diff --git a/.aliases b/.aliases index 5b1396f..745ac44 100755 --- a/.aliases +++ b/.aliases @@ -15,6 +15,10 @@ alias camshot='fswebcam -r 640x480 --jpeg 90 -F 3 -D 1 --no-banner' alias ta='tmux attach' alias u='sudo ufw status numbered' +alias sk='sh ~/projects/home-infra/tools/goking.sh' +alias wgfsu='sudo wg-quick up fschl-vpn' +alias wgfsd='sudo wg-quick down fschl-vpn' + alias routes='ip -o routes show' alias ips='ip -o addr show | grep -v br-' alias ports="echo '... ss -tl add -n to see port numbers ;-)'; ss -tl" diff --git a/.dockerfunc b/.dockerfunc index c405a03..8d30792 100755 --- a/.dockerfunc +++ b/.dockerfunc @@ -306,22 +306,6 @@ photon() { } -gimp() { - del_stopped gimp - - docker run -d \ - -v /etc/localtime:/etc/localtime:ro \ - -v /tmp/.X11-unix:/tmp/.X11-unix \ - -e DISPLAY=unix$DISPLAY \ - -v $HOME/Pictures:/root/Pictures \ - -v $HOME/projects:/root/projects \ - -v $HOME/Documents:/root/Documents \ - --name gimp \ - ${DOCKER_REPO_PREFIX}/gimp - - exit 0; -} - icedove() { del_stopped icedove MYUSERID=$(id --user) @@ -345,30 +329,6 @@ icedove() { exit 0; } -thunderbird() { - del_stopped thunderbird - MYUSERID=$(id --user) - - echo "starting thunderbird with uid" - echo $MYUSERID - - # docker run -d - docker run -ti \ - --name="thunderbird" \ - -v /tmp/.X11-unix:/tmp/.X11-unix \ - -e DISPLAY=unix$DISPLAY \ - -v /etc/localtime:/etc/localtime:ro \ - --user $MYUSERID \ - -v $HOME/Downloads/:/home/appuser/Downloads \ - -v $HOME/Documents/:/home/appuser/Documents \ - -v $HOME/.thunderbird/:/home/appuser/.thunderbird \ - -v $HOME/.gnupg/:/home/appuser/.gnupg \ - ${DOCKER_REPO_PREFIX}/thunderbird:latest \ - bash - - # exit 0; -} - inkscape() { del_stopped inkscape @@ -423,46 +383,6 @@ java() { } -# latex() { -# del_stopped latex - -# docker run -it --rm \ -# --net host \ -# -v $(pwd):/usr/src/latex \ -# --workdir="/usr/src/latex" \ -# ${DOCKER_REPO_PREFIX}/latex "$@" -# } - -# pdflatex() { -# local file=$@ -# local cur_dir=$(pwd) -# local FILENAME=${file%%.*} - -# latex bash -c "latex $file; latex $file; pdflatex $file" - -# sudo rm $FILENAME.aux $FILENAME.dvi $FILENAME.out - -# sudo chown ${DOCKER_REPO_PREFIX}:${DOCKER_REPO_PREFIX} $FILENAME.pdf -# } - -libreoffice() { - del_stopped libreoffice - - docker run -d \ - -v /etc/localtime:/etc/localtime:ro \ - -v /tmp/.X11-unix:/tmp/.X11-unix \ - -e DISPLAY=unix$DISPLAY \ - -v $HOME/Documents:/root/Documents \ - -v $HOME/Pictures:/root/Pictures \ - -v $HOME/Downloads:/root/Downloads \ - -e GDK_SCALE \ - -e GDK_DPI_SCALE \ - --name libreoffice \ - ${DOCKER_REPO_PREFIX}/libreoffice - - exit 0; -} - memo() { del_stopped memo_standalone @@ -491,21 +411,6 @@ netbeans() { ${DOCKER_REPO_PREFIX}/netbeans:latest } -# start from a directory which contains a openvpn config file named 'config.ovpn' -# cert and key files should be in the same directory or relatively referencable -# from the config file -openvpn() { - del_stopped openvpn - - docker run -it --rm \ - --name="openvpn" \ - --net host \ - --device /dev/net/tun:/dev/net/tun \ - --cap-add NET_ADMIN \ - -v "$PWD":/etc/openvpn \ - ${DOCKER_REPO_PREFIX}/openvpn:latest config.ovpn -} - papyrus() { # del_stopped papyrus @@ -541,46 +446,6 @@ papyrus() { } - -pulseaudio() { - del_stopped pulseaudio - - docker run -d \ - -v /etc/localtime:/etc/localtime:ro \ - --device /dev/snd \ - -p 4713:4713 \ - --restart always \ - --name pulseaudio \ - ${DOCKER_REPO_PREFIX}/pulseaudio -} - -# pulseaudio() { -# del_stopped pulseaudio - -# docker run -d \ -# -v /etc/localtime:/etc/localtime:ro \ -# --device /dev/snd \ -# -p 4713:4713 \ -# --restart always \ -# -v /var/run/dbus:/var/run/dbus \ -# -v /etc/machine-id:/etc/machine-id \ -# --name pulseaudio \ -# ${DOCKER_REPO_PREFIX}/pulseaudio -# } - -p3() { - local args=$@ - local cur_dir=$(pwd) - local targetmount=$(basename $cur_dir) - - docker run -it --rm \ - -v $(pwd):/src/$targetmount \ - -w /src/$targetmount \ - python:3 \ - bash -c "$args" -} - - rstudio(){ del_stopped rstudio @@ -612,26 +477,6 @@ scenebuilder() { exit 0; } -skype() { - del_stopped skype - - docker run -d \ - -v $HOME/Downloads:/root/skype/Downloads \ - -v /run/user/1000/pulse:/run/user/1000/pulse \ - -v /var/lib/dbus:/var/lib/dbus \ - -v ~/.pulse:/root/.pulse \ - -v /etc/localtime:/etc/localtime:ro \ - -v /tmp/.X11-unix:/tmp/.X11-unix \ - -e DISPLAY=unix$DISPLAY \ - --device /dev/video0 \ - --device /dev/snd \ - --name skype \ - --net host \ - ${DOCKER_REPO_PREFIX}/skype - - exit 0; -} - # call with net-name as param tinc() { local tinc_dir="${HOME}/.config/etc-tinc" diff --git a/.i3/config b/.i3/config index 794bc87..a573300 100755 --- a/.i3/config +++ b/.i3/config @@ -224,6 +224,7 @@ bar { inactive_workspace #002b36 #586e75 #002b36 urgent_workspace #d33682 #d33682 #fdf6e3 } + output $LAPTOP output $CENTER font pango:DejaVu Sans Mono, FontAwesome 7 status_command i3status --config ~/.i3/status.conf diff --git a/.i3/status.conf b/.i3/status.conf index 1220e4b..04e6146 100755 --- a/.i3/status.conf +++ b/.i3/status.conf @@ -50,7 +50,7 @@ ethernet sl-optigem { ethernet enp31s0 { # if you use %speed, i3status requires root privileges format_up = "E: %ip (%speed)" - format_down = "E: -" + format_down = "E:-" } battery 0 { @@ -71,10 +71,6 @@ run_watch DHCP { pidfile = "/var/run/dhclient*.pid" } -path_exists VPN { - path = "/proc/sys/net/ipv4/conf/wg0" -} - tztime local { format = "%Y-%m-%d (%V) %a %H:%M:%S" } diff --git a/.spacemacs b/.spacemacs index f0bdeab..e7b422c 100644 --- a/.spacemacs +++ b/.spacemacs @@ -32,14 +32,14 @@ This function should only modify configuration layer settings." ;; List of configuration layers to load. dotspacemacs-configuration-layers - ;; ---------------------------------------------------------------- - ;; Example of useful layers you may want to use right away. - ;; Uncomment some layer names and press (Vim style) or - ;; (Emacs style) to install them. - ;; ---------------------------------------------------------------- - '( - better-defaults + '( + ;; ---------------------------------------------------------------- + ;; Example of useful layers you may want to use right away. + ;; Uncomment some layer names and press `SPC f e R' (Vim style) or + ;; `M-m f e R' (Emacs style) to install them. + ;; ---------------------------------------------------------------- auto-completion + better-defaults bibtex docker emacs-lisp @@ -51,21 +51,16 @@ This function should only modify configuration layer settings." latex markdown org + plantuml python + ranger + rust shell shell-scripts spell-checking syntax-checking version-control - yaml - ;; (shell :variables - ;; shell-default-height 30 - ;; shell-default-position 'bottom) - ;; spell-checking - ;; syntax-checking - ;; version-control - treemacs) - + yaml) ;; List of additional packages that will be installed without being wrapped ;; in a layer (generally the packages are installed only and should still be @@ -520,7 +515,7 @@ It should only modify the values of Spacemacs settings." dotspacemacs-home-shorten-agenda-source nil ;; If non-nil then byte-compile some of Spacemacs files. - dotspacemacs-byte-compile nil)) + dotspacemacs-byte-compile t)) (defun dotspacemacs/user-env () "Environment variables setup. @@ -552,7 +547,6 @@ layers configuration. This is the place where most of your configurations should be done. Unless it is explicitly specified that a variable should be set before a package is loaded, you should place your code here." - (setq powerline-default-separator 'nil) (setq dired-listing-switches "-alh") (setq-default dotspacemacs-configuration-layers '(( @@ -579,7 +573,7 @@ you should place your code here." ("T" "todo list item with source" ; name entry ; type (file+headline org-default-notes-file "Tasks") - "* TODO %?