README.org

@@ -1,13 +1,8 @@
 * fschl dotfiles
 
-part of my personal computing environment. mainly contains
+My personal computing environment.
-configuration files for sway, some useful addons and system tools
-(git, terminal, ssh, backup). This repository also has some notes on
-security considerations when setting up a Linux system.
 
-The relevant things for my workflows can be found in [[https://git.fschl-co.de/fschl/emacs]].
+** Features
-
-** (future) Features
 
    - reproducable machine setup (GNU Guix)
    - keyboard-based environment (Sway wm)
@@ -30,19 +25,14 @@ The relevant things for my workflows can be found in [[https://git.fschl-co.de/f
 
 *** SSH key generation
 
-ED25519 keys are favored over RSA keys when backward compatibility ''is not required''.
-This is only compatible with OpenSSH 6.5+ and fixed-size (256 bytes).
-
      #+BEGIN_SRC bash
+       # ED25519 keys are favored over RSA keys when backward compatibility ''is not required''.
+       # This is only compatible with OpenSSH 6.5+ and fixed-size (256 bytes).
        $ ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_host_$(date +%Y-%m-%d) -C "Key to HOST for user-xyz"
-#+END_SRC
 
-Fallback for really old systems (why do you still have those??) RSA
+       # Fallback for really old systems (why do you still have those??)
-keys are favored over ECDSA keys when backward compatibility ''is
+       # RSA keys are favored over ECDSA keys when backward compatibility ''is required'',
-required'', thus, newly generated keys are always either ED25519 or
+       # thus, newly generated keys are always either ED25519 or RSA (NOT ECDSA or DSA).
-RSA (NOT ECDSA or DSA).
-
-#+BEGIN_SRC bash
        $ ssh-keygen -t rsa -b 8192 -f ~/.ssh/id_rsa_host_$(date +%Y-%m-%d) -C "Key to HOST for user-xyz"
 
        $ ssh-copy-id -i ~/.ssh/<file>.pub -p 22 user@host
@@ -96,25 +86,18 @@ RSA (NOT ECDSA or DSA).
    - [ ] move to ansible for easier modularization of setup
    - [ ] OR: give GUIX a shot
 
-** Notes on Arch
+** Moving to Arch
 
    - official repository setup: https://wiki.archlinux.org/title/Official_repositories#multilib
      - ~multiplib~ is required for wine
    - Sound troubleshooting: https://wiki.archlinux.org/title/Advanced_Linux_Sound_Architecture/Troubleshooting#HDMI
    - Skype, VSCode: use ~yay~
 
-** TODO Fedora
-
-- fedora project
-- different Desktop/Workstation spins (Gnome, KDE, sway...)
-- =dnf= package manager, install updates on reboot
-- "Atomic Desktop", uses Fedora/RedHat CoreOS with rpm-ostree + flatpaks
-
 ** NEXT Moving to Guix
 
 - btrfs for snapshots, easier backups
 - encrypted =/boot= + =/home= partitions
-- separate subvolumes for =/gnu=, =/var=, =swap=
+- separate subvolumes for =/gnu=, =var=, =swap=
   
 - [ ] MOVE: https://www.draketo.de/software/package-guix.html
 
@@ -135,18 +118,3 @@ convert multiple .png files into multipage pdf with downscaling
           -extent 1240x1753 -gravity center \
           -units PixelsPerInch -density 150x150 multipage.pdf
 #+end_src
-
-lower resolution:
-#+begin_src bash
-  convert filePrefix*.png -resize 620x876 \
-          -extent 629x876 -gravity center \
-          -units PixelsPerInch -density 100x100 multipage.pdf
-#+end_src
-
-combine multiple pdf file into one multipage file
-#+begin_src sh
-  gs -dBATCH -dNOPAUSE -q -sDEVICE=pdfwrite -sOutputFile=result.pdf sourceFilePrefix-*.pdf
-#+end_src
-
-I read the answer like ImageMagick uses ghostscript internally.
-source: https://stackoverflow.com/questions/14738911/imagemagick-combine-2-generated-pdfs-into-1-multi-page-file

fschl/home-services/dotfiles/.config/sway/config

@@ -32,15 +32,9 @@ floating_modifier $mod
 bindsym $mod+Shift+q kill
 bindsym $mod+Shift+x exit
 bindsym $mod+Shift+r reload
-# bindsym $mod+r resize
+bindsym $mod+r resize
-bindsym $mod+r mode "resize"
 
