seasharp/Rosenthal
1
0
Fork 0
mirror of https://codeberg.org/hako/Rosenthal.git synced 2026-04-03 08:24:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: seasharp:3daa92a2169a5340207db60c9a7b35f64cd520a5
Branches Tags
seasharp:trunk
seasharp:keyring
..
compare: seasharp:42d15decd16f7a309ab24de39d1c0acbd75d667a
Branches Tags
seasharp:trunk
seasharp:keyring

No commits in common. "3daa92a2169a5340207db60c9a7b35f64cd520a5" and "42d15decd16f7a309ab24de39d1c0acbd75d667a" have entirely different histories.
3daa92a216 ... 42d15decd1

19 changed files with 505 additions and 3092 deletions
Show Stats Expand all files Collapse all files

10
NEWS
View File

@ -6,16 +6,6 @@
(channel-news
(version 0)
(entry ;2025-09-05
(commit "c171b73ae7e66e55b4fc60422bc030c5aade444c")
(title (en "Manual intervention required for Caddy service change")
(zh "Caddy 服務改動需要人爲干預"))
(body (en "@code{caddy-service-type} has switched to @code{etc-service-type}
to set up Caddy configuration file. Please remove the existing
@file{/etc/caddy} directory before system reconfiguration.")
(zh "@code{caddy-service-type} 已改爲使用 @code{etc-service-type} 設置
配置文件。請在重新配置系統前刪除已有的 @file{/etc/caddy} 目錄。")))
(entry ;2024-12-08
(commit "162defb8388b4099f6ae8699ec8872f845a2481e")
(title (en "Hyprland upstreamed")

20
README.org
View File

@ -3,17 +3,13 @@
#+TITLE: Rosenthal - A certain Guix channel
Rosenthal is a Guix channel (see [[https://guix.gnu.org/manual/devel/en/html_node/Channels.html][Channels]] in /GNU Guix Reference Manual/)
created for experiments. It currently holds some packages and services not
ready for upstreaming to [[https://guix.gnu.org/][GNU Guix]].
Rosenthal is a Guix channel (see [[https://guix.gnu.org/manual/devel/en/html_node/Channels.html][Channels]] in /GNU Guix Reference Manual/) created for experiments. It currently holds some packages and services not ready for upstreaming to [[https://guix.gnu.org/][GNU Guix]].
You can use [[https://toys.whereis.social/][toys]] to search packages and services from Rosenthal and other Guix
channels.
You can use [[https://toys.whereis.social/][toys]] to search packages and services from Rosenthal and other Guix channels.
Note that all contents in this channel are subject to change and may be deleted
**at any time**, please [[https://codeberg.org/hako/Rosenthal/issues][report an issue]] if you are affected.
Note that all contents in this channel are subject to change and may be deleted **at any time**, please [[https://codeberg.org/hako/Rosenthal/issues][report an issue]] if you are affected.
Channel specification:
Channel definition:
#+begin_src scheme
(channel
(name 'rosenthal)
@ -26,13 +22,7 @@ Channel specification:
"13E7 6CD6 E649 C28C 3385 4DF5 5E5A A665 6149 17F7"))))
#+end_src
For configuration, see [[https://guix.gnu.org/manual/devel/en/html_node/Specifying-Additional-Channels.html][Specifying Additional Channels]], [[https://guix.gnu.org/manual/devel/en/html_node/Customizing-the-System_002dWide-Guix.html][Customizing the
System-Wide Guix]] and [[https://guix.gnu.org/manual/devel/en/html_node/Guix-Home-Services.html#index-home_002dchannels_002dservice_002dtype][~home-channels-service-type~]] in /GNU Guix Reference
Manual/.
This channel provides substitutes built by [[https://ci.guix.moe/][Guix Moe CI]], see [[https://ultrarare.space/en/posts/guix-build-farm/][its blog post]] for
setup and more information. [[https://codeberg.org/hako/Testament/issues][Send a request]] if you'd like to see substitutes
available for more channels.
For configuration, see [[https://guix.gnu.org/manual/devel/en/html_node/Specifying-Additional-Channels.html][Specifying Additional Channels]], [[https://guix.gnu.org/manual/devel/en/html_node/Customizing-the-System_002dWide-Guix.html][Customizing the System-Wide Guix]] and [[https://guix.gnu.org/manual/devel/en/html_node/Guix-Home-Services.html#index-home_002dchannels_002dservice_002dtype][~home-channels-service-type~]] in /GNU Guix Reference Manual/.
Wiki: https://codeberg.org/hako/Rosenthal/wiki

98
modules/rosenthal/examples/niri.kdl
View File

@ -5,11 +5,11 @@
// This config is in the KDL format: https://kdl.dev
// "/-" comments out the following node.
// Check the wiki for a full description of the configuration:
// https://yalter.github.io/niri/Configuration:-Introduction
// https://github.com/YaLTeR/niri/wiki/Configuration:-Overview
// Input device configuration.
// Find the full list of options on the wiki:
// https://yalter.github.io/niri/Configuration:-Input
// https://github.com/YaLTeR/niri/wiki/Configuration:-Input
input {
keyboard {
xkb {
@ -19,28 +19,18 @@ input {
// For example:
// layout "us,ru"
// options "grp:win_space_toggle,compose:ralt,ctrl:nocaps"
// If this section is empty, niri will fetch xkb settings
// from org.freedesktop.locale1. You can control these using
// localectl set-x11-keymap.
}
// Enable numlock on startup, omitting this setting disables it.
numlock
repeat-delay 300
repeat-rate 30
}
// Next sections include libinput settings.
// Omitting settings disables them, or leaves them at their default values.
// All commented-out settings here are examples, not defaults.
touchpad {
// off
tap
// dwt
// dwtp
// drag false
// drag-lock
natural-scroll
// accel-speed 0.2
@ -64,7 +54,6 @@ input {
// accel-profile "flat"
// scroll-method "on-button-down"
// scroll-button 273
// scroll-button-lock
// middle-emulation
}
@ -80,7 +69,7 @@ input {
// by running `niri msg outputs` while inside a niri instance.
// The built-in laptop monitor is usually called "eDP-1".
// Find more information on the wiki:
// https://yalter.github.io/niri/Configuration:-Outputs
// https://github.com/YaLTeR/niri/wiki/Configuration:-Outputs
// Remember to uncomment the node by removing "/-"!
/-output "eDP-1" {
// Uncomment this line to disable this output.
@ -115,7 +104,7 @@ input {
// Settings that influence how windows are positioned and sized.
// Find more information on the wiki:
// https://yalter.github.io/niri/Configuration:-Layout
// https://github.com/YaLTeR/niri/wiki/Configuration:-Layout
layout {
// Set gaps around windows in logical pixels.
gaps 16
@ -177,9 +166,6 @@ layout {
active-color "#7fc8ff"
// Color of the ring on inactive monitors.
//
// The focus ring only draws around the active window, so the only place
// where you can see its inactive-color is on other monitors.
inactive-color "#505050"
// You can also use gradients. They take precedence over solid colors.
@ -189,7 +175,7 @@ layout {
// You can use any CSS linear-gradient tool on the web to set these up.
// Changing the color space is also supported, check the wiki for more info.
//
// active-gradient from="#80c8ff" to="#c7ff7f" angle=45
// active-gradient from="#80c8ff" to="#bbddff" angle=45
// You can also color the gradient relative to the entire view
// of the workspace, rather than relative to just the window itself.
@ -208,14 +194,7 @@ layout {
active-color "#ffc87f"
inactive-color "#505050"
// Color of the border around windows that request your attention.
urgent-color "#9b0000"
// Gradients can use a few different interpolation color spaces.
// For example, this is a pastel rainbow gradient via in="oklch longer hue".
//
// active-gradient from="#e5989b" to="#ffb4a2" angle=45 relative-to="workspace-view" in="oklch longer hue"
// active-gradient from="#ffbb66" to="#ffc880" angle=45 relative-to="workspace-view"
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
}
@ -273,17 +252,7 @@ layout {
// Note that running niri as a session supports xdg-desktop-autostart,
// which may be more convenient to use.
// See the binds section below for more spawn examples.
// This line starts waybar, a commonly used bar for Wayland compositors.
// spawn-at-startup "waybar"
// To run a shell command (with variables, pipes, etc.), use spawn-sh-at-startup:
// spawn-sh-at-startup "qs -c ~/source/qs/MyAwesomeShell"
hotkey-overlay {
// Uncomment this line to disable the "Important Hotkeys" pop-up at startup.
// skip-at-startup
}
// spawn-at-startup "foot" "fish"
// Uncomment this line to ask the clients to omit their client-side decorations if possible.
// If the client will specifically ask for CSD, the request will be honored.
@ -302,7 +271,7 @@ screenshot-path "~/Screenshot from %Y-%m-%d %H-%M-%S.png"
// Animation settings.
// The wiki explains how to configure individual animations:
// https://yalter.github.io/niri/Configuration:-Animations
// https://github.com/YaLTeR/niri/wiki/Configuration:-Animations
animations {
// Uncomment to turn off all animations.
// off
@ -313,7 +282,7 @@ animations {
// Window rules let you adjust behavior for individual windows.
// Find more information on the wiki:
// https://yalter.github.io/niri/Configuration:-Window-Rules
// https://github.com/YaLTeR/niri/wiki/Configuration:-Window-Rules
// Work around WezTerm's initial configure bug
// by setting an empty default-column-width.
@ -369,35 +338,26 @@ binds {
Mod+Shift+Slash { show-hotkey-overlay; }
// Suggested binds for running programs: terminal, app launcher, screen locker.
Mod+T hotkey-overlay-title="Open a Terminal: foot" { spawn "foot"; }
Mod+D hotkey-overlay-title="Run an Application: rofi" { spawn "rofi" "-show" "drun"; }
// Super+Alt+L hotkey-overlay-title="Lock the Screen: swaylock" { spawn "swaylock"; }
Mod+T { spawn "foot"; }
Mod+D { spawn "rofi" "-show" "drun"; }
// Super+Alt+L { spawn "swaylock"; }
// Use spawn-sh to run a shell command. Do this if you need pipes, multiple commands, etc.
// Note: the entire command goes as a single argument. It's passed verbatim to `sh -c`.
// For example, this is a standard bind to toggle the screen reader (orca).
Super+Alt+S allow-when-locked=true hotkey-overlay-title=null { spawn-sh "pkill orca || exec orca"; }
// You can also use a shell. Do this if you need pipes, multiple commands, etc.
// Note: the entire command goes as a single argument in the end.
// Mod+T { spawn "bash" "-c" "notify-send hello && exec foot"; }
// Example volume keys mappings for PipeWire & WirePlumber.
// The allow-when-locked=true property makes them work even when the session is locked.
// Using spawn-sh allows to pass multiple arguments together with the command.
XF86AudioRaiseVolume allow-when-locked=true { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.1+"; }
XF86AudioLowerVolume allow-when-locked=true { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.1-"; }
XF86AudioMute allow-when-locked=true { spawn-sh "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; }
XF86AudioMicMute allow-when-locked=true { spawn-sh "wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle"; }
XF86AudioRaiseVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1+"; }
XF86AudioLowerVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1-"; }
XF86AudioMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"; }
XF86AudioMicMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SOURCE@" "toggle"; }
// Example brightness key mappings for light.
// You can use regular spawn with multiple arguments too (to avoid going through "sh"),
// but you need to manually put each argument in separate "" quotes.
XF86MonBrightnessUp allow-when-locked=true { spawn "light" "-A" "10"; }
XF86MonBrightnessDown allow-when-locked=true { spawn "light" "-U" "10"; }
// Open/close the Overview: a zoomed-out view of workspaces and windows.
// You can also move the mouse into the top-left hot corner,
// or do a four-finger swipe up on a touchpad.
Mod+O repeat=false { toggle-overview; }
Mod+Q repeat=false { close-window; }
Mod+Q { close-window; }
Mod+Left { focus-column-left; }
Mod+Down { focus-window-down; }
@ -502,8 +462,8 @@ binds {
// These binds are also affected by touchpad's natural-scroll, so these
// example binds are "inverted", since we have natural-scroll enabled for
// touchpads by default.
// Mod+TouchpadScrollDown { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.02+"; }
// Mod+TouchpadScrollUp { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.02-"; }
// Mod+TouchpadScrollDown { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.02+"; }
// Mod+TouchpadScrollUp { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.02-"; }
// You can refer to workspaces by index. However, keep in mind that
// niri is a dynamic workspace system, so these commands are kind of
@ -550,8 +510,6 @@ binds {
Mod+Period { expel-window-from-column; }
Mod+R { switch-preset-column-width; }
// Cycling through the presets in reverse order is also possible.
// Mod+R { switch-preset-column-width-back; }
Mod+Shift+R { switch-preset-window-height; }
Mod+Ctrl+R { reset-window-height; }
Mod+F { maximize-column; }
@ -563,9 +521,6 @@ binds {
Mod+C { center-column; }
// Center all fully visible columns on screen.
Mod+Ctrl+C { center-visible-columns; }
// Finer width adjustments.
// This command can also:
// * set width in pixels: "1000"
@ -621,10 +576,11 @@ binds {
Mod+Shift+P { power-off-monitors; }
}
// Rootless Xwayland support
spawn-at-startup "xwayland-satellite" ":233"
environment {
DISPLAY ":233"
}
// Start user Shepherd
spawn-at-startup "sh" "-c" "pgrep --uid $USER shepherd > /dev/null || shepherd"
overview {
backdrop-color "#D2DEE9"
}

