diff options
-rw-r--r-- | home-configuration.scm | 429 |
1 files changed, 338 insertions, 91 deletions
diff --git a/home-configuration.scm b/home-configuration.scm index bd82d32b..e8692ef3 100644 --- a/home-configuration.scm +++ b/home-configuration.scm @@ -7,72 +7,149 @@ ;; See also, for some tips: ;; https://github.com/alezost/shepherd-config/blob/master/init.scm -;; TODO: Move from Xorg/i3 to Wayland/sway. -;; TODO: Theme stuff using https://github.com/catppuccin -- needs -;; integration into config files. Can I do something fancy using -;; `computed-file' to combine catppuccin-provided configs with my own, -;; e.g. for kitty and rofi? -;; Integrate upstream (ctp) configs into ~/guix-home using git submodules? -;; https://github.com/catppuccin/rofi +;; TODO: Integrate upstream (ctp) configs into ~/guix-home using git submodules: +;; https://github.com/catppuccin/grub ; TODO: make this system-wide +;; https://github.com/catppuccin/tty ; system-wide +;; https://github.com/catppuccin/papirus-folders +;; https://github.com/catppuccin/Kvantum +;; https://github.com/catppuccin/fzf ;; https://github.com/catppuccin/obs -;; https://github.com/catppuccin/waybar ;; https://github.com/catppuccin/insomnia -;; https://github.com/catppuccin/kitty +;; https://github.com/catppuccin/neomutt +;; https://github.com/catppuccin/zathura +;; https://github.com/catppuccin/firefox ; for icecat + +;; Manual installation needed? +;; https://github.com/catppuccin/dark-reader +;; https://github.com/catppuccin/github (use-modules (gnu home) (gnu home services) (gnu home services desktop) + (gnu home services guix) + (gnu home services pm) (gnu home services shells) (gnu home services shepherd) + (gnu home services ssh) (gnu packages) (gnu services) (gnu services shepherd) + (guix channels) (guix gexp)) +(fluid-set! read-eval? #t) ; allow #. read expansions in this file + +;; One of "latte" (light theme), "frappe", "macchiato", "mocha" (dark +;; themes); ordered brightest to darkest. +;; Set and use this at read time so that `local-file' gets a literal +;; argument. Anything else confuses it and causes it to search +;; relative to the working directory, not this file's directory. +#.(define catppuccin-theme-variant "mocha") + (define* (package-binary specification #:optional (binary specification)) "Get the path of BINARY inside the package referred to by SPECIFICATION." - (file-append (specification->package specification) "/bin/" binary)) + (file-append (specification->package specification) + (string-append "/bin/" binary))) + +;; See also: `file-join' in (gnu home services ssh). +(define (combined-text-file name . files) + "A file which is the concatenation of the contents of other files." + ;; We need to use #$output for `computed-file' to work. + ;; Of course this isn't documented anywhere! + (computed-file name + (with-imported-modules '((guix build utils)) ; for `dump-port' + #~(begin + (use-modules (guix build utils)) + (call-with-output-file #$output + (lambda (oport) + (for-each (lambda (in-file) + (call-with-input-file in-file + (lambda (iport) + (dump-port iport oport)))) + '#$files))))))) + +(define (text-file/substitutions name