seasharp/Rosenthal
1
0
Fork 0
mirror of https://codeberg.org/hako/Rosenthal.git synced 2026-04-03 00:14:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: seasharp:42d15decd16f7a309ab24de39d1c0acbd75d667a
Branches Tags
seasharp:trunk
seasharp:keyring
..
compare: seasharp:3daa92a2169a5340207db60c9a7b35f64cd520a5
Branches Tags
seasharp:trunk
seasharp:keyring

40 Commits
42d15decd1 ... 3daa92a216

Author SHA1 Message Date
Hilton Chain
3daa92a216
rosenthal: ai-robots-txt: Update to 1.40. 
* modules/rosenthal/packages/web.scm (ai-robots-txt): Update to 1.40.
 2025-09-16 20:54:14 +08:00
Hilton Chain
1adedb4477
rosenthal: Add alloy-bin-aarch64-linux. 
* modules/rosenthal/packages/binaries.scm (alloy-bin-aarch64-linux): New
variable.
 2025-09-15 21:56:27 +08:00
Hilton Chain
44bb224568
services: Add alloy-service-type. 2025-09-15 21:30:29 +08:00
Hilton Chain
bb2494828d
services: Add mimir-service-type. 2025-09-15 21:30:20 +08:00
Hilton Chain
f7ec4842d3
services: Add loki-service-type. 2025-09-15 21:30:03 +08:00
Hilton Chain
6bc7653985
services: prometheus: Fix activation directory. 2025-09-15 18:07:58 +08:00
Hilton Chain
05613c1085
services: prometheus: Fix directory permission. 
* modules/rosenthal/services/monitoring.scm (prometheus-activation): Fix
permission for /var/lib/prometheus, which is also used by
prometheus-node-exporter.
 2025-09-14 23:15:22 +08:00
Hilton Chain
3707e89521
services: Add prometheus-service-type. 
* modules/rosenthal/services/monitoring.scm (<prometheus-configuration>): New
data type.
(prometheus-account, prometheus-activation, prometheus-shepherd): New
procedures.
(prometheus-service-type): New variable.
 2025-09-14 22:29:21 +08:00
Hilton Chain
4d50937404
services: Add grafana-service-type. 
* modules/rosenthal/services/monitoring.scm (<grafana-configuration>): New data
type.
(grafana-account, grafana-postgresql-role, grafana-activation)
(grafana-shepherd): New procedures.
(grafana-service-type): New variable.
 2025-09-14 21:25:22 +08:00
Hilton Chain
ee6254000d
rosenthal: grafana-bin: Install assets. 
* modules/rosenthal/packages/binaries.scm (grafana-bin) [arguments]
<#:install-plan>: Add assets.
 2025-09-14 21:24:41 +08:00
Hilton Chain
1095ffcbe6
rosenthal: guix/dolly: Update ZFS patch with workaround for ‘guix deploy’ support. 
* modules/rosenthal/packages/patches/guix-wip-zfs-boot-support.patch: Update.
 2025-09-14 14:53:58 +08:00
Hilton Chain
8e3cb6520c
utils: Add rosenthal-transformation-zfs. 
* modules/rosenthal/utils/transformations.scm (rosenthal-transformation-zfs):
New procedure.
 2025-09-13 20:15:33 +08:00
Hilton Chain
a71e15a31f
rosenthal: guix/dolly: Apply ZFS patches. 
* modules/rosenthal/packages/package-management.scm (guix/hako): Rename to...
(guix/dolly): ...this and apply patches necessary for root on ZFS support.
 2025-09-13 18:00:32 +08:00
Hilton Chain
0050466952
services: Add iocaine. 
* modules/rosenthal/services/web.scm (<iocaine-configuration>): New data type.
(iocaine-etc, iocaine-shepherd-service): New procedures.
(iocaine-accounts, iocaine-service-type): New variables.
 2025-09-12 14:50:45 +08:00
Hilton Chain
62cbfda23d
service: caddy: Use invoke to reload configuration. 
* modules/rosenthal/services/web.scm (caddy-shepherd-services) [actions]
<reload>: Use invoke.
 2025-09-12 14:50:19 +08:00
Hilton Chain
dfe569fdc0
utils: computed-substitution-with-inputs: Support directory substitution. 
* modules/rosenthal/utils/file.scm (computed-substitution-with-inputs): Support
directory substitution.
Error when pattern not found.
 2025-09-12 14:33:50 +08:00
Hilton Chain
dff8c3d547
rosenthal: Add alloy-bin. 
* modules/rosenthal/packages/binaries.scm (alloy-bin): New variable.
 2025-09-09 09:11:04 +08:00
Hilton Chain
44d5fcc485
rosenthal: Add loki-bin. 
* modules/rosenthal/packages/binaries.scm (loki-bin): New variable.
 2025-09-09 09:11:02 +08:00
Hilton Chain
de1cbe385f
rosenthal: Add mimir-bin. 
* modules/rosenthal/packages/binaries.scm (mimir-bin): New variable.
 2025-09-09 09:10:41 +08:00
Hilton Chain
35ac609a1f
rosenthal: Add prometheus-bin. 
* modules/rosenthal/packages/binaries.scm (prometheus-bin): New variable.
 2025-09-09 09:09:07 +08:00
Hilton Chain
9f69644049
rosenthal: Add grafana-bin. 
* modules/rosenthal/packages/binaries.scm (grafana-bin): New variable.
 2025-09-09 09:08:53 +08:00
Hilton Chain
07f6489b9e
README: Mention substitute server. 
* README.org: Wrap lines.
Mention Guix Moe CI.
 2025-09-08 00:57:10 +08:00
Hilton Chain
d4a25e7613
utils: rosenthal-transformation-guix: Update substitute server. 
* modules/rosenthal/utils/transformations.scm (rosenthal-transformation-guix):
Use https://cache-cdn.guix.moe and place it before official substitute servers.
 2025-09-08 00:39:01 +08:00
Hilton Chain
1d06558776
examples: Update niri configuration. 
* modules/rosenthal/examples/niri.kdl: Update and adjust.
 2025-09-07 22:15:33 +08:00
Hilton Chain
3d5946a604
rosenthal: Remove cuirass/hako. 
* modules/rosenthal/packages/ci.scm (cuirass/hako): Delete variable.
 2025-09-06 21:45:56 +08:00
Hilton Chain
ab2946df94
rosenthal: caddy/dolly: Update to 2025.09.06-2. 
* modules/rosenthal/packages/web.scm (caddy/dolly): Update to 2025.09.06-2.
[native-inputs]: Update vendored Go dependencies.
 2025-09-06 14:59:26 +08:00
Hilton Chain
18b3253206
rosenthal: caddy: Update to 2.10.2. 
* modules/rosenthal/packages/web.scm (caddy): Update to 2.10.2.
[source]: Remove snippet.
[arguments] <#:go>: Use go-1.25.
[native-inputs]: Update vendored Go dependencies.
 2025-09-06 14:58:46 +08:00
Hilton Chain
204a252e3e
rosenthal: Add go-1.25. 
* modules/rosenthal/packages/golang.scm (go-1.25): New variable.
 2025-09-06 14:57:43 +08:00
Hilton Chain
235654d2a8
rosenthal: caddy/hako: Rename to caddy/dolly. 
* modules/rosenthal/packages/web.scm (caddy/hako): Update to 2025.09.06-1.
Rename to...
(caddy/dolly): ...this.
 2025-09-06 14:31:28 +08:00
Hilton Chain
071707bd41
rosenthal: Add iocaine/dolly. 
* modules/rosenthal/packages/web.scm (iocaine/dolly): New variable.
 2025-09-06 14:30:21 +08:00
Hilton Chain
3f07c3a744
NEWS: Manual intervention required for Caddy service change. 
* NEWS: New entry.
 2025-09-05 16:22:12 +08:00
Hilton Chain
c171b73ae7
services: caddy: Use etc-service-type to place configuration file. 
* modules/rosenthal/services/web.scm (caddy-etc): New procedure.
(caddy-activation): Create /var/log/caddy.  Remove use of /etc/caddy.
(caddy-shepherd-services): Add "configuration" and "reload" actions.
 2025-09-05 15:37:14 +08:00
Hilton Chain
4938fbe373
services: clash: Use mihomo. 
* modules/rosenthal/services/child-error.scm (clash-configuration): Use
mihomo.
 2025-09-04 13:05:57 +08:00
Hilton Chain
55dab73319
rosenthal: Remove deprecated packages. 
* modules/rosenthal/packages/binaries.scm (atuin-bin, hugo-bin, mihomo-bin)
(clash-meta-bin, wakapi-bin, tailscale-bin): Delete variables.
 2025-09-04 12:49:57 +08:00
Hilton Chain
9e51ad4215
services: Remove iwd-service-type. 
* modules/rosenthal/services/networking.scm (<iwd-configuration>): Delete data
type.
(%iwd-config-general, %iwd-config-network, %iwd-config-blacklist)
(%iwd-config-rank, %iwd-config-scan, %iwd-config-ipv4)
(%iwd-config-driver-quirks, iwd-shepherd-service, iwd-service-type): Delete
variables.
(uglify-field-name, serialize-field, serialize-string, maybe-string)
(serialize-boolean, maybe-boolean, cidr4?, serialize-cidr4, maybe-cidr4)
(randomization-method?, serialize-randomization-method, randomization-method)
(randomization-range?, serialize-randomization-range, randomization-range)
(signal-strength?, serialize-signal-strength, signal-strength, seconds?)
(serialize-seconds, maybe-seconds, protection-mode?, serialize-protection-mode)
(maybe-protection-mode, resolution-method?, serialize-resolution-method)
(serialize-integer, maybe-integer, serialize-number, maybe-number)
(serialize-list-of-strings, list-of-strings, list-of-cidr4?)
(serialize-list-of-cidr4, list-of-cidr4)
(serialize-iwd-configuration, add-iwd-config-file, add-iwd-package) Delete
procedures.
 2025-09-02 11:38:07 +08:00
Hilton Chain
eb7e08c63e
rosenthal: komga-bin: Set supported-systems to x86_64-linux only. 
* modules/rosenthal/packages/binaries.scm (komga-bin) [supported-systems]: Set
to x86_64-linux.
 2025-09-02 00:59:39 +08:00
Hilton Chain
4943e01c2a
rosenthal: cuirass/hako: Update to 1.2.0-3.ba77a7c. 
* modules/rosenthal/packages/ci.scm (cuirass/hako): Update to 1.2.0-3.ba77a7c.
 2025-09-01 15:52:47 +08:00
Hilton Chain
84b2141d38
services: zfs: Export variable. 
* modules/rosenthal/services/file-systems.scm (zfs-service-type): Export.
 2025-08-29 21:06:14 +08:00
Hilton Chain
6bf3906d6e
services: Add zfs-service-type. 
* modules/rosenthal/services/file-systems.scm (zfs-shepherd-service)
(zfs-service-type): New variables.
 2025-08-29 20:59:08 +08:00
MinkieYume
324e8d55fb
rosenthal: sing-box: Update to 1.12.4. 
* modules/rosenthal/packages/networking.scm (sing-box): Update to 1.12.4.
[native-inputs]: Update vendored Go dependencies.