196
modules/rosenthal/packages/binaries.scm
View File

@ -9,7 +9,6 @@
#:use-module (guix deprecation)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix utils)
#:use-module (guix build-system copy)
#:use-module (gnu build icecat-extension)
#:use-module (gnu packages base)
@ -29,6 +28,18 @@
(define license
(@@ (guix licenses) license))
(define-public atuin-bin
(deprecated-package "atuin-bin" atuin))
(define-public hugo-bin
(deprecated-package "hugo-bin" hugo))
(define-public mihomo-bin
(deprecated-package "mihomo-bin" mihomo))
(define-public clash-meta-bin
(deprecated-package "clash-meta-bin" mihomo-bin))
(define-public cloudflare-warp-bin
(package
(name "cloudflare-warp-bin")
@ -142,7 +153,6 @@ exec ~a -jar ~a $@~%"
(description
"Komga is a media server for your comics, mangas, BDs, magazines and
eBooks.")
(supported-systems '("x86_64-linux"))
(license license:expat)
(properties '((upstream-name . "komga")
(disable-updater? . #t)))))
@ -228,6 +238,12 @@ monster-in-the-middle}.")
(properties '((upstream-name . "shadow-tls")
(disable-updater? . #t)))))
(define-public sing-box-bin
(deprecated-package "sing-box-bin" sing-box))
(define-public tailscale-bin
(deprecated-package "tailscale-bin" tailscale))
(define-public wakapi-bin
(package
(name "wakapi-bin")
@ -279,179 +295,3 @@ to WakaTime, which is used by all WakaTime text editor plugins.")
(license license:bsd-3)
(properties '((upstream-name . "wakatime-cli")
(disable-updater? . #t)))))
(define-public grafana-bin
(package
(name "grafana-bin")
(version "12.1.1")
(source (origin
(method url-fetch)
(uri (string-append "https://dl.grafana.com/grafana/release/"
version "/grafana_" version "_" "16903967602"
"_linux_amd64.tar.gz"))
(sha256
(base32
"056jj4ww1l36y77v9qmqhgsg7lsr328bhp7y48c6l125cal1snl2"))))
(build-system copy-build-system)
(arguments
(list #:install-plan
#~'(("bin" "bin")
("conf" "share/grafana/")
("public" "share/grafana/"))))
(synopsis "Platform for monitoring and observability")
(description
"Grafana allows you to query, visualize, alert on and understand your
metrics no matter where they are stored.")
(home-page "https://grafana.com/")
(license license:agpl3)
(supported-systems '("x86_64-linux"))
(properties '((upstream-name . "grafana")
(disable-updater? . #t)))))
(define-public prometheus-bin
(package
(name "prometheus-bin")
(version "3.5.0")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/prometheus/prometheus"
"/releases/download/v" version
"/prometheus-" version ".linux-amd64.tar.gz"))
(sha256
(base32
"16pk8s5lsrvzlqsrhdpmrw98nq8vyqa87wm417xjm0kdy9x844g8"))))
(build-system copy-build-system)
(arguments
(list #:install-plan
#~'(("prometheus" "bin/")
("promtool" "bin/")
("prometheus.yml" "etc/"))))
(synopsis "Monitoring system and time series database")
(description
"Prometheus is a systems and service monitoring system. It collects
metrics from configured targets at given intervals, evaluates rule expressions,
displays the results, and can trigger alerts when specified conditions are
observed.")
(home-page "https://prometheus.io/")
(license license:asl2.0)
(supported-systems '("x86_64-linux"))
(properties '((upstream-name . "prometheus")))))
(define-public mimir-bin
(package
(name "mimir-bin")
(version "2.17.1")
(source (origin
(method url-fetch)
(uri (string-append
"https://github.com/grafana/mimir/releases/download/mimir-"
version "/mimir-linux-amd64"))
(sha256
(base32
"1vnrpzwyjz7plzdiih65853ndvg64a9n1x1i7jqr085byhpayp82"))))
(build-system copy-build-system)
(arguments
(list #:phases
#~(modify-phases %standard-phases
(replace 'install
(lambda* (#:key source #:allow-other-keys)
(let ((name "mimir")
(dest (in-vicinity #$output "bin")))
(mkdir-p dest)
(with-directory-excursion dest
(copy-file source name)
(chmod name #o555))))))))
(synopsis "Scalable long-term storage for Prometheus")
(description
"Grafana Mimir provides horizontally scalable, highly available,
multi-tenant, long-term storage for Prometheus.")
(home-page "https://grafana.com/oss/mimir/")
(license license:agpl3)
(supported-systems '("x86_64-linux"))
(properties '((upstream-name . "mimir")
(disable-updater? . #t)))))
(define-public loki-bin
(package
(name "loki-bin")
(version "3.5.4")
(source (origin
(method url-fetch/zipbomb)
(uri (string-append
"https://github.com/grafana/loki/releases/download/v"
version "/loki-linux-amd64.zip"))
(sha256
(base32
"1z1z60ki4zavijw0idpard0xx38q8140wv2hykxb3rikb05z0frk"))))
(build-system copy-build-system)
(arguments
(list #:install-plan
#~'(("loki-linux-amd64" "bin/loki"))))
(synopsis "Log aggregation system")
(description
"Loki is a horizontally scalable, highly available, multi-tenant log
aggregation system inspired by Prometheus. It is designed to be very cost
effective and easy to operate. It does not index the contents of the logs, but
rather a set of labels for each log stream.")
(home-page "https://grafana.com/oss/loki/")
(license license:agpl3)
(supported-systems '("x86_64-linux"))
(properties '((upstream-name . "loki")
(disable-updater? . #t)))))
(define-public alloy-bin
(package
(name "alloy-bin")
(version "1.10.2")
(source (origin
(method url-fetch/zipbomb)
(uri (string-append
"https://github.com/grafana/alloy/releases/download/v"
version "/alloy-linux-amd64.zip"))
(sha256
(base32
"03hwmnkx2awxlfw3ixplfnwzx7n1x624n1yw6cgky4hhjz13d3i8"))))
(build-system copy-build-system)
(arguments
(list #:install-plan
#~'(("alloy-linux-amd64" "bin/alloy"))
#:phases
#~(modify-phases %standard-phases
(add-after 'install 'patch-elf
(lambda* (#:key inputs #:allow-other-keys)
(let ((name "alloy")
(dest (in-vicinity #$output "bin"))
(ld.so (search-input-file inputs #$(glibc-dynamic-linker))))
(with-directory-excursion dest
(invoke "patchelf" "--set-interpreter" ld.so name))))))))
(native-inputs (list patchelf))
(synopsis
"OpenTelemetry Collector distribution with programmable pipelines")
(description
"Grafana Alloy is an open source OpenTelemetry Collector distribution with
built-in Prometheus pipelines and support for metrics, logs, traces, and
profiles.")
(home-page "https://grafana.com/oss/alloy-opentelemetry-collector/")
(license license:agpl3)
(supported-systems '("x86_64-linux"))
(properties '((upstream-name . "alloy")
(disable-updater? . #t)))))
(define-public alloy-bin-aarch64-linux
(package
(inherit alloy-bin)
(name "alloy-bin-aarch64-linux")
(version "1.10.2")
(source (origin
(method url-fetch/zipbomb)
(uri (string-append
"https://github.com/grafana/alloy/releases/download/v"
version "/alloy-linux-arm64.zip"))
(sha256
(base32
"1gnfdhs8rxyn18swy1kv1f2lbsj6abjlhrgaibsj2a87swgcyvjg"))))
(arguments
(substitute-keyword-arguments (package-arguments alloy-bin)
((#:install-plan _ ''())
#~'(("alloy-linux-arm64" "bin/alloy")))))
(supported-systems '("aarch64-linux"))))

