Add: system setup tutorials for Ubuntu & Debian
This commit is contained in:
parent
50ea11f79a
commit
9d4777f7f7
290
setup/debian-setup.md
Normal file
290
setup/debian-setup.md
Normal file
@ -0,0 +1,290 @@
|
|||||||
|
# Debian Setup
|
||||||
|
|
||||||
|
Here's my personal Debian 12 Bookworm setup.
|
||||||
|
|
||||||
|
- Set font size in Terminal to 15 and initial column count to 85
|
||||||
|
- Must haves:
|
||||||
|
- `sudo apt install curl earlyoom ffmpeg flatpak git gnome-clocks \
|
||||||
|
gnome-shell-pomodoro gnome-software-plugin-flatpak gnome-sound-recorder \
|
||||||
|
gnome-todo gnome-weather goldendict gparted keepassxc mosh obs-studio \
|
||||||
|
shadowsocks-libev sshfs synaptic tmux trash-cli vim-gtk3 vlc \
|
||||||
|
gnome-boxes wl-clipboard needrestart deja-dup ufw ddcutil`
|
||||||
|
- Optional:
|
||||||
|
- `sudo apt install openjdk-17-jdk gthumb gnome-usage ranger
|
||||||
|
gnome-firmware gnome-games gnome-nettool qpdf pulseeffects
|
||||||
|
gnome-packagekit gnome-passwordsafe mkvtoolnix-gui virtualbox-qt syncplay`
|
||||||
|
- FlatHub:
|
||||||
|
- `flatpak remote-add --if-not-exists flathub
|
||||||
|
https://flathub.org/repo/flathub.flatpakrepo`
|
||||||
|
- Allocate 8GiB for swap
|
||||||
|
```
|
||||||
|
sudo swapoff /swapfile
|
||||||
|
sudo fallocate -l 8GiB /swapfile
|
||||||
|
sudo mkswap /swapfile
|
||||||
|
sudo swapon /swapfile
|
||||||
|
```
|
||||||
|
- Early OOM config: edit `/etc/default/earlyoom` and add:
|
||||||
|
- `--avoid
|
||||||
|
'(^|/)(systemd|sshd|mosh-server|ssh|vim|sudo|sudoedit|gnome-shell|gnome-terminal-)$'
|
||||||
|
--prefer '(^|/)(Web Content|Isolated Web Co)$'`
|
||||||
|
- Firefox
|
||||||
|
- Change default zoom to 110%
|
||||||
|
- Enable HTTPS only
|
||||||
|
- Proxy DNS when using SOCKS v5
|
||||||
|
- Enable DNS over HTTPS
|
||||||
|
- In `about:config` set `browser.sessionstore.max_windows_undo` to 10.
|
||||||
|
- Go to settings -> `Region & Language` and install `Chinese (simplified)`.
|
||||||
|
|
||||||
|
## Optional packages
|
||||||
|
|
||||||
|
- `clangd` for VSCodium C language server with
|
||||||
|
`llvm-vs-code-extensions.vscode-clangd` (?)
|
||||||
|
- `imagemagick` for `convert`, comment out with `<!-- -->` PDF policy in
|
||||||
|
`/etc/ImageMagick-6/policy.xml` (?)
|
||||||
|
- Cross compiling (?)
|
||||||
|
- `gcc-aarch64-linux-gnu`
|
||||||
|
- `gcc-arm-linux-gnueabihf`
|
||||||
|
|
||||||
|
## UFW
|
||||||
|
|
||||||
|
`$ sudo ufw enable`
|
||||||
|
|
||||||
|
## Wayland (?)
|
||||||
|
|
||||||
|
- `sudoedit /usr/lib/udev/rules.d/61-gdm.rules` and comment the two uncommented
|
||||||
|
lines
|
||||||
|
- Reboot or restart gdm3 (didn't try)
|
||||||
|
|
||||||
|
## Apps
|
||||||
|
|
||||||
|
- gnome-tweaks
|
||||||
|
- `sudo apt install gnome-tweaks`
|
||||||
|
- Swap capslock and ESC in `Keyboard & Mouse` -> `Additional Layout Options`
|
||||||
|
-> `Caps Lock behavior`
|
||||||
|
- Change `Mouse Click Emulation` to `Area`
|
||||||
|
- Turn on weekdays and battery percentage in `Top Bar`
|
||||||
|
- Flat mouse acceleration profile
|
||||||
|
- Turn off suspend when closing lid
|
||||||
|
- Extensions
|
||||||
|
- `sudo apt install gnome-shell-extensions`
|
||||||
|
- Turn on:
|
||||||
|
- `Applications menu`
|
||||||
|
- `Places status indicator`
|
||||||
|
- `Windownavigator`
|
||||||
|
- `Workspace Indicator`
|
||||||
|
- Note: to manually install Gnome extensions, unzip it and copy the `uuid`
|
||||||
|
field in `metadata.json` and rename the directory to this name, then move
|
||||||
|
to `~/.local/share/gnome-shell/extensions` and logout and login.
