;; This "home-environment" file can be passed to 'guix home reconfigure' ;; to reproduce the content of your profile. This is "symbolic": it only ;; specifies package names. To reproduce the exact same profile, you also ;; need to capture the channels being used, as returned by "guix describe". ;; See the "Replicating Guix" section in the manual. ;; See also, for some tips: ;; https://github.com/alezost/shepherd-config/blob/master/init.scm ;; TODO: Integrate upstream (ctp) configs into ~/guix-home using git submodules: ;; https://github.com/catppuccin/grub ; TODO: make this system-wide ;; https://github.com/catppuccin/tty ; system-wide ;; https://github.com/catppuccin/papirus-folders ;; https://github.com/catppuccin/Kvantum ;; https://github.com/catppuccin/fzf ;; https://github.com/catppuccin/obs ;; https://github.com/catppuccin/insomnia ;; https://github.com/catppuccin/firefox ; for icecat ;; Manual installation needed? ;; https://github.com/catppuccin/dark-reader ;; https://github.com/catppuccin/github (define-module (tw home lap) #:use-module (gnu home) #:use-module (gnu home services) #:use-module (gnu home services desktop) #:use-module (gnu home services guix) #:use-module (gnu home services mcron) #:use-module (gnu home services pm) #:use-module (gnu home services shells) #:use-module (gnu home services shepherd) #:use-module (gnu home services ssh) #:use-module (gnu packages) #:use-module (gnu services) #:use-module (gnu services shepherd) #:use-module (guix channels) #:use-module (guix modules) #:use-module (guix gexp)) (fluid-set! read-eval? #t) ; allow #. read expansions in this file ;; One of "latte" (light theme), "frappe", "macchiato", "mocha" (dark ;; themes); ordered brightest to darkest. ;; Set and use this at read time so that `local-file' gets a literal ;; argument. Anything else confuses it and causes it to search ;; relative to the working directory, not this file's directory. #.(define catppuccin-theme-variant "mocha") ;; "Base" colour from the active Catppuccin theme (see ;; https://github.com/catppuccin/catppuccin). (define catppuccin-background-color "1e1e2e") (define* (package-binary specification #:optional (binary specification)) "Get the path of BINARY inside the package referred to by SPECIFICATION." (file-append (specification->package specification) (string-append "/bin/" binary))) ;; See also: `file-join' in (gnu home services ssh). (define (combined-text-file name . files) "A file which is the concatenation of the contents of other files." ;; We need to use #$output for `computed-file' to work. ;; Of course this isn't documented anywhere! (computed-file name (with-imported-modules (source-module-closure '((guix build utils))) ; for `dump-port' #~(begin (use-modules (guix build utils)) (call-with-output-file #$output (lambda (oport) (for-each (lambda (in-file) (call-with-input-file in-file (lambda (iport) (dump-port iport oport)))) '#$files))))))) (define (text-file/substitutions name input-file . substitutions) "A file containing another file's content with regexp substitutions. Each item in SUBSTITUTIONS is a `cons' of a regular expression and a replacement spec (to which `regexp-substitute/global' is applied)." (computed-file name #~(begin (use-modules (ice-9 regex) (ice-9 textual-ports)) (call-with-output-file #$output (lambda (oport) (call-with-input-file #$input-file (lambda (iport) (let loop ((output (get-string-all iport)) (substitutions '#$substitutions)) (if (null? substitutions) (put-string oport output) (loop (call-with-output-string (lambda (sport) (apply regexp-substitute/global sport (caar substitutions) output (cdar substitutions)))) (cdr substitutions))))))))))) (define gui-packages '(;; i3 and Xorg. i3 itself must be installed system-wide for gdm to pick it up. ;; acpilight is a drop-in xbacklight replacement, as xbacklight doesn't work on my system. "acpilight" "arandr" "blueman" "dunst" "gnupg" "gimp" "hsetroot" "inkscape" "icecat" "kdeconnect" "kitty" "libreoffice" "mpv" "nheko" "password-store" "pass-otp" "polybar" "rofi" "rofi-calc" "signal-desktop" "simple-scan" "transmission-remote-gtk" "xdg-utils" "xdot" "xclip" "xdotool" "xdpyinfo" "xev" "xfd" "xfontsel" "xinput" "xkill" "xprop" "xrandr" "xrdb" "xsel" "xset" "xwininfo" "zoom" "zathura" "zathura-ps" "zathura-pdf-poppler" "dconf" "dconf-editor" ; required for config by blueman, cozy, ... ;; "gnome-keyring" ; installed system-wide; see system-configuration.scm ;; "geoclue" ; for redshift -- installed system-wide ;; Games "0ad" "freeciv" "warzone2100" "widelands" ; "pioneer" ;; Fonts "font-hermit" "font-inconsolata" "font-fira-code" "font-fira-sans" "font-libertinus" "font-openmoji" ;; Theming "papirus-icon-theme" ;; My own packages -- needs GUIX_PACKAGE_PATH to be set; see below. "catppuccin-gtk-theme" "catppuccin-mocha-dark-cursors" "simutrans")) (define (polybar-service monitor) (shepherd-service (documentation (string-append "Polybar desktop bar for monitor" monitor ".")) (provision (list (string->symbol (string-append "polybar-" monitor)))) (start #~(make-forkexec-constructor (list #$(package-binary "polybar")) #:environment-variables (cons #$(string-append "POLYBAR_MONITOR=" monitor) (default-environment-variables)))) (stop #~(make-kill-destructor)))) (define gui-services (list ;; Batsignal: battery level notifications. (service home-batsignal-service-type (home-batsignal-configuration (batteries '("BAT0")))) ;; Redshift: make the screen turn redder at night. (service home-redshift-service-type (home-redshift-configuration ;; See info '(guix)Desktop Home Services'. (location-provider 'manual) ;; Approximate location (latitude 46.0) (longitude 6.0) ;; (location-provider 'geoclue2) ; currently waits forever for a location -- not sure why geoclue doesn't work ;; (daytime-temperature 6500) ; default 6500 ;; (nighttime-temperature 4500) ; default 4500 (daytime-brightness 1.0) (nighttime-brightness 0.7) (extra-content "fade=0"))) ; with fade=1, restarting redshift causes flickering for a few secs ;; The dbus service doesn't seem to be added automatically. (service home-dbus-service-type (home-dbus-configuration)) (simple-service 'gui-services home-shepherd-service-type (list (shepherd-service (documentation "KDE connect applet.") (provision '(kdeconnect-applet)) (requirement '(kdeconnectd)) (start #~(make-forkexec-constructor (list #$(package-binary "kdeconnect" "kdeconnect-indicator")))) (stop #~(make-kill-destructor))) (shepherd-service (documentation "KDE connect daemon.") (provision '(kdeconnectd)) (start #~(make-forkexec-constructor (list #$(file-append (specification->package "kdeconnect") (string-append "/libexec/kdeconnectd"))))) (stop #~(make-kill-destructor))) (shepherd-service (documentation "Blueman applet; provides