diff --git a/.dockerfunc b/.dockerfunc index bcb8ebe..c405a03 100755 --- a/.dockerfunc +++ b/.dockerfunc @@ -100,34 +100,32 @@ ant() { arduino() { docker run \ - -it \ - --rm \ - --network=host \ - --privileged \ - -e DISPLAY=$DISPLAY \ - -v /tmp/.X11-unix:/tmp/.X11-unix \ - -v /dev/ttyUSB0:/dev/ttyUSB0 \ - -v $HOME/topics:/topics \ - -v $HOME/projects:/projects \ - tombenke/darduino:latest \ - arduino + -it \ + --network=host \ + --privileged \ + -e DISPLAY=$DISPLAY \ + -v /tmp/.X11-unix:/tmp/.X11-unix \ + -v /dev/ttyUSB0:/dev/ttyUSB0 \ + -v $HOME/topics:/topics \ + -v $HOME/projects:/home/developer/projects \ + fschl/darduino:1.8.10 \ + arduino } audacity(){ - del_stopped audacity - # -e QT_DEVICE_PIXEL_RATIO \ + del_stopped audacity - docker run -d \ - -v /etc/localtime:/etc/localtime:ro \ - -v /tmp/.X11-unix:/tmp/.X11-unix \ - -e "DISPLAY=unix${DISPLAY}" \ - -v $HOME/Downloads:/root/Downloads \ - -v $HOME/Documents:/root/Documents \ - -v $HOME/Music:/root/Music \ - --device /dev/snd \ - --group-add audio \ - --name audacity \ - jess/audacity + docker run -d \ + -v /etc/localtime:/etc/localtime:ro \ + -v /tmp/.X11-unix:/tmp/.X11-unix \ + -e "DISPLAY=unix${DISPLAY}" \ + -v $HOME/Downloads:/root/Downloads \ + -v $HOME/Documents:/root/Documents \ + -v $HOME/Music:/root/Music \ + --device /dev/snd \ + --group-add audio \ + --name audacity \ + jess/audacity } bro() { diff --git a/.i3/config b/.i3/config index 2278a9e..44a336a 100755 --- a/.i3/config +++ b/.i3/config @@ -111,16 +111,24 @@ assign [class=".*ee.*ass.*"] $WS8 # https://faq.i3wm.org/question/3726/workspace-output-multiple-values/index.html%3Fanswer=3731.html#post-id-3731 set $LAPTOP LVDS-1 -set $CENTER VGA-1 -#set $CENTER HDMI-1 -#set $CENTER DP-1 +set $CENTER HDMI-1 +set $RIGHT VGA-1 # monitor settings bindsym $mod+m mode "monitor" mode "monitor" { + # only laptop bindsym 1 exec xrandr --output $LAPTOP --auto --primary --output $CENTER --off $RIGHT --off - bindsym 2 exec xrandr --output $CENTER --primary --auto --output $LAPTOP --auto --left-of $CENTER - #bindsym 3 exec xrandr --output $CENTER --primary --auto --output $LAPTOP --auto --left-of $CENTER --output $RIGHT --auto --right-of $CENTER + # HDMI main, laptop secondary + bindsym 2 exec xrandr --output $CENTER --primary --auto --output $LAPTOP --auto --left-of $CENTER --output $RIGHT --off + # HDMI main, laptop left, VGA right, *not* supported on X230 + bindsym 3 exec xrandr --output $CENTER --primary --auto --output $LAPTOP --auto --left-of $CENTER --output $RIGHT --auto --right-of $CENTER + # HDMI main, VGA right, laptop off + bindsym 4 exec xrandr --output $CENTER --primary --auto --output $RIGHT --auto --right-of $CENTER --rotate left --output $LAPTOP --off + # VGA main, laptop left, HDMI off + bindsym 8 exec xrandr --output $RIGHT --primary --auto --output $LAPTOP --auto --left-of $RIGHT --output $CENTER --off + # HDMI main, VGA right, laptop off + bindsym 9 exec xrandr --output $CENTER --primary --auto --output $RIGHT --auto --right-of $CENTER --output $LAPTOP --off # back to normal: Enter or Escape bindsym Return mode "default" @@ -224,8 +232,7 @@ bar { bar { output $CENTER - output DP-1 - output HDMI-1 + output $RIGHT status_command i3status --config ~/.i3/status_small.conf tray_output $LAPTOP } @@ -240,6 +247,7 @@ bar { #exec xrdb -merge /home/jessie/.Xresources #exec xrdb -merge /home/jessie/.Xdefaults + # startup programs exec amixer set Master 1+ off exec amixer set Master 54 @@ -253,3 +261,4 @@ exec --no-startup-id i3-msg 'exec thunderbird' exec --no-startup-id i3-msg 'exec keepassxc' # exec --no-startup-id i3-msg 'exec nextcloud' exec --no-startup-id i3-msg 'workspace $WS3; exec