|
||||||
|
- GSConnect
|
||||||
|
- `sudo apt install gnome-shell-extension-gsconnect`
|
||||||
|
- Uncheck SFTP auto mount
|
||||||
|
- Add commands:
|
||||||
|
- `Lock`: `loginctl lock-session`
|
||||||
|
- `Quack`: `ffplay -v quiet -nodisp -autoexit ~/Music/'.Not
|
||||||
|
Music'/Ringtones/Quack.mp3`
|
||||||
|
- UFW:
|
||||||
|
- `sudo ufw allow 1716:1764/tcp`
|
||||||
|
- `sudo ufw allow 1716:1764/udp`
|
||||||
|
- Flatseal
|
||||||
|
- `flatpak install flathub com.github.tchx84.Flatseal`
|
||||||
|
- OBS Studio
|
||||||
|
- `$ sudo apt install qtwayland5`
|
||||||
|
- In `/usr/share/applications/com.obsproject.Studio.desktop`, replace
|
||||||
|
`Exec=obs` with `Exec=sh -c '[ "$XDG_SESSION_TYPE" = "wayland" ] && obs
|
||||||
|
-platform wayland || obs'`
|
||||||
|
- Gnome Calendar
|
||||||
|
- Add Google accounts in online accounts
|
||||||
|
- On older versions of Ubuntu < 22.04, not tested for 22.04:
|
||||||
|
- Wait for a bit, it's kinda buggy but it will work at the end (wait for ~2
|
||||||
|
days)
|
||||||
|
- Golden Dict
|
||||||
|
- Import dictionaries in `~/.software/goldendict/stardict-cc-cedict`
|
||||||
|
- Don't search in dictionaries contains more then 10000 articles
|
||||||
|
- <https://einverne.github.io/post/2018/08/goldendict.html>
|
||||||
|
- Xournal++
|
||||||
|
- `sudo apt install xournalpp texlive-latex-extra`
|
||||||
|
- cameractrls
|
||||||
|
- `flatpak install hu.irl.cameractrls`
|
||||||
|
- Minecraft
|
||||||
|
- TODO: PolyMC just had some problems
|
||||||
|
- To host servers: `sudo ufw allow 25565/tcp`
|
||||||
|
- Bottles
|
||||||
|
- `flatpak install flathub com.usebottles.bottles`
|
||||||
|
- Discord
|
||||||
|
- `flatpak install flathub com.discordapp.Discord`
|
||||||
|
- Slack
|
||||||
|
- `flatpak install flathub com.slack.Slack`
|
||||||
|
- Zoom
|
||||||
|
- `flatpak install flathub us.zoom.Zoom`
|
||||||
|
|
||||||
|
## Optional Apps
|
||||||
|
|
||||||
|
- Impatience (adjust Gnome animation speed)
|
||||||
|
- `sudo apt install gnome-shell-extension-impatience`
|
||||||
|
- Enable in extensions and set speed to 0.7
|
||||||
|
- Wobbly Windows (?)
|
||||||
|
- From
|
||||||
|
<https://extensions.gnome.org/extension/2950/compiz-alike-windows-effect/>
|
||||||
|
- Turn off maximize effect
|
||||||
|
- Increase restore factor to 5
|
||||||
|
- System monitor
|
||||||
|
- `$ sudo apt install gnome-shell-extension-system-monitor`
|
||||||
|
- Show only CPU (digit and graph) and memory (digit).
|
||||||
|
- OpenWeatherMap
|
||||||
|
- `$ sudo apt install gnome-shell-extension-weather`
|
||||||
|
- On older systems (< 21.04), download and install from
|
||||||
|
`https://extensions.gnome.org/extension/750/openweather/`
|
||||||
|
- Set location to La Jolla
|
||||||
|
- Switch to metric units
|
||||||
|
- VSCodium
|
||||||
|
- `flatpak install flathub com.vscodium.codium`
|
||||||
|
- Birdtray
|
||||||
|
- `$ sudo apt install birdtray`
|
||||||
|
- Configure it by running `birdtray` and clicking on the tray icon
|
||||||
|
- In Startup Applications Preference:
|
||||||
|
- Name: `Birdtray`
|
||||||
|
- Command: `sh -c "sleep 20 && /usr/bin/birdtray"`
|
||||||
|
- Comment: `Minimize to tray for Thunderbird`
|
||||||
|
- Wait for bugs to be fixed before removing sleep:
|
||||||
|
- <https://github.com/gyunaev/birdtray/issues/362>
|
||||||
|
- <https://github.com/gyunaev/birdtray/issues/430>
|
||||||
|
- Hiding: check all except hide/show by clicking icon
|
||||||
|
- Broken on Wayland
|
||||||
|
- Android Studio
|
||||||
|
- Move `Ctrl+S` from IdeaVim to IDE
|
||||||
|
- Enabled `Mark modified (*)`
|
||||||
|
- Disable both `Save files on frame deactivation` and `Save files
|
||||||
|
automatically if application is idle`
|
||||||
|
|
||||||
|
## Grub background
|
||||||
|
|
||||||
|
### Tool
|
||||||
|
|
||||||
|
- `$ sudo apt install grub-customizer`
|
||||||
|
- Put in background manually
|
||||||
|
|
||||||
|
### Manual Script
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo mkdir /opt/grub
|
||||||
|
sudo cp -r background/ /boot/grub/
|
||||||
|
sudo chown -R root:root /opt/grub
|
||||||
|
sudo chmod -R 700 /opt/grub
|
||||||
|
```
|
||||||
|
|
||||||
|
- Add the following lines to `/opt/grub/cycle-backgrounds.sh`:
|
||||||
|
```
|
||||||
|
#!/bin/sh
|
||||||
|
cd /boot/grub/background
|
||||||
|
mv background.png tmp.png
|
||||||
|
mv background-1.png background.png
|
||||||
|
mv tmp.png background-1.png
|
||||||
|
```
|
||||||
|
- `$ sudo chown root:root /opt/grub/cycle-backgrounds.sh`
|
||||||
|
- `$ sudo chmod 700 /opt/grub/cycle-backgrounds.sh`
|
||||||
|
- Add `@reboot /opt/grub/cycle-backgrounds.sh` to root crontab.
|
||||||
|
- In `/etc/default/grub`:
|
||||||
|
- Add `GRUB_BACKGROUND=/boot/grub/background/background.png`
|
||||||
|
- Change `GRUB_TIMEOUT=10` to `GRUB_TIMEOUT=3`
|
||||||
|
- `$ sudo update-grub`
|
||||||
|
|
||||||
|
## OpenSSH Server & Mosh
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo apt install -y openssh-server mosh
|
||||||
|
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
|
||||||
|
sudo cp ../system/sshd_config /etc/ssh/sshd_config
|
||||||
|
sudo groupadd --system ssh-users
|
||||||
|
sudo usermod -aG ssh-users $(whoami)