a GUI for connection to bluetooth devices.") (provision '(blueman-applet)) (start #~(make-forkexec-constructor (list #$(package-binary "blueman" "blueman-applet")))) (stop #~(make-kill-destructor))) (polybar-service "eDP-1") (polybar-service "HDMI-1-1") (shepherd-service (documentation "Dunst notification daemon; displays desktop notifications.") (provision '(dunst)) (start #~(make-forkexec-constructor (list #$(package-binary "dunst")))) (stop #~(make-kill-destructor))) (shepherd-service (documentation "Picom compositor; enables transparent windows in X.") (provision '(picom)) (start #~(make-forkexec-constructor (list #$(package-binary "picom") "--experimental-backends" "--config" #$(local-file "files/picom.conf")))) (stop #~(make-kill-destructor))) (shepherd-service (documentation "Source Xresources on login.") (provision '(xrdb)) (one-shot? #t) (start #~(lambda _ (invoke #$(package-binary "xrdb") "-merge" (string-append (getenv "XDG_CONFIG_HOME") "/X11/Xresources"))))) ;; By default, xdotool gets most of "#@\|~()<>[]{} wrong. Make ;; it use the correct keymap by re-setting the same one again. (shepherd-service (documentation "Fix X keyboard map on login; passmenu needs this.") (provision '(fix-xdotool)) (one-shot? #t) (start #~(lambda _ (use-modules (ice-9 rdelim) (ice-9 regex) (ice-9 popen)) (let ((port (open-pipe* OPEN_READ #$(package-binary "setxkbmap") "-query"))) (let loop ((line (read-line port))) (unless (eof-object? line) (let ((mtch (string-match "^layout:[[:space:]]*" line))) (if mtch (system* #$(package-binary "setxkbmap") (match:suffix mtch)) (loop (read-line port)))))))))) (shepherd-service (documentation "Set up X displays on login.") (provision '(xorg-setup)) (one-shot? #t) (start #~(lambda _ (invoke #$(package-binary "numlockx") "on") ;; Turn off the monitors if there is no input for 10 minutes. (invoke #$(package-binary "xset") "dpms" "600" "600" "600") (invoke #$(package-binary "xrandr") "--output" "eDP-1" "--auto" ;; Don't use --auto for this monitor. That ;; configures it at 60 Hz, which causes ;; it to briefly turn off every few minutes. "--output" "HDMI-1-1" "--mode" "2560x1440" "--rate" "120.00" "--right-of" "eDP-1") ;; Set the desktop background picture. Hopefully doing this just after ;; xrandr works and sets it for both screens. (invoke #$(package-binary "hsetroot") "-cover" (string-append (getenv "HOME") "/pictures/Backgrounds/greece/IMG_20181201_104748_DRO.jpg"))))))) ;; Configuration files for GUI programs in $XDG_CONFIG_HOME. (simple-service 'gui-config home-xdg-configuration-files-service-type `(("dunst/dunstrc" ,(local-file "files/dunstrc")) ("dunst/dunstrc.d/50-catppuccin.conf" ,(local-file #.(string-append "files/catppuccin/dunst/src/" catppuccin-theme-variant ".conf") "dunst-theme.conf")) ("emacs/include" ,(local-file "files/emacs-packages" #:recursive? #t)) ("emacs/init.el" ,(local-file "files/emacs-init.el")) (#.(string-append "emacs/catppuccin-" catppuccin-theme-variant "-theme.el") ,(local-file #.(string-append "files/catppuccin/emacs/catppuccin-" catppuccin-theme-variant "-theme.el"))) ("gtk-2.0/gtkrc" ,(local-file "files/gtk2.ini")) ("gtk-3.0/settings.ini" ,(local-file "files/gtk3.ini")) ("i3/config" ,(local-file "files/i3.conf")) ("kdeglobals" ; TODO: this works for some programs (e.g. kdeconnect-app), ; but not for others (e.g. nheko, kdeconnect-settings)... ,(local-file #.