diff --git a/config.org b/config.org index 69901c9..adf7400 100644 --- a/config.org +++ b/config.org @@ -43,13 +43,13 @@ This is to be run after setting up the partitions. - gnu - gnu image - zilti packages hyprland -- gnu packages gnome - gnu services admin - gnu services authentication - gnu services base - gnu services configuration - gnu services dbus - gnu services desktop +- gnu services docker - gnu services linux - gnu services networking - gnu services pm @@ -86,6 +86,8 @@ This is to be run after setting up the partitions. - emacs-xyz - fonts - gl +- gnome +- linux - pciutils - readline - terminals @@ -209,6 +211,7 @@ These services are unmodified, or have just few settings. | tlp | () | | thermald | ((adaptive? #t)) | | bluetooth | () | +| docker | () | | earlyoom | ((minimum-available-memory 5) (minimum-free-swap 5)) | | inputattach | () | | libvirt | ((unix-sock-group "libvirt")) | @@ -360,9 +363,77 @@ This is the full operating system specification. (name "zilti") (group "users") (supplementary-groups - '("avahi" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "seat"))) + '("avahi" "docker" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "seat"))) %base-user-accounts)) <> <> (name-service-switch %mdns-host-lookup-nss)) #+end_src + +* Other Components + +** Podman + +Podman needs the files =/etc/subuid= and =/etc/subgid=. + +#+begin_src fundamental :tangle etc/subuid :mkdirp yes +zilti:1001:65536 +#+end_src + +#+begin_src fundamental :tangle etc/subgid :mkdirp yes +zilti:1000:1000 +#+end_src + +Then, there is the =policy.json=: + +#+begin_src json :tangle podman/policy.json :mkdirp yes +{ + "default": [ + { + "type": "reject" + } + ], + "transports": { + "docker": { + "docker.io": [ + { + "type": "insecureAcceptAnything" + } + ], + "docker.io/library": [ + { + "type": "insecureAcceptAnything" + } + ], + "registry.access.redhat.com": [ + { + "type": "signedBy", + "keyType": "GPGKeys", + "keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release" + } + ], + "registry.redhat.io": [ + { + "type": "signedBy", + "keyType": "GPGKeys", + "keyPath": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release" + } + ] + }, + "docker-daemon": { + "": [ + { + "type": "insecureAcceptAnything" + } + ] + } + } +} +#+end_src + +And finally the registries. + +#+begin_src conf :tangle podman/registries.conf :mkdirp yes +[registries.search] +registries = ["docker.io", "registry.access.redhat.com", "quay.io"] +#+end_src diff --git a/config.scm b/config.scm index 2783e9e..6d92f5e 100644 --- a/config.scm +++ b/config.scm @@ -2,13 +2,13 @@ (gnu) (gnu image) (zilti packages hyprland) - (gnu packages gnome) (gnu services admin) (gnu services authentication) (gnu services base) (gnu services configuration) (gnu services dbus) (gnu services desktop) + (gnu services docker) (gnu services linux) (gnu services networking) (gnu services pm) @@ -29,6 +29,8 @@ emacs-xyz fonts gl + gnome + linux pciutils readline terminals @@ -72,7 +74,7 @@ (name "zilti") (group "users") (supplementary-groups - '("avahi" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "seat"))) + '("avahi" "docker" "users" "wheel" "netdev" "audio" "cdrom" "video" "libvirt" "seat"))) %base-user-accounts)) (packages (append @@ -120,6 +122,9 @@ (service bluetooth-service-type (bluetooth-configuration)) + (service + docker-service-type + (docker-configuration)) (service earlyoom-service-type (earlyoom-configuration diff --git a/home/emacs/init.el b/home/emacs/init.el index 9af7bb8..6d54182 100644 --- a/home/emacs/init.el +++ b/home/emacs/init.el @@ -812,7 +812,7 @@ Point must be at the beginning of balanced expression (sexp)." ("not" . "¬")))))) (use-package cider -;; :elpaca (:host github :repo "clojure-emacs/cider" :tag "v1.12.0") + ;;:elpaca (:host github :repo "clojure-emacs/cider" :tag "v1.12.0") :delight (cider-mode '(:eval (concat "  [" (cider--modeline-info) "]"))) :config (evil-define-key 'normal 'cider-mode-map @@ -906,10 +906,10 @@ Point must be at the beginning of balanced expression (sexp)." ;; Magit requires 'transient' >= 0.5.0, but due to bad defaults, Emacs' package manager refuses to ;; upgrade this and other built-in packages to higher releases from GNU Elpa. -(use-package transient - :init - (progn (unload-feature 'transient t) - (require 'transient))) +;; (use-package transient +;; :init +;; (progn (unload-feature 'transient t) +;; (require 'transient))) ;; To fix this, you have to add this to your init file: ;; (setq package-install-upgrade-built-in t) ;; You must also make sure the updated version is loaded, by evaluating the `progn` form below. diff --git a/home/home-configuration.scm b/home/home-configuration.scm index c7dc30d..92e9a9b 100644 --- a/home/home-configuration.scm +++ b/home/home-configuration.scm @@ -205,63 +205,63 @@ "xdg-desktop-portal" "xdg-desktop-portal-wlr" - "emacs-el-patch" - "emacs-guix" - "emacs-org" - "emacs-org-roam" - "emacs-consult-notes" - "emacs-websocket" - "emacs-org-roam-ui" - "emacs-org-modern" - "emacs-org-rainbow-tags" - "emacs-color-theme-modern" - "emacs-moe-theme" - "emacs-catppuccin-theme" - "emacs-unicode-fonts" - "emacs-ligature" - "emacs-visual-fill-column" "emacs-adaptive-wrap" - "emacs-keychain-environment" - "emacs-pass" - "emacs-evil" - "emacs-evil-collection" - "emacs-orderless" - "emacs-embark-consult" - "emacs-wgrep" - "emacs-vertico" - "emacs-marginalia" - "emacs-nerd-icons-completion" - "emacs-which-key" "emacs-cape" + "emacs-catppuccin-theme" + "emacs-cider@1.12.0" + ;;"emacs-code-review" + "emacs-color-theme-modern" + "emacs-consult-eglot" + "emacs-consult-notes" "emacs-corfu" - "emacs-nerd-icons-corfu" - ;; "emacs-corfu-terminal" - "emacs-tempel" - "emacs-xref-union" - "emacs-goto-chg" - "emacs-evil-easymotion" - "emacs-evil-snipe" - "emacs-paredit" + "emacs-dhall-mode" "emacs-editorconfig" "emacs-eglot" - "emacs-consult-eglot" - "emacs-tree-sitter" - "emacs-clojure-mode" - "emacs-cider" + "emacs-el-patch" + "emacs-embark-consult" + "emacs-envrc" + "emacs-evil" + "emacs-evil-collection" + "emacs-evil-easymotion" + "emacs-evil-snipe" + "emacs-forge" "emacs-geiser" - "emacs-paren-face" - "emacs-highlight-parentheses" "emacs-geiser-chicken" "emacs-geiser-guile" - "emacs-zig-mode" - "emacs-dhall-mode" - "emacs-transient" + "emacs-git-gutter" + "emacs-goto-chg" + "emacs-guix" + "emacs-highlight-parentheses" + "emacs-keychain-environment" + "emacs-ligature" "emacs-magit" "emacs-magit-todos" - "emacs-forge" - "emacs-code-review" - "emacs-git-gutter" - "emacs-envrc" + "emacs-marginalia" + "emacs-moe-theme" + "emacs-nerd-icons-completion" + "emacs-nerd-icons-corfu" + "emacs-orderless" + "emacs-org" + "emacs-org-modern" + "emacs-org-rainbow-tags" + "emacs-org-roam" + "emacs-org-roam-ui" + "emacs-paredit" + "emacs-paren-face" + "emacs-pass" + "emacs-seq" + "emacs-tempel" + "emacs-transient" + "emacs-tree-sitter" + "emacs-unicode-fonts" + "emacs-vertico" + "emacs-visual-fill-column" + "emacs-websocket" + "emacs-wgrep" + "emacs-which-key" + "emacs-xref-union" + "emacs-zig-mode" + ;; "emacs-corfu-terminal" ))) (service home-openssh-service-type (home-openssh-configuration