17 KiB
Workstation
- Workstation
- Pacman Packages
- Fingerprint Reader Support
- SSH
- Templates
- Firefox
- Avahi (Bonjour)
- CUPS Printing
- Toolbox
- Podman
- Docker
- QEMU/KVM
- Kubernetes
- VSCode
- Wireguard
- Remote Desktop
- Transmission
- VLC
- Bitwarden
- Nextcloud
- Insomnia
- QMK
- Cura
- Creality Print
- Bambu Studio
- Orca Slicer
- AWS CLI
- NSlookup
- rpi-imager
- qFlipper
- Nextcloud Talk
- FFMpeg
- Youtube-dlp
- Iperf3
- Glances
- VirtualBox
Pacman Packages
Upgrade/Downgrade
The Arch Linux Archive keeps snapshots of all packages
from history. Search for your package on the site, copy the link for the pkg.tar.zst file, and run
the following:
# Replace link with the one you copied
pacman -U https://archive.archlinux.org/packages/g/gdm/gdm-46.2-1-x86_64.pkg.tar.zst
Freeze package
You can freeze a package by adding it to the list of ignores in /etc/pacman.conf:
...
IgnorePkg = nano vim linux
...
Fingerprint Reader Support
Setup
pacman -S fprintdsystemctl enable --now fprintdfprintd-enroll ducoterra- Install https://aur.archlinux.org/pam-fprint-grosshack.git to use fingerprint with gnome
In order to use fingerprint auth with gnome for privileged system stuff with gdm, edit
/etc/pam.d/system-auth to include auth sufficient pam_fprintd_grosshack.so.
#%PAM-1.0
auth required pam_shells.so # User must have shell in /etc/shells
auth requisite pam_nologin.so # Prevents users from loging in if /etc/nologin exists
auth required pam_faillock.so preauth # Timeout after certain number of fails
# Optionally use requisite above if you do not want to prompt for the password
# on locked accounts.
auth sufficient pam_fprintd_grosshack.so
-auth [success=2 default=ignore] pam_systemd_home.so
auth [success=1 default=bad] pam_unix.so try_first_pass nullok
auth [default=die] pam_faillock.so authfail
auth optional pam_permit.so
auth required pam_env.so
auth required pam_faillock.so authsucc
# If you drop the above call to pam_faillock.so the lock will be done also
# on non-consecutive authentication failures.
-account [success=1 default=ignore] pam_systemd_home.so
account required pam_unix.so
account optional pam_permit.so
account required pam_time.so
-password [success=1 default=ignore] pam_systemd_home.so
password required pam_unix.so try_first_pass nullok shadow
password optional pam_permit.so
-session optional pam_systemd_home.so
session required pam_limits.so
session required pam_unix.so
session optional pam_permit.so
Turn Off Fingerprint When Laptop Lid Closed
NOTE: This may break fingerprint unlock. Testing in progress.
To disable fingerprint authentication when the laptop lid is closed, and re-enable when it is reopened, we will use acpid to bind to the button/lid.* event to a custom script that will comment out fprintd auth in /etc/pam.d/sudo.
Usually we'd just systemctl mask fprintd but this breaks gdm (as of 08/06/23). See
https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2267 and
https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/6585.
-
pacman -S acpidand thensystemctl enable --now acpid -
Create file /etc/acpi/laptop-lid.sh with the following contents:
#!/bin/bash if grep -Fq closed /proc/acpi/button/lid/LID0/state # && # This is used to detect if a display is connected. # For USB C displayport use: # grep -Fxq connected /sys/class/drm/card1-DP-2/status # For hdmi use: # grep -Fxq connected /sys/class/drm/card0-HDMI-A-1/status then # comment out fprintd sed -i -E 's/^([^#].*pam_fprintd.so)/#\1/g' /etc/pam.d/sudo else # uncomment fprintd sed -i -E 's/#(.*pam_fprintd.so)/\1/g' /etc/pam.d/sudo fi -
Make the file executable with
chmod +x /etc/acpi/laptop-lid.sh -
Create file /etc/acpi/events/laptop-lid with the following contents:
event=button/lid.* action=/etc/acpi/laptop-lid.sh -
Restart the acpid service with:
systemctl restart acpid
Now the fingerprint will be used only when the lid is open.
