From 839723165e48e077378aa94a779fc32a0496e6b4 Mon Sep 17 00:00:00 2001
From: Timo Wilken
Date: Tue, 21 Nov 2023 22:28:09 +0100
Subject: Update installer systems

As used during installation of frm.twilken.net.
---
 Makefile                        |  7 ++++++-
 tw/channels.scm                 |  2 +-
 tw/system/installer/free.scm    | 42 +++++++++++++++++++++++++++++++++++++++++
 tw/system/installer/nonfree.scm | 34 ++++++++++++++++++++++++++++++---
 4 files changed, 80 insertions(+), 5 deletions(-)
 create mode 100644 tw/system/installer/free.scm

diff --git a/Makefile b/Makefile
index 6433bd9f..f29db0b5 100644
--- a/Makefile
+++ b/Makefile
@@ -1,12 +1,17 @@
-.PHONY: test tw/system/%.test tw/home/%.test
+.PHONY: test tw/system/%.test tw/home/%.test images tw/system/installer/%.image
 
 systems = $(wildcard tw/system/*.scm)
 homes = $(wildcard tw/home/*.scm)
+installers = $(wildcard tw/system/installer/*.scm)
 
 test: $(homes:.scm=.test) $(systems:.scm=.test)
+images: $(installers:.scm=.image)
 
 tw/home/%.test: tw/home/%.scm
 	guix home build -nL $(CURDIR) $<
 
 tw/system/%.test: tw/system/%.scm
 	guix system build -nL $(CURDIR) $<
+
+tw/system/installer/%.image: tw/system/installer/%.scm
+	guix system image -L $(CURDIR) -t iso9660 --label=GUIX_$$(date -Idate) $<
diff --git a/tw/channels.scm b/tw/channels.scm
index 712e891c..56841f61 100644
--- a/tw/channels.scm
+++ b/tw/channels.scm
@@ -20,7 +20,7 @@
 
 ;; Nonguix substitute server's signing key.
 ;; From <https://substitutes.nonguix.org/signing-key.pub>.
-(define %nonguix-signing-key
+(define-public %nonguix-signing-key
   (plain-file "nonguix-signing-key.pub" "\
 (public-key
  (ecc
diff --git a/tw/system/installer/free.scm b/tw/system/installer/free.scm
new file mode 100644
index 00000000..24fef52b
--- /dev/null
+++ b/tw/system/installer/free.scm
@@ -0,0 +1,42 @@
+;; To build this image:
+;; guix system image -t iso9660 --label="GUIX_CUSTOM_$(date -Idate)" tw/system/installer/free.scm
+
+(define-module (tw system installer free)
+  #:use-module (gnu packages admin)
+  #:use-module (gnu packages linux)
+  #:use-module (gnu packages package-management)
+  #:use-module (gnu packages version-control)
+  #:use-module (gnu services)
+  #:use-module (gnu services ssh)
+  #:use-module (gnu system)
+  #:use-module (gnu system install)
+  #:use-module ((guix gexp) #:select (local-file))
+  #:use-module ((srfi srfi-26) #:select (cut)))
+
+(operating-system
+  (inherit installation-os)
+  (host-name "guixinstall")
+  (timezone "Europe/Paris")
+  (locale "en_GB.utf8")
+  (packages
+   (cons* efibootmgr htop git
+          (operating-system-packages installation-os)))
+  (services
+   (cons*
+    ;; Add an SSH server to facilitate remote installs.
+    (service openssh-service-type
+      (openssh-configuration
+       (port-number 22)
+       (%auto-start? #t)
+       (permit-root-login #t)
+       ;; The root account is passwordless, so make sure
+       ;; a password is set before allowing logins.
+       (allow-empty-passwords? #f)
+       (password-authentication? #f)
+       (authorized-keys
+        `(("root" ,(local-file "../files/timo.pub"))))))
+    ;; Make sure to remove the SSH service from the base services,
+    ;; so we can override it fully.
+    (filter
+     (compose not (cut eq? openssh-service-type <>) service-kind)
+     ((@@ (gnu system install) %installation-services))))))
diff --git a/tw/system/installer/nonfree.scm b/tw/system/installer/nonfree.scm
index e481aed0..60ec244c 100644
--- a/tw/system/installer/nonfree.scm
+++ b/tw/system/installer/nonfree.scm
@@ -2,21 +2,48 @@
   #:use-module (gnu packages admin)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages package-management)
+  #:use-module (gnu packages version-control)
   #:use-module (gnu services)
+  #:use-module (gnu services base)
   #:use-module (gnu services ssh)
   #:use-module (gnu system)
-  #:use-module ((guix gexp) #:select (local-file))
+  #:use-module (guix gexp)
   #:use-module ((nongnu system install)
                 #:select (installation-os-nonfree))
-  #:use-module ((srfi srfi-26) #:select (cut)))
+  #:use-module ((srfi srfi-26) #:select (cut))
+  #:use-module (tw channels))
 
 (operating-system
   (inherit installation-os-nonfree)
+  (host-name "guixinstall")
+  (timezone "Europe/Paris")
+  (locale "en_GB.utf8")
   (packages
-   (cons* efibootmgr htop guix
+   (cons* efibootmgr htop git
           (operating-system-packages installation-os-nonfree)))
+
   (services
    (cons*
+    ;; Add the nonguix channel, so we can install nonfree packages directly.
+    (extra-special-file "/etc/guix/channels.scm"
+      (scheme-file "channels.scm"
+        #~(cons*
+           (channel
+            (name 'nonguix)
+            (url "https://gitlab.com/nonguix/nonguix")
+            (introduction
+             (channel-introduction
+              (version 0)
+              (commit "897c1a470da759236cc11798f4e0a5f7d4d59fbc")
+              (signer "2A39 3FFF 68F4 EF7A 3D29  12AF 6F51 20A0 22FB B2D5"))))
+           %system-channels)))
+
+    ;; Use nonguix' substitute server.
+    (simple-service 'nonguix guix-service-type
+      (guix-extension
+       (authorized-keys (list %nonguix-signing-key))
+       (substitute-urls '("https://substitutes.nonguix.org"))))
+
     ;; Add an SSH server to facilitate remote installs.
     (service openssh-service-type
       (openssh-configuration
@@ -29,6 +56,7 @@
        (password-authentication? #f)
        (authorized-keys
         `(("root" ,(local-file "../files/timo.pub"))))))
+
     ;; Make sure to remove the SSH service from the base services,
     ;; so we can override it fully.
     (filter
-- 
cgit v1.2.3