(let ((variant (string-upcase catppuccin-theme-variant 0 1))) (string-append "files/catppuccin/kde/" variant "/Catppuccin" variant ".colors")))) ("kitty/diff.conf" ,(local-file #.(string-append "files/catppuccin/kitty/diff-" catppuccin-theme-variant ".conf") "kitty-diff-theme.conf")) ("kitty/kitty.conf" ,(combined-text-file "kitty.conf" (local-file "files/kitty.conf") (local-file #.(string-append "files/catppuccin/kitty/" catppuccin-theme-variant ".conf") "kitty-theme.conf"))) ("polybar/config.ini" ,(local-file "files/polybar.ini")) ("polybar/catppuccin.ini" ,(local-file #.(string-append "files/catppuccin/polybar/themes/" catppuccin-theme-variant ".ini"))) ("rofi/config.rasi" ,(local-file "files/rofi.rasi")) ("rofi/themes/catppuccin.rasi" ,(text-file/substitutions "catppuccin.rasi" (local-file #.(string-append "files/catppuccin/rofi/basic/.local/share/rofi/themes/catppuccin-" catppuccin-theme-variant ".rasi")) '("JetBrainsMono Nerd Font 14" pre "Fira Sans 12" post) ; default font '("border-col: #[0-9a-f]*;" pre "border-col: #585b70;" post))) ; i3 border colour ("zathura/zathurarc" ,(local-file "files/zathurarc")) ("zathura/catppuccin" ,(local-file #.(string-append "files/catppuccin/zathura/src/catppuccin-" catppuccin-theme-variant))))) (simple-service 'gui-files home-files-service-type `((".icons/default/index.theme" ,(local-file "files/cursors.ini")))) (simple-service 'gui-environment-variables home-environment-variables-service-type `(("TERMINAL" . "kitty") ("_JAVA_OPTIONS" . ,(string-append "$_JAVA_OPTIONS${_JAVA_OPTIONS:+ }-Dawt.useSystemAAFontSettings=on -Dswing.aatext=true " "-Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel " "-Dswing.crossplatformlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel")) ;; Smooth trackpad scrolling in Firefox/Icecat. ;; https://wiki.archlinux.org/index.php/Firefox/Tweaks#Pixel-perfect_trackpad_scrolling ("MOZ_USE_XINPUT2" . "1"))) (simple-service 'gui-scripts home-files-service-type `(;; https://sw.kovidgoyal.net/kitty/kittens/diff/ (".local/bin/kdiff" ; show a diff ,(program-file "kdiff" #~(apply execl #$(package-binary "kitty") "kitty" "+kitten" "diff" (cdr (command-line))))) (".local/bin/icat" ; kitty's "catimg" equivalent ,(program-file "icat" #~(apply execl #$(package-binary "kitty") "kitty" "+kitten" "icat" (cdr (command-line))))) (".local/bin/screenlock" ,(program-file "screenlock" #~(begin ; Wrapper around i3lock to turn off the screen and pause notifications. (system* #$(package-binary "dunst" "dunstctl") "set-paused" "true") (system* #$(package-binary "xset") "dpms" "0" "0" "5") ;; We mustn't use `package-binary' here, as we have to pick up the ;; setuid binary for i3lock installed by the system config. (system* "i3lock" "-nc" #$catppuccin-background-color) (system* #$(package-binary "xset") "dpms" "0" "0" "0") (system* #$(package-binary "dunst" "dunstctl") "set-paused" "false")))) ;; With #:recursive? #t, Guix keeps the files' permission bits, i.e. makes them executable. (".local/bin/sessionmenu" ,(local-file "files/sessionmenu" #:recursive? #t)) ; rofi logout/reboot menu (".local/bin/passmenu" ,(local-file "files/passmenu" #:recursive? #t)) ; rofi passwords menu (".local/bin/volume" ,(local-file "files/volume" #:recursive? #t)))))) ; set volume on key press (home-environment (packages ;; These packages will show up in the home profile, under ~/.guix-home/profile. `(;; Install only bind-utils like dig, not the full suite. (,(specification->package "bind") "utils") ,@(specifications->packages gui-packages) ,@(specifications->packages '(;; CLI tools "adb" "beets" "curl" "dos2unix" "fdupes" "file" "fzf" "git" "gnuplot" "graphviz" "hledger" "imagemagick" "jq" "lesspipe" "nvme-cli" "openssh" "powertop" "pulsemixer" "pv" "python" "python-ipython" "recutils" "rsync" "sbcl" "smartmontools" "source-highlight" "tk" "tmux" "tree" "xxd" "zip" "unzip" "get-iplayer" "ffmpeg" "atomicparsley" "yt-dlp" "neomutt" "mailcap" "lynx" ; mail (lynx for HTML mail) "newsboat" "vdirsyncer" "khal" "khard" ;; Ranger can do code highlighting using python-pygments and ;; image previews in kitty using python-pillow. "ranger" "python-pygments" "python-pillow" "mediainfo" "python-pdftotext" "xcwd" ; my own package ;; Work "s3cmd" "python-alibuild" ; "python-alidistlint" ;; Shell "zsh" "zsh-autosuggestions" "zsh-syntax-highlighting" "zsh-autopair" "zsh-completions" ; my own package ;; Development & language servers "make" "shellcheck" "clang" ; for clangd "python-lsp-server" ;; Supported OotB by eglot, but not packaged by guix: ;; https://github.com/mads-hartmann/bash-language-server ;; https://github.com/regen100/cmake-language-server ;; https://github.com/hrsh7th/vscode-langservers-extracted ; {html,css,json}-languageserver ;; https://github.com/golang/tools/tree/master/gopls ; maybe? ;; https://github.com/artempyanykh/marksman ; Markdown ;; https://github.com/jeapostrophe/racket-langserver ;; https://github.com/astoff/digestif ; (La)TeX ;; https://github.com/redhat-developer/yaml-language-server ;; Needs eglot config + not packaged (from lsp-mode): ;; https://github.com/graphql/graphiql/tree/main/packages/graphql-language-service-cli#readme ;; https://github.com/haskell/haskell-language-server / https://github.com/haskell/ghcide ;; https://github.com/eclipse/lemminx ;; Emacs "emacs" "emacs-use-package" "emacs-eglot" "emacs-counsel" "emacs-counsel-dash" "sqlite" ; emacs-counsel-dash requires the sqlite3 binary "emacs-ivy" ;; "emacs-company" "emacs-company-quickhelp" "emacs-company-posframe" "emacs-corfu" "emacs-corfu-doc" "emacs-autothemer" ; for catppuccin/emacs "emacs-undo-tree" "emacs-aggressive-indent" "emacs-which-key" "emacs-smart-mode-line" "emacs-diminish" "emacs-rainbow-mode" "emacs-guix" ;; TODO: "emacs-editorconfig" "emacs-sly" "emacs-sly-macrostep" "emacs-org" ; "emacs-org-modern" theme? "emacs-evil" "emacs-evil-collection" "emacs-evil-expat" ; for :reverse, :remove, :rename, :colo, :g*, ... ex commands "emacs-evil-surround" ;; "emacs-evil-owl" ; tests failing "emacs-evil-args" "emacs-evil-numbers" "emacs-evil-multiedit" "emacs-evil-goggles" "emacs-evil-traces" "emacs-evil-commentary" "emacs-evil-replace-with-register" "emacs-evil-org" "emacs-evil-markdown" "emacs-evil-tex" "emacs-evil-text-object-python" "emacs-geiser" "emacs-geiser-racket" "emacs-geiser-guile" ;; "emacs-macrostep-geiser" "emacs-flymake-collection" ; "emacs-flymake-flycheck" ; if needed "emacs-cmake-mode" "emacs-gnuplot" "emacs-graphviz-dot-mode" "emacs-hcl-mode" "emacs-ledger-mode" "emacs-mmm-mode" "emacs-puppet-mode" "emacs-rec-mode" "emacs-web-mode" "emacs-yaml-mode")))) ;; To search for available home services, run 'guix home search KEYWORD'. (services (cons* ;; User shepherd services. (simple-service 