From 5a61b84c2d2717a6a696f5b22d6e34c6ade54d85 Mon Sep 17 00:00:00 2001 From: DuckDuckWhale Date: Sun, 8 Dec 2024 22:35:51 -0800 Subject: [PATCH] Misc: setup and fixes - Update README setup distro list - Show battery percentage in GNOME - Fix `full-script` not exiting on failure - Add manual script for Zellij - Rename ab-av1 aliases - Fix fish setup - Change SSH port - Include JXL, date tools, tokei, f3 - Update setup guide to Fedora 42 --- README.md | 7 ++-- auto/shells/bash | 3 +- auto/shells/fish | 5 ++- full-setup | 3 +- manual/rust/rust-configure | 3 +- manual/zellij/zellij | 6 +++ setup/fedora-install.md | 72 +++++++++++++++++++++++------------- setup/fedora-system-setup.md | 18 +++++++-- setup/fedora-user-setup.md | 13 ++++--- setup/ubuntu-setup.md | 2 +- 10 files changed, 89 insertions(+), 43 deletions(-) create mode 100755 manual/zellij/zellij diff --git a/README.md b/README.md index a621b49..2b52412 100644 --- a/README.md +++ b/README.md @@ -14,9 +14,10 @@ Here you can find my personal configuration files! - `rust`: installs the Rust programming language and adjust bash config files accordingly. May consume ~1 GiB of disk space. - `helix`: installs the Helix editor. May consume ~150 MiB of disk space. -- `setup`: Setup guides for Linux machines, mostly focused on Debian & Ubuntu. Includes - installation guides (dual boot or regular install) and system and user level - setups/configurations. +- `setup`: Setup guides for Linux machines, mostly focused on Fedora, Debian, + and Ubuntu. + Includes installation guides (dual boot or regular install) and + system and user level setups/configurations. - `system`: system level utilities - `mac-fnmode`: fix function keys' behavior when using Mac keyboards - `sshd`: SSH daemon configuration diff --git a/auto/shells/bash b/auto/shells/bash index ddf0f87..7fb8d36 100755 --- a/auto/shells/bash +++ b/auto/shells/bash @@ -26,7 +26,8 @@ alias ls='ls --color' alias mosh='mosh -o' alias cargo='cargo auditable' alias md='pulldown-cmark -TFSLH' -alias auto-av1='nice ab-av1 auto-encode --min-samples 2 --keyint 2s --scd true' +alias av1-auto='nice ab-av1 auto-encode --min-samples 3 --keyint 2s --scd true' +alias av1-search='nice ab-av1 crf-search --min-samples 3 --keyint 2s --scd true' # Shows a oneline preview of all files under the folder after changing directory. diff --git a/auto/shells/fish b/auto/shells/fish index 5e70779..6423740 100755 --- a/auto/shells/fish +++ b/auto/shells/fish @@ -62,5 +62,8 @@ export PATH="$HOME/.local/bin:$PATH:/usr/lib/llvm-15/bin" alias md='pulldown-cmark -TFSLH' alias mosh='mosh -o' alias cargo='cargo auditable' -alias auto-av1='ab-av1 auto-encode --min-samples 2 --keyint 2s --scd true' +alias av1-auto='nice ab-av1 auto-encode --min-samples 3 --keyint 2s --scd true' +alias av1-search='nice ab-av1 crf-search --min-samples 3 --keyint 2s --scd true' + +set -x PATH "$HOME/.cargo/bin" $PATH EOF diff --git a/full-setup b/full-setup index 7a673e1..63d99e8 100755 --- a/full-setup +++ b/full-setup @@ -1,4 +1,5 @@ #!/bin/sh +set -e cd auto ./auto cd ../manual/rust @@ -8,4 +9,4 @@ cd ../helix ./helix cd ../starship ./starship -echo success +echo 'Full setup complete!' diff --git a/manual/rust/rust-configure b/manual/rust/rust-configure index 94c0bf7..e176849 100755 --- a/manual/rust/rust-configure +++ b/manual/rust/rust-configure @@ -84,7 +84,7 @@ fn main() -> anyhow::Result<()> { let mut config_fish_path = dirs::config_dir().context("can't find config directory")?; config_fish_path.push("fish"); - fs::create_dir_all(&config_fish_path)?; + fs::create_dir_all(&config_fish_path).context("failed to create fish config directory")?; config_fish_path.push("config.fish"); let config_fish = match File::open(&config_fish_path) { Ok(file) => { @@ -102,6 +102,7 @@ fn main() -> anyhow::Result<()> { new_config_fish.push('\n'); } } + new_config_fish.push_str(ENV_FISH); new_config_fish.trim().to_owned() + "\n" } Err(e) if e.kind() == ErrorKind::NotFound => String::new(), diff --git a/manual/zellij/zellij b/manual/zellij/zellij new file mode 100755 index 0000000..2fe76f6 --- /dev/null +++ b/manual/zellij/zellij @@ -0,0 +1,6 @@ +#!