overhauls of most service docs

active/os_fedora/fedora-workstation.md

@@ -0,0 +1,345 @@
+# Fedora
+
+- [Fedora](#fedora)
+  - [Framework 16 Fixes](#framework-16-fixes)
+    - [Wake from Sleep](#wake-from-sleep)
+    - [Wrong keys pressed in the browser](#wrong-keys-pressed-in-the-browser)
+  - [Podman](#podman)
+    - [Autostarting services with quadlets](#autostarting-services-with-quadlets)
+  - [Toolbox](#toolbox)
+  - [Network](#network)
+    - [Firewall](#firewall)
+    - [VLAN Setup with nmcli](#vlan-setup-with-nmcli)
+  - [ZRAM](#zram)
+  - [Libraries](#libraries)
+    - [Common Libraries](#common-libraries)
+  - [Backups](#backups)
+    - [BTRFS Snapshots](#btrfs-snapshots)
+  - [ROCM](#rocm)
+  - [Display](#display)
+    - [Scripted Display Modes](#scripted-display-modes)
+  - [Fixing generic Wayland icons on task alt tab](#fixing-generic-wayland-icons-on-task-alt-tab)
+
+## Framework 16 Fixes
+
+### Wake from Sleep
+
+The keyboard/mouse can be pressed through the lid while in a backpack. Disable
+them to prevent wake from sleep.
+
+`/etc/udev/rules.d/69-suspend.rules`
+
+```conf
+ACTION=="add", SUBSYSTEM=="acpi", DRIVERS=="button", ATTRS{hid}=="PNP0C0D", ATTR{power/wakeup}="disabled"
+ACTION=="add", SUBSYSTEM=="serio", DRIVERS=="atkbd", ATTR{power/wakeup}="disabled"
+ACTION=="add", SUBSYSTEM=="i2c", DRIVERS=="i2c_hid_acpi", ATTRS{name}=="PIXA3854:00", ATTR{power/wakeup}="disabled"
+
+# https://askubuntu.com/questions/848698/wake-up-from-suspend-using-usb-device
+ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="32ac", ATTRS{idProduct}=="0012", RUN+="/bin/sh -c 'echo disabled > /sys$env{DEVPATH}/power/wakeup'"
+```
+
+Reload
+
+```bash
+sudo udevadm control --reload-rules && sudo udevadm trigger
+```
+
+### Wrong keys pressed in the browser
+
+Sometimes keys will stop working when using search bars or do strange things
+like move the page around. This seems to be caused by some "alt" keypress
+combination. Pressing "alt" twice fixes it.
+
+## Podman
+
+Since you'll be using podman for most container-based services, you'll want to
+set the the podman auth file to somewhere persistent, otherwise it'll get
+deleted every time you reboot.
+
+Add this to your `.bashrc`:
+
+```bash
+# Podman auth file
+export REGISTRY_AUTH_FILE=$HOME/.podman-auth.json
+```
+
+Source that and then run `podman login` to create the file.
+
+### Autostarting services with quadlets
+
+If you want to run something as your user at boot (like a systemd process,
+think ollama) you can create a user quadlets like so:
+
+```bash
+# Generate the .container file
+podman run --rm ghcr.io/containers/podlet --install --description "Local AI" \
+  podman run \
+  -d \
+  -v ollama:/root/.ollama \
+  -p 11434:11434 \
+  --name ollama \
+  --restart always \
+  docker.io/ollama/ollama > ~/.config/containers/systemd/ollama.container
+
+# Verify the service (Note the filename:service, this is required! You will get "Failed to prepare filename" without it)
+systemd-analyze verify ~/.config/containers/systemd/ollama.container:ollama.service
+
+# Start the service
+systemctl --user daemon-reload
+systemctl --user start ollama
+```
+
+## Toolbox
+
+```bash
+toolbox create
+toolbox enter
+```
+
+## Network
+
+### Firewall
+
+Set the default firewall to `drop`
+
+```bash
+firewall-cmd --set-default-zone=drop
+firewall-cmd --reload
+```
+
+Allow KDE Connect via 1714-1764 tcp/udp
+
+```bash
+firewall-cmd --add-port=1714-1764/udp --add-port=1714-1764/tcp --permanent
+```
+
+You can check if the firewall is working via `nmap` from another machine
+
+Note, add `-r` to scan ports in order.
+
+Note, add `-vv` to increase verbosity.
+
+Note, add `-A` to perform OS detection, host lookup, etc.
+
+Note, use `-F` to perform a quick scan against common ports.
