)) ((gnu services cups) #:select (cups-service-type cups-configuration)) ((gnu services nfs) #:select (nfs-service-type nfs-configuration)) ((gnu services desktop) #:select (sane-service-type bluetooth-service-type %desktop-services elogind-service-type elogind-configuration)) ;;((gnu services docker) #:select(docker-service-type)) ((gnu services virtualization) #:select(qemu-binfmt-service-type qemu-binfmt-configuration lookup-qemu-platforms libvirt-service-type)) ((gnu services nix) #:select (nix-service-type)) ((gnu services networking) #:select (ipfs-service-type ipfs-configuration)) ((gnu services syncthing) #:select (syncthing-service-type syncthing-configuration)) ((gnu services sound) #:select (pulseaudio-service-type pulseaudio-configuration)) ((gnu services audio) #:select (mpd-service-type mpd-configuration)) ((gnu services xorg) #:select (xorg-server-service-type gdm-service-type screen-locker-service screen-locker-service-type xorg-configuration set-xorg-configuration)) ;;((gnu services authentication) #:select (fprintd-service-type)) ((gnu services file-sharing) #:select (transmission-daemon-service-type transmission-daemon-configuration)) ((gnu services pm) #:select (tlp-service-type tlp-configuration thermald-service-type)) ) (define username "tadhg") ;; commit 39a9404 in guix broke this, a function in the os checks for equality with luks-device-mapping as the type and only puts the ;; needed commands into grub.cfg if it identifies it that way, so this makes grub just not try to mount the encrypted device which ;; obviously causes it to fail. I will need to submit a bug report and get it properly fixed but for now I will just need to ;; continue to type my decryption password twice. (define cryptroot-type (luks-device-mapping-with-options ;; NOTE: when specified as a string this is a path relative to the initrd internal filesystem ;; which is populated by the cpio file passed as 'extra-initrd' to grub. ;; if it was (local-file "/crypto_keyfile.bin") it would copy the file on the local filesystem ;; to the initrd, but it would also put a copy of it in the guix store which is globally readable ;; (it'd also be readable from the initrd which is also in the guix store so even if it ;; wasn't copied in there'd be a problem) ;; if this file ever needs to be recaptured use the command `cpio -i /crypto_keyfile.bin < /crypto_keyfile.cpio` run as root and it will restore this file to the root directory. #:key-file "/crypto_keyfile.bin")) (operating-system (locale "en_CA.utf8") (timezone "America/Toronto") (keyboard-layout (keyboard-layout "us")) (host-name "framework") ;; The list of user accounts ('root' is implicit). (users (cons* (user-account (name username) (comment "Tadhg McDonald-Jensen") (group "users") (home-directory "/home/tadhg") (supplementary-groups '("wheel" ;; for sudo access "netdev" ;; TODO: what is this for? "audio" ;; to be able to use alsamixer etc "video" ;; think this is to control brightness "scanner" ;; for scanning "input" ;; to control caps lock light ))) %base-user-accounts)) (bootloader (bootloader-configuration (bootloader grub-efi-bootloader) (targets (list "/boot")) (keyboard-layout keyboard-layout) (extra-initrd "/crypto_keyfile.cpio") )) (mapped-devices (list (mapped-device (source (uuid "c0010d06-0bd1-4ae2-93e6-f2f89a3a670b")) (target "cryptroot") (type cryptroot-type)))) ;;(type luks-device-mapping)))) (swap-devices (list (swap-space (target "/swapfile") ;; TODO: see example about btrfs mounting in docs about swap, just depending on mapped-devices isn't sufficient to guarentee the root partition is mounted. (dependencies mapped-devices)))) ;; The list of file systems that get "mounted". The unique ;; file system identifiers there ("UUIDs") can be obtained ;; by running 'blkid' in a terminal. (file-systems (cons* (file-system (mount-point "/boot") (device (uuid "5190-E840" 'fat32)) (type "vfat")) (file-system (mount-point "/") (device "/dev/mapper/cryptroot") (type "btrfs") (flags '(lazy-time)) (options (alist->file-system-options '(("compress" . "lzo")))) (dependencies mapped-devices)) %base-file-systems)) (packages (append (list) ;;os-packages %base-packages)) ;; Below is the list of system services. To search for available ;; services, run 'guix system search KEYWORD' in a terminal. (services (cons* (service xorg-server-service-type) ;; needed for display (kind of important) (modify-services %desktop-services ;;(guix-service-type config => (tadhg:substitutes config)) (elogind-service-type config => (elogind-configuration (inherit config) (handle-power-key 'hibernate) ;;(idle-action 'suspend) ;;(handle-lid-switch 'ignore) )) (delete gdm-service-type) ))) ;; allow using .local with mdns resolution, used for printer in particular (name-service-switch %mdns-host-lookup-nss) )