Version 0.1.0.
This commit is contained in:
		
				commit
				
					
						f1ef7ccc04
					
				
			
		
					 7 changed files with 1894 additions and 0 deletions
				
			
		
							
								
								
									
										1
									
								
								.gitignore
									
										
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										1
									
								
								.gitignore
									
										
									
									
										vendored
									
									
										Normal file
									
								
							|  | @ -0,0 +1 @@ | |||
| *~ | ||||
							
								
								
									
										4
									
								
								.guix-authorizations
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								.guix-authorizations
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,4 @@ | |||
| (authorizations | ||||
|  (version 0) | ||||
|  (("E23C 21ED 864F F4F3 A711  4CDF CA47 1FD5 0161 8A49" | ||||
|    (name "black-hole@rdmp.org")))) | ||||
							
								
								
									
										182
									
								
								config/config.scm
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										182
									
								
								config/config.scm
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,182 @@ | |||
| ;;  Nu-2 --- Operating system for headless production servers. | ||||
| ;;  Copyright © 2024  Dale Mellor | ||||
| ;; | ||||
| ;;  This file is part of nu-2. | ||||
| ;; | ||||
| ;;  Nu-2 is free software; you can redistribute it and/or modify it under | ||||
| ;;  the terms of the GNU General Public License as published by the Free | ||||
| ;;  Software Foundation; either version 3 of the License, or (at your | ||||
| ;;  option) any later version. | ||||
| ;; | ||||
| ;;  Nu-2 is distributed in the hope that it will be useful, but WITHOUT | ||||
| ;;  ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||||
| ;;  FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License | ||||
| ;;  for more details. | ||||
| ;; | ||||
| ;;  You should have received a copy of the GNU General Public License | ||||
| ;;  along with Nu-2.  If not, see <http://www.gnu.org/licenses/>. | ||||
| 
 | ||||
| 
 | ||||
| (use-modules (gnu) (guix) (ice-9 textual-ports)) | ||||
| 
 | ||||
| (use-service-modules admin | ||||
|                      base | ||||
|                      mcron | ||||
|                      networking | ||||
|                      ssh  security  shepherd  sysctl | ||||
|                      web) | ||||
| 
 | ||||
| (use-package-modules bash | ||||
|                      certs   compression | ||||
|                      emacs | ||||
|                      file | ||||
|                      gawk   guile | ||||
|                      less   linux | ||||
|                      package-management | ||||
|                      ssh | ||||
|                      tls | ||||
|                      version-control) | ||||
| 
 | ||||
| (define vm-image-motd (plain-file "motd" " | ||||
| \x1b[1;37mThis is the Nu-2 system.  Welcome!\x1b[0m | ||||
| ")) | ||||
| 
 | ||||
| 
 | ||||
| (operating-system | ||||
|   | ||||
|  (host-name "nu-2") | ||||
| 
 | ||||
|  (kernel (customize-linux #:name "nu-2-linux" | ||||
| 			  #:linux (specification->package "linux-libre@6.8") | ||||
|                           #:defconfig (local-file "linux.config"))) | ||||
|  (kernel-loadable-modules '()) | ||||
|  (kernel-arguments (list "console=ttyS0,115200")) | ||||
| 
 | ||||
|  (initrd-modules '("virtio_blk" "virtio_pci")) | ||||
| 
 | ||||
|  (bootloader (bootloader-configuration | ||||
|               (bootloader grub-bootloader) | ||||
|               ;;  Set to some number of seconds (like, 20) if you want to | ||||
|               ;;  give yourself a chance at interrupting the GRUB boot | ||||
|               ;;  sequence. | ||||
|               (timeout 0) | ||||
|               (targets '("/dev/vda")) | ||||
|               (terminal-outputs '(console)))) | ||||
| 
 | ||||
|  ;; Label for the GRUB boot menu. | ||||
|  (label (string-append "nu-2 " | ||||
|                        (or (getenv "GUIX_DISPLAYED_VERSION") | ||||
|                            (package-version guix)))) | ||||
| 
 | ||||
|  ;; Modify these to taste. | ||||
|  (timezone "Etc/UTC") | ||||
|  (locale "en_US.utf8") | ||||
| 
 | ||||
|  ;; You might not like this (just take it out!) | ||||
|  (keyboard-layout (keyboard-layout "us" "dvorak" | ||||
|                                    #:options '("ctrl:nocaps"))) | ||||
| 
 | ||||