input-file . substitutions) + "A file containing another file's content with regexp substitutions. +Each item in SUBSTITUTIONS is a `cons' of a regular expression and a +replacement spec (to which `regexp-substitute/global' is applied)." + (computed-file name + (with-imported-modules '((ice-9 regex) + (ice-9 textual-ports)) + #~(begin + (use-modules (ice-9 regex) + (ice-9 textual-ports)) + (call-with-output-file #$output + (lambda (oport) + (call-with-input-file #$input-file + (lambda (iport) + (let loop ((output (get-string-all iport)) + (substitutions '#$substitutions)) + (if (null? substitutions) + (put-string oport output) + (loop (call-with-output-string + (lambda (sport) + (apply regexp-substitute/global + sport + (caar substitutions) + output + (cdar substitutions)))) + (cdr substitutions)))))))))))) (home-environment - ;; Below is the list of packages that will show up in your - ;; Home profile, under ~/.guix-home/profile. (packages + ;; These packages will show up in the home profile, under ~/.guix-home/profile. (cons* ;; Install only bind-utils like dig, not the full suite. (list (specification->package "bind") "utils") (specifications->packages '(;; CLI tools - "dos2unix" "dropbear" "emacs" "emacs-use-package" "file" "git" - "imagemagick" "lesspipe" "nvme-cli" "openssh" "powertop" - "python" "rsync" "sbcl" "smartmontools" "source-highlight" "tk" - "tlp" "tmux" "tree" "unzip" "zip" + "adb" "dos2unix" "file" "fzf" "git" "imagemagick" "jq" + "lesspipe" "nvme-cli" "openssh" "powertop" "pv" "python" "rsync" + "sbcl" "smartmontools" "source-highlight" "tk" "tlp" "tmux" + "tree" "xxd" "zip" "unzip" + ;; Emacs + "emacs" "emacs-use-package" "emacs-editorconfig" ; TODO: set up EditorConfig ;; Shell "zsh" "zsh-autosuggestions" "zsh-syntax-highlighting" "zsh-autopair" ;; i3 and Xorg. i3 itself must be installed system-wide for gdm to pick it up. ;; acpilight is a drop-in xbacklight replacement, as xbacklight doesn't work on my system. - "acpilight" "i3status" "dunst" "rofi" "rofi-pass" "hsetroot" + "acpilight" "i3status" "dunst" "rofi" "hsetroot" "xdot" "xclip" "xdotool" "xdpyinfo" "xev" "xfd" "xfontsel" - "xinput" "xkill" "xprop" "xrandr" "xrdb" "xsel" "xwininfo" + "xinput" "xkill" "xprop" "xrandr" "xrdb" "xsel" "xset" + "xwininfo" ;; GUI programs - "arandr" "gnupg" "pinentry-rofi" "icecat" "kitty" "nheko" - "neomutt" "password-store" - "gnome-keyring" ; nheko needs gnome-keyring to store secrets over dbus (kwallet doesn't do dbus). - "geoclue" ; for redshift + "arandr" "gnupg" "pinentry-rofi" "gimp" "inkscape" "icecat" + "kitty" "mpv" "nheko" "neomutt" "password-store" + "signal-desktop" "simple-scan" "zathura" "zoom" + ;; kitty uses this, but does not pull it in by default. + ;; TODO: kitty still doesn't find libstartup-notification-1.so, + ;; even though it's installed by this package. Maybe kitty needs + ;; its rpath adjusted? + "startup-notification" + ;; Ranger can do code highlighting using python-pygments and + ;; image previews in kitty using python-pillow. + "ranger" "python-pygments" "python-pillow" + ; "gnome-keyring" ; installed system-wide; see system-configuration.scm + ; "geoclue" ; for redshift -- installed system-wide ;; Fonts - "font-libertinus" - "font-inconsolata" "font-fira-sans" "font-fira-code" - ;; Monospace fonts to try out! - "font-mononoki" ; https://madmalik.github.io/mononoki/ - "font-victor-mono" ; https://rubjo.github.io/victor-mono/ + "font-inconsolata" "font-fira-code" "font-fira-sans" + "font-libertinus" "font-openmoji" ;; Theming - "orchis-theme" "hicolor-icon-theme")))) + "papirus-icon-theme" + ;; My own packages -- needs GUIX_PACKAGE_PATH to be set; see below. + "catppuccin-gtk-theme" + "catppuccin-mocha-dark-cursors" + "simutrans")))) - ;; Below is the list of Home services. To search for available - ;; services, run 'guix home search KEYWORD' in a terminal. + ;; To search for available home services, run 'guix home search KEYWORD'. (services (list - ;; TODO: xrdb -merge ~/.Xdefaults && xrdb -merge ~/.Xresources + ;; Batsignal: battery level notifications. + (service home-batsignal-service-type + (home-batsignal-configuration + (batteries '("BAT0")))) + ;; Redshift: make the screen turn redder at night. (service home-redshift-service-type (home-redshift-configuration ;; See info '(guix)Desktop Home Services'. @@ -87,56 +164,114 @@ (nighttime-brightness 0.7) (extra-content "fade=0"))) ; with fade=1, restarting redshift causes flickering for a few secs + ;; The dbus service doesn't seem to be added automatically. + (service home-dbus-service-type (home-dbus-configuration)) + + ;; User shepherd services. (simple-service 'user-services home-shepherd-service-type (list (shepherd-service - (documentation "User Emacs daemon; connect using emacsclient.") + (documentation "Emacs server; connect using emacsclient.") (provision '(emacs)) (start #~(make-forkexec-constructor (list #$(package-binary "emacs") "--fg-daemon"))) (stop #~(make-kill-destructor))) (shepherd-service - (documentation "User GPG agent daemon.") + (documentation "GPG agent; caches key passwords.") (provision '(gpg-agent)) (start #~(lambda _ (invoke #$(package-binary "gnupg" "gpg-agent") "--daemon" "--no-detach"))) (stop #~(lambda _ - (invoke "gpg-connect-agent" "killagent" "/bye")))))) - - (service home-xdg-configuration-files-service-type - `(;; All alibuild needs is an empty file. - ("alibuild/disable-analytics" ,(plain-file "alibuild-disable-analytics" "")) - ("git/config" ,(local-file "gitconfig")) - ("gtk-3.0/settings.ini" ,(local-file "gtk3.ini")) - ("htop/htoprc" ,(local-file "htoprc")) - ("i3/config" ,(local-file "i3.conf")) - ("i3status/config" ,(local-file "i3status.conf")) - ("kitty/kitty.conf" - ,(text-file* "kitty.conf" + (invoke "gpg-connect-agent" "killagent" "/bye")))) + (shepherd-service + (documentation "Dunst notification daemon; displays desktop notifications.") + (provision '(dunst)) + (start #~(make-forkexec-constructor + (list #$(package-binary "dunst")))) + (stop #~(make-kill-destructor))) + (shepherd-service + (documentation "Source Xresources on login.") + (provision '(xrdb)) + (one-shot? #t) + (start #~(lambda _ + ;; TODO: put these files in ~/.config. + (invoke #$(package-binary "xrdb") "-merge" + (string-append (getenv "HOME") ".Xdefaults") + (string-append (getenv "HOME") ".Xresources"))))) + (shepherd-service + (documentation "Set up X displays on login.") + (provision '(xorg-setup)) + (one-shot? #t) + (start #~(lambda _ + ;; Turn off the monitors if there is no input for 10 minutes. + (invoke #$(package-binary "xset") "dpms" "600" "600" "600") + (invoke #$(package-binary "xrandr") + "--output" "eDP-1" "--auto" + ;; Don't use --auto for this monitor. That + ;; configures it at 60 Hz, which causes + ;; it to briefly turn off every few minutes. + "--output" "HDMI-1-1" "--mode" "2560x1440" "--rate" "120.00" + "--right-of" "eDP-1")))))) + + ;; User configuration files in $XDG_CONFIG_HOME. + (service + home-xdg-configuration-files-service-type + `(;; All alibuild needs is an empty file. + ("alibuild/disable-analytics" + ,(plain-file "alibuild-disable-analytics" "")) + ("dunst/dunstrc" ,(local-file "dunstrc")) + ("dunst/dunstrc.d/50-catppuccin.conf" + ,(local-file #.(string-append "catppuccin/dunst/src/" + catppuccin-theme-variant ".conf") + "dunst-theme.conf")) + ("git/config" ,(local-file "gitconfig")) + ("gtk-2.0/gtkrc" ,(local-file "gtk2.ini")) + ("gtk-3.0/settings.ini" ,(local-file "gtk3.ini")) + ("htop/htoprc" ,(local-file "htoprc")) + ("i3/config" ,(local-file "i3.conf")) + ("i3status/config" ,(local-file "i3status.conf")) + ("kitty/diff.conf" + ,(local-file #.(string-append "catppuccin/kitty/diff-" + catppuccin-theme-variant ".conf") + "kitty-diff-theme.conf")) + ("kitty/kitty.conf" + ,(combined-text-file "kitty.conf" (local-file "kitty.conf") - (local-file "catppuccin/kitty/mocha.conf"))) - ("lesskey" ,(local-file "lesskey")))) - - (service home-files-service-type - `(;; https://sw.kovidgoyal.net/kitty/kittens/diff/ - (".local/bin/kdiff" - ,(program-file "kdiff" #~(apply execl #$(package-binary "kitty") - "+kitten" "diff" (cdr (command-line))))) - ;; GnuPG config files must be in ~/.local/share/gnupg, not ~/.config, - ;; so we can't use `home-xdg-configuration-files-service-type'. - (".local/share/gnupg/gpg.conf" ,(local-file "gpg.conf")) - (".local/share/gnupg/gpg-agent.conf" - ;; We need to use #$output for `computed-file' to work. - ;; Of course this isn't documented anywhere! - ,(computed-file "gpg-agent.conf" #~(call-with-output-file #$output - (lambda (port) - (format port "\ -pinentry-program ~a + (local-file #.(string-append "catppuccin/kitty/" + catppuccin-theme-variant ".conf") + "kitty-theme.conf"))) + ("lesskey" ,(local-file "lesskey")) + ("ranger/rc.conf" ,(local-file "ranger.conf")) + ("rofi/config.rasi" + ,(text-file/substitutions "rofi-config.rasi" + (local-file "catppuccin/rofi/basic/.config/rofi/config.rasi") + '("Oranchelo" pre "Papirus" post) ; icon theme + '("alacritty" pre "rofi-sensible-terminal" post) ; default terminal + '("catppuccin-mocha" pre "catppuccin" post))) ; @theme name + ("rofi/themes/catppuccin.rasi" + ,(text-file/substitutions "catppuccin.rasi" + (local-file #.