Signed-off-by: Hilton Chain <hako@ultrarare.space>
 2025-08-29 16:05:28 +08:00
19 changed files with 3092 additions and 505 deletions
Show Stats Expand all files Collapse all files

10
NEWS
View File

@ -6,6 +6,16 @@
(channel-news
(version 0)
(entry ;2025-09-05
(commit "c171b73ae7e66e55b4fc60422bc030c5aade444c")
(title (en "Manual intervention required for Caddy service change")
(zh "Caddy 服務改動需要人爲干預"))
(body (en "@code{caddy-service-type} has switched to @code{etc-service-type}
to set up Caddy configuration file. Please remove the existing
@file{/etc/caddy} directory before system reconfiguration.")
(zh "@code{caddy-service-type} 已改爲使用 @code{etc-service-type} 設置
配置文件。請在重新配置系統前刪除已有的 @file{/etc/caddy} 目錄。")))
(entry ;2024-12-08
(commit "162defb8388b4099f6ae8699ec8872f845a2481e")
(title (en "Hyprland upstreamed")

20
README.org
View File

@ -3,13 +3,17 @@
#+TITLE: Rosenthal - A certain Guix channel
Rosenthal is a Guix channel (see [[https://guix.gnu.org/manual/devel/en/html_node/Channels.html][Channels]] in /GNU Guix Reference Manual/) created for experiments. It currently holds some packages and services not ready for upstreaming to [[https://guix.gnu.org/][GNU Guix]].
Rosenthal is a Guix channel (see [[https://guix.gnu.org/manual/devel/en/html_node/Channels.html][Channels]] in /GNU Guix Reference Manual/)
created for experiments. It currently holds some packages and services not
ready for upstreaming to [[https://guix.gnu.org/][GNU Guix]].
You can use [[https://toys.whereis.social/][toys]] to search packages and services from Rosenthal and other Guix channels.
You can use [[https://toys.whereis.social/][toys]] to search packages and services from Rosenthal and other Guix
channels.
Note that all contents in this channel are subject to change and may be deleted **at any time**, please [[https://codeberg.org/hako/Rosenthal/issues][report an issue]] if you are affected.
Note that all contents in this channel are subject to change and may be deleted
**at any time**, please [[https://codeberg.org/hako/Rosenthal/issues][report an issue]] if you are affected.
Channel definition:
Channel specification:
#+begin_src scheme
(channel
(name 'rosenthal)
@ -22,7 +26,13 @@ Channel definition:
"13E7 6CD6 E649 C28C 3385 4DF5 5E5A A665 6149 17F7"))))
#+end_src
For configuration, see [[https://guix.gnu.org/manual/devel/en/html_node/Specifying-Additional-Channels.html][Specifying Additional Channels]], [[https://guix.gnu.org/manual/devel/en/html_node/Customizing-the-System_002dWide-Guix.html][Customizing the System-Wide Guix]] and [[https://guix.gnu.org/manual/devel/en/html_node/Guix-Home-Services.html#index-home_002dchannels_002dservice_002dtype][~home-channels-service-type~]] in /GNU Guix Reference Manual/.
For configuration, see [[https://guix.gnu.org/manual/devel/en/html_node/Specifying-Additional-Channels.html][Specifying Additional Channels]], [[https://guix.gnu.org/manual/devel/en/html_node/Customizing-the-System_002dWide-Guix.html][Customizing the
System-Wide Guix]] and [[https://guix.gnu.org/manual/devel/en/html_node/Guix-Home-Services.html#index-home_002dchannels_002dservice_002dtype][~home-channels-service-type~]] in /GNU Guix Reference
Manual/.
This channel provides substitutes built by [[https://ci.guix.moe/][Guix Moe CI]], see [[https://ultrarare.space/en/posts/guix-build-farm/][its blog post]] for
setup and more information. [[https://codeberg.org/hako/Testament/issues][Send a request]] if you'd like to see substitutes
available for more channels.
Wiki: https://codeberg.org/hako/Rosenthal/wiki

98
modules/rosenthal/examples/niri.kdl
View File

@ -5,11 +5,11 @@
// This config is in the KDL format: https://kdl.dev
// "/-" comments out the following node.
// Check the wiki for a full description of the configuration:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Overview
// https://yalter.github.io/niri/Configuration:-Introduction
// Input device configuration.
// Find the full list of options on the wiki:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Input
// https://yalter.github.io/niri/Configuration:-Input
input {
keyboard {
xkb {
@ -19,18 +19,28 @@ input {
// For example:
// layout "us,ru"
// options "grp:win_space_toggle,compose:ralt,ctrl:nocaps"
// If this section is empty, niri will fetch xkb settings
// from org.freedesktop.locale1. You can control these using
// localectl set-x11-keymap.
}
// Enable numlock on startup, omitting this setting disables it.
numlock
repeat-delay 300
repeat-rate 30
}
// Next sections include libinput settings.
// Omitting settings disables them, or leaves them at their default values.
// All commented-out settings here are examples, not defaults.
touchpad {
// off
tap
// dwt
// dwtp
// drag false
// drag-lock
natural-scroll
// accel-speed 0.2
@ -54,6 +64,7 @@ input {
// accel-profile "flat"
// scroll-method "on-button-down"
// scroll-button 273
// scroll-button-lock
// middle-emulation
}
@ -69,7 +80,7 @@ input {
// by running `niri msg outputs` while inside a niri instance.
// The built-in laptop monitor is usually called "eDP-1".
// Find more information on the wiki:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Outputs
// https://yalter.github.io/niri/Configuration:-Outputs
// Remember to uncomment the node by removing "/-"!
/-output "eDP-1" {
// Uncomment this line to disable this output.
@ -104,7 +115,7 @@ input {
// Settings that influence how windows are positioned and sized.
// Find more information on the wiki:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Layout
// https://yalter.github.io/niri/Configuration:-Layout
layout {
// Set gaps around windows in logical pixels.
gaps 16
@ -166,6 +177,9 @@ layout {
active-color "#7fc8ff"
// Color of the ring on inactive monitors.
//
// The focus ring only draws around the active window, so the only place
// where you can see its inactive-color is on other monitors.
inactive-color "#505050"
// You can also use gradients. They take precedence over solid colors.
@ -175,7 +189,7 @@ layout {
// You can use any CSS linear-gradient tool on the web to set these up.
// Changing the color space is also supported, check the wiki for more info.
//
// active-gradient from="#80c8ff" to="#bbddff" angle=45
// active-gradient from="#80c8ff" to="#c7ff7f" angle=45
// You can also color the gradient relative to the entire view
// of the workspace, rather than relative to just the window itself.
@ -194,7 +208,14 @@ layout {
active-color "#ffc87f"
inactive-color "#505050"
// active-gradient from="#ffbb66" to="#ffc880" angle=45 relative-to="workspace-view"
// Color of the border around windows that request your attention.
urgent-color "#9b0000"
// Gradients can use a few different interpolation color spaces.
// For example, this is a pastel rainbow gradient via in="oklch longer hue".
//
// active-gradient from="#e5989b" to="#ffb4a2" angle=45 relative-to="workspace-view" in="oklch longer hue"
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
}
@ -252,7 +273,17 @@ layout {
// Note that running niri as a session supports xdg-desktop-autostart,
// which may be more convenient to use.
// See the binds section below for more spawn examples.
// spawn-at-startup "foot" "fish"
// This line starts waybar, a commonly used bar for Wayland compositors.
// spawn-at-startup "waybar"
// To run a shell command (with variables, pipes, etc.), use spawn-sh-at-startup:
// spawn-sh-at-startup "qs -c ~/source/qs/MyAwesomeShell"
hotkey-overlay {
// Uncomment this line to disable the "Important Hotkeys" pop-up at startup.
// skip-at-startup
}
// Uncomment this line to ask the clients to omit their client-side decorations if possible.
// If the client will specifically ask for CSD, the request will be honored.
@ -271,7 +302,7 @@ screenshot-path "~/Screenshot from %Y-%m-%d %H-%M-%S.png"
// Animation settings.
// The wiki explains how to configure individual animations:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Animations
// https://yalter.github.io/niri/Configuration:-Animations
animations {
// Uncomment to turn off all animations.
// off
@ -282,7 +313,7 @@ animations {
// Window rules let you adjust behavior for individual windows.
// Find more information on the wiki:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Window-Rules
// https://yalter.github.io/niri/Configuration:-Window-Rules
// Work around WezTerm's initial configure bug
// by setting an empty default-column-width.
@ -338,26 +369,35 @@ binds {
Mod+Shift+Slash { show-hotkey-overlay; }
// Suggested binds for running programs: terminal, app launcher, screen locker.
Mod+T { spawn "foot"; }
Mod+D { spawn "rofi" "-show" "drun"; }
// Super+Alt+L { spawn "swaylock"; }
Mod+T hotkey-overlay-title="Open a Terminal: foot" { spawn "foot"; }
Mod+D hotkey-overlay-title="Run an Application: rofi" { spawn "rofi" "-show" "drun"; }
// Super+Alt+L hotkey-overlay-title="Lock the Screen: swaylock" { spawn "swaylock"; }
// You can also use a shell. Do this if you need pipes, multiple commands, etc.
// Note: the entire command goes as a single argument in the end.
// Mod+T { spawn "bash" "-c" "notify-send hello && exec foot"; }
// Use spawn-sh to run a shell command. Do this if you need pipes, multiple commands, etc.
// Note: the entire command goes as a single argument. It's passed verbatim to `sh -c`.
// For example, this is a standard bind to toggle the screen reader (orca).
Super+Alt+S allow-when-locked=true hotkey-overlay-title=null { spawn-sh "pkill orca || exec orca"; }
// Example volume keys mappings for PipeWire & WirePlumber.
// The allow-when-locked=true property makes them work even when the session is locked.
XF86AudioRaiseVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1+"; }
XF86AudioLowerVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.1-"; }
XF86AudioMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"; }
XF86AudioMicMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SOURCE@" "toggle"; }
// Using spawn-sh allows to pass multiple arguments together with the command.
XF86AudioRaiseVolume allow-when-locked=true { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.1+"; }
XF86AudioLowerVolume allow-when-locked=true { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.1-"; }
XF86AudioMute allow-when-locked=true { spawn-sh "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; }
XF86AudioMicMute allow-when-locked=true { spawn-sh "wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle"; }
// Example brightness key mappings for light.
// You can use regular spawn with multiple arguments too (to avoid going through "sh"),
// but you need to manually put each argument in separate "" quotes.
XF86MonBrightnessUp allow-when-locked=true { spawn "light" "-A" "10"; }
XF86MonBrightnessDown allow-when-locked=true { spawn "light" "-U" "10"; }
Mod+Q { close-window; }
// Open/close the Overview: a zoomed-out view of workspaces and windows.
// You can also move the mouse into the top-left hot corner,
// or do a four-finger swipe up on a touchpad.
Mod+O repeat=false { toggle-overview; }
Mod+Q repeat=false { close-window; }
Mod+Left { focus-column-left; }
Mod+Down { focus-window-down; }
@ -462,8 +502,8 @@ binds {
// These binds are also affected by touchpad's natural-scroll, so these
// example binds are "inverted", since we have natural-scroll enabled for
// touchpads by default.
// Mod+TouchpadScrollDown { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.02+"; }
// Mod+TouchpadScrollUp { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.02-"; }
// Mod+TouchpadScrollDown { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.02+"; }
// Mod+TouchpadScrollUp { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.02-"; }
// You can refer to workspaces by index. However, keep in mind that
// niri is a dynamic workspace system, so these commands are kind of
@ -510,6 +550,8 @@ binds {
Mod+Period { expel-window-from-column; }
Mod+R { switch-preset-column-width; }
// Cycling through the presets in reverse order is also possible.
// Mod+R { switch-preset-column-width-back; }
Mod+Shift+R { switch-preset-window-height; }
Mod+Ctrl+R { reset-window-height; }
Mod+F { maximize-column; }
@ -521,6 +563,9 @@ binds {
Mod+C { center-column; }
// Center all fully visible columns on screen.
Mod+Ctrl+C { center-visible-columns; }
// Finer width adjustments.
// This command can also:
// * set width in pixels: "1000"
@ -576,11 +621,10 @@ binds {
Mod+Shift+P { power-off-monitors; }
}
// Rootless Xwayland support
spawn-at-startup "xwayland-satellite" ":233"
environment {
DISPLAY ":233"
}
// Start user Shepherd
spawn-at-startup "sh" "-c" "pgrep --uid $USER shepherd > /dev/null || shepherd"
overview {
backdrop-color "#D2DEE9"
}