In order to ensure the correct state after suspend we need a service file which runs our script on wake.
-
Create a file named /etc/systemd/system/laptop-lid.service with the following contents:
[Unit] Description=Laptop Lid After=suspend.target [Service] ExecStart=/etc/acpi/laptop-lid.sh [Install] WantedBy=multi-user.target WantedBy=suspend.target -
Reload the systemd config files with
sudo systemctl daemon-reload -
Start and enable the service with
sudo systemctl enable --now laptop-lid.service
Now the status should be correct even after connecting/disconnecting when the computer is off.
SSH
Generate a key with password protection:
# Omit "-N 'password'" to have it prompt you
ssh-keygen -f ~/.ssh/test-key -N 'PASSWORD'
Change the password for an ssh key:
# Use "-N ''" to remove the password
ssh-keygen -p -N 'PASSWORD' -f ~/.ssh/test-key
This is an example config entry in ~/.ssh/config:
Host my-host
Hostname my-host.reeselink.com
User root
ProxyCommand none
ForwardAgent no
ForwardX11 no
Port 22
KeepAlive yes
IdentityFile ~/.ssh/id_my-host_rsa
You can ssh to that host with ssh my-host after adding a config entry.
Templates
You can add files in ~/Templates to give yourself quick-create options in the gnome
file browser context menu.
mkdir ~/Templates
touch ~/Templates/text.txt
Firefox
You'll want firefox and gnome-browser-connector (for gnome extension management).
pacman -S firefox gnome-browser-connector
Choose noto-fonts
Gnome Extensions
- AlphabeticalAppGrid@stuarthayhurst
- Vitals@CoreCoding.com
- dash-to-dock@micxgx.gmail.com
- tactile@lundal.io
Avahi (Bonjour)
-
pacman -S avahi -
vim /etc/nsswitch.confhosts: mymachines mdns [NOTFOUND=return] resolve [!UNAVAIL=return] files myhostname dns -
vim /etc/mdns.allow
.local.
.local
CUPS Printing
Note: you need avahi for auto-discovery.
pacman -S cups cups-pdf system-config-printer gutenprint foomatic-db-gutenprint-ppdscups-genppdupdateusermod -aG lp ducoterrasystemctl enable --now cups- In gnome settings:
- Add printer
- Enter the IP address
- Wait...
- Select "JetDirect"
- Select Generic
- Select IPP Printer
Toolbox
https://wiki.archlinux.org/title/Toolbox
Toolbox is a containerized workstation service via podman.
# select "crun" when prompted
pacman -S toolbox
toolbox create
toolbox enter
sudo pacman -S zsh grml-zsh-config zsh-syntax-highlighting zsh-autosuggestions pkgfile
Podman
Install with the following
pacman -S podman buildah cni-plugins slirp4netns podman-dnsname aardvark-dns
Then you can run rootless containers like so:
podman pull docker.io/library/python:3.11
podman run -it python:3.11 bash
podman network create test
podman pod create --network test --publish 8000:8000 test1
podman run -it --pod test1 python:3.11 bash
You can also deploy pods with kubernetes yamls.
podman network create test
podman kube play --network test podman-deploy.yaml --replace
Docker
pacman -Sy docker docker-compose
usermod -aG docker ducoterra
logout, log back in to use docker as non-root user.
You can use btrfs as your storage driver by following these instructions:
https://docs.docker.com/storage/storagedriver/btrfs-driver/
QEMU/KVM
Install virtualization capabilties
# DNSMasq is required - do not start it with systemd, qemu will handle that.
pacman -S qemu-full dnsmasq virt-manager
systemctl enable --now libvirtd
virsh net-autostart default
Then edit /etc/libvirt/network.conf and add:
firewall_backend="iptables"
Make sure to restart libvirtd with systemctl restart libvirtd.
