From 64db7b0276ae66ff0512ab661cf15b3fe0d6ce47 Mon Sep 17 00:00:00 2001 From: Timo Wilken Date: Tue, 7 Mar 2023 20:21:17 +0100 Subject: Fix aiadm SSH credentials --- tw/home.scm | 3 +++ 1 file changed, 3 insertions(+) (limited to 'tw/home.scm') diff --git a/tw/home.scm b/tw/home.scm index 6968ae98..2d5a7410 100644 --- a/tw/home.scm +++ b/tw/home.scm @@ -205,6 +205,9 @@ auto-expand-secmem (name "lxplus.cern.ch") (proxy-command "none") ; avoid ProxyJump loops (extra-content "GSSAPIDelegateCredentials yes")) ; needed for EOS home mount + ,(openssh-host + (name "aiadm.cern.ch") + (extra-content "GSSAPIDelegateCredentials yes")) ; needed for EOS home mount ,(openssh-host (name "cvmfs-alice.cern.ch") (extra-content "GSSAPIDelegateCredentials yes")) ; needed for EOS home mount -- cgit v1.2.3 From 4b8f75543f177b4e469c829d5bea00b5d681fb06 Mon Sep 17 00:00:00 2001 From: Timo Wilken Date: Tue, 7 Mar 2023 21:42:07 +0100 Subject: Unify common laptop and CERN desktop home config --- tw/home.scm | 482 ++++++++++++++++++++++++++++++++++++++++++++--------- tw/home/cern.scm | 88 ++++++++++ tw/home/emacs.scm | 103 ------------ tw/home/lap.scm | 253 ++-------------------------- tw/home/server.scm | 10 +- 5 files changed, 514 insertions(+), 422 deletions(-) create mode 100644 tw/home/cern.scm delete mode 100644 tw/home/emacs.scm (limited to 'tw/home.scm') diff --git a/tw/home.scm b/tw/home.scm index 2d5a7410..6cb67344 100644 --- a/tw/home.scm +++ b/tw/home.scm @@ -2,25 +2,38 @@ #:use-module (ice-9 string-fun) #:use-module (gnu) #:use-module (gnu home services) + #:use-module (gnu home services desktop) #:use-module (gnu home services shells) #:use-module (gnu home services shepherd) #:use-module (gnu home services ssh) #:use-module (guix gexp) + #:use-module ((nongnu packages messaging) + #:select (zoom)) + #:use-module (tw gexp) + #:use-module (tw packages alice) + #:use-module (tw packages catppuccin) + #:use-module (tw packages ci) + #:use-module (tw packages games) #:use-module (tw packages shell) - #:use-module (tw system)) + #:use-module (tw packages xorg) + #:use-module (tw system) + #:use-module (tw theme)) -(use-package-modules admin compression curl databases disk dns file finance - gnupg graphviz imagemagick less linux lisp maths - password-utils pretty-print pv python python-xyz rsync - shells shellutils ssh textutils tmux version-control - video vim web) +(use-package-modules + admin base calendar compression cmake compton curl databases dav disk dns + dunst elf emacs emacs-xyz file finance fonts freedesktop games gcc gimp gnome + gnome-xyz gnupg gnuzilla graphviz haskell-apps image-viewers imagemagick + inkscape less libreoffice linux lisp llvm mail maths password-utils pdf + pretty-print pulseaudio pv python python-xyz rsync shells shellutils sqlite + ssh syndication terminals tcl tex textutils tmux version-control video vim web + web-browsers wm xdisorg xorg) -(define-public common-packages +(define-public %common-packages (list - curl dos2unix fdupes file git gnupg gnuplot graphviz hledger imagemagick jq - less lesspipe net-tools openssh password-store pass-otp pv python - python-ipython recutils rsync sbcl smartmontools source-highlight tmux tree - xxd zip unzip + curl diffstat dos2unix fdupes file git gnupg gnuplot graphviz hledger + imagemagick jq less lesspipe net-tools openssh password-store pass-otp pv + python python-ipython recutils rsync sbcl smartmontools source-highlight + tmux tree xxd zip unzip get-iplayer ffmpeg atomicparsley yt-dlp ;; Install only bind-utils like dig, not the full suite. @@ -67,7 +80,81 @@ auto-expand-secmem (define (make-own-ssh-host host port) (openssh-host (name host) (port port) (user "timo"))) -(define-public common-services +(define-public (openssh-service proxy-to-cern?) + (service home-openssh-service-type + (home-openssh-configuration + (hosts + ;; Earlier rules take precedence over later ones. + `(,(openssh-host (name "*.srcf.net") (user "tw466")) + ;; My own machines + ,@(map make-own-ssh-host (map car %ssh-ports) (map cdr %ssh-ports)) + ,@(map make-own-ssh-host (map (compose wireguardify car) %ssh-ports) (map cdr %ssh-ports)) + ,(openssh-host (name "*.fritz.box") (proxy-command "ssh -W '[%h]:%p' lud.twilken.net")) + ;; Git hosts + ,@(map (lambda (host) (openssh-host (name host) (user "git"))) + '("github.com" "ssh.github.com" "bitbucket.org")) + ,(openssh-host (name "gitlab.cern.ch") (port 7999) (user "git") (proxy-command "none")) + ;; BitBucket apparently only supports ssh-rsa. + ,(openssh-host + (name "bitbucket.org") + (host-key-algorithms '("+ssh-rsa")) + (accepted-key-types '("+ssh-rsa"))) + ;; CERN stuff + ,(openssh-host + (name "lxplus.cern.ch") + (proxy-command "none") ; avoid ProxyJump loops + (extra-content "GSSAPIDelegateCredentials yes")) ; needed for EOS home mount + ,(openssh-host + (name "aiadm.cern.ch") + (extra-content "GSSAPIDelegateCredentials yes")) ; needed for EOS home mount + ,(openssh-host + (name "cvmfs-alice.cern.ch") + (extra-content "GSSAPIDelegateCredentials yes")) ; needed for EOS home mount + ,(openssh-host + (name "tw-mailproc.cern.ch") + (user "root") + (identity-file "~/.local/share/ssh-keys/openstack_personal_id_rsa")) + ,(openssh-host + (name "twilkendesktop.cern.ch") + (port 22022) + (forward-x11? #t) + (extra-content "GSSAPIDelegateCredentials yes")) + ,@(map (lambda (spec) + (openssh-host (name (car spec)) (user (cdr spec)) + (identity-file "~/.local/share/ssh-keys/alicern_id_rsa"))) + '(("alimonitor.cern.ch" . "alibuild") + ("alinsure.cern.ch" . "alibuild") + ("alibuildmac*.cern.ch" . "alibuild") + ("aido*osx*.cern.ch" . "alibuild") + ("alibuild*.cern.ch" . "root") + ("alissandra*.cern.ch" . "root") + ("alimesos*.cern.ch" . "root") + ("alientest*.cern.ch" . "root") + ("aliflow*.cern.ch" . "root") + ("alijenkins*.cern.ch" . "root") + ("arm-builder-*" . "centos"))) + ,(openssh-host + (name "*.cern.ch") + (user "twilken") + (identity-file "~/.local/share/ssh-keys/cern_id_rsa") + (proxy-command (if proxy-to-cern? + "ssh -W '[%h]:%p' -l twilken lxplus.cern.ch" + "none")) + (extra-content "\ + # Kerberos authentication + GSSAPIAuthentication yes + GSSAPIDelegateCredentials no + PreferredAuthentications gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive +")) + ;; Default SSH key. This isn't in ~/.ssh as `home-openssh-service-type' + ;; manages that and might delete keys there. + ,(openssh-host + (name "*") + (identity-file "~/.local/share/ssh-keys/id_rsa") + ;; Remote servers probably don't know about xterm-kitty. + (extra-content "SetEnv TERM=xterm-256color"))))))) + +(define-public %common-services (list (service home-zsh-service-type (home-zsh-configuration @@ -180,70 +267,307 @@ auto-expand-secmem ("XCOMPOSEFILE" . "$XDG_CONFIG_HOME/X11/XCompose") ("ZDOTDIR" . "$XDG_CONFIG_HOME/zsh") ("_JAVA_OPTIONS" . - "$_JAVA_OPTIONS${_JAVA_OPTIONS:+ }-Djava.util.prefs.userRoot=$XDG_CONFIG_HOME/java"))) - - (service home-openssh-service-type - (home-openssh-configuration - (hosts - ;; Earlier rules take precedence over later ones. - `(,(openssh-host (name "*.srcf.net") (user "tw466")) - ;; My own machines - ,@(map make-own-ssh-host (map car %ssh-ports) (map cdr %ssh-ports)) - ,@(map make-own-ssh-host (map (compose wireguardify car) %ssh-ports) (map cdr %ssh-ports)) - ,(openssh-host (name "*.fritz.box") (proxy-command "ssh -W '[%h]:%p' lud.twilken.net")) - ;; Git hosts - ,@(map (lambda (host) (openssh-host (name host) (user "git"))) - '("github.com" "ssh.github.com" "bitbucket.org")) - ,(openssh-host (name "gitlab.cern.ch") (port 7999) (user "git") (proxy-command "none")) - ;; BitBucket apparently only supports ssh-rsa. - ,(openssh-host - (name "bitbucket.org") - (host-key-algorithms '("+ssh-rsa")) - (accepted-key-types '("+ssh-rsa"))) - ;; CERN stuff - ,(openssh-host - (name "lxplus.cern.ch") - (proxy-command "none") ; avoid ProxyJump loops - (extra-content "GSSAPIDelegateCredentials yes")) ; needed for EOS home mount - ,(openssh-host - (name "aiadm.cern.ch") - (extra-content "GSSAPIDelegateCredentials yes")) ; needed for EOS home mount - ,(openssh-host - (name "cvmfs-alice.cern.ch") - (extra-content "GSSAPIDelegateCredentials yes")) ; needed for EOS home mount - ,(openssh-host - (name "twilkendesktop.cern.ch") - (port 22022) - (forward-x11? #t) - (extra-content "GSSAPIDelegateCredentials yes")) - ,@(map (lambda (spec) - (openssh-host (name (car spec)) (user (cdr spec)) - (identity-file "~/.local/share/ssh-keys/alicern_id_rsa"))) - '(("alimonitor.cern.ch" . "alibuild") - ("alinsure.cern.ch" . "alibuild") - ("alibuildmac*.cern.ch" . "alibuild") - ("aido*osx*.cern.ch" . "alibuild") - ("alibuild*.cern.ch" . "root") - ("alissandra*.cern.ch" . "root") - ("alimesos*.cern.ch" . "root") - ("alientest*.cern.ch" . "root") - ("aliflow*.cern.ch" . "root") - ("alijenkins*.cern.ch" . "root"))) - ,(openssh-host - (name "*.cern.ch") - (user "twilken") - (identity-file "~/.local/share/ssh-keys/cern_id_rsa") - (proxy-command "ssh -W '[%h]:%p' -l twilken lxplus.cern.ch") - (extra-content "\ - # Kerberos authentication - GSSAPIAuthentication yes - GSSAPIDelegateCredentials no - PreferredAuthentications gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive -")) - ;; Default SSH key. This isn't in ~/.ssh as `home-openssh-service-type' - ;; manages that and might delete keys there. - ,(openssh-host - (name "*") - (identity-file "~/.local/share/ssh-keys/id_rsa") - ;; Remote servers probably don't know about xterm-kitty. - (extra-content "SetEnv TERM=xterm-256color")))))))) + "$_JAVA_OPTIONS${_JAVA_OPTIONS:+ }-Djava.util.prefs.userRoot=$XDG_CONFIG_HOME/java"))))) + +(define-public %pim-packages + (list newsboat vdirsyncer khal khard aerc lynx)) ; lynx for HTML mail + +(define-public %pim-services + (list + (simple-service 'pim-config home-xdg-configuration-files-service-type + `(("khal/config" ,(local-file "home/files/khal.conf")) + ("khard/khard.conf" ,(local-file "home/files/khard.conf")) + ("aerc" ,(local-file "home/files/aerc" #:recursive? #t)) + ("newsboat/config" ,(local-file "home/files/newsboat.conf")) + ("newsboat/config.catppuccin" ,catppuccin-newsboat) + ("vdirsyncer/config" ,(local-file "home/files/vdirsyncer.conf")))) + + ;; These cron jobs are annoying because they pop up a password prompt every time they run. + ;; (simple-service 'pim-cronjobs home-mcron-service-type + ;; (list #~(job "15 */4 * * *" ; every four hours at HH:15 + ;; (string-append #$(file-append vdirsyncer "/bin/vdirsyncer") " metasync")) + ;; #~(job "0,30 * * * *" ; every half hour + ;; (string-append #$(file-append vdirsyncer "/bin/vdirsyncer") " sync")))) + + (simple-service 'mail-files home-files-service-type + `(;; The file from git main is newer than the one bundled with the + ;; packaged neomutt version and contains a few fixes. + (".local/bin/mutt_oauth2.py" + ,(local-file "home/files/neomutt/contrib/oauth2/mutt_oauth2.py" #:recursive? #t)))))) + +(define polybar-wrapper + (program-file + "polybar-wrapper" + #~(begin + ;; This wrapper program checks that the monitor we want to start + ;; polybar on is actually connected. + (use-modules (ice-9 popen) + (ice-9 rdelim)) + (let* ((connected-str (string-append (getenv "POLYBAR_MONITOR") " connected")) + (xrandr (open-pipe* OPEN_READ #$(file-append xrandr "/bin/xrandr") "-q")) + (monitor-connected? + (let loop ((line (read-line xrandr))) + (cond + ((eof-object? line) #f) ; we didn't find our monitor connected + ((string-prefix? connected-str line) #t) ; the monitor we want is connected + (else (loop (read-line xrandr))))))) ; keep looking + (close-pipe xrandr) + (when monitor-connected? + (execl #$(file-append polybar "/bin/polybar"))))))) + +(define-public (polybar-service monitor) + (shepherd-service + (documentation (string-append "Polybar desktop bar for monitor " monitor ".")) + (provision (list (symbol-append 'polybar- (string->symbol