'terminal-services home-shepherd-service-type (list (shepherd-service (documentation "Emacs server; connect using emacsclient.") (provision '(emacs)) (start #~(make-forkexec-constructor (list #$(package-binary "emacs") "--fg-daemon"))) (stop #~(make-kill-destructor))) (shepherd-service (documentation "GPG agent; caches key passwords.") (provision '(gpg-agent)) (start #~(lambda _ (invoke #$(package-binary "gnupg" "gpg-agent") "--daemon" "--no-detach"))) (stop #~(lambda _ (invoke "gpg-connect-agent" "killagent" "/bye")))))) (simple-service 'terminal-cronjobs home-mcron-service-type (list #~(job "15 */2 * * *" ; every two hours at HH:15 (string-append #$(package-binary "vdirsyncer") " metasync")) #~(job "0,30 * * * *" ; every half hour (string-append #$(package-binary "vdirsyncer") " sync")))) ;; Configuration files for terminal-only programs in $XDG_CONFIG_HOME. (service home-xdg-configuration-files-service-type `(;; All alibuild needs is an empty file. ("alibuild/disable-analytics" ,(plain-file "alibuild-disable-analytics" "")) ("git/config" ,(local-file "files/gitconfig")) ("htop/htoprc" ,(local-file "files/htoprc")) ("khal/config" ,(local-file "files/khal.conf")) ("khard/khard.conf" ,(local-file "files/khard.conf")) ("lesskey" ,(local-file "files/lesskey")) ("mutt/muttrc" ,(local-file "files/muttrc")) ("mutt/catppuccin.muttrc" ,(local-file #.(if (string=? catppuccin-theme-variant "latte") "files/catppuccin/neomutt/latte-neomuttrc" "files/catppuccin/neomutt/neomuttrc"))) ("newsboat/config" ,(local-file "files/newsboat.conf")) ("newsboat/config.catppuccin" ,(local-file #.(if (string=? catppuccin-theme-variant "latte") "files/catppuccin/newsboat/themes/latte" "files/catppuccin/newsboat/themes/dark") "newsboat-theme.conf")) ("ranger/rc.conf" ,(local-file "files/ranger.conf")) ("user-dirs.locale" ,(plain-file "user-dirs.locale" "C")) ; Not sure if this is needed. Arch has it. ("user-dirs.dirs" ,(local-file "files/user-dirs.dirs")) ("vdirsyncer/config" ,(local-file "files/vdirsyncer.conf")) ("X11/XCompose" ,(local-file "files/XCompose")) ; see also: $XCOMPOSEFILE variable ("X11/Xresources" ,(local-file "files/Xresources")))) (simple-service 'terminal-files home-files-service-type `((".mailcap" ,(local-file "files/mailcap")) ;; The file from git main is newer than the one bundled with the ;; packaged neomutt version and contains a few fixes. (".local/bin/mutt_oauth2.py" ,(local-file "files/neomutt/contrib/oauth2/mutt_oauth2.py" #:recursive? #t)) ;; GnuPG config files must be in ~/.local/share/gnupg, not ~/.config, ;; so we can't use `home-xdg-configuration-files-service-type'. (".local/share/gnupg/gpg.conf" ,(local-file "files/gpg.conf")) (".local/share/gnupg/gpg-agent.conf" ,(mixed-text-file "gpg-agent.conf" "\ pinentry-program " (package-binary "pinentry-rofi") " # Needed if spawning lots of parallel gpg --decrypt processes. https://dev.gnupg.org/T3530 auto-expand-secmem ")))) (service home-zsh-service-type (home-zsh-configuration (zshrc (list (local-file "files/zshrc") (local-file "files/prompt.zsh"))))) (simple-service 'terminal-environment-variables home-environment-variables-service-type `(;; Path to my own package definitions. If invoking `guix home' ;; afresh, this needs to be set manually to find these packages. ("GUIX_PACKAGE_PATH" . "$HOME/src/packages/guix") ;; Prepend my own binaries to $PATH. These should probably