urxvt;' + diff --git a/.i3/status.conf b/.i3/status.conf index 22abeb0..a040225 100755 --- a/.i3/status.conf +++ b/.i3/status.conf @@ -25,7 +25,7 @@ order += "path_exists VPN" #order += "ipv6" order += "wireless wlp3s0" order += "ethernet enp0s25" -order += "volume master" +order += "volume Master" order += "battery 0" #order += "cpu_temperature 0" order += "load" @@ -65,7 +65,7 @@ run_watch DHCP { } path_exists VPN { - path = "/proc/sys/net/ipv4/conf/tun0" + path = "/proc/sys/net/ipv4/conf/wg0" } tztime local { @@ -112,7 +112,7 @@ disk "/media/driveBay" { format = "/ %avail" } -volume master { +volume Master { format = " %volume" format_muted = " %volume" device = "default" diff --git a/.i3/status_small.conf b/.i3/status_small.conf index eef626d..aba9800 100755 --- a/.i3/status_small.conf +++ b/.i3/status_small.conf @@ -21,7 +21,8 @@ order += "run_watch Docker" order += "run_watch DHCP" order += "path_exists VPN" order += "wireless wlp3s0" -order += "ethernet eth0" +# order += "ethernet eth0" +order += "ethernet enp0s25" order += "volume master" order += "battery 0" order += "load" @@ -43,7 +44,8 @@ wireless wlp3s0 { format_down = " -" } -ethernet eth0 { +# ethernet eth0 { +ethernet enp0s25 { # if you use %speed, i3status requires root privileges format_up = "E: up" format_down = "E: down" diff --git a/.path b/.path index f0c0a3f..1a39d5b 100644 --- a/.path +++ b/.path @@ -1,4 +1,4 @@ #export GOROOT=/usr/local/go/bin # export GOPATH=/home/fschl/projects/go_projects -export PATH=${PATH}:/usr/local/go/bin:${GOPATH}/bin \ No newline at end of file +export PATH=${PATH}:/usr/local/go/bin:/home/fschl/go/bin \ No newline at end of file diff --git a/.spacemacs b/.spacemacs index ed5436f..8ffb71d 100644 --- a/.spacemacs +++ b/.spacemacs @@ -323,10 +323,51 @@ you should place your code here." (setq dired-listing-switches "-alh") (setq-default dotspacemacs-configuration-layers '(( + ruby + javascript + nginx rust rustauto-completion :variables auto-completion-enable-snippets-in-popup t auto-completion-enable-help-tooltip t))) + (with-eval-after-load 'org + (setq org-default-notes-file "~/Documents/Org/tasks.org") + (setq org-agenda-files + (quote ("~/Documents/Org/tasks.org" + "~/Documents/Org/journal.org" + "~/Documents/Org/projects.org" + "~/Documents/Org/watchlist.org" + "~/Documents/Org/birthdays.org"))) + (setq org-capture-templates + '(("t" "todo list item" ; name + entry ; type + (file+headline org-default-notes-file "Tasks") + "* TODO %?\n DEADLINE: %^T") ; template + ("T" "todo list item with source" ; name + entry ; type + (file+headline org-default-notes-file "Tasks") + "* TODO %?\n %a \n DEALINE: %^T \n %i") ; template + + ("m" "scheduled meeting" ; name + entry ; type + (file+headline org-default-notes-file "Tasks") + "* MEETING %?\n SCHEDULED: %^T\n %a") ; template + + ("p" "phone call" ; name + entry ; type + (file+headline org-default-notes-file "Tasks") + "* PHONE %?\n %i\n %a") ; template + + ("a" "Articles" + entry (file+weektree "~/Documents/Org/journal.org") + "* %? \n%x \n %u\n- $?") + ) + ) + +) + (setq org-ref-default-bibliography '("~/Documents/WHZ/MA/latex/references.bib") + org-ref-pdf-directory "~/Documents/WHZ/MA/references/" + org-ref-bibliography-notes "~/Documents/WHZ/MA/notes.org") ) ;; Do not write anything past this comment. This is where Emacs will diff --git a/LICENSE.md b/LICENSE.md index b22a877..2004f53 100755 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2017 Frieder Schlesier +Copyright (c) 2017-2020 Frieder Schlesier Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in diff --git a/scripts/install.sh b/scripts/install.sh index 135a9fe..f1525bc 