(use-modules (gnu) (gnu system nss) (gnu system mapped-devices) (gnu services kerberos) (gnu services web) (gnu services databases) (guix store)) (use-service-modules networking ssh web kerberos mail admin mcron) (use-package-modules admin emacs avahi certs tmux ssh linux disk code version-control rsync guile web base ntp tls wget package-management backup curl php pulseaudio) (define %tlsdate-job #~(job (lambda (now) (next-day-from (next-hour-from now '(3)) '(2 5))) (string-append #$tlsdate "/bin/tlsdate -l -t"))) (define %sysctl-activation-service (simple-service 'sysctl activation-service-type #~(let ((sysctl (lambda (str) (zero? (apply system* #$(file-append procps "/sbin/sysctl") "-w" (string-tokenize str)))))) (and ;; Enable IPv6 privacy extensions. (sysctl "net.ipv6.conf.eth0.use_tempaddr=2") ;; Enable SYN cookie protection. (sysctl "net.ipv4.tcp_syncookies=1") ;; Log Martian packets. (sysctl "net.ipv4.conf.default.log_martians=1"))))) (operating-system (host-name "quercus.browniehive.net") (timezone "Europe/Oslo") (locale "en_US.UTF-8") (locale-libcs (list (specification->package "glibc") (canonical-package glibc))) ;; Message for users on login (issue "Quercus is a WORK IN PROGRESS. Expect instability\n") (hosts-file (plain-file "hosts" (string-append (local-host-aliases host-name) %facebook-host-aliases))) (initrd-modules (append (list "uas" "usb-storage" "raid0" "raid1") %base-initrd-modules)) (initrd (lambda (file-systems . rest) ;; Add a kernel module for RAID-0 (aka. "stripe") ;; and RAID-1 (aka. "mirror"). (apply base-initrd file-systems #:extra-modules '("raid0" "raid1" "uas" "usb-storage") rest))) ;;; Raid "10" ;; raid0 md127: sda1, sdb1, sde1 ;; raid0 md126: sdc1, sdd1, sdf1 ;; raid1 md125: raid-a raid-b (mapped-devices (list (mapped-device (source (list "/dev/disk/by-id/ata-SAMSUNG_HD103UJ_S13PJ90Q922364-part1" ; sda1 "/dev/disk/by-id/ata-SAMSUNG_HD204UI_S2H7J1CZC04866-part1" ; sdb1 "/dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N1NDU0C1-part1")) ; sde1 (target "/dev/md127") (type raid-device-mapping)) (mapped-device (source (list "/dev/disk/by-id/ata-SAMSUNG_HD103UJ_484331GQ919757-part1" ; sdc1 "/dev/disk/by-id/ata-SAMSUNG_HD204UI_S2H7J1CZC04873-part1" ; sdd1 "/dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N6AUF6LH-part1")) ; sdf1 (target "/dev/md126") (type raid-device-mapping)) (mapped-device (source (list "/dev/md126" "/dev/md127")) (target "/dev/md125") (type raid-device-mapping)))) (bootloader (bootloader-configuration (bootloader grub-bootloader) (target "/dev/disk/by-id/usb-Kingston_DT_microDuo_3.0_1C6F6581FDFCBEB0B9233C66-0:0"))) (swap-devices '("/swapfile")) (file-systems (cons* (file-system (device (file-system-label "BOOT")) (mount-point "/boot") (create-mount-point? #t) (type "ext4")) (file-system (device "/dev/md125p1") (mount-point "/") (dependencies mapped-devices) (create-mount-point? #t) (type "ext4")) %base-file-systems)) (users (cons* (user-account (name "ton") (comment "Tonton") (group "users") (supplementary-groups '("wheel" ;"web" "audio" "video")) (home-directory "/home/ton") (create-home-directory? #f)) %base-user-accounts)) (packages (cons* wget curl openssh mdadm git rsync stow %base-packages)) (services (cons* (static-networking-service "eno1" "192.168.10.42" #:gateway "192.168.10.1" #:name-servers '("51.254.25.115" "193.183.98.66" "51.255.48.78")) (service openssh-service-type (openssh-configuration (port-number 22555) (password-authentication? #f))) %sysctl-activation-service (modify-services %base-services (guix-service-type config => (guix-configuration (inherit config) (substitute-urls (cons* "https://ci.guix.info/" "https://berlin.guixsd.org" %default-substitute-urls)) (extra-options '("--max-jobs=3" "--cores=3")))) ))) (name-service-switch %mdns-host-lookup-nss) )