all ;; be managed through `home-files-service-type'. ("PATH" . "$HOME/.local/bin${PATH:+:}$PATH") ;; Default terminal-related applications ("EDITOR" . "emacsclient -qc") ;; Tell emacsclient to return immediately after opening the ;; file. I can't put this in $EDITOR as many programs expect ;; $EDITOR to exit only when the user is done editing. ("ASYNC_EDITOR" . "emacsclient -qcn") ("PAGER" . "less") ;; Guix force-overrides $LESS by default, so force-force it to do what I want instead. ;; `less' reads the `lesskey' file configured above. ("GUIX_PAGER" . "env -u LESS less") ;; To make LESS_TERMCAP_* variables (set in lesskey) apply to man pages in kitty. ("GROFF_NO_SGR" . "1") ;; Shell history -- primarily for zsh, but Emacs' eshell uses this too ("HISTSIZE" . "10000000") ;; ("NVIM_TUI_ENABLE_CURSOR_SHAPE" . "1") ("LEDGER_FILE" . "$HOME/sync/ledger/ledger.journal") ("GTAGSLABEL" . "pygments") ;; Disable at-spi-dbus-launcher accessibility service. ("NO_AT_BRIDGE" . "1") ;; Auto-compilation is annoying and creates a bunch of files that are never cleaned up. ("GUILE_AUTO_COMPILE" . "0") ;; For some reason, Guix doesn't seem to add these paths automatically. ("GUILE_LOAD_PATH" . ,(string-append "$GUIX_PACKAGE_PATH:" "$XDG_CONFIG_HOME/guix/current/share/guile/site/3.0" "${GUILE_LOAD_PATH:+:}$GUILE_LOAD_PATH")) ("GUILE_LOAD_COMPILED_PATH" . ,(string-append "$XDG_CONFIG_HOME/guix/current/lib/guile/3.0/site-ccache:" "$XDG_CONFIG_HOME/guix/current/share/guile/site/3.0" "${GUILE_LOAD_COMPILED_PATH:+:}$GUILE_LOAD_COMPILED_PATH")))) ;; XDG basedir spec compliance for various programs ;; See: https://wiki.archlinux.org/index.php/XDG_Base_Directory for a list of programs. ;; The `home-xdg-base-directories' service (enabled by default) sets $XDG_* variables for us. (simple-service 'xdg-spec-compliance home-environment-variables-service-type '(("ANDROID_EMULATOR_HOME" . "$XDG_DATA_HOME/android-emulator") ("ASPELL_CONF" . "per-conf $XDG_CONFIG_HOME/aspell/aspell.conf; home-dir $XDG_DATA_HOME/aspell") ("BUP_DIR" . "$XDG_DATA_HOME/bup") ("CARGO_HOME" . "$XDG_DATA_HOME/cargo") ("DSHGROUP_PATH" . "$XDG_DATA_HOME/dsh/group:/etc/dsh/group") ("ELECTRUMDIR" . "$XDG_DATA_HOME/electrum") ("FG_HOME" . "$XDG_DATA_HOME/fgfs") ("GETIPLAYERUSERPREFS" . "$XDG_DATA_HOME/get_iplayer") ("GNUPGHOME" . "$XDG_DATA_HOME/gnupg") ("GTK2_RC_FILES" . "$XDG_CONFIG_HOME/gtk-2.0/gtkrc") ("ICEAUTHORITY" . "$XDG_CACHE_HOME/ICEauthority") ("INPUTRC" . "$XDG_CONFIG_HOME/readline/inputrc") ("IPYTHONDIR" . "$XDG_CONFIG_HOME/ipython") ("JUPYTER_CONFIG_DIR" . "$XDG_CONFIG_HOME/jupyter") ;; KONAN_DATA_DIR=~/.konan by default; grows to multiple GiB. ;; https://discuss.kotlinlang.org/t/change-konan-folder-location/18309 ("KONAN_DATA_DIR" . "$XDG_CACHE_HOME/konan") ("NPM_CONFIG_USERCONFIG" . "$XDG_CONFIG_HOME/npm/npmrc") ("PASSWORD_STORE_DIR" . "$XDG_DATA_HOME/password-store") ("PLTUSERHOME" . "$XDG_DATA_HOME/racket") ("PYLINTHOME" . "$XDG_CACHE_HOME/pylint") ("PYLINTRC" . "$XDG_CONFIG_HOME/pylint/pylintrc") ("RECOLL_CONFDIR" . "$XDG_CONFIG_HOME/recoll") ("RLWRAP_HOME" . "$XDG_DATA_HOME/rlwrap") ("STACK_ROOT" . "$XDG_DATA_HOME/stack") ("TMUX_TMPDIR" . "$XDG_RUNTIME_DIR") ("WEECHAT_HOME" . "$XDG_CONFIG_HOME/weechat") ("XCOMPOSECACHE" . "$XDG_CACHE_HOME/X11/XCompose") ("XCOMPOSEFILE" . "$XDG_CONFIG_HOME/X11/XCompose") ("ZDOTDIR" . "$XDG_CONFIG_HOME/zsh") ("_JAVA_OPTIONS" . "$_JAVA_OPTIONS${_JAVA_OPTIONS:+ }-Djava.util.prefs.userRoot=$XDG_CONFIG_HOME/java"))) (service home-openssh-service-type (home-openssh-configuration (hosts (let ((my-hosts/ports '(("vin.twilken.net" . 