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -39,6 +39,11 @@ deb-src http://deb.debian.org/debian ${DIST} main deb http://deb.debian.org/debian-security/ ${DIST}/updates main deb-src http://deb.debian.org/debian-security/ ${DIST}/updates main +# backports for wireguard +# https://www.wireguard.com/install/ +# https://backports.debian.org/Instructions/ +deb http://deb.debian.org/debian buster-backports main + deb http://deb.debian.org/debian ${DIST}-updates main deb-src http://deb.debian.org/debian ${DIST}-updates main EOF @@ -73,6 +78,7 @@ base_applications() { htop \ iotop \ locales \ + linux-headers-$(uname -r) \ make \ mount \ net-tools \ @@ -86,6 +92,9 @@ base_applications() { vim \ vpnc \ vpnc-scripts \ + wireguard \ + wireguard-dkms \ + wireguard-tools \ zip \ --no-install-recommends @@ -93,6 +102,8 @@ base_applications() { $SUDO apt autoremove $SUDO apt autoclean $SUDO apt clean + + $SUDO ip link add dev wg0 type wireguard } install_server_base() { @@ -166,11 +177,14 @@ install_latex() { evince \ texlive \ texlive-bibtex-extra \ + texlive-fonts-extra \ + texlive-fonts-recommended \ texlive-lang-english \ texlive-lang-german \ texlive-latex-extra \ texlive-latex-recommended \ texlive-pictures \ + zathura \ --no-install-recommends } @@ -189,16 +203,15 @@ install_i3() { DEBIAN_FRONTEND=noninteractive - # TODO add non-free to apt/sources.list - apt update apt install -y \ alsa-utils \ aspell \ aspell-de \ aspell-en \ + cups-browsed \ emacs \ feh \ firefox-esr \ @@ -240,6 +253,16 @@ install_i3() { xorg \ --no-install-recommends + # install Syncthing via apt + # Add the release PGP keys: + curl -s https://syncthing.net/release-key.txt | sudo apt-key add - + + # Add the "stable" channel to your APT sources: + echo "deb https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list + + # Update and install syncthing: + sudo apt-get update + sudo apt-get install syncthing echo "... DONE... cleaning up\n\n" apt autoremove apt autoclean @@ -361,49 +384,6 @@ install_compose() { /usr/bin/docker-compose version } -install_nvidia() { - echo "Prepare install for NVIDIA proprietary display driver" - - apt update - apt install -y \ - gcc \ - linux-source \ - linux-headers-`uname -r` \ - --no-install-recommends - - echo "" - echo "Please find a link to the current Package" - echo " https://devtalk.nvidia.com/default/topic/533434/linux/current-graphics-driver-releases/" - echo "" - echo "1. Download the self extracting archive. (*.run)" - echo "2. reboot into recovery mode and login as root" - echo "3. sh DRIVER_ARCHIVE.run" - echo "" - echo "... check if driver was installed correctly: $ nvidia-smi" - echo "more information can be found in README at link above" - - echo "" - echo "Install NVIDIA-docker" - echo "" - echo "since Docker 19.03 no additional runtime required." - echo " https://github.com/NVIDIA/nvidia-docker" - - # https://nvidia.github.io/nvidia-docker/ - distribution="debian10" - - curl -s -L https://nvidia.github.io/nvidia-docker/gpgkey | sudo apt-key add - - curl -s -L https://nvidia.github.io/nvidia-docker/$distribution/nvidia-docker.list | sudo tee /etc/apt/sources.list.d/nvidia-docker.list - apt update - apt install -y nvidia-container-toolkit - systemctl restart docker - docker pull nvidia/cuda:9.0-base - - echo "" - echo "... check if driver was installed correctly: " - echo "$ docker run --gpus all nvidia/cuda:9.0-base nvidia-smi" - echo " should give same output as above" -} - install_virtualbox() { # https://wiki.debian.org/VirtualBox#Installation_of_non-free_edition apt install -y \ @@ -437,7 +417,7 @@ EOF # install/update golang from source install_golang() { - export GO_VERSION=1.13.0 + export GO_VERSION=1.15.0 