2015-05-09 17:16:11 -04:00
|
|
|
;; This is an operating system configuration template
|
2016-11-24 17:03:04 -05:00
|
|
|
;; for a "desktop" setup with GNOME and Xfce where the
|
|
|
|
;; root partition is encrypted with LUKS.
|
2015-05-09 17:16:11 -04:00
|
|
|
|
|
|
|
(use-modules (gnu) (gnu system nss))
|
|
|
|
(use-service-modules desktop)
|
2016-11-28 13:46:03 -05:00
|
|
|
(use-package-modules certs gnome)
|
2015-05-09 17:16:11 -04:00
|
|
|
|
|
|
|
(operating-system
|
|
|
|
(host-name "antelope")
|
|
|
|
(timezone "Europe/Paris")
|
2017-02-13 03:57:01 -05:00
|
|
|
(locale "en_US.utf8")
|
2015-05-09 17:16:11 -04:00
|
|
|
|
2015-12-20 23:09:22 -05:00
|
|
|
;; Assuming /dev/sdX is the target hard disk, and "my-root"
|
|
|
|
;; is the label of the target root file system.
|
2017-08-20 04:48:19 -04:00
|
|
|
(bootloader (bootloader-configuration
|
|
|
|
(bootloader grub-bootloader)
|
2017-08-23 15:48:58 -04:00
|
|
|
(target "/dev/sdX")))
|
2016-11-24 17:03:04 -05:00
|
|
|
|
|
|
|
;; Specify a mapped device for the encrypted root partition.
|
|
|
|
;; The UUID is that returned by 'cryptsetup luksUUID'.
|
|
|
|
(mapped-devices
|
|
|
|
(list (mapped-device
|
|
|
|
(source (uuid "12345678-1234-1234-1234-123456789abc"))
|
2017-08-20 04:48:19 -04:00
|
|
|
(target "my-root")
|
2016-11-24 17:03:04 -05:00
|
|
|
(type luks-device-mapping))))
|
|
|
|
|
2015-05-09 17:16:11 -04:00
|
|
|
(file-systems (cons (file-system
|
2015-12-20 23:09:22 -05:00
|
|
|
(device "my-root")
|
2015-05-09 17:16:11 -04:00
|
|
|
(mount-point "/")
|
2016-11-24 17:03:04 -05:00
|
|
|
(type "ext4")
|
|
|
|
(dependencies mapped-devices))
|
2015-05-09 17:16:11 -04:00
|
|
|
%base-file-systems))
|
|
|
|
|
2015-05-25 10:54:05 -04:00
|
|
|
(users (cons (user-account
|
2015-05-09 17:16:11 -04:00
|
|
|
(name "bob")
|
|
|
|
(comment "Alice's brother")
|
|
|
|
(group "users")
|
2015-05-11 22:39:26 -04:00
|
|
|
(supplementary-groups '("wheel" "netdev"
|
2015-05-09 17:16:11 -04:00
|
|
|
"audio" "video"))
|
2015-05-25 10:54:05 -04:00
|
|
|
(home-directory "/home/bob"))
|
|
|
|
%base-user-accounts))
|
2015-05-09 17:16:11 -04:00
|
|
|
|
2016-03-22 18:48:21 -04:00
|
|
|
;; This is where we specify system-wide packages.
|
|
|
|
(packages (cons* nss-certs ;for HTTPS access
|
2016-11-28 13:46:03 -05:00
|
|
|
gvfs ;for user mounts
|
2015-05-09 17:16:11 -04:00
|
|
|
%base-packages))
|
|
|
|
|
2016-03-22 18:48:21 -04:00
|
|
|
;; Add GNOME and/or Xfce---we can choose at the log-in
|
|
|
|
;; screen with F1. Use the "desktop" services, which
|
|
|
|
;; include the X11 log-in service, networking with Wicd,
|
|
|
|
;; and more.
|
|
|
|
(services (cons* (gnome-desktop-service)
|
|
|
|
(xfce-desktop-service)
|
|
|
|
%desktop-services))
|
2015-05-09 17:16:11 -04:00
|
|
|
|
|
|
|
;; Allow resolution of '.local' host names with mDNS.
|
|
|
|
(name-service-switch %mdns-host-lookup-nss))
|