fschl
/
dotfiles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' of https://gitlab.com/fschl/dotfiles 

* 'master' of https://gitlab.com/fschl/dotfiles:
  update documentation for wireguard
  update wireguard documentation, fix install, add example for server
  show status of wg0 interface in main status line
  add documentation for wireguard
  fix whitespace
  add wireguard to install
  extend .spacemacs (especially org config)
  add dual extern screen for notebook
  updates
  add cups-browsed to standard desktop install
  update license year
  update arduino and audacity
This commit is contained in:
Frieder Schlesier 2021-06-02 22:28:56 +02:00
parent e22a12f583 9736d91e77
commit 49a5940eab
11 changed files with 228 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
.dockerfunc
View File

@ -100,34 +100,32 @@ ant() {
arduino() {
docker run \
-it \
--rm \
--network=host \
--privileged \
-e DISPLAY=$DISPLAY \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-v /dev/ttyUSB0:/dev/ttyUSB0 \
-v $HOME/topics:/topics \
-v $HOME/projects:/projects \
tombenke/darduino:latest \
arduino
-it \
--network=host \
--privileged \
-e DISPLAY=$DISPLAY \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-v /dev/ttyUSB0:/dev/ttyUSB0 \
-v $HOME/topics:/topics \
-v $HOME/projects:/home/developer/projects \
fschl/darduino:1.8.10 \
arduino
}
audacity(){
del_stopped audacity
# -e QT_DEVICE_PIXEL_RATIO \
del_stopped audacity
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v $HOME/Downloads:/root/Downloads \
-v $HOME/Documents:/root/Documents \
-v $HOME/Music:/root/Music \
--device /dev/snd \
--group-add audio \
--name audacity \
jess/audacity
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v $HOME/Downloads:/root/Downloads \
-v $HOME/Documents:/root/Documents \
-v $HOME/Music:/root/Music \
--device /dev/snd \
--group-add audio \
--name audacity \
jess/audacity
}
bro() {

23
.i3/config
View File

@ -111,16 +111,24 @@ assign [class=".*ee.*ass.*"] $WS8
# https://faq.i3wm.org/question/3726/workspace-output-multiple-values/index.html%3Fanswer=3731.html#post-id-3731
set $LAPTOP LVDS-1
set $CENTER VGA-1
#set $CENTER HDMI-1
#set $CENTER DP-1
set $CENTER HDMI-1
set $RIGHT VGA-1
# monitor settings
bindsym $mod+m mode "monitor"
mode "monitor" {
# only laptop
bindsym 1 exec xrandr --output $LAPTOP --auto --primary --output $CENTER --off $RIGHT --off
bindsym 2 exec xrandr --output $CENTER --primary --auto --output $LAPTOP --auto --left-of $CENTER
#bindsym 3 exec xrandr --output $CENTER --primary --auto --output $LAPTOP --auto --left-of $CENTER --output $RIGHT --auto --right-of $CENTER
# HDMI main, laptop secondary
bindsym 2 exec xrandr --output $CENTER --primary --auto --output $LAPTOP --auto --left-of $CENTER --output $RIGHT --off
# HDMI main, laptop left, VGA right, *not* supported on X230
bindsym 3 exec xrandr --output $CENTER --primary --auto --output $LAPTOP --auto --left-of $CENTER --output $RIGHT --auto --right-of $CENTER
# HDMI main, VGA right, laptop off
bindsym 4 exec xrandr --output $CENTER --primary --auto --output $RIGHT --auto --right-of $CENTER --rotate left --output $LAPTOP --off
# VGA main, laptop left, HDMI off
bindsym 8 exec xrandr --output $RIGHT --primary --auto --output $LAPTOP --auto --left-of $RIGHT --output $CENTER --off
# HDMI main, VGA right, laptop off
bindsym 9 exec xrandr --output $CENTER --primary --auto --output $RIGHT --auto --right-of $CENTER --output $LAPTOP --off
# back to normal: Enter or Escape
bindsym Return mode "default"
@ -224,8 +232,7 @@ bar {
bar {
output $CENTER
output DP-1
output HDMI-1
output $RIGHT
status_command i3status --config ~/.i3/status_small.conf
tray_output $LAPTOP
}
@ -240,6 +247,7 @@ bar {
#exec xrdb -merge /home/jessie/.Xresources
#exec xrdb -merge /home/jessie/.Xdefaults
# startup programs
exec amixer set Master 1+ off
exec amixer set Master 54
@ -253,3 +261,4 @@ exec --no-startup-id i3-msg 'exec thunderbird'
exec --no-startup-id i3-msg 'exec keepassxc'
# exec --no-startup-id i3-msg 'exec nextcloud'
exec --no-startup-id i3-msg 'workspace $WS3; exec urxvt;'