19
modules/rosenthal/packages/ci.scm
View File

@ -8,3 +8,22 @@
#:use-module (guix packages)
#:use-module (guix git-download)
#:use-module (gnu packages ci))
(define-public cuirass/hako
(let ((commit "ccc11de138b5c15990551ad6cc883aeb15a8f80c")
(revision "2"))
(package
(inherit cuirass)
(name "cuirass-hako")
(version (git-version "1.2.0" revision commit))
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://codeberg.org/guix/cuirass.git")
(commit commit)))
(file-name (git-file-name name version))
(sha256
(base32
"1yxfss23pkr39ymrcw3injqm05aqczhkyjrn79qkfakwi2bqismm"))))
(properties '((disable-updater? . #t))))))

36
modules/rosenthal/packages/golang.scm
View File

@ -1,36 +0,0 @@
(define-module (rosenthal packages golang)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix gexp)
#:use-module (guix packages)
#:use-module (guix utils)
#:use-module (guix download)
#:use-module (guix git-download)
#:use-module (rosenthal utils download)
#:use-module (rosenthal utils cargo)
#:use-module (guix build-system cargo)
#:use-module (guix build-system copy)
#:use-module (guix build-system go)
#:use-module (gnu packages golang)
#:use-module (gnu packages image)
#:use-module (gnu packages jemalloc)
#:use-module (gnu packages web)
#:use-module (gnu packages version-control))
(define-public go-1.25
(package
(inherit go-1.24)
(name "go")
(version "1.25.1")
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/golang/go")
(commit (string-append "go" version))))
(file-name (git-file-name name version))
(sha256
(base32 "1pc6ybdsd2v6rviylmmdzns3v0ramrcbhn935ikff39shpij4xp4"))))
;; TODO
(arguments
(substitute-keyword-arguments (package-arguments go-1.24)
((#:tests? _ #t) #f)))))

6
modules/rosenthal/packages/networking.scm
View File

@ -139,7 +139,7 @@ bypass network restrictions." )
(define-public sing-box
(package
(name "sing-box")
(version "1.12.4")
(version "1.12.3")
(source (origin
(method git-fetch)
(uri (git-reference
@ -148,7 +148,7 @@ bypass network restrictions." )
(file-name (git-file-name name version))
(sha256
(base32
"0izhria2rh4cvybghb0yfll5bibahvffgj5fhncx3frk6arrmkix"))))
"1253dbdixq936y3f5gw72an1l25pinzdqqnz1i9983ajxc5l4y1q"))))
(build-system go-build-system)
(arguments
(list
@ -216,7 +216,7 @@ bypass network restrictions." )
(file-name "vendored-go-dependencies")
(sha256
(base32
"0plnpg70zmdspqqb609lvx5kncn7iccindygjmasq6myvy37bwi3"))))
"1dbw0p8mmhxh715x7r9kwy5dribl3pa979fpfa98ayyynvd0zxb3"))))
(if (%current-target-system)
(list this-package)
'())))

8
modules/rosenthal/packages/package-management.scm
View File

@ -10,14 +10,12 @@
#:use-module (rosenthal utils packages)
#:use-module (gnu packages package-management))
(define-public guix/dolly
(define-public guix/hako
(package
(inherit
(package-with-extra-patches guix
(rosenthal-patches "guix-change-publish-cache-storage.patch"
"guix-allow-out-of-tree-modules-in-initrd.patch"
"guix-wip-zfs-boot-support.patch")))
(name "guix-dolly")
(rosenthal-patches "guix-change-publish-cache-storage.patch")))
(name "guix-hako")
(arguments
(substitute-keyword-arguments (package-arguments guix)
((#:tests? _ #t) #f)

270
modules/rosenthal/packages/patches/guix-allow-out-of-tree-modules-in-initrd.patch
View File