196
modules/rosenthal/packages/binaries.scm
View File

@ -9,6 +9,7 @@
#:use-module (guix deprecation)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix utils)
#:use-module (guix build-system copy)
#:use-module (gnu build icecat-extension)
#:use-module (gnu packages base)
@ -28,18 +29,6 @@
(define license
(@@ (guix licenses) license))
(define-public atuin-bin
(deprecated-package "atuin-bin" atuin))
(define-public hugo-bin
(deprecated-package "hugo-bin" hugo))
(define-public mihomo-bin
(deprecated-package "mihomo-bin" mihomo))
(define-public clash-meta-bin
(deprecated-package "clash-meta-bin" mihomo-bin))
(define-public cloudflare-warp-bin
(package
(name "cloudflare-warp-bin")
@ -153,6 +142,7 @@ exec ~a -jar ~a $@~%"
(description
"Komga is a media server for your comics, mangas, BDs, magazines and
eBooks.")
(supported-systems '("x86_64-linux"))
(license license:expat)
(properties '((upstream-name . "komga")
(disable-updater? . #t)))))
@ -238,12 +228,6 @@ monster-in-the-middle}.")
(properties '((upstream-name . "shadow-tls")
(disable-updater? . #t)))))
(define-public sing-box-bin
(deprecated-package "sing-box-bin" sing-box))
(define-public tailscale-bin
(deprecated-package "tailscale-bin" tailscale))
(define-public wakapi-bin
(package
(name "wakapi-bin")
@ -295,3 +279,179 @@ to WakaTime, which is used by all WakaTime text editor plugins.")
(license license:bsd-3)
(properties '((upstream-name . "wakatime-cli")
(disable-updater? . #t)))))
(define-public grafana-bin
(package
(name "grafana-bin")
(version "12.1.1")
(source (origin
(method url-fetch)
(uri (string-append "https://dl.grafana.com/grafana/release/"
version "/grafana_" version "_" "16903967602"
"_linux_amd64.tar.gz"))
(sha256
(base32
"056jj4ww1l36y77v9qmqhgsg7lsr328bhp7y48c6l125cal1snl2"))))
(build-system copy-build-system)
(arguments
(list #:install-plan
#~'(("bin" "bin")
("conf" "share/grafana/")
("public" "share/grafana/"))))
(synopsis "Platform for monitoring and observability")
(description
"Grafana allows you to query, visualize, alert on and understand your
metrics no matter where they are stored.")
(home-page "https://grafana.com/")
(license license:agpl3)
(supported-systems '("x86_64-linux"))
(properties '((upstream-name . "grafana")
(disable-updater? . #t)))))
(define-public prometheus-bin
(package
(name "prometheus-bin")
(version "3.5.0")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/prometheus/prometheus"
"/releases/download/v" version
"/prometheus-" version ".linux-amd64.tar.gz"))
(sha256
(base32
"16pk8s5lsrvzlqsrhdpmrw98nq8vyqa87wm417xjm0kdy9x844g8"))))
(build-system copy-build-system)
(arguments
(list #:install-plan
#~'(("prometheus" "bin/")
("promtool" "bin/")
("prometheus.yml" "etc/"))))
(synopsis "Monitoring system and time series database")
(description
"Prometheus is a systems and service monitoring system. It collects
metrics from configured targets at given intervals, evaluates rule expressions,
displays the results, and can trigger alerts when specified conditions are
observed.")
(home-page "https://prometheus.io/")
(license license:asl2.0)
(supported-systems '("x86_64-linux"))
(properties '((upstream-name . "prometheus")))))
(define-public mimir-bin
(package
(name "mimir-bin")
(version "2.17.1")
(source (origin
(method url-fetch)
(uri (string-append
"https://github.com/grafana/mimir/releases/download/mimir-"
version "/mimir-linux-amd64"))
(sha256
(base32
"1vnrpzwyjz7plzdiih65853ndvg64a9n1x1i7jqr085byhpayp82"))))
(build-system copy-build-system)
(arguments
(list #:phases
#~(modify-phases %standard-phases
(replace 'install
(lambda* (#:key source #:allow-other-keys)
(let ((name "mimir")
(dest (in-vicinity #$output "bin")))
(mkdir-p dest)
(with-directory-excursion dest
(copy-file source name)
(chmod name #o555))))))))
(synopsis "Scalable long-term storage for Prometheus")
(description
"Grafana Mimir provides horizontally scalable, highly available,
multi-tenant, long-term storage for Prometheus.")
(home-page "https://grafana.com/oss/mimir/")
(license license:agpl3)
(supported-systems '("x86_64-linux"))
(properties '((upstream-name . "mimir")
(disable-updater? . #t)))))
(define-public loki-bin
(package
(name "loki-bin")
(version "3.5.4")
(source (origin
(method url-fetch/zipbomb)
(uri (string-append
"https://github.com/grafana/loki/releases/download/v"
version "/loki-linux-amd64.zip"))
(sha256
(base32
"1z1z60ki4zavijw0idpard0xx38q8140wv2hykxb3rikb05z0frk"))))
(build-system copy-build-system)
(arguments
(list #:install-plan
#~'(("loki-linux-amd64" "bin/loki"))))
(synopsis "Log aggregation system")
(description
"Loki is a horizontally scalable, highly available, multi-tenant log
aggregation system inspired by Prometheus. It is designed to be very cost
effective and easy to operate. It does not index the contents of the logs, but
rather a set of labels for each log stream.")
(home-page "https://grafana.com/oss/loki/")
(license license:agpl3)
(supported-systems '("x86_64-linux"))
(properties '((upstream-name . "loki")
(disable-updater? . #t)))))
(define-public alloy-bin
(package
(name "alloy-bin")
(version "1.10.2")
(source (origin
(method url-fetch/zipbomb)
(uri (string-append
"https://github.com/grafana/alloy/releases/download/v"
version "/alloy-linux-amd64.zip"))
(sha256
(base32
"03hwmnkx2awxlfw3ixplfnwzx7n1x624n1yw6cgky4hhjz13d3i8"))))
(build-system copy-build-system)
(arguments
(list #:install-plan
#~'(("alloy-linux-amd64" "bin/alloy"))
#:phases
#~(modify-phases %standard-phases
(add-after 'install 'patch-elf
(lambda* (#:key inputs #:allow-other-keys)
(let ((name "alloy")
(dest (in-vicinity #$output "bin"))
(ld.so (search-input-file inputs #$(glibc-dynamic-linker))))
(with-directory-excursion dest
(invoke "patchelf" "--set-interpreter" ld.so name))))))))
(native-inputs (list patchelf))
(synopsis
"OpenTelemetry Collector distribution with programmable pipelines")
(description
"Grafana Alloy is an open source OpenTelemetry Collector distribution with
built-in Prometheus pipelines and support for metrics, logs, traces, and
profiles.")
(home-page "https://grafana.com/oss/alloy-opentelemetry-collector/")
(license license:agpl3)
(supported-systems '("x86_64-linux"))
(properties '((upstream-name . "alloy")
(disable-updater? . #t)))))
(define-public alloy-bin-aarch64-linux
(package
(inherit alloy-bin)
(name "alloy-bin-aarch64-linux")
(version "1.10.2")
(source (origin
(method url-fetch/zipbomb)
(uri (string-append
"https://github.com/grafana/alloy/releases/download/v"
version "/alloy-linux-arm64.zip"))
(sha256
(base32
"1gnfdhs8rxyn18swy1kv1f2lbsj6abjlhrgaibsj2a87swgcyvjg"))))
(arguments
(substitute-keyword-arguments (package-arguments alloy-bin)
((#:install-plan _ ''())
#~'(("alloy-linux-arm64" "bin/alloy")))))
(supported-systems '("aarch64-linux"))))

19
modules/rosenthal/packages/ci.scm
View File

@ -8,22 +8,3 @@
#:use-module (guix packages)
#:use-module (guix git-download)
#:use-module (gnu packages ci))
(define-public cuirass/hako
(let ((commit "ccc11de138b5c15990551ad6cc883aeb15a8f80c")
(revision "2"))
(package
(inherit cuirass)
(name "cuirass-hako")
(version (git-version "1.2.0" revision commit))
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://codeberg.org/guix/cuirass.git")
(commit commit)))
(file-name (git-file-name name version))
(sha256
(base32
"1yxfss23pkr39ymrcw3injqm05aqczhkyjrn79qkfakwi2bqismm"))))
(properties '((disable-updater? . #t))))))

36
modules/rosenthal/packages/golang.scm Normal file
View File

@ -0,0 +1,36 @@
(define-module (rosenthal packages golang)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix gexp)
#:use-module (guix packages)
#:use-module (guix utils)
#:use-module (guix download)
#:use-module (guix git-download)
#:use-module (rosenthal utils download)
#:use-module (rosenthal utils cargo)
#:use-module (guix build-system cargo)
#:use-module (guix build-system copy)
#:use-module (guix build-system go)
#:use-module (gnu packages golang)
#:use-module (gnu packages image)
#:use-module (gnu packages jemalloc)
#:use-module (gnu packages web)
#:use-module (gnu packages version-control))
(define-public go-1.25
(package
(inherit go-1.24)
(name "go")
(version "1.25.1")
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/golang/go")
(commit (string-append "go" version))))
(file-name (git-file-name name version))
(sha256
(base32 "1pc6ybdsd2v6rviylmmdzns3v0ramrcbhn935ikff39shpij4xp4"))))
;; TODO
(arguments
(substitute-keyword-arguments (package-arguments go-1.24)
((#:tests? _ #t) #f)))))