-bindsym $mod+Shift+Return exec kitty
+bindsym $mod+Shift+Return exec foot
-
-# change container layout (stacked, tabbed, toggle split)
-bindsym $mod+s layout stacking
-bindsym $mod+w layout tabbed
-bindsym $mod+e layout toggle split
 
 # use vim keys for window movement
 bindsym $mod+h focus left
@@ -65,7 +59,7 @@ bindsym $mod+Shift+k move up 30 px
 bindsym $mod+Shift+l move right 30 px
 
 # split in horizontal orientation
-# bindsym $mod+s split h
+bindsym $mod+s split h
 
 # split in vertical orientation
 bindsym $mod+v split v
@@ -73,6 +67,10 @@ bindsym $mod+v split v
 # enter fullscreen mode for the focused container
 bindsym $mod+f fullscreen toggle
 
+# change container layout (stacked, tabbed, toggle split)
+# bindsym $mod+s layout stacking
+bindsym $mod+w layout tabbed
+
 # toggle tiling / floating
 bindsym $mod+Shift+f floating toggle
 
@@ -115,11 +113,10 @@ set $ws8 "8 "
 # linux - less often used terminals for background processes
 set $ws9 "9 "
 
-# find application info with =swaymsg -t get_tree=
+assign [class="^Firefox$"] $ws1
-assign [app_id="firefox"] $ws1
+assign [class="^DebugScreen"] $ws3
-assign [class="Emacs"] $ws2
+assign [class="^Thunderbird$"] $ws4
-assign [title="^DebugScreen"] $ws3
+assign [class=".*ee.*ass.*"] $ws8
-assign [app_id="org.keepassxc.KeePassXC"] $ws8
 
 # Move specific workspaces to outputs
 workspace $ws0 output $laptop
@@ -141,8 +138,8 @@ bindsym $mod+4 workspace $ws4
 bindsym $mod+5 workspace $ws5
 bindsym $mod+6 workspace 6
 bindsym $mod+7 workspace 7
-bindsym $mod+8 workspace $ws8
+bindsym $mod+8 workspace $WS8
-bindsym $mod+9 workspace $ws9
+bindsym $mod+9 workspace $WS9
 bindsym $mod+0 workspace 10
 
 # Move focused container to workspace
@@ -154,8 +151,8 @@ bindsym $mod+Shift+4 move container to workspace $ws4
 bindsym $mod+Shift+5 move container to workspace $ws5
 bindsym $mod+Shift+6 move container to workspace 6
 bindsym $mod+Shift+7 move container to workspace 7
-bindsym $mod+Shift+8 move container to workspace $ws8
+bindsym $mod+Shift+8 move container to workspace $WS8
-bindsym $mod+Shift+9 move container to workspace $ws9
+bindsym $mod+Shift+9 move container to workspace $WS9
 bindsym $mod+Shift+0 move container to workspace 10
 
 # Bind hotkeys for brightness and volume
@@ -163,30 +160,6 @@ bindsym --locked XF86MonBrightnessDown exec brightnessctl set 5%-
 bindsym --locked XF86MonBrightnessUp exec brightnessctl set 5%+
 bindsym --locked $mod+p exec playerctl play-pause
 
-# resize window (you can also use the mouse for that)
-mode "resize" {
-    # These bindings trigger as soon as you enter the resize mode
-
-    # Pressing left will shrink the window’s width.
-    # Pressing right will grow the window’s width.
-    # Pressing up will shrink the window’s height.
-    # Pressing down will grow the window’s height.
-    bindsym j resize shrink width 10 px or 10 ppt
-    bindsym i resize grow height 10 px or 10 ppt
-    bindsym k resize shrink height 10 px or 10 ppt
-    bindsym l resize grow width 10 px or 10 ppt
-
-    # same bindings, but for the arrow keys
-    bindsym Left resize shrink width 10 px or 10 ppt
-    bindsym Down resize grow height 10 px or 10 ppt
-    bindsym Up resize shrink height 10 px or 10 ppt
-    bindsym Right resize grow width 10 px or 10 ppt
-
-    # back to normal: Enter or Escape
-    bindsym Return mode "default"
-    bindsym Escape mode "default"
-}
-
 # Screenshots
 bindsym Print exec grimshot --notify save output
 bindsym Alt+Print exec grimshot --notify save area
@@ -203,7 +176,6 @@ exec swayidle -w \
 	resume 'swaymsg "output * dpms on"' \
   before-sleep $lock
 