(string-append "catppuccin/rofi/basic/.local/share/rofi/themes/catppuccin-" + catppuccin-theme-variant ".rasi")) + '("JetBrainsMono Nerd Font 14" pre "Fira Sans 12" post))))) ; default font + + (service + home-files-service-type + `((".icons/default/index.theme" ,(local-file "cursors.ini")) + ;; https://sw.kovidgoyal.net/kitty/kittens/diff/ + (".local/bin/kdiff" + ,(program-file "kdiff" #~(apply execl #$(package-binary "kitty") "kitty" + "+kitten" "diff" (cdr (command-line))))) + ;; GnuPG config files must be in ~/.local/share/gnupg, not ~/.config, + ;; so we can't use `home-xdg-configuration-files-service-type'. + (".local/share/gnupg/gpg.conf" ,(local-file "gpg.conf")) + (".local/share/gnupg/gpg-agent.conf" + ,(mixed-text-file "gpg-agent.conf" "\ +pinentry-program " (package-binary "pinentry-rofi") " # Needed if spawning lots of parallel gpg --decrypt processes. https://dev.gnupg.org/T3530 auto-expand-secmem -" #$(package-binary "pinentry-rofi")))))))) +")))) (service home-zsh-service-type (home-zsh-configuration @@ -144,30 +279,31 @@ auto-expand-secmem (local-file "prompt.zsh"))))) (simple-service - 'env-vars home-environment-variables-service-type - ;; The `home-xdg-base-directories' service (enabled by default) sets $XDG_* variables for us. - `(("GUIX_PACKAGE_PATH" . "$HOME/packages/guix") - ;; ("GUILE_LOAD_PATH" . - ;; "$XDG_CONFIG_HOME/guix/current/share/guile/site/3.0${GUILE_LOAD_PATH:+:}$GUILE_LOAD_PATH") - ;; ("GUILE_LOAD_COMPILED_PATH" . - ;; ,(string-append - ;; "$XDG_CONFIG_HOME/guix/current/lib/guile/3.0/site-ccache:" - ;; "$XDG_CONFIG_HOME/guix/current/share/guile/site/3.0" - ;; "${GUILE_LOAD_COMPILED_PATH:+:}$GUILE_LOAD_COMPILED_PATH")) + 'custom-environment-variables home-environment-variables-service-type + `(;; Path to my own package definitions. If invoking `guix home' + ;; afresh, this needs to be set manually to find these packages. + ("GUIX_PACKAGE_PATH" . "$HOME/src/packages/guix") - ;; Auto-compilation is annoying and creates a bunch of files that are never cleaned up. - ("GUILE_AUTO_COMPILE" . "0") + ;; Prepend my own binaries to $PATH. These should probably all + ;; be managed through `home-files-service-type'. + ("PATH" . "$HOME/.local/bin${PATH:+:}$PATH") + ;; Default terminal-related applications ("EDITOR" . "emacsclient -qc") + ;; Tell emacsclient to return immediately after opening the + ;; file. I can't put this in $EDITOR as many programs expect + ;; $EDITOR to exit only when the user is done editing. + ("ASYNC_EDITOR" . "emacsclient -qcn") ("TERMINAL" . "kitty") ("PAGER" . "less") ;; Guix force-overrides $LESS by default, so force-force it to do what I want instead. - ("GUIX_PAGER" . "env -u LESS less --ignore-case --quit-if-one-screen --RAW-CONTROL-CHARS --LONG-PROMPT --chop-long-lines") + ;; `less' reads the `lesskey' file configured above. + ("GUIX_PAGER" . "env -u LESS less") ;; Shell history -- primarily for zsh, but Emacs' eshell uses this too ("HISTSIZE" . "10000000") - ("NVIM_TUI_ENABLE_CURSOR_SHAPE" . "1") + ;; ("NVIM_TUI_ENABLE_CURSOR_SHAPE" . "1") ("LEDGER_FILE" . "$HOME/sync/ledger/ledger.journal") ("GTAGSLABEL" . "pygments") @@ -178,27 +314,44 @@ auto-expand-secmem ;; For appmenu/global menu in Java applications. ;; https://gitlab.com/vala-panel-project/vala-panel-appmenu#experimental-features - ("JAYATANA_FORCE" . "1") - ;; Appmenu; GTK look-and-feel; XDG compliance in Java + ;; ("JAYATANA_FORCE" . "1") + ;; Appmenu and GTK look-and-feel in Java ;; https://wiki.manjaro.org/index.php?title=Set_all_Java_apps_to_use_GTK%2B_font_%26_theme_settings ;; TODO: install jayatana and add "-javaagent:/usr/share/java/jayatanaag.jar" option ("_JAVA_OPTIONS" . ,(string-append "$_JAVA_OPTIONS${_JAVA_OPTIONS:+ }-Dawt.useSystemAAFontSettings=on -Dswing.aatext=true " "-Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel " - "-Dswing.crossplatformlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel " - "-Djava.util.prefs.userRoot=$XDG_CONFIG_HOME/java")) + "-Dswing.crossplatformlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel")) ;; For programs from kde-servicemenus-pdf. - ("LANGUAGE" . "en") + ;; ("LANGUAGE" . "en") - ;; Smooth trackpad scrolling in Firefox. + ;; Smooth trackpad scrolling in Firefox/Icecat. ;; https://wiki.archlinux.org/index.php/Firefox/Tweaks#Pixel-perfect_trackpad_scrolling ("MOZ_USE_XINPUT2" . "1") - ;; XDG basedir spec compliance for various programs - ;; See: https://wiki.archlinux.org/index.php/XDG_Base_Directory for a list of programs - ("ANDROID_EMULATOR_HOME" . "$XDG_DATA_HOME/android-emulator") + ;; Auto-compilation is annoying and creates a bunch of files that are never cleaned up. + ("GUILE_AUTO_COMPILE" . "0") + + ;; For some reason, Guix doesn't seem to add these paths automatically. + ("GUILE_LOAD_PATH" . + ,(string-append + "$GUIX_PACKAGE_PATH:" + "$XDG_CONFIG_HOME/guix/current/share/guile/site/3.0" + "${GUILE_LOAD_PATH:+:}$GUILE_LOAD_PATH")) + ("GUILE_LOAD_COMPILED_PATH" . + ,(string-append + "$XDG_CONFIG_HOME/guix/current/lib/guile/3.0/site-ccache:" + "$XDG_CONFIG_HOME/guix/current/share/guile/site/3.0" + "${GUILE_LOAD_COMPILED_PATH:+:}$GUILE_LOAD_COMPILED_PATH")))) + + ;; XDG basedir spec compliance for various programs + ;; See: https://wiki.archlinux.org/index.php/XDG_Base_Directory for a list of programs. + ;; The `home-xdg-base-directories' service (enabled by default) sets $XDG_* variables for us. + (simple-service + 'xdg-spec-compliance home-environment-variables-service-type + `(("ANDROID_EMULATOR_HOME" . "$XDG_DATA_HOME/android-emulator") ("ASPELL_CONF" . "per-conf $XDG_CONFIG_HOME/aspell/aspell.conf; home-dir $XDG_DATA_HOME/aspell") ("BUP_DIR" . "$XDG_DATA_HOME/bup") ("CARGO_HOME" . "$XDG_DATA_HOME/cargo") @@ -212,6 +365,9 @@ auto-expand-secmem ("INPUTRC" . "$XDG_CONFIG_HOME/readline/inputrc") ("IPYTHONDIR" . "$XDG_CONFIG_HOME/ipython") ("JUPYTER_CONFIG_DIR" . "$XDG_CONFIG_HOME/jupyter") + ;; KONAN_DATA_DIR=~/.konan by default; grows to multiple GiB. + ;; https://discuss.kotlinlang.org/t/change-konan-folder-location/18309 + ("KONAN_DATA_DIR" . "$XDG_CACHE_HOME/konan") ("NPM_CONFIG_USERCONFIG" . "$XDG_CONFIG_HOME/npm/npmrc") ("PASSWORD_STORE_DIR" . "$XDG_DATA_HOME/password-store") ("PLTUSERHOME" . "$XDG_DATA_HOME/racket") @@ -225,7 +381,98 @@ auto-expand-secmem ("XCOMPOSECACHE" . "$XDG_CACHE_HOME/X11/XCompose") ("XCOMPOSEFILE" . "$XDG_CONFIG_HOME/X11/XCompose") ("ZDOTDIR" . "$XDG_CONFIG_HOME/zsh") - ;; ("ZPLUG_HOME" . "$XDG_DATA_HOME/zplug") - ;; KONAN_DATA_DIR=~/.konan by default; grows to multiple GiB. - ;; https://discuss.kotlinlang.org/t/change-konan-folder-location/18309 - ("KONAN_DATA_DIR" . "$XDG_CACHE_HOME/konan")))))) + ("_JAVA_OPTIONS" . + "$_JAVA_OPTIONS${_JAVA_OPTIONS:+ }-Djava.util.prefs.userRoot=$XDG_CONFIG_HOME/java"))) + + (service + home-openssh-service-type + (home-openssh-configuration + (hosts + (let ((my-hosts/ports + '(("vin.twilken.net" . 