diff --git a/.aliases b/.aliases index 33a609d..18c5fd0 100755 --- a/.aliases +++ b/.aliases @@ -15,6 +15,10 @@ alias camshot='fswebcam -r 640x480 --jpeg 90 -F 3 -D 1 --no-banner' alias ta='tmux attach' alias u='sudo ufw status numbered' +alias sk='sh ~/projects/home-infra/tools/goking.sh' +alias wgfsu='sudo wg-quick up fschl-vpn' +alias wgfsd='sudo wg-quick down fschl-vpn' + alias routes='ip -o routes show' alias ips='ip -o addr show | grep -v br-' alias ports="echo '... ss -tl add -n to see port numbers ;-)'; ss -tl" diff --git a/.i3/config b/.i3/config index 44a336a..bee8c43 100755 --- a/.i3/config +++ b/.i3/config @@ -124,7 +124,7 @@ mode "monitor" { # HDMI main, laptop left, VGA right, *not* supported on X230 bindsym 3 exec xrandr --output $CENTER --primary --auto --output $LAPTOP --auto --left-of $CENTER --output $RIGHT --auto --right-of $CENTER # HDMI main, VGA right, laptop off - bindsym 4 exec xrandr --output $CENTER --primary --auto --output $RIGHT --auto --right-of $CENTER --rotate left --output $LAPTOP --off + bindsym 4 exec xrandr --output $CENTER --primary --auto --output $RIGHT --right-of $CENTER --rotate left --auto --output $LAPTOP --off # VGA main, laptop left, HDMI off bindsym 8 exec xrandr --output $RIGHT --primary --auto --output $LAPTOP --auto --left-of $RIGHT --output $CENTER --off # HDMI main, VGA right, laptop off @@ -138,7 +138,6 @@ mode "monitor" { bindsym $mod+p exec xrandr-toggle - workspace $WS1 output $CENTER workspace $WS2 output $CENTER workspace $WS3 output $LAPTOP @@ -226,12 +225,13 @@ bar { urgent_workspace #d33682 #d33682 #fdf6e3 } output $LAPTOP + output $CENTER font pango:DejaVu Sans Mono, FontAwesome 7 status_command i3status --config ~/.i3/status.conf } bar { - output $CENTER + # output $CENTER output $RIGHT status_command i3status --config ~/.i3/status_small.conf tray_output $LAPTOP diff --git a/.spacemacs b/.spacemacs index 49dc603..fe7ce52 100644 --- a/.spacemacs +++ b/.spacemacs @@ -32,7 +32,7 @@ This function should only modify configuration layer settings." ;; List of configuration layers to load. dotspacemacs-configuration-layers - '( + '(systemd ;; ---------------------------------------------------------------- ;; Example of useful layers you may want to use right away. ;; Uncomment some layer names and press `SPC f e R' (Vim style) or @@ -59,12 +59,6 @@ This function should only modify configuration layer settings." syntax-checking version-control yaml - ;; (shell :variables - ;; shell-default-height 30 - ;; shell-default-position 'bottom) - ;; spell-checking - ;; syntax-checking - ;; version-control treemacs) @@ -631,7 +625,7 @@ This function is called at the very end of Spacemacs initialization." '(evil-want-Y-yank-to-eol nil) '(package-selected-packages (quote - (org-caldav company-auctex auctex flycheck-pos-tip pos-tip flycheck docker json-mode tablist docker-tramp json-snatcher json-reformat unfill mwim web-mode tagedit slim-mode scss-mode sass-mode pug-mode less-css-mode helm-css-scss haml-mode emmet-mode company-web web-completion-data go-guru go-eldoc company-go go-mode yaml-mode smeargle orgit org-projectile org-category-capture org-present org-pomodoro alert log4e gntp org-mime org-download mmm-mode markdown-toc markdown-mode magit-gitflow htmlize helm-gitignore helm-company helm-c-yasnippet gnuplot gitignore-mode gitconfig-mode gitattributes-mode git-timemachine git-messenger git-link git-gutter-fringe+ git-gutter-fringe fringe-helper git-gutter+ git-gutter gh-md fuzzy evil-magit magit magit-popup git-commit ghub treepy let-alist graphql with-editor diff-hl company-statistics company auto-yasnippet yasnippet ac-ispell auto-complete dockerfile-mode ws-butler winum which-key volatile-highlights vi-tilde-fringe uuidgen use-package toc-org spaceline powerline restart-emacs request rainbow-delimiters popwin persp-mode pcre2el paradox spinner org-plus-contrib org-bullets open-junk-file