6
modules/rosenthal/packages/networking.scm
View File

@ -139,7 +139,7 @@ bypass network restrictions." )
(define-public sing-box
(package
(name "sing-box")
(version "1.12.3")
(version "1.12.4")
(source (origin
(method git-fetch)
(uri (git-reference
@ -148,7 +148,7 @@ bypass network restrictions." )
(file-name (git-file-name name version))
(sha256
(base32
"1253dbdixq936y3f5gw72an1l25pinzdqqnz1i9983ajxc5l4y1q"))))
"0izhria2rh4cvybghb0yfll5bibahvffgj5fhncx3frk6arrmkix"))))
(build-system go-build-system)
(arguments
(list
@ -216,7 +216,7 @@ bypass network restrictions." )
(file-name "vendored-go-dependencies")
(sha256
(base32
"1dbw0p8mmhxh715x7r9kwy5dribl3pa979fpfa98ayyynvd0zxb3"))))
"0plnpg70zmdspqqb609lvx5kncn7iccindygjmasq6myvy37bwi3"))))
(if (%current-target-system)
(list this-package)
'())))

8
modules/rosenthal/packages/package-management.scm
View File

@ -10,12 +10,14 @@
#:use-module (rosenthal utils packages)
#:use-module (gnu packages package-management))
(define-public guix/hako
(define-public guix/dolly
(package
(inherit
(package-with-extra-patches guix
(rosenthal-patches "guix-change-publish-cache-storage.patch")))
(name "guix-hako")
(rosenthal-patches "guix-change-publish-cache-storage.patch"
"guix-allow-out-of-tree-modules-in-initrd.patch"
"guix-wip-zfs-boot-support.patch")))
(name "guix-dolly")
(arguments
(substitute-keyword-arguments (package-arguments guix)
((#:tests? _ #t) #f)

270
modules/rosenthal/packages/patches/guix-allow-out-of-tree-modules-in-initrd.patch Normal file
View File

@ -0,0 +1,270 @@
From 4323514d1b259a0dd61572e3c0859fab4250d297 Mon Sep 17 00:00:00 2001
Message-ID: <4323514d1b259a0dd61572e3c0859fab4250d297.1757725903.git.hako@ultrarare.space>
From: Brian Cully <bjc@spork.org>
Date: Sun, 16 Feb 2025 21:52:45 +0900
Subject: [PATCH] Allow copying of out-of-tree modules to the Linux initrd.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
With this patch, modules for initrd-modules will not only be searched for in
the in-tree Linux modules, but also any additional modules specified in
kernel-loadable-modules.
* gnu/build/linux-modules.scm (find-module-file): Change DIRECTORY argument to
DIRECTORIES. Now takes a list of directories to search, rather than a single
one.
* gnu/system/linux-initrd.scm (flat-linux-module-directory): change LINUX
argument to PACKAGES. Now contains a list of file-like objects to search for
modules.
(raw-initrd): Add LINUX-EXTRA-MODULE-DIRECTORIES keyword argument. Pass it
to (flat-linux-module-directory) along with the selected LINUX package.
(base-initrd): Add LINUX-EXTRA-MODULE-DIRECTORIES keyword argument. Pass it
to (raw-initrd).
* gnu/system.scm (operating-system-initrd-file): Pass in operating system
definition's kernel-loadable-modules into (make-initrd) as
LINUX-EXTRA-MODULE-DIRECTORIES.
* doc/guix.texi (Initial RAM Disk): Document how out-of-tree modules can be
used.
Change-Id: Ic39f2abcfabc3ec34a71acce840038396bf9c82e
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Modified-by: Hilton Chain <hako@ultrarare.space>
---
doc/guix.texi | 15 ++++++++++
gnu/build/linux-modules.scm | 23 ++++++++++-----
gnu/system.scm | 2 ++
gnu/system/linux-initrd.scm | 58 +++++++++++++++++++++++--------------
4 files changed, 69 insertions(+), 29 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 4ab404dcdb2..3c05428829b 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -46404,6 +46404,21 @@ Initial RAM Disk
(initrd-modules (cons "megaraid_sas" %base-initrd-modules)))
@end lisp
+If a module listed in @code{initrd-modules} is not included in the
+Linux-libre kernel, then its location must be provided via the
+@code{kernel-loadable-modules} list.
+
+As an example, if you need the driver for a Realtek RTL8821CE wireless
+network adapter for mounting the root file system over NFS, your
+configuration might include the following:
+
+@lisp
+(operating-system
+ ;; @dots{}
+ (initrd-modules (cons "8821ce" %base-initrd-modules))
+ (kernel-loadable-modules (list (list rtl8821ce-linux-module "module"))))
+@end lisp
+
@defvar %base-initrd-modules
This is the list of kernel modules included in the initrd by default.
@end defvar
diff --git a/gnu/build/linux-modules.scm b/gnu/build/linux-modules.scm
index 32baf6c5259..f45db55f861 100644
--- a/gnu/build/linux-modules.scm
+++ b/gnu/build/linux-modules.scm
@@ -246,8 +246,8 @@ (define (file-name->module-name file)
'.ko[.gz|.xz|.zst]' and normalizing it."
(normalize-module-name (strip-extension (basename file))))
-(define (find-module-file directory module)
- "Lookup module NAME under DIRECTORY, and return its absolute file name.
+(define (find-module-file directories module)
+ "Lookup module NAME under DIRECTORIES, and return its absolute file name.
NAME can be a file name with or without '.ko', or it can be a module name.
Raise an error if it could not be found.
@@ -255,6 +255,10 @@ (define (find-module-file directory module)
module names usually (always?) use underscores as the inter-word separator,
whereas file names often, but not always, use hyphens. Examples:
\"usb-storage.ko\", \"serpent_generic.ko\"."
+ ;; For backward compatibility.
+ (define %directories (if (pair? directories)
+ directories
+ (list directories)))
(define names
;; List of possible file names. XXX: It would of course be cleaner to
;; have a database that maps module names to file names and vice versa,
@@ -268,16 +272,19 @@ (define (find-module-file directory module)
(else chr)))
module))))
- (match (find-files directory
- (lambda (file stat)
- (member (strip-extension
- (basename file)) names)))
+ (match (append-map
+ (cut find-files <>
+ (lambda (file _)
+ (member (strip-extension
+ (basename file))
+ names)))
+ %directories)
((file)
file)
(()
- (error "kernel module not found" module directory))
+ (error "kernel module not found" module %directories))
((_ ...)
- (error "several modules by that name" module directory))))
+ (error "several modules by that name" module %directories))))
(define* (recursive-module-dependencies files
#:key (lookup-module dot-ko))
diff --git a/gnu/system.scm b/gnu/system.scm
index 78a30646e1b..b709686744d 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -1380,6 +1380,8 @@ (define (operating-system-initrd-file os)
#:linux (operating-system-kernel os)
#:linux-modules
(operating-system-initrd-modules os)
+ #:linux-extra-module-directories
+ (operating-system-kernel-loadable-modules os)
#:mapped-devices mapped-devices
#:keyboard-layout (operating-system-keyboard-layout os)))
diff --git a/gnu/system/linux-initrd.scm b/gnu/system/linux-initrd.scm
index 17c2e6f6bfd..978084062b2 100644
--- a/gnu/system/linux-initrd.scm
+++ b/gnu/system/linux-initrd.scm
@@ -120,13 +120,19 @@ (define* (expression->initrd exp
`(#:references-graphs (("closure" ,init))))
"/initrd.cpio.gz"))
-(define (flat-linux-module-directory linux modules)
+(define (flat-linux-module-directory packages modules)
"Return a flat directory containing the Linux kernel modules listed in
-MODULES and taken from LINUX."
+MODULES and taken from PACKAGES."
(define imported-modules
(source-module-closure '((gnu build linux-modules)
(guix build utils))))
+ (define package-inputs
+ (map (match-lambda
+ ((p o) (gexp-input p o))
+ (p (gexp-input p "out")))
+ packages))
+
(define build-exp
(with-imported-modules imported-modules
(with-extensions (list guile-zlib guile-zstd)
@@ -138,13 +144,17 @@ (define (flat-linux-module-directory linux modules)
(srfi srfi-26)
(ice-9 match))
- (define module-dir
- (string-append #$linux "/lib/modules"))
+ (define module-dirs
+ (map (cut string-append <> "/lib/modules")
+ '#$package-inputs))
(define builtin-modules
- (match (find-files module-dir (lambda (file stat)
- (string=? (basename file)
- "modules.builtin")))
+ (match (append-map
+ (cut find-files <>
+ (lambda (file stat)
+ (string=? (basename file)
+ "modules.builtin")))
+ module-dirs)
((file . _)
(call-with-input-file file
(lambda (port)
@@ -157,7 +167,7 @@ (define (flat-linux-module-directory linux modules)
(lset-difference string=? '#$modules builtin-modules))
(define modules
- (let* ((lookup (cut find-module-file module-dir <>))
+ (let* ((lookup (cut find-module-file module-dirs <>))
(modules (map lookup modules-to-lookup)))
(append modules
(recursive-module-dependencies
@@ -192,6 +202,7 @@ (define* (raw-initrd file-systems
#:key
(linux linux-libre)
(linux-modules '())
+ (linux-extra-module-directories '())
(pre-mount #t)
(mapped-devices '())
(keyboard-layout #f)
@@ -199,15 +210,16 @@ (define* (raw-initrd file-systems
qemu-networking?
volatile-root?
(on-error 'debug))
- "Return as a file-like object a raw initrd, with kernel
-modules taken from LINUX. FILE-SYSTEMS is a list of file-systems to be
-mounted by the initrd, possibly in addition to the root file system specified
-on the kernel command line via 'root'. LINUX-MODULES is a list of kernel
-modules to be loaded at boot time. MAPPED-DEVICES is a list of device
-mappings to realize before FILE-SYSTEMS are mounted. PRE-MOUNT is a
-G-expression to evaluate before realizing MAPPED-DEVICES.
-HELPER-PACKAGES is a list of packages to be copied in the initrd. It may include
-e2fsck/static or other packages needed by the initrd to check root partition.
+ "Return as a file-like object a raw initrd, with kernel modules taken from
+LINUX. FILE-SYSTEMS is a list of file-systems to be mounted by the initrd,
+possibly in addition to the root file system specified on the kernel command
+line via 'root'. LINUX-MODULES is a list of kernel modules to be loaded at
+boot time. LINUX-EXTRA-MODULE-DIRECTORIES is a list of file-like objects which
+will be searched for modules in addition to the linux kernel. MAPPED-DEVICES
+is a list of device mappings to realize before FILE-SYSTEMS are mounted.
+HELPER-PACKAGES is a list of packages to be copied in the initrd. It may
+include e2fsck/static or other packages needed by the initrd to check root
+partition.
When true, KEYBOARD-LAYOUT is a <keyboard-layout> record denoting the desired
console keyboard layout. This is done before MAPPED-DEVICES are set up and
@@ -244,7 +256,8 @@ (define* (raw-initrd file-systems
#~())))
(define kodir
- (flat-linux-module-directory linux linux-modules))
+ (flat-linux-module-directory (cons linux linux-extra-module-directories)
+ linux-modules))
(expression->initrd
(with-imported-modules (source-module-closure
@@ -392,6 +405,7 @@ (define* (base-initrd file-systems
#:key
(linux linux-libre)
(linux-modules '())
+ (linux-extra-module-directories '())
(mapped-devices '())
(keyboard-layout #f)
qemu-networking?
@@ -412,9 +426,10 @@ (define* (base-initrd file-systems
QEMU-NETWORKING? and VOLATILE-ROOT? behaves as in raw-initrd.
The initrd is automatically populated with all the kernel modules necessary
-for FILE-SYSTEMS and for the given options. Additional kernel
-modules can be listed in LINUX-MODULES. They will be added to the initrd, and
-loaded at boot time in the order in which they appear."
+for FILE-SYSTEMS and for the given options. Additional kernel modules can be
+listed in LINUX-MODULES. Additional directories for modules can be listed in
+LINUX-EXTRA-MODULE-DIRECTORIES. They will be added to the initrd, and loaded
+at boot time in the order in which they appear."
(define linux-modules*
;; Modules added to the initrd and loaded from the initrd.
`(,@linux-modules
@@ -434,6 +449,7 @@ (define* (base-initrd file-systems
(raw-initrd file-systems
#:linux linux
#:linux-modules linux-modules*
+ #:linux-extra-module-directories linux-extra-module-directories
#:mapped-devices mapped-devices
#:helper-packages helper-packages
#:keyboard-layout keyboard-layout
base-commit: 6174b135ffa3328fd7ad404b15b1586fc64e5666
prerequisite-patch-id: f71061d735b69d75799eb03df6215bbcb20d53b2
prerequisite-patch-id: 88337e68e714f3b1fe0d8e6588a1a4f423251610
--
2.51.0

