;; This is an operating system configuration template ;; for a "bare bones" setup, with no X11 display server. (use-modules (gnu)) (use-service-modules networking ssh desktop) (use-package-modules screen ssh containers) (operating-system (host-name "little-rascal") (timezone "Europe/London") (locale "en_GB.utf8") (keyboard-layout (keyboard-layout "gb" "dvorak")) ;; Boot in "legacy" BIOS mode, assuming /dev/sdX is the ;; target hard disk, and "my-root" is the label of the target ;; root file system. (bootloader (bootloader-configuration (bootloader grub-bootloader) (targets '("/dev/sda")))) ;; It's fitting to support the equally bare bones `-nographic` ;; QEMU option, which also nicely sidesteps forcing QWERTY. (kernel-arguments (list "console=ttyS0,115200")) (file-systems (cons (file-system (device "/dev/sda2") (mount-point "/") (type "ext4")) %base-file-systems)) ;; This is where user accounts are specified. The "root" ;; account is implicit, and is initially created with the ;; empty password. (users (cons (user-account (name "ray") (comment "Ray Miller") (group "users") ;; Adding the account to the "wheel" group ;; makes it a sudoer. Adding it to "audio" ;; and "video" allows the user to play sound ;; and access the webcam. (supplementary-groups '("wheel"))) %base-user-accounts)) (sudoers-file (plain-file "sudoers" "\ root ALL=(ALL) ALL %wheel ALL=(ALL) NOPASSWD:ALL\n")) ;; Globally-installed packages. (packages (cons* podman screen %base-packages)) ;; Add services to the baseline: static networking and an SSH server. (services (append (list (simple-service 'add-extra-hosts hosts-service-type (list (host "192.168.1.110" "limiting-factor" '("forge.1729.org.uk")) (host "192.168.1.167" "cargo-cult" '()))) (service static-networking-service-type (list (static-networking (addresses (list (network-address (device "ens3") (value "192.168.200.2/24")))) (routes (list (network-route (destination "default") (gateway "192.168.200.1")))) (name-servers '("192.168.200.1"))))) (service openssh-service-type (openssh-configuration (password-authentication? #f) (permit-root-login 'prohibit-password) (authorized-keys `(("ray" ,(local-file "./files/authorized_keys")) ("root" ,(local-file "./files/authorized_keys")))) (openssh openssh-sans-x) (port-number 22))) (service elogind-service-type)) %base-services)))