(define-module (system-create)
#:use-module (gnu)
#:use-module (gnu services)
#:use-module (gnu services dbus)
#:use-module (gnu services docker)
#:use-module (gnu services file-sharing)
#:use-module (gnu system)
#:use-module (gnu system setuid)
#:use-module (gnu system nss)
#:use-module (gnu packages lisp)
#:use-module (gnu services docker)
#:use-module (nongnu packages linux)
#:use-module (nongnu system linux-initrd)
#:use-module (rosenthal services networking)
#:export (system-create))
(use-service-modules cups desktop networking ssh xorg docker guix
admin pm docker virtualization)
(use-package-modules nfs certs shells ssh linux bash emacs networking
wm fonts libusb cups freedesktop file-systems version-control
package-management)
(define thanos/system-packages
'("sway" "swaylock" "swaylock-effects" "swaybg"
"waybar" "gnupg" "pinentry" "font-jetbrains-mono"
"docker" "docker-cli" "dbus" "xf86-input-libinput"
"xf86-video-fbdev"))
(define* (system-create #:key
(system-packages thanos/system-packages)
(kernel linux-lts)
(time-zone "Europe/Athens")
hostname
filesystem
swap-uuid
(swapcaps? #t))
(operating-system
(locale "en_US.utf8")
(timezone time-zone)
(host-name hostname)
(keyboard-layout (if swapcaps?
(keyboard-layout "us" #:options '("ctrl:swapcaps"))
(keyboard-layout "us")))
(kernel kernel)
(initrd microcode-initrd)
(firmware (list linux-firmware))
;; The list of user accounts ('root' is implicit).
(users (cons* (user-account
(name "thanos")
(comment "Thanos Apollo")
(group "users")
(home-directory "/home/thanos")
(supplementary-groups '("wheel" "netdev" "audio" "video" "docker" "kvm")))
%base-user-accounts))
;; Packages installed system-wide.
(packages
(append (map specification->package system-packages)
%base-packages))
;; Below is the list of system services. To search for available
;; services, run 'guix system search KEYWORD' in a terminal.
(services
(append (list
(service docker-service-type)
(service containerd-service-type)
(service libvirt-service-type
(libvirt-configuration
(unix-sock-group "libvirt")
(tls-port "16555")))
;; udev
(udev-rules-service 'pipewire-add-udev-rules pipewire)
(udev-rules-service 'brightnessctl-udev-rules brightnessctl)
;; Networking services
(service tailscale-service-type)
(service wpa-supplicant-service-type) ;; Needed by NetworkManager
(service network-manager-service-type)
(service transmission-daemon-service-type)
;; tty login
(service elogind-service-type)
(service openssh-service-type
(openssh-configuration
(permit-root-login 'prohibit-password)))
(service screen-locker-service-type
(screen-locker-configuration
(name "swaylock")
(program (file-append swaylock "/bin/swaylock"))
(using-pam? #t)
(using-setuid? #f)))
(service modem-manager-service-type) ;; For cellular modems
polkit-wheel-service
(service tor-service-type)
(service cups-service-type)
(service udisks-service-type)
(service upower-service-type)
(service cups-pk-helper-service-type)
(service geoclue-service-type)
fontconfig-file-system-service ;; Manage the fontconfig cache
;; Power and thermal management services
(service thermald-service-type)
(service tlp-service-type
(tlp-configuration
(cpu-boost-on-ac? #t)
(wifi-pwr-on-bat? #t))))
;; Services specifics for zeus
(if (string= hostname "zeus")
(list
(service oci-container-service-type
(list
(oci-container-configuration
(image "ollama/ollama:rocm")
(network "host")
(ports
'(("11434" . "11434")))
(volumes
'(("/ollama" . "/root/.ollama"))))
(oci-container-configuration
(image "jellyfin/jellyfin")
(network "host")
(volumes
'(("/home/jelly/config" . "/config")
("/home/jelly/cache" . "/cache")
("/hdd" . "/media"))))
(oci-container-configuration
(image "rssbridge/rss-bridge")
(network "host")
(ports
'(("3000" . "80")))))))
;; For everything else
(list))
%base-services))
(bootloader (bootloader-configuration
(bootloader grub-efi-bootloader)
(targets (list "/boot/efi"))
(keyboard-layout keyboard-layout)))
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
(swap-devices (list (swap-space
(target (uuid swap-uuid)))))
;; run 'lsblk -f' to get UUIDs.
(file-systems filesystem)))