dotfiles/README.md

182 lines
3.5 KiB
Markdown

# ZFS encrypted home
```bash
# create key, as root
dd if=/dev/urandom of=/etc/zfs/home.key bs=32 count=1 && chmod 600 /etc/zfs/home.key
# create pool
zpool create storage -O xattr=sa -O acltype=posixacl -O atime=off -O compression=lz4 -o ashift=12 /dev/DISK
# create home dataset
zfs create -O encryption=aes-256-gcm -O keyformat=raw -O keylocation=file:///etc/zfs/home.key -o mountpoint=/home storage/home
# create individual dataset
zfs create storage/home/andrew
# enable zfs load key from file at boot
cat <<EOF > /etc/systemd/system/zfs-load-key.service
[Unit]
Description=Load encryption keys
DefaultDependencies=no
After=zfs-import.target
Before=zfs-mount.service
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/sbin/zfs load-key -a
StandardInput=tty-force
[Install]
WantedBy=zfs-mount.service
EOF
# turn on services
systemctl enable zfs.target
systemctl enable zfs-import-cache
systemctl enable zfs-mount
systemctl enable zfs-import.target
systemctl enable zfs-load-key
```
# Arch / Manjaro
```bash
pacman-mirrors --geoip
pamac install linux-api-headers linux-headers
pamac install zfs-dkms
zpool import -f storage
zpool set cachefile=/etc/zfs/zpool.cache storage
pamac install \
atuin \
base-devel \
bash-completion \
bat \
bottom \
cargo-flamegraph \
choose \
broot \
croc \
difftastic \
direnv \
dust \
exa \
fd \
fzf \
git \
git-delta \
gitui \
glances \
go \
grex \
hdparm \
hexyl \
htmlq \
htop \
httpie \
hyperfine \
jq \
just \
kitty \
libvirt \
lzop \
lsd \
mdbook \
mdbook-linkcheck \
mhash \
mosh \
mtr \
neovim \
nextcloud-client \
nmon \
opendoas \
pgcli \
pv \
p7zip \
qemu \
ripgrep \
sd \
shfmt \
starship \
tealdeer \
tmux \
tokei \
unzip \
upterm \
vim \
virt-manager \
watchexec \
xh \
xsv \
zoxide
# not available by default
#jc mbuffer
pamac build lightly-qt
systemctl enable --now --user ssh-agent.service
```
# Bitwarden
```bash
curl -Lo bw.zip 'https://vault.bitwarden.com/download/?app=cli&platform=linux'
unzip bw.zip
mkdir -p "$HOME/.local/bin" "$HOME/.config/bash"
install -m 755 bw "$HOME/.local/bin/"
rm -f bw bw.zip
bw config server https://bitwarden.penguincoder.org
bw login
echo "export BW_SESSION=$(bw unlock --raw)" > "$HOME/.config/bash/bitwarden.sh"
source "$HOME/.config/bash/bitwarden.sh"
bw sync
```
# Kitty
```bash
curl -L https://sw.kovidgoyal.net/kitty/installer.sh | sh /dev/stdin
ln -s "$HOME/.local/kitty.app/bin/kitty" "$HOME/.local/bin/"
cp "$HOME/.local/kitty.app/share/applications/kitty.desktop" "$HOME/.local/share/applications/"
cp "$HOME/.local/kitty.app/share/applications/kitty-open.desktop" "$HOME/.local/share/applications/"
sed -i "s|Icon=kitty|Icon=$HOME/.local/kitty.app/share/icons/hicolor/256x256/apps/kitty.png|g" "$HOME/.local/share/applications/kitty*.desktop"
```
# Nix
```bash
sh <(curl -L https://nixos.org/nix/install) --daemon
```
# Rust
```bash
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
```
# Cargo dependencies
```bash
cargo install \
ag \
amber \
basic-http-server \
cargo-udeps \
kondo \
passerine \
passerine-aspen \
record-query \
rustfilt \
xcp
cargo +nightly install --git https://github.com/martinvonz/jj.git
cargo +nightly install --git https://github.com/getzola/zola.git
```
# Chezmoi
```bash
sh -c "$(curl -fsLS chezmoi.io/get)"
mv ./bin/chezmoi "$HOME/.local/bin/"
```
# LunarVim
```bash
pacman -S yarn
bash <(curl -s https://raw.githubusercontent.com/lunarvim/lunarvim/master/utils/installer/install.sh)
```