Here are my random Linux notes

• Arch
• Helix

My Arch Install

Following the arch wiki guide.

Live Environment Setup

loadkeys sv-latin1 # keyboard
iwctl station wlan0 connect # if on wifi
ping archlinux.org -c 3 # test internet
timedatectl set-ntp true # fix systemclock if needed
Pacman -Sy # Refresh pacman repository

Optional: install over ssh.

Disk Setup

UEFI and encrypted BTRFS

Partitioning

gdisk /dev/sda # or whichever drive you will use
> n
> [default]
> [default]
> +350M
> ef00
> n # root partition use everything or give some space for SSD MAGIC
> [default]
> [default]
> [default] # OR -50G
> w
> Y
lsblk # verify partitioning

Filesystems

# EFI partition is fat32
mkfs.fat -F 32 /dev/sda1
# encrypted root volume
cryptsetup luksFormat /dev/sda2
> YES
> <password>
> <password>
cryptsetup luksOpen /dev/sda2 hemlig
> <password>
lsblk # verify again
ls /dev/mapper
mkfs.btrfs /dev/mapper/hemlig
# mount root partition as "root"
mount /dev/mapper/hemlig /mnt
# make subvolumes
btrfs subvolume create /mnt/@
btrfs subvolume create /mnt/@home
btrfs subvolume create /mnt/@snapshots
btrfs subvolume create /mnt/@var_log # or /mnt/@var
btrfs subvolume create /mnt/@swap
# need to unmount /mnt to mount subvolumes
umount /mnt

Mounting

• noatime - dont write access times, but can break applications, use relatime
• compress - zstd is the middle one as for speed/compress ratio
• discard=async - optimized trimming
• space_cache=v2 https://wiki.tnonline.net/w/Btrfs/Space_Cache

mount -o relatime,compress=zstd,ssd,discard=async,space_cache=v2,subvol=@ /dev/mapper/hemlig /mnt

mkdir -p /mnt/{boot,home,var,swap,snapshots} # or just var depending on coice on line 45

mount -o relatime,compress=zstd,ssd,discard=async,space_cache=v2,subvol=@home /dev/mapper/hemlig /mnt/home
mount -o relatime,compress=zstd,ssd,discard=async,space_cache=v2,subvol=@snapshots /dev/mapper/hemlig /mnt/snapshots
mount -o relatime,compress=zstd,ssd,discard=async,space_cache=v2,subvol=@var /dev/mapper/hemlig /mnt/var
mount -o relatime,ssd,space_cache=v2,subvol=@swap /dev/mapper/hemlig /mnt/swap
mount /dev/sda1 /mnt/boot

Installation

install base

pacstrap /mnt base base-devel linux linux-firmware amd-ucode git helix fish btrfs-progs

Generate an fstab file (use -U or -L to define by UUID or labels, respectively):

genfstab -U /mnt >> /mnt/etc/fstab

Change root into the new system:

arch-chroot /mnt

Set the time zone:

ln -sf /usr/share/zoneinfo/Europe/Stockholm /etc/localtime

Run hwclock(8) to generate /etc/adjtime:

hwclock --systohc

Setup locale and keyboard

# I uncomment sv_SE and en_GB
helix /etc/locale.gen
locale-gen
echo "LANG=en_GB.UTF-8" > /etc/locale.conf
echo "KEYMAP=sv-latin1" > /etc/vconsole.conf
echo "myhostname" > /etc/hostname

helix /etc/hosts  

Copy and paste all that's below

127.0.0.1       localhost
::1     localhost
127.0.1.1   myhostname.localhost myhostname

Create initial ramdisk environment

mkinitcpio -p linux
# pacman -S dracut
# pacman -R mkinitcpio
# dracut --hostonly --no-hostonly-cmdline /boot/initramfs-linux.img

Enable systemd services

systemctl enable fstrim.timer
systemctl enable NetworkManager
# if on virtualbox
# sudo pacman -S virtualbox-guest-utils
# systemctl enable vboxservice.service