|
||||||
|
mkdir -p ~/.ssh
|
||||||
|
chmod 700 ~/.ssh
|
||||||
|
touch ~/.ssh/authorized_keys
|
||||||
|
chmod 600 ~/.ssh/authorized_keys
|
||||||
|
# insert your SSH public keys into the file
|
||||||
|
sudo ufw limit 22/tcp
|
||||||
|
sudo ufw allow 60001:60999/udp
|
||||||
|
sudo systemctl restart ssh
|
||||||
|
```
|
||||||
|
|
||||||
|
## See logs as admin
|
||||||
|
|
||||||
|
`sudo usermod -aG adm $(whoami)`
|
||||||
|
|
||||||
|
## Proton black screen fix (?)
|
||||||
|
|
||||||
|
Source:
|
||||||
|
<https://github.com/ValveSoftware/steam-runtime/issues/312#issuecomment-739441559>
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo mv /usr/share/vulkan/icd.d/intel_icd.x86_64.json \
|
||||||
|
/usr/share/vulkan/icd.d/intel_icd.x86_64.json.disabled
|
||||||
|
```
|
||||||
|
|
||||||
|
## Proprietary encodings (?)
|
||||||
|
|
||||||
|
- `$ sudo apt install ubuntu-restricted-extras`
|
||||||
|
|
||||||
|
## Dual boot
|
||||||
|
|
||||||
|
### Dislocker
|
||||||
|
|
||||||
|
```
|
||||||
|
$ sudo apt install dislocker
|
||||||
|
$ sudo mkdir /media/"$(whoami)" /mnt/dislocker /opt/dislocker
|
||||||
|
$ sudo chmod 700 /media/"$(whoami)" /mnt/dislocker /opt/dislocker
|
||||||
|
$ sudo chown $user:$user /media/"$(whoami)"
|
||||||
|
$ sudo chown root:root /mnt/dislocker /opt/dislocker
|
||||||
|
```
|
||||||
|
|
||||||
|
Copy the `.BEK` file to `/opt/dislocker/"$(whoami)".bek`.
|
||||||
|
|
||||||
|
```
|
||||||
|
$ sudo chown root:root /opt/dislocker/"$(whoami)".bek
|
||||||
|
$ sudo chmod 700 /opt/dislocker/"$(whoami)".bek
|
||||||
|
```
|
||||||
|
|
||||||
|
Add the following lines to `/etc/fstab` with `<user>` replaced:
|
||||||
|
|
||||||
|
```
|
||||||
|
/dev/nvme0n1p6 /mnt/dislocker fuse.dislocker nofail,nouser,umask=0077,bekfile=/opt/dislocker/<user>.bek 0 0
|
||||||
|
/mnt/dislocker/dislocker-file /media/<user> auto nofail,umask=0077,gid=<user>,uid=<user> 0 0
|
||||||
|
```
|
||||||
|
|
||||||
|
Mount manually with:
|
||||||
|
```
|
||||||
|
$ sudo dislocker /dev/nvmen1p6 -p -- /mnt/dislocker
|
||||||
|
$ sudo mount -o loop /mnt/dislocker/dislocker-file /media/"$(whoami)"
|
||||||
|
```
|
||||||
|
|
||||||
|
## Hardware specific
|
||||||
|
|
||||||
|
### Nvidia proprietary driver screen tearing fix
|
||||||
|
|
||||||
|
```
|
||||||
|
echo 'options nvidia-drm modeset=1' | sudo tee \
|
||||||
|
/etc/modprobe.d/nvidia-drm-nomodeset.conf > /dev/null
|
||||||
|
```
|
||||||
|
|
||||||
|
### Digimend for Huion tablet (works with H640p)
|
||||||
|
|
||||||
|
- = 20.10 & using wayland: no longer necessary
|
||||||
|
- = 21.04:
|
||||||
|
- `$ sudo apt install digimend-dkms`
|
||||||
|
- Reboot.
|
||||||
|
- < 21.04:
|
||||||
|
- Download and install from
|
||||||
|
`https://github.com/DIGImend/digimend-kernel-drivers`.
|
||||||
|
|
||||||
|
### Razer mouse
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo add-apt-repository ppa:polychromatic/stable
|
||||||
|
sudo apt install openrazer-meta polychromatic
|
||||||
|
```
|
||||||
|
|
||||||
|
## Workarounds
|
||||||
|
|
||||||
|
- [Blanked screen doesn't wake up after locking \[drmModeAtomicCommit: Argument
|
||||||
|
invalide\] \[drmModeAtomicCommit: Invalid
|
||||||
|
argument\]](https://bugs.launchpad.net/ubuntu/+source/mutter/+bug/1968040)
|
||||||
|
- Put `MUTTER_DEBUG_ENABLE_ATOMIC_KMS=0` in `/etc/environment`
|
152
setup/dual-boot-ubuntu.md
Normal file
152
setup/dual-boot-ubuntu.md
Normal file
@ -0,0 +1,152 @@
|
|||||||
|
# Dual Boot Ubuntu
|
||||||
|
|
||||||
|
Here are my personal notes back when I first dual booted Ubuntu, with some
|
||||||
|
updates sprinkled in. Use with caution and **backup everything on another
|
||||||
|
detached disk** before proceeding. Although it is very unlikely for things to
|
||||||
|
go wrong when this guide is properly followed, I will not be responsible for any
|
||||||
|
data loss.
|
||||||
|
|
||||||
|
This guide was first written for Ubuntu 18.04 LTS so some claims may no longer
|
||||||
|
be true (please let me know if it is false). Doing this guide we'll dual boot
|
||||||
|
Ubuntu and Windows 10 with setup for encryption of root and home mounts.
|
||||||
|
|
||||||
|
## Questions before we begin
|
||||||
|
|
||||||
|
You need to think about these things before you do anything. I have attached my
|
||||||
|
personal answers below but it might be different for you.
|
||||||
|
|
||||||
|
- How much space to allocate for Ubuntu?
|
||||||
|
- ~25 GiB, the recommended minimum is 25 GB and my personal usage has never
|
||||||
|
exceeded 40GiB for the root drive.
|
||||||
|
- If you don't have enough space, you may forgo a separate `/home` to gain
|
||||||
|
flexibility as root space could shrink or grow and it's hard to guess the
|
||||||
|
sizes upfront. Plus, if your data is on the Windows BitLocker drive, you
|
||||||
|
could always make a separate drive to keep your data 2 years later when
|
||||||
|
the next Ubuntu LTS comes out or just restore from backup. Or, you could
|
||||||
|
make use of LVM...
