dotfiles
cd
git init
git remote add origin gitea@git.kompot.si:urosm/dot.git
git pull
git checkout main -f
locales
sudo dpkg-reconfigure locales
firewall
sudo apt install ufw
sudo ufw allow "SSH"
sudo ufw allow 1194/udp
sway desktop
neovim
sudo apt install ninja-build gettext cmake unzip curl
git clone --depth 1 --branch v0.9.1 https://github.com/neovim/neovim
cd neovim
make CMAKE_BUILD_TYPE=Release
sudo make install
# networking and firewall packages
sudo apt install network-manager
# utilities packages
sudo apt install git
sudo apt install ncal
sudo apt install udisks2
# desktop packages
sudo apt install --no-install-recommends sway # window manager
sudo apt install swayidle swaylock # window manager extras
sudo apt install mako-notifier libnotify-bin # notification daemon
sudo apt install foot # terminal
sudo apt install fuzzel # launcher
sudo apt install wl-clipboard # clipboard utility
sudo apt install light wlsunset # backlight utility
sudo apt install grim # screenshot utility
sudo apt install fonts-agave # font
# audio packages
sudo apt install pipewire-audio
# audio configuration
systemctl --user --now enable wireplumber.service
# application packages
sudo apt install firefox-esr # browser
sudo apt install mpv # media player
sudo apt install zathura # pdf reader
# building neovim
# building lua-language-server
sudo apt install ninja-build
git clone --depth 1 --branch 3.6.25 https://github.com/luals/lua-language-server
git submodule --init --recursive
./make.sh
# printing and scanning packages
sudo apt install cups
sudo apt install simple-scan
sudo apt install ocrmypdf # ocr
sudo apt install tesseract-ocr-slv
sudo apt install imagemagick
# libreoffice packages
sudo apt install libreoffice libreoffice-gtk3 libreoffice-l10n-sl
# pandoc and latex packages
sudo apt install pandoc
sudo apt install texlive-latex-recommended
sudo apt install texlive-fonts-extra
# remote desktop packages
sudo apt install remmina # remote desktop client
sudo apt install wireguard-tools # vpn
# shell packages
sudo apt install shellcheck
# ocaml packages
sudo apt install opam
```
# `wireguard` configuration
Server:
```sh
# enable ipv4 forwarding
sudo sysctl -w net.ipv4.ip_forward=1
# to make the change permanent edit /etc/sysctl.conf
sudo sed -i "s/^#net.ipv4.ip_forward = 1/net.ipv4.ip_forward = 1/" /etc/sysctl.conf
# generate private and public keys
wg genkey > server.key
wg pubkey < server.key > server.pub
```
Client:
```sh
# generate private and public keys
wg genkey > client.key
wg pubkey < client.key > client.pub
```
Example of `/etc/wireguard/wg0.conf` on the server:
```
[Interface]
Address = 10.200.200.1/24
ListenPort = 1194
PrivateKey = <server.key>
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERADE
[Peer]
PublicKey = <client1.pub>
AllowedIPs = 10.200.200.2/32
[Peer]
PublicKey = <client2.pub>
AllowedIPs = 10.200.200.3/32
```
Example of `/etc/wireguard/wg0.conf` on the client:
```
[Interface]
Address = 10.200.200.2/32
PrivateKey = <client.key>
[Peer]
PublicKey = <server.pub>
Endpoint = <server ip>:1194
AllowedIPs = 0.0.0.0/0, ::/0
```