From: Christian Heller Date: Sat, 22 Mar 2025 00:17:12 +0000 (+0100) Subject: Grand restructuring. X-Git-Url: https://plomlompom.com/repos/%7B%7B%20web_path%20%7D%7D/feed.xml?a=commitdiff_plain;h=refs%2Fheads%2Fmaster;p=config Grand restructuring. --- diff --git a/_bookworm/apt-mark/all b/_bookworm/apt-mark/all deleted file mode 100644 index abd02d6..0000000 --- a/_bookworm/apt-mark/all +++ /dev/null @@ -1,14 +0,0 @@ -# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client -# unpredictably so -ifupdown -isc-dhcp-client -# git for the setup directory; cloning works with ca-certificates -ca-certificates -git -# to avoid constant warnings about no locale being found -locales -# extremely useful for basic network debugging; missed these more than once in an emergency -netcat-traditional -iputils-ping -# what would we do without this … -apt diff --git a/_bookworm/apt-mark/h610m b/_bookworm/apt-mark/h610m deleted file mode 100644 index 02b95cc..0000000 --- a/_bookworm/apt-mark/h610m +++ /dev/null @@ -1,10 +0,0 @@ -# for X to start at all -linux-headers-amd64 -nvidia-driver -firmware-misc-nonfree -# X input: keyboard -xserver-xorg-input-evdev -# CUDA -nvidia-cuda-dev -nvidia-cuda-toolkit - diff --git a/_bookworm/apt-mark/seedbox b/_bookworm/apt-mark/seedbox deleted file mode 100644 index 7129acf..0000000 --- a/_bookworm/apt-mark/seedbox +++ /dev/null @@ -1,5 +0,0 @@ -# needed for torrenting -rtorrent -# needed for torrenting session -screen - diff --git a/_bookworm/apt-mark/server b/_bookworm/apt-mark/server deleted file mode 100644 index ecca45d..0000000 --- a/_bookworm/apt-mark/server +++ /dev/null @@ -1,12 +0,0 @@ -# so we can login at all … -openssh-server -# firewalling -nftables -# We want to be able to use ALL our servers as borg backup destinations. -borgbackup -# not only pull in systemd, but also /sbin/reboot and /sbin/shutdown -systemd-sysv -# necessary on _some_ vservers -net-tools -quota - diff --git a/_bookworm/apt-mark/thinkpad b/_bookworm/apt-mark/thinkpad deleted file mode 100644 index fa7bd38..0000000 --- a/_bookworm/apt-mark/thinkpad +++ /dev/null @@ -1,16 +0,0 @@ -# for wifi -firmware-iwlwifi -network-manager -wpasupplicant -# for tlp -tlp -tp-smapi-dkms -# for X to start at all -xserver-xorg-video-intel -# X input: keyboard and touchpad -xserver-xorg-input-evdev -xserver-xorg-input-synaptics -# to use printer -cups -# - diff --git a/_bookworm/apt-mark/user b/_bookworm/apt-mark/user deleted file mode 100644 index 831b81c..0000000 --- a/_bookworm/apt-mark/user +++ /dev/null @@ -1,56 +0,0 @@ -# to avoid booting problems with encrypted LVM, see -cryptsetup-initramfs -lvm2 -# this provides setupcon which