# linux arch ## step one :: usb drive preparation - download iso - https://archlinux.org/download/ - download signature from main page: - (https://archlinux.org/iso/2024.04.01/archlinux-2024.04.01-x86_64.iso.sig) - this is also found on the mirror, but i prefer to use the signature from the main site. - (https://archmirror1.octyl.net/iso/2024.04.01/archlinux-2024.04.01-x86_64.iso.sig) - download iso from a mirror close by - (https://archmirror1.octyl.net/iso/2024.04.01/) - (https://archmirror1.octyl.net/iso/2024.04.01/archlinux-2024.04.01-x86_64.iso) - verify iso ``` $ gpg --keyserver-options auto-key-retrieve --verify archlinux-2024.04.01-x86_64.iso.sig gpg: assuming signed data in 'archlinux-2024.04.01-x86_64.iso' gpg: Signature made 2024-04-01T13:00:16 EST gpg: using EDDSA key 3E80CA1A8B89F69CBA57D98A76A5EF9054449A5C gpg: issuer "pierre@archlinux.org" gpg: key 76A5EF9054449A5C: public key "Pierre Schmitz " imported gpg: Total number processed: 1 gpg: imported: 1 gpg: Good signature from "Pierre Schmitz " [unknown] gpg: aka "Pierre Schmitz " [unknown] gpg: WARNING: The key's User ID is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 3E80 CA1A 8B89 F69C BA57 D98A 76A5 EF90 5444 9A5C ``` - install to usb - insert usb - `lsblk` (alt: `df`) - ➔ usb = sda - `sudo dd bs=4M if=archlinux-2024.04.01-x86_64.iso of=/dev/sda status=progress oflag=sync` - troubleshooting - error: `dd: failed to open '/dev/sda': Device or resource busy` - solution: using `gparted`, you can reformat the drive (from fat32) to ext4, then try again ## step two :: boot the iso - boot the target system using the arch iso, and prepare for a [guided install](https://archinstall.archlinux.page/installing/guided.html) - tuxwarrior: `F2` for BIOS - thinkpad: `F12` for boot options (`F1` for BIOS) - select `ArchLinux install medium (x86_64, x64 UEFI)` - troubleshooting - grub error - `error: you need to load the kernel first` - `error start_image() returned 0x800000000000001` - solution - reinstall iso on usb - arch iso error - `squashfs error unable to read` - solution - re-install the ISO on another USB device ## step three :: generate config for new hosts - on **new host**: - `archinstall --dry-run` - install language ➔ `english` (default) - locales ➔ - keyboard `us` - loc lang `en_AU.UTF-8` - loc enc `UTF-8` - mirrors and repositories ➔ `colombia`, `united states`, `worldwide` - (Optional repositories ➔ leave blank (default)) [obsolete?] - disk config ➔ partitioning ➔ use a best-effort default partition layout ➔ pick main hd ➔ `ext4` ➔ separate partition for /home: `no` - bootloader ➔ `systemd-boot` (default) [might not be in the right order] - (disk encryption ➔ `no` (default)) [obsolete?] - swap: `True` (default) - unified kernel image: `Disabled` (default) - hostname: `tuxwarrior` - root password: leave blank (default) - user account: leave empty (default) - profile ➔ type ➔ `minimal` - audio ➔ `pipewire` - kernels ➔ `linux` (default) - network configuration ➔ `Use NetworkManager` - additional packages ➔ `git nano tree wget` - `/` to search - timezone ➔ `America/Panama` - automatic time sync ➔ `True` (default) - ➔ Save configuration - ➔ Save user configuration (inc disk layout) - Save directory: `/tmp` ➔ `yes` ➔ answer `no` when asked if you want to encrypt - then `abort` to exit archinstall - `curl -F'file=@user_configuration.json' https://0x0.st` - on **existing host / alternative host**: - for this repo, inside `dots/archinstall` create folder for new host (use hostname as folder name) - open page given above, like `https://0x0.st/Xbov.json` - save raw content as `user_configuration.json` - save file - from a pre-existing host directory, copy over and modify (if needed) `options.sh`, `packages.txt` and `services.txt`. this should be copied to new host directory - example: copied from `dots/archinstall/t470p` to `dots/archinstall/tuxwarrior` - commit changes to this repo, adding the new host files ## step four :: arch install :: the basics - `ip link` - `lo` (loopback - special device) - `enp0s31f6` (ethernet) - `wlan0` (wifi) - `iwctl` - `station wlan0 