System configuration

Table of Content

Desktop

This provides the default desktop environment.

  • Standard Linux kernel
  • Firewall with sane defaults (22 is not open)
px-desktop-os
%px-desktop-packages
%px-desktop-services

Example

Desktop: Boot in BIOS mode

;; PantherX OS Desktop Configuration v2
;; boot in "legacy" BIOS mode
;; /etc/system.scm

(use-modules (gnu)
             (gnu system)
             (px system install)
             (px system))

(px-desktop-os
 (operating-system
  (host-name "px-base")
  (timezone "Europe/Berlin")
  (locale "en_US.utf8")
  
  ;; Boot in "legacy" BIOS mode, assuming /dev/sda is the
  ;; target hard disk, and "my-root" is the label of the target
  ;; root file system.
  (bootloader (bootloader-configuration
               (bootloader grub-bootloader)
               (targets '("/dev/sda"))))
  
  (file-systems (cons (file-system
                       (device (file-system-label "my-root"))
                       (mount-point "/")
                       (type "ext4"))
                      %base-file-systems))
  
  (users (cons (user-account
                (name "panther")
                (comment "panther's account")
                (group "users")
                ;; Set the default password to 'pantherx'
                ;; Important: Change with 'passwd panther' after first login
                (password (crypt "pantherx" "$6$abc"))
		
                ;; Adding the account to the "wheel" group
                ;; makes it a sudoer.  Adding it to "audio"
                ;; and "video" allows the user to play sound
                ;; and access the webcam.
                (supplementary-groups '("wheel"
                                        "audio" "video"))
                (home-directory "/home/panther"))
               %base-user-accounts))
  
  ;; Globally-installed packages.
  (packages (cons*
	     %px-desktop-packages))
  
  ;; Globally-activated services.
  (services (cons*
	     %px-desktop-services))))

Desktop: Boot in BIOS mode (with Docker configured)

;; PantherX OS Desktop Configuration v2
;; boot in "legacy" BIOS mode
;; /etc/system.scm
;;
;; with Docker service

(use-modules (gnu)
             (gnu system)
             (px system install)
             (px system))

;; Add the service module 'docker'
(use-service-modules docker)

(px-desktop-os
 (operating-system
  (host-name "px-base")
  (timezone "Europe/Berlin")
  (locale "en_US.utf8")
  
  ;; Boot in "legacy" BIOS mode, assuming /dev/sda is the
  ;; target hard disk, and "my-root" is the label of the target
  ;; root file system.
  (bootloader (bootloader-configuration
               (bootloader grub-bootloader)
               (targets '("/dev/sda"))))
  
  (file-systems (cons (file-system
                       (device (file-system-label "my-root"))
                       (mount-point "/")
                       (type "ext4"))
                      %base-file-systems))
  
  (users (cons (user-account
                (name "panther")
                (comment "panther's account")
                (group "users")
                ;; Set the default password to 'pantherx'
                ;; Important: Change with 'passwd panther' after first login
                (password (crypt "pantherx" "$6$abc"))
		
                ;; Adding the account to the "wheel" group
                ;; makes it a sudoer.  Adding it to "audio"
                ;; and "video" allows the user to play sound
                ;; and access the webcam. Adding it to "docker"
		;; allows docker deamon access
                (supplementary-groups '("wheel"
                                        "audio" "video" "docker"))
                (home-directory "/home/panther"))
               %base-user-accounts))
  
  ;; Globally-installed packages.
  (packages (cons*
	     %px-desktop-packages))
  
  ;; Globally-activated services.
  (services (cons* (service docker-service-type)
		   %px-desktop-services))))

Desktop: Boot in EFI mode

;; PantherX OS Desktop Configuration v2
;; boot in EFI mode
;; /etc/system.scm

(use-modules (gnu)
             (gnu system)
             (px system install)
             (px system))

(px-desktop-os
 (operating-system
  (host-name "px-base")
  (timezone "Europe/Berlin")
  (locale "en_US.utf8")
  
  ;; Boot in EFI mode, assuming /dev/sda is the
  ;; target hard disk, and "my-root" is the label of the target
  ;; root file system.
  (bootloader (bootloader-configuration
               (bootloader grub-efi-bootloader)
               (targets '("/boot/efi"))))
  