-bindsym Ctrl+Shift+L exec $lock
 # Window rules
 #for_window [title="Firefox — Sharing Indicator"] kill
 for_window [title=".* - mpv$"] floating enable, sticky enable
@@ -214,10 +186,7 @@ exec mako --border-radius=2 --font="Iosevka ss08 10" --max-visible=5 --outer-mar
 exec nm-applet --indicator
 exec udiskie -t
 exec gammastep-indicator -l 50.8643:12.1124 -t 6500:3500 -b 1.0:0.7
-
 exec emacs
-exec firefox
-exec keepassxc
 
 # Set GNOME settings (requires "glib:bin" in Guix)
 exec gsettings set org.gnome.desktop.interface gtk-theme "Matcha-dark-azul"

fschl/home-services/dotfiles/.config/waybar/config

@@ -1,15 +1,13 @@
 {
     "layer": "bottom",
     "position": "bottom",
-    "height": 20,
+    "height": 24,
 
     // maybe take another look at e.g. https://gitlab.com/wef/dotfiles/-/blob/master/.config/waybar/config
-    // https://github.com/Alexays/Waybar/wiki/Configuration
-    // https://github.com/Alexays/Waybar/wiki/Examples
 
     "modules-left": ["sway/workspaces", "sway/mode"],
-    "modules-center": [ "custom/disk_root", "network"],
+    "modules-center": ["timer", "custom/disk_root", "custom/disk_home", "network"],
-    "modules-right": [ "memory", "tray", "battery", "clock", ],
+    "modules-right": ["tray", "cpu", "memory", "battery", "clock"],
     "sway/mode": {
         "format": " {}"
     },
@@ -18,7 +16,7 @@
         "disable-scroll": true
     },
     "clock": {
-        "format": "{:%b %d %H:%M KW%U}",
+        "format": "{:%b %d %H:%M %p W%U}",
         "tooltip": false
     },
     "battery": {
@@ -64,8 +62,8 @@
 	"exec": "notmuch count tag:flagged OR tag:inbox AND NOT tag:killed"
     },
     "network": {
-	// "family": "ipv6",
+	"family": "ipv6",
-	"interface": "wlp3*", // (Optional) To force the use of this interface
+	// "interface": "wlp2*", // (Optional) To force the use of this interface
 	"format-wifi": "<span color='#589df6'></span> <span color='gray'>{essid}</span> {frequency} <span color='#589df6'>{signaldBm} dB</span> <span color='#589df6'>⇵</span> {bandwidthUpBits}/{bandwidthDownBits}",
 	"format-ethernet": "{ifname}: {ipaddr}/{cidr} ",
 	"format-linked": "{ifname} (No IP) ",
@@ -73,12 +71,12 @@
 	"format-alt": "{ifname}: {ipaddr}/{cidr}",
 	"interval": 5
     },
-    //"timer": {
+    "timer": {
-    //    "interval": 1,
+        "interval": 1,
-    //    "exec": "~/.config/waybar/timer.sh",
+        "exec": "~/.config/waybar/timer.sh",
-    //    "exec-if": "pgrep emacs",
+        "exec-if": "pgrep emacs",
-    //    "escape": true
+        "escape": true
-    //},
+    },
     "idle_inhibitor": {
         "format": "{icon}",
         "format-icons": {

publish.el

@@ -0,0 +1,126 @@
+(require 'package)
+(setq package-archives '(("melpa" . "https://melpa.org/packages/")
+                         ("elpa" . "https://elpa.gnu.org/packages/")))
+
+(package-initialize)
+(unless package-archive-contents
+  (package-refresh-contents))
+
+(setq org-export-with-broken-links 'mark)
+
+(package-install 'htmlize)
+(require 'htmlize)
+
+(package-install 'simple-httpd)
+(package-install 'websocket)
+(package-install 'org-roam)
+(package-install 'org-roam-ui)
+(package-install 'f)
+
+(require 'org-roam)
+(require 'org-roam-ui)
+(require 'ox-publish)
+
+(setq org-export-html-coding-system 'utf-8-unix)
+(setq org-html-doctype "html5")
+(defvar fschlde-html-head "<link type='text/css' rel='stylesheet' href='../css/plain.css'>")
+(setq fschlde-html-footer " <footer>\nfschl.de 2018-2023\n</footer>")
+
+;; following two funcs are taken from
+;; https://www.orgroam.com/manual.html#How-do-I-publish-my-notes-with-an-Internet_002dfriendly-graph_003f
+;; sitemap function for my roam-publish
+(defun roam-sitemap (title list)
+  (concat "#+OPTIONS: ^:nil author:nil html-postamble:nil\n"
+          "#+SETUPFILE: ./simple_inline.theme\n"
+          "#+HTML_HEAD_EXTRA: <link rel=\"stylesheet\" type=\"text/css\" href=\"../css/plain.css\" />\n"
+          "#+TITLE: " title "\n\n"
+          (org-list-to-org list) "\nfile:sitemap.svg"))
+
+(setq my-publish-time 0)   ; see the next section for context
+
+;; 
+(defun roam-publication-wrapper (plist filename pubdir)
+  (org-roam-graph)
+  (org-html-publish-to-html plist filename pubdir)
+  (setq my-publish-time (cadr (current-time))))
+
+(defun org-roam-custom-link-builder (node)
+  (let ((file (org-roam-node-file node)))
+    (concat (file-name-base file) ".html")))
+
+(setq org-roam-graph-link-builder 'org-roam-custom-link-builder)
+
+(add-hook 'org-roam-graph-generation-hook
+          (lambda (dot svg) (if (< (- (cadr (current-time)) my-publish-time) 5)
+                                (progn (copy-file svg "~/projects/blog-fschlde/pkb/sitemap.svg" 't)
+                                       (kill-buffer (file-name-nondirectory svg))
+                                       (setq my-publish-time 0)))))
+
+
+(setq org-publish-project-alist
+      '(("website"
+         :components ("org-journal", "project-notes", "org-sites", "blog-rss",  "blog-images"))
+        ("org-journal"
+         :base-directory "~/Documents/Org/"
+         :base-extension "org"
+         :publishing-directory "~/projects/blog-fschlde/reads/"
+         :recursive nil
+         :publishing-function org-html-publish-to-html
+
+         :headline-levels 4
+         :with-author t
+         :with-creator nil
+         :with-date t
+
+         :with-toc t
+         :with-drawers nil
+
+         :html-link-home "/"
+         :html-head nil ;; cleans up anything that would have been in there.
+         ;; :html-head-extra ,my-blog-extra-head
+         :html-head-include-default-style nil
+         :html-head-include-scripts nil
+
+         ;; :html-preamble my-blog-header
+         ;; :html-postamble ,my-blog-footer
+         )
+        ("project-notes"
+         :base-directory "~/projects/"
+         :base-extension "org"
+         :publishing-directory "~/projects/blog-fschlde/projects/"
+         :recursive nil
+         :publishing-function org-html-publish-to-html
+         :headline-levels 4)
+        ("org-sites"
+         :base-directory "~/projects/fschlde-static/"
+         :base-extension "org\\|css\\|js\\|ico\\|png\\|html"
+         :publishing-directory "~/projects/blog-fschlde/"
+         :recursive t
+         :publishing-function org-publish-attachment
+
+         :html-link-home "/"
+         ;; :html-head ,fschlde-html-head ;; cleans up anything that would have been in there.
+         :html-head-include-default-style nil
+         :html-head-include-scripts nil
+         :with-drawers nil
+         :with-creator nil
+
+         ;; :html-head-extra fschlde-html-head
+         ;; :html-postamble fschlde-html-footer
+         :headline-levels 4)
+        ("roam"
+         :base-directory "~/org-roam/"
+         :auto-sitemap t
+         :recursive nil
+         :base-extension "org"
+         :exclude ".stversions/\\|.stfolder"
+         :sitemap-function roam-sitemap
+         :sitemap-title "Roam Notes"
+         :style "<link rel=\"stylesheet\" href=\"../css/plain.css\" type=\"text/css\">"
+         :publishing-function roam-publication-wrapper
+         :publishing-directory "~/projects/fschlde-static/pkb/"
+         :section-number nil
+         :table-of-contents t
+         )
+        )
+      )