monitor)))) + (requirement '(xorg-setup)) + (start #~(make-forkexec-constructor + (list #$polybar-wrapper) + #:environment-variables + (cons #$(string-append "POLYBAR_MONITOR=" monitor) + (default-environment-variables)))) + (stop #~(make-kill-destructor)))) + +(define-public %interactive-packages + (list + ;; CLI tools + bsd-games texlive powertop (list git "send-email") + + ;; Work + s3cmd python-alibuild python-alidistlint + hashicorp-levant-bin hashicorp-nomad-bin + hashicorp-consul-bin hashicorp-vault-bin hashicorp-packer-bin + + ;; i3 and Xorg. i3 itself must be installed system-wide for gdm to pick it up. + ;; acpilight is a drop-in xbacklight replacement, as xbacklight doesn't work on my system. + acpilight arandr dunst gimp hsetroot inkscape icecat imv kitty libreoffice + mpv polybar pulsemixer rofi rofi-calc tk xdg-utils xdot xclip xcwd xdotool + xdpyinfo xev xfd xfontsel xinput xkill xprop xrandr xrdb xsel xset xwininfo + zoom zathura zathura-ps zathura-pdf-poppler + dconf dconf-editor ; required for config by blueman, cozy, ... + ;; gnome-keyring ; installed system-wide; see system-configuration.scm + ;; geoclue ; for redshift -- installed system-wide + ;; Fonts + font-hermit font-inconsolata font-fira-code font-fira-sans font-libertinus + font-google-noto font-google-noto-emoji font-openmoji ; for polybar + ;; Theming + papirus-icon-theme catppuccin-gtk-theme catppuccin-mocha-dark-cursors + + ;; Development & language servers + gnu-make python-lsp-server python-yamllint shellcheck gcc binutils patchelf elfutils + clang ; for clangd + glibc ; for ldd + ;; Supported OotB by eglot, but not packaged by guix: + ;; https://github.com/mads-hartmann/bash-language-server + ;; https://github.com/regen100/cmake-language-server + ;; https://github.com/hrsh7th/vscode-langservers-extracted ; {html,css,json}-languageserver + ;; https://github.com/golang/tools/tree/master/gopls ; maybe? + ;; https://github.com/artempyanykh/marksman ; Markdown + ;; https://github.com/astoff/digestif ; (La)TeX + ;; https://github.com/redhat-developer/yaml-language-server + ;; Needs eglot config + not packaged (from lsp-mode): + ;; https://github.com/graphql/graphiql/tree/main/packages/graphql-language-service-cli#readme + ;; https://github.com/haskell/haskell-language-server / https://github.com/haskell/ghcide + ;; https://github.com/eclipse/lemminx + + ;; Emacs general + emacs + emacs-use-package + emacs-eglot + emacs-counsel + emacs-counsel-dash sqlite ; emacs-counsel-dash requires the sqlite3 binary + emacs-ivy + ;; emacs-company emacs-company-quickhelp emacs-company-posframe + emacs-corfu emacs-corfu-doc + emacs-autothemer ; for catppuccin/emacs + emacs-undo-tree + emacs-aggressive-indent + emacs-which-key + emacs-smart-mode-line + emacs-diminish + emacs-rainbow-mode + emacs-form-feed + emacs-guix + ;; TODO: emacs-editorconfig emacs-sly emacs-sly-macrostep + emacs-org ; emacs-org-modern theme? + + ;; Emacs Evil + emacs-evil + emacs-evil-collection + emacs-evil-expat ; for :reverse, :remove, :rename, :colo, :g*, ... ex commands + emacs-evil-surround + ;; emacs-evil-owl ; tests failing + emacs-evil-args + emacs-evil-numbers + emacs-evil-multiedit + emacs-evil-goggles + emacs-evil-traces + emacs-evil-commentary + emacs-evil-replace-with-register + emacs-evil-org + emacs-evil-markdown + emacs-evil-tex + emacs-evil-text-object-python + + ;; Emacs language modes + emacs-flymake-collection + emacs-geiser emacs-geiser-guile + emacs-cmake-mode emacs-gnuplot emacs-graphviz-dot-mode emacs-hcl-mode + emacs-ledger-mode emacs-mmm-mode emacs-puppet-mode emacs-rec-mode + emacs-web-mode emacs-yaml-mode)) + +(define-public %interactive-services + (cons* + ;; Configuration files for terminal-only programs in $XDG_CONFIG_HOME. + (simple-service 'interactive-terminal-config home-xdg-configuration-files-service-type + `(;; All alibuild needs is an empty file. + ("alibuild/disable-analytics" + ,(plain-file "alibuild-disable-analytics" "")) + ("X11/XCompose" ,(local-file "home/files/XCompose")) ; see also: $XCOMPOSEFILE variable + ("X11/Xresources" ,(local-file "home/files/Xresources")))) + + (simple-service 'emacs-config home-xdg-configuration-files-service-type + `(("emacs/include" ,(local-file "home/files/emacs-packages" #:recursive? #t)) + ("emacs/init.el" ,(local-file "home/files/emacs-init.el")) + (,(string-append "emacs/" (local-file-name catppuccin-emacs-theme)) + ,catppuccin-emacs-theme))) + + (simple-service 'emacsclient-is-editor home-environment-variables-service-type + `(("EDITOR" . "emacsclient -qc") + ;; Tell emacsclient to return immediately after opening the file. I + ;; can't put this in $EDITOR as many programs expect $EDITOR to exit + ;; only when the user is done editing. + ("ASYNC_EDITOR" . "emacsclient -qcn"))) + + (simple-service 'emacs-server home-shepherd-service-type + (list + (shepherd-service + (documentation "Emacs server; connect using emacsclient.") + (provision '(emacs)) + (start #~(make-forkexec-constructor + (list #$(file-append emacs "/bin/emacs") "--fg-daemon"))) + (stop #~(make-kill-destructor))))) + + ;; The dbus service doesn't seem to be added automatically. + (service home-dbus-service-type + (home-dbus-configuration)) + + (simple-service 'common-gui-services home-shepherd-service-type + (list + (shepherd-service + (documentation "NetworkManager applet; provides a GUI for network connections.") + (provision '(nm-applet)) + (start #~(make-forkexec-constructor + (list #$(file-append network-manager-applet "/bin/nm-applet")))) + (stop #~(make-kill-destructor))) + + (shepherd-service + (documentation "Dunst notification daemon; displays desktop notifications.") + (provision '(dunst)) + (start #~(make-forkexec-constructor + (list #$(file-append dunst "/bin/dunst")))) + (stop #~(make-kill-destructor))) + + (shepherd-service + (documentation "Picom compositor; enables transparent windows in X.") + (provision '(picom)) + (start #~(make-forkexec-constructor + (list #$(file-append picom "/bin/picom") + "--config" #$(local-file "home/files/picom.conf")))) + (stop #~(make-kill-destructor))) + + (shepherd-service + (documentation "Source Xresources on login.") + (provision '(xrdb)) + (one-shot? #t) + (start #~(lambda _ + (invoke #$(file-append xrdb "/bin/xrdb") "-merge" + (string-append (getenv "XDG_CONFIG_HOME") "/X11/Xresources"))))) + + ;; By default, xdotool gets most of "#@\|~()<>[]{} wrong. Make + ;; it use the correct keymap by re-setting the same one again. + (shepherd-service + (documentation "Fix X keyboard map on login; passmenu needs this.") + (provision '(fix-xdotool)) + (one-shot? #t) + (start #~(lambda _ + (use-modules (ice-9 rdelim) + (ice-9 regex) + (ice-9 popen)) + (let ((port (open-pipe* OPEN_READ #$(file-append setxkbmap "/bin/setxkbmap") + "-query"))) + (let loop ((line (read-line port))) + (unless (eof-object? line) + (let ((mtch (string-match "^layout:[[:space:]]*" line))) + (if mtch + (system* #$(file-append setxkbmap "/bin/setxkbmap") + (match:suffix mtch)) + (loop (read-line port)))))))))))) + + ;; Configuration files for GUI programs in $XDG_CONFIG_HOME. + (simple-service 'gui-config home-xdg-configuration-files-service-type + `(("dunst/dunstrc" ,(local-file "home/files/dunstrc")) + ("dunst/dunstrc.d/50-catppuccin.conf" ,catppuccin-dunstrc) + ("gtk-2.0/gtkrc" ,(local-file "home/files/gtk2.ini")) + ("gtk-3.0/settings.ini" ,(local-file "home/files/gtk3.ini")) + ("i3/config" ,(local-file "home/files/i3.conf")) + ;; TODO: "kdeglobals" works for some programs (e.g. kdeconnect-app), + ;; but not for others (e.g. nheko, kdeconnect-settings)... + ("kdeglobals" ,catppuccin-kdeglobals) + ("kitty/diff.conf" + ,(combined-text-file "kitty-diff.conf" + (plain-file "kitty-diff-custom.conf" + "pygments_style bw\n") + catppuccin-kitty-diff)) + ("kitty/kitty.conf" + ,(combined-text-file "kitty.conf" + (local-file "home/files/kitty.conf") + catppuccin-kitty)) + ("mimeapps.list" ,(local-file "home/files/mimeapps.list")) + ("polybar/config.ini" ,(local-file "home/files/polybar.ini")) + ("polybar/catppuccin.ini" ,catppuccin-polybar) + ("rofi/config.rasi" ,(local-file "home/files/rofi.rasi")) + ("rofi/themes/catppuccin.rasi" ,catppuccin-rofi) + ("zathura/zathurarc" ,(local-file "home/files/zathurarc")) + ("zathura/catppuccin" ,catppuccin-zathura))) + + (simple-service 'cursor-theme home-files-service-type + `((".icons/default/index.theme" ,(local-file "home/files/cursors.ini")))) + + (simple-service 'gui-environment home-environment-variables-service-type + `(("TERMINAL" . "kitty") + ("_JAVA_OPTIONS" . + ,(string-append + "$_JAVA_OPTIONS${_JAVA_OPTIONS:+ }-Dawt.useSystemAAFontSettings=on -Dswing.aatext=true " + "-Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel " + "-Dswing.crossplatformlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel")) + ;; Smooth trackpad scrolling in Firefox/Icecat. + ;; https://wiki.archlinux.org/index.php/Firefox/Tweaks#Pixel-perfect_trackpad_scrolling + ("MOZ_USE_XINPUT2" . "1"))) + + (simple-service 'gui-scripts home-files-service-type + `(;; https://sw.kovidgoyal.net/kitty/kittens/diff/ + (".local/bin/kdiff" ; show a diff + ,(program-file "kdiff" #~(apply execl #$(file-append kitty "/bin/kitty") "kitty" + "+kitten" "diff" (cdr (command-line))))) + (".local/bin/icat" ; kitty's "catimg" equivalent + ,(program-file "icat" #~(apply execl #$(file-append kitty "/bin/kitty") "kitty" + "+kitten" "icat" (cdr (command-line))))) + (".local/bin/screenlock" + ,(program-file + "screenlock" + #~(begin ; Wrapper around i3lock to turn off the screen and pause notifications. + (system* #$(file-append dunst "/bin/dunstctl") "set-paused" "true") + (system* #$(file-append xset "/bin/xset") "dpms" "0" "0" "5") + ;; We mustn't use `file-append' here, as we have to pick up the + ;; setuid binary for i3lock installed by the system config. + (system* "i3lock" "-nc" #$catppuccin-background-color) + (system* #$(file-append xset "/bin/xset") "dpms" "600" "600" "600") + (system* #$(file-append dunst "/bin/dunstctl") "set-paused" "false")))) + ;; With #:recursive? #t, Guix keeps the files' permission bits, i.e. makes them executable. + (".local/bin/sessionmenu" ,(local-file "home/files/sessionmenu" #:recursive? #t)) + (".local/bin/passmenu" ,(local-file "home/files/passmenu" #:recursive? #t)) + (".local/bin/volume" ,(local-file "home/files/volume" #:recursive? #t)) + (".local/share/applications/emacsclient.desktop" + ,(local-file "home/files/emacsclient.desktop")))) + + (gnupg-services #:gui-pinentry? #t))) diff --git a/tw/home/cern.scm b/tw/home/cern.scm new file mode 100644 index 00000000..837098d5 --- /dev/null +++ b/tw/home/cern.scm @@ -0,0 +1,88 @@ +;; This "home-environment" file can be passed to 'guix home reconfigure' +;; to reproduce the content of your profile. This is "symbolic": it only +;; specifies package names. To reproduce the exact same profile, you also +;; need to capture the channels being used, as returned by "guix describe". +;; See the "Replicating Guix" section in the manual. + +;; See also, for some tips: +;; https://github.com/alezost/shepherd-config/blob/master/init.scm + +(define-module (tw home cern) + #:use-module (gnu home) + #:use-module (gnu home services desktop) + #:use-module (gnu home services guix) + #:use-module (gnu home services shepherd) + #:use-module (gnu packages xdisorg) + #:use-module (gnu packages xorg) + #:use-module (gnu services) + #:use-module (gnu services shepherd) + #:use-module (guix channels) + #:use-module (guix gexp) + #:use-module (tw home)) + +(define-public %cern-home + (home-environment + (packages + ;; These packages will show up in the home profile, under ~/.guix-home/profile. + (append %interactive-packages %pim-packages %common-packages)) + + ;; To search for available home services, run 'guix home search KEYWORD'. + (services + (cons* + ;; This can't be a `service' as that would remove the 'guix channel. + (simple-service 'nonfree-channels home-channels-service-type + (list + (channel + (name 'nonguix) + (url "https://gitlab.com/nonguix/nonguix") + ;; Enable signature verification: + (introduction + (make-channel-introduction + "897c1a470da759236cc11798f4e0a5f7d4d59fbc" + (openpgp-fingerprint + "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5")))))) + + ;; Redshift: make the screen turn redder at night. + (service home-redshift-service-type + (home-redshift-configuration + ;; See info '(guix)Desktop Home Services'. + (location-provider 'manual) + ;; Approximate location + (latitude 46.0) + (longitude 6.0) + ;; (location-provider 'geoclue2) ; TODO: currently waits forever for a location -- not sure why geoclue doesn't work + ;; (daytime-temperature 6500) ; default 6500 + ;; (nighttime-temperature 4500) ; default 4500 + (daytime-brightness 1.0) + (nighttime-brightness 0.7) + (extra-content "fade=0"))) ; with fade=1, restarting redshift causes flickering for a few secs + + (simple-service 'cern-desktop-gui-services home-shepherd-service-type + (list + (polybar-service "DP-2") + (polybar-service "DP-1-8") + (shepherd-service + (documentation "Set up X displays on login.") + (provision '(xorg-setup)) + (one-shot? #t) + (start #~(lambda _ + (system* #$(file-append numlockx "/bin/numlockx") "on") + ;; Turn off the monitors if there is no input for 10 minutes. + (system* #$(file-append xset "/bin/xset") "dpms" "600" "600" "600") + (system* #$(file-append xrandr "/bin/xrandr") + "--output" "DP-2" "--primary" "--auto") + (system* #$(file-append xrandr "/bin/xrandr") + ;; This can do 4K but HiDPI is a pain. + "--output" "DP-1-8" "--mode" "1920x1080" "--rate" "60.00" + "--left-of" "DP-2") + ;; Set the desktop background picture. Hopefully doing this just after + ;; xrandr works and sets it for both screens. + (system* #$(file-append hsetroot "/bin/hsetroot") "-cover" + (string-append (getenv "XDG_CONFIG_HOME") + "/X11/ridge-view.jpg"))))))) + + (openssh-service #f) + + (append %interactive-services %pim-services %common-services))))) + +%cern-home diff --git a/tw/home/emacs.scm b/tw/home/emacs.scm deleted file mode 100644 index f75a8527..00000000 --- a/tw/home/emacs.scm +++ /dev/null @@ -1,103 +0,0 @@ -(define-module (tw home emacs) - #:use-module (gnu) - #:use-module (gnu home services) - #:use-module (gnu home services shepherd) - #:use-module (tw theme)) - -(use-package-modules base cmake emacs emacs-xyz databases elf finance gcc - haskell-apps llvm python-xyz sqlite) - -(define-public emacs-services - (list - (simple-service 'emacs-config home-xdg-configuration-files-service-type - `(("emacs/include" ,(local-file "files/emacs-packages" #:recursive? #t)) - ("emacs/init.el" ,(local-file "files/emacs-init.el")) - (,(string-append "emacs/" (local-file-name catppuccin-emacs-theme)) - ,catppuccin-emacs-theme))) - - (simple-service 'emacsclient-is-editor home-environment-variables-service-type - `(("EDITOR" . "emacsclient -qc") - ;; Tell emacsclient to return immediately after opening the file. I - ;; can't put this in $EDITOR as many programs expect $EDITOR to exit - ;; only when the user is done editing. - ("ASYNC_EDITOR" . "emacsclient -qcn"))) - - (simple-service 'emacs-server home-shepherd-service-type - (list - (shepherd-service - (documentation "Emacs server; connect using emacsclient.") - (provision '(emacs)) - (start #~(make-forkexec-constructor - (list #$(file-append emacs "/bin/emacs") "--fg-daemon"))) - (stop #~(make-kill-destructor))))))) - -(define-public emacs-packages - (list - ;; Development & language servers - gnu-make - python-yamllint - shellcheck - clang ; for clangd - glibc ; for ldd - gcc binutils patchelf elfutils - python-lsp-server - ;; Supported OotB by eglot, but not packaged by guix: - ;; https://github.com/mads-hartmann/bash-language-server - ;; https://github.com/regen100/cmake-language-server - ;; https://github.com/hrsh7th/vscode-langservers-extracted ; {html,css,json}-languageserver - ;; https://github.com/golang/tools/tree/master/gopls ; maybe? - ;; https://github.com/artempyanykh/marksman ; Markdown - ;; https://github.com/astoff/digestif ; (La)TeX - ;; https://github.com/redhat-developer/yaml-language-server - ;; Needs eglot config + not packaged (from lsp-mode): - ;; https://github.com/graphql/graphiql/tree/main/packages/graphql-language-service-cli#readme - ;; https://github.com/haskell/haskell-language-server / https://github.com/haskell/ghcide - ;; https://github.com/eclipse/lemminx - - ;; Emacs general - emacs - emacs-use-package - emacs-eglot - emacs-counsel - emacs-counsel-dash sqlite ; emacs-counsel-dash requires the sqlite3 binary - emacs-ivy - ;; emacs-company emacs-company-quickhelp emacs-company-posframe - emacs-corfu emacs-corfu-doc - emacs-autothemer ; for catppuccin/emacs - emacs-undo-tree - emacs-aggressive-indent - emacs-which-key - emacs-smart-mode-line - emacs-diminish - emacs-rainbow-mode - emacs-form-feed - emacs-guix - ;; TODO: emacs-editorconfig emacs-sly emacs-sly-macrostep - emacs-org ; emacs-org-modern theme? - - ;; Emacs Evil - emacs-evil - emacs-evil-collection - emacs-evil-expat ; for :reverse, :remove, :rename, :colo, :g*, ... ex commands - emacs-evil-surround - ;; emacs-evil-owl ; tests failing - emacs-evil-args - emacs-evil-numbers - emacs-evil-multiedit - emacs-evil-goggles - emacs-evil-traces - emacs-evil-commentary - emacs-evil-replace-with-register - emacs-evil-org - emacs-evil-markdown - emacs-evil-tex - emacs-evil-text-object-python - - ;; Emacs language modes - emacs-geiser emacs-geiser-guile - ;; emacs-macrostep-geiser - emacs-flymake-collection ; emacs-flymake-flycheck ; if needed - emacs-cmake-mode emacs-gnuplot emacs-graphviz-dot-mode - emacs-hcl-mode emacs-ledger-mode emacs-mmm-mode - emacs-puppet-mode emacs-rec-mode emacs-web-mode - emacs-yaml-mode)) diff --git