@ -1,270 +0,0 @@
From 4323514d1b259a0dd61572e3c0859fab4250d297 Mon Sep 17 00:00:00 2001
Message-ID: <4323514d1b259a0dd61572e3c0859fab4250d297.1757725903.git.hako@ultrarare.space>
From: Brian Cully <bjc@spork.org>
Date: Sun, 16 Feb 2025 21:52:45 +0900
Subject: [PATCH] Allow copying of out-of-tree modules to the Linux initrd.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
With this patch, modules for initrd-modules will not only be searched for in
the in-tree Linux modules, but also any additional modules specified in
kernel-loadable-modules.
* gnu/build/linux-modules.scm (find-module-file): Change DIRECTORY argument to
DIRECTORIES. Now takes a list of directories to search, rather than a single
one.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): change LINUX
argument to PACKAGES. Now contains a list of file-like objects to search for
modules.
(raw-initrd): Add LINUX-EXTRA-MODULE-DIRECTORIES keyword argument. Pass it
to (flat-linux-module-directory) along with the selected LINUX package.
(base-initrd): Add LINUX-EXTRA-MODULE-DIRECTORIES keyword argument. Pass it
to (raw-initrd).
* gnu/system.scm (operating-system-initrd-file): Pass in operating system
definition's kernel-loadable-modules into (make-initrd) as
LINUX-EXTRA-MODULE-DIRECTORIES.
* doc/guix.texi (Initial RAM Disk): Document how out-of-tree modules can be
used.
Change-Id: Ic39f2abcfabc3ec34a71acce840038396bf9c82e
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Hilton Chain <hako@ultrarare.space>
---
doc/guix.texi | 15 ++++++++++
gnu/build/linux-modules.scm | 23 ++++++++++-----
gnu/system.scm | 2 ++
gnu/system/linux-initrd.scm | 58 +++++++++++++++++++++++--------------
4 files changed, 69 insertions(+), 29 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 4ab404dcdb2..3c05428829b 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -46404,6 +46404,21 @@ Initial RAM Disk
(initrd-modules (cons "megaraid_sas" %base-initrd-modules)))
@end lisp
+If a module listed in @code{initrd-modules} is not included in the
+Linux-libre kernel, then its location must be provided via the
+@code{kernel-loadable-modules} list.
+
+As an example, if you need the driver for a Realtek RTL8821CE wireless
+network adapter for mounting the root file system over NFS, your
+configuration might include the following:
+
+@lisp
+(operating-system
+ ;; @dots{}
+ (initrd-modules (cons "8821ce" %base-initrd-modules))
+ (kernel-loadable-modules (list (list rtl8821ce-linux-module "module"))))
+@end lisp
+
@defvar %base-initrd-modules
This is the list of kernel modules included in the initrd by default.
@end defvar
diff --git a/gnu/build/linux-modules.scm b/gnu/build/linux-modules.scm
index 32baf6c5259..f45db55f861 100644
--- a/gnu/build/linux-modules.scm
+++ b/gnu/build/linux-modules.scm
@@ -246,8 +246,8 @@ (define (file-name->module-name file)
'.ko[.gz|.xz|.zst]' and normalizing it."
(normalize-module-name (strip-extension (basename file))))
-(define (find-module-file directory module)
- "Lookup module NAME under DIRECTORY, and return its absolute file name.
+(define (find-module-file directories module)
+ "Lookup module NAME under DIRECTORIES, and return its absolute file name.
NAME can be a file name with or without '.ko', or it can be a module name.
Raise an error if it could not be found.
@@ -255,6 +255,10 @@ (define (find-module-file directory module)
module names usually (always?) use underscores as the inter-word separator,
whereas file names often, but not always, use hyphens. Examples:
\"usb-storage.ko\", \"serpent_generic.ko\"."
+ ;; For backward compatibility.
+ (define %directories (if (pair? directories)
+ directories
+ (list directories)))
(define names
;; List of possible file names. XXX: It would of course be cleaner to
;; have a database that maps module names to file names and vice versa,
@@ -268,16 +272,19 @@ (define (find-module-file directory module)
(else chr)))
module))))
- (match (find-files directory
- (lambda (file stat)
- (member (strip-extension
- (basename file)) names)))
+ (match (append-map
+ (cut find-files <>
+ (lambda (file _)
+ (member (strip-extension
+ (basename file))
+ names)))
+ %directories)
((file)
file)
(()
- (error "kernel module not found" module directory))
+ (error "kernel module not found" module %directories))
((_ ...)
- (error "several modules by that name" module directory))))
+ (error "several modules by that name" module %directories))))
(define* (recursive-module-dependencies files
#:key (lookup-module dot-ko))
diff --git a/gnu/system.scm b/gnu/system.scm
index 78a30646e1b..b709686744d 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -1380,6 +1380,8 @@ (define (operating-system-initrd-file os)
#:linux (operating-system-kernel os)
#:linux-modules
(operating-system-initrd-modules os)
+ #:linux-extra-module-directories
+ (operating-system-kernel-loadable-modules os)
#:mapped-devices mapped-devices
#:keyboard-layout (operating-system-keyboard-layout os)))
diff --git a/gnu/system/linux-initrd.scm b/gnu/system/linux-initrd.scm
index 17c2e6f6bfd..978084062b2 100644
--- a/gnu/system/linux-initrd.scm
+++ b/gnu/system/linux-initrd.scm
@@ -120,13 +120,19 @@ (define* (expression->initrd exp
`(#:references-graphs (("closure" ,init))))
"/initrd.cpio.gz"))
-(define (flat-linux-module-directory linux modules)
+(define (flat-linux-module-directory packages modules)
"Return a flat directory containing the Linux kernel modules listed in
-MODULES and taken from LINUX."
+MODULES and taken from PACKAGES."
(define imported-modules
(source-module-closure '((gnu build linux-modules)
(guix build utils))))
+ (define package-inputs
+ (map (match-lambda
+ ((p o) (gexp-input p o))
+ (p (gexp-input p "out")))
+ packages))
+
(define build-exp
(with-imported-modules imported-modules
(with-extensions (list guile-zlib guile-zstd)
@@ -138,13 +144,17 @@ (define (flat-linux-module-directory linux modules)
(srfi srfi-26)
(ice-9 match))
- (define module-dir
- (string-append #$linux "/lib/modules"))
+ (define module-dirs
+ (map (cut string-append <> "/lib/modules")
+ '#$package-inputs))
(define builtin-modules
- (match (find-files module-dir (lambda (file stat)
- (string=? (basename file)
- "modules.builtin")))
+ (match (append-map
+ (cut find-files <>
+ (lambda (file stat)
+ (string=? (basename file)
+ "modules.builtin")))
+ module-dirs)
((file . _)
(call-with-input-file file
(lambda (port)
@@ -157,7 +167,7 @@ (define (flat-linux-module-directory linux modules)
(lset-difference string=? '#$modules builtin-modules))
(define modules
- (let* ((lookup (cut find-module-file module-dir <>))
+ (let* ((lookup (cut find-module-file module-dirs <>))
(modules (map lookup modules-to-lookup)))
(append modules
(recursive-module-dependencies
@@ -192,6 +202,7 @@ (define* (raw-initrd file-systems
#:key
(linux linux-libre)
(linux-modules '())
+ (linux-extra-module-directories '())
(pre-mount #t)
(mapped-devices '())
(keyboard-layout #f)
@@ -199,15 +210,16 @@ (define* (raw-initrd file-systems
qemu-networking?
volatile-root?
(on-error 'debug))
- "Return as a file-like object a raw initrd, with kernel
-modules taken from LINUX. FILE-SYSTEMS is a list of file-systems to be
-mounted by the initrd, possibly in addition to the root file system specified
-on the kernel command line via 'root'. LINUX-MODULES is a list of kernel
-modules to be loaded at boot time. MAPPED-DEVICES is a list of device
-mappings to realize before FILE-SYSTEMS are mounted. PRE-MOUNT is a
-G-expression to evaluate before realizing MAPPED-DEVICES.
-HELPER-PACKAGES is a list of packages to be copied in the initrd. It may include
-e2fsck/static or other packages needed by the initrd to check root partition.
+ "Return as a file-like object a raw initrd, with kernel modules taken from
+LINUX. FILE-SYSTEMS is a list of file-systems to be mounted by the initrd,
+possibly in addition to the root file system specified on the kernel command
+line via 'root'. LINUX-MODULES is a list of kernel modules to be loaded at
+boot time. LINUX-EXTRA-MODULE-DIRECTORIES is a list of file-like objects which
+will be searched for modules in addition to the linux kernel. MAPPED-DEVICES
+is a list of device mappings to realize before FILE-SYSTEMS are mounted.
+HELPER-PACKAGES is a list of packages to be copied in the initrd. It may
+include e2fsck/static or other packages needed by the initrd to check root
+partition.
When true, KEYBOARD-LAYOUT is a <keyboard-layout> record denoting the desired
console keyboard layout. This is done before MAPPED-DEVICES are set up and
@@ -244,7 +256,8 @@ (define* (raw-initrd file-systems
#~())))
(define kodir
- (flat-linux-module-directory linux linux-modules))
+ (flat-linux-module-directory (cons linux linux-extra-module-directories)
+ linux-modules))
(expression->initrd
(with-imported-modules (source-module-closure
@@ -392,6 +405,7 @@ (define* (base-initrd file-systems
#:key
(linux linux-libre)
(linux-modules '())
+ (linux-extra-module-directories '())
(mapped-devices '())
(keyboard-layout #f)
qemu-networking?
@@ -412,9 +426,10 @@ (define* (base-initrd file-systems
QEMU-NETWORKING? and VOLATILE-ROOT? behaves as in raw-initrd.
The initrd is automatically populated with all the kernel modules necessary
-for FILE-SYSTEMS and for the given options. Additional kernel
-modules can be listed in LINUX-MODULES. They will be added to the initrd, and
-loaded at boot time in the order in which they appear."
+for FILE-SYSTEMS and for the given options. Additional kernel modules can be
+listed in LINUX-MODULES. Additional directories for modules can be listed in
+LINUX-EXTRA-MODULE-DIRECTORIES. They will be added to the initrd, and loaded
+at boot time in the order in which they appear."
(define linux-modules*
;; Modules added to the initrd and loaded from the initrd.
`(,@linux-modules
@@ -434,6 +449,7 @@ (define* (base-initrd file-systems
(raw-initrd file-systems
#:linux linux
#:linux-modules linux-modules*
+ #:linux-extra-module-directories linux-extra-module-directories
#:mapped-devices mapped-devices
#:helper-packages helper-packages
#:keyboard-layout keyboard-layout
base-commit: 6174b135ffa3328fd7ad404b15b1586fc64e5666
prerequisite-patch-id: f71061d735b69d75799eb03df6215bbcb20d53b2
prerequisite-patch-id: 88337e68e714f3b1fe0d8e6588a1a4f423251610
--
2.51.0