6
.i3/status.conf
View File

@ -25,7 +25,7 @@ order += "path_exists VPN"
#order += "ipv6"
order += "wireless wlp3s0"
order += "ethernet enp0s25"
order += "volume master"
order += "volume Master"
order += "battery 0"
#order += "cpu_temperature 0"
order += "load"
@ -65,7 +65,7 @@ run_watch DHCP {
}
path_exists VPN {
path = "/proc/sys/net/ipv4/conf/tun0"
path = "/proc/sys/net/ipv4/conf/wg0"
}
tztime local {
@ -112,7 +112,7 @@ disk "/media/driveBay" {
format = "/ %avail"
}
volume master {
volume Master {
format = " %volume"
format_muted = " %volume"
device = "default"

6
.i3/status_small.conf
View File

@ -21,7 +21,8 @@ order += "run_watch Docker"
order += "run_watch DHCP"
order += "path_exists VPN"
order += "wireless wlp3s0"
order += "ethernet eth0"
# order += "ethernet eth0"
order += "ethernet enp0s25"
order += "volume master"
order += "battery 0"
order += "load"
@ -43,7 +44,8 @@ wireless wlp3s0 {
format_down = " -"
}
ethernet eth0 {
# ethernet eth0 {
ethernet enp0s25 {
# if you use %speed, i3status requires root privileges
format_up = "E: up"
format_down = "E: down"

2
.path
View File

@ -1,4 +1,4 @@
#export GOROOT=/usr/local/go/bin
# export GOPATH=/home/fschl/projects/go_projects
export PATH=${PATH}:/usr/local/go/bin:${GOPATH}/bin
export PATH=${PATH}:/usr/local/go/bin:/home/fschl/go/bin

41
.spacemacs
View File

@ -323,10 +323,51 @@ you should place your code here."
(setq dired-listing-switches "-alh")
(setq-default dotspacemacs-configuration-layers
'((
ruby
javascript
nginx
rust
rustauto-completion :variables
auto-completion-enable-snippets-in-popup t
auto-completion-enable-help-tooltip t)))
(with-eval-after-load 'org
(setq org-default-notes-file "~/Documents/Org/tasks.org")
(setq org-agenda-files
(quote ("~/Documents/Org/tasks.org"
"~/Documents/Org/journal.org"
"~/Documents/Org/projects.org"
"~/Documents/Org/watchlist.org"
"~/Documents/Org/birthdays.org")))
(setq org-capture-templates
'(("t" "todo list item" ; name
entry ; type
(file+headline org-default-notes-file "Tasks")
"* TODO %?\n DEADLINE: %^T") ; template
("T" "todo list item with source" ; name
entry ; type
(file+headline org-default-notes-file "Tasks")
"* TODO %?\n %a \n DEALINE: %^T \n %i") ; template
("m" "scheduled meeting" ; name
entry ; type
(file+headline org-default-notes-file "Tasks")
"* MEETING %?\n SCHEDULED: %^T\n %a") ; template
("p" "phone call" ; name
entry ; type
(file+headline org-default-notes-file "Tasks")
"* PHONE %?\n %i\n %a") ; template
("a" "Articles"
entry (file+weektree "~/Documents/Org/journal.org")
"* %? \n%x \n %u\n- $?")
)
)
)
(setq org-ref-default-bibliography '("~/Documents/WHZ/MA/latex/references.bib")
org-ref-pdf-directory "~/Documents/WHZ/MA/references/"
org-ref-bibliography-notes "~/Documents/WHZ/MA/notes.org")
)
;; Do not write anything past this comment. This is where Emacs will