/bin/sh -e +if ! command -v cargo > /dev/null; then + echo "Error: cargo not found" + exit 1 +fi +cargo install zellij --locked diff --git a/setup/fedora-install.md b/setup/fedora-install.md index 4ca5565..c0e5893 100644 --- a/setup/fedora-install.md +++ b/setup/fedora-install.md @@ -1,13 +1,28 @@ # Fedora Installation +> **Note** +> +> For Fedora >= 42, the installer, Anaconda, has been modernized with +> its new Web UI. +> This means that the detailed setup procedure that follows is no longer +> necessary if you: +> - Don't dual boot via the same disk, +> - Don't need to manage partitions, +> - Don't use existing file systems, +> - And don't mind using crc32c for btrfs checksum, which is good +> enough for most. +> +> Simply follow the setup guide and make sure to encrypt your +> disk and set sufficiently long and/or complex passphrases. + Here is how I installed Fedora. I chose to migrate from ext4 to btrfs, the default file system for Fedora. I also bought a new disk, which means that I needed to create everything from scratch. -_Note: This document details the installation only. For setup, see +_This document details the installation only. For setup, see [Fedora System Setup](fedora-system-setup.md) or [Fedora User Setup](fedora-user-setup.md). This is originally written -for Fedora 39 and updated to Fedora 40._ +for Fedora 39 and updated to Fedora 41._ By following these steps, you will be able to install Fedora with: - `/` as a btrfs subvolume using xxhash as the checksum function on LUKS2 (an @@ -31,9 +46,15 @@ MB/s, which I found acceptable, so that's what I went with. ## Making a Fedora Live USB -Simply go to the Fedora project website and download the ISO. I opted not to -use the Fedora Media Writer because I like collecting Linux ISOs. It shouldn't -impact the result. +Simply go to the Fedora project website and download Fedora Media Writer or the +ISO. I sometimes opt not to use the Fedora Media Writer because I like +collecting Linux ISOs. It shouldn't impact the result. + +### Fedora Media Writer + +Pick automatic download and select Fedora Workstation. Flash your USB stick. + +### ISO After the download you may find the GPG-signed SHA256 checksum file from the icon next to the ISO download. You may find the GPG key fingerprints and @@ -45,20 +66,26 @@ corrupted his disk._ ## Preparing the SSD -Boot the USB. Open gparted by typing its name and pressing enter. Make a GPT -partition table. +Boot the USB. Open Disks by typing its name and pressing enter. Make a GPT +partition table by using the three dots at the top right. -(If you have paintext data on the drive, you really should do a NVME sanitize. +(If you have plaintext data on the drive, you really should do a NVMe sanitize. You may find instructions on doing that by looking up the man page for the `nvme` command.) Make a large empty partition with no file system (choose "unformatted") leaving -10240 MiB at the end of the drive. You may find a calculator to be handy here. +10240 MiB at the end of the drive. You can do this by typing 10240 into the +bottom text box (free space at the end) and clicking into the top box to refresh +its