+
+```bash
+export NMAP_HOST=10.2.0.49
+
+# Scan for common ports on TCP
+nmap -sT $NMAP_HOST
+
+# Scan all ports on TCP
+nmap -sT -p- $NMAP_HOST
+
+# Scan specific port on TCP
+nmap -sT -p5432 $NMAP_HOST
+
+# Scan range of ports on TCP
+nmap -sT -p1024-9999 $NMAP_HOST
+
+# Scan for common ports on UDP
+nmap -sU $NMAP_HOST
+
+# Skip host up checking
+nmap -Pn -sT $NMAP_HOST
+
+# Scan all ports for everything (takes a really really long time)
+nmap -Pn -sT -sU -p- $NMAP_HOST
+
+# Scan using TCP ACK Ping (More serious check that attempts to bypass firewall, See nmap man page)
+nmap -PA -p- $NMAP_HOST
+```
+
+Then, while running a scan:
+
+v / V: Increase / decrease the verbosity level d / D: Increase / decrease the
+debugging Level p / P: Turn on / off packet tracing ?: Print a runtime
+interaction help screen
+
+### VLAN Setup with nmcli
+
+```bash
+# VLAN 2
+nmcli conn
+export NMCLI_DEVICE=enp195s0f4u1u3
+nmcli connection add type VLAN con-name $NMCLI_DEVICE.2 dev $NMCLI_DEVICE id 2
+```
+
+## ZRAM
+
+Increasing zram size
+
+```bash
+# Show existing configuration
+zramctl
+# 
+swapoff /dev/zram0
+# Reset swap
+zramctl -r /dev/zram0
+
+# Set a new size
+zramctl --size 4G /dev/zram0
+```
+
+## Libraries
+
+### Common Libraries
+
+```bash
+sudo dnf install -y \
+make \
+gcc \
+zlib-devel \
+bzip2 \
+bzip2-devel \
+readline-devel \
+sqlite \
+sqlite-devel \
+openssl-devel \
+tk-devel \
+libffi-devel \
+xz-devel \
+libgle-devel
+```
+
+## Backups
+
+### BTRFS Snapshots
+
+<https://en.opensuse.org/openSUSE:Snapper_Tutorial>
+
+<http://snapper.io/manpages/snapper-configs.html>
+
+We'll be using snapper, a tool for automating and controlling snapshot
+behavior.
+
+```bash
+dnf install snapper dnf-plugin-snapper
+
+# Allow selinux management
+semanage permissive -a snapperd_t
+
+# Note, if you mess something up you can run snapper -c root delete-config to delete
+# System configs are stored in /etc/sysconfig/snapper as well as /etc/snapper
+snapper -c root create-config /
+snapper -c data create-config /path/to/other/data
+
+# Enable automatic snapshots
+systemctl enable --now snapper-timeline.timer
+# Enable automatic cleanup
+systemctl enable --now snapper-cleanup.timer
+# Enable snapshots on boot
+systemctl enable --now snapper-boot.timer
+
+# List snapshots
+snapper -c root list
+# Create snapshot manually
+snapper -c root create --description "test snapshot"
+# Delete first snapshot
+snapper -c root delete 1
+```
+
+Note - you probably don't want to keep yearly snapshots. Edit
+`/etc/snapper/configs/root` and change `TIMELINE_LIMIT_YEARLY=` to `0`.
+
+## ROCM
+
+```bash
+sudo dnf install \
+hipblas-develhipblaslt-devel \
+hipcc \
+hipcc-libomp-devel \
+hipcub-devel \
+hipfft-devel \
+hipfort-devel \
+hiprand-devel \
+hiprt-devel \
+hipsolver-devel \
+hipsparse-devel \
+rocalution-devel \
+rocblas-devel \
+rocfft-devel \
+rocm-clang-devel \
+rocm-clang-tools-extra-devel \
+rocm-cmake \
+rocm-comgr-devel \
+rocm-core-devel \
+rocm-hip-devel \
+rocm-libc++-devel \
+rocm-libc++-static \
+rocm-llvm-devel \
+rocm-omp-devel \
+rocm-runtime-devel \
+rocm-rpp-devel \
+rocm-smi-devel \
+rocminfo \
+rocdecode-devel \
+rocjpeg-devel \
+rocprim-devel \
+rocrand-devel \
+rocsolver-devel \
+rocsparse-devel \
+rocthrust-devel \
+roctracer-devel \
+miopen
+```
+
+## Display
+
+### Scripted Display Modes
+
+Put something like these in `~/.bashrc.d/screen.sh`
+
+```bash
+alias screen-reset='kscreen-doctor \
+output.eDP-2.enable \
+output.eDP-2.position.0,0 \
+output.eDP-2.primary \
+output.eDP-2.mode.2560x1600@165 \
+output.eDP-2.scale.1.25'
+
+alias screen-1080='kscreen-doctor \
+output.eDP-2.enable \
+output.eDP-2.position.0,0 \
+output.eDP-2.primary \
+output.eDP-2.mode.1920x1080@165 \
+output.eDP-2.scale.1'
+```
+
+## Fixing generic Wayland icons on task alt tab
+
+<https://epergo.com/posts/fix-generic-wayland-icon/>
+
+1. Access Window Rules
+
+    Go to “System Settings > Window Management > Window Rules”.
+
+2. Create a New Rule (If None Exist)
+
+    If the application does not have any rules already, create a new one:
+
+    1. Click on “Add New…”
+    2. Add a description (e.g., “Application settings for sublime_merge”)
+    3. Specify the “Window class (application)”
+
+    If you’re unsure of the value for the window class, click “Detect Window
+    Properties”, then click on the application window. A pop-up with the
+    detected properties will be shown, and you can select the correct value.
+
+3. Add Property
+
+    1. Click on “Add Property” and select “Desktop File Name”.
+
+4. Find the Correct Desktop File Name
+
+    Standard Applications: If the application is installed using your distro’s
+    repositories, check the name in /usr/share/applications/. Flatpak
+    Applications: If it’s a Flatpak package, check the name in
+    /var/lib/flatpak/exports/share/applications/. For example, for Obsidian, it
+    will be md.obsidian.Obsidian (do not include the .desktop suffix).
+
+5. Apply Settings
+
+    Apply the new settings and close the application if it was open. The next
+    time you open the application, it should show the correct icon.