|
||||||
|
- After daily driving Ubuntu I switched to separate `/` and `/home` on
|
||||||
|
top of LVM and keeping at least 5GiB of free space for each LV. When
|
||||||
|
I need more space, I always live resize by `sudo lvextend -rL +5G
|
||||||
|
vgroot/lvhome` so I don't have to guess the total size.
|
||||||
|
- Where should Ubuntu root partition be?
|
||||||
|
- Right before `/boot` before `D:`. Since moving the starting location of a
|
||||||
|
BitLocker protected drive needs full data move using an external hard
|
||||||
|
drive and is lots of hassle, we can consider the beginning of `D:` to be
|
||||||
|
fixed. putting `/boot` right before `D:` makes its location unlikely to
|
||||||
|
be affected by moving partitions around so we don't have to deal with any
|
||||||
|
potential `/boot` hassles which may require reinstallation of GRUB.
|
||||||
|
- After using it for a while, I've decided to put it at the end of the disk
|
||||||
|
instead.
|
||||||
|
- Leaving free space between Ubuntu's root and the Windows drive makes both
|
||||||
|
OSs easy to resize because it is not hard to change the starting location
|
||||||
|
of root (GParted can do the job itself) and instead of requiring a full
|
||||||
|
move in case of expansion of Windows, which is probably more likely, we
|
||||||
|
require nothing.
|
||||||
|
- Should you encrypt this partition?
|
||||||
|
- Yes. There may be sensitive data in `/home/$user/.ssh/`, `/tmp/`,
|
||||||
|
`/var/log/`, etc. and plus you may want to put the BitLocker key in there
|
||||||
|
as well for Dislocker and keep them safe in case of losing the laptop.
|
||||||
|
- Should I encrypt `/boot` or just `/?`
|
||||||
|
- Just `/`. Encrypting `/boot` provides only somewhat protection against
|
||||||
|
the kind of Evil Maid where someone changes the kernel and include a
|
||||||
|
keylogger. This require physical access, and if they have that they can
|
||||||
|
do more, either:
|
||||||
|
1. Install another Ubuntu and connect to the Internet to upload password
|
||||||
|
2. Install a hardware key logger
|
||||||
|
3. Swap it out for a same-looking machine
|
||||||
|
- My goal was to only protect against theft and loss, not to protect against
|
||||||
|
these advanced threats. To do this, you need to either:
|
||||||
|
- Encrypt `/boot`, which prevents only the swap of a kernel but not any
|
||||||
|
of the three points above and is hard to implement.
|
||||||
|
- Password protect BIOS, which makes it very risky when I forget the
|
||||||
|
BIOS password and protects only against the kernel swap and threat #1.
|
||||||
|
I consider it not worthy for it adds significant risk only to protect
|
||||||
|
against the first threat, which is unlikely as I would have to be
|
||||||
|
specifically targeted by very technical people (they probably could
|
||||||
|
also disable the password protection or install the keylogger too but
|
||||||
|
I haven't researched much about this).
|
||||||
|
- IDK what more could be done.
|
||||||
|
- Bottom line: never trust the device once it's been tempered with.
|
||||||
|
- How should I encrypt? LUKS?
|
||||||
|
- LUKS, I don't want my directory structure to be seen and I want to just
|
||||||
|
use ext4.
|
||||||
|
- LVM on LUKS or LUKS on LVM?
|
||||||
|
- LVM on LUKS, the usual setup with less hassle and I don't need multi-disk
|
||||||
|
LUKS anyways as this is a single-disk laptop.
|
||||||
|
- Will dual booting mess up the Windows boot loader?
|
||||||
|
- Should not, since removing GRUB requires only the removal of its entries
|
||||||
|
from the EFI partition.
|
||||||
|
- How to avoid too many password prompts?
|
||||||
|
- Should have only one prompt at boot when the kernel asks for the password
|
||||||
|
to decrypt the file systems, and another for normal logins.
|
||||||
|
- How to dual boot and install with encryption?
|
||||||
|
- Here is the original guide which I based this one on: [Encrypting disks on
|
||||||
|
Ubuntu
|
||||||
|
19.04](https://medium.com/@chrishantha/encrypting-disks-on-ubuntu-19-04-b50bfc65182a)
|
||||||
|
- With these questions answered, we can perform the installation.
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
|
||||||
|
- Booting Ubuntu 20.04 LTS live image with `Try Ubuntu` option.
|
||||||
|
- Verify that we are using UEFI: `$ [ -d /sys/firmware/efi ] && echo UEFI ||
|
||||||
|
echo BIOS`
|
||||||
|
- Give 1 GiB (or 500 MiB if you are short on space) for `/boot` using GParted and make a partition
|
||||||
|
for `/` as well, at least around 25 GB.
|
||||||
|
- `$ sudo cryptsetup luksFormat --type luks2 --key-size 512 --hash sha512
|
||||||
|
--use-random /dev/<root partition>`
|
||||||
|
- Defaults, spell it out if you want to be extra certain:
|
||||||
|
`--cipher aes-xts-plain64 --iter-time 2000 --verify-passphrase`
|
||||||
|
- `$ sudo cryptsetup open /dev/<root partition> rootfs`
|
||||||
|
- No need to overwrite data since it is originally BitLocker encrypted and would
|
||||||
|
cause loss of performance and lifespan of the SSD.
|
||||||
|
- `$ sudo pvcreate /dev/mapper/pvroot`
|
||||||
|
- `$ sudo vgcreate vgroot /dev/mapper/pvroot`
|
||||||
|
- `$ sudo lvcreate -n lvhome -L 10G vgroot` (`G` refers to GiB according to the
|
||||||
|
man page)
|
||||||
|
- Remember to monitor disk usage and when prompted, live extend the LVs!
|
||||||
|
- `$ sudo lvcreate -n lvroot -L 15G vgroot`
|
||||||
|
- Start the Ubuntu installation from the shortcut icon on Desktop.