Add a user

useradd -m <username>
passwd <username>
usermod -aG wheel <username>
EDITOR=helix visudo
> uncomment wheel group

exit
umount -R /mnt
reboot

Packages

sudo pacman -S 
man-db man-pages \ # manpages
fish \ # shell
alacritty \ # terminal
plymouth \ # graphical boot, nice for decrypting hard drive
greed greetd-regreet \ # login manager (see setup if used)
xdg-desktop-portal-wlr xdg-desktop-portal-gtk xdg-user-dirs \ # needed by applications on wlroots
sway swaylock swayidle \ # window manager
j4-menu-desktop bemenu-wayland \ # launcher
bluez \ # bluetooth
xorg-wayland firefox gimp \ # will use eventually packages
imv \ # image viewer

AUR

git clone https://aur.archlinux.org/paru.git
cd paru
makepkg -si

Configuration

• Configure Plymouth
• Change Default Shell

chsh -l
chsh -s /bin/fish

Configure login manager

• ReGreet wiki

Configure Sway

• Arch wiki
• Sway wiki

# minimal setup is (but we clone dotiles from repo)
cp /etc/sway/config ~/.config/sway
helix ~/.config/sway/config
> change term to your terminal

Get dotfiles. This is a private repo, copy ssh keys from a usb stick first. I currently just have a global ignore and force add files. I don't like this way, but it is what I'm using at the moment

cd ~
git init
git remote add <branch> <git repo>
git pull

TODO

• General_recommendations
• Backup

Sway Inspiration

Alacritty

• A good guide
• find themes here

Helix Configuration

Global

[editor]
bufferline = "multiple"
idle-timeout = 10
soft-wrap.enable = true
workspace-lsp-roots = ["migration"] # sea-orm wants migration inside another project

[keys.normal]
"'" = { d = ":buffer-close", o = ":buffer-close-others", c = ":sh alacritty --hold -e cargo clippy", b = ":sh alacritty --hold -e cargo build", r = ":sh alacritty -e cargo run", R = ":sh alacritty --hold -e cargo run", t = ":sh alacritty --hold -e cargo test" }
A-j = ":buffer-previous"
A-k = ":buffer-next"

[keys.normal.space]
i = ":toggle lsp.display-inlay-hints"

Local

Place in project dir .helix/languages.toml

Embedded

[[language]]
name = "rust"

[language-server.rust-analyzer.config]
check.allTargets = false
cargo.target = "riscv32imac-unknown-none-elf"

Leptos

[[language]]
name = "rust"
[language.formatter]
command = "sh"
args = ["-c", "rustfmt --edition 2021 | leptosfmt --stdin"]
[language-server.rust-analyzer]
config = { procMacro = { ignored = { leptos_macro = [ "server" ] } } } 

Dioxus

[[language]]
name = "rust"
language-servers = ["rust-analyzer", "tailwindcss-ls"]

[language-server.tailwindcss-ls]
config = { userLanguages = { rust = "html", "*.rs" = "html" }, tailwindCSS.experimental.classRegex = ["class: \"(.*)\""] }

Potato Home Server

Hardware

• Mainboard and CPU Minisforum BD790i
• Case Fractal Design Torrent Nano
• CPU Fan Noctua NF-A12x25
• Power Supply ATX PS2 750 W
• M2 SSDs 2x 4 TB
• RAM 2x32 GB 6000 MHz
• Hard Drives

Software

Plan:

• Mirror my desktop as much as possible for comfort
• Simpler services run as normal packages and systemd services
• Bigger complext stuff run in containters with podman
• Consider using nix for services

Networking

Most services should only be accessible for clients connected with vpn or already on lan

WireGuard

Maybe use this? wg-easy

Caddy

Add this rule to things that should only be available to wireguard connected clients

#https://caddyserver.com/docs/caddyfile/matchers#remote-ip
(local-only) {
  # private_ranges all private IPv4 and IPv6
  @denied not remote_ip private_ranges
  # abort @denied 
  respond @denied "<h1>No Potato</h1>" 403
}

# Example usage
http://mysite.example.com {    
    handle {
        import local-only

        # Your website handling logic goes here
        reverse_proxy 127.0.0.1:8080
    }
}

Nextcloud Caddy Config Caddy local https

Notes on Potatoes

https://en.wikipedia.org/wiki/List_of_potato_cultivars

https://leafyplace.com/types-of-potatoes/

https://www.granngarden.se/kunskap/tradgard-odla/odla-plantera/odla-potatis

https://www.granngarden.se/potatisgodsel-hasselfors-3l