If you get a blank screen when launching a VM check that you've used the correct bios - either secboot or not secboot. This is the most common problem.
Arch Guests
In order to get drivers for spice you'll need the guest spice drivers:
sudo pacman -S qemu-guest-agent spice-vdagent
Kubernetes
pacman -S kubectl helm
VSCode
For the open source version of code install code:
sudo pacman -S code
For the proprietary version of vscode use the AUR:
https://aur.archlinux.org/packages/visual-studio-code-bin
cd ~/aur
git clone https://aur.archlinux.org/visual-studio-code-bin.git
cd visual-studio-code-bin
makepkg -si
Shell
Edit settings.json
{
"terminal.integrated.defaultProfile.linux": "zsh",
}
Fonts
Intel One Mono is designed to be easily readable for developers.
https://github.com/intel/intel-one-mono
Download and extract the ttf.zip
mkdir ~/.local/share/fonts
rsync -av /path/to/download/*.ttf ~/.local/share/fonts/
Edit settings.json
{
"editor.fontFamily": "Intel One Mono",
"editor.fontLigatures": true,
"terminal.integrated.fontFamily": "Intel One Mono",
}
Navigation
The best navigation shortcut ever is alt+left and alt+right to move the cursor to it's previous positions.
[
{
"key": "alt+left",
"command": "workbench.action.navigateBack",
"when": ""
},
{
"key": "alt+right",
"command": "workbench.action.navigateForward",
"when": ""
}
]
Extensions
To save a list of installed extensions run:
code --list-extensions >> vscode_extensions.txt
To install that list of extensions run:
cat vscode_extensions.txt | xargs -L 1 code --install-extension
Wireguard
Wireguard requires linux-headers. If that isn't installed or is misconfigured your
vpn likely won't activate.
pacman -S wireguard-tools
Remote Desktop
pacman -S remmina freerdp
Transmission
pacman -S gtk4 transmission-gtk
VLC
pacman -S vlc
Bitwarden
pacman -S bitwarden
Nextcloud
https://wiki.archlinux.org/title/Nextcloud#Desktop
pacman- S nextcloud-client
For app icon support, install https://extensions.gnome.org/extension/615/appindicator-support/
Insomnia
https://github.com/Kong/insomnia/releases/tag/core@2023.5.7
mv ~/Downloads/Insomnia*.AppImage ~/Applications/Insomnia.AppImage
chmod +x ~/Applications/*.AppImage
[Desktop Entry]
Name=Insomnia
Exec=/home/ducoterra/Applications/Insomnia.AppImage
Icon=/home/ducoterra/.icons/insomnia.png
Type=Application
QMK
Initialization
I have a mirror and a fork of the mirror on my personal Gitea. For this strategy you'll need to checkout the fork and add the mirror. This ensures I'll always have an up-to-date mirror of qmk while also giving me a repo to make changes for my personal keyboards.
git clone git@gitea.reeseapps.com:ducoterra/qmk_firmware.git
cd qmk_firmware
git remote add mirror git@gitea.reeseapps.com:mirrors/qmk_firmware.git
git fetch mirror
git rebase mirror/master
pacman -S qmk
qmk setup
sudo cp /home/ducoterra/qmk_firmware/util/udev/50-qmk.rules /etc/udev/rules.d/
qmk config user.keyboard=keychron/q11/ansi_encoder
qmk config user.keymap=ducoterra
Development
Every time you start a project you'll want to sync with the mirror.
git fetch mirror
git rebase mirror/master
Commit to master while you're in the fork.