184
modules/rosenthal/packages/patches/guix-wip-zfs-boot-support.patch Normal file
View File

@ -0,0 +1,184 @@
From ab4aa6e7bb41fe0f2c64cfb587562b19a7cb44ff Mon Sep 17 00:00:00 2001
Message-ID: <ab4aa6e7bb41fe0f2c64cfb587562b19a7cb44ff.1757826291.git.hako@ultrarare.space>
From: Hilton Chain <hako@ultrarare.space>
Date: Sun, 7 Sep 2025 13:52:57 +0800
Subject: [PATCH] WIP: ZFS boot support.
Change-Id: I6579a36d66fcd0a487fe262c9a7c36e51532cb70
---
gnu/build/file-systems.scm | 21 ++++++++++++++-------
gnu/build/linux-boot.scm | 1 +
gnu/system/file-systems.scm | 30 +++++++++++++++++++++---------
gnu/system/linux-initrd.scm | 25 ++++++++++++++++++++-----
guix/scripts/system.scm | 3 ++-
5 files changed, 58 insertions(+), 22 deletions(-)
diff --git a/gnu/build/file-systems.scm b/gnu/build/file-systems.scm
index c506a4911ff..05d0cb819ae 100644
--- a/gnu/build/file-systems.scm
+++ b/gnu/build/file-systems.scm
@@ -1173,13 +1173,20 @@ (define (canonicalize-device-spec spec)
(match spec
((? string?)
- (if (or (string-contains spec ":/") ;nfs
- (and (>= (string-length spec) 2)
- (equal? (string-take spec 2) "//")) ;cifs
- (string=? spec "none"))
- spec ; do not resolve NFS / CIFS / tmpfs devices
- ;; Nothing to do, but wait until SPEC shows up.
- (resolve identity spec identity)))
+ (cond
+ ((or (string-contains spec ":/") ;nfs
+ (and (>= (string-length spec) 2)
+ (equal? (string-take spec 2) "//")) ;cifs
+ (string=? spec "none"))
+ ;; Do not resolve NFS / CIFS / tmpfs devices.
+ spec)
+ ((and (>= (string-length spec) 4)
+ (string=? (string-take spec 4) "zfs:"))
+ ;; "zfs:zpool/dataset" => "zpool/dataset"
+ (string-drop spec 4))
+ (else
+ ;; Nothing to do, but wait until SPEC shows up.
+ (resolve identity spec identity))))
((? file-system-label?)
;; Resolve the label.
(resolve find-partition-by-label
diff --git a/gnu/build/linux-boot.scm b/gnu/build/linux-boot.scm
index 548e28a1c97..2b577483832 100644
--- a/gnu/build/linux-boot.scm
+++ b/gnu/build/linux-boot.scm
@@ -523,6 +523,7 @@ (define* (boot-system #:key
;; So check for all four.
(cond ((string-prefix? "/" device-string) device-string)
((string-contains device-string ":/") device-string) ; nfs-root
+ ((string-prefix? "zfs:" device-string) device-string)
((uuid device-string) => identity)
(else (file-system-label device-string))))
diff --git a/gnu/system/file-systems.scm b/gnu/system/file-systems.scm
index 4ea8237c70d..c6cf828db21 100644
--- a/gnu/system/file-systems.scm
+++ b/gnu/system/file-systems.scm
@@ -372,7 +372,9 @@ (define %pseudo-file-system-types
;; List of know pseudo file system types. This is used when validating file
;; system definitions.
'("binfmt_misc" "cgroup" "cgroup2" "debugfs" "devpts" "devtmpfs" "efivarfs" "fusectl"
- "hugetlbfs" "overlay" "proc" "securityfs" "sysfs" "tmpfs" "tracefs" "virtiofs" "xenfs"))
+ "hugetlbfs" "overlay" "proc" "securityfs" "sysfs" "tmpfs" "tracefs" "virtiofs" "xenfs"
+ ;; HACK
+ "zfs"))
(define %fuse-control-file-system
;; Control file system for Linux' file systems in user-space (FUSE).
@@ -627,18 +629,21 @@ (define (file-system-mount-point-predicate mount-point)
;;;
-;;; Btrfs specific helpers.
+;;; Btrfs specific helpers. TODO: Refactor
;;;
(define (btrfs-subvolume? fs)
"Predicate to check if FS, a file-system object, is a Btrfs subvolume."
- (and-let* ((btrfs-file-system? (string= "btrfs" (file-system-type fs)))
- (option-keys (map (match-lambda
- ((key . value) key)
- (key key))
- (file-system-options->alist
- (file-system-options fs)))))
- (find (cut string-prefix? "subvol" <>) option-keys)))
+ (or (and-let* ((btrfs-file-system? (string= "btrfs" (file-system-type fs)))
+ (option-keys (map (match-lambda
+ ((key . value) key)
+ (key key))
+ (file-system-options->alist
+ (file-system-options fs)))))
+ (find (cut string-prefix? "subvol" <>) option-keys))
+ (and (string=? "zfs" (file-system-type fs))
+ ;; "zfs:zpool/dataset"
+ (string-contains (file-system-device fs) "/"))))
(define (btrfs-store-subvolume-file-name file-systems)
"Return the subvolume file name within the Btrfs top level onto which the
@@ -664,6 +669,13 @@ (define (btrfs-store-subvolume-file-name file-systems)
;; XXX: Deriving the subvolume name based from a subvolume ID is not
;; supported, as we'd need to query the actual file system.
(or (and=> (assoc-ref options "subvol") prepend-slash/maybe)
+ (and (string=? "zfs" (file-system-type store-subvolume-fs))
+ ;; "zfs:zpool/dataset" => "/dataset@"
+ (and=> (file-system-device store-subvolume-fs)
+ (lambda (device)
+ (string-append
+ (substring device (string-index device #\/))
+ "@"))))
(raise (condition
(&message
(message "The store is on a Btrfs subvolume, but the \
diff --git a/gnu/system/linux-initrd.scm b/gnu/system/linux-initrd.scm
index 978084062b2..8bd4a4a7850 100644
--- a/gnu/system/linux-initrd.scm
+++ b/gnu/system/linux-initrd.scm
@@ -249,11 +249,25 @@ (define* (raw-initrd file-systems
;; File systems like btrfs need help to assemble multi-device file systems
;; but do not use manually-specified <mapped-devices>.
(let ((file-system-types (map file-system-type file-systems)))
- (if (member "btrfs" file-system-types)
- ;; Ignore errors: if the system manages to boot anyway, the better.
- #~((system* (string-append #$btrfs-progs/static "/bin/btrfs")
- "device" "scan"))
- #~())))
+ (and
+ (if (member "btrfs" file-system-types)
+ ;; Ignore errors: if the system manages to boot anyway, the better.
+ #~((system* (string-append #$btrfs-progs/static "/bin/btrfs")
+ "device" "scan"))
+ #~())
+ (map (lambda (zpool)
+ ;; Ignore errors: if the system manages to boot anyway, the
+ ;; better.
+ #~(system* #$(file-append zfs "/sbin/zpool")
+ "import" "-N" #$zpool))
+ (delete-duplicates
+ ;; "zfs:zpool/dataset" => "zpool"
+ (map (compose second
+ (cut string-split <> (char-set #\: #\/))
+ file-system-device)
+ (filter (lambda (fs)
+ (equal? (file-system-type fs) "zfs"))
+ file-systems)))))))
(define kodir
(flat-linux-module-directory (cons linux linux-extra-module-directories)
@@ -364,6 +378,7 @@ (define file-system-type-modules
("jfs" => '("jfs"))
("f2fs" => '("f2fs" "crc32_generic"))
("xfs" => '("xfs"))
+ ("zfs" => '("zfs"))
(else '())))
(define (file-system-modules file-systems)
diff --git a/guix/scripts/system.scm b/guix/scripts/system.scm
index 8a56f1cc63d..75a5bb1d5f1 100644
--- a/guix/scripts/system.scm
+++ b/guix/scripts/system.scm
@@ -610,7 +610,8 @@ (define (check-file-system-availability file-systems)
(define literal
(filter (lambda (fs)
- (string? (file-system-device fs)))
+ (and (string? (file-system-device fs))
+ (not (string=? "zfs" (file-system-type fs)))))
relevant))
(define uuid
base-commit: 6174b135ffa3328fd7ad404b15b1586fc64e5666
prerequisite-patch-id: f71061d735b69d75799eb03df6215bbcb20d53b2
prerequisite-patch-id: 88337e68e714f3b1fe0d8e6588a1a4f423251610
prerequisite-patch-id: 466ade9e99cc152f8e9a33c742a4954ade466c25
prerequisite-patch-id: d66207367fc491f6569100503cd9df98b6888560
--
2.51.0

