# linux arch ## step one :: usb drive preparation - download iso - https://archlinux.org/download/ - download signature from main page: - (https://archlinux.org/iso/2024.04.01/archlinux-2024.04.01-x86_64.iso.sig) - this is also found on the mirror, but i prefer to use the signature from the main site. - (https://archmirror1.octyl.net/iso/2024.04.01/archlinux-2024.04.01-x86_64.iso.sig) - download iso from a mirror close by - (https://archmirror1.octyl.net/iso/2024.04.01/) - (https://archmirror1.octyl.net/iso/2024.04.01/archlinux-2024.04.01-x86_64.iso) - verify iso ``` $ gpg --keyserver-options auto-key-retrieve --verify archlinux-2024.04.01-x86_64.iso.sig gpg: assuming signed data in 'archlinux-2024.04.01-x86_64.iso' gpg: Signature made 2024-04-01T13:00:16 EST gpg: using EDDSA key 3E80CA1A8B89F69CBA57D98A76A5EF9054449A5C gpg: issuer "pierre@archlinux.org" gpg: key 76A5EF9054449A5C: public key "Pierre Schmitz " imported gpg: Total number processed: 1 gpg: imported: 1 gpg: Good signature from "Pierre Schmitz " [unknown] gpg: aka "Pierre Schmitz " [unknown] gpg: WARNING: The key's User ID is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 3E80 CA1A 8B89 F69C BA57 D98A 76A5 EF90 5444 9A5C ``` - install to usb - insert usb - `lsblk` (alt: `df`) - ➔ usb = sda - `sudo dd bs=4M if=archlinux-2024.04.01-x86_64.iso of=/dev/sda status=progress oflag=sync` - troubleshooting - error: `dd: failed to open '/dev/sda': Device or resource busy` - solution: using `gparted`, you can reformat the drive (from fat32) to ext4, then try again ## step two :: boot the iso - boot the target system using the arch iso, and prepare for a [guided install](https://archinstall.archlinux.page/installing/guided.html) - tuxwarrior: `F2` for BIOS - thinkpad: `F12` for boot options (`F1` for BIOS) - select `ArchLinux install medium (x86_64, x64 UEFI)` - troubleshooting - grub error - `error: you need to load the kernel first` - `error start_image() returned 0x800000000000001` - solution - reinstall iso on usb - arch iso error - `squashfs error unable to read` - solution - re-install the ISO on another USB device ## step three :: generate config for new hosts - on **new host**: - `archinstall --dry-run` - install language ➔ `english` (default) - locales ➔ - keyboard `us` - loc lang `en_AU.UTF-8` - loc enc `UTF-8` - mirrors and repositories ➔ `colombia`, `united states`, `worldwide` - (Optional repositories ➔ leave blank (default)) [obsolete?] - disk config ➔ partitioning ➔ use a best-effort default partition layout ➔ pick main hd ➔ `ext4` ➔ separate partition for /home: `no` - bootloader ➔ `systemd-boot` (default) [might not be in the right order] - (disk encryption ➔ `no` (default)) [obsolete?] - swap: `True` (default) - unified kernel image: `Disabled` (default) - hostname: `tuxwarrior` - root password: leave blank (default) - user account: leave empty (default) - profile ➔ type ➔ `minimal` - audio ➔ `pipewire` - kernels ➔ `linux` (default) - network configuration ➔ `Use NetworkManager` - additional packages ➔ `git nano tree wget` - `/` to search - timezone ➔ `America/Panama` - automatic time sync ➔ `True` (default) - > Save configuration - > Save user configuration (inc disk layout) - Save directory: `/tmp` ➔ `yes` ➔ answer `no` when asked if you want to encrypt - then `abort` to exit archinstall - `curl -F'file=@user_configuration.json' https://0x0.st` - on **existing host / alternative host**: - for this repo, inside `dots/archinstall` create folder for new host (use hostname as folder name) - open page given above, like `https://0x0.st/Xbov.json` - save raw content as `user_configuration.json` - save file - from a pre-existing host directory, copy over and modify (if needed) `options.sh`, `packages.txt` and `services.txt`. this should be copied to new host directory - example: copied from `dots/archinstall/t470p` to `dots/archinstall/tuxwarrior` - commit changes to this repo, adding the new host files ## step four :: arch install :: the basics - `ip link` - `lo` (loopback - special device) - `enp0s31f6` (ethernet) - `wlan0` (wifi) - `iwctl` - `station wlan0 scan` - `station wlan0 get-networks` - `station wlan0 connect -_-` - `exit` - `cd /tmp` - `curl -L -O https://go.op.fo/fro/lnx-arch/raw/branch/master/scripts/archinstall_config_download.sh` - (`-L` to follow redirects, `-O` to save to disk) - `chmod 755 archinstall_config_download.sh` - `cat archinstall_config_download.sh` - `./archinstall_config_download.sh` - hostname: `tuxwarrior` - password: [poq.L1] - make sure both user .json files have been downloaded and updated - two files should be listed: `user_configuration.json` and `user_credentials.json` - check datestamp shown at the end when running the script - `archinstall --config user_configuration.json --creds user_credentials.json` - Install - > Would you like to chroot into ... perform post-installation config? - `no` - `reboot` ## step five :: arch install :: software & dot files (dots) - log in as `poq` - `nmtui` (activate