Compare commits
23 Commits
64f03394f1
...
ff0851785e
Author | SHA1 | Date |
---|---|---|
urosm | ff0851785e | |
urosm | 46c8ae8638 | |
urosm | 73d110397d | |
urosm | 3a9345325c | |
urosm | d003cba289 | |
urosm | c44a731282 | |
urosm | c0969d716e | |
urosm | b3c9fdf155 | |
urosm | 221ebde09c | |
urosm | 79cd46b782 | |
urosm | 0443be7abe | |
urosm | b5da123fe1 | |
urosm | eeb43512dd | |
urosm | 72cb15358e | |
urosm | c966b84f21 | |
urosm | 52e4bdb27d | |
urosm | 1db362d2fb | |
urosm | 8444299f29 | |
urosm | e772762b4e | |
urosm | 4289cf3d96 | |
urosm | d70e9576d6 | |
urosm | 952be28a3b | |
urosm | b4d54580f7 |
|
@ -177,7 +177,9 @@ bindsym shift+XF86MonBrightnessUp exec light -A 10;\
|
|||
exec notify-send -e -t 1000 -h string:x-canonical-private-synchronous:brightness "Brightness: $(light)"
|
||||
bindsym shift+XF86MonBrightnessDown exec light -U 10;\
|
||||
exec notify-send -e -t 1000 -h string:x-canonical-private-synchronous:brightness "Brightness: $(light)"
|
||||
bindsym print exec grim $(xdg-user-dir DOWNLOAD)/$(date +"%F-%H-%M-%S_screenshot.png")
|
||||
|
||||
# screenshots
|
||||
bindsym print exec grimshot save screen
|
||||
|
||||
# session
|
||||
set $session_mode "session: (l)ock (r)eload (q)uit re(b)oot (p)oweroff"
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
serverside configuration
|
||||
|
||||
sudo sysctl -w net.ipv4.ip_forward=1
|
||||
sudo sed -i "s/^#net.ipv4.ip_forward = 1/net.ipv4.ip_forward = 1/" /etc/sysctl.conf
|
||||
|
||||
|
||||
generating keys
|
||||
|
||||
wg genkey > client.key
|
||||
wg pubkey < client.key > client.pub
|
|
@ -0,0 +1,9 @@
|
|||
[Interface]
|
||||
Address = 10.200.200.2/32
|
||||
PrivateKey = <client private key>
|
||||
|
||||
[Peer]
|
||||
PublicKey = <server public key>
|
||||
Endpoint = <server ip>:1194
|
||||
AllowedIPs = 0.0.0.0/0, ::/0
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
[Interface]
|
||||
Address = 10.200.200.1/24
|
||||
ListenPort = 1194
|
||||
PrivateKey = <server private key>
|
||||
|
||||
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o <interface name> -j MASQUERADE
|
||||
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o i -j ACCEPT; iptables -t nat -D POSTROUTING -o <interface name> -j MASQUERADE
|
||||
|
||||
[Peer]
|
||||
PublicKey = <client public key>
|
||||
AllowedIPs = 10.200.200.2/32
|
||||
|
||||
[Peer]
|
||||
PublicKey = <client public key>
|
||||
AllowedIPs = 10.200.200.3/32
|
2
.profile
2
.profile
|
@ -88,5 +88,5 @@ if [ "$(tty)" = "/dev/tty1" ] && command -v sway &>/dev/null; then
|
|||
# export WLR_DRM_NO_ATOMIC=1
|
||||
|
||||
# run sway
|
||||
exec systemd-cat --identifier=sway sway
|
||||
exec systemd-cat --identifier=sway ssh-agent sway
|
||||
fi
|
||||
|
|
156
README
156
README
|
@ -1,22 +1,34 @@
|
|||
dotfiles
|
||||
|
||||
sudo apt install git
|
||||
cd
|
||||
git init
|
||||
git remote add origin gitea@git.kompot.si:urosm/dot.git
|
||||
git pull
|
||||
git checkout main -f
|
||||
|
||||
|
||||
locales
|
||||
|
||||
sudo dpkg-reconfigure locales
|
||||
|
||||
|
||||
networking
|
||||
|
||||
sudo apt install network-manager
|
||||
|
||||
|
||||
firewall
|
||||
|
||||
sudo apt install ufw
|
||||
sudo ufw allow "SSH"
|
||||
sudo ufw allow 1194/udp
|
||||
|
||||
sway desktop
|
||||
|
||||
mounting
|
||||
|
||||
sudo apt install udisks2
|
||||
|
||||
|
||||
neovim
|
||||
|
||||
|
@ -26,108 +38,66 @@ neovim
|
|||
make CMAKE_BUILD_TYPE=Release
|
||||
sudo make install
|
||||
|
||||
# networking and firewall packages
|
||||
sudo apt install network-manager
|
||||
# utilities packages
|
||||
sudo apt install git
|
||||
sudo apt install ncal
|
||||
sudo apt install udisks2
|
||||
# desktop packages
|
||||
sudo apt install --no-install-recommends sway # window manager
|
||||
sudo apt install swayidle swaylock # window manager extras
|
||||
sudo apt install mako-notifier libnotify-bin # notification daemon
|
||||
sudo apt install foot # terminal
|
||||
sudo apt install fuzzel # launcher
|
||||
sudo apt install wl-clipboard # clipboard utility
|
||||
sudo apt install light wlsunset # backlight utility
|
||||
sudo apt install grim # screenshot utility
|
||||
sudo apt install fonts-agave # font
|
||||