\n %a \n DEALINE: %^T \n %i") ; template + "* TODO %?\n %a \n DEADLINE: %^T \n %i") ; template ("m" "scheduled meeting" ; name entry ; type @@ -619,3 +613,24 @@ you should place your code here." ;; Your init file should contain only one such instance. ;; If there is more than one, they won't work right. ) +(defun dotspacemacs/emacs-custom-settings () + "Emacs custom settings. +This is an auto-generated function, do not modify its content directly, use +Emacs customize menu instead. +This function is called at the very end of Spacemacs initialization." +(custom-set-variables + ;; custom-set-variables was added by Custom. + ;; If you edit it by hand, you could mess it up, so be careful. + ;; Your init file should contain only one such instance. + ;; If there is more than one, they won't work right. + '(evil-want-Y-yank-to-eol nil) + '(package-selected-packages + (quote + (systemd company-auctex auctex flycheck-pos-tip pos-tip flycheck docker json-mode tablist docker-tramp json-snatcher json-reformat unfill mwim web-mode tagedit slim-mode scss-mode sass-mode pug-mode less-css-mode helm-css-scss haml-mode emmet-mode company-web web-completion-data go-guru go-eldoc company-go go-mode yaml-mode smeargle orgit org-projectile org-category-capture org-present org-pomodoro alert log4e gntp org-mime org-download mmm-mode markdown-toc markdown-mode magit-gitflow htmlize helm-gitignore helm-company helm-c-yasnippet gnuplot gitignore-mode gitconfig-mode gitattributes-mode git-timemachine git-messenger git-link git-gutter-fringe+ git-gutter-fringe fringe-helper git-gutter+ git-gutter gh-md fuzzy evil-magit magit magit-popup git-commit ghub treepy let-alist graphql with-editor diff-hl company-statistics company auto-yasnippet yasnippet ac-ispell auto-complete dockerfile-mode ws-butler winum which-key volatile-highlights vi-tilde-fringe uuidgen use-package toc-org spaceline powerline restart-emacs request rainbow-delimiters popwin persp-mode pcre2el paradox spinner org-plus-contrib org-bullets open-junk-file neotree move-text macrostep lorem-ipsum linum-relative link-hint indent-guide hydra hungry-delete hl-todo highlight-parentheses highlight-numbers parent-mode highlight-indentation helm-themes helm-swoop helm-projectile helm-mode-manager helm-make projectile pkg-info epl helm-flx helm-descbinds helm-ag google-translate golden-ratio flx-ido flx fill-column-indicator fancy-battery eyebrowse expand-region exec-path-from-shell evil-visualstar evil-visual-mark-mode evil-unimpaired evil-tutor evil-surround evil-search-highlight-persist evil-numbers evil-nerd-commenter evil-mc evil-matchit evil-lisp-state smartparens evil-indent-plus evil-iedit-state iedit evil-exchange evil-escape evil-ediff evil-args evil-anzu anzu evil goto-chg undo-tree eval-sexp-fu highlight elisp-slime-nav dumb-jump f dash s diminish define-word column-enforce-mode clean-aindent-mode bind-map bind-key auto-highlight-symbol auto-compile packed aggressive-indent adaptive-wrap ace-window ace-link ace-jump-helm-line helm avy helm-core popup async)))) +(custom-set-faces + ;; custom-set-faces was added by Custom. + ;; If you edit it by hand, you could mess it up, so be careful. + ;; Your init file should contain only one such instance. + ;; If there is more than one, they won't work right. + ) +) diff --git a/.tmux.conf b/.tmux.conf index 12749a4..7adf980 100755 --- a/.tmux.conf +++ b/.tmux.conf @@ -1,7 +1,3 @@ -# similar to emacs commands... -unbind C-b -set -g prefix M-a - bind -n M-Left select-pane -L bind -n M-Right select-pane -R bind -n M-Up select-pane -U diff --git a/LICENSE.md b/LICENSE.md index 2004f53..2ad6746 100755 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2017-2020 