update README.org

This commit is contained in:
fschl 2024-05-08 22:41:39 +02:00
parent a442149f79
commit e75c2725a7
1 changed files with 58 additions and 26 deletions

View File

@ -1,8 +1,13 @@
* fschl dotfiles * fschl dotfiles
My personal computing environment. part of my personal computing environment. mainly contains
configuration files for sway, some useful addons and system tools
(git, terminal, ssh, backup). This repository also has some notes on
security considerations when setting up a Linux system.
** Features The relevant things for my workflows can be found in [[https://git.fschl-co.de/fschl/emacs]].
** (future) Features
- reproducable machine setup (GNU Guix) - reproducable machine setup (GNU Guix)
- keyboard-based environment (Sway wm) - keyboard-based environment (Sway wm)
@ -25,33 +30,38 @@ My personal computing environment.
*** SSH key generation *** SSH key generation
#+BEGIN_SRC bash ED25519 keys are favored over RSA keys when backward compatibility ''is not required''.
# ED25519 keys are favored over RSA keys when backward compatibility ''is not required''. This is only compatible with OpenSSH 6.5+ and fixed-size (256 bytes).
# This is only compatible with OpenSSH 6.5+ and fixed-size (256 bytes).
$ ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_host_$(date +%Y-%m-%d) -C "Key to HOST for user-xyz"
# Fallback for really old systems (why do you still have those??) #+BEGIN_SRC bash
# RSA keys are favored over ECDSA keys when backward compatibility ''is required'', $ ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_host_$(date +%Y-%m-%d) -C "Key to HOST for user-xyz"
# thus, newly generated keys are always either ED25519 or RSA (NOT ECDSA or DSA). #+END_SRC
$ ssh-keygen -t rsa -b 8192 -f ~/.ssh/id_rsa_host_$(date +%Y-%m-%d) -C "Key to HOST for user-xyz"
$ ssh-copy-id -i ~/.ssh/<file>.pub -p 22 user@host Fallback for really old systems (why do you still have those??) RSA
#+END_SRC keys are favored over ECDSA keys when backward compatibility ''is
required'', thus, newly generated keys are always either ED25519 or
RSA (NOT ECDSA or DSA).
#+BEGIN_SRC bash
$ ssh-keygen -t rsa -b 8192 -f ~/.ssh/id_rsa_host_$(date +%Y-%m-%d) -C "Key to HOST for user-xyz"
$ ssh-copy-id -i ~/.ssh/<file>.pub -p 22 user@host
#+END_SRC
*** GnuPG *** GnuPG
- https://wiki.mozilla.org/Security/Key_Management - https://wiki.mozilla.org/Security/Key_Management
- https://keyring.debian.org/creating-key.html - https://keyring.debian.org/creating-key.html
- https://wiki.debian.org/Subkeys - https://wiki.debian.org/Subkeys
~~/.gnupg/gpg.conf~: ~~/.gnupg/gpg.conf~:
#+BEGIN_SRC bash #+BEGIN_SRC bash
personal-digest-preferences SHA512 SHA384 personal-digest-preferences SHA512 SHA384
cert-digest-algo SHA256 cert-digest-algo SHA256
default-preference-list SHA512 SHA384 AES256 ZLIB BZIP2 ZIP Uncompressed default-preference-list SHA512 SHA384 AES256 ZLIB BZIP2 ZIP Uncompressed
keyid-format 0xlong keyid-format 0xlong
#+END_SRC #+END_SRC
*** Backup Secure Keys *** Backup Secure Keys
@ -86,19 +96,26 @@ My personal computing environment.
- [ ] move to ansible for easier modularization of setup - [ ] move to ansible for easier modularization of setup
- [ ] OR: give GUIX a shot - [ ] OR: give GUIX a shot
** Moving to Arch ** Notes on Arch
- official repository setup: https://wiki.archlinux.org/title/Official_repositories#multilib - official repository setup: https://wiki.archlinux.org/title/Official_repositories#multilib
- ~multiplib~ is required for wine - ~multiplib~ is required for wine
- Sound troubleshooting: https://wiki.archlinux.org/title/Advanced_Linux_Sound_Architecture/Troubleshooting#HDMI - Sound troubleshooting: https://wiki.archlinux.org/title/Advanced_Linux_Sound_Architecture/Troubleshooting#HDMI
- Skype, VSCode: use ~yay~ - Skype, VSCode: use ~yay~
** TODO Fedora
- fedora project
- different Desktop/Workstation spins (Gnome, KDE, sway...)
- =dnf= package manager, install updates on reboot
- "Atomic Desktop", uses Fedora/RedHat CoreOS with rpm-ostree + flatpaks
** NEXT Moving to Guix ** NEXT Moving to Guix
- btrfs for snapshots, easier backups - btrfs for snapshots, easier backups
- encrypted =/boot= + =/home= partitions - encrypted =/boot= + =/home= partitions
- separate subvolumes for =/gnu=, =var=, =swap= - separate subvolumes for =/gnu=, =/var=, =swap=
- [ ] MOVE: https://www.draketo.de/software/package-guix.html - [ ] MOVE: https://www.draketo.de/software/package-guix.html
*** Disk partitioning *** Disk partitioning
@ -118,3 +135,18 @@ convert multiple .png files into multipage pdf with downscaling
-extent 1240x1753 -gravity center \ -extent 1240x1753 -gravity center \
-units PixelsPerInch -density 150x150 multipage.pdf -units PixelsPerInch -density 150x150 multipage.pdf
#+end_src #+end_src
lower resolution:
#+begin_src bash
convert filePrefix*.png -resize 620x876 \
-extent 629x876 -gravity center \
-units PixelsPerInch -density 100x100 multipage.pdf
#+end_src
combine multiple pdf file into one multipage file
#+begin_src sh
gs -dBATCH -dNOPAUSE -q -sDEVICE=pdfwrite -sOutputFile=result.pdf sourceFilePrefix-*.pdf
#+end_src
I read the answer like ImageMagick uses ghostscript internally.
source: https://stackoverflow.com/questions/14738911/imagemagick-combine-2-generated-pdfs-into-1-multi-page-file