From 0477970c78ed8b1faa01567e7da535f18a4d559e Mon Sep 17 00:00:00 2001 From: ducoterra Date: Thu, 10 Feb 2022 11:33:26 -0500 Subject: [PATCH] Move README, arch.md, and framework.md Rework documentation and consolidate all framework docs into a framework_manjaro file. README is only for ansible now. --- README.md | 97 ----------- arch.md | 228 ------------------------- framework.md | 54 ------ framework_manjaro.md | 387 +++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 387 insertions(+), 379 deletions(-) delete mode 100644 arch.md delete mode 100644 framework.md create mode 100644 framework_manjaro.md diff --git a/README.md b/README.md index 0689ba3..433b77d 100644 --- a/README.md +++ b/README.md @@ -31,100 +31,3 @@ NOTE: Restore home directory and __REBOOT__ first ```bash ansible-playbook --ask-become-pass ansible/setup-full.yml ``` - -## BTRFS - -https://linoxide.com/how-to-take-backup-with-btrfs-snapshots/ - -```bash -# Create backup subvolume -btrfs subvolume create /mnt/backup/DucoBacktop - -# Create snapshot dir -mkdir /.snapshots - -# Create readonly snapshot -```bash -SNAPSHOT_TIME=$(date +"%y_%m_%d-%H.%M") -SNAPSHOT_NAME=home_$SNAPSHOT_TIME -SNAPSHOT_DIR=/.snapshots -btrfs subvolume snapshot -r /home $SNAPSHOT_DIR/$SNAPSHOT_NAME - -# Send a snapshot with no previous snapshot -export SNAPSHOT_DIR=${SNAPSHOT_DIR:=/.snapshots} -export BACKUP_DIR=${BACKUP_DIR:=/mnt/backup0/DucoBacktop} -btrfs send $SNAPSHOT_DIR/$SNAPSHOT_NAME | btrfs receive $BACKUP_DIR - -# Send a snapshot with previous snapshot -export SNAPSHOT_DIR=${SNAPSHOT_DIR:=/.snapshots} -export BACKUP_DIR=${BACKUP_DIR:=/mnt/backup0/DucoBacktop} -export LATEST=${LATEST:=/previous_snapshot} -btrfs send -p $SNAPSHOT_DIR/$LATEST $SNAPSHOT_DIR/$SNAPSHOT_NAME | btrfs receive $BACKUP_DIR - -# Clean up snapshots -find /.snapshots -maxdepth 1 -type d -not -path /.snapshots -exec sudo btrfs subvolume delete {} \; -``` - -## Luks - -```bash -# Create an encrypted drive -sudo cryptsetup luksFormat - - -# LUKS Disk Encryption can use up to 8 key slots to store passwords. We can use these keys to auto mount LUKS device. -# cryptsetup luksDump /dev/sda - -# Create a lukskeys -mkdir /home/ducoterra/.lukskeys - -# Generate key -dd if=/dev/random bs=32 count=1 of=/home/ducoterra/.lukskeys/backup0 - -# Change key mode -chmod 600 /home/ducoterra/.lukskeys - -# Luks add a key -sudo cryptsetup luksAddKey /dev/sda /home/ducoterra/.lukskeys/backup0 - -# Get UUID of disk with -sudo blkid /dev/sda - -# Add key to crypttab -echo 'backup0 UUID=1d7ce570-e695-47a0-9dda-5f14b5b20e21 /home/ducoterra/.lukskeys/backup0 luks' > /etc/cryptab - -# Create backup mount point -sudo mkdir -p /mnt/backup0 - -# Add to fstab -echo '/dev/mapper/backup0 /mnt/backup0 btrfs defaults,noatime,compress=zstd 0 0' > /etc/fstab - -# mount -sudo cryptsetup luksOpen /dev/disk/by-uuid/1d7ce570-e695-47a0-9dda-5f14b5b20e21 backup0 --key-file=/home/ducoterra/.lukskeys/backup0 - -# close (or fix issues) -sudo cryptsetup luksClose backup0 -``` - -## ISCSI - -```bash -# Login to portal -sudo iscsiadm -m discovery -t sendtargets -p freenas.dnet - -# Mount all targets -sudo iscsiadm -m node -l - -# Mount at boot -vim /etc/iscsi/nodes/iqn.2022-02.freenas.dnet:manjaro-backup/10.1.2.200,3260,1 - (/var/lib/iscsi/nodes/iqn.2022-02.freenas.dnet:manjaro-backup/10.1.2.200,3260,1/default) on fedora - -node.startup = automatic -``` - -## Steam - -Streaming not working? - -Steam > Settings > Remote Play > Advanced Client Options > -Uncheck Enable hardware decoding. diff --git a/arch.md b/arch.md deleted file mode 100644 index ccbeb36..0000000 --- a/arch.md +++ /dev/null @@ -1,228 +0,0 @@ -# Arch Linux - -## Hardware/Firmware - -### Kernels - -```bash -sudo pacman -S grub -``` - -Manjaro settings