guix-tribes/nbde/system/installed-base.scm

(define-module (nbde system installed-base)
  #:use-module (gnu)
  #:use-module (gnu services base)
  #:use-module (gnu services desktop)
  #:use-module (gnu services networking)
  #:use-module (gnu services ssh)
  #:use-module (guix gexp)
  #:use-module (nbde system boot-store)
  #:export (nbde-installed-operating-system))

(define %tribe-one-guix-substitute-url
  "https://guix.tribe-one.org")

(define %tribe-one-guix-signing-key
  (plain-file
   "guix.tribe-one.org-signing-key.pub"
   "(public-key \n (ecc \n  (curve Ed25519)\n  (q #7F0B2300CC4BDA2520DB462BCAD45107E7C874E0E09DC8EF429B145C8A52B306#)\n  )\n )\n"))

(define* (nbde-installed-operating-system #:key
                                          host-name
                                          bootloader
                                          (mapped-devices '())
                                          file-systems
                                          initrd
                                          interface
                                          authorized-keys-file
                                          (timezone "Etc/UTC")
                                          (locale "en_US.UTF-8")
                                          (kernel-arguments
                                           (list "console=tty0"
                                                 "console=ttyS0,115200n8"))
                                          (initrd-modules
                                           (append '("nvme" "sd_mod" "virtio_scsi")
                                                   %base-initrd-modules))
                                          (extra-services '()))
  "Return a base installed Guix system for the NBDE flow, parameterized by the
runtime-discovered boot and filesystem values from the installer."
  (operating-system
    (host-name host-name)
    (timezone timezone)
    (locale locale)
    (keyboard-layout (keyboard-layout "us"))
    (kernel-arguments kernel-arguments)
    (initrd-modules initrd-modules)
    (initrd initrd)
    (bootloader bootloader)
    (mapped-devices mapped-devices)
    (file-systems file-systems)
    (services
     (append
     extra-services
      (list (service dhcpcd-service-type)
            (boot-store-staging-service)
            (service elogind-service-type)
            (service agetty-service-type
                     (agetty-configuration
                      (tty "ttyS0")
                      (term "vt100")))
            (service openssh-service-type
                     (openssh-configuration
                      (permit-root-login 'prohibit-password)
                      (authorized-keys
                       (list
                        (list "root" authorized-keys-file)))))
            (simple-service
             'tribe-one-guix-substitutes
             guix-service-type
             (guix-extension
              (authorized-keys (list %tribe-one-guix-signing-key))
              (substitute-urls (list %tribe-one-guix-substitute-url)))))
      %base-services))))