50022) + ("vin.wg" . 50022) + ("pi3.twilken.net" . 51022) + ("pi3.wg" . 51022) + ("lud.twilken.net" . 22022) + ("lud.wg" . 22) + ("matrix.twilken.net" . 22022))) + (git-hosts + '("github.com" "ssh.github.com" "bitbucket.org" "gitlab.cern.ch")) + (cern-ci-hosts/users + '(("alimonitor.cern.ch" . "alibuild") + ("alinsure.cern.ch" . "alibuild") + ("alibuildmac*.cern.ch" . "alibuild") + ("aido*osx*.cern.ch" . "alibuild") + ("alibuild*.cern.ch" . "root") + ("alissandra*.cern.ch" . "root") + ("alimesos*.cern.ch" . "root") + ("alientest*.cern.ch" . "root") + ("aliflow*.cern.ch" . "root") + ("alijenkins*.cern.ch" . "root")))) + + (define (cern-extra-content delegate-kerberos-credentials?) + (string-append "\ +# Kerberos authentication +GSSAPIAuthentication yes +GSSAPIDelegateCredentials " (if delegate-kerberos-credentials? "yes" "no") " +PreferredAuthentications gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive +ProxyJump \"twilken@lxplus.cern.ch\" +")) + + ;; Earlier rules overwrite later ones. + `(,(openssh-host (name "*.srcf.net") (user "tw466")) + ,(openssh-host (name "*.fritz.box") + (extra-content "ProxyJump lud.twilken.net")) + ,@(map (lambda (host port) + (openssh-host (name host) (port port) (user "timo"))) + (map car my-hosts/ports) + (map cdr my-hosts/ports)) + ,@(map (lambda (host) (openssh-host (name host) (user "git"))) git-hosts) + ;; BitBucket apparently only supports ssh-rsa. + ,(openssh-host (name "bitbucket.org") + (host-key-algorithms '("+ssh-rsa")) + (accepted-key-types '("+ssh-rsa")) + (identity-file "~/.ssh/id_rsa")) + ,(openssh-host (name "gitlab.cern.ch") + (port 7999) + (extra-content "ProxyJump none")) ; no jump needed + ;; Avoid ProxyJump loops. + ,(openssh-host (name "lxplus.cern.ch") + (extra-content "ProxyJump none")) + ,(openssh-host (name "twilkendesktop.cern.ch") + (port 22022) + (forward-x11? #t)) + ,@(map (lambda (host user) + (openssh-host (name host) + (user user) + (identity-file "~/.ssh/alicern_id_rsa") + (extra-content (cern-extra-content #f)))) + (map car cern-ci-hosts/users) + (map cdr cern-ci-hosts/users)) + ,(openssh-host (name "*.cern.ch") + (user "twilken") + (identity-file "~/.ssh/cern_id_rsa") + (extra-content (cern-extra-content #t)))))))) + + (service + home-channels-service-type + (list + ;; Nonguix is also needed system-wide for non-free drivers! + (channel + (name 'nonguix) + (url "https://gitlab.com/nonguix/nonguix") + ;; Enable signature verification: + (introduction + (make-channel-introduction + "897c1a470da759236cc11798f4e0a5f7d4d59fbc" + (openpgp-fingerprint + "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5")))) + (channel + (name 'guix-gaming-games) + (url "https://gitlab.com/guix-gaming-channels/games") + ;; Enable signature verification: + (introduction + (make-channel-introduction + "c23d64f1b8cc086659f8781b27ab6c7314c5cca5" + (openpgp-fingerprint + "50F3 3E2E 5B0C 3D90 0424 ABE8 9BDC F497 A4BB CC7F"))))))))) |