scripts/quicktinc.sh

@@ -0,0 +1,155 @@
+#!/bin/bash
+
+# from https://github.com/j3k0/quicktinc
+
+set -e
+
+IMAGE="fschl/tinc"
+
+function usage() {
+    echo "
+Usage:
+    $0 run --net=<network> - start a container for $network with existing configuration
+
+or create configuration with:
+
+    $0 init [OPTIONS]
+
+Options:
+    --net=NET_NAME           Network name (required)
+    --node=NODE_NAME         Node name (required)
+    --public-ip=PUBLIC_IP    Node's public IP (required)
+    --private-ip=PRIVATE_IP  Node's private IP (required)
+    --connect-to=HOST        Name of another node (optional, repeatable)
+    --interface=tun0         Network interface to create (optional, default=tun0)
+    --config=/etc/tinc       Where to save tinc networks (optional, default=/etc/tinc)
+    --up                     Also start the daemon
+
+Example:
+    $0 --net=demonet --node=node23 --public-ip=8.9.10.11 --private-ip=10.0.0.23 --connect-to=node1 --connect-to=node2
+    $0 -n=demonet -o=node23 -p=8.9.10.11 -v=10.0.0.23 -c=node1 -c=node2
+
+Report bugs to <https://github.com/j3k0/quicktinc>
+"
+    exit 1
+}
+
+function parse_args() {
+    for i in "$@"
+    do
+        case $i in
+            -n=*|--net=*)
+                NET_NAME="${i#*=}"
+                shift # past argument=value
+                ;;
+            -o=*|--node=*)
+                NODE_NAME="${i#*=}"
+                shift # past argument=value
+                ;;
+            -v=*|--private-ip=*)
+                PRIVATE_IP="${i#*=}"
+                shift # past argument=value
+                ;;
+            -p=*|--public-ip=*)
+                PUBLIC_IP="${i#*=}"
+                shift # past argument=value
+                ;;
+            -c=*|--connect-to=*)
+                CONNECT_TO="$CONNECT_TO ${i#*=}"
+                shift # past argument=value
+                ;;
+            -i=*|--interface=*)
+                INTERFACE="${i#*=}"
+                shift # past argument=value
+                ;;
+            -C=*|--config=*)
+                TINC_HOME="${i#*=}"
+                shift # past argument=value
+                ;;
+            *)
+                # unknown option
+                usage
+                ;;
+        esac
+    done
+
+    if [ "_$NET_NAME" = "_" ]; then usage; fi
+    if [ "_$NODE_NAME" = "_" ]; then usage; fi
+    if [ "_$PRIVATE_IP" = "_" ]; then usage; fi
+    if [ "_$PUBLIC_IP" = "_" ]; then usage; fi
+
+    if [ "_$INTERFACE" = "_" ]; then
+        INTERFACE=tun0
+    fi
+
+    if [ "_$TINC_HOME" = "_" ]; then
+        TINC_HOME=/etc/tinc
+    fi
+}
+
+function tinc() {
+    docker run --rm --net=host --device=/dev/net/tun --cap-add NET_ADMIN --volume $TINC_HOME:/etc/tinc $IMAGE -n $NET_NAME "$@"
+}
+
+init_node() {
+    # Initialize configuration file
+    tinc init $NODE_NAME
+
+    # Setup host file
+    # Declare public and private IPs in the host file, CONFIG/NET/hosts/HOST
+    echo "Address = $PUBLIC_IP" >> $TINC_HOME/$NET_NAME/hosts/$NODE_NAME
+    echo "Subnet = $PRIVATE_IP/32" >> $TINC_HOME/$NET_NAME/hosts/$NODE_NAME
+
+    # Tweak the config to add our particular setup
+    tinc add AddressFamily ipv4
+    tinc add Device /dev/net/tun
+    tinc add Interface $INTERFACE
+    if [ "_$CONNECT_TO" != "_" ]; then
+        for i in $CONNECT_TO; do
+            tinc add ConnectTo $i
+        done
+    fi
+
+    # Edit the tinc-up script
+    cat << EOF > $TINC_HOME/$NET_NAME/tinc-up
+#!/bin/sh
+ifconfig \$INTERFACE $PRIVATE_IP netmask 255.255.255.0
+EOF
+
+    cat << EOF > $TINC_HOME/$NET_NAME/tinc-down
+#!/bin/sh
+ifconfig \$INTERFACE down
+EOF
+
+    chmod +x $TINC_HOME/$NET_NAME/tinc-up
+    chmod +x $TINC_HOME/$NET_NAME/tinc-down
+}
+
+run_container() {
+    NAME=tinc_$NET_NAME_$NODE_NAME
+    docker run -d --restart=always --name=$NAME --net=host --device=/dev/net/tun --cap-add NET_ADMIN --volume $TINC_HOME:/etc/tinc $IMAGE -n $NET_NAME start -D
+    echo "Docker container started with name: $NAME"
+}
+
+
+main() {
+    local cmd=$1
+    shift
+
+    if [[ -z "$cmd" ]]; then
+        usage
+    fi
+
+    case "$cmd" in
+        init)
+            parse_args $@
+            init_node
+            ;;
+        run)
+            parse_args $@
+            run_container
+            ;;
+    esac
+}
+
+main "$@"