184
modules/rosenthal/packages/patches/guix-wip-zfs-boot-support.patch
View File

@ -1,184 +0,0 @@
From ab4aa6e7bb41fe0f2c64cfb587562b19a7cb44ff Mon Sep 17 00:00:00 2001
Message-ID: <ab4aa6e7bb41fe0f2c64cfb587562b19a7cb44ff.1757826291.git.hako@ultrarare.space>
From: Hilton Chain <hako@ultrarare.space>
Date: Sun, 7 Sep 2025 13:52:57 +0800
Subject: [PATCH] WIP: ZFS boot support.
Change-Id: I6579a36d66fcd0a487fe262c9a7c36e51532cb70
---
gnu/build/file-systems.scm | 21 ++++++++++++++-------
gnu/build/linux-boot.scm | 1 +
gnu/system/file-systems.scm | 30 +++++++++++++++++++++---------
gnu/system/linux-initrd.scm | 25 ++++++++++++++++++++-----
guix/scripts/system.scm | 3 ++-
5 files changed, 58 insertions(+), 22 deletions(-)
diff --git a/gnu/build/file-systems.scm b/gnu/build/file-systems.scm
index c506a4911ff..05d0cb819ae 100644
--- a/gnu/build/file-systems.scm
+++ b/gnu/build/file-systems.scm
@@ -1173,13 +1173,20 @@ (define (canonicalize-device-spec spec)
(match spec
((? string?)
- (if (or (string-contains spec ":/") ;nfs
- (and (>= (string-length spec) 2)
- (equal? (string-take spec 2) "//")) ;cifs
- (string=? spec "none"))
- spec ; do not resolve NFS / CIFS / tmpfs devices
- ;; Nothing to do, but wait until SPEC shows up.
- (resolve identity spec identity)))
+ (cond
+ ((or (string-contains spec ":/") ;nfs
+ (and (>= (string-length spec) 2)
+ (equal? (string-take spec 2) "//")) ;cifs
+ (string=? spec "none"))
+ ;; Do not resolve NFS / CIFS / tmpfs devices.
+ spec)
+ ((and (>= (string-length spec) 4)
+ (string=? (string-take spec 4) "zfs:"))
+ ;; "zfs:zpool/dataset" => "zpool/dataset"
+ (string-drop spec 4))
+ (else
+ ;; Nothing to do, but wait until SPEC shows up.
+ (resolve identity spec identity))))
((? file-system-label?)
;; Resolve the label.
(resolve find-partition-by-label
diff --git a/gnu/build/linux-boot.scm b/gnu/build/linux-boot.scm
index 548e28a1c97..2b577483832 100644
--- a/gnu/build/linux-boot.scm
+++ b/gnu/build/linux-boot.scm
@@ -523,6 +523,7 @@ (define* (boot-system #:key
;; So check for all four.
(cond ((string-prefix? "/" device-string) device-string)
((string-contains device-string ":/") device-string) ; nfs-root
+ ((string-prefix? "zfs:" device-string) device-string)
((uuid device-string) => identity)
(else (file-system-label device-string))))
diff --git a/gnu/system/file-systems.scm b/gnu/system/file-systems.scm
index 4ea8237c70d..c6cf828db21 100644
--- a/gnu/system/file-systems.scm
+++ b/gnu/system/file-systems.scm
@@ -372,7 +372,9 @@ (define %pseudo-file-system-types
;; List of know pseudo file system types. This is used when validating file
;; system definitions.
'("binfmt_misc" "cgroup" "cgroup2" "debugfs" "devpts" "devtmpfs" "efivarfs" "fusectl"
- "hugetlbfs" "overlay" "proc" "securityfs" "sysfs" "tmpfs" "tracefs" "virtiofs" "xenfs"))
+ "hugetlbfs" "overlay" "proc" "securityfs" "sysfs" "tmpfs" "tracefs" "virtiofs" "xenfs"
+ ;; HACK
+ "zfs"))
(define %fuse-control-file-system
;; Control file system for Linux' file systems in user-space (FUSE).
@@ -627,18 +629,21 @@ (define (file-system-mount-point-predicate mount-point)
;;;
-;;; Btrfs specific helpers.
+;;; Btrfs specific helpers. TODO: Refactor
;;;
(define (btrfs-subvolume? fs)
"Predicate to check if FS, a file-system object, is a Btrfs subvolume."
- (and-let* ((btrfs-file-system? (string= "btrfs" (file-system-type fs)))
- (option-keys (map (match-lambda
- ((key . value) key)
- (key key))
- (file-system-options->alist
- (file-system-options fs)))))
- (find (cut string-prefix? "subvol" <>) option-keys)))
+ (or (and-let* ((btrfs-file-system? (string= "btrfs" (file-system-type fs)))
+ (option-keys (map (match-lambda
+ ((key . value) key)
+ (key key))
+ (file-system-options->alist
+ (file-system-options fs)))))
+ (find (cut string-prefix? "subvol" <>) option-keys))
+ (and (string=? "zfs" (file-system-type fs))
+ ;; "zfs:zpool/dataset"
+ (string-contains (file-system-device fs) "/"))))
(define (btrfs-store-subvolume-file-name file-systems)
"Return the subvolume file name within the Btrfs top level onto which the
@@ -664,6 +669,13 @@ (define (btrfs-store-subvolume-file-name file-systems)
;; XXX: Deriving the subvolume name based from a subvolume ID is not
;; supported, as we'd need to query the actual file system.
(or (and=> (assoc-ref options "subvol") prepend-slash/maybe)
+ (and (string=? "zfs" (file-system-type store-subvolume-fs))
+ ;; "zfs:zpool/dataset" => "/dataset@"
+ (and=> (file-system-device store-subvolume-fs)
+ (lambda (device)
+ (string-append
+ (substring device (string-index device #\/))
+ "@"))))
(raise (condition
(&message
(message "The store is on a Btrfs subvolume, but the \
diff --git a/gnu/system/linux-initrd.scm b/gnu/system/linux-initrd.scm
index 978084062b2..8bd4a4a7850 100644
--- a/gnu/system/linux-initrd.scm
+++ b/gnu/system/linux-initrd.scm
@@ -249,11 +249,25 @@ (define* (raw-initrd file-systems
;; File systems like btrfs need help to assemble multi-device file systems
;; but do not use manually-specified <mapped-devices>.
(let ((file-system-types (map file-system-type file-systems)))
- (if (member "btrfs" file-system-types)
- ;; Ignore errors: if the system manages to boot anyway, the better.
- #~((system* (string-append #$btrfs-progs/static "/bin/btrfs")
- "device" "scan"))
- #~())))
+ (and
+ (if (member "btrfs" file-system-types)
+ ;; Ignore errors: if the system manages to boot anyway, the better.
+ #~((system* (string-append #$btrfs-progs/static "/bin/btrfs")
+ "device" "scan"))
+ #~())
+ (map (lambda (zpool)
+ ;; Ignore errors: if the system manages to boot anyway, the
+ ;; better.
+ #~(system* #$(file-append zfs "/sbin/zpool")
+ "import" "-N" #$zpool))
+ (delete-duplicates
+ ;; "zfs:zpool/dataset" => "zpool"
+ (map (compose second
+ (cut string-split <> (char-set #\: #\/))
+ file-system-device)
+ (filter (lambda (fs)
+ (equal? (file-system-type fs) "zfs"))
+ file-systems)))))))
(define kodir
(flat-linux-module-directory (cons linux linux-extra-module-directories)
@@ -364,6 +378,7 @@ (define file-system-type-modules
("jfs" => '("jfs"))
("f2fs" => '("f2fs" "crc32_generic"))
("xfs" => '("xfs"))
+ ("zfs" => '("zfs"))
(else '())))
(define (file-system-modules file-systems)
diff --git a/guix/scripts/system.scm b/guix/scripts/system.scm
index 8a56f1cc63d..75a5bb1d5f1 100644
--- a/guix/scripts/system.scm
+++ b/guix/scripts/system.scm
@@ -610,7 +610,8 @@ (define (check-file-system-availability file-systems)
(define literal
(filter (lambda (fs)
- (string? (file-system-device fs)))
+ (and (string? (file-system-device fs))
+ (not (string=? "zfs" (file-system-type fs)))))
relevant))
(define uuid
base-commit: 6174b135ffa3328fd7ad404b15b1586fc64e5666
prerequisite-patch-id: f71061d735b69d75799eb03df6215bbcb20d53b2
prerequisite-patch-id: 88337e68e714f3b1fe0d8e6588a1a4f423251610
prerequisite-patch-id: 466ade9e99cc152f8e9a33c742a4954ade466c25
prerequisite-patch-id: d66207367fc491f6569100503cd9df98b6888560
--
2.51.0

1625
modules/rosenthal/packages/rust-crates.scm
View File

File diff suppressed because it is too large Load Diff

48
modules/rosenthal/packages/web.scm
View File

@ -10,21 +10,17 @@
#:use-module (guix download)
#:use-module (guix git-download)
#:use-module (rosenthal utils download)
#:use-module (rosenthal utils cargo)
#:use-module (guix build-system cargo)
#:use-module (guix build-system copy)
#:use-module (guix build-system go)
#:use-module (gnu packages golang)
#:use-module (gnu packages image)
#:use-module (gnu packages jemalloc)
#:use-module (gnu packages web)
#:use-module (gnu packages version-control)
#:use-module (rosenthal packages golang))
#:use-module (gnu packages version-control))
(define-public ai-robots-txt
(package
(name "ai-robots-txt")
(version "1.40")
(version "1.39")
(source (origin
(method git-fetch)
(uri (git-reference
@ -33,7 +29,7 @@
(file-name (git-file-name name version))
(sha256
(base32
"1wa1c7awj2mpz78h1v0pw3v9w0ywpwjp26ml5s4qbgi0hmfcss5l"))
"10x5rvqz1l4gqhhnf12pjqmv4azah9k4970ik0vjrj6z70dpdpk3"))
(modules '((guix build utils)))
(snippet '(delete-file-recursively "code"))))
(build-system copy-build-system)
@ -106,7 +102,7 @@ order to protect upstream resources from web crawlers.")
(define-public caddy
(package
(name "caddy")
(version "2.10.2")
(version "2.10.1")
(source (origin
(method git-fetch)
(uri (git-reference
@ -115,10 +111,14 @@ order to protect upstream resources from web crawlers.")
(file-name (git-file-name name version))
(sha256
(base32
"1ygjbvz1ig62r63l6324728nbg6nwbc0vsi5qis5cg2qyils9y1a"))))
"0h6bnkrqnikyial2d3rvs2ksamwghs837y88qk73sbqahprjakp8"))
(modules '((guix build utils)))
(snippet '(substitute* "go.mod"
(("^toolchain.*") "")
(("1.25") "1.24")))))
(build-system go-build-system)
(arguments
(list #:go go-1.25
(list #:go go-1.24
#:tests? (not (%current-target-system)) ;TODO: Run test suite.
#:install-source? #f
#:import-path
@ -174,7 +174,7 @@ order to protect upstream resources from web crawlers.")
(invoke caddy "version"))))))))
(native-inputs
(list (origin
(method (go-mod-vendor #:go go-1.25))
(method (go-mod-vendor #:go go-1.24))
(uri (package-source this-package))
(file-name "vendored-go-dependencies")
(sha256
@ -190,11 +190,11 @@ performance and flexibility, making it suitable for a variety of applications,
from serving static websites to running dynamic web applications.")
(license license:asl2.0)))
(define-public caddy/dolly
(define-public caddy/hako
(package
(inherit caddy)
(name "caddy-dolly")
(version "2025.09.06-2")
(name "caddy-hako")
(version "2025.08.17-1")
(source (origin
(method git-fetch)
(uri (git-reference
@ -203,17 +203,17 @@ from serving static websites to running dynamic web applications.")
(file-name (git-file-name name version))
(sha256
(base32
"1ag6wg6limzaijifcijvr60n8bgi77p211sm12pqjr8bslwgx1n7"))))
"07c1yxpyz1sbfs7xy8s32hsw3z4l6rpwz01g8n4lq4xzgavkpqab"))))
(native-inputs
(modify-inputs (package-native-inputs caddy)
(replace "vendored-go-dependencies"
(origin
(method (go-mod-vendor #:go go-1.25))
(method (go-mod-vendor #:go go-1.24))
(uri (package-source this-package))
(file-name "vendored-go-dependencies")
(sha256
(base32
"04f50kbnskx22q8k7mdcnifz3f45jbsl2k9air9y3r49zh48cnin"))))))
"1fdspm2a4574hn4aik5wlli0yp4ih3w2rjyrw3s96n2drk0schqn"))))))
(home-page "https://git.boiledscript.com/hako/caddy")
(properties '((disable-updater? . #t)))))
@ -376,17 +376,3 @@ looking for a reliable platform to manage their software projects.")
(license license:gpl3+)
(properties
'((disable-updater? . #t)))))
(define-public iocaine/dolly
(package
(inherit iocaine)
(name "iocaine-dolly")
(version "2.5.0")
(source
(origin
(method url-fetch)
(uri (crate-uri "iocaine" version))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32 "1x445vnalm323qphxfbfrdzmv9q83h2kybimwm2j39j9p9hj188s"))))
(inputs (cons* jemalloc (rosenthal-cargo-inputs 'iocaine)))))

2
modules/rosenthal/services/child-error.scm
View File

@ -49,7 +49,7 @@
(define-configuration clash-configuration
(clash
(file-like mihomo)
(file-like mihomo-bin)
"The clash package.")
(log-file

