zzkt/guix
1
0
Fork 0
Code Issues Pull requests Projects Activity Actions
guix/config/framework13-system.org

357 lines
10 KiB
Org Mode
Raw Normal View History

Put in earplugs
2024-01-04 17:56:41 +00:00
# -*- mode: org; coding: utf-8; -*-
#+title: a GUIX system config - Framework 13 AMD
#+property: header-args :tangle framework13-system.scm
A semi-literate config for GUIX running on a Framework 13 AMD laptop
- generate config with =org-babel-tangle= (bound to =C-c C-v t=)
- rebuild with =guix system reconfigure framework13.scm= (or similar)
* header
generate a header and timestamp if required
#+name: timestamp
#+BEGIN_SRC sh :results output code :tangle no
echo ";; -*- mode: scheme; coding: utf-8; -*-
;;
;; tangled from framework13-system.org on `date --rfc-3339 seconds`)"
#+end_src
#+begin_src scheme :noweb yes
<<timestamp()>>
#+end_src
* modules
#+begin_src scheme
(use-modules (gnu)
(gnu packages)
(guix modules)
(gnu system nss)
(gnu system setuid)
(gnu packages shells)
(gnu packages linux)
(gnu packages xdisorg)
(gnu packages emacs-xyz)
#+end_src
Include non-free linux kernel, modules and firmware from the [[https://gitlab.com/nonguix/nonguix/][nonguix channel]]
#+begin_src scheme
(nongnu packages linux)
(nongnu system linux-initrd))
#+end_src
** service modules
#+begin_src scheme
(use-service-modules cups
desktop
networking
ssh
xorg
samba
sound
mail)
#+end_src
** package modules
#+begin_src scheme
(use-package-modules admin
certs
package-management
ssh
tls)
#+end_src
* kernel corruption
Some kernel corruption may be required to enable WIFI. Since the non-free kernel from nonguix doesnt include the driver for RZ616/MT7922 adapter by default it needs to be added explicitly. Defined here and used in the =operating-system= declaration below.
#+begin_src scheme
(define-public linux-fw13
(corrupt-linux linux-libre-6.6
#:name "linux-fw13"
#:configs '("CONFIG_MT7921E=m")))
#+end_src
* operating-system
The =operating-system= declaration
#+begin_src scheme
(operating-system
(host-name "zxxcxxz")
(locale "en_GB.utf8")
(timezone "Europe/Amsterdam")
#+end_src
** keyboard layout
Layout is qwerty, CAPS_LOCK is CTRL, Ctrl-Fn-Meta-super to left of SPACE. The =keyboard-layout= declared here can be used for boot, console and Xorg
#+begin_src scheme
(keyboard-layout (keyboard-layout
"us" "altgr-intl"
#:options '("ctrl:nocaps"
"altwin:swap_lalt_lwin")))
#+end_src
** kernel
A custom kernel is configured above, kernel arguments are declared here.
The =hid_sensor_hub= module needs to be disabled for screen dimming and keyboard backlight to work as expecrted. Some other kernel arguments possibly required for (in)compatability with other features include "amdgpu.sg_display=0", "acpi_osi=linux" "acpi_backlight=vendor"
Kernel & driver details
- https://gitlab.com/nonguix/nonguix
- https://www.kernel.org/doc/html/latest/gpu/amdgpu/module-parameters.html
- https://community.frame.work/t/solved-backlight-brightness-issues/36065/13
#+begin_src scheme
(kernel linux-fw13)
(kernel-arguments '("modprobe.blacklist=hid_sensor_hub"))
#+end_src
…and required firmware (should be possible to reduce to specifics)
#+begin_src scheme
(firmware (list linux-firmware))
;; (firmware (list amdgpu-firmware
;; amd-microcode
;; realtek-firmware))
#+end_src
** users & groups
#+begin_src scheme
(users (cons* (user-account
(name "zzk")
(comment "zzk")
(group "users")
(home-directory "/home/zzk")
(shell (file-append zsh "/bin/zsh"))
(supplementary-groups '("wheel"
"netdev"
"audio"
"video"
"www-data"
"lp")))
(user-account
(name "www-data")
(group "www-data")
(home-directory "/home/www"))
%base-user-accounts))
#+end_src
#+begin_src scheme
(groups (cons* (user-group
(name "www-data"))
%base-groups))
#+end_src
** sudoers
#+begin_src scheme
(sudoers-file
(plain-file "sudoers"
"root ALL=(ALL) ALL
%wheel ALL=NOPASSWD: ALL"))
#+end_src
** system-wide packages
Packages installed system-wide. Users can also install packages under their own account: use 'guix search KEYWORD' to search for packages and 'guix install PACKAGE' to install a package.
