desktop: Add hackrf user-space tools and udev rules

* README.org: Document how to initialize a system from scratch, as well as other minor
adjustments in support of this. This documentation is not yet fully completed.

.gitignore

@@ -5,3 +5,6 @@
 # Note: 'guix deploy' will generate a public key for the provided private key
 .deploy-key
 .deploy-key.pub
+
+# Environment variable files used for docker-compose/docker; generally contain secrets
+*.env

.guix/rekahsoft/guix-config/desktop.scm

@@ -28,6 +28,8 @@
                              #:groups '("adbusers"))
          (udev-rules-service 'u2f (specification->package "libu2f-host")
                              #:groups '("plugdev"))
+         (udev-rules-service 'hackrf (specification->package "hackrf")
+                             #:groups '("dialout"))
          (service pcscd-service-type)
          (service libvirt-service-type
                   (libvirt-configuration
@@ -130,8 +132,8 @@
                    (comment "Collin J Doering")
 		   (shell (file-append zsh "/bin/zsh"))
                    (group "users")
-                   (supplementary-groups '("wheel" "netdev" "lp" "libvirt" "docker" "wireshark" "plugdev" "adbusers"
-                                           "kvm" "audio" "video")))
+                   (supplementary-groups '("wheel" "netdev" "lp" "libvirt" "docker" "wireshark"
+                                           "plugdev" "adbusers" "dialout" "kvm" "audio" "video")))
                   %base-user-accounts))
 
     (groups (cons* (user-group (name "wireshark"))
@@ -140,16 +142,18 @@
     (packages
      (append
       (map specification->package
-           '("nss-certs"      ;; for HTTPS access
-             "gvfs"           ;; for user mounts
-             "docker-compose"
+           '("xinitrc-xsession" ;; for starting users .xinitrc from display manager
              "btrfs-progs"    ;; for btrfs root filesystem
-	     "xinitrc-xsession" ;; for starting users .xinitrc from display manager
-             "nix"
-             "tmux"
-             "recutils"
+             "docker-compose"
              "emacs"
-             "emacs-guix"))
+             "emacs-guix"
+             "gvfs"           ;; for user mounts
+             "hackrf"         ;; for hackrf user space tools
+             "lvm2"           ;; for lvm2 tools
+             "nix"
+             "nss-certs"      ;; for HTTPS access
+             "recutils"
+             "tmux"))
       %base-packages))
 
     (services %rkd-desktop-services)

README.org

@@ -73,6 +73,141 @@ any packages, only system configurations and machine specifications for deployme
 At a later date, this also will allow for building of machine images for immutable
 deployment, bootstrapping and more.
 