|
||||||
|
- Choose extra software and set a password.
|
||||||
|
- Choose `Something else`.
|
||||||
|
- Format `/dev/<boot partition>` as ext4 and mount to `/boot`.
|
||||||
|
- Format `/dev/mapper/vgroot-lvroot` as ext4 and mount to `/`.
|
||||||
|
- Format `/dev/mapper/vgroot-lvhome` as ext4 and mount to `/home`.
|
||||||
|
- Choose the main disk (`/dev/sd?`) as the `Device for boot loader
|
||||||
|
installation`.
|
||||||
|
- Name the parititions if you are feeling fancy.
|
||||||
|
- Once the installation is complete, click `Continue Testing` to make necessary
|
||||||
|
changes to load the encrypted partitions at startup.
|
||||||
|
- Make note of the UUID: `$ sudo blkid /dev/<root partition>`
|
||||||
|
- Mount the installed Ubuntu OS on `/mnt` and use `chroot` to change the root
|
||||||
|
directory to `/mnt`.
|
||||||
|
```
|
||||||
|
$ sudo mount /dev/mapper/vgroot-lvroot /mnt
|
||||||
|
$ sudo mount /dev/<boot partition> /mnt/boot
|
||||||
|
$ sudo mount --bind /dev /mnt/dev
|
||||||
|
$ sudo chroot /mnt
|
||||||
|
# mount -t proc proc /proc
|
||||||
|
# mount -t sysfs sys /sys
|
||||||
|
# mount -t devpts devpts /dev/pts
|
||||||
|
```
|
||||||
|
- In the chroot: `# vi /etc/crypttab`
|
||||||
|
- Add the following lines to it (replacing `<UUID_ROOTFS>` from the value
|
||||||
|
obtained from `blkid` command earlier):
|
||||||
|
```
|
||||||
|
# <target name> <source device> <key file> <options>
|
||||||
|
pvroot UUID=<UUID_ROOTFS> none luks,discard
|
||||||
|
```
|
||||||
|
- This guide assumes you have an SSD so we have `discard`.
|
||||||
|
- Update the Linux kernel to load encrypted partitions at startup: `#
|
||||||
|
update-initramfs -k all -c`
|
||||||
|
- Exit the chroot shell.
|
||||||
|
- Reboot.
|
||||||
|
- Select Enroll MOK at the blue screen MOK manager. Be quick! After a minute
|
||||||
|
or so it would reboot and you only get one chance.
|
||||||
|
- Select continue and yes.
|
||||||
|
|
||||||
|
## Post Install
|
||||||
|
|
||||||
|
- Adjust the boot sequence in UEFI if you want to boot Windows first.
|
||||||
|
- `$ timedatectl set-local-rtc 1 --adjust-system-clock` to prevent different
|
||||||
|
system clock time when dual booting.
|
||||||
|
- Install and configure Dislocker to access Windows BitLocker drives.
|
311
setup/ubuntu-setup.md
Normal file
311
setup/ubuntu-setup.md
Normal file
@ -0,0 +1,311 @@
|
|||||||
|
# Ubuntu Setup
|
||||||
|
|
||||||
|
Here's my personal Ubuntu 22.04 setup. (Make sure to enable Wayland on Nvidia!)
|
||||||
|
|
||||||
|
- Set font size in Terminal to 15 and initial column count to 85
|
||||||
|
- Must haves:
|
||||||
|
- `sudo apt install curl earlyoom ffmpeg flatpak git gnome-clocks \
|
||||||
|
gnome-shell-pomodoro gnome-software-plugin-flatpak gnome-sound-recorder \
|
||||||
|
gnome-todo gnome-weather goldendict gparted keepassxc mosh obs-studio \
|
||||||
|
shadowsocks-libev sshfs synaptic tmux trash-cli vim-gtk3 vlc \
|
||||||
|
gnome-boxes wl-clipboard needrestart deja-dup ufw ddcutil`
|
||||||
|
- Optional:
|
||||||
|
- `sudo apt install openjdk-17-jdk gthumb gnome-usage ranger
|
||||||
|
gnome-firmware gnome-games gnome-nettool qpdf pulseeffects
|
||||||
|
gnome-packagekit gnome-passwordsafe mkvtoolnix-gui virtualbox-qt syncplay`
|
||||||
|
- Remove all snaps:
|
||||||
|
- ```
|
||||||
|
sudo apt autoremove --purge snapd
|
||||||
|
sudo apt-mark hold snapd
|
||||||
|
trash ~/snap
|
||||||
|
```
|
||||||
|
- FlatHub:
|
||||||
|
- `flatpak remote-add --if-not-exists flathub
|
||||||
|
https://flathub.org/repo/flathub.flatpakrepo`
|
||||||
|
- Allocate 8GiB for swap
|
||||||
|
```
|
||||||
|
sudo swapoff /swapfile
|
||||||
|
sudo fallocate -l 8GiB /swapfile
|
||||||
|
sudo mkswap /swapfile
|
||||||
|
sudo swapon /swapfile
|
||||||
|
```
|
||||||
|
- Early OOM config: edit `/etc/default/earlyoom` and add:
|
||||||
|
- `--avoid
|
||||||
|
'(^|/)(systemd|sshd|mosh-server|ssh|vim|sudo|sudoedit|gnome-shell|gnome-terminal-)$'
|
||||||
|
--prefer '(^|/)(Web Content|Isolated Web Co)$'`
|
||||||
|
- Firefox
|
||||||
|
- Change default zoom to 110%
|
||||||
|
- Enable HTTPS only
|
||||||
|
- Proxy DNS when using SOCKS v5
|
||||||
|
- Enable DNS over HTTPS
|
||||||
|
- In `about:config` set `browser.sessionstore.max_windows_undo` to 10.
|
||||||
|
- Go to settings -> `Region & Language` and install `Chinese (simplified)`.
|
||||||
|
|
||||||
|
## Optional packages
|
||||||
|
|
||||||
|
- `clangd` for VSCodium C language server with
|
||||||
|
`llvm-vs-code-extensions.vscode-clangd` (?)