66
modules/rosenthal/services/file-systems.scm
View File

@ -1,25 +1,19 @@
;;; SPDX-FileCopyrightText: 2024, 2025 Hilton Chain <hako@ultrarare.space>
;;; SPDX-FileCopyrightText: 2024 Hilton Chain <hako@ultrarare.space>
;;;
;;; SPDX-License-Identifier: GPL-3.0-or-later
(define-module (rosenthal services file-systems)
#:use-module (guix gexp)
#:use-module (gnu packages backup)
#:use-module (gnu packages file-systems)
#:use-module (rosenthal packages admin)
#:use-module (gnu services)
#:use-module (gnu services base)
#:use-module (gnu services configuration)
#:use-module (gnu services linux)
#:use-module (gnu services mcron)
#:use-module (gnu services shepherd)
#:use-module (gnu system pam)
#:export (btrbk-service-type
btrbk-configuration
dumb-runtime-dir-service-type
zfs-service-type))
dumb-runtime-dir-service-type))
;;;
@ -95,59 +89,3 @@
(const dumb-runtime-dir-pam-service))))
(default-value #f) ;No default value required.
(description "Create @code{XDG_RUNTIME_DIR} on login and never remove it.")))
;;;
;;; ZFS
;;;
(define zfs-shepherd-service
(list (shepherd-service
(provision '(zfs-import))
(requirement '(kernel-module-loader))
(start
#~(make-forkexec-constructor
(list #$(file-append zfs "/sbin/zpool") "import" "-a" "-N")))
(one-shot? #t))
(shepherd-service
(provision '(zfs-volumes))
(requirement '(zfs-import))
(start
#~(make-forkexec-constructor
(list #$(file-append zfs "/bin/zvol_wait"))))
(one-shot? #t))
(shepherd-service
(provision '(zfs-mount))
(requirement '(zfs-import))
(start
#~(make-forkexec-constructor
(list #$(file-append zfs "/sbin/zfs") "mount" "-a" "-l")))
(one-shot? #t))
(shepherd-service
(provision '(file-system-zfs))
(requirement '(zfs-mount))
(start #~(const #t))
(stop
#~(make-system-destructor
(string-join
(list #$(file-append zfs "/sbin/zfs") "unmount" "-a")))))))
(define zfs-service-type
(service-type
(name 'zfs)
(extensions
(list (service-extension linux-loadable-module-service-type
(const (list `(,zfs "module"))))
(service-extension udev-service-type
(const (list zfs)))
(service-extension kernel-module-loader-service-type
(const '("zfs")))
(service-extension shepherd-root-service-type
(const zfs-shepherd-service))
(service-extension user-processes-service-type
(const '(file-system-zfs)))
(service-extension profile-service-type
(const (list zfs)))))
(default-value #f)
(description "")))

419
modules/rosenthal/services/monitoring.scm
View File

@ -1,419 +0,0 @@
;;; SPDX-FileCopyrightText: 2025 Hilton Chain <hako@ultrarare.space>
;;;
;;; SPDX-License-Identifier: GPL-3.0-or-later
(define-module (rosenthal services monitoring)
#:use-module (guix gexp)
#:use-module (guix records)
#:use-module (rosenthal utils serializers ini)
#:use-module (rosenthal utils serializers yaml)
#:use-module (gnu system shadow)
#:use-module (gnu services)
#:use-module (gnu services configuration)
#:use-module (gnu services databases)
#:use-module (gnu services shepherd)
#:use-module (gnu packages guile-xyz)
#:use-module (rosenthal packages binaries)
#:export (alloy-configuration
alloy-service-type
grafana-service-type
grafana-configuration
loki-service-type
loki-configuration
mimir-service-type
mimir-configuration
prometheus-service-type
prometheus-configuration))
;;;
;;; alloy
;;;
(define-configuration/no-serialization alloy-configuration
(alloy
(file-like alloy-bin)
"")
(config
file-like
"")
(shepherd-provision
(list-of-symbols '(alloy))
"")
(shepherd-requirement
(list-of-symbols '())
"")
(auto-start?
(boolean #t)
""))
(define alloy-activation
(lambda _
#~(begin
(use-modules (guix build utils))
(let ((directory "/var/lib/alloy"))
(unless (file-exists? directory)
(mkdir-p directory)
(chmod directory #o755))))))
(define alloy-shepherd
(match-record-lambda <alloy-configuration>
(alloy config shepherd-provision shepherd-requirement auto-start?)
(list (shepherd-service
(provision shepherd-provision)
(requirement `(loopback user-processes ,@shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append alloy "/bin/alloy") "run" #$config)
#:directory "/var/lib/alloy"))
(stop #~(make-kill-destructor))
(auto-start? auto-start?)))))
(define alloy-service-type
(service-type
(name 'alloy)
(extensions
(list (service-extension activation-service-type
alloy-activation)
(service-extension shepherd-root-service-type
alloy-shepherd)))
(description "")))
;;;
;;; Grafana
;;;
(define-configuration/no-serialization grafana-configuration
(grafana
(file-like grafana-bin)
"")
(config
ini-config
"")
(database-password-file
string
"")
(shepherd-provision
(list-of-symbols '(grafana))
"")
(shepherd-requirement
(list-of-symbols '())
"")
(auto-start?
(boolean #t)
""))
(define grafana-account
(lambda _
(list (user-group (name "grafana") (system? #t))
(user-account
(name "grafana")
(group "grafana")
(system? #t)
(comment "Grafana user")
(home-directory "/var/lib/grafana")))))
(define grafana-postgresql-role
(match-record-lambda <grafana-configuration>
(database-password-file)
(list (postgresql-role
(name "grafana")
(create-database? #t)
(password-file database-password-file)))))
(define grafana-activation
(lambda _
#~(begin
(use-modules (guix build utils))
(let ((user (getpwnam "grafana")))
(for-each
(lambda (directory)
(unless (file-exists? directory)
(mkdir-p directory)
(chown directory (passwd:uid user) (passwd:gid user))))
'("/var/log/grafana" "/var/lib/grafana"))))))
(define grafana-shepherd
(match-record-lambda <grafana-configuration>
(grafana config shepherd-provision shepherd-requirement auto-start?)
(let ((config-file
(apply mixed-text-file "grafana.ini" (ini-serialize config))))
(list (shepherd-service
(provision shepherd-provision)
(requirement `(loopback postgresql user-processes
,@shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append grafana "/bin/grafana")
"server" "--config" #$config-file)
#:user "grafana"
#:group "grafana"
#:directory #$(file-append grafana "/share/grafana")))
(stop #~(make-kill-destructor))
(auto-start? auto-start?))))))
(define grafana-service-type
(service-type
(name 'grafana)
(extensions
(list (service-extension account-service-type
grafana-account)
(service-extension postgresql-role-service-type
grafana-postgresql-role)
(service-extension activation-service-type
grafana-activation)
(service-extension shepherd-root-service-type
grafana-shepherd)))
(description "")))
;;;
;;; loki
;;;
(define-configuration/no-serialization loki-configuration
(loki
(file-like loki-bin)
"")
(config
yaml-config
"")
(shepherd-provision
(list-of-symbols '(loki))
"")
(shepherd-requirement
(list-of-symbols '())
"")
(auto-start?
(boolean #t)
""))
(define loki-account
(lambda _
(list (user-group (name "loki") (system? #t))
(user-account
(name "loki")
(group "loki")
(system? #t)
(comment "Loki user")
(home-directory "/var/lib/loki")))))
(define loki-activation
(lambda _
#~(begin
(use-modules (guix build utils))
(let ((user (getpwnam "loki"))
(directory "/var/lib/loki"))
(unless (file-exists? directory)
(mkdir-p directory)
(chown directory (passwd:uid user) (passwd:gid user))
(chmod directory #o755))))))
(define loki-shepherd
(match-record-lambda <loki-configuration>
(loki config shepherd-provision shepherd-requirement auto-start?)
(let ((config-file
(computed-file "loki.yaml"
(with-extensions (list guile-yamlpp)
#~(begin
(use-modules (yamlpp))
(call-with-output-file #$output
(lambda (port)
(let ((emitter (make-yaml-emitter)))
(yaml-emit! emitter '#$config)
(display (yaml-emitter-string emitter) port)))))))))
(list (shepherd-service
(provision shepherd-provision)
(requirement `(loopback user-processes ,@shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append loki "/bin/loki")
(string-append "-config.file=" #$config-file))
#:user "loki"
#:group "loki"
#:directory "/var/lib/loki"))
(stop #~(make-kill-destructor))
(auto-start? auto-start?))))))
(define loki-service-type
(service-type
(name 'loki)
(extensions
(list (service-extension account-service-type
loki-account)
(service-extension activation-service-type
loki-activation)
(service-extension shepherd-root-service-type
loki-shepherd)))
(description "")))
;;;
;;; mimir
;;;
(define-configuration/no-serialization mimir-configuration
(mimir
(file-like mimir-bin)
"")
(config
yaml-config
"")
(shepherd-provision
(list-of-symbols '(mimir))
"")
(shepherd-requirement
(list-of-symbols '())
"")
(auto-start?
(boolean #t)
""))
(define mimir-account
(lambda _
(list (user-group (name "mimir") (system? #t))
(user-account
(name "mimir")
(group "mimir")
(system? #t)
(comment "Mimir user")
(home-directory "/var/lib/mimir")))))
(define mimir-activation
(lambda _
#~(begin
(use-modules (guix build utils))
(let ((user (getpwnam "mimir"))
(directory "/var/lib/mimir"))
(unless (file-exists? directory)
(mkdir-p directory)
(chown directory (passwd:uid user) (passwd:gid user))
(chmod directory #o755))))))
(define mimir-shepherd
(match-record-lambda <mimir-configuration>
(mimir config shepherd-provision shepherd-requirement auto-start?)
(let ((config-file
(computed-file "mimir.yaml"
(with-extensions (list guile-yamlpp)
#~(begin
(use-modules (yamlpp))
(call-with-output-file #$output
(lambda (port)
(let ((emitter (make-yaml-emitter)))
(yaml-emit! emitter '#$config)
(display (yaml-emitter-string emitter) port)))))))))
(list (shepherd-service
(provision shepherd-provision)
(requirement `(loopback user-processes ,@shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append mimir "/bin/mimir")
(string-append "-config.file=" #$config-file))
#:user "mimir"
#:group "mimir"
#:directory "/var/lib/mimir"))
(stop #~(make-kill-destructor))
(auto-start? auto-start?))))))
(define mimir-service-type
(service-type
(name 'mimir)
(extensions
(list (service-extension account-service-type
mimir-account)
(service-extension activation-service-type
mimir-activation)
(service-extension shepherd-root-service-type
mimir-shepherd)))
(description "")))
;;;
;;; prometheus
;;;
(define-configuration/no-serialization prometheus-configuration
(prometheus
(file-like prometheus-bin)
"")
(listen-address
(string "0.0.0.0:9090")
"")
(config
yaml-config
"")
(shepherd-provision
(list-of-symbols '(prometheus))
"")
(shepherd-requirement
(list-of-symbols '())
"")
(auto-start?
(boolean #t)
""))
(define prometheus-account
(lambda _
(list (user-group (name "prometheus") (system? #t))
(user-account
(name "prometheus")
(group "prometheus")
(system? #t)
(comment "Prometheus user")
(home-directory "/var/lib/prometheus")))))
(define prometheus-activation
(lambda _
#~(begin
(use-modules (guix build utils))
(let ((user (getpwnam "prometheus"))
(directory "/var/lib/prometheus"))
(unless (file-exists? directory)
(mkdir-p directory)
(chown directory (passwd:uid user) (passwd:gid user))
(chmod directory #o775))))))
(define prometheus-shepherd
(match-record-lambda <prometheus-configuration>
(prometheus listen-address config shepherd-provision shepherd-requirement auto-start?)
(let ((config-file
(computed-file "prometheus.yml"
(with-extensions (list guile-yamlpp)
#~(begin
(use-modules (yamlpp))
(call-with-output-file #$output
(lambda (port)
(let ((emitter (make-yaml-emitter)))
(yaml-emit! emitter '#$config)
(display (yaml-emitter-string emitter) port)))))))))
(list (shepherd-service
(provision shepherd-provision)
(requirement `(loopback user-processes ,@shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append prometheus "/bin/prometheus")
(string-append "--config.file=" #$config-file)
(string-append "--web.listen-address=" #$listen-address))
#:user "prometheus"
#:group "prometheus"
#:directory "/var/lib/prometheus"
#:log-file "/var/log/prometheus.log"))
(stop #~(make-kill-destructor))
(auto-start? auto-start?))))))
(define prometheus-service-type
(service-type
(name 'prometheus)
(extensions
(list (service-extension account-service-type
prometheus-account)
(service-extension activation-service-type
prometheus-activation)
(service-extension shepherd-root-service-type
prometheus-shepherd)))
(description "")))