export GO_SRC=/usr/local/go # if we are passing the version @@ -455,7 +435,7 @@ main() { local cmd=$1 if [[ -z "$cmd" ]]; then - echo "Usage: \n base | desktop | server | update-docker | go" + echo "Usage: \n base (includes docker+compose)| desktop | server | dotfiles | vscode | latex | update-docker | go" fi case "$cmd" in diff --git a/wireguard/README.org b/wireguard/README.org new file mode 100644 index 0000000..dc38cb9 --- /dev/null +++ b/wireguard/README.org @@ -0,0 +1,79 @@ +* Wireguard Quick Start + + https://www.wireguard.com/quickstart/ + + - level 3 VPN Protocol. + - designed for Linux (works on BSD, MacOS and Windows too). + - network interface as most basic foundation of operation. + + The interface can be named almost arbitrarily. Below ~wg0~ is used as a + generic interface name (like used in many public tutorials). Replace ~wg0~ + with an interface name for the VPN connection, e.g. ~home~, ~mycloud~ or + ~secret-work-jump-host~. + +** Linux CLI + + Cheat Sheet: https://gist.github.com/chrisswanda/88ade75fc463dcf964c6411d1e9b20f4 + + Tutorial with best Explaination: + https://medium.com/tangram-visions/what-they-dont-tell-you-about-setting-up-a-wireguard-vpn-46f7bd168478 + +*** Create Keys + + #+begin_src bash + $ umask 077 + $ wg genkey | tee privatekey | wg pubkey > publickey + #+end_src + +*** Setup the Interface + + #+begin_src bash + # sudo wg-quick up wg.conf.example + #+end_src + +*** Add Peer + + #+begin_src bash + # add peer + wg set wg0 peer allowed-ips 10.0.0.x/32 persistent-keepalive 25 + + # verify connection + wg + + # save to config + wg-quick save wg0 + #+end_src + +*** Start/Stop Interface + + #+begin_src bash + # Start/stop interface + wg-quick up wg0 + wg-quick down wg0 + + # Start/stop service + $ sudo systemctl stop wg-quick@wg0.service + $ sudo systemctl start wg-quick@wg0.service + + # Enable service at startup + sudo systemctl enable wg-quick@wg0.service + #+end_src + +*** Sync the configuration without restarting the interface + + From `man wg-quick`: The strip command is useful for reloading configuration + files without disrupting ac‐ tive sessions: + + #+begin_src bash + # wg syncconf wgnet0 <(wg-quick strip wgnet0) + #+end_src + +** Alternative Webinterfaces for Managing Clients + + - https://github.com/place1/wg-access-server/ + - https://github.com/WeeJeWel/wg-easy + - https://github.com/subspacecommunity/subspace + - https://github.com/vx3r/wg-gen-web + + - non-web: https://github.com/mullvad/wg-manager + diff --git a/wireguard/wg-client.conf.example b/wireguard/wg-client.conf.example new file mode 100644 index 0000000..813e88f --- /dev/null +++ b/wireguard/wg-client.conf.example @@ -0,0 +1,17 @@ +[Interface] +Address = 10.x.x.x/32 +PostUp = wg set %i private-key /etc/wireguard/private-key-for-this-vpn + +# immediately test connection to the public (jump) host +PostUp = ping -c1 10.0.0.1 + +[Peer] +PublicKey = +Endpoint = +# Set subnet for all IPs that should be routed +# through this VPN connection +AllowedIPs = 10.0.0.0/24 + +# if this client is behind a NAT and +# other clients should be able to connect +PersistentKeepalive = 25 \ No newline at end of file diff --git a/wireguard/wg-server.conf.example b/wireguard/wg-server.conf.example new file mode 100644 index 0000000..50c2537 --- /dev/null +++ b/wireguard/wg-server.conf.example @@ -0,0 +1,17 @@ +[Interface] +Address = 10.0.0.1/24 +SaveConfig = true +PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE +PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE +ListenPort = +PrivateKey = + +[Peer] +# client 1 +PublicKey = +AllowedIPs = 10.0.0.2/32 + +[Peer] +# client 2 +PublicKey = +AllowedIPs = 10.0.0.3/32