|
||||||
|
- `imagemagick` for `convert`, comment out with `<!-- -->` PDF policy in
|
||||||
|
`/etc/ImageMagick-6/policy.xml` (?)
|
||||||
|
- Cross compiling (?)
|
||||||
|
- `gcc-aarch64-linux-gnu`
|
||||||
|
- `gcc-arm-linux-gnueabihf`
|
||||||
|
|
||||||
|
## UFW
|
||||||
|
|
||||||
|
`$ sudo ufw enable`
|
||||||
|
|
||||||
|
## Wayland (?)
|
||||||
|
|
||||||
|
- `sudoedit /usr/lib/udev/rules.d/61-gdm.rules` and comment the two uncommented
|
||||||
|
lines
|
||||||
|
- Reboot or restart gdm3 (didn't try)
|
||||||
|
|
||||||
|
## Apps
|
||||||
|
|
||||||
|
- gnome-tweaks
|
||||||
|
- `sudo apt install gnome-tweaks`
|
||||||
|
- Swap capslock and ESC in `Keyboard & Mouse` -> `Additional Layout Options`
|
||||||
|
-> `Caps Lock behavior`
|
||||||
|
- Change `Mouse Click Emulation` to `Area`
|
||||||
|
- Turn on weekdays and battery percentage in `Top Bar`
|
||||||
|
- Flat mouse acceleration profile
|
||||||
|
- Turn off suspend when closing lid
|
||||||
|
- Extensions
|
||||||
|
- `sudo apt install gnome-shell-extensions`
|
||||||
|
- Turn on:
|
||||||
|
- `Applications menu`
|
||||||
|
- `Places status indicator`
|
||||||
|
- `Windownavigator`
|
||||||
|
- `Workspace Indicator`
|
||||||
|
- Note: to manually install Gnome extensions, unzip it and copy the `uuid`
|
||||||
|
field in `metadata.json` and rename the directory to this name, then move
|
||||||
|
to `~/.local/share/gnome-shell/extensions` and logout and login.
|
||||||
|
- GSConnect
|
||||||
|
- `sudo apt install gnome-shell-extension-gsconnect`
|
||||||
|
- Uncheck SFTP auto mount
|
||||||
|
- Add commands:
|
||||||
|
- `Lock`: `loginctl lock-session`
|
||||||
|
- `Quack`: `ffplay -v quiet -nodisp -autoexit ~/Music/'.Not
|
||||||
|
Music'/Ringtones/Quack.mp3`
|
||||||
|
- UFW:
|
||||||
|
- `sudo ufw allow 1716:1764/tcp`
|
||||||
|
- `sudo ufw allow 1716:1764/udp`
|
||||||
|
- Flatseal
|
||||||
|
- `flatpak install flathub com.github.tchx84.Flatseal`
|
||||||
|
- VSCodium
|
||||||
|
- `flatpak install flathub com.vscodium.codium`
|
||||||
|
- OBS Studio
|
||||||
|
- `$ sudo apt install qtwayland5`
|
||||||
|
- In `/usr/share/applications/com.obsproject.Studio.desktop`, replace
|
||||||
|
`Exec=obs` with `Exec=sh -c '[ "$XDG_SESSION_TYPE" = "wayland" ] && obs
|
||||||
|
-platform wayland || obs'`
|
||||||
|
- Birdtray
|
||||||
|
- `$ sudo apt install birdtray`
|
||||||
|
- Configure it by running `birdtray` and clicking on the tray icon
|
||||||
|
- In Startup Applications Preference:
|
||||||
|
- Name: `Birdtray`
|
||||||
|
- Command: `sh -c "sleep 20 && /usr/bin/birdtray"`
|
||||||
|
- Comment: `Minimize to tray for Thunderbird`
|
||||||
|
- Wait for bugs to be fixed before removing sleep:
|
||||||
|
- <https://github.com/gyunaev/birdtray/issues/362>
|
||||||
|
- <https://github.com/gyunaev/birdtray/issues/430>
|
||||||
|
- Hiding: check all except hide/show by clicking icon
|
||||||
|
- Gnome Calendar
|
||||||
|
- Add Google accounts in online accounts
|
||||||
|
- On older versions of Ubuntu < 22.04, not tested for 22.04:
|
||||||
|
- Wait for a bit, it's kinda buggy but it will work at the end (wait for ~2
|
||||||
|
days)
|
||||||
|
- Golden Dict
|
||||||
|
- Import dictionaries in `~/.software/goldendict/stardict-cc-cedict`
|
||||||
|
- Don't search in dictionaries contains more then 10000 articles
|
||||||
|
- <https://einverne.github.io/post/2018/08/goldendict.html>
|
||||||
|
- Xournal++
|
||||||
|
- `sudo apt install xournalpp texlive-latex-extra`
|
||||||
|
- < Ubuntu 22.04
|
||||||
|
- `flatpak install flathub com.github.xournalpp.xournalpp`
|
||||||
|
- `flatpak install flathub org.freedesktop.Sdk.Extension.texlive` and
|
||||||
|
choose newest (21.08 at time of writing) for LaTeX support.
|
||||||
|
- cameractrls
|
||||||
|
- `flatpak install hu.irl.cameractrls`
|
||||||
|
- Minecraft
|
||||||
|
- TODO: PolyMC just had some problems
|
||||||
|
- To host servers: `sudo ufw allow 25565/tcp`
|
||||||
|
- Bottles
|
||||||
|
- `flatpak install flathub com.usebottles.bottles`
|
||||||
|
- Discord
|
||||||
|
- `flatpak install flathub com.discordapp.Discord`
|
||||||
|
- Slack
|
||||||
|
- `flatpak install flathub com.slack.Slack`
|
||||||
|
- Zoom
|
||||||
|
- `flatpak install flathub us.zoom.Zoom`
|
||||||
|
|
||||||
|
## Optional Apps
|
||||||
|
|
||||||
|
- Impatience (adjust Gnome animation speed)
|
||||||
|
- `sudo apt install gnome-shell-extension-impatience`
|
||||||
|
- Enable in extensions and set speed to 0.7
|
||||||
|
- Wobbly Windows (?)