2
LICENSE.md
View File

@ -1,6 +1,6 @@
The MIT License (MIT)
Copyright (c) 2017 Frieder Schlesier
Copyright (c) 2017-2020 Frieder Schlesier
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in

74
scripts/install.sh
View File

@ -39,6 +39,11 @@ deb-src http://deb.debian.org/debian ${DIST} main
deb http://deb.debian.org/debian-security/ ${DIST}/updates main
deb-src http://deb.debian.org/debian-security/ ${DIST}/updates main
# backports for wireguard
# https://www.wireguard.com/install/
# https://backports.debian.org/Instructions/
deb http://deb.debian.org/debian buster-backports main
deb http://deb.debian.org/debian ${DIST}-updates main
deb-src http://deb.debian.org/debian ${DIST}-updates main
EOF
@ -73,6 +78,7 @@ base_applications() {
htop \
iotop \
locales \
linux-headers-$(uname -r) \
make \
mount \
net-tools \
@ -86,6 +92,9 @@ base_applications() {
vim \
vpnc \
vpnc-scripts \
wireguard \
wireguard-dkms \
wireguard-tools \
zip \
--no-install-recommends
@ -93,6 +102,8 @@ base_applications() {
$SUDO apt autoremove
$SUDO apt autoclean
$SUDO apt clean
$SUDO ip link add dev wg0 type wireguard
}
install_server_base() {
@ -166,11 +177,14 @@ install_latex() {
evince \
texlive \
texlive-bibtex-extra \
texlive-fonts-extra \
texlive-fonts-recommended \
texlive-lang-english \
texlive-lang-german \
texlive-latex-extra \
texlive-latex-recommended \
texlive-pictures \
zathura \
--no-install-recommends
}
@ -189,16 +203,15 @@ install_i3() {
DEBIAN_FRONTEND=noninteractive
# TODO add non-free to apt/sources.list
apt update
apt install -y \
alsa-utils \
aspell \
aspell-de \
aspell-en \
cups-browsed \
emacs \
feh \
firefox-esr \
@ -240,6 +253,16 @@ install_i3() {
xorg \
--no-install-recommends
# install Syncthing via apt
# Add the release PGP keys:
curl -s https://syncthing.net/release-key.txt | sudo apt-key add -
# Add the "stable" channel to your APT sources:
echo "deb https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list
# Update and install syncthing:
sudo apt-get update
sudo apt-get install syncthing
echo "... DONE... cleaning up\n\n"
apt autoremove
apt autoclean
@ -361,49 +384,6 @@ install_compose() {
/usr/bin/docker-compose version
}
install_nvidia() {
echo "Prepare install for NVIDIA proprietary display driver"
apt update
apt install -y \
gcc \
linux-source \
linux-headers-`uname -r` \
--no-install-recommends
echo ""
echo "Please find a link to the current Package"
echo " https://devtalk.nvidia.com/default/topic/533434/linux/current-graphics-driver-releases/"
echo ""
echo "1. Download the self extracting archive. (*.run)"
echo "2. reboot into recovery mode and login as root"
echo "3. sh DRIVER_ARCHIVE.run"
echo ""
echo "... check if driver was installed correctly: $ nvidia-smi"
echo "more information can be found in README at link above"
echo ""
echo "Install NVIDIA-docker"
echo ""
echo "since Docker 19.03 no additional runtime required."
echo " https://github.com/NVIDIA/nvidia-docker"
# https://nvidia.github.io/nvidia-docker/
distribution="debian10"
curl -s -L https://nvidia.github.io/nvidia-docker/gpgkey | sudo apt-key add -
curl -s -L https://nvidia.github.io/nvidia-docker/$distribution/nvidia-docker.list | sudo tee /etc/apt/sources.list.d/nvidia-docker.list
apt update
apt install -y nvidia-container-toolkit
systemctl restart docker
docker pull nvidia/cuda:9.0-base
echo ""
echo "... check if driver was installed correctly: "
echo "$ docker run --gpus all nvidia/cuda:9.0-base nvidia-smi"
echo " should give same output as above"
}
install_virtualbox() {
# https://wiki.debian.org/VirtualBox#Installation_of_non-free_edition
apt install -y \
@ -437,7 +417,7 @@ EOF
# install/update golang from source
install_golang() {
export GO_VERSION=1.13.0
export GO_VERSION=1.15.0
export GO_SRC=/usr/local/go
# if we are passing the version
@ -455,7 +435,7 @@ main() {
local cmd=$1
if [[ -z "$cmd" ]]; then
echo "Usage: \n base | desktop | server | update-docker | go"
echo "Usage: \n base (includes docker+compose)| desktop | server | dotfiles | vscode | latex | update-docker | go"
fi
case "$cmd" in