scan` - `station wlan0 get-networks` - `station wlan0 connect -_-` - `exit` - `cd /tmp` - `curl -L -O https://go.op.fo/fro/lnx-arch/raw/branch/master/scripts/archinstall_config_download.sh` - (`-L` to follow redirects, `-O` to save to disk) - `chmod 755 archinstall_config_download.sh` - `cat archinstall_config_download.sh` - `./archinstall_config_download.sh` - hostname: `tuxwarrior` - password: [poq.L1] - make sure both user .json files have been downloaded and updated - two files should be listed: `user_configuration.json` and `user_credentials.json` - check datestamp shown at the end when running the script - `archinstall --config user_configuration.json --creds user_credentials.json` - Install - ➔ Would you like to chroot into ... perform post-installation config? - `no` - `reboot` ## step five :: arch install :: software & dot files (dots) - log in as `poq` - `nmtui` (activate internet connection) - set up ct (caretaker - system management tool) - `cd /tmp` - `wget https://go.op.fo/fro/lnx-arch/raw/branch/master/scripts/ctsetup.sh` - `cat ctsetup.sh` ➔ verify the file content - `chmod 755 ctsetup.sh` - `sudo ./ctsetup.sh` - `sudo ct yay` (install yay, which is used to install aur packages) - `sudo ct uf` (full update, install packages) - same as running the two commands: - `sudo ct s` - `sudo ct dots` - `sudo ct dots+` (download wallpapers, fonts++) - `sudo ufw enable` (enable firewall) - loop install - untill all programs are successfully installed - note that some packages (in `packages.txt`) might have to be removed, as they might no longer be active / be working - `ct s` - `reboot` & re-login - `startx` (start window manager) - several windows will start - in the background there might will be a window where you are asked to set password for the gnome keyring - the gnome keyring window will always be in focus, and there is no way to close the other windows while this is happening - press `escape` to close the gnome window - ignore the pCloudDrive, Nextcloud and ProtonVPN windows - open and close firefox to have firefox's profile directory being created - start firefox (`SUP + D` ➔ `firefox`) - close firefox - open the terminal (`SUP + Enter`) - create local sync folder for nextcloud - local folder must match `$SYNCDIR_HOSTNAME` in `dots/environment/environment` - t470p: `mkdir /home/poq/nextcloud` - tuxwarrior: `mkdir /home/poq/nextcloud` - `ct s` (install sw that were not installed first time around - not sure why not all sw is installed the first time around) - `ct dots` (the re-run of dots will deploy firefox settings) - `ct services` (enable services) - `reboot` & re-login - once again, press esc to close the gnome keyring window - leave the other windows open - open firefox and log into bitwarden.com - here you will find the needed usernames, passwords and one time codes for logging into the below mentioned applications - settings ➔ change device name ➔ `YYMM - poq @ tuxwarrior` - settings ➔ set as default browser - settings ➔ and log into firefox sync - set up mega - `mv ~/MEGA ~/mega` - does not work great on i3, so the login windom is a small "pixel". need to select this "pixel" and press super+f key for full screen. - login - sync local `/home/poq/mega` with cloud `/deviceSync` - when sync is setup, click the three dots next to the synced folders, and chose `manage exclusion` - remove the exlusions for `~`, `.`, `~.` and `tmp` - only remaining exlusions: `Thumbs.db`, `desktop.ini`, `crdownload` and `sb-????????-?????` - set up pCloud - log in - the first time login process takes quite a while - settings ➔ disk usage ➔ disk space: 2048 ➔ 10240 & cache size: 5120 ➔ 5120 (~51 gb) - set up nextcloud - log in - server address: `https://nx.op.fo` - at this point the gnome keyring manager will pop up again, and ask for a password - leave both (password and confirm) fields blank, and press continue, and chose to store passwords unencrypted - _"To use automatic unlocking with automatic login, you can set a blank password for the default keyring. Note that the contents of the keyring are stored unencrypted in this case."