calculation. Make a 1024 MiB partition at the very end of the drive and format with ext4, -then make another one right before it and also format with ext4. Formatting -here really isn't necessary if not for the Fedora installer graying out all the -fields when it doesn't detect a file system (bug?). +then make another one right before it and also format with ext4. +This is easier on gparted then GNOME Disks, but you can accomplish the same +thing by making a 8192 MiB temporary partition then deleting it after making the +two 1024 MiB partitions at the end. + +Formatting here really isn't necessary if not for the Fedora installer graying +out all the fields when it doesn't detect a file system (bug?). I assume that you are using an UEFI system as almost all modern x86_64 systems have that, but you could verify that with `[ -d /sys/firmware/efi ] && echo UEFI @@ -66,24 +93,24 @@ have that, but you could verify that with `[ -d /sys/firmware/efi ] && echo UEFI Now, make the LUKS2 layer by opening a terminal and typing: -`sudo cryptsetup luksFormat --hash sha512 --use-random /dev/` +`sudo cryptsetup luksFormat --use-random /dev/` ...where `` is the big partition you made first and should look something like `/dev/nvme0n1p1`. There are some sane defaults that I didn't include in this command as all new systems should have them by default, but you could spell it out if you want to be extra certain: `--type luks2 --key-size 512 -- --cipher aes-xts-plain64 --iter-time 2000 --verify-passphrase` +--cipher aes-xts-plain64 --iter-time 2000 --verify-passphrase` Then, unlock this encrypted partition by typing: `sudo cryptsetup open /dev/ `, where `` is the name for the mapper file and doesn't matter for our install. You could just use `luks`. Now, make the btrfs file system with xxhash as the checksum function: `sudo -mkfs.btrfs --csum xxhash `. I didn't use LVM here as btrfs snapshots -are much better and support RAID0/1 well. btrfs snapshots doesn't have LVM -snapshots' heavy performance penalty, doesn't require preallocation of space -which is often wasted, and doesn't become invalid later when its space is used -up. +mkfs.btrfs --csum xxhash /etc/mapper/`. I didn't use LVM here as btrfs +snapshots are much better and support RAID0/1 well. btrfs snapshots doesn't +have LVM snapshots' heavy performance penalty, doesn't require pre-allocation of +space which is often wasted, and doesn't become invalid later when its space is +used up. Then, close the LUKS layer as the installer requires the password to it for installation. If you skip this step, you would be forced to rescan in the @@ -98,13 +125,6 @@ I have some commands for unlocking the LUKS in my Ubuntu install guide, but here you can simply unlock the LUKS volume and the installer does all the work for you setting that up. -Click the `+` button to make a new root subvolume. Anaconda, the Fedora -installer, requires you to create a new btrfs subvolume at the time of -writing. You may simply select the storage as `btrfs.`. Maybe -`` is for disambiguation when you have multiple btrfs file systems -(smh my head)? Then do the same for the home subvolume. The default names are -fine and the mount points are `/` and `/home`, respectively. - - Format `` (e.g. `/dev/nvme0n1p3`) as ext4 and mount to `/ boot`. (Check the format checkbox.) - Format `` (e.g. `/dev/nvme0n1p2`) as System EFI Partition and diff --git a/setup/fedora-system-setup.md b/setup/fedora-system-setup.md index ce8cd6d..4be1ab1 100644 --- a/setup/fedora-system-setup.md +++ b/setup/fedora-system-setup.md @@ -23,12 +23,13 @@ wl-clipboard qrencode xournalpp gstreamer1-plugins-bad-free-extras