server/Workstation
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update base, workstation, gaming

Browse Source
This commit is contained in:
Reese Wells
2023-08-31 00:21:58 -04:00
parent 98962eea3a
commit 4604be298b
3 changed files with 253 additions and 166 deletions
Download Patch File Download Diff File Expand all files Collapse all files

239
arch/base.md
View File

@@ -40,6 +40,7 @@ I have instructions for building a:
- [Don't sleep while plugged in](#dont-sleep-while-plugged-in)
- [Bluetooth](#bluetooth)
- [Audio](#audio)
- [ISCSI](#iscsi)
- [Software Stores](#software-stores)
- [AppImage Support](#appimage-support)
- [Troubleshooting](#troubleshooting)
@@ -48,12 +49,6 @@ I have instructions for building a:
- [Firefox](#firefox)
- [Gnome Extensions](#gnome-extensions)
- [CUPS Printing](#cups-printing)
- [Discord](#discord)
- [Steam](#steam)
- [XWayland](#xwayland)
- [ISCSI](#iscsi)
- [Wine](#wine)
- [Spotify](#spotify)
- [Yubikey](#yubikey)
- [Bashrc](#bashrc)
- [Unecessary](#unecessary)
@@ -65,7 +60,6 @@ I have instructions for building a:
- [Deprecated Security](#deprecated-security)
- [Firejail](#firejail)
## Installation
### Preparation
@@ -127,7 +121,7 @@ Follow most of the instructions here:
save this somewhere. I recommend having an encrypted partition on your
installation drive to which you can write a few bytes of text.
`echo $(pwgen 8 5) | sed 's/ /-/g' > root-key.txt`
`echo -n $(pwgen 8 5) | sed 's/ /-/g' > root-key.txt`
8. `cryptsetup luksFormat /dev/vda2 --key-file /path/to/root-key.txt`
9. `cryptsetup luksOpen /dev/vda2 root --key-file /path/to/root-key.txt`
@@ -153,7 +147,7 @@ Follow most of the instructions here:
18. `arch-chroot /mnt`
19. `ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime`
20. `hwclock --systohc`
21. `echo 'LANG=en_US.UTF-8' > /etc/locale.gen`
21. `echo 'en_US.UTF-8 UTF-8' > /etc/locale.gen`
22. `echo 'KEYMAP=us' > /etc/vconsole.conf`
23. `echo 'hostname' > /etc/hostname`
24. `pacman -S sudo vim dhclient dhcpcd bash-completion btrfs-progs plymouth`
@@ -436,7 +430,7 @@ Access Modes
#### ClamAV
1. `pacman -S clamav`
2. `clamscan --recursive /path/to/dir`
2. `clamscan --recursive --infected /path/to/dir`
- OR -
@@ -452,7 +446,7 @@ cd Downloads
wget https://raw.githubusercontent.com/digint/btrbk/master/btrbk
clamscan .
chmod +x btrbk
sudo mv btbrk /usr/bin/
sudo mv btrbk /usr/bin/
```
##### fstab
@@ -489,22 +483,22 @@ btrbk -c /etc/btrbk/snapshots.conf run
snapshot_preserve 14d
# root
volume /mnt/btr_pools/root
volume /btr_pools/root
subvolume root
snapshot_dir .snapshots
# home
volume /mnt/btr_pools/root
volume /btr_pools/root
subvolume home
snapshot_dir .snapshots
# libvirt
volume /mnt/btr_pools/root
volume /btr_pools/root
subvolume libvirt
snapshot_dir .snapshots
# nextcloud
volume /mnt/btr_pools/root
volume /btr_pools/root
subvolume nextcloud
snapshot_dir .snapshots
```
@@ -548,56 +542,20 @@ btrbk -c /etc/btrbk/snapshots.conf run
##### Backups
Before you begin, go through the usual process of setting up an encrypted drive:
Before you begin, go through the usual process of setting up an encrypted drive. If
you're using Gnome I recommend using the GUI since it handles encrypted USB drives
really nicely.
1. Install udisks2 for automatic usb drive mounting
The only thing I'd recommend doing manually is creating the mountpoint as a read-only
subvolume. This prevents backups from being written to the root device when the backup
disk isn't mounted.
```bash
pacman -S udisks2
```
```bash
btrfs sub create /btr_pools/backup
btrfs property set /btr_pools/backup ro true
```
2. Crypttab automatically loads keys named `<drive_name>.key` from `/etc/cryptsetup-keys.d`
```bash
mkdir /etc/cryptsetup-keys.d
```
3. Generate a sufficiently random key
```bash
dd if=/dev/urandom of=/etc/cryptsetup-keys.d/btr_backup.key bs=64 count=1`
```
4. Add the key to your backup drive
```bash
cryptsetup luksAddKey /dev/sda1 /etc/cryptsetup-keys.d/btr_backup.key
```
5. Create a crypttab entry
/etc/crypttab
```text
btr_backup UUID=a074a34c-1211-4f9a-a88c-071b4775fe54 none nofail
```
6. Create an fstab entry
/etc/fstab
```text
/dev/mapper/btr_backup /mnt/btr_backup btrfs rw,relatime,ssd,space_cache=v2,subvolid=5,comment=x-gvfs-show,nofail 0 0
```
7. Create a read-only mount point to prevent accidental backups to the wrong disk
