1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
(use-modules (gnu)
	     (guix gexp)
	     (guix modules))
(use-service-modules networking ssh)
(use-package-modules tmux ssh)

(operating-system
  (host-name "guixvm")
  (timezone "xxxx/xxxx")
  (locale "en_US.utf8")

  (mapped-devices
   (list (mapped-device
          (source (uuid "ba778b24-4025-40ab-b5f3-57acf1eb8ac4")) ;; luks1
          (target "boot")
          (type luks-device-mapping))
         (mapped-device
          (source (uuid "38659c87-82d9-4bb8-97e1-405dc3dfc40e")) ;; luks2
          (target "root")
          (type luks-device-mapping))
         (mapped-device
          (source (uuid "c987052c-76fd-44b9-8a60-986845ad2584")) ;; luks2
          (target "swap")
          (type luks-device-mapping))
         (mapped-device
          (source (uuid "2fca8372-a1b6-46b4-808a-0de9be4f2d76")) ;; luks2
          (target "root-raid")
          (type luks-device-mapping))))
  
  (bootloader (bootloader-configuration
               (bootloader grub-efi-bootloader)
               (targets '("/efi"))))

  (file-systems (append
                 (list (file-system
                         (device "none")
                         (mount-point "/")
                         (type "tmpfs")
			 (options "size=500M,mode=755")
			 (check? #f))
		       (file-system
                         (device (uuid "1111-1111" 'fat)) ;; TODO use label?
                         (mount-point "/efi")
                         (type "vfat")
			 (create-mount-point? #t)) ;; TODO needed-for-boot?
		       (file-system
                         (device (file-system-label "boot"))
                         (mount-point "/boot")
                         (type "btrfs")
			 (flags '(no-atime))
			 (options "compress=zstd:1,space_cache=v2,ssd")
			 (check? #f)
			 (create-mount-point? #t)
                         (dependencies mapped-devices)) ;; TODO filter
		       (file-system
                         (device (file-system-label "root"))
                         (mount-point "/gnu")
                         (type "btrfs")
			 (flags '(no-atime))
			 (options "compress=zstd:1,space_cache=v2,ssd,subvol=@gnu")
			 (needed-for-boot? #t)
			 (check? #f)
			 (create-mount-point? #t)
                         (dependencies mapped-devices)) ;; TODO filter
		       (file-system
                         (device (file-system-label "root"))
                         (mount-point "/var")
                         (type "btrfs")
			 (flags '(no-atime))
			 (options "compress=zstd:1,space_cache=v2,ssd,subvol=@var")
			 (needed-for-boot? #t)
			 (check? #f)
			 (create-mount-point? #t)
                         (dependencies mapped-devices)) ;; TODO filter
		       (file-system ;; TODO bind mount state files
                         (device (file-system-label "root"))
                         (mount-point "/state")
                         (type "btrfs")
			 (flags '(no-atime))
			 (options "compress=zstd:1,space_cache=v2,ssd,subvol=@state")
			 (needed-for-boot? #t)
			 (check? #f)
			 (create-mount-point? #t)
                         (dependencies mapped-devices)) ;; TODO filter
		       (file-system
                         (device (file-system-label "root"))
                         (mount-point "/home")
                         (type "btrfs")
			 (flags '(no-atime))
			 (options "compress=zstd:1,space_cache=v2,ssd,subvol=@home")
			 (needed-for-boot? #t)
			 (check? #f)
			 (create-mount-point? #t)
                         (dependencies mapped-devices)) ;; TODO filter
		       )
                 %base-file-systems))

  (swap-devices (list (swap-space
                       (target (file-system-label "swap"))
		       (dependencies mapped-devices) ;; TODO filter
		       (discard? #t))))
  
  ;; This is where user accounts are specified.  The "root"
  ;; account is implicit, and is initially created with the
  ;; empty password.
  (users (cons (user-account
                (name "me")
                (comment "xxxx")
                (group "users")

                ;; Adding the account to the "wheel" group
                ;; makes it a sudoer.  Adding it to "audio"
                ;; and "video" allows the user to play sound
                ;; and access the webcam.
                (supplementary-groups '("wheel"
                                        "audio" "video")))
               %base-user-accounts))

  ;; Globally-installed packages.
  (packages (cons tmux %base-packages))

  ;; Add services to the baseline: a DHCP client and
  ;; an SSH server.
  (services (append (list (service dhcp-client-service-type)
                          (service openssh-service-type
                                   (openssh-configuration
                                    (openssh openssh-sans-x)
                                    (port-number 22))))
                    %base-services)))
;;