a/tw/home/lap.scm b/tw/home/lap.scm index d46c9c6e..48dc1499 100644 --- a/tw/home/lap.scm +++ b/tw/home/lap.scm @@ -8,101 +8,30 @@ ;; https://github.com/alezost/shepherd-config/blob/master/init.scm (define-module (tw home lap) - #:use-module ((gnu) - #:select (use-package-modules)) #:use-module (gnu home) #:use-module (gnu home services) #:use-module (gnu home services desktop) #:use-module (gnu home services guix) - #:use-module (gnu home services mcron) #:use-module (gnu home services pm) #:use-module (gnu home services shepherd) #:use-module (gnu packages) + #:use-module (gnu packages android) + #:use-module (gnu packages bittorrent) + #:use-module (gnu packages gnome) + #:use-module (gnu packages messaging) + #:use-module (gnu packages music) + #:use-module (gnu packages networking) + #:use-module (gnu packages xorg) + #:use-module (gnu packages xdisorg) #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (guix channels) #:use-module (guix gexp) #:use-module ((nongnu packages messaging) - #:select (signal-desktop zoom)) + #:select (signal-desktop)) #:use-module ((nongnu packages steam-client) #:select (steam)) - #:use-module (tw home) - #:use-module (tw home emacs) - #:use-module (tw packages alice) - #:use-module (tw packages catppuccin) - #:use-module (tw packages ci) - #:use-module (tw packages games) - #:use-module (tw packages xorg) - #:use-module (tw gexp) - #:use-module (tw theme)) - -(use-package-modules android bittorrent calendar compton dav dunst fonts - freedesktop games gimp gnome gnome-xyz gnuzilla graphviz - image-viewers inkscape kde libreoffice linux mail - messaging music networking pdf pulseaudio python-xyz - syndication tcl terminals tex version-control video - web-browsers wm xdisorg xorg) - -(define pim-packages - (list newsboat vdirsyncer khal khard aerc neomutt mailcap lynx)) ; lynx for HTML mail - -(define pim-services - (list - (simple-service 'pim-config home-xdg-configuration-files-service-type - `(("khal/config" ,(local-file "files/khal.conf")) - ("khard/khard.conf" ,(local-file "files/khard.conf")) - ("aerc" ,(local-file "files/aerc" #:recursive? #t)) - ("mutt/muttrc" ,(local-file "files/muttrc")) - ("mutt/catppuccin.muttrc" ,catppuccin-muttrc) - ("newsboat/config" ,(local-file "files/newsboat.conf")) - ("newsboat/config.catppuccin" ,catppuccin-newsboat) - ("vdirsyncer/config" ,(local-file "files/vdirsyncer.conf")))) - - ;; These cron jobs are annoying because they pop up a password prompt every time they run. - ;; (simple-service 'pim-cronjobs home-mcron-service-type - ;; (list #~(job "15 */4 * * *" ; every four hours at HH:15 - ;; (string-append #$(file-append vdirsyncer "/bin/vdirsyncer") " metasync")) - ;; #~(job "0,30 * * * *" ; every half hour - ;; (string-append #$(file-append vdirsyncer "/bin/vdirsyncer") " sync")))) - - (simple-service 'mail-files home-files-service-type - `((".mailcap" ,(local-file "files/mailcap")) - ;; The file from git main is newer than the one bundled with the - ;; packaged neomutt version and contains a few fixes. - (".local/bin/mutt_oauth2.py" - ,(local-file "files/neomutt/contrib/oauth2/mutt_oauth2.py" #:recursive? #t)))))) - -(define polybar-wrapper - (program-file - "polybar-wrapper" - #~(begin - ;; This wrapper program checks that the monitor we want to start - ;; polybar on is actually connected. - (use-modules (ice-9 popen) - (ice-9 rdelim)) - (let* ((connected-str (string-append (getenv "POLYBAR_MONITOR") " connected")) - (xrandr (open-pipe* OPEN_READ #$(file-append xrandr "/bin/xrandr") "-q")) - (monitor-connected? - (let loop ((line (read-line xrandr))) - (cond - ((eof-object? line) #f) ; we didn't find our monitor connected - ((string-prefix? connected-str line) #t) ; the monitor we want is connected - (else (loop (read-line xrandr))))))) ; keep looking - (close-pipe xrandr) - (when monitor-connected? - (execl #$(file-append polybar "/bin/polybar"))))))) - -(define (polybar-service monitor) - (shepherd-service - (documentation (string-append "Polybar desktop bar for monitor " monitor ".")) - (provision (list (symbol-append 'polybar- (string->symbol monitor)))) - (requirement '(xorg-setup)) - (start #~(make-forkexec-constructor - (list #$polybar-wrapper) - #:environment-variables - (cons #$(string-append "POLYBAR_MONITOR=" monitor) - (default-environment-variables)))) - (stop #~(make-kill-destructor)))) + #:use-module (tw home)) (define-public %lap-home (home-environment @@ -110,48 +39,22 @@ ;; These packages will show up in the home profile, under ~/.guix-home/profile. (cons* ;; CLI tools - adb fastboot beets bsd-games texlive powertop (list git "send-email") + adb fastboot beets + + ;; Graphical applications + blueman nheko signal-desktop simple-scan transmission-remote-gtk ;; Games steam ; see also: steam-nvidia - - ;; Work - s3cmd python-alibuild python-alidistlint - hashicorp-levant-bin hashicorp-nomad-bin - hashicorp-consul-bin hashicorp-vault-bin hashicorp-packer-bin - - ;; i3 and Xorg. i3 itself must be installed system-wide for gdm to pick it up. - ;; acpilight is a drop-in xbacklight replacement, as xbacklight doesn't work on my system. - acpilight arandr blueman dunst gimp hsetroot inkscape icecat imv - kitty libreoffice mpv nheko polybar pulsemixer rofi rofi-calc - signal-desktop simple-scan tk transmission-remote-gtk xdg-utils xdot xclip - xcwd xdotool xdpyinfo xev xfd xfontsel xinput xkill xprop xrandr xrdb xsel - xset xwininfo zoom zathura zathura-ps zathura-pdf-poppler - dconf dconf-editor ; required for config by blueman, cozy, ... - ;; gnome-keyring ; installed system-wide; see system-configuration.scm - ;; geoclue ; for redshift -- installed system-wide ;; Games are installed in ~/.guix-profile instead, to make updates of the ;; home environment faster. ;; 0ad flightgear freeciv simutrans/pak128 warzone2100 widelands pioneer - ;; Fonts - font-hermit font-inconsolata font-fira-code font-fira-sans font-libertinus - font-google-noto font-google-noto-emoji font-openmoji ; for polybar - ;; Theming - papirus-icon-theme catppuccin-gtk-theme catppuccin-mocha-dark-cursors - (append common-packages emacs-packages pim-packages))) + (append %interactive-packages %pim-packages %common-packages))) ;; To search for available home services, run 'guix home search KEYWORD'. (services (cons* - ;; Configuration files for terminal-only programs in $XDG_CONFIG_HOME. - (simple-service 'laptop-config home-xdg-configuration-files-service-type - `(;; All alibuild needs is an empty file. - ("alibuild/disable-analytics" - ,(plain-file "alibuild-disable-analytics" "")) - ("X11/XCompose" ,(local-file "files/XCompose")) ; see also: $XCOMPOSEFILE variable - ("X11/Xresources" ,(local-file "files/Xresources")))) - ;; This can't be a `service' as that would remove the 'guix channel. (simple-service 'nonfree-channels home-channels-service-type (list @@ -195,19 +98,8 @@ (nighttime-brightness 0.7) (extra-content "fade=0"))) ; with fade=1, restarting redshift causes flickering for a few secs - ;; The dbus service doesn't seem to be added automatically. - (service home-dbus-service-type - (home-dbus-configuration)) - - (simple-service 'gui-services home-shepherd-service-type + (simple-service 'laptop-gui-services home-shepherd-service-type (list - (shepherd-service - (documentation "NetworkManager applet; provides a GUI for network connections.") - (provision '(nm-applet)) - (start #~(make-forkexec-constructor - (list #$(file-append network-manager-applet "/bin/nm-applet")))) - (stop #~(make-kill-destructor))) - (shepherd-service (documentation "Blueman applet; provides a GUI for connection to bluetooth devices.") (provision '(blueman-applet)) @@ -218,49 +110,6 @@ (polybar-service "eDP-1") (polybar-service "HDMI-1-1") - (shepherd-service - (documentation "Dunst notification daemon; displays desktop notifications.") - (provision '(dunst)) - (start #~(make-forkexec-constructor - (list #$(file-append dunst "/bin/dunst")))) - (stop #~(make-kill-destructor))) - - (shepherd-service - (documentation "Picom compositor; enables transparent windows in X.") - (provision '(picom)) - (start #~(make-forkexec-constructor - (list #$(file-append picom "/bin/picom") - "--config" #$(local-file "files/picom.conf")))) - (stop #~(make-kill-destructor))) - - (shepherd-service - (documentation "Source Xresources on login.") - (provision '(xrdb)) - (one-shot? #t) - (start #~(lambda _ - (invoke #$(file-append xrdb "/bin/xrdb") "-merge" - (string-append (getenv "XDG_CONFIG_HOME") "/X11/Xresources"))))) - - ;; By default, xdotool gets most of "#@\|~()<>[]{} wrong. Make - ;; it use the correct keymap by re-setting the same one again. - (shepherd-service - (documentation "Fix X keyboard map on login; passmenu needs this.") - (provision '(fix-xdotool)) - (one-shot? #t) - (start #~(lambda _ - (use-modules (ice-9 rdelim) - (ice-9 regex) - (ice-9 popen)) - (let ((port (open-pipe* OPEN_READ #$(file-append setxkbmap "/bin/setxkbmap") - "-query"))) - (let loop ((line (read-line port))) - (unless (eof-object? line) - (let ((mtch (string-match "^layout:[[:space:]]*" line))) - (if mtch - (system* #$(file-append setxkbmap "/bin/setxkbmap") - (match:suffix mtch)) - (loop (read-line port)))))))))) - (shepherd-service (documentation "Set up X displays on login.") (provision '(xorg-setup)) @@ -282,74 +131,8 @@ (string-append (getenv "HOME") "/pictures/Backgrounds/greece/IMG_20181201_104748_DRO.jpg"))))))) - ;; Configuration files for GUI programs in $XDG_CONFIG_HOME. - (simple-service 'gui-config home-xdg-configuration-files-service-type - `(("dunst/dunstrc" ,(local-file "files/dunstrc")) - ("dunst/dunstrc.d/50-catppuccin.conf" ,catppuccin-dunstrc) - ("gtk-2.0/gtkrc" ,(local-file "files/gtk2.ini")) - ("gtk-3.0/settings.ini" ,(local-file "files/gtk3.ini")) - ("i3/config" ,(local-file "files/i3.conf")) - ;; TODO: "kdeglobals" works for some programs (e.g. kdeconnect-app), - ;; but not for others (e.g. nheko, kdeconnect-settings)... - ("kdeglobals" ,catppuccin-kdeglobals) - ("kitty/diff.conf" - ,(combined-text-file "kitty-diff.conf" - (plain-file "kitty-diff-custom.conf" - "pygments_style bw\n") - catppuccin-kitty-diff)) - ("kitty/kitty.conf" - ,(combined-text-file "kitty.conf" - (local-file "files/kitty.conf") - catppuccin-kitty)) - ("mimeapps.list" ,(local-file "files/mimeapps.list")) - ("polybar/config.ini" ,(local-file "files/polybar.ini")) - ("polybar/catppuccin.ini" ,catppuccin-polybar) - ("rofi/config.rasi" ,(local-file "files/rofi.rasi")) - ("rofi/themes/catppuccin.rasi" ,catppuccin-rofi) - ("zathura/zathurarc" ,(local-file "files/zathurarc")) - ("zathura/catppuccin" ,catppuccin-zathura))) - - (simple-service 'cursor-theme home-files-service-type - `((".icons/default/index.theme" ,(local-file "files/cursors.ini")))) - - (simple-service 'gui-environment home-environment-variables-service-type - `(("TERMINAL" . "kitty") - ("_JAVA_OPTIONS" . - ,(string-append - "$_JAVA_OPTIONS${_JAVA_OPTIONS:+ }-Dawt.useSystemAAFontSettings=on -Dswing.aatext=true " - "-Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel " - "-Dswing.crossplatformlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel")) - ;; Smooth trackpad scrolling in Firefox/Icecat. - ;; https://wiki.archlinux.org/index.php/Firefox/Tweaks#Pixel-perfect_trackpad_scrolling - ("MOZ_USE_XINPUT2" . "1"))) - - (simple-service 'gui-scripts home-files-service-type - `(;; https://sw.kovidgoyal.net/kitty/kittens/diff/ - (".local/bin/kdiff" ; show a diff - ,(program-file "kdiff" #~(apply execl #$(file-append kitty "/bin/kitty") "kitty" - "+kitten" "diff" (cdr (command-line))))) - (".local/bin/icat" ; kitty's "catimg" equivalent - ,(program-file "icat" #~(apply execl #$(file-append kitty "/bin/kitty") "kitty" - "+kitten" "icat" (cdr (command-line))))) - (".local/bin/screenlock" - ,(program-file - "screenlock" - #~(begin ; Wrapper around i3lock to turn off