From d85086ed10809cf9864ed0321285d31c0b1f93f0 Mon Sep 17 00:00:00 2001 From: jdlugosz963 Date: Wed, 5 Jul 2023 13:59:28 +0200 Subject: Add polkit rules and home services to my guix config. --- guix/jd/desktops/base.scm | 142 ++++++++++++++++++++++++--------------- guix/jd/desktops/berserker.scm | 37 ++++++++++ guix/jd/home-services/polkit.scm | 31 +++++++++ guix/jd/services/polkit.scm | 21 ++++++ 4 files changed, 177 insertions(+), 54 deletions(-) create mode 100755 guix/jd/desktops/berserker.scm create mode 100644 guix/jd/home-services/polkit.scm create mode 100644 guix/jd/services/polkit.scm (limited to 'guix') diff --git a/guix/jd/desktops/base.scm b/guix/jd/desktops/base.scm index b9fc286..5f21c47 100644 --- a/guix/jd/desktops/base.scm +++ b/guix/jd/desktops/base.scm @@ -1,27 +1,66 @@ (define-module (jd desktops base) - #:use-module (gnu) #:use-module (jd packages vpn) + #:use-module (jd home-services polkit) + #:use-module (jd services polkit) + + #:use-module (gnu) + #:use-module (gnu home) + #:use-module (gnu home services) + #:use-module (gnu home services desktop) + #:use-module (gnu home services gnupg) + #:use-module (gnu services) #:use-module (nongnu packages linux) #:use-module (nongnu system linux-initrd)) -(use-package-modules wm gnome) +(use-package-modules wm gnome gnupg) (use-service-modules cups desktop networking ssh xorg docker virtualization pm sound) + +(define-public %jd-base-home-services + (list + (service home-redshift-service-type + (home-redshift-configuration + (location-provider 'manual) + (latitude 51.919438) + (longitude 19.145136))) ;; Poland + + (simple-service 'some-useful-env-vars-service + home-environment-variables-service-type + `(("GTK_THEME" . "Adwaita:dark") + ("VISUAL" . "emacsclient -a \"emacs -Q\"") + ("EDITOR" . "emacsclient -a \"emacs -Q\"") + ("PATH" . "$HOME/.bin:$HOME/.npm-global/bin:$PATH") + ("XDG_DATA_DIRS" . "$XDG_DATA_DIRS:$HOME/.local/share/flatpak/exports/share"))) + + (service home-gpg-agent-service-type + (home-gpg-agent-configuration + (ssh-support? #t) + (default-cache-ttl 28800) + (max-cache-ttl 28800) + (default-cache-ttl-ssh 28800) + (max-cache-ttl-ssh 28800))) + + (service home-polkit-gnome-service-type))) + (define-public %jd-base-user-accounts - (cons* (user-account - (name "jakub") - (comment "Jakub Dlugosz") - (group "users") - (home-directory "/home/jakub") - (supplementary-groups '("wheel" - "netdev" - "audio" - "docker" - "kvm" - "libvirt" - "video"))) - %base-user-accounts)) + (cons* + (user-account + (name "jakub") + (comment "Jakub Dlugosz") + (group "users") + (home-directory "/home/jakub") + (supplementary-groups '("wheel" ;; sudo + "netdev" ;; network devices + "kvm" + "libvirt" + "tty" + "input" + "docker" + "audio" ;; control audio devices + "video" ;; access to webcam + ))) + %base-user-accounts)) (define-public %jd-base-packages (append @@ -34,49 +73,44 @@ "git" "xf86-input-libinput" "intel-vaapi-driver" - "libva-utils" + "libva-utils" ;; vainfo "nss-certs")) %base-packages)) (define-public %jd-base-services - (append (list - (service openssh-service-type) - - (service network-manager-service-type - (network-manager-configuration - (vpn-plugins (list - network-manager-pptp)))) - - (service bluetooth-service-type - (bluetooth-configuration - (auto-enable? #t))) - - (service docker-service-type) - (service libvirt-service-type - (libvirt-configuration - (unix-sock-group "libvirt") - (tls-port "16555"))) - - (service sane-service-type) - (service cups-service-type - (cups-configuration - (web-interface? #t))) - - (service thermald-service-type) - (service tlp-service-type - (tlp-configuration - (cpu-boost-on-ac? #t) - (wifi-pwr-on-bat? #t))) - - (service slim-service-type (slim-configuration - (display ":0") - (vt "vt7")))) - - (modify-services %desktop-services - (delete network-manager-service-type) - (delete gdm-service-type)))) - -;; Odin is a base operating system + (cons* + (service