internet connection) - set up ct (caretaker - system management tool) - `cd /tmp` - `wget https://go.op.fo/fro/lnx-arch/raw/branch/master/scripts/ctsetup.sh` - `cat ctsetup.sh` ➔ verify the file content - `chmod 755 ctsetup.sh` - `sudo ./ctsetup.sh` - `sudo ct yay` (install yay, which is used to install aur packages) - `sudo ct uf` (full update, install packages) - same as running the two commands: - `sudo ct s` - `sudo ct dots` - `sudo ct dots+` (download wallpapers, fonts++) - `sudo ufw enable` (enable firewall) - loop install - untill all programs are successfully installed - note that some packages (in `packages.txt`) might have to be removed, as they might no longer be active / be working - `ct s` - `reboot` & re-login - `startx` (start window manager) - several windows will start - in the background there might will be a window where you are asked to set password for the gnome keyring - the gnome keyring window will always be in focus, and there is no way to close the other windows while this is happening - press `escape` to close the gnome window - ignore the pCloudDrive, Nextcloud and ProtonVPN windows - open and close firefox to have firefox's profile directory being created - start firefox (`SUP + D` ➔ `firefox`) - close firefox - open the terminal (`SUP + Enter`) - create local sync folder for nextcloud - local folder must match `$SYNCDIR_HOSTNAME` in `dots/environment/environment` - t470p: `mkdir /home/poq/nextcloud` - tuxwarrior: `mkdir /home/poq/nextcloud` - `ct s` (install sw that were not installed first time around - not sure why not all sw is installed the first time around) - `ct dots` (the re-run of dots will deploy firefox settings) - `ct services` (enable services) - `reboot` & re-login - once again, press esc to close the gnome keyring window - leave the other windows open - open firefox and log into bitwarden.com - here you will find the needed usernames, passwords and one time codes for logging into the below mentioned applications - settings ➔ change device name ➔ `YYMM - poq @ tuxwarrior` - settings ➔ set as default browser - settings ➔ and log into firefox sync - set up mega - `mv ~/MEGA ~/mega` - does not work great on i3, so the login windom is a small "pixel". need to select this "pixel" and press super+f key for full screen. - login - sync local `/home/poq/mega` with cloud `/deviceSync` - set up pCloud - log in - the first time login process takes quite a while - settings ➔ disk usage ➔ disk space: 2048 ➔ 10240 & cache size: 5120 ➔ 5120 (~51 gb) - set up nextcloud - log in - server address: `https://nx.op.fo` - at this point the gnome keyring manager will pop up again, and ask for a password - leave both (password and confirm) fields blank, and press continue, and chose to store passwords unencrypted - _"To use automatic unlocking with automatic login, you can set a blank password for the default keyring. Note that the contents of the keyring are stored unencrypted in this case."_ - https://wiki.archlinux.org/title/GNOME/Keyring - pick local folder (created above, like `/home/poq/nextcloud`), and - choose `Synchronize everything from server` - and disable the two options `Ask before syncing folders larger than xxx` and `Ask before syncing external storages` - click `Connect` - wait for nextcloud to complete syncronisation - this will likely take a few days, depending on the internet speed and the amount of data stored with nextcloud - set up protonvpn - log in (but wait with enabling vpn until nextcloud has completed syncing) ## step six :: post syncronisation tasks - `syncDirSetup.sh` (will set up `~/syncDir`) - `mountDownloadsDir.sh` (will mount `~/Downloads` to syncDir's download dir) - `deploySshKeys.sh` (deployment of ssh keys) - `importGnupgKeys.sh` (deployment of gnupgp keys) - `reboot` and re-login ## step seven :: nvidia if the system runs nvidia, follow the steps in [nvidia.md](nvidia.md) to set up the nvidia driver. ## step eight :: post installation tasks - kitten - `$ kitten themes neowave` - to list all themes: `$ kitten themes` - nice themes: `1984 dark`, `box`, `falcon`, `flat`, `goa base`, `neowave`, `tropical neon`, `ubunto` - search for `tropical` ➔ select `tropical neon` ➔ press `M` to modify kitten.conf and start using the theme - vscodium - **open workspace :: open all active projects** - file > open workspace from file > `/home/poq/syncDir/gitRepos/gt.op.fo/fiodb/db/workspaces/vscodium/one.code-workspace` - several .sh files might be flagged as modified (in gitkraken they will show up as `file mode changes from 14001 to 217`, which means from chmod 755 to 644), then you can fix this running the command `chmodAllSh.sh`. - **settings sync :: download syncronised setting++** - file > preferences > extension > search for and install `settings sync` - login with github - chose vs codium target git - gist id `33f3bf3e8eb7d7af2c4fd24a57114f3e` - https://gist.github.com/introspectionism/33f3bf3e8eb7d7af2c4fd24a57114f3e - go to `sync settings` and click `edit