Frieder Schlesier +Copyright (c) 2017-2021 Frieder Schlesier Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in diff --git a/README.org b/README.org index 4a27c80..6b5674f 100644 --- a/README.org +++ b/README.org @@ -2,9 +2,6 @@ Things that make my linux life more comfortable, portable and secure. For debian, or debian-based distros. using i3wm.org on the desktop. - And containers everywhere :) - - inspired by https://github.com/jessfraz ** Questions this repos tries to answer @@ -68,7 +65,7 @@ **** Managing logins & passphrases - - use a secure, cross-platform, *cloudless* password manager, e.g keepass2 + - use a secure, cross-platform, *cloudless* password manager, e.g keepassXC **** Backup Secure Keys diff --git a/bin/go b/bin/go deleted file mode 100755 index 525c7da..0000000 --- a/bin/go +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -# execute go command inside a container -# - -set -o pipefail - -source $HOME/.dockerfunc - -go $@ diff --git a/bin/gofmt b/bin/gofmt deleted file mode 100755 index a93f17d..0000000 --- a/bin/gofmt +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash - -# execute go command inside a container -# - -set -o pipefail -set -x - -source $HOME/.dockerfunc - -# TODO: increase performance for go commands -# check directory calling from -# USE LABELS https://docs.docker.com/engine/userguide/labels-custom-metadata/#query-labels -# run a go-dev container for that go application -# check if maybe there is already a container running for this app -# if so, just docker exec the command inside this app container - -go fmt $@ diff --git a/scripts/install.sh b/scripts/install.sh index f1525bc..f66adf2 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -184,6 +184,7 @@ install_latex() { texlive-latex-extra \ texlive-latex-recommended \ texlive-pictures \ + texlive-plain-generic \ zathura \ --no-install-recommends } @@ -228,6 +229,8 @@ install_i3() { i3lock-fancy \ i3status \ keepassxc \ + libnotify-bin \ + libnotify-dev \ libreoffice-calc \ libreoffice-impress \ libreoffice-l10n-de \ @@ -236,7 +239,7 @@ install_i3() { network-manager-gnome \ network-manager-vpnc \ network-manager-vpnc-gnome \ - nextcloud-desktop \ + notify-osd \ ntfs-3g \ nmap \ pulseaudio \ @@ -249,17 +252,25 @@ install_i3() { thunderbird-l10n-de \ thunderbird-l10n-en-gb \ vlc \ - xclip \ xorg \ --no-install-recommends - # install Syncthing via apt + cat <<-EOF > /usr/share/dbus-1/services/org.freedesktop.Notifications.service + [D-BUS Service] + Name=org.freedesktop.Notifications + Exec=/usr/lib/notification-daemon/notification-daemon +EOF + + # install Syncthing via https://apt.syncthing.net/ # Add the release PGP keys: curl -s https://syncthing.net/release-key.txt | sudo apt-key add - # Add the "stable" channel to your APT sources: echo "deb https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list + # pin the correct apt repo + printf "Package: *\nPin: origin apt.syncthing.net\nPin-Priority: 990\n" | sudo tee /etc/apt/preferences.d/syncthing + # Update and install syncthing: sudo apt-get update sudo apt-get install syncthing @@ -362,7 +373,7 @@ install_compose() { # https://github.com/docker/compose/releases # btw: *not* for raspbian! you got 3 choices: hypriot, install via pip or build yourself # https://www.berthon.eu/2017/getting-docker-compose-on-raspberry-pi-arm-the-easy-way/ - VERS="1.24.1" + VERS="1.28.6" FILE="docker-compose-$(uname -s)-$(uname -m)" echo "installing docker-compose $VERS ... curling from github" @@ -384,6 +395,49 @@ install_compose() { /usr/bin/docker-compose version } +install_nvidia() { + echo "Prepare install for NVIDIA proprietary display driver" + + apt update + apt install -y \ + gcc \ + linux-source \ + linux-headers-`uname -r` \ + --no-install-recommends + + echo "" + echo "Please find a link to the current