add README

README

@@ -0,0 +1,133 @@
+dotfiles
+
+   cd
+   git init
+   git remote add origin gitea@git.kompot.si:urosm/dot.git
+   git pull
+   git checkout main -f
+
+locales
+
+   sudo dpkg-reconfigure locales
+
+firewall
+
+   sudo apt install ufw
+   sudo ufw allow "SSH"
+   sudo ufw allow 1194/udp
+
+sway desktop
+
+neovim
+
+   sudo apt install ninja-build gettext cmake unzip curl
+   git clone --depth 1 --branch v0.9.1 https://github.com/neovim/neovim
+   cd neovim
+   make CMAKE_BUILD_TYPE=Release
+   sudo make install
+
+# networking and firewall packages
+sudo apt install network-manager
+# utilities packages
+sudo apt install git
+sudo apt install ncal
+sudo apt install udisks2
+# desktop packages
+sudo apt install --no-install-recommends sway # window manager
+sudo apt install swayidle swaylock # window manager extras
+sudo apt install mako-notifier libnotify-bin # notification daemon
+sudo apt install foot # terminal
+sudo apt install fuzzel # launcher
+sudo apt install wl-clipboard # clipboard utility
+sudo apt install light wlsunset # backlight utility
+sudo apt install grim # screenshot utility
+sudo apt install fonts-agave # font
+# audio packages
+sudo apt install pipewire-audio
+# audio configuration
+systemctl --user --now enable wireplumber.service
+# application packages
+sudo apt install firefox-esr # browser
+sudo apt install mpv # media player
+sudo apt install zathura # pdf reader
+# building neovim
+# building lua-language-server
+sudo apt install ninja-build
+git clone --depth 1 --branch 3.6.25 https://github.com/luals/lua-language-server
+git submodule --init --recursive
+./make.sh
+# printing and scanning packages
+sudo apt install cups
+sudo apt install simple-scan
+sudo apt install ocrmypdf # ocr
+sudo apt install tesseract-ocr-slv
+sudo apt install imagemagick
+# libreoffice packages
+sudo apt install libreoffice libreoffice-gtk3 libreoffice-l10n-sl
+# pandoc and latex packages
+sudo apt install pandoc
+sudo apt install texlive-latex-recommended
+sudo apt install texlive-fonts-extra
+# remote desktop packages
+sudo apt install remmina # remote desktop client
+sudo apt install wireguard-tools # vpn
+# shell packages
+sudo apt install shellcheck
+# ocaml packages
+sudo apt install opam
+```
+
+# `wireguard` configuration
+
+Server:
+
+```sh
+# enable ipv4 forwarding
+sudo sysctl -w net.ipv4.ip_forward=1
+# to make the change permanent edit /etc/sysctl.conf
+sudo sed -i "s/^#net.ipv4.ip_forward = 1/net.ipv4.ip_forward = 1/" /etc/sysctl.conf
+# generate private and public keys
+wg genkey > server.key
+wg pubkey < server.key > server.pub
+```
+
+Client:
+
+```sh
+# generate private and public keys
+wg genkey > client.key
+wg pubkey < client.key > client.pub
+```
+
+Example of `/etc/wireguard/wg0.conf` on the server:
+
+```
+[Interface]
+Address = 10.200.200.1/24
+ListenPort = 1194
+PrivateKey = <server.key>
+
+PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE
+PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERADE
+
+[Peer]
+PublicKey = <client1.pub>
+AllowedIPs = 10.200.200.2/32
+
+[Peer]
+PublicKey = <client2.pub>
+AllowedIPs = 10.200.200.3/32
+```
+
+Example of `/etc/wireguard/wg0.conf` on the client:
+
+```
+[Interface]
+Address = 10.200.200.2/32
+PrivateKey = <client.key>
+
+[Peer]
+PublicKey = <server.pub>
+Endpoint = <server ip>:1194
+AllowedIPs = 0.0.0.0/0, ::/0
+```