362
modules/rosenthal/services/networking.scm
View File

@ -16,12 +16,372 @@
#:use-module (gnu services dbus)
#:use-module (gnu services shepherd)
#:use-module (gnu system shadow)
#:export (sing-box-service-type
#:export (iwd-configuration
iwd-service-type
sing-box-service-type
sing-box-configuration
tailscale-configuration
tailscale-service-type))
;;;
;;; iwd
;;;
(define %iwd-config-general
'(enable-network-configuration?
use-default-interface?
address-randomization
address-randomization-range
roam-threshold
roam-threshold-5g
roam-retry-interval
management-frame-protection
control-port-over-nl80211?
disable-anqp?
disable-ocv?
country))
(define %iwd-config-network
'(enable-ipv6?
name-resolving-service
route-priority-offset))
(define %iwd-config-blacklist
'(initial-timeout
multiplier
maximum-timeout))
(define %iwd-config-rank
'(band-modifier-5ghz
band-modifier-6ghz))
(define %iwd-config-scan
'(disable-periodic-scan?
initial-periodic-scan-interval
maximum-periodic-scan-interval
disable-roaming-scan?))
(define %iwd-config-ipv4
'(ap-address-pool))
(define %iwd-config-driver-quirks
'(default-interface
force-pae
power-save-disable))
(define (uglify-field-name field-name)
(case field-name
((control-port-over-nl80211?) "ControlPortOverNL80211")
((disable-anqp?) "DisableANQP")
((disable-ocv?) "DisableOCV")
((enable-ipv6?) "EnableIPv6")
((ap-address-pool) "APAddressPool")
(else (string-delete char-set:punctuation
(string-capitalize (symbol->string field-name))))))
(define (serialize-field field-name val)
(format #f "~a = ~a~%" (uglify-field-name field-name) val))
(define serialize-string serialize-field)
(define-maybe string)
(define (serialize-boolean field-name val)
(serialize-field field-name (if val "true" "false")))
(define-maybe boolean)
(define cidr4? (@@ (gnu services vpn) cidr4?))
(define serialize-cidr4 serialize-field)
(define-maybe cidr4)
(define (randomization-method? val)
(memv val '(#f once network)))
(define (serialize-randomization-method field-name val)
(serialize-field field-name (or val 'disabled)))
(define-maybe randomization-method)
(define (randomization-range? val)
(memv val '(full nic)))
(define serialize-randomization-range serialize-field)
(define-maybe randomization-range)
(define (signal-strength? val)
(and (number? val)
(>= val -100)
(<= val 1)))
(define serialize-signal-strength serialize-field)
(define-maybe signal-strength)
(define (seconds? val)
(and (integer? val)
(not (negative? val))))
(define serialize-seconds serialize-field)
(define-maybe seconds)
(define (protection-mode? val)
(memv val '(0 1 2)))
(define serialize-protection-mode serialize-field)
(define-maybe protection-mode)
(define (resolution-method? val)
(memv val '(#f resolvconf)))
(define (serialize-resolution-method field-name val)
(serialize-field field-name (or val 'none)))
(define serialize-integer serialize-field)
(define-maybe integer)
(define serialize-number serialize-field)
(define-maybe number)
(define (serialize-list-of-strings field-name val)
(serialize-field field-name (string-join val ",")))
(define-maybe list-of-strings)
(define list-of-cidr4? (list-of cidr4?))
(define serialize-list-of-cidr4 serialize-list-of-strings)
(define-maybe list-of-cidr4)
(define-configuration iwd-configuration
(iwd
(file-like iwd)
"The iwd package to use.")
(log-file
(string "/var/log/iwd.log")
"Log file location.")
;; General
(enable-network-configuration?
(boolean #f)
"Enable network configuration.")
(use-default-interface?
maybe-boolean
"Do not allow iwd to destroy / recreate wireless interfaces at startup,
including default interfaces.")
(address-randomization
maybe-randomization-method
"Available values are @code{#f}, @code{once} and @code{network}. @code{#f}
for default kernel behavior, @code{once} to randomize the MAC address when iwd
starts or the hardware is detected for the first time, @code{network} to
randomize the MAC address on each connection to a network (the MAC address is
generated based on the SSID and permanent address of the adapter).")
(address-randomization-range
maybe-randomization-range
"Available values are @code{nic} and @code{full}. @code{nic} to only
randomize the NIC specific octets (last 3 ones), @code{full} to randomize all
6 octets of the address.")
(roam-threshold
maybe-signal-strength
"Value in dBm, control how aggressively iwd roams when connected to a 2.4Ghz
access point.")
(roam-threshold-5g
maybe-signal-strength
"Value in dBm, control how aggressively iwd roams when connected to a 5Ghz
access point.")
(roam-retry-interval
maybe-seconds
"How long to wait before attempting to roam again if the last roam attempt
failed, or if the signal of the newly connected BSS is still considered weak.")
(management-frame-protection
maybe-protection-mode
"Available values are @code{0}, @code{1} and @code{2}. @code{0} to
completely turn off MFP (even if the hardware is capable), @code{1} to enable
MFP if the local hardware and remote AP both support it, @code{2} to always
require MFP.")
(control-port-over-nl80211?
maybe-boolean
"Enable sending EAPoL packets over NL80211.")
(disable-anqp?
maybe-boolean
"Disable ANQP queries.")
(disable-ocv?
maybe-boolean
"Disable Operating Channel Validation.")
(country
maybe-string
"ISO Alpha-2 Country Code. Request the country to be set for the system.")
;; Network
(enable-ipv6?
maybe-boolean
"Configure IPv6 addresses and routes.")
(name-resolving-service
(resolution-method 'resolvconf)
"Available values are @code{resolvconf} and @code{#f}. Configure a DNS
resolution method used by the system and must be used in conjunction with
@code{enable-network-configuration?}. @code{#f} to ignore DNS and domain name
information.")
(route-priority-offset
maybe-integer
"Configure a route priority offset used by the system to prioritize the
default routes. The route with lower priority offset is preferred.")
;; Blacklist
(initial-timeout
maybe-seconds
"The initial time that a BSS spends on the blacklist.")
(multiplier
maybe-integer
"If the BSS was blacklisted previously and another connection attempt has
failed after the initial timeout has expired, then the BSS blacklist time will
be extended by a multiple of @code{multiplier} for each unsuccessful attempt up
to @code{maximum-timeout} time.")
(maximum-timeout
maybe-seconds
"Maximum time that a BSS is blacklisted.")
;; Rank
(band-modifier-5ghz
maybe-number
"Increase or decrease the preference for 5GHz access points by increasing or
decreasing the value of this modifier.")
(band-modifier-6ghz
maybe-number
"Increase or decrease the preference for 6GHz access points by increasing or
decreasing the value of this modifier.")
;; Scan
(disable-periodic-scan?
maybe-boolean
"Disable periodic scan.")
(initial-periodic-scan-interval
maybe-seconds
"The initial periodic scan interval upon disconnect.")
(maximum-periodic-scan-interval
maybe-seconds
"The maximum periodic scan interval.")
(disable-roaming-scan?
maybe-boolean
"Disable roaming scan.")
;; IPv4
(ap-address-pool
maybe-list-of-cidr4
"Define the space of IPs used for the AP mode subnet addresses and the DHCP
server.")
;; DriverQuirks
(default-interface
maybe-list-of-strings
"List of drivers or glob matches. If a driver in use matches one in this
list, IWD will not attempt to remove and re-create the default interface.")
(force-pae
maybe-list-of-strings
"List of drivers or glob matches. If a driver in use matches one in this
list, @code{control-port-over-nl80211?} will not be used, and PAE will be used
instead.")
(power-save-disable
maybe-list-of-strings
"List of drivers or glob matches. If a driver in use matches one in this
list, power save will be disabled."))
(define (serialize-iwd-configuration config)
(apply mixed-text-file "main.conf"
(append-map
(match-lambda
((section . fields)
(list "[" section "]\n"
(serialize-configuration
config
(filter-configuration-fields
iwd-configuration-fields
fields)))))
`(("General" . ,%iwd-config-general)
("Network" . ,%iwd-config-network)
("Blacklist" . ,%iwd-config-blacklist)
("Rank" . ,%iwd-config-rank)
("Scan" . ,%iwd-config-scan)
("IPv4" . ,%iwd-config-ipv4)
("DriverQuirks" . ,%iwd-config-driver-quirks)))))
(define (add-iwd-config-file config)
`(("iwd/main.conf"
,(serialize-iwd-configuration config))))
(define add-iwd-package
(compose list iwd-configuration-iwd))
(define (iwd-shepherd-service config)
(match-record config <iwd-configuration>
(iwd log-file
enable-network-configuration? name-resolving-service)
(let ((conf (serialize-iwd-configuration config)))
(list (shepherd-service
(documentation "Run iwd")
(provision `(,@(if enable-network-configuration?
'(networking)
'())
iwd))
(requirement '(user-processes dbus-system))
(start #~(make-forkexec-constructor
(list (string-append #$iwd "/libexec/iwd"))
#:log-file #$log-file))
(stop #~(make-kill-destructor))
(actions
(list (shepherd-configuration-action "/etc/iwd/main.conf"))))))))
(define iwd-service-type
(service-type
(name 'iwd)
(extensions
(list (service-extension shepherd-root-service-type
iwd-shepherd-service)
(service-extension dbus-root-service-type
add-iwd-package)
(service-extension etc-service-type
add-iwd-config-file)
(service-extension profile-service-type
add-iwd-package)
(service-extension log-rotation-service-type
(compose list iwd-configuration-log-file))))
(default-value (iwd-configuration))
(description "Run iwd, the iNet wireless daemon.")))
;;;
;;; sing-box
;;;