neotree move-text macrostep lorem-ipsum linum-relative link-hint indent-guide hydra hungry-delete hl-todo highlight-parentheses highlight-numbers parent-mode highlight-indentation helm-themes helm-swoop helm-projectile helm-mode-manager helm-make projectile pkg-info epl helm-flx helm-descbinds helm-ag google-translate golden-ratio flx-ido flx fill-column-indicator fancy-battery eyebrowse expand-region exec-path-from-shell evil-visualstar evil-visual-mark-mode evil-unimpaired evil-tutor evil-surround evil-search-highlight-persist evil-numbers evil-nerd-commenter evil-mc evil-matchit evil-lisp-state smartparens evil-indent-plus evil-iedit-state iedit evil-exchange evil-escape evil-ediff evil-args evil-anzu anzu evil goto-chg undo-tree eval-sexp-fu highlight elisp-slime-nav dumb-jump f dash s diminish define-word column-enforce-mode clean-aindent-mode bind-map bind-key auto-highlight-symbol auto-compile packed aggressive-indent adaptive-wrap ace-window ace-link ace-jump-helm-line helm avy helm-core popup async)))) + (systemd company-auctex auctex flycheck-pos-tip pos-tip flycheck docker json-mode tablist docker-tramp json-snatcher json-reformat unfill mwim web-mode tagedit slim-mode scss-mode sass-mode pug-mode less-css-mode helm-css-scss haml-mode emmet-mode company-web web-completion-data go-guru go-eldoc company-go go-mode yaml-mode smeargle orgit org-projectile org-category-capture org-present org-pomodoro alert log4e gntp org-mime org-download mmm-mode markdown-toc markdown-mode magit-gitflow htmlize helm-gitignore helm-company helm-c-yasnippet gnuplot gitignore-mode gitconfig-mode gitattributes-mode git-timemachine git-messenger git-link git-gutter-fringe+ git-gutter-fringe fringe-helper git-gutter+ git-gutter gh-md fuzzy evil-magit magit magit-popup git-commit ghub treepy let-alist graphql with-editor diff-hl company-statistics company auto-yasnippet yasnippet ac-ispell auto-complete dockerfile-mode ws-butler winum which-key volatile-highlights vi-tilde-fringe uuidgen use-package toc-org spaceline powerline restart-emacs request rainbow-delimiters popwin persp-mode pcre2el paradox spinner org-plus-contrib org-bullets open-junk-file neotree move-text macrostep lorem-ipsum linum-relative link-hint indent-guide hydra hungry-delete hl-todo highlight-parentheses highlight-numbers parent-mode highlight-indentation helm-themes helm-swoop helm-projectile helm-mode-manager helm-make projectile pkg-info epl helm-flx helm-descbinds helm-ag google-translate golden-ratio flx-ido flx fill-column-indicator fancy-battery eyebrowse expand-region exec-path-from-shell evil-visualstar evil-visual-mark-mode evil-unimpaired evil-tutor evil-surround evil-search-highlight-persist evil-numbers evil-nerd-commenter evil-mc evil-matchit evil-lisp-state smartparens evil-indent-plus evil-iedit-state iedit evil-exchange evil-escape evil-ediff evil-args evil-anzu anzu evil goto-chg undo-tree eval-sexp-fu highlight elisp-slime-nav dumb-jump f dash s diminish define-word column-enforce-mode clean-aindent-mode bind-map bind-key auto-highlight-symbol auto-compile packed aggressive-indent adaptive-wrap ace-window ace-link ace-jump-helm-line helm avy helm-core popup async)))) (custom-set-faces ;; custom-set-faces was added by Custom. ;; If you edit it by hand, you could mess it up, so be careful. diff --git a/README.org b/README.org index 4a27c80..6b5674f 100644 --- a/README.org +++ b/README.org @@ -2,9 +2,6 @@ Things that make my linux life more comfortable, portable and secure. For debian, or debian-based distros. using i3wm.org on the desktop. - And containers everywhere :) - - inspired by https://github.com/jessfraz ** Questions this repos tries to answer @@ -68,7 +65,7 @@ **** Managing logins & passphrases - - use a secure, cross-platform, *cloudless* password manager, e.g keepass2 + - use a secure, cross-platform, *cloudless* password manager, e.g keepassXC **** Backup Secure Keys diff --git a/scripts/install.sh b/scripts/install.sh index 21b44f2..4e7d28d 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -24,7 +24,7 @@ apt_sources() { ddist=$1 DIST="${ddist:-stable}" - allowed_dists=("testing stable stretch buster") + allowed_dists=("testing stable buster bullseye") if [ ! ${DIST} in "${allowed_dists[@]}" ]; then echo "... $DIST was not in allowed dists... setting to stable" DIST="stable" @@ -230,6 +230,8 @@ install_i3() { i3lock-fancy \ i3status \ keepassxc \ + libnotify-bin \ + libnotify-dev \ libreoffice-calc \ libreoffice-impress \ libreoffice-l10n-de \ @@ -238,6 +240,7 @@ install_i3() { network-manager-gnome \ network-manager-vpnc \ network-manager-vpnc-gnome \ + notify-osd \ ntfs-3g \ nmap \ pulseaudio \ @@ -253,13 +256,22 @@ install_i3() { xorg \ --no-install-recommends - # install Syncthing via apt + cat <<-EOF > /usr/share/dbus-1/services/org.freedesktop.Notifications.service + [D-BUS Service] + Name=org.freedesktop.Notifications + Exec=/usr/lib/notification-daemon/notification-daemon +EOF + + # install Syncthing via https://apt.syncthing.net/ # Add the release PGP keys: curl -s https://syncthing.net/release-key.txt | sudo apt-key add - # Add the "stable" channel to your APT sources: echo "deb https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list + # pin the correct apt repo + printf "Package: *\nPin: origin apt.syncthing.net\nPin-Priority: 990\n" | sudo tee /etc/apt/preferences.d/syncthing + # Update and install syncthing: sudo apt-get update sudo apt-get install syncthing @@ -339,7 +351,7 @@ install_compose() { # https://github.com/docker/compose/releases # btw: *not* for raspbian! you got 3 choices: hypriot, install via pip or build yourself # https://www.berthon.eu/2017/getting-docker-compose-on-raspberry-pi-arm-the-easy-way/ - VERS="1.24.1" + VERS="1.28.6" FILE="docker-compose-$(uname -s)-$(uname -m)" echo "installing docker-compose $VERS ... curling from github" @@ -386,7 +398,7 @@ get_dotfiles() { # install/update golang from source install_golang() { - export GO_VERSION=1.15.0 + export GO_VERSION=1.16.0 export GO_SRC=/usr/local/go # if we are passing the version diff --git a/wireguard/README.org b/wireguard/README.org index dc38cb9..5518a74 100644 --- a/wireguard/README.org +++ b/wireguard/README.org @@ -10,7 +10,7 @@ generic interface name (like used in many public tutorials). Replace ~wg0~ with an interface name for the VPN connection, e.g. ~home~, ~mycloud~ or ~secret-work-jump-host~. - + ** Linux CLI Cheat Sheet: https://gist.github.com/chrisswanda/88ade75fc463dcf964c6411d1e9b20f4 @@ -22,16 +22,16 @@ #+begin_src bash $ umask 077 - $ wg genkey | tee privatekey | wg pubkey > publickey + $ wg genkey | tee host.key | wg pubkey > host.pub #+end_src *** Setup the Interface #+begin_src bash - # sudo wg-quick up wg.conf.example + # sudo wg-quick up wg0.conf #+end_src -*** Add Peer +*** Add Peer #+begin_src bash # add peer @@ -42,8 +42,15 @@ # save to config wg-quick save wg0 + #+end_src +**** Mobile Client + + requires ~qrencode~ package installed: + ~qrencode -t ansiutf8 < tunnel.conf~ + where ~tunnel.conf~ is the configuration file for the client, including its private and public keys. + *** Start/Stop Interface #+begin_src bash @@ -56,16 +63,16 @@ $ sudo systemctl start wg-quick@wg0.service # Enable service at startup - sudo systemctl enable wg-quick@wg0.service + sudo systemctl enable wg-quick@wg0.service #+end_src *** Sync the configuration without restarting the interface From `man wg-quick`: The strip command is useful for reloading configuration files without disrupting ac‐ tive sessions: - + #+begin_src bash - # wg syncconf wgnet0 <(wg-quick strip wgnet0) + # wg syncconf wg0 <(wg-quick strip wg0) #+end_src ** Alternative Webinterfaces for Managing Clients @@ -76,4 +83,3 @@ - https://github.com/vx3r/wg-gen-web - non-web: https://github.com/mullvad/wg-manager -