```bash
btrfs subvolume create /mnt/btr_backup
btrfs property set /mnt/btr_backup ro true
```
8. Create a backup config
1. Create a backup config
/etc/btrbk/backups.conf
@@ -606,53 +564,56 @@ Before you begin, go through the usual process of setting up an encrypted drive:
target_preserve_min no
target_preserve 30d
volume /mnt/btr_pools
target /mnt/btr_backup
# root
volume /btr_pools/root
target /btr_pools/backup
subvolume root
snapshot_dir .snapshots
volume /mnt/btr_pools
target /mnt/btr_backup
# home
volume /btr_pools/root
target /btr_pools/backup
subvolume home
snapshot_dir .snapshots
volume /mnt/btr_pools
target /mnt/btr_backup
# libvirt
volume /btr_pools/root
target /btr_pools/backup
subvolume libvirt
snapshot_dir .snapshots
```
9. Create a backup service
2. Create a backup service
/etc/systemd/system/btrbk_backups.service
```conf
[Unit]
Description=Runs btrbk with config file at /etc/btrbk/btrbk.conf
Description=Runs btrbk with config file at /etc/btrbk/backups.conf
[Service]
ExecStart=btrbk -c /etc/btrbk/btrbk.conf -v run
ExecStart=/usr/bin/btrbk -c /etc/btrbk/backups.conf -v run
```
10. Create a timer to activate the service
3. Create a timer to activate the service
/etc/systemd/system/btrbk_backups.timer
```conf
[Unit]
Description=Run btrbk every hour
Description=Run btrbk backups every hour
[Timer]
OnCalendar=hourly
AccuracySec=10min
Persistent=true
Unit=btrbk.service
Unit=btrbk_backups.service
[Install]
WantedBy=timers.target
```
11. Enable the timer
4. Enable the timer
```bash
systemctl enable --now btrbk_backup.conf
@@ -670,7 +631,7 @@ btrfs send /mnt/btr_backup/root.20230727T1000 | pv | btrfs receive /mnt/btr_iscs
You can create chroot environments to run firejails or just use for testing purposes.
1. `mkdir /chroots`
1. `btrfs sub create /chroots`
2. `mkdir /testing`
3. `pacman -S arch-install-scripts`
4. `pacstrap -K /chroots/testing/ base base-devel`
@@ -872,6 +833,49 @@ Without pipewire-pulse the audio level/device will reset every reboot.
1. `pacman -S pipewire-pulse` (remove conflicting packages)
### ISCSI
```bash
pacman -S open-iscsi
systemctl enable --now iscsid
```
1. Add auth login
/etc/iscsi/iscsid.conf
```conf
node.session.auth.chap_algs = SHA3-256,SHA256,SHA1,MD5
node.session.auth.username = username
node.session.auth.password = password
```
2. Initiate and login to the portal
```bash
# Add a new target to your list of nodes
iscsiadm \
-m discovery \
-t st \
-p driveripper.reeselink.com
# Login to the target
iscsiadm \
-m node \
--targetname iqn.2023-01.driveripper.reeselink.com:backup-reese-pc \
-p driveripper.reeselink.com:3260 \
--login
# or login to all targets
iscsiadm -m node --loginall all
# View current session
iscsiadm -m session
# Log out of all sessions
iscsiadm -m node -u
```
## Software Stores
### AppImage Support
@@ -938,89 +942,6 @@ Choose noto-fonts
3. `sudo systemctl start cups`
4. `sudo systemctl start avahi-daemon`
### Discord
1. `flatpak install com.discordapp.Discord`
### Steam
<https://wiki.archlinux.org/title/Official_repositories#multilib>
Edit /etc/pacman.conf
```conf
[multilib]
Include = /etc/pacman.d/mirrorlist
```
```bash
sudo pacman -S steam steam-native
```
When prompted, use vulkan-radeon
`steam-native` allows vaapi hardware encoding for steam remote play.
You may have to edit your firejail config to get steam to launch:
~/.config/firejail/steam.local
```conf
ignore apparmor
```
### XWayland
Provides compatibility with X server applications (like wine)
1. `sudo pacman -S xorg-xwayland`
### ISCSI
1. Add auth login
/etc/iscsi/iscsid.conf
```conf
node.session.auth.chap_algs = SHA3-256,SHA256,SHA1,MD5
node.session.auth.username = username
node.session.auth.password = password
```
2. Initiate and login to the portal
```bash
# Add a new target to your list of nodes
iscsiadm \
-m discovery \
-t st \
-p driveripper.reeselink.com
# Login to the target
iscsiadm \
-m node \
--targetname iqn.2023-01.driveripper.reeselink.com:backup-reese-pc \
-p driveripper.reeselink.com:3260 \
--login
# or login to all targets
iscsiadm -m node --loginall all
# View current session
iscsiadm -m session
# Log out of all sessions
iscsiadm -m node -u
```
### Wine
`pacman -S wine`
### Spotify
`pacman -S spotify-launcher`
### Yubikey
You'll need the yubikey manager appimage in addition to the pacman package