gnome-extensions-app gnome-shell-extension-gsconnect nautilus-gsconnect kernel-tools mozilla-openh264 gstreamer1-plugin-openh264 trash-cli ripgrep gnome-tweaks goldendict-ng gcc-c++ gimp alacritty clang clang-tools-extra bat -helix fish kdiskmark kiwix-desktop` +helix fish kdiskmark kiwix-desktop libjxl-utils` ### As needed `dnf install gnome-usage install rlwrap mediainfo nmap xeyes progress -duperemove memtest86+ lm_sensors efitools quearcode qpdf kdenlive stress` +duperemove memtest86+ lm_sensors efitools quearcode qpdf kdenlive stress tokei +f3 exiftool datediff qalculate` ## AMD @@ -90,8 +91,9 @@ can clear the app data. - Ungoogled Chromium - `flatpak install flathub io.github.ungoogled_software.ungoogled_chromium` - Disable smart cards, printing system, all user files - - Enable GPU acceleration + - Enable GPU acceleration and disable all devices - Remove Other files: `/run/.heim_org.h5l.kcm-socket` + - Removing X11 will cause it to fail to launch, so don't do that. - Minecraft (Prism Launcher) - `flatpak install flathub org.prismlauncher.PrismLauncher` - Remove `xdg-download:ro` @@ -152,7 +154,15 @@ If you have just came from a non-SELinux distro (say the Debian family) and see a permission denied message from `sshd` in your logs, use `restorecon -RFv ~/.ssh` to please SELinux. -(Don't forget to install Mosh!) +### Custom Port + +If you are paranoid like me and want to put an extra layer of defense against +script kiddies vulnerability scans over SSH, here's how you may use a custom +port for your SSH: + +1. Change `Port 22` to `Port ` in `/etc/ssh/sshd_config`. +2. `sudo semanage port -a -t ssh_port_t -p tcp ` +3. `sudo systemctl reload sshd` ## Framework 16 diff --git a/setup/fedora-user-setup.md b/setup/fedora-user-setup.md index eb49318..73996bc 100644 --- a/setup/fedora-user-setup.md +++ b/setup/fedora-user-setup.md @@ -16,7 +16,8 @@ for Fedora 39 and updated to Fedora 40._ ## Power -Turn off `Automatic Suspend` when `Plugged In`. +Turn off `Automatic Suspend` when `Plugged In` and turn on `Show Battery +Percentage`. ## Displays @@ -41,14 +42,16 @@ In `Input Sources`, add `Chinese (Intelligent Pinyin)` and ### Shortcuts -| Name | Shortcut | Command | -| Home folder | `Super` + `F` | -| Launch email client | `Super` + `E` | -| Launch web browser | `Super` + `W` | +| Name | Shortcut | +| ---------------------- | ------------- | +| Home folder | `Super` + `F` | +| Launch email client | `Super` + `E` | +| Launch web browser | `Super` + `W` | | Microphone mute/unmute | `Super` + `A` | In Settings -> Keyboard -> Custom Shortcuts: | Name | Shortcut | Command | +| ---- | -------- | ------- | | Launch Calculator | `Super` + `C` | `gnome-calculator` | | Launch Dictionary | `Super` + `D` | `goldendict-ng` | | Launch Terminal | `Super` + `T` | `alacritty` | diff --git a/setup/ubuntu-setup.md b/setup/ubuntu-setup.md index 8971cf0..c843606 100644 --- a/setup/ubuntu-setup.md +++ b/setup/ubuntu-setup.md @@ -10,7 +10,7 @@ Here's my personal Ubuntu 23.10 setup. (Make sure to use Wayland on Nvidia!) goldendict gparted keepassxc mpv needrestart obs-studio ripgrep sshfs synaptic tmux trash-cli ufw vim-gtk3 wl-clipboard linux-tools-generic build-essential` - Optional: - - `sudo apt install arp-scan asciinema bookworm foliate gimp gnome-firmware gnome-games + - `sudo apt install arp-scan asciinema foliate gimp gnome-firmware gnome-games gnome-nettool gnome-packagekit gnome-passwordsafe gnome-shell-pomodoro gnome-usage gthumb heif-gdk-pixbuf heif-thumbnailer mkvtoolnix-gui openjdk-17-jdk pulseeffects qpdf ranger syncplay virtualbox-qt vlc audacity f3 prusa-slicer cmake gstreamer1.0-plugins-bad ddcutil