reads /etc/default/console-setup -console-setup -# for startx -xinit -# for xrdb -x11-xserver-utils -# for startx to run for non-root user -libpam-systemd -# window environment -i3 -i3status -suckless-tools -xterm -# to get sleepy at night -redshift -# for alsamixer -alsa-utils -# also useful -vim -sudo -less -man-db -manpages -procps -# firefox install dependencies -wget -bzip2 -# firefox running dependencies -libgtk-3-0 -libdbus-glib-1-2 -# tridactyl install recommendations -vim-gtk3 -curl -# for firefox to emit sound -pulseaudio -# emacs -emacs -emacs-common-non-dfsg -emacs-el -elpa-ledger -ledger -# to mount encrypted USB stick and use its contents -pmount -cryptsetup -openssh-client -# for syncing -borgbackup -# mail setup -isync -notmuch -elpa-notmuch -pinentry-gtk2 -# diff --git a/_bookworm/apt-mark/w530 b/_bookworm/apt-mark/w530 deleted file mode 100644 index 6c2cfd7..0000000 --- a/_bookworm/apt-mark/w530 +++ /dev/null @@ -1,13 +0,0 @@ -# for open-gpu-kernel-modules building -gcc -g++ -make -linux-headers-amd64 -xz-utils -# for NVIDIA driver .run --no-kernel-modules -libvulkan1 -libglvnd-dev -pkg-config -# so we can add nvidia.NVreg_OpenRmEnableUnsupportedGpus=1 to default grub -grub-efi-amd64 - diff --git a/_bookworm/apt-mark/web b/_bookworm/apt-mark/web deleted file mode 100644 index 4912b8a..0000000 --- a/_bookworm/apt-mark/web +++ /dev/null @@ -1,4 +0,0 @@ -nginx-light -# for SSL -certbot -python3-certbot-nginx diff --git a/_bookworm/borg.sh b/_bookworm/borg.sh deleted file mode 120000 index 358132c..0000000 --- a/_bookworm/borg.sh +++ /dev/null @@ -1 +0,0 @@ -../bullseye/borg.sh \ No newline at end of file diff --git a/_bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies b/_bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies deleted file mode 100644 index 4aaef79..0000000 --- a/_bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies +++ /dev/null @@ -1,4 +0,0 @@ -APT::AutoRemove::RecommendsImportant "false"; -APT::AutoRemove::SuggestsImportant "false"; -APT::Install-Recommends "false"; -APT::Install-Suggests "false"; diff --git a/_bookworm/etc_files/all/etc/apt/sources.list b/_bookworm/etc_files/all/etc/apt/sources.list deleted file mode 100644 index 72b0ffb..0000000 --- a/_bookworm/etc_files/all/etc/apt/sources.list +++ /dev/null @@ -1,4 +0,0 @@ -deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware -deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware -deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware -deb http://ftp.debian.org/debian bookworm-backports main contrib non-free non-free-firmware diff --git a/_bookworm/etc_files/all/etc/default/locale