;; This is an operating system configuration template ;; for a "bare bones" setup, with no X11 display server. (use-modules (gnu) (metznet aws) (metznet machines vpn) (metznet system base-system) (gnu services sssd) (gnu packages guile) (gnu packages vim) (gnu services networking) (gnu services ssh) (gnu packages ssh) (gnu packages python-web) (gnu packages shells)) (operating-system (inherit vpn.metznet.ca) (bootloader (bootloader-configuration (bootloader grub-minimal-bootloader) (targets '("/dev/nvme0n1")))) (file-systems (cons (file-system (device (file-system-label "guix-data")) (mount-point "/") (type "ext4")) %base-file-systems)) (groups (cons (user-group (system? #t) (name "admin")) %base-groups)) (users (cons (user-account (name "aws") (group "admin") (password (crypt "aws" "$6$salt")) (shell (file-append zsh "/bin/zsh"))) %base-user-accounts)) (sudoers-file (plain-file "sudoers" (string-join (list "Defaults mail_badpass" "root ALL=(ALL:ALL) ALL" "%admin ALL=(ALL:ALL) ALL" "") "\n"))) (packages (cons* openssh awscli neovim %metznet-base-packages)) (services (cons* (service aws-service-type) (modify-services vpn-services (metznet-vpn-service-type config => (local-file "/home/root/vpn/dh2048.pem")) (metznet-service-type config => (metznet-system-configuration (vpn-ta-key (local-file "/home/root/vpn/ta.key")) (vpn-ca (local-file "/home/root/vpn/ca.crt")) (vpn-cert (local-file "/home/root/vpn/vpn.crt")) (vpn-key (local-file "/home/root/vpn/vpn.key"))))))))