PantherX comes with a really easy, command-line based installer that asks virtually no questions. Simply boot the ISO, make sure you’re connected to the internet and run px-install.
Also checkout our new System Configuration Generator.
Desktop
This provides the default desktop environment.
- Standard Linux kernel
- Firewall with sane defaults (
22is not open)
px-desktop-os
%px-desktop-packages
%px-desktop-services
You can configure any of the available guix desktops:
xfce-desktop-service-typemate-desktop-service-typegnome-desktop-service-typelxqt-desktop-service-type
If you have a modern PC, you will probably want to use UEFI: Skip ahead to “Desktop: Boot in UEFI mode”
Example
Desktop: Boot in BIOS mode
;; PantherX OS Desktop Configuration v2
;; boot in "legacy" BIOS mode
;; /etc/system.scm
(use-modules (gnu)
(gnu system)
(gnu services desktop)
(px system config))
(px-desktop-os
(operating-system
(host-name "px-base")
(timezone "Europe/Berlin")
(locale "en_US.utf8")
;; Boot in "legacy" BIOS mode, assuming /dev/sda is the
;; target hard disk, and "my-root" is the label of the target
;; root file system.
(bootloader (bootloader-configuration
(bootloader grub-bootloader)
(targets '("/dev/sda"))))
(file-systems (cons (file-system
(device (file-system-label "my-root"))
(mount-point "/")
(type "ext4"))
%base-file-systems))
(users (cons (user-account
(name "panther")
(comment "panther's account")
(group "users")
;; Set the default password to 'pantherx'
;; Important: Change with 'passwd panther' after first login
(password (crypt "pantherx" "$6$abc"))
;; Adding the account to the "wheel" group
;; makes it a sudoer. Adding it to "audio"
;; and "video" allows the user to play sound
;; and access the webcam.
(supplementary-groups '("wheel"
"audio" "video"))
(home-directory "/home/panther"))
%base-user-accounts))
;; Globally-installed packages.
(packages (cons*
%px-desktop-packages))
;; Globally-activated services.
(services (cons*
(service xfce-desktop-service-type)
%px-desktop-services))))
Desktop: Boot in BIOS mode (with Docker configured)
;; PantherX OS Desktop Configuration v2
;; boot in "legacy" BIOS mode
;; /etc/system.scm
;;
;; with Docker service
(use-modules (gnu)
(gnu system)
(px system config))
;; Add the service module 'docker'
(use-service-modules docker)
(px-desktop-os
(operating-system
(host-name "px-base")
(timezone "Europe/Berlin")
(locale "en_US.utf8")
;; Boot in "legacy" BIOS mode, assuming /dev/sda is the
;; target hard disk, and "my-root" is the label of the target
;; root file system.
(bootloader (bootloader-configuration
(bootloader grub-bootloader)
(targets '("/dev/sda"))))
(file-systems (cons (file-system
(device (file-system-label "my-root"))
(mount-point "/")
(type "ext4"))
%base-file-systems))
(users (cons (user-account
(name "panther")
(comment "panther's account")
(group "users")
;; Set the default password to 'pantherx'
;; Important: Change with 'passwd panther' after first login
(password (crypt "pantherx" "$6$abc"))
;; Adding the account to the "wheel" group
;; makes it a sudoer. Adding it to "audio"
;; and "video" allows the user to play sound
;; and access the webcam. Adding it to "docker"
;; allows docker deamon access
(supplementary-groups '("wheel"
"audio" "video" "docker"))
(home-directory "/home/panther"))
%base-user-accounts))
;; Globally-installed packages.
(packages (cons*
%px-desktop-packages))
;; Globally-activated services.
(services (cons* (service docker-service-type)
%px-desktop-services))))
Desktop: Boot in UEFI mode
;; PantherX OS Desktop Configuration v2
;; boot in EFI mode
;; /etc/system.scm
(use-modules (gnu)
(gnu system)
(gnu services desktop)
(px system config))
(px-desktop-os
(operating-system
(host-name "px-base")
(timezone "Europe/Berlin")
(locale "en_US.utf8")
;; Boot in EFI mode, assuming /dev/sda is the
;; target hard disk, and "my-root" is the label of the target
;; root file system.