b/_bookworm/etc_files/all/etc/default/locale deleted file mode 100644 index dd6eee3..0000000 --- a/_bookworm/etc_files/all/etc/default/locale +++ /dev/null @@ -1 +0,0 @@ -LANG="en_US.UTF-8" diff --git a/_bookworm/etc_files/all/etc/locale.gen b/_bookworm/etc_files/all/etc/locale.gen deleted file mode 100644 index a28cfa4..0000000 --- a/_bookworm/etc_files/all/etc/locale.gen +++ /dev/null @@ -1,483 +0,0 @@ -# This file lists locales that you wish to have built. You can find a list -# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add -# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change -# this file, you need to rerun locale-gen. - - -# aa_DJ ISO-8859-1 -# aa_DJ.UTF-8 UTF-8 -# aa_ER UTF-8 -# aa_ER@saaho UTF-8 -# aa_ET UTF-8 -# af_ZA ISO-8859-1 -# af_ZA.UTF-8 UTF-8 -# ak_GH UTF-8 -# am_ET UTF-8 -# an_ES ISO-8859-15 -# an_ES.UTF-8 UTF-8 -# anp_IN UTF-8 -# ar_AE ISO-8859-6 -# ar_AE.UTF-8 UTF-8 -# ar_BH ISO-8859-6 -# ar_BH.UTF-8 UTF-8 -# ar_DZ ISO-8859-6 -# ar_DZ.UTF-8 UTF-8 -# ar_EG ISO-8859-6 -# ar_EG.UTF-8 UTF-8 -# ar_IN UTF-8 -# ar_IQ ISO-8859-6 -# ar_IQ.UTF-8 UTF-8 -# ar_JO ISO-8859-6 -# ar_JO.UTF-8 UTF-8 -# ar_KW ISO-8859-6 -# ar_KW.UTF-8 UTF-8 -# ar_LB ISO-8859-6 -# ar_LB.UTF-8 UTF-8 -# ar_LY ISO-8859-6 -# ar_LY.UTF-8 UTF-8 -# ar_MA ISO-8859-6 -# ar_MA.UTF-8 UTF-8 -# ar_OM ISO-8859-6 -# ar_OM.UTF-8 UTF-8 -# ar_QA ISO-8859-6 -# ar_QA.UTF-8 UTF-8 -# ar_SA ISO-8859-6 -# ar_SA.UTF-8 UTF-8 -# ar_SD ISO-8859-6 -# ar_SD.UTF-8 UTF-8 -# ar_SS UTF-8 -# ar_SY ISO-8859-6 -# ar_SY.UTF-8 UTF-8 -# ar_TN ISO-8859-6 -# ar_TN.UTF-8 UTF-8 -# ar_YE ISO-8859-6 -# ar_YE.UTF-8 UTF-8 -# as_IN UTF-8 -# ast_ES ISO-8859-15 -# ast_ES.UTF-8 UTF-8 -# ayc_PE UTF-8 -# az_AZ UTF-8 -# be_BY CP1251 -# be_BY.UTF-8 UTF-8 -# be_BY@latin UTF-8 -# bem_ZM UTF-8 -# ber_DZ UTF-8 -# ber_MA UTF-8 -# bg_BG CP1251 -# bg_BG.UTF-8 UTF-8 -# bhb_IN.UTF-8 UTF-8 -# bho_IN UTF-8 -# bn_BD UTF-8 -# bn_IN UTF-8 -# bo_CN UTF-8 -# bo_IN UTF-8 -# br_FR ISO-8859-1 -# br_FR.UTF-8 UTF-8 -# br_FR@euro ISO-8859-15 -# brx_IN UTF-8 -# bs_BA ISO-8859-2 -# bs_BA.UTF-8 UTF-8 -# byn_ER UTF-8 -# ca_AD ISO-8859-15 -# ca_AD.UTF-8 UTF-8 -# ca_ES ISO-8859-1 -# ca_ES.UTF-8 UTF-8 -# ca_ES.UTF-8@valencia UTF-8 -# ca_ES@euro ISO-8859-15 -# ca_ES@valencia ISO-8859-15 -# ca_FR ISO-8859-15 -# ca_FR.UTF-8 UTF-8 -# ca_IT ISO-8859-15 -# ca_IT.UTF-8 UTF-8 -# ce_RU UTF-8 -# chr_US UTF-8 -# cmn_TW UTF-8 -# crh_UA UTF-8 -# cs_CZ ISO-8859-2 -# cs_CZ.UTF-8 UTF-8 -# csb_PL UTF-8 -# cv_RU UTF-8 -# cy_GB ISO-8859-14 -# cy_GB.UTF-8 UTF-8 -# da_DK ISO-8859-1 -# da_DK.UTF-8 UTF-8 -# de_AT ISO-8859-1 -# de_AT.UTF-8 UTF-8 -# de_AT@euro ISO-8859-15 -# de_BE ISO-8859-1 -# de_BE.UTF-8 UTF-8 -# de_BE@euro ISO-8859-15 -# de_CH