|  (firmware '()) | ||||
| 
 | ||||
|  (file-systems (cons (file-system | ||||
|                       (device "/dev/vda2") | ||||
|                       (mount-point "/") | ||||
|                       (type "ext4")) | ||||
|                      %base-file-systems)) | ||||
| 
 | ||||
|  (users (cons (user-account | ||||
|                (name "admin") | ||||
|                ;; If you want to log in to the console as admin user, you | ||||
|                ;; will need to put a password in here. | ||||
|                (password "*") | ||||
|                (group "users") | ||||
|                (supplementary-groups '("wheel" "netdev" | ||||
|                                        "audio" "video"))) | ||||
|               %base-user-accounts)) | ||||
| 
 | ||||
|   ;; Our /etc/sudoers file.  Since 'admin' initially has an empty | ||||
|   ;; password, allow for password-less sudo. | ||||
|  (sudoers-file (plain-file "sudoers" "\ | ||||
| root ALL=(ALL) ALL | ||||
| %wheel ALL=NOPASSWD: ALL\n")) | ||||
| 
 | ||||
|   ;; Just enough essential parts to get us out of a sticky situation if | ||||
|   ;; necessary. | ||||
|   (packages (list bash | ||||
|                   coreutils | ||||
|                   diffutils | ||||
|                   ;;  Change to vim if you must. | ||||
|                   emacs-minimal | ||||
|                   file  findutils | ||||
|                   gawk  git  glibc   ;; Utilities like ldd. | ||||
|                         grep | ||||
|                   iproute | ||||
|                   less | ||||
|                   module-init-tools  ;; Utilities like lsmod. | ||||
|                   nss-certs | ||||
|                   procps | ||||
|                   sed | ||||
|                   tar | ||||
|                   which | ||||
|                   )) | ||||
| 
 | ||||
|  (services | ||||
|    (list | ||||
| 
 | ||||
|     (service dhcp-client-service-type) | ||||
| 
 | ||||
|     (service ntp-service-type) | ||||
| 
 | ||||
|     (service openssh-service-type | ||||
|              (openssh-configuration | ||||
|               (openssh openssh-sans-x) | ||||
|               ;; Use anything you want here, or delete this line to use | ||||
|               ;; the standard port 22. | ||||
|               (port-number 26544) | ||||
|               (password-authentication? #f) | ||||
|               (use-pam? #f) | ||||
|               (subsystems | ||||
|                `(("sftp" ,(file-append openssh "/libexec/sftp-server")))) | ||||
|               (authorized-keys | ||||
|                `(("admin" | ||||
|                   ,(local-file "ssh-key.public")))))) | ||||
| 
 | ||||
|     ;;  This allows root to get in without a password on the console. | ||||
|     ;;  Remove this line if you can reliably log in by SSH. | ||||
|     (service login-service-type) | ||||
| 
 | ||||
|     (service syslog-service-type) | ||||
| 
 | ||||
|     (service agetty-service-type (agetty-configuration | ||||
|                                   (extra-options '("-L")) ; no carrier detect | ||||
|                                   (term "vt100") | ||||
|                                   (tty #f) ; automatic | ||||
|                                   (shepherd-requirement '(syslogd)))) | ||||
| 
 | ||||
|     (service static-networking-service-type | ||||
|              (list %loopback-static-networking)) | ||||
|     (service urandom-seed-service-type) | ||||
|     (service guix-service-type) | ||||
|     (service nscd-service-type) | ||||
| 
 | ||||
|     (service rottlog-service-type) | ||||
| 
 | ||||
|     ;; Periodically delete old build logs. | ||||
|     (service log-cleanup-service-type | ||||
|              (log-cleanup-configuration | ||||
|               (directory "/var/log/guix/drvs"))) | ||||
|      | ||||
|     ;; The LVM2 rules are needed as soon as LVM2 or the device-mapper is | ||||
|     ;; used, so enable them by default.  The FUSE and ALSA rules are | ||||
|     ;; less critical, but handy. | ||||
|     (service udev-service-type | ||||
|              (udev-configuration | ||||
|               (rules (list lvm2 fuse alsa-utils crda)))) | ||||
|      | ||||
|     (service sysctl-service-type) | ||||
|      | ||||
|     (service special-files-service-type | ||||
|              `(("/bin/sh" ,(file-append bash "/bin/sh")) | ||||
|                ("/usr/bin/env" ,(file-append coreutils "/bin/env"))))) | ||||
|     | ||||
|    )) | ||||
							