1625
modules/rosenthal/packages/rust-crates.scm
View File

File diff suppressed because it is too large Load Diff

48
modules/rosenthal/packages/web.scm
View File

@ -10,17 +10,21 @@
#:use-module (guix download)
#:use-module (guix git-download)
#:use-module (rosenthal utils download)
#:use-module (rosenthal utils cargo)
#:use-module (guix build-system cargo)
#:use-module (guix build-system copy)
#:use-module (guix build-system go)
#:use-module (gnu packages golang)
#:use-module (gnu packages image)
#:use-module (gnu packages jemalloc)
#:use-module (gnu packages web)
#:use-module (gnu packages version-control))
#:use-module (gnu packages version-control)
#:use-module (rosenthal packages golang))
(define-public ai-robots-txt
(package
(name "ai-robots-txt")
(version "1.39")
(version "1.40")
(source (origin
(method git-fetch)
(uri (git-reference
@ -29,7 +33,7 @@
(file-name (git-file-name name version))
(sha256
(base32
"10x5rvqz1l4gqhhnf12pjqmv4azah9k4970ik0vjrj6z70dpdpk3"))
"1wa1c7awj2mpz78h1v0pw3v9w0ywpwjp26ml5s4qbgi0hmfcss5l"))
(modules '((guix build utils)))
(snippet '(delete-file-recursively "code"))))
(build-system copy-build-system)
@ -102,7 +106,7 @@ order to protect upstream resources from web crawlers.")
(define-public caddy
(package
(name "caddy")
(version "2.10.1")
(version "2.10.2")
(source (origin
(method git-fetch)
(uri (git-reference
@ -111,14 +115,10 @@ order to protect upstream resources from web crawlers.")
(file-name (git-file-name name version))
(sha256
(base32
"0h6bnkrqnikyial2d3rvs2ksamwghs837y88qk73sbqahprjakp8"))
(modules '((guix build utils)))
(snippet '(substitute* "go.mod"
(("^toolchain.*") "")
(("1.25") "1.24")))))
"1ygjbvz1ig62r63l6324728nbg6nwbc0vsi5qis5cg2qyils9y1a"))))
(build-system go-build-system)
(arguments
(list #:go go-1.24
(list #:go go-1.25
#:tests? (not (%current-target-system)) ;TODO: Run test suite.
#:install-source? #f
#:import-path
@ -174,7 +174,7 @@ order to protect upstream resources from web crawlers.")
(invoke caddy "version"))))))))
(native-inputs
(list (origin
(method (go-mod-vendor #:go go-1.24))
(method (go-mod-vendor #:go go-1.25))
(uri (package-source this-package))
(file-name "vendored-go-dependencies")
(sha256
@ -190,11 +190,11 @@ performance and flexibility, making it suitable for a variety of applications,
from serving static websites to running dynamic web applications.")
(license license:asl2.0)))
(define-public caddy/hako
(define-public caddy/dolly
(package
(inherit caddy)
(name "caddy-hako")
(version "2025.08.17-1")
(name "caddy-dolly")
(version "2025.09.06-2")
(source (origin
(method git-fetch)
(uri (git-reference
@ -203,17 +203,17 @@ from serving static websites to running dynamic web applications.")
(file-name (git-file-name name version))
(sha256
(base32
"07c1yxpyz1sbfs7xy8s32hsw3z4l6rpwz01g8n4lq4xzgavkpqab"))))
"1ag6wg6limzaijifcijvr60n8bgi77p211sm12pqjr8bslwgx1n7"))))
(native-inputs
(modify-inputs (package-native-inputs caddy)
(replace "vendored-go-dependencies"
(origin
(method (go-mod-vendor #:go go-1.24))
(method (go-mod-vendor #:go go-1.25))
(uri (package-source this-package))
(file-name "vendored-go-dependencies")
(sha256
(base32
"1fdspm2a4574hn4aik5wlli0yp4ih3w2rjyrw3s96n2drk0schqn"))))))
"04f50kbnskx22q8k7mdcnifz3f45jbsl2k9air9y3r49zh48cnin"))))))
(home-page "https://git.boiledscript.com/hako/caddy")
(properties '((disable-updater? . #t)))))
@ -376,3 +376,17 @@ looking for a reliable platform to manage their software projects.")
(license license:gpl3+)
(properties
'((disable-updater? . #t)))))
(define-public iocaine/dolly
(package
(inherit iocaine)
(name "iocaine-dolly")
(version "2.5.0")
(source
(origin
(method url-fetch)
(uri (crate-uri "iocaine" version))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32 "1x445vnalm323qphxfbfrdzmv9q83h2kybimwm2j39j9p9hj188s"))))
(inputs (cons* jemalloc (rosenthal-cargo-inputs 'iocaine)))))

2
modules/rosenthal/services/child-error.scm
View File

@ -49,7 +49,7 @@
(define-configuration clash-configuration
(clash
(file-like mihomo-bin)
(file-like mihomo)
"The clash package.")
(log-file

66
modules/rosenthal/services/file-systems.scm
View File

@ -1,19 +1,25 @@
;;; SPDX-FileCopyrightText: 2024 Hilton Chain <hako@ultrarare.space>
;;; SPDX-FileCopyrightText: 2024, 2025 Hilton Chain <hako@ultrarare.space>
;;;
;;; SPDX-License-Identifier: GPL-3.0-or-later
(define-module (rosenthal services file-systems)
#:use-module (guix gexp)
#:use-module (gnu packages backup)
#:use-module (gnu packages file-systems)
#:use-module (rosenthal packages admin)
#:use-module (gnu services)
#:use-module (gnu services base)
#:use-module (gnu services configuration)
#:use-module (gnu services linux)
#:use-module (gnu services mcron)
#:use-module (gnu services shepherd)
#:use-module (gnu system pam)
#:export (btrbk-service-type
btrbk-configuration
dumb-runtime-dir-service-type))
dumb-runtime-dir-service-type
zfs-service-type))
;;;
@ -89,3 +95,59 @@
(const dumb-runtime-dir-pam-service))))
(default-value #f) ;No default value required.
(description "Create @code{XDG_RUNTIME_DIR} on login and never remove it.")))
;;;
;;; ZFS
;;;
(define zfs-shepherd-service
(list (shepherd-service
(provision '(zfs-import))
(requirement '(kernel-module-loader))
(start
#~(make-forkexec-constructor
(list #$(file-append zfs "/sbin/zpool") "import" "-a" "-N")))
(one-shot? #t))
(shepherd-service
(provision '(zfs-volumes))
(requirement '(zfs-import))
(start
#~(make-forkexec-constructor
(list #$(file-append zfs "/bin/zvol_wait"))))
(one-shot? #t))
(shepherd-service
(provision '(zfs-mount))
(requirement '(zfs-import))
(start
#~(make-forkexec-constructor
(list #$(file-append zfs "/sbin/zfs") "mount" "-a" "-l")))
(one-shot? #t))
(shepherd-service
(provision '(file-system-zfs))
(requirement '(zfs-mount))
(start #~(const #t))
(stop
#~(make-system-destructor
(string-join
(list #$(file-append zfs "/sbin/zfs") "unmount" "-a")))))))
(define zfs-service-type
(service-type
(name 'zfs)
(extensions
(list (service-extension linux-loadable-module-service-type
(const (list `(,zfs "module"))))
(service-extension udev-service-type
(const (list zfs)))
(service-extension kernel-module-loader-service-type
(const '("zfs")))
(service-extension shepherd-root-service-type
(const zfs-shepherd-service))
(service-extension user-processes-service-type
(const '(file-system-zfs)))
(service-extension profile-service-type
(const (list zfs)))))
(default-value #f)
(description "")))