ISO-8859-1 -# de_CH.UTF-8 UTF-8 -# de_DE ISO-8859-1 -# de_DE.UTF-8 UTF-8 -# de_DE@euro ISO-8859-15 -# de_IT ISO-8859-1 -# de_IT.UTF-8 UTF-8 -# de_LI.UTF-8 UTF-8 -# de_LU ISO-8859-1 -# de_LU.UTF-8 UTF-8 -# de_LU@euro ISO-8859-15 -# doi_IN UTF-8 -# dv_MV UTF-8 -# dz_BT UTF-8 -# el_CY ISO-8859-7 -# el_CY.UTF-8 UTF-8 -# el_GR ISO-8859-7 -# el_GR.UTF-8 UTF-8 -# en_AG UTF-8 -# en_AU ISO-8859-1 -# en_AU.UTF-8 UTF-8 -# en_BW ISO-8859-1 -# en_BW.UTF-8 UTF-8 -# en_CA ISO-8859-1 -# en_CA.UTF-8 UTF-8 -# en_DK ISO-8859-1 -# en_DK.ISO-8859-15 ISO-8859-15 -# en_DK.UTF-8 UTF-8 -# en_GB ISO-8859-1 -# en_GB.ISO-8859-15 ISO-8859-15 -# en_GB.UTF-8 UTF-8 -# en_HK ISO-8859-1 -# en_HK.UTF-8 UTF-8 -# en_IE ISO-8859-1 -# en_IE.UTF-8 UTF-8 -# en_IE@euro ISO-8859-15 -# en_IL UTF-8 -# en_IN UTF-8 -# en_NG UTF-8 -# en_NZ ISO-8859-1 -# en_NZ.UTF-8 UTF-8 -# en_PH ISO-8859-1 -# en_PH.UTF-8 UTF-8 -# en_SG ISO-8859-1 -# en_SG.UTF-8 UTF-8 -# en_US ISO-8859-1 -# en_US.ISO-8859-15 ISO-8859-15 -en_US.UTF-8 UTF-8 -# en_ZA ISO-8859-1 -# en_ZA.UTF-8 UTF-8 -# en_ZM UTF-8 -# en_ZW ISO-8859-1 -# en_ZW.UTF-8 UTF-8 -# eo UTF-8 -# es_AR ISO-8859-1 -# es_AR.UTF-8 UTF-8 -# es_BO ISO-8859-1 -# es_BO.UTF-8 UTF-8 -# es_CL ISO-8859-1 -# es_CL.UTF-8 UTF-8 -# es_CO ISO-8859-1 -# es_CO.UTF-8 UTF-8 -# es_CR ISO-8859-1 -# es_CR.UTF-8 UTF-8 -# es_CU UTF-8 -# es_DO ISO-8859-1 -# es_DO.UTF-8 UTF-8 -# es_EC ISO-8859-1 -# es_EC.UTF-8 UTF-8 -# es_ES ISO-8859-1 -# es_ES.UTF-8 UTF-8 -# es_ES@euro ISO-8859-15 -# es_GT ISO-8859-1 -# es_GT.UTF-8 UTF-8 -# es_HN ISO-8859-1 -# es_HN.UTF-8 UTF-8 -# es_MX ISO-8859-1 -# es_MX.UTF-8 UTF-8 -# es_NI ISO-8859-1 -# es_NI.UTF-8 UTF-8 -# es_PA ISO-8859-1 -# es_PA.UTF-8 UTF-8 -# es_PE ISO-8859-1 -# es_PE.UTF-8 UTF-8 -# es_PR ISO-8859-1 -# es_PR.UTF-8 UTF-8 -# es_PY ISO-8859-1 -# es_PY.UTF-8 UTF-8 -# es_SV ISO-8859-1 -# es_SV.UTF-8 UTF-8 -# es_US ISO-8859-1 -# es_US.UTF-8 UTF-8 -# es_UY ISO-8859-1 -# es_UY.UTF-8 UTF-8 -# es_VE ISO-8859-1 -# es_VE.UTF-8 UTF-8 -# et_EE ISO-8859-1 -# et_EE.ISO-8859-15 ISO-8859-15 -# et_EE.UTF-8 UTF-8 -# eu_ES ISO-8859-1 -# eu_ES.UTF-8 UTF-8 -# eu_ES@euro ISO-8859-15 -# eu_FR ISO-8859-1 -# eu_FR.UTF-8 UTF-8 -# eu_FR@euro ISO-8859-15 -# fa_IR UTF-8 -# ff_SN UTF-8 -# fi_FI ISO-8859-1 -# fi_FI.UTF-8 UTF-8 -# fi_FI@euro ISO-8859-15 -# fil_PH UTF-8 -# fo_FO ISO-8859-1 -# fo_FO.UTF-8 UTF-8 -# fr_BE ISO-8859-1 -# fr_BE.UTF-8 UTF-8 -# fr_BE@euro ISO-8859-15 -# fr_CA ISO-8859-1 -# fr_CA.UTF-8 UTF-8 -# fr_CH ISO-8859-1 -# fr_CH.UTF-8 UTF-8 -# fr_FR ISO-8859-1 -# fr_FR.UTF-8 UTF-8 -# fr_FR@euro ISO-8859-15 -# fr_LU ISO-8859-1 -# fr_LU.UTF-8 UTF-8 -# fr_LU@euro ISO-8859-15 -# fur_IT UTF-8 -# fy_DE UTF-8 -# fy_NL UTF-8 -# ga_IE ISO-8859-1 -# ga_IE.UTF-8 UTF-8 -# ga_IE@euro ISO-8859-15 -# gd_GB ISO-8859-15 -# gd_GB.UTF-8 UTF-8 -# gez_ER UTF-8 -# gez_ER@abegede UTF-8 -# gez_ET UTF-8 -# gez_ET@abegede UTF-8 -# gl_ES ISO-8859-1 -# gl_ES.UTF-8 UTF-8 -# gl_ES@euro ISO-8859-15 -# gu_IN UTF-8 -# gv_GB ISO-8859-1 -# gv_GB.UTF-8 UTF-8 -# ha_NG UTF-8 -# hak_TW UTF-8 -# he_IL ISO-8859-8 -# he_IL.UTF-8 UTF-8 -# hi_IN UTF-8 -# hne_IN UTF-8 -# hr_HR ISO-8859-2 -# hr_HR.UTF-8 UTF-8 -# hsb_DE ISO-8859-2 -# hsb_DE.UTF-8 UTF-8 -# ht_HT UTF-8 -# hu_HU ISO-8859-2 -# hu_HU.UTF-8 UTF-8 -# hy_AM UTF-8 -# hy_AM.ARMSCII-8 ARMSCII-8 -# ia_FR UTF-8 -# id_ID ISO-8859-1 -# id_ID.UTF-8 UTF-8 -# ig_NG UTF-8 -# ik_CA UTF-8 -# is_IS ISO-8859-1 -# is_IS.UTF-8 UTF-8 -# it_CH ISO-8859-1 -# it_CH.UTF-8 UTF-8 -# it_IT ISO-8859-1 -# it_IT.UTF-8 UTF-8 -# it_IT@euro ISO-8859-15 -# iu_CA UTF-8 -# ja_JP.EUC-JP EUC-JP -# ja_JP.UTF-8 UTF-8 -# ka_GE GEORGIAN-PS -# ka_GE.UTF-8 UTF-8 -# kk_KZ PT154 -# kk_KZ.RK1048 RK1048 -# kk_KZ.UTF-8 UTF-8 -# kl_GL ISO-8859-1 -# kl_GL.UTF-8 UTF-8 -# km_KH UTF-8 -# kn_IN UTF-8 -# ko_KR.EUC-KR EUC-KR -# ko_KR.UTF-8 UTF-8 -# kok_IN UTF-8 -# ks_IN UTF-8 -# ks_IN@devanagari UTF-8 -# ku_TR ISO-8859-9 -# ku_TR.UTF-8 UTF-8 -# kw_GB ISO-8859-1 -# kw_GB.UTF-8 UTF-8 -# ky_KG UTF-8 -# lb_LU UTF-8 -# lg_UG ISO-8859-10 -# lg_UG.UTF-8 UTF-8 -# li_BE UTF-8 -# li_NL UTF-8 -# lij_IT UTF-8 -# ln_CD UTF-8 -# lo_LA UTF-8 -# lt_LT ISO-8859-13 -# lt_LT.UTF-8 UTF-8 -# lv_LV ISO-8859-13 -# lv_LV.UTF-8 UTF-8 -# lzh_TW UTF-8 -# mag_IN UTF-8 -# mai_IN UTF-8 -# mg_MG ISO-8859-15 -# mg_MG.UTF-8 UTF-8 -# mhr_RU UTF-8 -# mi_NZ ISO-8859-13 -# mi_NZ.UTF-8 UTF-8 -# mk_MK ISO-8859-5 -# mk_MK.UTF-8 UTF-8 -# ml_IN UTF-8 -# mn_MN UTF-8 -# mni_IN UTF-8 -# mr_IN UTF-8 -# ms_MY ISO-8859-1 -# ms_MY.UTF-8 UTF-8 -# mt_MT ISO-8859-3 -# mt_MT.UTF-8 UTF-8 -# my_MM UTF-8 -# nan_TW UTF-8 -# nan_TW@latin UTF-8 -# nb_NO ISO-8859-1 -# nb_NO.UTF-8 UTF-8 -# nds_DE UTF-8 -# nds_NL UTF-8 -# ne_NP UTF-8 -# nhn_MX UTF-8 -# niu_NU UTF-8 -# niu_NZ UTF-8 -# nl_AW UTF-8 -# nl_BE ISO-8859-1 -# nl_BE.UTF-8 UTF-8 -# nl_BE@euro ISO-8859-15 -# nl_NL ISO-8859-1 -# nl_NL.UTF-8 UTF-8 -# nl_NL@euro ISO-8859-15 -# nn_NO ISO-8859-1 -# nn_NO.UTF-8 UTF-8 -# nr_ZA UTF-8 -# nso_ZA UTF-8 -# oc_FR ISO-8859-1 -# oc_FR.UTF-8 UTF-8 -# om_ET UTF-8 -# om_KE ISO-8859-1 -# om_KE.UTF-8 UTF-8 -# or_IN UTF-8 -# os_RU UTF-8 -# pa_IN UTF-8 -# pa_PK UTF-8 -# pap_AW UTF-8 -# pap_CW UTF-8 -# pl_PL ISO-8859-2 -# pl_PL.UTF-8 UTF-8 -# ps_AF UTF-8 -# pt_BR ISO-8859-1 -# pt_BR.UTF-8 UTF-8 -# pt_PT ISO-8859-1 -# pt_PT.UTF-8 UTF-8 -# pt_PT@euro ISO-8859-15 -# quz_PE UTF-8 -# raj_IN UTF-8 -# ro_RO ISO-8859-2 -# ro_RO.UTF-8 UTF-8 -# ru_RU ISO-8859-5 -# ru_RU.CP1251 