update README

2024-03-05 14:20:35 +01:00 · 2024-03-05 14:20:35 +01:00 · c828cd5014
parent 96ad907232
commit c828cd5014
1 changed files with 40 additions and 35 deletions
--- a/README.org
+++ b/README.org
@ -1,35 +1,29 @@
 * fschl dotfiles
-  Things that make my linux life more comfortable, portable and secure.
+My personal computing environment.
  For debian, or debian-based distros. using i3wm.org on the desktop.
-** Questions this repos tries to answer
+** Features
-   - How long does it take for you to set up a machine?
+   - reproducable machine setup (GNU Guix)
-   - Do you have backups?
+   - keyboard-based environment (Sway wm)
-   - Are you using a password manager?
+   - efficient, keyboard based (Emacs + CLI tools)
-   - How do you transport your secrets?
+   - portable password management (KeepassXC)
-   - Can you get things done without *your* computer?
+   - similar environment on Desktop, Laptop, Android
   - for Laptop: encrypted boot + home partitions
   - TODO Can you get things done without *your* computer?
     - Rescue+Recover friends laptops/computers
     - panic-ops using a friends laptop
-*** Firefox/Thunderbird customization
+** Security
-    - goto ~.mozilla/firefox/<user-profile>/~
+*** SSH Hardening
    - ~mkdir chrome/ && cp ~/dotfiles/userChrome.css ./chrome/~
    - open Firefox: ~about:config~ and set
 ~toolkit.legacyUserProfileCustomizations.stylesheets~ to *true*
 *** Security
 **** SSH Hardening
     - https://blog.g3rt.nl/upgrade-your-ssh-keys.html
     - https://stribika.github.io/2015/01/04/secure-secure-shell.html
     - https://wiki.mozilla.org/Security/Guidelines/OpenSSH#OpenSSH_client
     - see ~/etc/ssh/ssh_config~ and ~.ssh/config~
-**** SSH key generation
+*** SSH key generation
     #+BEGIN_SRC bash
       # ED25519 keys are favored over RSA keys when backward compatibility ''is not required''.
@ -44,26 +38,22 @@
       $ ssh-copy-id -i ~/.ssh/<file>.pub -p 22 user@host
     #+END_SRC
-**** GnuPG
+*** GnuPG
-     - https://wiki.mozilla.org/Security/Key_Management
+ - https://wiki.mozilla.org/Security/Key_Management
-     - https://keyring.debian.org/creating-key.html
+ - https://keyring.debian.org/creating-key.html
-     - https://wiki.debian.org/Subkeys
+ - https://wiki.debian.org/Subkeys
-     ~~/.gnupg/gpg.conf~:
+  ~~/.gnupg/gpg.conf~:
  #+BEGIN_SRC bash
  personal-digest-preferences SHA512 SHA384
  cert-digest-algo SHA256
  default-preference-list SHA512 SHA384 AES256 ZLIB BZIP2 ZIP Uncompressed
  keyid-format 0xlong
  #+END_SRC
-     #+BEGIN_SRC bash
+*** Backup Secure Keys
     personal-digest-preferences SHA512 SHA384
     cert-digest-algo SHA256
     default-preference-list SHA512 SHA384 AES256 ZLIB BZIP2 ZIP Uncompressed
     keyid-format 0xlong
     #+END_SRC
 **** Managing logins & passphrases
     - use a secure, cross-platform, *cloudless* password manager, e.g keepassXC
 **** Backup Secure Keys
     - get 2 USB thumb drives
     - on each, create 2 partitions (ext4, you will never use them on any windows device anyway)
@ -105,6 +95,21 @@
 ** NEXT Moving to Guix
 - btrfs for snapshots, easier backups
 - encrypted =/boot= + =/home= partitions
 - separate subvolumes for =/gnu=, =var=, =swap=
 - [ ] MOVE: https://www.draketo.de/software/package-guix.html
 *** Disk partitioning
 - https://reckoning.dev/blog/ubuntu-btrfs-guide/
 - https://wiki.systemcrafters.net/guix/nonguix-installation-guide/#partition-the-disks
 - https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html
 - https://git.sr.ht/~abcdw/rde/tree/master/item/examples/README
  - https://guix.gnu.org/manual/en/html_node/Mapped-Devices.html
  - Mapped Devices example in *RDE*: https://git.sr.ht/~abcdw/rde/tree/master/item/examples/src/rde-configs/hosts/ixy.scm
 ** ImageMagick Notes
 convert multiple .png files into multipage pdf with downscaling