(bootloader (bootloader-configuration
(bootloader grub-efi-bootloader)
(targets '("/boot/efi"))))
(file-systems (append
(list (file-system
(device (file-system-label "my-root"))
(mount-point "/")
(type "ext4"))
(file-system
(device "/dev/sda1")
(mount-point "/boot/efi")
(type "vfat")))
%base-file-systems))
(users (cons (user-account
(name "panther")
(comment "panther's account")
(group "users")
;; Set the default password to 'pantherx'
;; Important: Change with 'passwd panther' after first login
(password (crypt "pantherx" "$6$abc"))
;; Adding the account to the "wheel" group
;; makes it a sudoer. Adding it to "audio"
;; and "video" allows the user to play sound
;; and access the webcam.
(supplementary-groups '("wheel"
"audio" "video"))
(home-directory "/home/panther"))
%base-user-accounts))
;; Globally-installed packages.
(packages (cons*
%px-desktop-packages))
;; Globally-activated services.
(services (cons*
(service xfce-desktop-service-type)
%px-desktop-services))))
Adjust Firewall
PantherX defaults to nftables as package filter and as seen above, it’s easy to open additional ports.
Example for SSH:
#:open-ports '(("tcp" "ssh"))
Example for typical webserver:
#:open-ports '(("tcp" "ssh", "http", "https"))
#:open-ports '(("tcp" "22", "80", "443")) ;; identical
Example with multiple protocols:
#:open-ports '(("tcp" "ssh")
("udp" "53"))
Enable SSH access
To access your desktop remotely:
- Define your public key in config.scm
- Open the SSH port
- Add your public key to the authorized keys
(define %ssh-public-key
"ssh-ed25519 AAAAC3NzaC1lZSJANJQ5AAAAIP7gcASKK1KAM91dl1OC0GqpgcudsaaJ4QydPg panther")
(px-desktop-os
...
#:open-ports '(("tcp" "ssh"))
#:authorized-keys `(("root" ,(plain-file "panther.pub" %ssh-public-key))
))
Change Kernel
px-desktop-os defaults on nonlibre kernel, px-server-os on libre.
You can easily switch between kernel:
#:kernel 'libre#:kernel 'nonlibre#:kernel 'custom
If needed, 'custom gives you fill control:
(px-desktop-os
(operating-system
...
(kernel linux)
(initrd microcode-initrd)
(firmware (list linux-firmware))
...
))
Desktop Libre
This provides the default desktop environment with non-libre components stripped.
- Libre kernel
- Firewall with sane defaults (
22is not open)
Use this only if you know what you’re doing.
px-desktop-os
%px-desktop-packages
%px-desktop-services
You can toggle the libre kernel in system.scm:
(px-desktop-os
...
#:kernel 'libre
)
For Firewall and SSH configuration, check the previous section. It’s identical for every system.
Server
This provides the default server environment.
- Libre kernel
- Firewall with sane defaults (
22is open) - SSH login only with SSH key
- DHCP, NTP
px-server-os
%px-server-packages
%px-server-services
Example
Server: Boot in BIOS mode
;; PantherX OS Server Configuration v2
;; boot in "legacy" BIOS mode
;; /etc/system.scm
(use-modules (gnu)
(gnu system)
(px system config))
(define %ssh-public-key
"ssh-ed25519 AAAAC3NzaC1lZSJANJQ5AAAAIP7gcASKK1KAM91dl1OC0GqpgcudsaaJ4QydPg panther")
(px-server-os
(operating-system
(host-name "px-base")
(timezone "Europe/Berlin")
(locale "en_US.utf8")
;; Boot in "legacy" BIOS mode, assuming /dev/sda is the
;; target hard disk, and "my-root" is the label of the target
;; root file system.
(bootloader (bootloader-configuration
(bootloader grub-bootloader)
(targets '("/dev/sda"))))
(file-systems (cons (file-system
(device (file-system-label "my-root"))
(mount-point "/")
(type "ext4"))
%base-file-systems))
(users (cons (user-account
(name "panther")
(comment "panther's account")
(group "users")
;; Set the default password to 'pantherx'
;; Important: Change with 'passwd panther' after first login
(password (crypt "pantherx" "$6$abc"))
;; Adding the account to the "wheel" group
;; makes it a sudoer. Adding it to "audio"
;; and "video" allows the user to play sound
;; and access the webcam.
(supplementary-groups '("wheel"
"audio" "video"))
(home-directory "/home/panther"))
%base-user-accounts))
;; Globally-installed packages.
(packages (cons*
%px-server-packages))
;; Globally-activated services.
(services (cons*
%px-server-services)))
#:open-ports '(("tcp" "ssh"))
#:authorized-keys `(("root" ,(plain-file "panther.pub" %ssh-public-key))))
For Firewall and SSH configuration, check the previous section. It’s identical for every system.