1 files changed, 171 insertions, 0 deletions

diff --git a/guix/system-base.scm b/guix/system-base.scm
new file mode 100644
index 0000000..64d5f17
--- /dev/null
+++ b/guix/system-base.scm
@@ -0,0 +1,171 @@
+
+(define-module (system-base)
+  #:use-module (gnu)
+  #:use-module (gnu services)
+  #:use-module (gnu services dbus)
+  #:use-module (gnu services docker)
+  #:use-module (gnu services file-sharing)
+  #:use-module (gnu system)
+  #:use-module (gnu system setuid)
+  #:use-module (gnu system nss)
+  #:use-module (gnu packages lisp)
+  #:use-module (gnu services docker)
+  #:use-module (nongnu packages linux)
+  #:use-module (nongnu system linux-initrd)
+  #:use-module (rosenthal services networking)
+  #:export (system-create))
+
+(use-service-modules cups desktop networking ssh xorg docker guix
+		     admin pm docker virtualization)
+
+(use-package-modules nfs certs shells ssh linux bash emacs networking
+		     wm fonts libusb cups freedesktop file-systems version-control
+		     package-management)
+
+(define thanos/system-packages
+  '("hyprland" "swaylock" "swaylock-effects" "swaybg"
+    "waybar" "gnupg" "pinentry" "font-jetbrains-mono"
+    "docker" "docker-cli" "dbus" "xf86-input-libinput"
+    "xf86-video-fbdev" "tailscale-bin" "virt-manager"
+    "rsync"))
+
+(define* (system-create #:key
+			(system-packages thanos/system-packages)
+			(kernel linux-lts)
+			(time-zone "Europe/Athens")
+		        hostname
+			filesystem
+			swap-uuid
+			(swapcaps? #t))
+  (operating-system
+   (locale "en_US.utf8")
+   (timezone time-zone)
+   (host-name hostname)
+   (keyboard-layout (if swapcaps?
+			(keyboard-layout "us" #:options '("ctrl:swapcaps"))
+			(keyboard-layout "us")))
+
+   (kernel kernel)
+   (initrd microcode-initrd)
+   (firmware (list linux-firmware))
+
+
+   (users (cons* (user-account
+                  (name "thanos")
+                  (comment "Thanos Apollo")
+                  (group "users")
+                  (home-directory "/home/thanos")
+                  (supplementary-groups '("wheel" "netdev" "audio" "video" "docker" "kvm"
+					  "libvirt")))
+		 %base-user-accounts))
+
+   (packages
+    (append (specifications->packages system-packages)
+	    %base-packages))
+   (services
+    (append (list
+	     (service docker-service-type)
+	     (service containerd-service-type)
+	     (service libvirt-service-type
+                      (libvirt-configuration
+                       (unix-sock-group "libvirt")
+                       (tls-port "16555")))
+	     ;; udev
+	     (udev-rules-service 'pipewire-add-udev-rules pipewire)
+	     (udev-rules-service 'brightnessctl-udev-rules brightnessctl)
+	     ;; Networking services
+	     (service tailscale-service-type)
+	     (service wpa-supplicant-service-type) ;; Needed by NetworkManager
+	     (service network-manager-service-type)
+	     (service block-facebook-hosts-service-type)
+	     (simple-service 'add-extra-hosts
+                             hosts-service-type
+                             (list (host "192.168.0.100" "constantine"
+					 '())
+				   (host "192.168.0.101" "theodora"
+					 '())))
+
+	     (service transmission-daemon-service-type
+		      (transmission-daemon-configuration
+		       ;; Accept requests from this and other hosts on the
+		       ;; local network
+		       (rpc-whitelist-enabled? #t)
+		       (rpc-whitelist '("::1" "127.0.0.1" "192.168.*"))
+		       (rpc-username "z3us")
+		       ;; hashed password
+		       (rpc-password "{eab35f5df5b1e2691acf11f49be1b1dcffa55a59FyE5eNd8")))
+
+	     ;; tty login
+	     (service elogind-service-type)
+
+
+	     (service openssh-service-type
+		      (openssh-configuration
+		       (permit-root-login 'prohibit-password)))
+
+	     (service screen-locker-service-type
+		      (screen-locker-configuration
+		       (name "swaylock")
+		       (program (file-append swaylock "/bin/swaylock"))
+		       (using-pam? #t)
+		       (using-setuid? #f)))
+
+	     (service modem-manager-service-type)  ;; For cellular modems
+	     polkit-wheel-service
+	     (service tor-service-type)
+	     (service cups-service-type)
+
+	     (service udisks-service-type)
+	     (service upower-service-type)
+	     (service cups-pk-helper-service-type)
+	     (service geoclue-service-type)
+
+	     fontconfig-file-system-service ;; Manage the fontconfig cache
+
+	     ;; Power and thermal management services
+	     (service thermald-service-type)
+	     (service tlp-service-type
+		      (tlp-configuration
+		       (cpu-boost-on-ac? #t)
+		       (wifi-pwr-on-bat? #t))))
+
+	    ;; Services specifics for my desktop
+	    (if (string= hostname "constantine")
+		(list
+		 (service oci-container-service-type
+			  (list
+			   (oci-container-configuration
+			    (image "ollama/ollama:rocm")
+			    (network "host")
+			    (ports
+			     '(("11434" . "11434")))
+			    (volumes
+			     '(("/ollama" . "/root/.ollama"))))
+			   (oci-container-configuration
+			    (image "jellyfin/jellyfin")
+			    (network "host")
+			    (volumes
+			     '(("/home/jelly/config" . "/config")
+			       ("/home/jelly/cache" . "/cache")
+			       ("/hdd" . "/media"))))
+			   (oci-container-configuration
+			    (image "rssbridge/rss-bridge")
+			    (network "host")
+			    (ports
+			     '(("3000" . "80")))))))
+		;; For everything else
+		(list))
+	    %base-services))
+
+
+   (bootloader (bootloader-configuration
+		(bootloader grub-efi-bootloader)
+		(targets (list "/boot/efi"))
+		(keyboard-layout keyboard-layout)))
+
+   ;; Filesystem
+   (swap-devices (list (swap-space
+			(target (uuid swap-uuid)))))
+
+   ;; run 'lsblk -f' to get UUIDs.
+   (file-systems filesystem)))