_ - https://wiki.archlinux.org/title/GNOME/Keyring - pick local folder (created above, like `/home/poq/nextcloud`), and - choose `Synchronize everything from server` - and disable the two options `Ask before syncing folders larger than xxx` and `Ask before syncing external storages` - click `Connect` - wait for nextcloud to complete syncronisation - this will likely take a few days, depending on the internet speed and the amount of data stored with nextcloud - set up protonvpn - log in (but wait with enabling vpn until nextcloud has completed syncing) ## step six :: post syncronisation tasks - `syncDirSetup.sh` (will set up `~/syncDir`) - `deploySshKeys.sh` (deployment of ssh keys) - `importGnupgKeys.sh` (deployment of gnupgp keys) - `gitReposSoftlinker.sh` (create softlinks to all repos at `~/syncDir/gitRepos/`) - `chmodAllSh.sh` (fixes mode change from 14001 to 217 errors in repo) - `reboot` and re-login ## step seven :: nvidia (optional) if the system runs nvidia, follow the steps in [nvidia.md](nvidia.md) to set up the nvidia driver. ## step eight :: post installation tasks - **KITTEN** - `$ kitten themes 'sakura night'` - to list all themes: `$ kitten themes` - nice themes: `1984 dark`, `box`, `cyberpunk`, `falcon`, `flat`, `goa base`, `neowave`, `sakura night`, `tropical neon`, `ubunto` - (search for `tropical` ➔ select `tropical neon` ➔ press `M` to modify kitten.conf and start using the theme) - **VSCODIUM** - **local sync** - open extensions and search for `local sync` - install the extension - open extension settings - 1. disable auto backup files on change - 2. set path to backup files: - `/home/poq/syncDir/gitRepos/gt.op.fo/fiodb/db/vscodium/syncBackup` - 3. run `local sync: restore` (ctrl + shift + p) - 4. enable auto backup files on change - **open workspace :: open all active projects** - file ➔ open workspace from file ➔ `/home/poq/syncDir/gitRepos/gt.op.fo/fiodb/db/workspaces/vscodium/workspace/one.code-workspace` - several .sh files might be flagged as modified (in gitkraken they will show up as `file mode changes from 14001 to 217`, which means from chmod 755 to 644), then you can fix this running the command `chmodAllSh.sh`. - **GITKRAKEN** - preferences ➔ integrations ➔ connect to gitlab - preferences ➔ ssh ➔ uncheck `use local ssh agent` - preferences ➔ ui customization ➔ theme: `gitkraken dark - high contrast` - register fingerprint for ssh key(s) - if the ssh key for a git repo has never been used, the ssh connection will fail as the key is not yet registered. - `$ ssh git@gt.op.fo -p 2002` - `Are you sure you want to continue connecting (yes/no/[fingerprint])? yes` - **FIREFOX** - default browser: - settings ➔ select the option to set firefox as default browser - default search engine: - change default search engine to presearch, and login to presearch - theme - extensions icon ➔ manage extensions ➔ themes ➔ enable theme `xxxx` - or, enable: - alt 1: https://addons.mozilla.org/en-US/firefox/addon/neon-sign-shine/ - alt 2: https://addons.mozilla.org/en-US/firefox/addon/pitch-black-pink/ - alt 3: https://addons.mozilla.org/en-US/firefox/addon/activist-bold_/ - install dictionaries for - [en-AU](https://addons.mozilla.org/en-US/firefox/addon/english-australian-dictionary/) and - [no-NB](https://addons.mozilla.org/en-US/firefox/addon/norsk-bokm%C3%A5l-ordliste/) - update singlefile name format (extension icon ➔ manage extensions ➔ extensions ➔ singlefile ➔ preferences ➔ file format): - old: `%if-empty<{page-title}|No title> ({date-locale} {time-locale}).{filename-extension}` - new: `{year-locale}{month-locale}{day-locale}_{url-href-flat}_.