|
||||||
|
- From
|
||||||
|
<https://extensions.gnome.org/extension/2950/compiz-alike-windows-effect/>
|
||||||
|
- Turn off maximize effect
|
||||||
|
- Increase restore factor to 5
|
||||||
|
- System monitor
|
||||||
|
- `$ sudo apt install gnome-shell-extension-system-monitor`
|
||||||
|
- Show only CPU (digit and graph) and memory (digit).
|
||||||
|
- OpenWeatherMap
|
||||||
|
- `$ sudo apt install gnome-shell-extension-weather`
|
||||||
|
- On older systems (< 21.04), download and install from
|
||||||
|
`https://extensions.gnome.org/extension/750/openweather/`
|
||||||
|
- Set location to La Jolla
|
||||||
|
- Switch to metric units
|
||||||
|
- VSCodium
|
||||||
|
- `flatpak install flathub com.vscodium.codium`
|
||||||
|
- Birdtray
|
||||||
|
- `$ sudo apt install birdtray`
|
||||||
|
- Configure it by running `birdtray` and clicking on the tray icon
|
||||||
|
- In Startup Applications Preference:
|
||||||
|
- Name: `Birdtray`
|
||||||
|
- Command: `sh -c "sleep 20 && /usr/bin/birdtray"`
|
||||||
|
- Comment: `Minimize to tray for Thunderbird`
|
||||||
|
- Wait for bugs to be fixed before removing sleep:
|
||||||
|
- <https://github.com/gyunaev/birdtray/issues/362>
|
||||||
|
- <https://github.com/gyunaev/birdtray/issues/430>
|
||||||
|
- Hiding: check all except hide/show by clicking icon
|
||||||
|
- Broken on Wayland
|
||||||
|
- Android Studio
|
||||||
|
- Move `Ctrl+S` from IdeaVim to IDE
|
||||||
|
- Enabled `Mark modified (*)`
|
||||||
|
- Disable both `Save files on frame deactivation` and `Save files
|
||||||
|
automatically if application is idle`
|
||||||
|
|
||||||
|
## Grub background
|
||||||
|
|
||||||
|
### Tool
|
||||||
|
|
||||||
|
- `$ sudo apt install grub-customizer`
|
||||||
|
- Put in background manually
|
||||||
|
|
||||||
|
### Manual Script
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo mkdir /opt/grub
|
||||||
|
sudo cp -r background/ /boot/grub/
|
||||||
|
sudo chown -R root:root /opt/grub
|
||||||
|
sudo chmod -R 700 /opt/grub
|
||||||
|
```
|
||||||
|
|
||||||
|
- Add the following lines to `/opt/grub/cycle-backgrounds.sh`:
|
||||||
|
```
|
||||||
|
#!/bin/sh
|
||||||
|
cd /boot/grub/background
|
||||||
|
mv background.png tmp.png
|
||||||
|
mv background-1.png background.png
|
||||||
|
mv tmp.png background-1.png
|
||||||
|
```
|
||||||
|
- `$ sudo chown root:root /opt/grub/cycle-backgrounds.sh`
|
||||||
|
- `$ sudo chmod 700 /opt/grub/cycle-backgrounds.sh`
|
||||||
|
- Add `@reboot /opt/grub/cycle-backgrounds.sh` to root crontab.
|
||||||
|
- In `/etc/default/grub`:
|
||||||
|
- Add `GRUB_BACKGROUND=/boot/grub/background/background.png`
|
||||||
|
- Change `GRUB_TIMEOUT=10` to `GRUB_TIMEOUT=3`
|
||||||
|
- `$ sudo update-grub`
|
||||||
|
|
||||||
|
## OpenSSH Server & Mosh
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo apt install -y openssh-server mosh
|
||||||
|
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
|
||||||
|
sudo cp ../system/sshd_config /etc/ssh/sshd_config
|
||||||
|
sudo groupadd --system ssh-users
|
||||||
|
sudo usermod -aG ssh-users $(whoami)
|
||||||
|
mkdir -p ~/.ssh
|
||||||
|
chmod 700 ~/.ssh
|
||||||
|
touch ~/.ssh/authorized_keys
|
||||||
|
chmod 600 ~/.ssh/authorized_keys
|
||||||
|
# insert your SSH public keys into the file
|
||||||
|
sudo ufw limit 22/tcp
|
||||||
|
sudo ufw allow 60001:60999/udp
|
||||||
|
sudo systemctl restart ssh
|
||||||
|
```
|
||||||
|
|
||||||
|
## See logs as admin
|
||||||
|
|
||||||
|
`sudo usermod -aG adm $(whoami)`
|
||||||
|
|
||||||
|
## Proton black screen fix (?)
|
||||||
|
|
||||||
|
Source:
|
||||||
|
<https://github.com/ValveSoftware/steam-runtime/issues/312#issuecomment-739441559>
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo mv /usr/share/vulkan/icd.d/intel_icd.x86_64.json \
|
||||||
|
/usr/share/vulkan/icd.d/intel_icd.x86_64.json.disabled
|
||||||
|
```
|
||||||
|
|
||||||
|
## Proprietary encodings (?)
|
||||||
|
|
||||||
|
- `$ sudo apt install ubuntu-restricted-extras`
|
||||||
|
|
||||||
|
## Dual boot
|
||||||
|
|
||||||
|
### Dislocker
|
||||||
|
|
||||||
|
```
|
||||||
|
$ sudo apt install dislocker
|
||||||
|
$ sudo mkdir /media/"$(whoami)" /mnt/dislocker /opt/dislocker
|
||||||
|
$ sudo chmod 700 /media/"$(whoami)" /mnt/dislocker /opt/dislocker
|
||||||
|
$ sudo chown $user:$user /media/"$(whoami)"
|
||||||
|
$ sudo chown root:root /mnt/dislocker /opt/dislocker
|
||||||
|
```
|
||||||
|
|
||||||
|
Copy the `.BEK` file to `/opt/dislocker/"$(whoami)".bek`.