81
arch/gaming.md
View File

@@ -0,0 +1,81 @@
# Gaming
- [Gaming](#gaming)
- [Discord](#discord)
- [Steam](#steam)
- [XWayland](#xwayland)
- [Wine](#wine)
- [Spotify](#spotify)
- [VLC](#vlc)
- [AppImages](#appimages)
- [Bitwarden](#bitwarden)
## Discord
```bash
mv ~/Downloads/Discord ~/Applications/Discord
```
```conf
[Desktop Entry]
Name=Discord
Exec=/home/ducoterra/Applications/Discord/Discord
Icon=/home/ducoterra/Applications/Discord/discord.png
Type=Application
```
## Steam
<https://wiki.archlinux.org/title/Official_repositories#multilib>
Edit /etc/pacman.conf
```conf
[multilib]
Include = /etc/pacman.d/mirrorlist
```
```bash
sudo pacman -S steam
```
When prompted (on AMD) use vulkan-radeon
## XWayland
Provides compatibility with X server applications (like wine)
1. `sudo pacman -S xorg-xwayland`
## Wine
`pacman -S wine`
## Spotify
`pacman -S spotify-launcher`
## VLC
```bash
pacman -S vlc
```
## AppImages
### Bitwarden
<https://bitwarden.com/download/>
```bash
mv ~/Downloads/Bitwarden*.AppImage ~/Applications/Bitwarden.AppImage
chmod +x ~/Applications/*.AppImage
```
```conf
[Desktop Entry]
Name=Bitwarden
Exec=/home/ducoterra/Applications/Bitwarden.AppImage
Icon=/home/ducoterra/.icons/bitwarden.png
Type=Application
```

99
arch/workstation.md
View File

@@ -10,15 +10,21 @@
- [VSCode](#vscode)
- [Shell](#shell)
- [Fonts](#fonts)
- [Navigation](#navigation)
- [Extensions](#extensions)
- [Wireguard](#wireguard)
- [Remote Desktop](#remote-desktop)
- [Transmission](#transmission)
- [Wireguard](#wireguard)
- [VLC](#vlc)
- [AppImages](#appimages)
- [Bitwarden](#bitwarden)
- [Nextcloud](#nextcloud)
- [Insomnia](#insomnia)
## Base Tools
```bash
pacman -S rsync which git iperf3
pacman -S rsync which git iperf3 pwgen
```
## ZSH
@@ -137,6 +143,26 @@ Edit settings.json
}
```
### Navigation
The best navigation shortcut ever is alt+left and alt+right to move the cursor to it's
previous positions.
```json
[
{
"key": "alt+left",
"command": "workbench.action.navigateBack",
"when": ""
},
{
"key": "alt+right",
"command": "workbench.action.navigateForward",
"when": ""
}
]
```
### Extensions
To save a list of installed extensions run:
@@ -151,6 +177,15 @@ To install that list of extensions run:
cat vscode_extensions.txt | xargs -L 1 code --install-extension
```
## Wireguard
Wireguard requires `linux-headers`. If that isn't installed or is misconfigured your
vpn likely won't activate.
```bash
pacman -S wireguard-tools
```
## Remote Desktop
```bash
@@ -163,11 +198,61 @@ pacman -S remmina freerdp
pacman -S gtk4 transmission-gtk
```
### Wireguard
Wireguard requires `linux-headers`. If that isn't installed or is misconfigured your
vpn likely won't activate.
## VLC
```bash
pacman -S wireguard-tools
pacman -S vlc
```
## AppImages
### Bitwarden
<https://bitwarden.com/download/>
```bash
mv ~/Downloads/Bitwarden*.AppImage ~/Applications/Bitwarden.AppImage
chmod +x ~/Applications/*.AppImage
```
```conf
[Desktop Entry]
Name=Bitwarden
Exec=/home/ducoterra/Applications/Bitwarden.AppImage
Icon=/home/ducoterra/.icons/bitwarden.png
Type=Application
```
### Nextcloud
<https://nextcloud.com/install/#install-clients>
```bash
mv ~/Downloads/Nextcloud*.AppImage ~/Applications/Nextcloud.AppImage
chmod +x ~/Applications/*.AppImage
```
```conf
[Desktop Entry]
Name=Nextcloud
Exec=/home/ducoterra/Applications/Nextcloud.AppImage
Icon=/home/ducoterra/.icons/nextcloud.png
Type=Application
```
### Insomnia
<https://github.com/Kong/insomnia/releases/tag/core@2023.5.7>
```bash
mv ~/Downloads/Insomnia*.AppImage ~/Applications/Insomnia.AppImage
chmod +x ~/Applications/*.AppImage
```
```conf
[Desktop Entry]
Name=Insomnia
Exec=/home/ducoterra/Applications/Insomnia.AppImage
Icon=/home/ducoterra/.icons/insomnia.png
Type=Application
```