  (file-systems (append
		 (list (file-system
			(device (file-system-label "my-root"))
			(mount-point "/")
			(type "ext4"))
		       (file-system
			(device "/dev/sda1")
			(mount-point "/boot/efi")
			(type "vfat")))
		 %base-file-systems))
  
  (users (cons (user-account
                (name "panther")
                (comment "panther's account")
                (group "users")
                ;; Set the default password to 'pantherx'
                ;; Important: Change with 'passwd panther' after first login
                (password (crypt "pantherx" "$6$abc"))
		
                ;; Adding the account to the "wheel" group
                ;; makes it a sudoer.  Adding it to "audio"
                ;; and "video" allows the user to play sound
                ;; and access the webcam.
                (supplementary-groups '("wheel"
                                        "audio" "video"))
                (home-directory "/home/panther"))
               %base-user-accounts))
  
  ;; Globally-installed packages.
  (packages (cons*
	     %px-desktop-packages))
  
  ;; Globally-activated services.
  (services (cons*
	     %px-desktop-services))))

Enable SSH access

To access your desktop remotely:

  1. Define your public key in config.scm
  2. Open the SSH port
  3. Add your public key to the authorized keys
(define %ssh-public-key
  "ssh-ed25519 AAAAC3NzaC1lZSJANJQ5AAAAIP7gcASKK1KAM91dl1OC0GqpgcudsaaJ4QydPg panther")

(px-desktop-os
  ...
  #:open-ports '(("tcp" "ssh"))
  #:authorized-keys `(("root" ,(plain-file "panther.pub" %ssh-public-key))
))

Desktop Libre

This provides the default desktop environment with non-libre components stipped.

  • Libre kernel
  • Firewall with sane defaults (22 is not open)
px-desktop-os
%px-desktop-packages
%px-desktop-services

You can toggle the libre kernel in system.scm:

(px-desktop-os
  ...
  #:kernel 'nonlibre
)

Server

This provides the default server environment.

  • Libre kernel
  • Firewall with sane defaults (22 is open)
  • SSH login only with SSH key
  • DHCP, NTP
px-server-os
%px-server-packages
%px-server-services

Example

Server: Boot in BIOS mode

;; PantherX OS Server Configuration v2
;; boot in "legacy" BIOS mode
;; /etc/system.scm

(use-modules (gnu)
             (gnu system)
             (px system install)
             (px system))

(define %ssh-public-key
  "ssh-ed25519 AAAAC3NzaC1lZSJANJQ5AAAAIP7gcASKK1KAM91dl1OC0GqpgcudsaaJ4QydPg panther")

(px-server-os
 (operating-system
  (host-name "px-base")
  (timezone "Europe/Berlin")
  (locale "en_US.utf8")

  ;; Boot in "legacy" BIOS mode, assuming /dev/sda is the
  ;; target hard disk, and "my-root" is the label of the target
  ;; root file system.
  (bootloader (bootloader-configuration
               (bootloader grub-bootloader)
               (targets '("/dev/sda"))))
       
  (file-systems (cons (file-system
                       (device (file-system-label "my-root"))
                       (mount-point "/")
                       (type "ext4"))
                      %base-file-systems))

  (users (cons (user-account
                (name "panther")
                (comment "panther's account")
                (group "users")
                ;; Set the default password to 'pantherx'
                ;; Important: Change with 'passwd panther' after first login
                (password (crypt "pantherx" "$6$abc"))

                ;; Adding the account to the "wheel" group
                ;; makes it a sudoer.  Adding it to "audio"
                ;; and "video" allows the user to play sound
                ;; and access the webcam.
                (supplementary-groups '("wheel"
                                        "audio" "video"))
                (home-directory "/home/panther"))
               %base-user-accounts))

  ;; Globally-installed packages.
  (packages (cons*
   %px-server-packages))

  ;; Globally-activated services.
  (services (cons*
   %px-server-services)))

 #:open-ports '(("tcp" "ssh"))
 #:authorized-keys `(("root" ,(plain-file "panther.pub" %ssh-public-key))))

See also

PantherX & (unofficial) GNU Guix Wiki.

Last update: 2021-10-12 20:09:22 +0000

Inspired by the excellent Arch Linux Wiki