419
modules/rosenthal/services/monitoring.scm Normal file
View File

@ -0,0 +1,419 @@
;;; SPDX-FileCopyrightText: 2025 Hilton Chain <hako@ultrarare.space>
;;;
;;; SPDX-License-Identifier: GPL-3.0-or-later
(define-module (rosenthal services monitoring)
#:use-module (guix gexp)
#:use-module (guix records)
#:use-module (rosenthal utils serializers ini)
#:use-module (rosenthal utils serializers yaml)
#:use-module (gnu system shadow)
#:use-module (gnu services)
#:use-module (gnu services configuration)
#:use-module (gnu services databases)
#:use-module (gnu services shepherd)
#:use-module (gnu packages guile-xyz)
#:use-module (rosenthal packages binaries)
#:export (alloy-configuration
alloy-service-type
grafana-service-type
grafana-configuration
loki-service-type
loki-configuration
mimir-service-type
mimir-configuration
prometheus-service-type
prometheus-configuration))
;;;
;;; alloy
;;;
(define-configuration/no-serialization alloy-configuration
(alloy
(file-like alloy-bin)
"")
(config
file-like
"")
(shepherd-provision
(list-of-symbols '(alloy))
"")
(shepherd-requirement
(list-of-symbols '())
"")
(auto-start?
(boolean #t)
""))
(define alloy-activation
(lambda _
#~(begin
(use-modules (guix build utils))
(let ((directory "/var/lib/alloy"))
(unless (file-exists? directory)
(mkdir-p directory)
(chmod directory #o755))))))
(define alloy-shepherd
(match-record-lambda <alloy-configuration>
(alloy config shepherd-provision shepherd-requirement auto-start?)
(list (shepherd-service
(provision shepherd-provision)
(requirement `(loopback user-processes ,@shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append alloy "/bin/alloy") "run" #$config)
#:directory "/var/lib/alloy"))
(stop #~(make-kill-destructor))
(auto-start? auto-start?)))))
(define alloy-service-type
(service-type
(name 'alloy)
(extensions
(list (service-extension activation-service-type
alloy-activation)
(service-extension shepherd-root-service-type
alloy-shepherd)))
(description "")))
;;;
;;; Grafana
;;;
(define-configuration/no-serialization grafana-configuration
(grafana
(file-like grafana-bin)
"")
(config
ini-config
"")
(database-password-file
string
"")
(shepherd-provision
(list-of-symbols '(grafana))
"")
(shepherd-requirement
(list-of-symbols '())
"")
(auto-start?
(boolean #t)
""))
(define grafana-account
(lambda _
(list (user-group (name "grafana") (system? #t))
(user-account
(name "grafana")
(group "grafana")
(system? #t)
(comment "Grafana user")
(home-directory "/var/lib/grafana")))))
(define grafana-postgresql-role
(match-record-lambda <grafana-configuration>
(database-password-file)
(list (postgresql-role
(name "grafana")
(create-database? #t)
(password-file database-password-file)))))
(define grafana-activation
(lambda _
#~(begin
(use-modules (guix build utils))
(let ((user (getpwnam "grafana")))
(for-each
(lambda (directory)
(unless (file-exists? directory)
(mkdir-p directory)
(chown directory (passwd:uid user) (passwd:gid user))))
'("/var/log/grafana" "/var/lib/grafana"))))))
(define grafana-shepherd
(match-record-lambda <grafana-configuration>
(grafana config shepherd-provision shepherd-requirement auto-start?)
(let ((config-file
(apply mixed-text-file "grafana.ini" (ini-serialize config))))
(list (shepherd-service
(provision shepherd-provision)
(requirement `(loopback postgresql user-processes
,@shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append grafana "/bin/grafana")
"server" "--config" #$config-file)
#:user "grafana"
#:group "grafana"
#:directory #$(file-append grafana "/share/grafana")))
(stop #~(make-kill-destructor))
(auto-start? auto-start?))))))
(define grafana-service-type
(service-type
(name 'grafana)
(extensions
(list (service-extension account-service-type
grafana-account)
(service-extension postgresql-role-service-type
grafana-postgresql-role)
(service-extension activation-service-type
grafana-activation)
(service-extension shepherd-root-service-type
grafana-shepherd)))
(description "")))
;;;
;;; loki
;;;
(define-configuration/no-serialization loki-configuration
(loki
(file-like loki-bin)
"")
(config
yaml-config
"")
(shepherd-provision
(list-of-symbols '(loki))
"")
(shepherd-requirement
(list-of-symbols '())
"")
(auto-start?
(boolean #t)
""))
(define loki-account
(lambda _
(list (user-group (name "loki") (system? #t))
(user-account
(name "loki")
(group "loki")
(system? #t)
(comment "Loki user")
(home-directory "/var/lib/loki")))))
(define loki-activation
(lambda _
#~(begin
(use-modules (guix build utils))
(let ((user (getpwnam "loki"))
(directory "/var/lib/loki"))
(unless (file-exists? directory)
(mkdir-p directory)
(chown directory (passwd:uid user) (passwd:gid user))
(chmod directory #o755))))))
(define loki-shepherd
(match-record-lambda <loki-configuration>
(loki config shepherd-provision shepherd-requirement auto-start?)
(let ((config-file
(computed-file "loki.yaml"
(with-extensions (list guile-yamlpp)
#~(begin
(use-modules (yamlpp))
(call-with-output-file #$output
(lambda (port)
(let ((emitter (make-yaml-emitter)))
(yaml-emit! emitter '#$config)
(display (yaml-emitter-string emitter) port)))))))))
(list (shepherd-service
(provision shepherd-provision)
(requirement `(loopback user-processes ,@shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append loki "/bin/loki")
(string-append "-config.file=" #$config-file))
#:user "loki"
#:group "loki"
#:directory "/var/lib/loki"))
(stop #~(make-kill-destructor))
(auto-start? auto-start?))))))
(define loki-service-type
(service-type
(name 'loki)
(extensions
(list (service-extension account-service-type
loki-account)
(service-extension activation-service-type
loki-activation)
(service-extension shepherd-root-service-type
loki-shepherd)))
(description "")))
;;;
;;; mimir
;;;
(define-configuration/no-serialization mimir-configuration
(mimir
(file-like mimir-bin)
"")
(config
yaml-config
"")
(shepherd-provision
(list-of-symbols '(mimir))
"")
(shepherd-requirement
(list-of-symbols '())
"")
(auto-start?
(boolean #t)
""))
(define mimir-account
(lambda _
(list (user-group (name "mimir") (system? #t))
(user-account
(name "mimir")
(group "mimir")
(system? #t)
(comment "Mimir user")
(home-directory "/var/lib/mimir")))))
(define mimir-activation
(lambda _
#~(begin
(use-modules (guix build utils))
(let ((user (getpwnam "mimir"))
(directory "/var/lib/mimir"))
(unless (file-exists? directory)
(mkdir-p directory)
(chown directory (passwd:uid user) (passwd:gid user))
(chmod directory #o755))))))
(define mimir-shepherd
(match-record-lambda <mimir-configuration>
(mimir config shepherd-provision shepherd-requirement auto-start?)
(let ((config-file
(computed-file "mimir.yaml"
(with-extensions (list guile-yamlpp)
#~(begin
(use-modules (yamlpp))
(call-with-output-file #$output
(lambda (port)
(let ((emitter (make-yaml-emitter)))
(yaml-emit! emitter '#$config)
(display (yaml-emitter-string emitter) port)))))))))
(list (shepherd-service
(provision shepherd-provision)
(requirement `(loopback user-processes ,@shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append mimir "/bin/mimir")
(string-append "-config.file=" #$config-file))
#:user "mimir"
#:group "mimir"
#:directory "/var/lib/mimir"))
(stop #~(make-kill-destructor))
(auto-start? auto-start?))))))
(define mimir-service-type
(service-type
(name 'mimir)
(extensions
(list (service-extension account-service-type
mimir-account)
(service-extension activation-service-type
mimir-activation)
(service-extension shepherd-root-service-type
mimir-shepherd)))
(description "")))
;;;
;;; prometheus
;;;
(define-configuration/no-serialization prometheus-configuration
(prometheus
(file-like prometheus-bin)
"")
(listen-address
(string "0.0.0.0:9090")
"")
(config
yaml-config
"")
(shepherd-provision
(list-of-symbols '(prometheus))
"")
(shepherd-requirement
(list-of-symbols '())
"")
(auto-start?
(boolean #t)
""))
(define prometheus-account
(lambda _
(list (user-group (name "prometheus") (system? #t))
(user-account
(name "prometheus")
(group "prometheus")
(system? #t)
(comment "Prometheus user")
(home-directory "/var/lib/prometheus")))))
(define prometheus-activation
(lambda _
#~(begin
(use-modules (guix build utils))
(let ((user (getpwnam "prometheus"))
(directory "/var/lib/prometheus"))
(unless (file-exists? directory)
(mkdir-p directory)
(chown directory (passwd:uid user) (passwd:gid user))
(chmod directory #o775))))))
(define prometheus-shepherd
(match-record-lambda <prometheus-configuration>
(prometheus listen-address config shepherd-provision shepherd-requirement auto-start?)
(let ((config-file
(computed-file "prometheus.yml"
(with-extensions (list guile-yamlpp)
#~(begin
(use-modules (yamlpp))
(call-with-output-file #$output
(lambda (port)
(let ((emitter (make-yaml-emitter)))
(yaml-emit! emitter '#$config)
(display (yaml-emitter-string emitter) port)))))))))
(list (shepherd-service
(provision shepherd-provision)
(requirement `(loopback user-processes ,@shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append prometheus "/bin/prometheus")
(string-append "--config.file=" #$config-file)
(string-append "--web.listen-address=" #$listen-address))
#:user "prometheus"
#:group "prometheus"
#:directory "/var/lib/prometheus"
#:log-file "/var/log/prometheus.log"))
(stop #~(make-kill-destructor))
(auto-start? auto-start?))))))
(define prometheus-service-type
(service-type
(name 'prometheus)
(extensions
(list (service-extension account-service-type
prometheus-account)
(service-extension activation-service-type
prometheus-activation)
(service-extension shepherd-root-service-type
prometheus-shepherd)))
(description "")))

362
modules/rosenthal/services/networking.scm
View File

@ -16,372 +16,12 @@
#:use-module (gnu services dbus)
#:use-module (gnu services shepherd)
#:use-module (gnu system shadow)
#:export (iwd-configuration
iwd-service-type
sing-box-service-type
#:export (sing-box-service-type
sing-box-configuration
tailscale-configuration
tailscale-service-type))
;;;
;;; iwd
;;;
(define %iwd-config-general
'(enable-network-configuration?
use-default-interface?
address-randomization
address-randomization-range
roam-threshold
roam-threshold-5g
roam-retry-interval
management-frame-protection
control-port-over-nl80211?
disable-anqp?
disable-ocv?
country))
(define %iwd-config-network
'(enable-ipv6?
name-resolving-service
route-priority-offset))
(define %iwd-config-blacklist
'(initial-timeout
multiplier
maximum-timeout))
(define %iwd-config-rank
'(band-modifier-5ghz
band-modifier-6ghz))
(define %iwd-config-scan
'(disable-periodic-scan?
initial-periodic-scan-interval
maximum-periodic-scan-interval
disable-roaming-scan?))
(define %iwd-config-ipv4
'(ap-address-pool))
(define %iwd-config-driver-quirks
'(default-interface
force-pae
power-save-disable))
(define (uglify-field-name field-name)
(case field-name
((control-port-over-nl80211?) "ControlPortOverNL80211")
((disable-anqp?) "DisableANQP")
((disable-ocv?) "DisableOCV")
((enable-ipv6?) "EnableIPv6")
((ap-address-pool) "APAddressPool")
(else (string-delete char-set:punctuation
(string-capitalize (symbol->string field-name))))))
(define (serialize-field field-name val)
(format #f "~a = ~a~%" (uglify-field-name field-name) val))
(define serialize-string serialize-field)
(define-maybe string)
(define (serialize-boolean field-name val)
(serialize-field field-name (if val "true" "false")))
(define-maybe boolean)
(define cidr4? (@@ (gnu services vpn) cidr4?))
(define serialize-cidr4 serialize-field)
(define-maybe cidr4)
(define (randomization-method? val)
(memv val '(#f once network)))
(define (serialize-randomization-method field-name val)
(serialize-field field-name (or val 'disabled)))
(define-maybe randomization-method)
(define (randomization-range? val)
(memv val '(full nic)))
(define serialize-randomization-range serialize-field)
(define-maybe randomization-range)
(define (signal-strength? val)
(and (number? val)
(>= val -100)
(<= val 1)))
(define serialize-signal-strength serialize-field)
(define-maybe signal-strength)
(define (seconds? val)
(and (integer? val)
(not (negative? val))))
(define serialize-seconds serialize-field)
(define-maybe seconds)
(define (protection-mode? val)
(memv val '(0 1 2)))
(define serialize-protection-mode serialize-field)
(define-maybe protection-mode)
(define (resolution-method? val)
(memv val '(#f resolvconf)))
(define (serialize-resolution-method field-name val)
(serialize-field field-name (or val 'none)))
(define serialize-integer serialize-field)
(define-maybe integer)
(define serialize-number serialize-field)
(define-maybe number)
(define (serialize-list-of-strings field-name val)
(serialize-field field-name (string-join val ",")))
(define-maybe list-of-strings)
(define list-of-cidr4? (list-of cidr4?))
(define serialize-list-of-cidr4 serialize-list-of-strings)
(define-maybe list-of-cidr4)
(define-configuration iwd-configuration
(iwd
(file-like iwd)
"The iwd package to use.")
(log-file
(string "/var/log/iwd.log")
"Log file location.")
;; General
(enable-network-configuration?
(boolean #f)
"Enable network configuration.")
(use-default-interface?
maybe-boolean
"Do not allow iwd to destroy / recreate wireless interfaces at startup,
including default interfaces.")
(address-randomization
maybe-randomization-method
"Available values are @code{#f}, @code{once} and @code{network}. @code{#f}
for default kernel behavior, @code{once} to randomize the MAC address when iwd
starts or the hardware is detected for the first time, @code{network} to
randomize the MAC address on each connection to a network (the MAC address is
generated based on the SSID and permanent address of the adapter).")
(address-randomization-range
maybe-randomization-range
"Available values are @code{nic} and @code{full}. @code{nic} to only
randomize the NIC specific octets (last 3 ones), @code{full} to randomize all
6 octets of the address.")
(roam-threshold
maybe-signal-strength
"Value in dBm, control how aggressively iwd roams when connected to a 2.4Ghz
access point.")
(roam-threshold-5g
maybe-signal-strength
"Value in dBm, control how aggressively iwd roams when connected to a 5Ghz
access point.")
(roam-retry-interval
maybe-seconds
"How long to wait before attempting to roam again if the last roam attempt
failed, or if the signal of the newly connected BSS is still considered weak.")
(management-frame-protection
maybe-protection-mode
"Available values are @code{0}, @code{1} and @code{2}. @code{0} to
completely turn off MFP (even if the hardware is capable), @code{1} to enable
MFP if the local hardware and remote AP both support it, @code{2} to always
require MFP.")
(control-port-over-nl80211?
maybe-boolean
"Enable sending EAPoL packets over NL80211.")
(disable-anqp?
maybe-boolean
"Disable ANQP queries.")
(disable-ocv?
maybe-boolean
"Disable Operating Channel Validation.")
(country
maybe-string
"ISO Alpha-2 Country Code. Request the country to be set for the system.")
;; Network
(enable-ipv6?
maybe-boolean
"Configure IPv6 addresses and routes.")
(name-resolving-service
(resolution-method 'resolvconf)
"Available values are @code{resolvconf} and @code{#f}. Configure a DNS
resolution method used by the system and must be used in conjunction with
@code{enable-network-configuration?}. @code{#f} to ignore DNS and domain name
information.")
(route-priority-offset
maybe-integer
"Configure a route priority offset used by the system to prioritize the
default routes. The route with lower priority offset is preferred.")
;; Blacklist
(initial-timeout
maybe-seconds
"The initial time that a BSS spends on the blacklist.")
(multiplier
maybe-integer
"If the BSS was blacklisted previously and another connection attempt has
failed after the initial timeout has expired, then the BSS blacklist time will
be extended by a multiple of @code{multiplier} for each unsuccessful attempt up
to @code{maximum-timeout} time.")
(maximum-timeout
maybe-seconds
"Maximum time that a BSS is blacklisted.")
;; Rank
(band-modifier-5ghz
maybe-number
"Increase or decrease the preference for 5GHz access points by increasing or
decreasing the value of this modifier.")
(band-modifier-6ghz
maybe-number
"Increase or decrease the preference for 6GHz access points by increasing or
decreasing the value of this modifier.")
;; Scan
(disable-periodic-scan?
maybe-boolean
"Disable periodic scan.")
(initial-periodic-scan-interval
maybe-seconds
"The initial periodic scan interval upon disconnect.")
(maximum-periodic-scan-interval
maybe-seconds
"The maximum periodic scan interval.")
(disable-roaming-scan?
maybe-boolean
"Disable roaming scan.")
;; IPv4
(ap-address-pool
maybe-list-of-cidr4
"Define the space of IPs used for the AP mode subnet addresses and the DHCP
server.")
;; DriverQuirks
(default-interface
maybe-list-of-strings
"List of drivers or glob matches. If a driver in use matches one in this
list, IWD will not attempt to remove and re-create the default interface.")
(force-pae
maybe-list-of-strings
"List of drivers or glob matches. If a driver in use matches one in this
list, @code{control-port-over-nl80211?} will not be used, and PAE will be used
instead.")
(power-save-disable
maybe-list-of-strings
"List of drivers or glob matches. If a driver in use matches one in this
list, power save will be disabled."))
(define (serialize-iwd-configuration config)
(apply mixed-text-file "main.conf"
(append-map
(match-lambda
((section . fields)
(list "[" section "]\n"
(serialize-configuration
config
(filter-configuration-fields
iwd-configuration-fields
fields)))))
`(("General" . ,%iwd-config-general)
("Network" . ,%iwd-config-network)
("Blacklist" . ,%iwd-config-blacklist)
("Rank" . ,%iwd-config-rank)
("Scan" . ,%iwd-config-scan)
("IPv4" . ,%iwd-config-ipv4)
("DriverQuirks" . ,%iwd-config-driver-quirks)))))
(define (add-iwd-config-file config)
`(("iwd/main.conf"
,(serialize-iwd-configuration config))))
(define add-iwd-package
(compose list iwd-configuration-iwd))
(define (iwd-shepherd-service config)
(match-record config <iwd-configuration>
(iwd log-file
enable-network-configuration? name-resolving-service)
(let ((conf (serialize-iwd-configuration config)))
(list (shepherd-service
(documentation "Run iwd")
(provision `(,@(if enable-network-configuration?
'(networking)
'())
iwd))
(requirement '(user-processes dbus-system))
(start #~(make-forkexec-constructor
(list (string-append #$iwd "/libexec/iwd"))
#:log-file #$log-file))
(stop #~(make-kill-destructor))
(actions
(list (shepherd-configuration-action "/etc/iwd/main.conf"))))))))
(define iwd-service-type
(service-type
(name 'iwd)
(extensions
(list (service-extension shepherd-root-service-type
iwd-shepherd-service)
(service-extension dbus-root-service-type
add-iwd-package)
(service-extension etc-service-type
add-iwd-config-file)
(service-extension profile-service-type
add-iwd-package)
(service-extension log-rotation-service-type
(compose list iwd-configuration-log-file))))
(default-value (iwd-configuration))
(description "Run iwd, the iNet wireless daemon.")))
;;;
;;; sing-box
;;;