manager controls current kernel version. - -After installing a new kernel: - -```bash -sudo update-grub -``` - -Hold escape while rebooting to bring up grub menu - -### Display - -https://askubuntu.com/questions/11738/force-gdm-login-screen-to-the-primary-monitor - -Set the display configuration in the user settings the way you want it. - -This seems to be fixed. - -```bash -sudo cp ~/.config/monitors.xml /var/lib/gdm/.config  ✔  1m 20s  -sudo chown gdm:gdm /var/lib/gdm/.config/monitors.xml -``` - -### Swap - -https://rudd-o.com/linux-and-free-software/tales-from-responsivenessland-why-linux-feels-slow-and-how-to-fix-that - -https://wiki.archlinux.org/title/Swap - -#### Create a swapfile - -```bash -swapoff --all -truncate -s 0 /swap/swapfile -chattr +C /swap/swapfile -fallocate -l 4G /swap/swapfile -chmod 600 /swap/swapfile -mkswap /swap/swapfile -swapon /swap/swapfile -``` - -Add to /etc/fstab - -```text -/swapfile swap swap defaults,noatime 0 0 -``` - -#### Set swappiness - -```bash -sudo sysctl -w vm.swappiness=1 -``` - -sudo vim /etc/sysctl.d/99-swappiness.conf - -```text -vm.swappiness=1 -``` - -### CA File Import - -https://archlinux.org/news/ca-certificates-update/ - -```bash -# Move the crt (CA) to the correct location -cp dnet_ca.crt /etc/ca-certificates/trust-source/anchors/dnet_ca.crt - -# Update the CA store -trust extract-compat -``` - -### BTRFS Snapshots - -https://linuxhint.com/use-btrfs-snapshots/ - -```bash -cd /run/media/ducoterra/ -mkdir .snapshots - -# Take a snapshot -alias util-snapshot='btrfs subvolume snapshot $BACKUP_DRIVE $BACKUP_DRIVE/.snapshots/snapshot_$(date +"%H_%M_%S_%d_%m_%y")' -alias util-backup='util-snapshot && rsync -av --delete /home/ducoterra/ $BACKUP_DRIVE/home/ducoterra/' - -# Restore from a snapshot -cp .snapshots/v1/file . - -# Find files older than 7 days -find . -maxdepth 1 -mtime +7 -``` - -### Font - -```bash -wget https://github.com/tonsky/FiraCode/releases/download/6.2/Fira_Code_v6.2.zip -unzip Fira_Code_v6.2.zip -d Fira_Code -rsync -av Fira_Code/ttf/ ~/.local/share/fonts/ -``` - -## Apps - -### Bluetooth - -https://wiki.archlinux.org/title/Bluetooth - -```bash -sudo pacman -S bluez bluez-utils -sudo systemctl enable bluetooth -sudo systemctl start bluetooth -``` - -### Snap - -https://snapcraft.io/install/snap-store/manjaro - -```bash -sudo pacman -S snapd -sudo systemctl enable --now snapd.socket -sudo ln -s /var/lib/snapd/snap /snap -sudo snap install snap-store -``` - -### Chromium - -```bash -sudo pacman -Sy chromium -``` - -### VSCode - -Install from the snap store. - -### Steam - -Install steam-native from the software manager. - -### Mail - -#### iCloud - -| Field | Value | -| ------------------- | --------------------- | -| IMAP server | imap.mail.me.com | -| Connection security | TLS | -| Login name | ducoterra | -| SMTP server | smtp.mail.me.com | -| Connection security | StartTLS | -| Login | Use a different login | -| Login name | ducoterra@icloud.com | - -### Discord - -Install discord from software manager - -### Wireguard - -```bash -sudo pacman -S wireguard-tools -``` - -### Ping - -```bash -sudo pacman -S iputils -``` - -### Vault - -https://www.vaultproject.io/downloads - -```bash -unzip vault_1.9.2_linux_amd64.zip -sudo mv vault /usr/local/bin/vault -``` - -### AWS CLI - -https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html - -```bash -curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" -unzip awscliv2.zip -sudo ./aws/install -``` - -### ZFS - -Depending on your kernel (5.15 as of writing) install the following - -```bash -sudo pacman -Sy linux515-zfs - -zpool set cachefile=/etc/zfs/.cache -``` - -## Docker - -```bash -sudo pacman -S docker docker-compose -sudo usermod -aG docker ducoterra -sudo reboot -``` - -## Kubectl - -```bash -sudo pacman -S kubectl -``` - -## Spotify - -Install via snap store. - -## Minecraft - -```bash -git clone https://aur.archlinux.org/minecraft-launcher.git /tmp/minecraft-launcher -makepkg -si --noconfirm -``` diff --git a/framework.md b/framework.md deleted file mode 100644 index c1fe2d1..0000000 --- a/framework.md +++ /dev/null @@ -1,54 +0,0 @@ -# Framework Laptop - -## Citrix Client - -https://www.citrix.com/downloads/citrix-receiver/linux/receiver-for-linux-latest.html - -## Fingerprint Sensor - -### Sudo Auth - -Running ansible playbooks becomes impossible with the default fingerprint -configuration. Unfortunately, it's best to disable fingerprint auth for sudo -tasks. The way to do this is by editing /etc/pam.d/sudo and commenting out -pam_fprintd.so - -```conf -auth required pam_env.so -#auth sufficient pam_fprintd.so -auth sufficient pam_unix.so try_first_pass likeauth nullok -auth required pam_deny.so -auth include system-auth -account include system-auth -session include system-auth -``` - -Note: setting timeout=10 and max-retries=1 per the [pam_fprintd man -page](https://www.mankier.com/8/pam_fprintd) does not seem to work. For some -reason, ansible never hits the password authentication method and times out. - -### Errors - -"Device disconnected" on enrolling - -If you've enrolled fingerprints in another OS or in a previous installation you -might encounter this error. It prevents you from enrolling new fingerprints and -re-enrolling old fingerprints. Fortunately, there's an easy solution thanks to -[this incredible forum -post](https://community.frame.work/t/fingerprint-scanner-compatibility-with-linux-ubuntu-fedora-etc/1501/145). - -The problem lies in old fingerprints remaining on the reader without the host -OS knowing about them. When the host OS tries to enroll a new fingerprint that -already exists, the fingerprint reader chokes. The solution is to delete the -old fingerprints from the reader before enrolling new ones. This should be -included as part of the device bootstra process or as part of the devices wipe -process. - -Here's the process: - -```bash -# Delete all fingerprints from device -sudo python framework/libfprint_delete_device_prints.py -d -``` - -That's it! Should work again. diff --git a/framework_manjaro.md b/framework_manjaro.md new file mode 100644 index 0000000..ab0fcea --- /dev/null +++ b/framework_manjaro.md @@ -0,0 +1,387 @@ +# Framework Laptop with Manjaro + +## Steam + +Streaming not working? + +Steam > Settings > Remote Play > Advanced Client Options > +Uncheck Enable hardware decoding. + +## Backups + +Timeshift: btrfs snapshots + +Deja Dupe/Duplicity: Daily Backups to external drive + +## Minecraft + +https://www.minecraft.net/en-us/download + +## Citrix Client + +https://www.citrix.com/downloads/citrix-receiver/linux/receiver-for-linux-latest.html + +## Fingerprint Sensor + +### Sudo Auth + +Running ansible playbooks becomes impossible with the default fingerprint +configuration. Unfortunately, it's best to disable fingerprint auth for sudo +tasks. The way to do this is by editing /etc/pam.d/sudo and commenting out +pam_fprintd.so + +```conf +auth required pam_env.so +#auth sufficient pam_fprintd.so +auth sufficient pam_unix.so try_first_pass likeauth nullok +auth required pam_deny.so +auth include system-auth +account include system-auth +session include system-auth +``` + +Note: setting timeout=10 and max-retries=1 per the [pam_fprintd man +page](https://www.mankier.com/8/pam_fprintd) does not seem to work. For some +reason, ansible never hits the password authentication method and times out. + +### Errors + +"Device disconnected" on enrolling + +If you've enrolled fingerprints in another OS or in a previous