Cura
https://ultimaker.com/software/ultimaker-cura/#links
mv ~/Downloads/*Cura*.AppImage ~/Applications/Cura.AppImage
chmod +x ~/Applications/*.AppImage
[Desktop Entry]
Name=Cura
Exec=/home/ducoterra/Applications/Cura.AppImage
Icon=/home/ducoterra/.icons/cura.png
Type=Application
Creality Print
https://www.creality.com/pages/download-software?spm=..page_11657537.creality_print_1.1
mv ~/Downloads/Creality_Print*.AppImage ~/Applications/Creality_Print.AppImage
chmod +x ~/Applications/*.AppImage
[Desktop Entry]
Name=Creality Print
Exec=/home/ducoterra/Applications/Creality_Print.AppImage
Icon=/home/ducoterra/.icons/creality_print.png
Type=Application
Bambu Studio
Install with flatpak.
flatpak install com.bambulab.BambuStudio
Orca Slicer
https://github.com/SoftFever/OrcaSlicer
This is an open source fork of Bambu Slicer with more features.
# You might need to install webkit2gtk
pacman -S webkit2gtk
mv ~/Downloads/OrcaSlicer*.AppImage ~/Applications/OrcaSlicer.AppImage
chmod +x ~/Applications/*.AppImage
[Desktop Entry]
Name=Orca Slicer
Exec=/home/ducoterra/Applications/OrcaSlicer.AppImage
Icon=/home/ducoterra/.icons/orca_slicer.png
Type=Application
AWS CLI
https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
# Install less if you don't have it already
pacman -S less
cd ~/Downloads
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
Add the following to your .zshrc:
complete -C '/usr/local/bin/aws_completer' aws
NSlookup
# Do this in a toolbox
toolbox enter
# Install
pacman -S bind
rpi-imager
https://github.com/raspberrypi/rpi-imager
toolbox create -d ubuntu -r 24.04
toolbox enter toolbox enter ubuntu-toolbox-24.04
sudo apt install rpi-imager
qFlipper
https://flipperzero.one/update
mv ~/Downloads/*qFlipper*.AppImage ~/Applications/qFlipper.AppImage
chmod +x ~/Applications/*.AppImage
[Desktop Entry]
Name=qFlipper
Exec=/home/ducoterra/Applications/qFlipper.AppImage
Icon=/home/ducoterra/.icons/qFlipper.png
Type=Application
Nextcloud Talk
https://github.com/nextcloud-releases/talk-desktop/releases
unzip ~/Downloads/Nextcloud.Talk-linux*.zip -d ~/Downloads
rm -rf ~/Applications/NextcloudTalk
mv ~/Downloads/'Nextcloud Talk-linux-x64' ~/Applications/NextcloudTalk
vim ~/.local/share/applications/nextcloud-talk.desktop
[Desktop Entry]
Name=Nextcloud Talk
Exec="/home/ducoterra/Applications/NextcloudTalk/Nextcloud Talk" %u
Icon=/home/ducoterra/.icons/NextcloudTalk.png
Type=Application
update-desktop-database
FFMpeg
# Select pipewire-jack when prompted
pacman -S ffmpeg
Youtube-dlp
https://github.com/yt-dlp/yt-dlp
- Download
yt-dlp_linux clamdscan yt-dlp_linuxcp yt-dlp_linux /usr/local/bin/yt-dlp- Install ffmpeg
pacman -S ffmpeg
Download the best quality video:
yt-dlp -f "bv+ba/b" https://...
Download a playlist:
yt-dlp -f "bv+ba/b" --write-thumbnail https://www.youtube.com/watch?v=l-unefmAo9k&list=PLuYLhuXt4HrQqnfSceITmv6T_drx1hN84
Iperf3
pacman -S iperf3
Glances
pacman -S glances
VirtualBox
https://wiki.archlinux.org/title/VirtualBox
For the linux kernel, choose virtualbox-host-modules-arch
pacman -S virtualbox
# Required reboot to load the kernel modules
reboot
- Download Proton Mail Bridge PKGBUILD: https://proton.me/mail/bridge
makepkg -si
- Open protonmail bridge and login
- Install geary email client
pacman -S geary
- Open geary
- Add the account following protonmail bridge's instructions