# audio packages
|
||||
sudo apt install pipewire-audio
|
||||
# audio configuration
|
||||
systemctl --user --now enable wireplumber.service
|
||||
# application packages
|
||||
sudo apt install firefox-esr # browser
|
||||
sudo apt install mpv # media player
|
||||
sudo apt install zathura # pdf reader
|
||||
# building neovim
|
||||
# building lua-language-server
|
||||
sudo apt install ninja-build
|
||||
git clone --depth 1 --branch 3.6.25 https://github.com/luals/lua-language-server
|
||||
git submodule --init --recursive
|
||||
./make.sh
|
||||
# printing and scanning packages
|
||||
sudo apt install cups
|
||||
sudo apt install simple-scan
|
||||
sudo apt install ocrmypdf # ocr
|
||||
sudo apt install tesseract-ocr-slv
|
||||
sudo apt install imagemagick
|
||||
# libreoffice packages
|
||||
sudo apt install libreoffice libreoffice-gtk3 libreoffice-l10n-sl
|
||||
# pandoc and latex packages
|
||||
sudo apt install pandoc
|
||||
sudo apt install texlive-latex-recommended
|
||||
sudo apt install texlive-fonts-extra
|
||||
# remote desktop packages
|
||||
sudo apt install remmina # remote desktop client
|
||||
sudo apt install wireguard-tools # vpn
|
||||
# shell packages
|
||||
sudo apt install shellcheck
|
||||
# ocaml packages
|
||||
sudo apt install opam
|
||||
```
|
||||
|
||||
# `wireguard` configuration
|
||||
lua-language-server
|
||||
|
||||
Server:
|
||||
sudo apt install ninja-build
|
||||
git clone --depth 1 --branch 3.6.25 https://github.com/luals/lua-language-server
|
||||
./make.sh
|
||||
|
||||
```sh
|
||||
# enable ipv4 forwarding
|
||||
sudo sysctl -w net.ipv4.ip_forward=1
|
||||
# to make the change permanent edit /etc/sysctl.conf
|
||||
sudo sed -i "s/^#net.ipv4.ip_forward = 1/net.ipv4.ip_forward = 1/" /etc/sysctl.conf
|
||||
# generate private and public keys
|
||||
wg genkey > server.key
|
||||
wg pubkey < server.key > server.pub
|
||||
```
|
||||
|
||||
Client:
|
||||
shell scripting
|
||||
sudo apt install shellcheck
|
||||
|
||||
```sh
|
||||
# generate private and public keys
|
||||
wg genkey > client.key
|
||||
wg pubkey < client.key > client.pub
|
||||
```
|
||||
|
||||
Example of `/etc/wireguard/wg0.conf` on the server:
|
||||
sway
|
||||
|
||||
```
|
||||
[Interface]
|
||||
Address = 10.200.200.1/24
|
||||
ListenPort = 1194
|
||||
PrivateKey = <server.key>
|
||||
sudo apt install --no-install-recommends sway
|
||||
sudo apt install swayidle swaylock
|
||||
sudo apt install mako-notifier libnotify-bin
|
||||
sudo apt install foot
|
||||
sudo apt install fuzzel
|
||||
sudo apt install grimshot
|
||||
sudo apt install light wlsunset
|
||||
sudo apt install fonts-agave
|
||||
|
||||
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE
|
||||
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERADE
|
||||
|
||||
[Peer]
|
||||
PublicKey = <client1.pub>
|
||||
AllowedIPs = 10.200.200.2/32
|
||||
audio
|
||||
|
||||
[Peer]
|
||||
PublicKey = <client2.pub>
|
||||
AllowedIPs = 10.200.200.3/32
|
||||
```
|
||||
sudo apt install pipewire-audio
|
||||
systemctl --user --now enable wireplumber.service
|
||||
|
||||
Example of `/etc/wireguard/wg0.conf` on the client:
|
||||
|
||||
```
|
||||
[Interface]
|
||||
Address = 10.200.200.2/32
|
||||
PrivateKey = <client.key>
|
||||
web and media
|
||||
|
||||
[Peer]
|
||||
PublicKey = <server.pub>
|
||||
Endpoint = <server ip>:1194
|
||||
AllowedIPs = 0.0.0.0/0, ::/0
|
||||
```
|
||||
sudo apt install firefox-esr
|
||||
sudo apt install thunderbird
|
||||
sudo apt install mpv
|
||||
sudo apt install zathura
|
||||
|
||||
|
||||
writing
|
||||
|
||||
sudo apt install pandoc
|
||||
sudo apt install texlive-latex-recommended texlive-fonts-extra
|
||||
|
||||
|
||||
office
|
||||
|
||||
sudo apt install libreoffice libreoffice-gtk3
|
||||
sudo apt install libreoffice-l10n-sl
|
||||
|
||||
|
||||
printing and scanning
|
||||
|
||||
sudo apt install cups
|
||||
sudo apt install simple-scan
|
||||
sudo apt install imagemagick
|
||||
sudo apt install ocrmypdf
|
||||
sudo apt install tesseract-ocr-slv
|
||||
|
||||
|
||||
remote desktop
|
||||
|
||||
sudo apt install remmina
|
||||
sudo apt install wireguard-tools
|
||||
|
|
Loading…
Reference in New Issue