openssh-service-type) + + (service network-manager-service-type + (network-manager-configuration + (vpn-plugins (list + network-manager-pptp)))) + + (service bluetooth-service-type + (bluetooth-configuration + (auto-enable? #t))) + + (service docker-service-type) + (service libvirt-service-type + (libvirt-configuration + (unix-sock-group "libvirt"))) + + (service cups-service-type + (cups-configuration + (web-interface? #t))) + + (service thermald-service-type) + (service tlp-service-type + (tlp-configuration + (cpu-boost-on-ac? #t) + (wifi-pwr-on-bat? #t))) + + polkit-network-manager-service + + (modify-services %desktop-services + (delete network-manager-service-type)))) + +;; Odin is a base for my operating systems (define-public odin-free (operating-system (locale "en_US.utf8") diff --git a/guix/jd/desktops/berserker.scm b/guix/jd/desktops/berserker.scm new file mode 100755 index 0000000..37135dc --- /dev/null +++ b/guix/jd/desktops/berserker.scm @@ -0,0 +1,37 @@ +(define-module (jd desktops berserker) + #:use-module (jd desktops base) + #:use-module (gnu) + #:use-module (gnu home)) + +(define home + (home-environment + (services %jd-base-home-services))) + +(define system + (operating-system + (inherit odin-non-free) + (host-name "berserker") + + (bootloader (bootloader-configuration + (bootloader grub-efi-bootloader) + (targets (list "/boot/efi")))) + + (mapped-devices (list (mapped-device + (source (uuid + "ef754148-6f23-4d7e-92b4-7abbfe0ae201")) + (target "cryptroot") + (type luks-device-mapping)))) + + (file-systems (cons* (file-system + (mount-point "/boot/efi") + (device (uuid "695E-FE22" + 'fat32)) + (type "vfat")) + (file-system + (mount-point "/") + (device "/dev/mapper/cryptroot") + (type "ext4") + (dependencies mapped-devices)) %base-file-systems)))) + + +(if (getenv "JD_HOME") home system) diff --git a/guix/jd/home-services/polkit.scm b/guix/jd/home-services/polkit.scm new file mode 100644 index 0000000..699f2da --- /dev/null +++ b/guix/jd/home-services/polkit.scm @@ -0,0 +1,31 @@ +(define-module (jd home-services polkit) + #:use-module (gnu packages) + #:use-module (gnu packages polkit) + #:use-module (gnu services) + #:use-module (gnu services configuration) + #:use-module (gnu home services) + #:use-module (gnu home services shepherd) + #:use-module (guix gexp)) + + +(define (polkit-gnome-profile-service config) + (specifications->packages '("polkit-gnome"))) + +(define (polkit-gnome-shepherd-service config) + (list (shepherd-service + (documentation "Polkit gnome service.") + (provision '(polkit-gnome)) + (start #~(make-forkexec-constructor + (list #$(file-append polkit-gnome + "/libexec/polkit-gnome-authentication-agent-1")))) + (stop #~(make-kill-destructor))))) + +(define-public home-polkit-gnome-service-type + (service-type (name 'home-polkit-gnome) + (extensions (list (service-extension home-profile-service-type + polkit-gnome-profile-service) + (service-extension home-shepherd-service-type + polkit-gnome-shepherd-service))) + (default-value #f) + (description "Runs the PolicyKit-gnome service."))) + diff --git a/guix/jd/services/polkit.scm b/guix/jd/services/polkit.scm new file mode 100644 index 0000000..948500c --- /dev/null +++ b/guix/jd/services/polkit.scm @@ -0,0 +1,21 @@ +(define-module (jd services polkit) + #:use-module (gnu services) + #:use-module (gnu services dbus) + #:use-module (gnu home services) + #:use-module (guix gexp)) + +(define polkit-network-manager + (file-union + "polkit-wheel" + `(("share/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules" + ,(plain-file + "50-org.freedesktop.NetworkManager.rules" + "polkit.addRule(function(action, subject) { + if (action.id.indexOf(\"org.freedesktop.NetworkManager.\") == 0 && + subject.isInGroup(\"netdev\")) { + return polkit.Result.YES; + } +});"))))) + +(define-public polkit-network-manager-service + (simple-service 'polkit-network-manager polkit-service-type (list polkit-network-manager))) -- cgit v1.2.3