131
modules/rosenthal/services/web.scm
View File

@ -26,9 +26,6 @@
forgejo-configuration
forgejo-service-type
iocaine-service-type
iocaine-configuration
jellyfin-configuration
jellyfin-service-type
@ -82,7 +79,9 @@
(program (file-append caddy "/bin/caddy"))
(capabilities "cap_net_bind_service=+ep")))))
(define (caddy-activation config)
(define caddy-activation
(match-record-lambda <caddy-configuration>
(caddyfile)
(with-imported-modules
(source-module-closure '((guix build utils)
(gnu build activation)))
@ -90,14 +89,17 @@
(use-modules (srfi srfi-26)
(guix build utils)
(gnu build activation))
(let ((user (getpwnam "caddy")))
(mkdir-p/perms "/var/lib/caddy" user #o750)
(mkdir-p/perms "/var/log/caddy" user #o755)))))
(define caddy-etc
(match-record-lambda <caddy-configuration>
(caddyfile)
`(("caddy/Caddyfile" ,caddyfile))))
(let* ((config-dir "/etc/caddy")
(data-dir "/var/lib/caddy")
(config-file (in-vicinity config-dir "Caddyfile"))
(user (getpwnam "caddy")))
(for-each (cut mkdir-p/perms <> user #o750)
(list config-dir data-dir))
(copy-file #$caddyfile config-file)
(for-each
(lambda (file)
(chown file (passwd:uid user) (passwd:gid user)))
(find-files data-dir #:directories? #t)))))))
(define caddy-shepherd-services
(match-record-lambda <caddy-configuration>
@ -117,20 +119,6 @@
#:environment-variables '("HOME=/var/lib/caddy")))
(stop
#~(make-kill-destructor))
(actions
(list (shepherd-configuration-action "/etc/caddy/Caddyfile")
(shepherd-action
(name 'reload)
(documentation "Reload Caddy configuration file.")
(procedure
#~(lambda (pid)
(if pid
(begin
(invoke "/run/privileged/bin/caddy" "reload"
"--config" "/etc/caddy/Caddyfile")
(display "Service caddy has been asked to \
reload its configuration file."))
(display "Service caddy is not running.")))))))
(auto-start? auto-start?)))))
(define caddy-service-type
@ -139,12 +127,10 @@ reload its configuration file."))
(extensions
(list (service-extension account-service-type
caddy-accounts)
(service-extension activation-service-type
caddy-activation)
(service-extension etc-service-type
caddy-etc)
(service-extension privileged-program-service-type
caddy-privileged-programs)
(service-extension activation-service-type
caddy-activation)
(service-extension shepherd-root-service-type
caddy-shepherd-services)))
(default-value #f)
@ -244,91 +230,6 @@ reload its configuration file."))
(default-value (forgejo-configuration))
(description "Run Forgejo.")))
;;;
;;; Iocaine
;;;
(define-configuration/no-serialization iocaine-configuration
(iocaine
(file-like iocaine/dolly)
"")
(config
file-object
"")
(log-file
(string "/var/log/iocaine.log")
"")
(shepherd-provision
(list-of-symbols '(iocaine))
"")
(shepherd-requirement
(list-of-symbols '(loopback))
"")
(auto-start?
(boolean #t)
""))
(define iocaine-accounts
(list (user-group (name "iocaine") (system? #t))
(user-account
(name "iocaine")
(group "iocaine")
(system? #t)
(comment "Iocaine user")
(home-directory "/var/empty"))))
(define iocaine-etc
(match-record-lambda <iocaine-configuration>
(config)
`(("iocaine/iocaine.toml" ,config))))
(define iocaine-shepherd-service
(match-record-lambda <iocaine-configuration>
(iocaine log-file shepherd-provision shepherd-requirement auto-start?)
(list (shepherd-service
(provision shepherd-provision)
(requirement (cons 'user-processes shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append iocaine "/bin/iocaine")
"--config-file" "/etc/iocaine/iocaine.toml")
#:user "iocaine"
#:group "iocaine"
#:log-file #$log-file))
(stop #~(make-kill-destructor))
(actions
(list (shepherd-configuration-action "/etc/iocaine/iocaine.toml")
(shepherd-action
(name 'test)
(documentation "Test Iocaine configuration file.")
(procedure
#~(lambda (pid)
(if pid
(begin
(invoke #$(file-append iocaine "/bin/iocaine")
"--config-file" "/etc/iocaine/iocaine.toml"
"test")
(display "Service iocaine has been asked to \
test its configuration file."))
(display "Service iocaine is not running.")))))))
(auto-start? auto-start?)))))
(define iocaine-service-type
(service-type
(name 'iocaine)
(extensions
(list (service-extension account-service-type
(const iocaine-accounts))
(service-extension etc-service-type
iocaine-etc)
(service-extension shepherd-root-service-type
iocaine-shepherd-service)
(service-extension log-rotation-service-type
(compose list iocaine-configuration-log-file))))
(description "")))
;;;
;;; Jellyfin

13
modules/rosenthal/utils/file.scm
View File

@ -16,20 +16,11 @@
(computed-file
name
#~(begin
(use-modules (ice-9 match)
(guix build utils))
(use-modules (guix build utils))
(copy-file #$file #$output)
(substitute* #$output
(("\\$\\$([^\\$]+)\\$\\$" _ path)
(let loop ((candidates '#$inputs))
(if (null? candidates)
(error "file '~a' not found" path)
(match candidates
((candidate . rest)
(let ((full-path (in-vicinity candidate path)))
(if (file-exists? full-path)
full-path
(loop rest)))))))))))))
(search-path '#$inputs path)))))))
(define (file-content file)
(call-with-input-file (canonicalize-path file) get-string-all))

46
modules/rosenthal/utils/transformations.scm
View File

@ -5,16 +5,11 @@
#:use-module (srfi srfi-1)
#:use-module (guix channels)
#:use-module (guix gexp)
#:use-module (guix packages)
#:use-module (guix utils)
#:use-module (gnu system)
#:use-module (gnu services)
#:use-module (gnu services base)
#:use-module (rosenthal services file-systems)
#:use-module (gnu packages package-management)
#:use-module (gnu packages file-systems)
#:export (rosenthal-transformation-guix
rosenthal-transformation-zfs))
#:export (rosenthal-transformation-guix))
(define* (rosenthal-transformation-guix #:key (substitutes? #t)
@ -42,13 +37,6 @@
(operating-system
(inherit os)
(services
(cons* (simple-service 'guix-moe guix-service-type
(guix-extension
(authorized-keys
(list %rosenthal-signing-key))
(substitute-urls
'("https://cache-cdn.guix.moe"))))
(modify-services (operating-system-user-services os)
(guix-service-type
config => (guix-configuration
@ -58,28 +46,18 @@
(guix-configuration-channels config)))
(if channel?
(cons %rosenthal-channel
(or configured-channels
%default-channels))
(or configured-channels %default-channels))
configured-channels)))
(guix
(if guix-source?
(guix-for-channels channels)
(guix-configuration-guix config)))))))))))
;; NOTE: Booting from ZFS requires patching Guix.
(define* (rosenthal-transformation-zfs #:key boot?)
(lambda (os)
(operating-system
(inherit os)
(kernel-loadable-modules
`(,@(if boot?
`((,(package/inherit zfs
(arguments
(substitute-keyword-arguments (package-arguments zfs)
((#:linux _ #f) (operating-system-kernel os)))))
"module"))
'())
,@(operating-system-kernel-loadable-modules os)))
(services
(cons* (service zfs-service-type)
(operating-system-user-services os))))))
(guix-configuration-guix config)))
(authorized-keys
(cons %rosenthal-signing-key
(guix-configuration-authorized-keys config)))
(substitute-urls
(delete-duplicates
`(,@(guix-configuration-substitute-urls config)
,@(if substitutes?
'("https://ci.boiledscript.com")
'())))))))))))