installation you +might encounter this error. It prevents you from enrolling new fingerprints and +re-enrolling old fingerprints. Fortunately, there's an easy solution thanks to +[this incredible forum +post](https://community.frame.work/t/fingerprint-scanner-compatibility-with-linux-ubuntu-fedora-etc/1501/145). + +The problem lies in old fingerprints remaining on the reader without the host +OS knowing about them. When the host OS tries to enroll a new fingerprint that +already exists, the fingerprint reader chokes. The solution is to delete the +old fingerprints from the reader before enrolling new ones. This should be +included as part of the device bootstra process or as part of the devices wipe +process. + +Here's the process: + +```bash +# Delete all fingerprints from device +sudo python framework/libfprint_delete_device_prints.py -d +``` + +That's it! Should work again. + +## BTRFS + +https://linoxide.com/how-to-take-backup-with-btrfs-snapshots/ + +```bash +# Create backup subvolume +btrfs subvolume create /mnt/backup/DucoBacktop + +# Create snapshot dir +mkdir /.snapshots + +# Create readonly snapshot +```bash +SNAPSHOT_TIME=$(date +"%y_%m_%d-%H.%M") +SNAPSHOT_NAME=home_$SNAPSHOT_TIME +SNAPSHOT_DIR=/.snapshots +btrfs subvolume snapshot -r /home $SNAPSHOT_DIR/$SNAPSHOT_NAME + +# Send a snapshot with no previous snapshot +export SNAPSHOT_DIR=${SNAPSHOT_DIR:=/.snapshots} +export BACKUP_DIR=${BACKUP_DIR:=/mnt/backup0/DucoBacktop} +btrfs send $SNAPSHOT_DIR/$SNAPSHOT_NAME | btrfs receive $BACKUP_DIR + +# Send a snapshot with previous snapshot +export SNAPSHOT_DIR=${SNAPSHOT_DIR:=/.snapshots} +export BACKUP_DIR=${BACKUP_DIR:=/mnt/backup0/DucoBacktop} +export LATEST=${LATEST:=/previous_snapshot} +btrfs send -p $SNAPSHOT_DIR/$LATEST $SNAPSHOT_DIR/$SNAPSHOT_NAME | btrfs receive $BACKUP_DIR + +# Clean up snapshots +find /.snapshots -maxdepth 1 -type d -not -path /.snapshots -exec sudo btrfs subvolume delete {} \; +``` + +## Luks + +```bash +# Create an encrypted drive +sudo cryptsetup luksFormat + +# LUKS Disk Encryption can use up to 8 key slots to store passwords. We can use these keys to auto mount LUKS device. +# cryptsetup luksDump /dev/sda + +# Create a lukskeys +mkdir /home/ducoterra/.lukskeys + +# Generate key +dd if=/dev/random bs=32 count=1 of=/home/ducoterra/.lukskeys/backup0 + +# Change key mode +chmod 600 /home/ducoterra/.lukskeys + +# Luks add a key +sudo cryptsetup luksAddKey /dev/sda /home/ducoterra/.lukskeys/backup0 + +# Get UUID of disk with +sudo blkid /dev/sda + +# Add key to crypttab +echo 'backup0 UUID=1d7ce570-e695-47a0-9dda-5f14b5b20e21 /home/ducoterra/.lukskeys/backup0 luks' > /etc/cryptab + +# Create backup mount point +sudo mkdir -p /mnt/backup0 + +# Add to fstab +echo '/dev/mapper/backup0 /mnt/backup0 btrfs defaults,noatime,compress=zstd 0 0' > /etc/fstab + +# mount +sudo cryptsetup luksOpen /dev/disk/by-uuid/1d7ce570-e695-47a0-9dda-5f14b5b20e21 backup0 --key-file=/home/ducoterra/.lukskeys/backup0 + +# close (or fix issues) +sudo cryptsetup luksClose backup0 +``` + +## ISCSI + +```bash +# Login to portal +sudo iscsiadm -m discovery -t sendtargets -p freenas.dnet + +# Mount all targets +sudo iscsiadm -m node -l + +# Mount at boot +vim /etc/iscsi/nodes/iqn.2022-02.freenas.dnet:manjaro-backup/10.1.2.200,3260,1 + (/var/lib/iscsi/nodes/iqn.2022-02.freenas.dnet:manjaro-backup/10.1.2.200,3260,1/default) on fedora + +node.startup = automatic +``` + +## Hardware/Firmware + +### Kernels + +```bash +sudo pacman -S grub +``` + +Manjaro settings manager controls current kernel version. + +After installing a new kernel: + +```bash +sudo update-grub +``` + +Hold escape while rebooting to bring up grub menu + +### Display + +https://askubuntu.com/questions/11738/force-gdm-login-screen-to-the-primary-monitor + +Set the display configuration in the user settings the way you want it. + +This seems to be fixed. + +```bash +sudo cp ~/.config/monitors.xml /var/lib/gdm/.config  ✔  1m 20s  +sudo chown gdm:gdm /var/lib/gdm/.config/monitors.xml +``` + +### Swap + +https://rudd-o.com/linux-and-free-software/tales-from-responsivenessland-why-linux-feels-slow-and-how-to-fix-that + +https://wiki.archlinux.org/title/Swap + +#### Create a swapfile + +```bash +swapoff --all +truncate -s 0 /swap/swapfile +chattr +C /swap/swapfile +fallocate -l 4G /swap/swapfile +chmod 600 /swap/swapfile +mkswap /swap/swapfile +swapon /swap/swapfile +``` + +Add to /etc/fstab + +```text +/swapfile swap swap defaults,noatime 0 0 +``` + +#### Set swappiness + +```bash +sudo sysctl -w vm.swappiness=1 +``` + +sudo vim /etc/sysctl.d/99-swappiness.conf + +```text +vm.swappiness=1 +``` + +### CA File Import + +https://archlinux.org/news/ca-certificates-update/ + +```bash +# Move the crt (CA) to the correct location +cp dnet_ca.crt /etc/ca-certificates/trust-source/anchors/dnet_ca.crt + +# Update the CA store +trust extract-compat +``` + +### BTRFS Snapshots + +https://linuxhint.com/use-btrfs-snapshots/ + +```bash +cd /run/media/ducoterra/ +mkdir .snapshots + +# Take a snapshot +alias util-snapshot='btrfs subvolume snapshot $BACKUP_DRIVE $BACKUP_DRIVE/.snapshots/snapshot_$(date +"%H_%M_%S_%d_%m_%y")' +alias util-backup='util-snapshot && rsync -av --delete /home/ducoterra/ $BACKUP_DRIVE/home/ducoterra/' + +# Restore from a snapshot +cp .snapshots/v1/file . + +# Find files older than 7 days +find . -maxdepth 1 -mtime +7 +``` + +### Font + +```bash +wget https://github.com/tonsky/FiraCode/releases/download/6.2/Fira_Code_v6.2.zip +unzip Fira_Code_v6.2.zip -d Fira_Code +rsync -av Fira_Code/ttf/ ~/.local/share/fonts/ +``` + +## Apps + +### Bluetooth + +https://wiki.archlinux.org/title/Bluetooth + +```bash +sudo pacman -S bluez bluez-utils +sudo systemctl enable bluetooth +sudo systemctl start bluetooth +``` + +### Snap + +https://snapcraft.io/install/snap-store/manjaro + +```bash +sudo pacman -S snapd +sudo systemctl enable --now snapd.socket +sudo ln -s /var/lib/snapd/snap /snap +sudo snap install snap-store +``` + +### Chromium + +```bash +sudo pacman -Sy chromium +``` + +### VSCode + +Install from the snap store. + +### Steam + +Install steam-native from the software manager. + +### Mail + +#### iCloud + +| Field | Value | +| ------------------- | --------------------- | +| IMAP server | imap.mail.me.com | +| Connection security | TLS | +| Login name | ducoterra | +| SMTP server | smtp.mail.me.com | +| Connection security | StartTLS | +| Login | Use a different login | +| Login name | ducoterra@icloud.com | + +### Discord + +Install discord from software manager + +### Wireguard + +```bash +sudo pacman -S wireguard-tools +``` + +### Ping + +```bash +sudo pacman -S iputils +``` + +### Vault + +https://www.vaultproject.io/downloads + +```bash +unzip vault_1.9.2_linux_amd64.zip +sudo mv vault /usr/local/bin/vault +``` + +### AWS CLI + +https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html + +```bash +curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" +unzip awscliv2.zip +sudo ./aws/install +``` + +### ZFS + +Depending on your kernel (5.15 as of writing) install the following + +```bash +sudo pacman -Sy linux515-zfs + +zpool set cachefile=/etc/zfs/.cache +``` + +## Docker + +```bash +sudo pacman -S docker docker-compose +sudo usermod -aG docker ducoterra +sudo reboot +``` + +## Kubectl + +```bash +sudo pacman -S kubectl +``` + +## Spotify + +Install via snap store. + +## Minecraft + +```bash +git clone https://aur.archlinux.org/minecraft-launcher.git /tmp/minecraft-launcher +makepkg -si --noconfirm +```