131
modules/rosenthal/services/web.scm
View File

@ -26,6 +26,9 @@
forgejo-configuration
forgejo-service-type
iocaine-service-type
iocaine-configuration
jellyfin-configuration
jellyfin-service-type
@ -79,9 +82,7 @@
(program (file-append caddy "/bin/caddy"))
(capabilities "cap_net_bind_service=+ep")))))
(define caddy-activation
(match-record-lambda <caddy-configuration>
(caddyfile)
(define (caddy-activation config)
(with-imported-modules
(source-module-closure '((guix build utils)
(gnu build activation)))
@ -89,17 +90,14 @@
(use-modules (srfi srfi-26)
(guix build utils)
(gnu build activation))
(let* ((config-dir "/etc/caddy")
(data-dir "/var/lib/caddy")
(config-file (in-vicinity config-dir "Caddyfile"))
(user (getpwnam "caddy")))
(for-each (cut mkdir-p/perms <> user #o750)
(list config-dir data-dir))
(copy-file #$caddyfile config-file)
(for-each
(lambda (file)
(chown file (passwd:uid user) (passwd:gid user)))
(find-files data-dir #:directories? #t)))))))
(let ((user (getpwnam "caddy")))
(mkdir-p/perms "/var/lib/caddy" user #o750)
(mkdir-p/perms "/var/log/caddy" user #o755)))))
(define caddy-etc
(match-record-lambda <caddy-configuration>
(caddyfile)
`(("caddy/Caddyfile" ,caddyfile))))
(define caddy-shepherd-services
(match-record-lambda <caddy-configuration>
@ -119,6 +117,20 @@
#:environment-variables '("HOME=/var/lib/caddy")))
(stop
#~(make-kill-destructor))
(actions
(list (shepherd-configuration-action "/etc/caddy/Caddyfile")
(shepherd-action
(name 'reload)
(documentation "Reload Caddy configuration file.")
(procedure
#~(lambda (pid)
(if pid
(begin
(invoke "/run/privileged/bin/caddy" "reload"
"--config" "/etc/caddy/Caddyfile")
(display "Service caddy has been asked to \
reload its configuration file."))
(display "Service caddy is not running.")))))))
(auto-start? auto-start?)))))
(define caddy-service-type
@ -127,10 +139,12 @@
(extensions
(list (service-extension account-service-type
caddy-accounts)
(service-extension privileged-program-service-type
caddy-privileged-programs)
(service-extension activation-service-type
caddy-activation)
(service-extension etc-service-type
caddy-etc)
(service-extension privileged-program-service-type
caddy-privileged-programs)
(service-extension shepherd-root-service-type
caddy-shepherd-services)))
(default-value #f)
@ -230,6 +244,91 @@
(default-value (forgejo-configuration))
(description "Run Forgejo.")))
;;;
;;; Iocaine
;;;
(define-configuration/no-serialization iocaine-configuration
(iocaine
(file-like iocaine/dolly)
"")
(config
file-object
"")
(log-file
(string "/var/log/iocaine.log")
"")
(shepherd-provision
(list-of-symbols '(iocaine))
"")
(shepherd-requirement
(list-of-symbols '(loopback))
"")
(auto-start?
(boolean #t)
""))
(define iocaine-accounts
(list (user-group (name "iocaine") (system? #t))
(user-account
(name "iocaine")
(group "iocaine")
(system? #t)
(comment "Iocaine user")
(home-directory "/var/empty"))))
(define iocaine-etc
(match-record-lambda <iocaine-configuration>
(config)
`(("iocaine/iocaine.toml" ,config))))
(define iocaine-shepherd-service
(match-record-lambda <iocaine-configuration>
(iocaine log-file shepherd-provision shepherd-requirement auto-start?)
(list (shepherd-service
(provision shepherd-provision)
(requirement (cons 'user-processes shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append iocaine "/bin/iocaine")
"--config-file" "/etc/iocaine/iocaine.toml")
#:user "iocaine"
#:group "iocaine"
#:log-file #$log-file))
(stop #~(make-kill-destructor))
(actions
(list (shepherd-configuration-action "/etc/iocaine/iocaine.toml")
(shepherd-action
(name 'test)
(documentation "Test Iocaine configuration file.")
(procedure
#~(lambda (pid)
(if pid
(begin
(invoke #$(file-append iocaine "/bin/iocaine")
"--config-file" "/etc/iocaine/iocaine.toml"
"test")
(display "Service iocaine has been asked to \
test its configuration file."))
(display "Service iocaine is not running.")))))))
(auto-start? auto-start?)))))
(define iocaine-service-type
(service-type
(name 'iocaine)
(extensions
(list (service-extension account-service-type
(const iocaine-accounts))
(service-extension etc-service-type
iocaine-etc)
(service-extension shepherd-root-service-type
iocaine-shepherd-service)
(service-extension log-rotation-service-type
(compose list iocaine-configuration-log-file))))
(description "")))
;;;
;;; Jellyfin

13
modules/rosenthal/utils/file.scm
View File

@ -16,11 +16,20 @@
(computed-file
name
#~(begin
(use-modules (guix build utils))
(use-modules (ice-9 match)
(guix build utils))
(copy-file #$file #$output)
(substitute* #$output
(("\\$\\$([^\\$]+)\\$\\$" _ path)
(search-path '#$inputs path)))))))
(let loop ((candidates '#$inputs))
(if (null? candidates)
(error "file '~a' not found" path)
(match candidates
((candidate . rest)
(let ((full-path (in-vicinity candidate path)))
(if (file-exists? full-path)
full-path
(loop rest)))))))))))))
(define (file-content file)
(call-with-input-file (canonicalize-path file) get-string-all))

46
modules/rosenthal/utils/transformations.scm
View File

@ -5,11 +5,16 @@
#:use-module (srfi srfi-1)
#:use-module (guix channels)
#:use-module (guix gexp)
#:use-module (guix packages)
#:use-module (guix utils)
#:use-module (gnu system)
#:use-module (gnu services)
#:use-module (gnu services base)
#:use-module (rosenthal services file-systems)
#:use-module (gnu packages package-management)
#:export (rosenthal-transformation-guix))
#:use-module (gnu packages file-systems)
#:export (rosenthal-transformation-guix
rosenthal-transformation-zfs))
(define* (rosenthal-transformation-guix #:key (substitutes? #t)
@ -37,6 +42,13 @@
(operating-system
(inherit os)
(services
(cons* (simple-service 'guix-moe guix-service-type
(guix-extension
(authorized-keys
(list %rosenthal-signing-key))
(substitute-urls
'("https://cache-cdn.guix.moe"))))
(modify-services (operating-system-user-services os)
(guix-service-type
config => (guix-configuration
@ -46,18 +58,28 @@
(guix-configuration-channels config)))
(if channel?
(cons %rosenthal-channel
(or configured-channels %default-channels))
(or configured-channels
%default-channels))
configured-channels)))
(guix
(if guix-source?
(guix-for-channels channels)
(guix-configuration-guix config)))
(authorized-keys
(cons %rosenthal-signing-key
(guix-configuration-authorized-keys config)))
(substitute-urls
(delete-duplicates
`(,@(guix-configuration-substitute-urls config)
,@(if substitutes?
'("https://ci.boiledscript.com")
'())))))))))))
(guix-configuration-guix config)))))))))))
;; NOTE: Booting from ZFS requires patching Guix.
(define* (rosenthal-transformation-zfs #:key boot?)
(lambda (os)
(operating-system
(inherit os)
(kernel-loadable-modules
`(,@(if boot?
`((,(package/inherit zfs
(arguments
(substitute-keyword-arguments (package-arguments zfs)
((#:linux _ #f) (operating-system-kernel os)))))
"module"))
'())
,@(operating-system-kernel-loadable-modules os)))
(services
(cons* (service zfs-service-type)
(operating-system-user-services os))))))