Package" + echo " https://devtalk.nvidia.com/default/topic/533434/linux/current-graphics-driver-releases/" + echo "" + echo "1. Download the self extracting archive. (*.run)" + echo "2. reboot into recovery mode and login as root" + echo "3. sh DRIVER_ARCHIVE.run" + echo "" + echo "... check if driver was installed correctly: $ nvidia-smi" + echo "more information can be found in README at link above" + + echo "" + echo "Install NVIDIA-docker" + echo "" + echo "since Docker 19.03 no additional runtime required." + echo " https://github.com/NVIDIA/nvidia-docker" + + # https://nvidia.github.io/nvidia-docker/ + distribution="debian10" + + curl -s -L https://nvidia.github.io/nvidia-docker/gpgkey | sudo apt-key add - + curl -s -L https://nvidia.github.io/nvidia-docker/$distribution/nvidia-docker.list | sudo tee /etc/apt/sources.list.d/nvidia-docker.list + apt update + apt install -y nvidia-container-toolkit + systemctl restart docker + docker pull nvidia/cuda:9.0-base + + echo "" + echo "... check if driver was installed correctly: " + echo "$ docker run --gpus all nvidia/cuda:9.0-base nvidia-smi" + echo " should give same output as above" +} + install_virtualbox() { # https://wiki.debian.org/VirtualBox#Installation_of_non-free_edition apt install -y \ @@ -394,30 +448,11 @@ install_virtualbox() { software-properties-common \ --no-install-recommends - curl -fsSL https://download.docker.com/linux/debian/gpg | $SUDO apt-key add - - - # add docker apt repo - cat <<-EOF > /etc/apt/sources.list.d/docker.list - deb [arch=amd64] https://download.docker.com/linux/debian buster stable - # deb [arch=amd64] https://download.docker.com/linux/debian buster test - # deb [arch=amd64] https://download.docker.com/linux/debian buster nightly -EOF - - apt update - apt install -y \ - docker-ce \ - --no-install-recommends - - groupadd docker - addgroup ${USERNAME} docker - - docker version - docker info } # install/update golang from source install_golang() { - export GO_VERSION=1.15.0 + export GO_VERSION=1.16.0 export GO_SRC=/usr/local/go # if we are passing the version diff --git a/wireguard/README.org b/wireguard/README.org index dc38cb9..5518a74 100644 --- a/wireguard/README.org +++ b/wireguard/README.org @@ -10,7 +10,7 @@ generic interface name (like used in many public tutorials). Replace ~wg0~ with an interface name for the VPN connection, e.g. ~home~, ~mycloud~ or ~secret-work-jump-host~. - + ** Linux CLI Cheat Sheet: https://gist.github.com/chrisswanda/88ade75fc463dcf964c6411d1e9b20f4 @@ -22,16 +22,16 @@ #+begin_src bash $ umask 077 - $ wg genkey | tee privatekey | wg pubkey > publickey + $ wg genkey | tee host.key | wg pubkey > host.pub #+end_src *** Setup the Interface #+begin_src bash - # sudo wg-quick up wg.conf.example + # sudo wg-quick up wg0.conf #+end_src -*** Add Peer +*** Add Peer #+begin_src bash # add peer @@ -42,8 +42,15 @@ # save to config wg-quick save wg0 + #+end_src +**** Mobile Client + + requires ~qrencode~ package installed: + ~qrencode -t ansiutf8 < tunnel.conf~ + where ~tunnel.conf~ is the configuration file for the client, including its private and public keys. + *** Start/Stop Interface #+begin_src bash @@ -56,16 +63,16 @@ $ sudo systemctl start wg-quick@wg0.service # Enable service at startup - sudo systemctl enable wg-quick@wg0.service + sudo systemctl enable wg-quick@wg0.service #+end_src *** Sync the configuration without restarting the interface From `man wg-quick`: The strip command is useful for reloading configuration files without disrupting ac‐ tive sessions: - + #+begin_src bash - # wg syncconf wgnet0 <(wg-quick strip wgnet0) + # wg syncconf wg0 <(wg-quick strip wg0) #+end_src ** Alternative Webinterfaces for Managing Clients @@ -76,4 +83,3 @@ - https://github.com/vx3r/wg-gen-web - non-web: https://github.com/mullvad/wg-manager -