diff --git a/README b/README new file mode 100644 index 0000000..34ff7ef --- /dev/null +++ b/README @@ -0,0 +1,133 @@ +dotfiles + + cd + git init + git remote add origin gitea@git.kompot.si:urosm/dot.git + git pull + git checkout main -f + +locales + + sudo dpkg-reconfigure locales + +firewall + + sudo apt install ufw + sudo ufw allow "SSH" + sudo ufw allow 1194/udp + +sway desktop + +neovim + + sudo apt install ninja-build gettext cmake unzip curl + git clone --depth 1 --branch v0.9.1 https://github.com/neovim/neovim + cd neovim + make CMAKE_BUILD_TYPE=Release + sudo make install + +# networking and firewall packages +sudo apt install network-manager +# utilities packages +sudo apt install git +sudo apt install ncal +sudo apt install udisks2 +# desktop packages +sudo apt install --no-install-recommends sway # window manager +sudo apt install swayidle swaylock # window manager extras +sudo apt install mako-notifier libnotify-bin # notification daemon +sudo apt install foot # terminal +sudo apt install fuzzel # launcher +sudo apt install wl-clipboard # clipboard utility +sudo apt install light wlsunset # backlight utility +sudo apt install grim # screenshot utility +sudo apt install fonts-agave # font +# audio packages +sudo apt install pipewire-audio +# audio configuration +systemctl --user --now enable wireplumber.service +# application packages +sudo apt install firefox-esr # browser +sudo apt install mpv # media player +sudo apt install zathura # pdf reader +# building neovim +# building lua-language-server +sudo apt install ninja-build +git clone --depth 1 --branch 3.6.25 https://github.com/luals/lua-language-server +git submodule --init --recursive +./make.sh +# printing and scanning packages +sudo apt install cups +sudo apt install simple-scan +sudo apt install ocrmypdf # ocr +sudo apt install tesseract-ocr-slv +sudo apt install imagemagick +# libreoffice packages +sudo apt install libreoffice libreoffice-gtk3 libreoffice-l10n-sl +# pandoc and latex packages +sudo apt install pandoc +sudo apt install texlive-latex-recommended +sudo apt install texlive-fonts-extra +# remote desktop packages +sudo apt install remmina # remote desktop client +sudo apt install wireguard-tools # vpn +# shell packages +sudo apt install shellcheck +# ocaml packages +sudo apt install opam +``` + +# `wireguard` configuration + +Server: + +```sh +# enable ipv4 forwarding +sudo sysctl -w net.ipv4.ip_forward=1 +# to make the change permanent edit /etc/sysctl.conf +sudo sed -i "s/^#net.ipv4.ip_forward = 1/net.ipv4.ip_forward = 1/" /etc/sysctl.conf +# generate private and public keys +wg genkey > server.key +wg pubkey < server.key > server.pub +``` + +Client: + +```sh +# generate private and public keys +wg genkey > client.key +wg pubkey < client.key > client.pub +``` + +Example of `/etc/wireguard/wg0.conf` on the server: + +``` +[Interface] +Address = 10.200.200.1/24 +ListenPort = 1194 +PrivateKey = + +PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE +PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERADE + +[Peer] +PublicKey = +AllowedIPs = 10.200.200.2/32 + +[Peer] +PublicKey = +AllowedIPs = 10.200.200.3/32 +``` + +Example of `/etc/wireguard/wg0.conf` on the client: + +``` +[Interface] +Address = 10.200.200.2/32 +PrivateKey = + +[Peer] +PublicKey = +Endpoint = :1194 +AllowedIPs = 0.0.0.0/0, ::/0 +```