3 files changed, 175 insertions, 0 deletions
diff --git a/channels.scm b/channels.scm
new file mode 100644
index 0000000..5c3c2e6
--- /dev/null
+++ b/channels.scm
@@ -0,0 +1,10 @@
+(cons* (channel
+	 (name 'nonguix)
+	 (url "https://gitlab.com/nonguix/nonguix")
+	 ;; Enable signature verification:
+	 (introduction
+	   (make-channel-introduction
+	     "897c1a470da759236cc11798f4e0a5f7d4d59fbc"
+	     (openpgp-fingerprint
+	       "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5"))))
+       %default-channels)
diff --git a/dom0/files/nonguix-signing-key.pub b/dom0/files/nonguix-signing-key.pub
new file mode 100644
index 0000000..56ee811
--- /dev/null
+++ b/dom0/files/nonguix-signing-key.pub
@@ -0,0 +1,6 @@
+(public-key 
+ (ecc 
+  (curve Ed25519)
+  (q #C1FD53E5D4CE971933EC50C9F307AE2171A2D3B52C804642A7A35F84F3A4EA98#)
+  )
+ )
diff --git a/dom0/system.scm b/dom0/system.scm
new file mode 100644
index 0000000..e009309
--- /dev/null
+++ b/dom0/system.scm
@@ -0,0 +1,159 @@
+;; Modules to import to access variables used.
+(define-module (dom0 system)
+  #:use-module (gnu)
+  #:use-module (nongnu packages linux)
+  #:use-module (nongnu system linux-initrd)
+  #:use-module (nongnu packages nvidia)
+  #:use-module (nongnu services nvidia))
+
+(use-service-modules linux guix desktop pm audio virtualization 
+		     networking dbus xorg avahi)
+(use-package-modules linux audio libusb wm fonts
+		     freedesktop vim cryptsetup version-control)
+
+(operating-system
+  (locale "en_GB.utf8")
+  (timezone "Europe/London")
+  (keyboard-layout (keyboard-layout "gb"))
+  (host-name "cc")
+
+  ;; Users ('root' is implicit).
+  (users (cons* (user-account
+                  (name "dom0")
+                  (comment "dom0")
+                  (group "users")
+                  (home-directory "/home/dom0")
+                  (supplementary-groups '("wheel" "libvirt" "kvm"
+					  "netdev" "audio" "video")))
+                %base-user-accounts))
+
+  (bootloader (bootloader-configuration
+		(bootloader grub-efi-bootloader)
+		(targets (list "/boot/efi"))
+		(keyboard-layout keyboard-layout)))
+
+  ;; replace post-install
+  (swap-devices (list (swap-space
+			(target (uuid
+				  "49cbaf9f-82ba-4e90-8701-0613f8500b9a")))))
+  ;; luks setup - uncomment post-install
+  ;; and provide source UUID once known
+  ;;(mapped-devices (list (mapped-device
+  ;;			  (source (uuid ""))
+  ;;			  (target "<label>")
+  ;;			  (type luks-device-mapping))))
+
+
+  ;; List of file systems to mount
+  ;; Run 'blkid' for UUIDs.
+  ;; Will change after install
+  (file-systems (cons* (file-system
+                         (mount-point "/boot/efi")
+                         (device (uuid "D329-C675"
+                                       'fat32))
+                         (type "vfat"))
+                       (file-system
+                         (mount-point "/")
+                         (device (uuid
+                                  "7510a74d-fc8a-4cf4-a947-2e3140368cec"
+                                  'ext4))
+                         (type "ext4")) %base-file-systems))
+
+  ;; Non-free
+  (kernel linux)
+  (kernel-arguments '("modprobe.blacklist=noveau"
+		      "nvidia_drm.modeset=1"
+		      "quiet"))
+  (firmware (list linux-firmware))
+  (initrd microcode-initrd)
+
+  ;; Services (system-wide)
+  (services (append
+	      (modify-services %base-services
+			       (delete login-service-type)
+			       (delete mingetty-service-type)
+			       (delete console-font-service-type)
+			       ;; Add non-free substitutes
+			       (guix-service-type
+				 config =>
+				 (guix-configuration
+				   (inherit config)
+				   (substitute-urls
+				     (append (list "https://substitutes.nonguix.org")
+					     %default-substitute-urls))
+				     (authorized-keys
+				       (append (list (local-file "files/nonguix-signing-key.pub"))
+					       %default-authorized-guix-keys)))))
+	      (list 
+	      ;; NVIDIA
+	      (service nvidia-service-type)
+              (service kernel-module-loader-service-type 
+		       '("nvidia"))
+	      ;; systemd dependencies
+	      (service elogind-service-type)
+
+	      ;; PAM and login
+	      (service greetd-service-type
+		       (greetd-configuration
+			 (greeter-supplementary-groups (list "video" "input"))
+                         (terminals
+			   (list
+			     (greetd-terminal-configuration
+			       (terminal-vt "1")
+			       (terminal-switch #t))
+			     (greetd-terminal-configuration (terminal-vt "2"))
+			     (greetd-terminal-configuration (terminal-vt "3"))))))
+
+	      (service console-font-service-type
+		       (map (lambda (tty)
+			    (cons tty (file-append
+					font-terminus
+					"/share/consolefonts/ter-132n")))
+			    '("tty1" "tty2" "tty3")))
+
+	      (service screen-locker-service-type
+		       (screen-locker-configuration
+			 (name "swaylock")
+			 (program (file-append swaylock "/bin/swaylock"))
+			 (using-pam? #t)
+			 (using-setuid? #t)))
+
+	      ;; Networking
+	      (service network-manager-service-type)
+	      (service wpa-supplicant-service-type)
+	      (service modem-manager-service-type)
+	      
+	      ;; dbus
+	      (service avahi-service-type)
+	      (service udisks-service-type)
+	      (service accountsservice-service-type)
+	      (service colord-service-type)
+	      (service polkit-service-type)
+	      (service dbus-root-service-type)
+
+	      ;; Cleanup stayle font cache
+              fontconfig-file-system-service
+
+	      ;; Power and thermals
+	      (service thermald-service-type)
+	      (service power-profiles-daemon-service-type)
+
+	      ;; Xwayland
+	      (service x11-socket-directory-service-type)
+
+	      ;; Time
+	      (service ntp-service-type)
+
+	      ;; Virtualization
+	      (service libvirt-service-type)
+	      
+	      ;; udev
+	      (udev-rules-service 'pipewire-add-udev-rules pipewire))))
+
+  ;; Packages (system-wide) 
+  (packages (cons* vim
+		   foot 
+		   git
+		   cryptsetup
+		   strace
+		   %base-packages)))