79
wireguard/README.org Normal file
View File

@ -0,0 +1,79 @@
* Wireguard Quick Start
https://www.wireguard.com/quickstart/
- level 3 VPN Protocol.
- designed for Linux (works on BSD, MacOS and Windows too).
- network interface as most basic foundation of operation.
The interface can be named almost arbitrarily. Below ~wg0~ is used as a
generic interface name (like used in many public tutorials). Replace ~wg0~
with an interface name for the VPN connection, e.g. ~home~, ~mycloud~ or
~secret-work-jump-host~.
** Linux CLI
Cheat Sheet: https://gist.github.com/chrisswanda/88ade75fc463dcf964c6411d1e9b20f4
Tutorial with best Explaination:
https://medium.com/tangram-visions/what-they-dont-tell-you-about-setting-up-a-wireguard-vpn-46f7bd168478
*** Create Keys
#+begin_src bash
$ umask 077
$ wg genkey | tee privatekey | wg pubkey > publickey
#+end_src
*** Setup the Interface
#+begin_src bash
# sudo wg-quick up wg.conf.example
#+end_src
*** Add Peer
#+begin_src bash
# add peer
wg set wg0 peer <client_pubkey> allowed-ips 10.0.0.x/32 persistent-keepalive 25
# verify connection
wg
# save to config
wg-quick save wg0
#+end_src
*** Start/Stop Interface
#+begin_src bash
# Start/stop interface
wg-quick up wg0
wg-quick down wg0
# Start/stop service
$ sudo systemctl stop wg-quick@wg0.service
$ sudo systemctl start wg-quick@wg0.service
# Enable service at startup
sudo systemctl enable wg-quick@wg0.service
#+end_src
*** Sync the configuration without restarting the interface
From `man wg-quick`: The strip command is useful for reloading configuration
files without disrupting ac tive sessions:
#+begin_src bash
# wg syncconf wgnet0 <(wg-quick strip wgnet0)
#+end_src
** Alternative Webinterfaces for Managing Clients
- https://github.com/place1/wg-access-server/
- https://github.com/WeeJeWel/wg-easy
- https://github.com/subspacecommunity/subspace
- https://github.com/vx3r/wg-gen-web
- non-web: https://github.com/mullvad/wg-manager

17
wireguard/wg-client.conf.example Normal file
View File

@ -0,0 +1,17 @@
[Interface]
Address = 10.x.x.x/32
PostUp = wg set %i private-key /etc/wireguard/private-key-for-this-vpn
# immediately test connection to the public (jump) host
PostUp = ping -c1 10.0.0.1
[Peer]
PublicKey =
Endpoint =
# Set subnet for all IPs that should be routed
# through this VPN connection
AllowedIPs = 10.0.0.0/24
# if this client is behind a NAT and
# other clients should be able to connect
PersistentKeepalive = 25

17
wireguard/wg-server.conf.example Normal file
View File

@ -0,0 +1,17 @@
[Interface]
Address = 10.0.0.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
ListenPort = <some-high port>
PrivateKey = <here-comes-your-server-private-key>
[Peer]
# client 1
PublicKey = <client1-public-key>
AllowedIPs = 10.0.0.2/32
[Peer]
# client 2
PublicKey = <client2-public-key>
AllowedIPs = 10.0.0.3/32