|
||||||
|
|
||||||
|
```
|
||||||
|
$ sudo chown root:root /opt/dislocker/"$(whoami)".bek
|
||||||
|
$ sudo chmod 700 /opt/dislocker/"$(whoami)".bek
|
||||||
|
```
|
||||||
|
|
||||||
|
Add the following lines to `/etc/fstab` with `<user>` replaced:
|
||||||
|
|
||||||
|
```
|
||||||
|
/dev/nvme0n1p6 /mnt/dislocker fuse.dislocker nofail,nouser,umask=0077,bekfile=/opt/dislocker/<user>.bek 0 0
|
||||||
|
/mnt/dislocker/dislocker-file /media/<user> auto nofail,umask=0077,gid=<user>,uid=<user> 0 0
|
||||||
|
```
|
||||||
|
|
||||||
|
Mount manually with:
|
||||||
|
```
|
||||||
|
$ sudo dislocker /dev/nvmen1p6 -p -- /mnt/dislocker
|
||||||
|
$ sudo mount -o loop /mnt/dislocker/dislocker-file /media/"$(whoami)"
|
||||||
|
```
|
||||||
|
|
||||||
|
## Hardware specific
|
||||||
|
|
||||||
|
### Nvidia proprietary driver screen tearing fix
|
||||||
|
|
||||||
|
For Ubuntu < 22.04: `echo 'options nvidia-drm modeset=1' | sudo tee
|
||||||
|
/etc/modprobe.d/nvidia-drm-nomodeset.conf > /dev/null`
|
||||||
|
|
||||||
|
### Digimend for Huion tablet (works with H640p)
|
||||||
|
|
||||||
|
- = 20.10 & using wayland: no longer necessary
|
||||||
|
- = 21.04:
|
||||||
|
- `$ sudo apt install digimend-dkms`
|
||||||
|
- Reboot.
|
||||||
|
- < 21.04:
|
||||||
|
- Download and install from
|
||||||
|
`https://github.com/DIGImend/digimend-kernel-drivers`.
|
||||||
|
|
||||||
|
### Razer mouse
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo add-apt-repository ppa:polychromatic/stable
|
||||||
|
sudo apt install openrazer-meta polychromatic
|
||||||
|
```
|
||||||
|
|
||||||
|
## Workarounds
|
||||||
|
|
||||||
|
- [Blanked screen doesn't wake up after locking \[drmModeAtomicCommit: Argument
|
||||||
|
invalide\] \[drmModeAtomicCommit: Invalid
|
||||||
|
argument\]](https://bugs.launchpad.net/ubuntu/+source/mutter/+bug/1968040)
|
||||||
|
- Put `MUTTER_DEBUG_ENABLE_ATOMIC_KMS=0` in `/etc/environment`
|
62
setup/ubuntu-user-config.md
Normal file
62
setup/ubuntu-user-config.md
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
# Ubuntu User Configuration
|
||||||
|
|
||||||
|
This document includes configuration that is per user and remembered in the home
|
||||||
|
directory.
|
||||||
|
|
||||||
|
- Clone the terminal configs
|
||||||
|
- `git clone https://git.duckduckwhale.com/DuckDuckWhale/dotfiles`
|
||||||
|
- Open Vim and type `:PlugInstall`
|
||||||
|
|
||||||
|
## Settings
|
||||||
|
|
||||||
|
- Go to `Appearance` and choose dark mode
|
||||||
|
- Go to `Date & Time` and use am/pm
|
||||||
|
- Go to `Displays` and enable night light
|
||||||
|
- Go to `Power` and change `Power Button Action` to `Suspend`.
|
||||||
|
- Go to `Privacy -> File History & Trash` and auto delete everything in 30 days
|
||||||
|
- Go to `Multitasking` and choose `Workspaces on all displays` and `Hot Corner`
|
||||||
|
- Application switching?
|
||||||
|
|
||||||
|
## Firefox
|
||||||
|
|
||||||
|
- Check open previous windows and tabs
|
||||||
|
- Setup Multi-Account Containers
|
||||||
|
- Change shortcuts to `Ctrl`+<#>
|
||||||
|
|
||||||
|
## VS Codium
|
||||||
|
|
||||||
|
- `flatpak override --user --env=FLATPAK_ISOLATE_PACKAGES=0
|
||||||
|
com.vscodium.codium`
|
||||||
|
- Reason:
|
||||||
|
`https://github.com/flathub/ide-flatpak-wrapper/blob/master/vscode.sh`
|
||||||
|
|
||||||
|
## OBS record audio per app (may need adjustment > 22.04)
|
||||||
|
|
||||||
|
```
|
||||||
|
# configure pulse audio with obs-sink and loop it back to speakers
|
||||||
|
cat >> ~/.config/pulse/default.pa << 'EOF'
|
||||||
|
# include system default
|
||||||
|
.include /etc/pulse/default.pa
|
||||||
|
# sink that discard all input
|
||||||
|
load-module module-null-sink sink_name=obs-sink
|
||||||
|
# update human readable description in property list
|
||||||
|
update-sink-proplist obs-sink device.description="OBS Sink"
|
||||||
|
# replace <name> with name in first output of `pacmd list-sinks` inside angle
|
||||||
|
# brackets
|
||||||
|
# sink must be set, otherwise would be default and cause echoing
|
||||||
|
# latency_msec must be set, the lowest possible is 1 and default is 200
|
||||||
|
load-module module-loopback sink=<name> latency_msec=1
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# restart pulse audio
|
||||||
|
pulseaudio -k
|
||||||
|
|
||||||
|
# to configure output per app to different devices
|
||||||
|
sudo apt install pavucontrol
|
||||||
|
```
|
||||||
|
|
||||||
|
Source: <https://miyacogbf.github.io/mlgb/only-game-sound/>
|
||||||
|
|
||||||
|
## [Golden Dict](https://einverne.github.io/post/2018/08/goldendict.html)
|
||||||
|
- Import dictionaries in `~/.software/goldendict/stardict-cc-cedict`
|
||||||
|
- Don't search in dictionaries contains more then 10000 articles
|
Loading…
Reference in New Issue
Block a user