+* TODO Initializing a System
+
+** Using an existing guix installation image
+
+*** TODO Producing an installation image
+
+TODO: It would be convent to be able to produce an image that can be used to install my
+normal setup. This would avoid pulling my channels, as well as downloading software (it could
+all be pre-packaged in the image).
+
+If you produce and use this installation image, you can skip to [[*Disk Setup and Partitioning][Disk Setup and Partitioning]].
+
+*** TODO Setup Installation
+
+TODO: network needs to be setup; local, keymap, and font too.
+
+*** Configure Guix Channels
+
+First, fetch the most recent channel file from the target machine. For most, this will be
+done via the internet using my public mirror.
+
+#+begin_src shell
+  curl -O https://git.rekahsoft.ca/rekahsoft/guix-machines/raw/branch/master/channels.scm
+#+end_src
+
+When on my network, I pull from my internal git (notice the different URL).
+
+#+begin_src shell
+  curl -O https://git.home.rekahsoft.ca/rekahsoft-public/guix-machines/raw/branch/master/channels.scm
+#+end_src
+
+Once the channel file is available on the target, update guix to use these channels.
+
+#+begin_src shell
+  sudo -i guix pull -C $(realpath channels.scm)
+#+end_src
+
+*** TODO Disk Setup and Partitioning
+
+TODO: disks need to be partitioned and appropriately mounted. This varies depending on the setup.
+
+#+begin_src bash
+  # Create disk partition table and layout
+  parted /dev/nvme0n1 mklabel gpt
+
+  # Create partitions
+  parted /dev/nvme0n1 mkpart primary ESP 0% 512MiB
+  parted /dev/nvme0n1 mkpart 512MiB 100%
+
+  # Create EFI partition
+  parted /dev/nvme0n1p1 set 1 esp on
+  mkfs.fat -F32 /dev/nvme0n1p1
+
+  # Create LUKS container on remainder of disk
+  cryptsetup luksFormat --label crypt /dev/nvme0n1p2
+
+  # Unlock LUKS container after creation
+  cryptsetup luksOpen /dev/nvme0n1p2 crypt
+
+  #
+  # Create LVM2 container inside of LUKS container
+
+  # Create Physical Volume (pv)
+  pvcreate /dev/mapper/crypt
+
+  # Create Volume Group (vg)
+  vgcreate vg0 /dev/mapper/crypt
+
+  # Create Logical Volume/s (vg)
+  lvcreate -L <ROOT_VOL_SIZE>G vg0 -n root
+  lvcreate -l +100%FREE vg0 -n swap
+
+  #
+  # Create btrfs 'pool' (file-system) and subvolumes
+
+  # Create btrfs file-system
+  mkfs.btrfs --label root /dev/vg0/root
+
+  # Create btrfs subvolumes
+  mount /dev/vg0/root /mnt
+  btrfs subvolume create /mnt/@
+  umount /mnt
+
+  # Mount the root subvolume.
+  mount -o subvol=@,compress=zstd /dev/vg0/root /mnt
+
+  # Create nested subvolumes for /gnu/store, /home, and /var
+  mkdir -p /mnt/gnu
+  btrfs subvolume create /mnt/gnu/store
+  btrfs subvolume create /mnt/home
+  btrfs subvolume create /mnt/var
+#+end_src
+
+*** Bootstrap System
+
+As described in guix documentation, start ~cow-store~ to allow later steps to write store
+changes to ~/mnt/gnu/store~.
+
+#+begin_src bash
+  herd start cow-store /mnt
+#+end_src
+
+Create a ~bootstrap.scm~ file like this:
+
+#+begin_src scheme
+  (@ (rekahsoft guix-config <vms|manual> <target>) %system)
+#+end_src
+
+Use ~guix system init ...~ to instantiate the system.
+
+#+begin_src bash
+  guix system init bootstrap.scm /mnt
+#+end_src
+
+**** TODO This doesn't work unless I use ~guix time-machine ...~
+
+I have to use ~guix time-machine ...~ with the channel file for ~guix system init ...~ to
+work. It fails to find the sources, complaining about a missing public interface. However, in
+repl this also fails. Even more confusingly, when using ~guix time-machine -C channels.scm --
+repl~, it also cannot find the modules from my channel. I need to ask about this on the
+mailing list. What works (no pull needed):
+
+#+begin_src bash
+  guix time-machine -C channels.scm -- system init bootstrap.scm /mnt
+#+end_src
+
+** TODO Producing an image to be flashed directly
+
+TODO: there are limitations on what images I can produce; namely, lvm and luks cannot be
+setup easily (or at all?) it seems?
+
+#+begin_src shell
+  guix time-machine -C channels.scm -- system image -e '(@ (rekahsoft guix-config <vms|manual> <target>) %image)'
+#+end_src
+
 * Push Deployment with ~guix deploy~
 
 Push based mutable deployment is the default deployment methodology for the majority of
@@ -96,19 +231,8 @@ where using a push based method doesn't make sense. It also serves as a secondar
 mechanism for systems normally maintained using the push deployment model; for example, this
 becomes necessary when facing ~guix deploy~ bugs.
 
-First, fetch the most recent channel file from the target machine.
-
-#+begin_src shell
-  curl -O https://git.home.rekahsoft.ca/rekahsoft-public/guix-machines/raw/branch/master/channels.scm
-#+end_src
-
-Once the channel file is available on the target, update guix to use these channels.
-
-#+begin_src shell
-  sudo -i guix pull -C $(realpath channels.scm)
-#+end_src
-
-Once channels have been updated successfully, use the following to reconfigure the system.
+First [[*Configure Guix Channels][Configure Guix Channels]] as described above. Once channels have been updated
+successfully, use the following to reconfigure the system.
 
 #+begin_src shell
   sudo -i guix system reconfigure -e '(@ (rekahsoft guix-config <vms|manual> <target>) %system)'
@@ -129,7 +253,14 @@ if forgotten; that being said, Guix makes this a semi-reasonable thing to do, as
 system changes is tracked very explicitly by guix generations local to the target.
 
 To manually deploy using local sources, the local sources must exist on the working machine
-(of course). The easiest way to do this is via git, from the working machine like so.
+(of course). The easiest way to do this is via git, from the working machine like so. Most
+will pull from my public git mirror.
+
+#+begin_src shell
+  git clone https://git.rekahsoft.ca/rekahsoft/guix-machines.git
+#+end_src
+
+On my network, internal git is used instead (notice the different URL).
 
 #+begin_src shell
   git clone https://git.home.rekahsoft.ca/rekahsoft-public/guix-machines.git