#+begin_src scheme
(packages
(append (map specification->package
'("emacs"
"emacs-guix"
"emacs-exwm"
"openssh-sans-x"
"nss-certs"
"htop"
;; xfce
"xfce4-power-manager"
"xfce4-screensaver"
"xfce4-settings"
"xfce4-session"
"xfce4-panel"
;; gnome extras
"gnome-tweaks"
"gvfs"
))
%base-packages))
#+end_src
** system services
Below is the list of enabled system services. To search for any available services, run 'guix system search KEYWORD' in a terminal.
#+begin_src scheme
(services
(append (list
#+end_src
*** SSH
#+begin_src scheme
(service openssh-service-type
(openssh-configuration
(openssh openssh-sans-x)
(password-authentication? #true)
(authorized-keys
`(("zzk" ,(local-file "zzk_rsa.pub"))
("root" ,(local-file "zzk_rsa.pub"))))))
#+end_src
*** mail
use dovecot for local IMAP
#+begin_src scheme
(service dovecot-service-type
(dovecot-configuration
(mail-location "maildir:%h/Maildir:LAYOUT=fs")))
#+end_src
*** display manager
#+begin_src scheme
;; (service sddm-service-type
;; (sddm-configuration
;; (display-server "wayland")
;; (remember-last-user? #t)))
(service gdm-service-type
(gdm-configuration
(auto-suspend? #f)
(xorg-configuration
(xorg-configuration
(keyboard-layout keyboard-layout)
#+end_src
Trackpad config using [[https://www.mankier.com/4/libinput][libinput]]
#+begin_src scheme
(extra-config '("Section \"InputClass\"
Identifier \"touchpad\"
Driver \"libinput\"
MatchIsTouchpad \"on\"
Option \"Tapping\" \"on\"
Option \"TappingButtonMap\" \"lrm\"
Option \"ClickMethod\" \"clickfinger\"
Option \"AccelProfile\" \"adaptive\"
EndSection"))))))
#+end_src
*** desktop environments
Provide gnome and xfce as desktop environments. exwm is enabled automatically via module.
#+begin_src scheme
(service gnome-desktop-service-type)
(service xfce-desktop-service-type)
#+end_src
*** file sharing
#+begin_src scheme
(service samba-service-type
(samba-configuration
(enable-smbd? #t)
(config-file
(plain-file "smb.conf" "\
[global]
protocol = SMB3
logging = syslog@1
workgroup = FOAM
netbios name = zxXCXxz
security = user
case sensitive = yes
preserve case = yes
short preserve case = yes
[homes]
valid users = %S
browsable = no
writable = yes
"))))
#+end_src
*** bluetooth
#+begin_src scheme
(service bluetooth-service-type)
#+end_src
*** printing
#+begin_src scheme
(service cups-service-type)
#+end_src
*** modify desktop services
If gdm is reconfigured (see above) or any other display manager is declared, gdm needs to be removed from =%desktop-services=
#+begin_src scheme
) ;; end services list
#+end_src
#+begin_src scheme
(modify-services %desktop-services
(delete gdm-service-type))))
#+end_src
*** mDNS
Enable resolution of '.local' host names with mDNS.
#+begin_src scheme
(name-service-switch %mdns-host-lookup-nss)
#+end_src
*** screen locker
screen locker requires suid
#+begin_src scheme
(setuid-programs
(cons*
(setuid-program
(program (file-append xsecurelock "/libexec/xsecurelock/authproto_pam")))
%setuid-programs))
#+end_src
** initrd
initrd with AMD microcode blobs
#+begin_src scheme
(initrd (lambda (file-systems . rest)
(apply microcode-initrd file-systems
#:initrd base-initrd
#:microcode-packages (list amd-microcode)
rest)))
#+end_src
** bootloader
#+begin_src scheme
(bootloader (bootloader-configuration
(bootloader grub-efi-bootloader)
(targets (list "/boot/efi"))
(keyboard-layout keyboard-layout)))
#+end_src
** swap device
#+begin_src scheme
(swap-devices (list (swap-space
(target (uuid
"2ce27ab3-07f7-4c24-90bd-9fbe14c0850d")))))
#+end_src
** file systems & mount points
The list of file systems that get mounted. The unique file system identifiers ("UUIDs") can be obtained by running =blkid= in a terminal.
#+begin_src scheme
(file-systems (cons* (file-system
(mount-point "/boot/efi")
(device (uuid "8B3C-3BC0" 'fat32))
(type "vfat"))
(file-system
(mount-point "/")
(device (uuid
"e0ece027-0396-4546-8aba-2ce91285d061"
'ext4))
(type "ext4"))
%base-file-systems))
#+end_src
** FIN
#+begin_src scheme
) ;; end operating-system declaration
#+end_src
Reference in a new issue Copy permalink