Skip to content

Instantly share code, notes, and snippets.

@mbakke
Last active April 26, 2024 23:26
Show Gist options
  • Save mbakke/c91e0eb3d906efd54c88a70c0e25c390 to your computer and use it in GitHub Desktop.
Save mbakke/c91e0eb3d906efd54c88a70c0e25c390 to your computer and use it in GitHub Desktop.
GuixSD with custom kernel
(define-module (my packages)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (gnu packages linux)
#:use-module (guix build-system trivial)
#:use-module (gnu)
#:use-module (guix download)
#:use-module (guix git-download)
#:use-module (guix packages))
(define (linux-nonfree-urls version)
"Return a list of URLs for Linux-Nonfree VERSION."
(list (string-append
"https://www.kernel.org/pub/linux/kernel/v4.x/"
"linux-" version ".tar.xz")))
;; Remove this and native-inputs below to use the default config from Guix.
;; Make sure the kernel minor version matches, though.
(define kernel-config
(string-append (dirname (current-filename)) "/kernel.config"))
(define-public linux-nonfree
(package
(inherit linux-libre)
(name "linux-nonfree")
(version "4.13.11")
(source (origin
(method url-fetch)
(uri (linux-nonfree-urls version))
(sha256
(base32
"1vzl2i72c8iidhdc8a490npsbk7q7iphjqil4i9609disqw75gx4"))))
(native-inputs
`(("kconfig" ,kernel-config)
,@(alist-delete "kconfig"
(package-native-inputs linux-libre))))
(synopsis "Mainline Linux kernel, nonfree binary blobs included")
(description "Linux is a kernel.")
(license license:gpl2) ;XXX with proprietary firmware
(home-page "https://kernel.org")))
(define (linux-firmware-version) "9d40a17beaf271e6ad47a5e714a296100eef4692")
(define (linux-firmware-source version)
(origin
(method git-fetch)
(uri (git-reference
(url (string-append "https://git.kernel.org/pub/scm/linux/kernel"
"/git/firmware/linux-firmware.git"))
(commit version)))
(file-name (string-append "linux-firmware-" version "-checkout"))
(sha256
(base32
"099kll2n1zvps5qawnbm6c75khgn81j8ns0widiw0lnwm8s9q6ch"))))
(define-public iwlwifi-firmware-nonfree
(package
(name "iwlwifi-firmware-nonfree")
(version (linux-firmware-version))
(source (linux-firmware-source version))
(build-system trivial-build-system)
(arguments
`(#:modules ((guix build utils))
#:builder (begin
(use-modules (guix build utils))
(let ((source (assoc-ref %build-inputs "source"))
(fw-dir (string-append %output "/lib/firmware/")))
(mkdir-p fw-dir)
(for-each (lambda (file)
(copy-file file
(string-append fw-dir (basename file))))
(find-files source
"iwlwifi-.*\\.ucode$|LICENSE\\.iwlwifi_firmware$"))
#t))))
(home-page "https://wireless.wiki.kernel.org/en/users/drivers/iwlwifi")
(synopsis "Non-free firmware for Intel wifi chips")
(description "Non-free iwlwifi firmware")
(license (license:non-copyleft
"https://git.kernel.org/cgit/linux/kernel/git/firmware/linux-firmware.git/tree/LICENCE.iwlwifi_firmware?id=HEAD"))))
(define %sysctl-activation-service
(simple-service 'sysctl activation-service-type
#~(let ((sysctl
(lambda (str)
(zero? (apply system*
#$(file-append procps
"/sbin/sysctl")
"-w" (string-tokenize str))))))
(and
;; Enable IPv6 privacy extensions.
(sysctl "net.ipv6.conf.eth0.use_tempaddr=2")
;; Enable SYN cookie protection.
(sysctl "net.ipv4.tcp_syncookies=1")
;; Log Martian packets.
(sysctl "net.ipv4.conf.default.log_martians=1")))))
(define %powertop-service
(simple-service 'powertop activation-service-type
#~(zero? (system* #$(file-append powertop "/sbin/powertop")
"--auto-tune"))))
(use-modules (gnu)
(guix store) ;for %default-substitute-urls
(gnu system nss)
(my packages)
(srfi srfi-1))
(use-service-modules admin base dbus desktop mcron networking ssh xorg sddm)
(use-package-modules admin bootloaders certs disk fonts file emacs
libusb linux version-control
ssh tls tmux wm xdisorg xorg)
(operating-system
(host-name "kirby")
(timezone "Europe/Oslo")
(kernel linux-nonfree)
(kernel-arguments '("modprobe.blacklist=pcspkr,snd_pcsp"))
;; (locale "en_GB.utf8")
;; (locale-libcs (list glibc-2.24 (canonical-package glibc)))
(firmware (append (list
iwlwifi-firmware-nonfree)
%base-firmware))
(mapped-devices (list (mapped-device
(source "/dev/sda4")
(type luks-device-mapping)
(target "guixhome"))))
(bootloader (bootloader-configuration
(bootloader grub-efi-bootloader)
(target "/boot/efi")))
(file-systems (cons* (file-system
(device "guixroot")
(title 'label)
(mount-point "/")
(needed-for-boot? #t)
(type "ext4"))
(file-system
(device "/dev/mapper/guixhome")
(mount-point "/home")
(type "ext4"))
(file-system
(device "/dev/sda2")
(mount-point "/boot")
(type "vfat"))
%base-file-systems))
(groups (cons (user-group
(name "marius"))
%base-groups))
(users (cons (user-account
(name "marius")
(comment "Meh")
(group "marius")
(supplementary-groups '("wheel" "netdev" "audio" "video" "kvm" "disk"))
(home-directory "/home/marius"))
%base-user-accounts))
(packages (cons*
dosfstools
nss-certs
htop
wpa-supplicant
acpid
i3-wm
i3status
xscreensaver
%base-packages))
(services (cons*
(sddm-service)
(screen-locker-service xscreensaver)
(service wpa-supplicant-service-type)
(service network-manager-service-type)
(upower-service)
(colord-service)
;;(geoclue-service)
(polkit-service)
(elogind-service)
(dbus-service)
(service rottlog-service-type (rottlog-configuration))
(service mcron-service-type)
%sysctl-activation-service
%powertop-service
;; Add udev rules for MTP devices so that non-root users can access
;; them.
(simple-service 'mtp udev-service-type (list libmtp))
;; Store the current configuration with the generation.
(simple-service 'store-my-config
etc-service-type
`(("current-config.scm"
,(local-file (assoc-ref
(current-source-location)
'filename)))))
(ntp-service #:servers '("nissen.uio.no"
"2.no.pool.ntp.org"
"1.no.pool.ntp.org"
"0.sv.pool.ntp.org"))
(modify-services %base-services
(guix-service-type
config =>
(guix-configuration
(inherit config)
(substitute-urls
(cons* "http://192.168.2.11:8181"
"http://192.168.2.5:3000"
"http://137.205.52.16"
%default-substitute-urls))))))))
@ison5002
Copy link

ison5002 commented Feb 3, 2018

I am very interested in giving this a try.
Is it actually in a working state currently? Also do you know anything about the current working status of the fork?
Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment