dotfiles/README.md

4.8 KiB

ZFS encrypted home

# create key, as root
dd if=/dev/urandom of=/etc/zfs/home.key bs=32 count=1 && chmod 600 /etc/zfs/home.key
# create pool
zpool create storage -O xattr=sa -O acltype=posixacl -O atime=off -O compression=lz4 -o ashift=12 /dev/DISK
# create home dataset
zfs create -O encryption=aes-256-gcm -O keyformat=raw -O keylocation=file:///etc/zfs/home.key -o mountpoint=/home storage/home
# create individual dataset
zfs create storage/home/andrew

# enable zfs load key from file at boot
cat <<EOF > /etc/systemd/system/zfs-load-key.service
[Unit]
Description=Load encryption keys
DefaultDependencies=no
After=zfs-import.target
Before=zfs-mount.service

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/sbin/zfs load-key -a
StandardInput=tty-force

[Install]
WantedBy=zfs-mount.service
EOF

# turn on services
systemctl enable zfs.target
systemctl enable zfs-import-cache
systemctl enable zfs-mount
systemctl enable zfs-import.target
systemctl enable zfs-load-key

Arch / Manjaro

pacman-mirrors --geoip
pamac install linux-api-headers linux-headers
pamac install zfs-dkms
zpool import -f storage
zpool set cachefile=/etc/zfs/zpool.cache storage
pamac install \
  atuin \
  base-devel \
  bash-completion \
  bat \
  bottom \
  cargo-flamegraph \
  choose \
  broot \
  croc \
  difftastic \
  direnv \
  dust \
  exa \
  fd \
  fzf \
  git \
  git-delta \
  gitui \
  glances \
  gnome-screenshot \
  go \
  grex \
  hdparm \
  hexyl \
  htmlq \
  htop \
  httpie \
  hyperfine \
  jq \
  just \
  kitty \
  libvirt \
  lzop \
  lsd \
  mdbook \
  mdbook-linkcheck \
  mhash \
  mosh \
  mtr \
  neovim \
  nextcloud-client \
  nmon \
  opendoas \
  pgcli \
  pv \
  p7zip \
  qemu \
  ripgrep \
  sd \
  shfmt \
  starship \
  tealdeer \
  tmux \
  tokei \
  unzip \
  upterm \
  vim \
  virt-manager \
  watchexec \
  xh \
  xsv \
  zoxide
# not available by default
#jc mbuffer
pamac build lightly-qt
systemctl enable --now --user ssh-agent.service

Ubuntu / Pop_OS!

sudo apt install -y \
  build-essential \
  curl \
  cmake \
  direnv \
  doas \
  fzf \
  git \
  glances \
  golang \
  hdparm \
  htop \
  httpie \
  hyperfine \
  jq \
  just \
  kitty-terminfo \
  libmhash2 \
  libssl-dev \
  libvirt-daemon \
  lzop \
  most \
  mosh \
  mtr \
  nmon \
  openssh-server \
  pgcli \
  pv \
  p7zip \
  ripgrep \
  shfmt \
  steam-devices \
  tmux \
  unzip \
  vim \
  virt-manager \
  zoxide \
  zfs-dkms \
  zfsutils-linux
systemctl enable --now sshd.service
systemctl enable zfs.target
systemctl enable zfs-import-cache
systemctl enable zfs-mount
systemctl enable zfs-import.target
curl -Lo /tmp/nvim-linux64.deb https://github.com/neovim/neovim/releases/download/v0.7.2/nvim-linux64.deb && doas apt install -y /tmp/nvim-linux64.deb && rm -f /tmp/nvim-linux64.deb
go install github.com/schollz/croc/v9@latest
cargo install \
  atuin \
  bat \
  bottom \
  broot \
  choose \
  difftastic \
  du-dust \
  exa \
  fd-find \
  flamegraph \
  git-delta \
  gitui \
  grex \
  hexyl \
  htmlq \
  sd \
  starship \
  tealdeer \
  tokei \
  watchexec-cli \
  upterm \
  xh \
  xsv
curl -LO https://github.com/owenthereal/upterm/releases/download/v0.9.0/upterm_linux_amd64.tar.gz

Bitwarden

curl -Lo bw.zip 'https://vault.bitwarden.com/download/?app=cli&platform=linux'
unzip bw.zip
mkdir -p "$HOME/.local/bin" "$HOME/.config/bash"
install -m 755 bw "$HOME/.local/bin/"
rm -f bw bw.zip
bw config server https://bitwarden.penguincoder.org
bw login
echo "export BW_SESSION=$(bw unlock --raw)" > "$HOME/.config/bash/bitwarden.sh"
source "$HOME/.config/bash/bitwarden.sh"
bw sync

Kitty

curl -L https://sw.kovidgoyal.net/kitty/installer.sh | sh /dev/stdin
mkdir -p "$HOME/.local/bin"
ln -s "$HOME/.local/kitty.app/bin/kitty" "$HOME/.local/bin/"
cp "$HOME/.local/kitty.app/share/applications/kitty.desktop" "$HOME/.local/share/applications/"
cp "$HOME/.local/kitty.app/share/applications/kitty-open.desktop" "$HOME/.local/share/applications/"
sed -i "s|Icon=kitty|Icon=$HOME/.local/kitty.app/share/icons/hicolor/256x256/apps/kitty.png|g" $HOME/.local/share/applications/kitty*.desktop

Nix

sh <(curl -L https://nixos.org/nix/install) --daemon

Rust

curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

Cargo dependencies

cargo install \
  ag \
  amber \
  basic-http-server \
  cargo-udeps \
  kondo \
  passerine \
  passerine-aspen \
  record-query \
  rustfilt \
  xcp
cargo +nightly install --git https://github.com/martinvonz/jj.git
cargo +nightly install --git https://github.com/getzola/zola.git

Chezmoi

sh -c "$(curl -fsLS chezmoi.io/get)"
mv ./bin/chezmoi "$HOME/.local/bin/"

LunarVim

pacman -S yarn
bash <(curl -s https://raw.githubusercontent.com/lunarvim/lunarvim/master/utils/installer/install.sh)