{filename-extension}` - open and install extension found on the top of that page - open `web scrobbler` extension and log in to last.fm - extension: sidebery ➔ settings ➔ - help ➔ `import addon data` ➔ `/home/poq/syncDir/gitRepos/gitlab.com/dotsplus/firefox/addons/sidebery/ sidebery-data-....json` - or, download the settings from: - manual adjustments (if needed) ➔ - delete default containers (`personal`, `work`, `banking`, and `shopping`) - select `bigTech` container ➔ `manage rules` for urls and add the following urls to include: - `google.com`, `x.com`, `bing.com`, `youtube.com` - select `quick` container ➔ manage rules and include: - `quick.no`, `dlsoftware`, `quick3` - bitwarden ➔ settings ➔ - autofill ➔ - disable: display identities as suggestions - disable: display cards as suggestions - enable: `Display suggestions when icon is selected` - disable: always show cards as autofill suggestions on vault view - disable: always show identities as autofil suggestions on vault view - notifications ➔ - disable: `ask to save and use passkeys` - appearance ➔ - vault customization ➔ - enable: `Show quick copy actions on Vault` - **PCMAN** - edit ➔ preferences > - (general ➔ uncheck [ ] erase files on removable media instead of "trash can" creation) <<- no, will keep this checked for now - layout ➔ show in places ➔ unselect all but "trash can" - **REAPER** - NOTE: much of this can very likey be omitted, as the settings can be imported from: - `/home/poq/syncDir/gitRepos/gitlab.com/dotsplus/reaper/config/` - --- - open reaper, and uncheck `check for new versions` - import licence - located in protonmail under the 'licence' label, and on the nas server: - `/mnt/nas/cb/software/licences/reaper.txt` - import from file, or: - copy the licence key to the clipboard ➔ help ➔ about reaper ➔ import license key ➔ (licence is automatically loaded) - options ➔ preferences - general ➔ paths > - default path to save new projects: `/home/poq/syncDir/0_inProgress/mixing/` - default render path: `/home/poq/syncDir/0_downloads/` - audio ➔ device ➔ audio system: pulseaudio - sample rate: `48000` - appearance ➔ enable `don't animate any toolbar button` - appearance ➔ track meters ➔ enable `reset peak indicators on play/seek` - media ➔ import ➔ disable `copy imported media to project media directory` - actions > - show action list ➔ - new action ➔ new custom action ➔ - custom action name: `fk: cycle ripple editing mode` - `options: cycle ripple editing mode` - press `ok` - assign shortcut: by clicking the add button, and typing `\`` - override mapping `view: toggle track zoom to minimum height` - search for `Unselect (clear selection of) all tracks/items/envelope points` - assign shortcut: "Alt + Shift + Up" - https://bertomaudio.com/denoiser-pro.html - login with: `231114_lemonsqueezycom@468910.xyz` (pwd is sent to email) - `/mnt/nas/cb/software/denoiserPro_bertonAudio` - [download](https://app.lemonsqueezy.com/my-orders/38cd233c-cd39-4b21-b2fa-6c2a38b702d4?signature=ca7157d7b412ef40f58354d6d6233089e8d0facfdec28246d7fe7b1e4450563f) - `Bertom_DenoiserPro_3.0.7_GNU-LINUX.tar.xz` - `mkdir ~/.vst3` (verify folder in Reaper ➔ `options ➔ preferences ➔ plug-ins ➔ vst`) - `tar -xf /mnt/nas/cb/software/denoiserPro_bertonAudio/latest/Bertom_DenoiserPro_3.0.9_LINUX.tar.xz -C ~/syncDir/0_downloads/` - `cp -r ~/syncDir/0_downloads/Bertom_DenoiserPro_3.0.9_LINUX/.avx2/Bertom_DenoiserPro.vst3/ ~/.vst3/` - restart reaper ➔ add a new track ➔ select the `fx` button ➔ open `vxt3: denoiser pro` and load the licence file - `/mnt/nas/cb/software/licences/bertom-denoiser-pro-license.lic` - `/mnt/nas/cb/software/denoiserPro_bertonAudio/bertom-denoiser-pro-license.lic` - also located in protonmail under the 'licence' label - extra: ? - **PRINTING** - remove services cups.socket and cups.path - `$ sudo systemctl disable cups.path` - `$ sudo systemctl disable cups.socket` - `$ system-config-printer` - if usb printer, and turned on, the printer should show up - useful: https://kb.adamsdesk.com/operating_system/arch_linux_install_network_printer/ # error solving - the keyring is reset on each reboot - symptoms: you're asked to re-login to nextcloud and protonvpn on each reboot - open seahorse - delete existing keyring (named `default`?) - create new password keyring - name: `oneRingToHoldThemAll` - password: leave blank (no password) - set new keyring as default - reboot - verify, using seahorse, that the new keyring is used when saving credentials - ref: https://forum.manjaro.org/t/gnome-keyring-keeps-being-reset/147118 - misc - for info on miscellaneous issues, please see .