the screen and pause notifications. - (system* #$(file-append dunst "/bin/dunstctl") "set-paused" "true") - (system* #$(file-append xset "/bin/xset") "dpms" "0" "0" "5") - ;; We mustn't use `file-append' here, as we have to pick up the - ;; setuid binary for i3lock installed by the system config. - (system* "i3lock" "-nc" #$catppuccin-background-color) - (system* #$(file-append xset "/bin/xset") "dpms" "600" "600" "600") - (system* #$(file-append dunst "/bin/dunstctl") "set-paused" "false")))) - ;; With #:recursive? #t, Guix keeps the files' permission bits, i.e. makes them executable. - (".local/bin/sessionmenu" ,(local-file "files/sessionmenu" #:recursive? #t)) - (".local/bin/passmenu" ,(local-file "files/passmenu" #:recursive? #t)) - (".local/bin/volume" ,(local-file "files/volume" #:recursive? #t)) - (".local/share/applications/emacsclient.desktop" - ,(local-file "files/emacsclient.desktop")))) + (openssh-service #t) - (append (gnupg-services #:gui-pinentry? #t) - common-services emacs-services pim-services))))) + (append %pim-services %interactive-services %common-services))))) %lap-home diff --git a/tw/home/server.scm b/tw/home/server.scm index c4c62cc9..694c84c8 100644 --- a/tw/home/server.scm +++ b/tw/home/server.scm @@ -1,17 +1,17 @@ (define-module (tw home server) - #:use-module (gnu) #:use-module (gnu home) #:use-module (gnu home services) + #:use-module (gnu packages vim) + #:use-module (gnu services) + #:use-module (guix gexp) #:use-module (tw home) #:use-module (tw theme)) -(use-package-modules vim) - (define-public %server-home (home-environment ;; These packages will show up in the home profile, under ~/.guix-home/profile. (packages - (cons* vim vim-surround common-packages)) + (cons* vim vim-surround %common-packages)) ;; To search for available home services, run 'guix home search KEYWORD'. (services (cons* @@ -22,6 +22,6 @@ (simple-service 'vim-is-editor home-environment-variables-service-type `(("EDITOR" . "vim"))) ; we define no ASYNC_EDITOR - common-services)))) + %common-services)))) %server-home -- cgit v1.2.3 From 84ebc8dcfc05cd6eaa1f31fe31ecc9d497f1b4d2 Mon Sep 17 00:00:00 2001 From: Timo Wilken Date: Tue, 7 Mar 2023 21:42:45 +0100 Subject: Track work gitconfig --- tw/home.scm | 3 +++ tw/home/files/gitconfig-cern | 4 ++++ 2 files changed, 7 insertions(+) create mode 100644 tw/home/files/gitconfig-cern (limited to 'tw/home.scm') diff --git a/tw/home.scm b/tw/home.scm index 6cb67344..aabc6579 100644 --- a/tw/home.scm +++ b/tw/home.scm @@ -425,6 +425,9 @@ auto-expand-secmem ("X11/XCompose" ,(local-file "home/files/XCompose")) ; see also: $XCOMPOSEFILE variable ("X11/Xresources" ,(local-file "home/files/Xresources")))) + (simple-service 'work-git-config home-files-service-type + `(("src/alice/.gitconfig" ,(local-file "home/files/gitconfig-cern")))) + (simple-service 'emacs-config home-xdg-configuration-files-service-type `(("emacs/include" ,(local-file "home/files/emacs-packages" #:recursive? #t)) ("emacs/init.el" ,(local-file "home/files/emacs-init.el")) diff --git a/tw/home/files/gitconfig-cern b/tw/home/files/gitconfig-cern new file mode 100644 index 00000000..5c7f0bb1 --- /dev/null +++ b/tw/home/files/gitconfig-cern @@ -0,0 +1,4 @@ +[user] + email = timo.wilken@cern.ch + signingkey = C2249BBE5E8761C943A0CFA1B7B3914BF63ACD7C + name = Timo Wilken -- cgit v1.2.3 From 8f7349f122ea78e8e144235cdda4fb389360a175 Mon Sep 17 00:00:00 2001 From: Timo Wilken Date: Tue, 28 Mar 2023 19:59:00 +0200 Subject: Use lxtunnel for CERN SSH proxying This uses fewer server resources compared with lxplus. --- tw/home.scm | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'tw/home.scm') diff --git a/tw/home.scm b/tw/home.scm index aabc6579..91be88fd 100644 --- a/tw/home.scm +++ b/tw/home.scm @@ -100,9 +100,12 @@ auto-expand-secmem (host-key-algorithms '("+ssh-rsa")) (accepted-key-types '("+ssh-rsa"))) ;; CERN stuff + ,(openssh-host + (name "lxtunnel.cern.ch") + (proxy-command "none")) ; avoid ProxyJump loops ,(openssh-host (name "lxplus.cern.ch") - (proxy-command "none") ; avoid ProxyJump loops + (proxy-command "none") ; no jump needed (extra-content "GSSAPIDelegateCredentials yes")) ; needed for EOS home mount ,(openssh-host (name "aiadm.cern.ch") @@ -138,7 +141,7 @@ auto-expand-secmem (user "twilken") (identity-file "~/.local/share/ssh-keys/cern_id_rsa") (proxy-command (if proxy-to-cern? - "ssh -W '[%h]:%p' -l twilken lxplus.cern.ch" + "ssh -W '[%h]:%p' -l twilken lxtunnel.cern.ch" "none")) (extra-content "\ # Kerberos authentication -- cgit v1.2.3 From 9b85d2696f03e4b3dd910f89d93d855439acd6ad Mon Sep 17 00:00:00 2001 From: Timo Wilken Date: Sat, 15 Apr 2023 16:19:54 +0200 Subject: Install Chromium It's needed frequently enough that it's worth installing, rather than using guix shell all the time. --- tw/home.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'tw/home.scm') diff --git a/tw/home.scm b/tw/home.scm index 91be88fd..12a4d226 100644 --- a/tw/home.scm +++ b/tw/home.scm @@ -20,7 +20,7 @@ #:use-module (tw theme)) (use-package-modules - admin base calendar compression cmake compton curl databases dav disk dns + admin base calendar chromium compression cmake compton curl databases dav disk dns dunst elf emacs emacs-xyz file finance fonts freedesktop games gcc gimp gnome gnome-xyz gnupg gnuzilla graphviz haskell-apps image-viewers imagemagick inkscape less libreoffice linux lisp llvm mail maths password-utils pdf @@ -346,6 +346,7 @@ auto-expand-secmem mpv polybar pulsemixer rofi rofi-calc tk xdg-utils xdot xclip xcwd xdotool xdpyinfo xev xfd xfontsel xinput xkill xprop xrandr xrdb xsel xset xwininfo zoom zathura zathura-ps zathura-pdf-poppler + ungoogled-chromium ; needed e.g. for UBS site & DRM video dconf dconf-editor ; required for config by blueman, cozy, ... ;; gnome-keyring ; installed system-wide; see system-configuration.scm ;; geoclue ; for redshift -- installed system-wide -- cgit v1.2.3