50022) ("vin.wg" . 50022) ("pi3.twilken.net" . 51022) ("pi3.wg" . 51022) ("lud.twilken.net" . 22022) ("lud.wg" . 22) ("matrix.twilken.net" . 22022))) (git-hosts '("github.com" "ssh.github.com" "bitbucket.org" "gitlab.cern.ch")) (cern-ci-hosts/users '(("alimonitor.cern.ch" . "alibuild") ("alinsure.cern.ch" . "alibuild") ("alibuildmac*.cern.ch" . "alibuild") ("aido*osx*.cern.ch" . "alibuild") ("alibuild*.cern.ch" . "root") ("alissandra*.cern.ch" . "root") ("alimesos*.cern.ch" . "root") ("alientest*.cern.ch" . "root") ("aliflow*.cern.ch" . "root") ("alijenkins*.cern.ch" . "root")))) (define (cern-extra-content delegate-kerberos-credentials?) (string-append "\ # Kerberos authentication GSSAPIAuthentication yes GSSAPIDelegateCredentials " (if delegate-kerberos-credentials? "yes" "no") " PreferredAuthentications gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive ProxyJump \"twilken@lxplus.cern.ch\" ")) ;; Earlier rules take precedence over later ones. `(,(openssh-host (name "*.srcf.net") (user "tw466")) ,(openssh-host (name "*.fritz.box") (extra-content "ProxyJump lud.twilken.net")) ,@(map (lambda (host port) (openssh-host (name host) (port port) (user "timo"))) (map car my-hosts/ports) (map cdr my-hosts/ports)) ,@(map (lambda (host) (openssh-host (name host) (user "git"))) git-hosts) ;; BitBucket apparently only supports ssh-rsa. ,(openssh-host (name "bitbucket.org") (host-key-algorithms '("+ssh-rsa")) (accepted-key-types '("+ssh-rsa"))) ,(openssh-host (name "gitlab.cern.ch") (port 7999) (extra-content "ProxyJump none")) ; no jump needed ;; Avoid ProxyJump loops. ,(openssh-host (name "lxplus.cern.ch") (extra-content "ProxyJump none")) ,(openssh-host (name "twilkendesktop.cern.ch") (port 22022) (forward-x11? #t) (extra-content (cern-extra-content #t))) ,@(map (lambda (host user) (openssh-host (name host) (user user) (identity-file "~/.local/share/ssh-keys/alicern_id_rsa"))) (map car cern-ci-hosts/users) (map cdr cern-ci-hosts/users)) ,(openssh-host (name "*.cern.ch") (user "twilken") (identity-file "~/.local/share/ssh-keys/cern_id_rsa") (extra-content (cern-extra-content #f))) ;; Default SSH key. This isn't in ~/.ssh as `home-openssh-service-type' ;; manages that and might delete keys there. ,(openssh-host (name "*") (identity-file "~/.local/share/ssh-keys/id_rsa") ;; Remote servers probably don't know about xterm-kitty. (extra-content "SetEnv TERM=xterm-256color"))))))) (simple-service ; this can't be a `service' as that would remove the 'guix channel 'nonfree-channels home-channels-service-type (list ;; Nonguix is also needed system-wide for non-free drivers! (channel (name 'nonguix) (url "https://gitlab.com/nonguix/nonguix") ;; Enable signature verification: (introduction (make-channel-introduction "897c1a470da759236cc11798f4e0a5f7d4d59fbc" (openpgp-fingerprint "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5")))) (channel (name 'guix-gaming-games) (url "https://gitlab.com/guix-gaming-channels/games") ;; Enable signature verification: (introduction (make-channel-introduction "c23d64f1b8cc086659f8781b27ab6c7314c5cca5" (openpgp-fingerprint "50F3 3E2E 5B0C 3D90 0424 ABE8 9BDC F497 A4BB CC7F")))))) gui-services)))