								
								
									
										1662
									
								
								config/linux.config
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										1662
									
								
								config/linux.config
									
										
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load diff
											
										
									
								
							
							
								
								
									
										7
									
								
								config/ssh-key.private
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								config/ssh-key.private
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,7 @@ | |||
| -----BEGIN OPENSSH PRIVATE KEY----- | ||||
| b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW | ||||
| QyNTUxOQAAACAp8dICt4hVLnjLMRGrogwJ/Ww+7Uun+DnqjszSckDGcgAAAJD+wp7u/sKe | ||||
| 7gAAAAtzc2gtZWQyNTUxOQAAACAp8dICt4hVLnjLMRGrogwJ/Ww+7Uun+DnqjszSckDGcg | ||||
| AAAEBLxPD48Cpe36l+pJ3S52+e2fce8Aou9gybPG9IAG7nASnx0gK3iFUueMsxEauiDAn9 | ||||
| bD7tS6f4OeqOzNJyQMZyAAAAB2RhbGVAbDcBAgMEBQY= | ||||
| -----END OPENSSH PRIVATE KEY----- | ||||
							
								
								
									
										1
									
								
								config/ssh-key.public
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										1
									
								
								config/ssh-key.public
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1 @@ | |||
| ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICnx0gK3iFUueMsxEauiDAn9bD7tS6f4OeqOzNJyQMZy dale@l7 | ||||
							
								
								
									
										37
									
								
								run-emu.sh
									
										
									
									
									
										Executable file
									
								
							
							
						
						
									
										37
									
								
								run-emu.sh
									
										
									
									
									
										Executable file
									
								
							|  | @ -0,0 +1,37 @@ | |||
| #!/bin/bash | ||||
| 
 | ||||
| #  Nu-2 --- Operating system for headless production servers. | ||||
| #  Copyright © 2024  Dale Mellor | ||||
| #  | ||||
| #  This file is part of nu-2. | ||||
| #  | ||||
| #  Nu-2 is free software; you can redistribute it and/or modify it under | ||||
| #  the terms of the GNU General Public License as published by the Free | ||||
| #  Software Foundation; either version 3 of the License, or (at your | ||||
| #  option) any later version. | ||||
| #  | ||||
| #  Nu-2 is distributed in the hope that it will be useful, but WITHOUT ANY | ||||
| #  WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||||
| #  FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License | ||||
| #  for more details. | ||||
| #  | ||||
| #  You should have received a copy of the GNU General Public License along | ||||
| #  with Nu-2.  If not, see <http://www.gnu.org/licenses/>. | ||||
| 
 | ||||
| 
 | ||||
| if [ "x$1" == "x" ]; then | ||||
|     echo "run-emu: provide qcow2 image" | ||||
| else | ||||
| 
 | ||||
|     # You might want to tweak the allocated memory (-m) and number of | ||||
|     # processor cores (-smp) according to your available hardware. | ||||
| 
 | ||||
|     qemu-system-x86_64                                             \ | ||||
|         -netdev bridge,br=emu,id=n                                 \ | ||||
|             -device virtio-net,netdev=n,mac=00:00:10:04:00:99      \ | ||||
|         -drive if=none,file="$1.qcow2",id=a                        \ | ||||
|             -device virtio-blk,drive=a                             \ | ||||
|         -enable-kvm   -m 4G   -smp 8                               \ | ||||
|         -nographic | ||||
| 
 | ||||
| fi | ||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue
	
	 Dale Mellor
				Dale Mellor