configuration` - `ctrl` + `shift` + `p` to open command palette - search for `sync` and select `sync: download settings` - gitkraken - preferences > integrations > connect to gitlab - preferences > ssh > uncheck `use local ssh agent` - preferences > ui customization > theme: `gitkraken dark - high contrast` - register fingerprint for ssh key(s) - if the ssh key for a git repo has never been used, the ssh connection will fail as the key is not yet registered. - `$ ssh git@gt.op.fo -p 2002` - `Are you sure you want to continue connecting (yes/no/[fingerprint])? yes` - firefox - settings > select the option to set firefox as default browser - extensions icon > manage extensions > themes > enable theme `activist - bold` - install dictionaries for - [en-AU](https://addons.mozilla.org/en-US/firefox/addon/english-australian-dictionary/) and - [no-NB](https://addons.mozilla.org/en-US/firefox/addon/norsk-bokm%C3%A5l-ordliste/) - update singlefile name format (extension icon > manage extensions > extensions > singlefile > preferences > file format): - old: `%if-empty<{page-title}|No title> ({date-locale} {time-locale}).{filename-extension}` - new: `{year-locale}{month-locale}{day-locale}_{url-href-flat}_.{filename-extension}` - open and install extension found on the top of that page - open `web scrobbler` extension and log in to last.fm - extension: sidebery > settings > - help > `import addon data` > `/home/poq/syncDir/gitRepos/gt.op.fo/lnx-arch/dots/firefox/backup/sidebery-data-2024.06.05-07.51.07.json` - containers > - delete default containers (`personal`, `work`, `banking`, and `shopping`) - select `EvilCorp` container > `manage rules` for urls and add the following urls to exclude: - `google.com`, `microsoft.com`, `live.com`, `x.com`, `bing.com`, `youtube.com` - bitwarden > settings > - autofill > select to show autofill `When autofill icon is selected` - notifications > disable `ask to save and use passkeys` - pcmanfm - edit > preferences > - general > uncheck [ ] erase files on removable media instead of "trash can" creation - general > view mode: `detailed list view` - layout > show in places > unselect all but "trash can" - volume management > when removable media unmounted: `change folder to home` - advanced > path for home folder: `/home/poq/syncDir/` - reaper - import licence - located in protonmail under the 'licence' label, and on the nas server - copy the licence key to the clipboard > help > about reaper > import license key > (licence is automatically loaded) - options > preferences - general > paths > - default path to save new projects: `/home/poq/syncDir/antijantepodden/` - default render path: `/home/poq/syncDir/0_downloads/` - media > import > [ ] copy imported media to project media directory - audio > device > audio system: pulseaudio - sample rate: `48000` - appearance > [x] don't animate any toolbar button - appearance > track meters > [ ] reset peak indicators on play/seek - media > import > - unselect: `copy imported media to project media directory` - actions > - show action list > - new action > - new custom action > - custom action name: `fk: cycle ripple editing mode` - `options: cycle ripple editing mode` - press `ok` - assign shortcut: `\`` - override mapping `view: toggle track zoom to minimum height` - search for `Unselect (clear selection of) all tracks/items/envelope points` - assign shortcut: "Alt + Shift + Up" - https://bertomaudio.com/denoiser-pro.html - `/mnt/nas/cb/software/licences/bertom-denoiser-pro-license.lic` - also located in protonmail under the 'licence' label - `/mnt/nas/cb/software/denoiserPro_bertonAudio` - [download](https://app.lemonsqueezy.com/my-orders/38cd233c-cd39-4b21-b2fa-6c2a38b702d4?signature=ca7157d7b412ef40f58354d6d6233089e8d0facfdec28246d7fe7b1e4450563f) - `Bertom_DenoiserPro_3.0.7_GNU-LINUX.tar.xz` - `mkdir ~/.vst3` (verify folder in Reaper > `options > preferences > plug-ins > vst`) - `tar - xf Bertom_DenoiserPro_3.0.7_GNU-LINUX` - `cp -r Bertom_DenoiserPro_3.0.7_GNU-LINUX/.avx2/Bertom_DenoiserPro.vst3 ~/.vst3/` - restart reaper > add a new track > select the `fx` button > open `vxt3: denoiser pro` and load the licence file - printer - remove services cups.socket and cups.path - $ sudo systemctl disable cups.path - $ sudo systemctl disable cups.socket - `$ system-config-printer` - if usb printer, and turned on, the printer should show up - useful: https://kb.adamsdesk.com/operating_system/arch_linux_install_network_printer/ # error solving - the keyring is reset on each reboot - symptoms: you're asked to re-login to nextcloud and protonvpn on each reboot - open seahorse - delete existing keyring (named `default`?) - create new password keyring - name: `oneRingToHoldThemAll` - password: leave blank (no password) - set new keyring as default - reboot - verify, using seahorse, that the new keyring is used when saving credentials - ref: https://forum.manjaro.org/t/gnome-keyring-keeps-being-reset/147118 - misc - for info on miscellaneous issues, please see .