(define-module (tw system installer nonfree) #:use-module (gnu packages admin) #:use-module (gnu packages linux) #:use-module (gnu packages package-management) #:use-module (gnu packages version-control) #:use-module (gnu services) #:use-module (gnu services base) #:use-module (gnu services ssh) #:use-module (gnu system) #:use-module (guix gexp) #:use-module ((nongnu system install) #:select (installation-os-nonfree)) #:use-module ((srfi srfi-26) #:select (cut)) #:use-module (tw channels)) (operating-system (inherit installation-os-nonfree) (host-name "guixinstall") (timezone "Europe/Paris") (locale "en_GB.utf8") (packages (cons* efibootmgr htop git (operating-system-packages installation-os-nonfree))) (services (cons* ;; Add the nonguix channel, so we can install nonfree packages directly. (extra-special-file "/etc/guix/channels.scm" (scheme-file "channels.scm" #~(cons* (channel (name 'nonguix) (url "https://gitlab.com/nonguix/nonguix") (introduction (channel-introduction (version 0) (commit "897c1a470da759236cc11798f4e0a5f7d4d59fbc") (signer "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5")))) %system-channels))) ;; Use nonguix' substitute server. (simple-service 'nonguix guix-service-type (guix-extension (authorized-keys (list %nonguix-signing-key)) (substitute-urls '("https://substitutes.nonguix.org")))) ;; Add an SSH server to facilitate remote installs. (service openssh-service-type (openssh-configuration (port-number 22) (%auto-start? #t) (permit-root-login #t) ;; The root account is passwordless, so make sure ;; a password is set before allowing logins. (allow-empty-passwords? #f) (password-authentication? #f) (authorized-keys `(("root" ,(local-file "../files/timo.pub")))))) ;; Make sure to remove the SSH service from the base services, ;; so we can override it fully. (filter (compose not (cut eq? openssh-service-type <>) service-kind) ((@@ (gnu system install) %installation-services))))))