CP1251 -# ru_RU.KOI8-R KOI8-R -# ru_RU.UTF-8 UTF-8 -# ru_UA KOI8-U -# ru_UA.UTF-8 UTF-8 -# rw_RW UTF-8 -# sa_IN UTF-8 -# sat_IN UTF-8 -# sc_IT UTF-8 -# sd_IN UTF-8 -# sd_IN@devanagari UTF-8 -# se_NO UTF-8 -# sgs_LT UTF-8 -# shs_CA UTF-8 -# si_LK UTF-8 -# sid_ET UTF-8 -# sk_SK ISO-8859-2 -# sk_SK.UTF-8 UTF-8 -# sl_SI ISO-8859-2 -# sl_SI.UTF-8 UTF-8 -# so_DJ ISO-8859-1 -# so_DJ.UTF-8 UTF-8 -# so_ET UTF-8 -# so_KE ISO-8859-1 -# so_KE.UTF-8 UTF-8 -# so_SO ISO-8859-1 -# so_SO.UTF-8 UTF-8 -# sq_AL ISO-8859-1 -# sq_AL.UTF-8 UTF-8 -# sq_MK UTF-8 -# sr_ME UTF-8 -# sr_RS UTF-8 -# sr_RS@latin UTF-8 -# ss_ZA UTF-8 -# st_ZA ISO-8859-1 -# st_ZA.UTF-8 UTF-8 -# sv_FI ISO-8859-1 -# sv_FI.UTF-8 UTF-8 -# sv_FI@euro ISO-8859-15 -# sv_SE ISO-8859-1 -# sv_SE.ISO-8859-15 ISO-8859-15 -# sv_SE.UTF-8 UTF-8 -# sw_KE UTF-8 -# sw_TZ UTF-8 -# szl_PL UTF-8 -# ta_IN UTF-8 -# ta_LK UTF-8 -# tcy_IN.UTF-8 UTF-8 -# te_IN UTF-8 -# tg_TJ KOI8-T -# tg_TJ.UTF-8 UTF-8 -# th_TH TIS-620 -# th_TH.UTF-8 UTF-8 -# the_NP UTF-8 -# ti_ER UTF-8 -# ti_ET UTF-8 -# tig_ER UTF-8 -# tk_TM UTF-8 -# tl_PH ISO-8859-1 -# tl_PH.UTF-8 UTF-8 -# tn_ZA UTF-8 -# tr_CY ISO-8859-9 -# tr_CY.UTF-8 UTF-8 -# tr_TR ISO-8859-9 -# tr_TR.UTF-8 UTF-8 -# ts_ZA UTF-8 -# tt_RU UTF-8 -# tt_RU@iqtelif UTF-8 -# ug_CN UTF-8 -# uk_UA KOI8-U -# uk_UA.UTF-8 UTF-8 -# unm_US UTF-8 -# ur_IN UTF-8 -# ur_PK UTF-8 -# uz_UZ ISO-8859-1 -# uz_UZ.UTF-8 UTF-8 -# uz_UZ@cyrillic UTF-8 -# ve_ZA UTF-8 -# vi_VN UTF-8 -# wa_BE ISO-8859-1 -# wa_BE.UTF-8 UTF-8 -# wa_BE@euro ISO-8859-15 -# wae_CH UTF-8 -# wal_ET UTF-8 -# wo_SN UTF-8 -# xh_ZA ISO-8859-1 -# xh_ZA.UTF-8 UTF-8 -# yi_US CP1255 -# yi_US.UTF-8 UTF-8 -# yo_NG UTF-8 -# yue_HK UTF-8 -# zh_CN GB2312 -# zh_CN.GB18030 GB18030 -# zh_CN.GBK GBK -# zh_CN.UTF-8 UTF-8 -# zh_HK BIG5-HKSCS -# zh_HK.UTF-8 UTF-8 -# zh_SG GB2312 -# zh_SG.GBK GBK -# zh_SG.UTF-8 UTF-8 -# zh_TW BIG5 -# zh_TW.EUC-TW EUC-TW -# zh_TW.UTF-8 UTF-8 -# zu_ZA ISO-8859-1 -# zu_ZA.UTF-8 UTF-8 diff --git a/_bookworm/etc_files/all/etc/timezone b/_bookworm/etc_files/all/etc/timezone deleted file mode 100644 index 94d5acc..0000000 --- a/_bookworm/etc_files/all/etc/timezone +++ /dev/null @@ -1 +0,0 @@ -Europe/Berlin diff --git a/_bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service b/_bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service deleted file mode 100644 index babfd36..0000000 --- a/_bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=rtorrent session -After=network.target - -[Service] -Type=simple -User=plom -Group=plom -WorkingDirectory=/home/plom -ExecStartPre=-/bin/rm -f /home/plom/session/rtorrent.lock -ExecStart=/usr/bin/screen -S rtorrent -Dm /usr/bin/rtorrent -ExecStop=/usr/bin/screen -S rtorrent -X quit -Restart=on-failure -RestartSec=3 - -[Install] -WantedBy=multi-user.target diff --git a/_bookworm/etc_files/server/etc/ssh/sshd_config b/_bookworm/etc_files/server/etc/ssh/sshd_config deleted file mode 100644 index e952cb3..0000000 --- a/_bookworm/etc_files/server/etc/ssh/sshd_config +++ /dev/null @@ -1,123 +0,0 @@ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/bin:/usr/games - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options override the -# default value. - -Include /etc/ssh/sshd_config.d/*.conf - -#Port 22 -#AddressFamily any -#ListenAddress 0.0.0.0 -#ListenAddress :: - -#HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_ecdsa_key -#HostKey /etc/ssh/ssh_host_ed25519_key - -# Ciphers and keying -#RekeyLimit default none - -# Logging -#SyslogFacility AUTH -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -#PermitRootLogin prohibit-password -PermitRootLogin no # plomlompom's security rule -#StrictModes yes -#MaxAuthTries 6 -#MaxSessions 10 - -#PubkeyAuthentication yes - -# Expect .ssh/authorized_keys2 to be disregarded by default in future. -#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 - -#AuthorizedPrincipalsFile none - -#AuthorizedKeysCommand none -#AuthorizedKeysCommandUser nobody - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -PasswordAuthentication no -#PermitEmptyPasswords no - -# Change to yes to enable challenge-response passwords (beware issues with -# some PAM modules and threads) -KbdInteractiveAuthentication no - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes -#GSSAPIStrictAcceptorCheck yes -#GSSAPIKeyExchange no - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the KbdInteractiveAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via KbdInteractiveAuthentication may bypass -# the setting of "PermitRootLogin prohibit-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and KbdInteractiveAuthentication to 'no'. -UsePAM yes - -#AllowAgentForwarding yes -#AllowTcpForwarding yes -#GatewayPorts no -X11Forwarding yes -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PermitTTY yes -PrintMotd no -#PrintLastLog yes -#TCPKeepAlive yes -#PermitUserEnvironment no -#Compression delayed -ClientAliveInterval 15 -#ClientAliveCountMax 3 -#UseDNS no -#PidFile /run/sshd.pid -#MaxStartups 10:30:100 -#PermitTunnel no -#ChrootDirectory none -#VersionAddendum none - -# no default banner path -#Banner none - -# Allow client to pass locale environment variables -AcceptEnv LANG LC_* - -# override default of no subsystems -Subsystem sftp /usr/lib/openssh/sftp-server - -# Example of overriding settings on a per-user basis -#Match User anoncvs -# X11Forwarding no -# AllowTcpForwarding no -# PermitTTY no -# ForceCommand cvs server diff --git a/_bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx b/_bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx deleted file mode 100644 index 99c19d2..0000000 --- a/_bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx +++ /dev/null @@ -1,16 +0,0 @@ -server { - listen 443 ssl; - server_name REPLACE_fqdn_ECALPER; - ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem; - root /var/www/status.plomlompom.com/; - - location = / { - return 301 /users/plomlompom.html; - } - - # re-direct to .html endings - location ~ ^/(notice|users)/([^\.]*)/?$ { - rewrite ^/(notice|users)/([^\./]*)/?$ /$1/$2.html permanent; - } -} diff --git a/_bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx b/_bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx deleted file mode 100644 index 57b084a..0000000 --- a/_bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx +++ /dev/null @@ -1,12 +0,0 @@ -server { - listen 443 ssl; - server_name REPLACE_fqdn_ECALPER; - ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem; - root /var/www/tube.plomlompom.com/; - - # re-direct to .html endings - location ~ ^/videos/watch/([^\.]*)/?$ { - rewrite ^/videos/watch/([^\./]*)/?$ /videos/watch/$1.html permanent; - } -} diff --git a/_bookworm/etc_files/w530/etc/default/grub b/_bookworm/etc_files/w530/etc/default/grub deleted file mode 100644 index ff1b598..0000000 --- a/_bookworm/etc_files/w530/etc/default/grub +++ /dev/null @@ -1,32 +0,0 @@ -# If you change this file, run 'update-grub' afterwards to update -# /boot/grub/grub.cfg. -# For full documentation of the options in this file, see: -# info -f grub -n 'Simple configuration' - -GRUB_DEFAULT=0 -GRUB_TIMEOUT=5 -GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` -GRUB_CMDLINE_LINUX_DEFAULT="quiet nvidia.NVreg_OpenRmEnableUnsupportedGpus=1" -GRUB_CMDLINE_LINUX="" - -# Uncomment to enable BadRAM filtering, modify to suit your needs -# This works with Linux (no patch required) and with any kernel that obtains -# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) -#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" - -# Uncomment to disable graphical terminal (grub-pc only) -#GRUB_TERMINAL=console - -# The resolution used on graphical terminal -# note that you can use only modes which your graphic card supports via VBE -# you can see them in real GRUB with the command `vbeinfo' -#GRUB_GFXMODE=640x480 - -# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux -#GRUB_DISABLE_LINUX_UUID=true - -# Uncomment to disable generation of recovery mode menu entries -#GRUB_DISABLE_RECOVERY="true" - -# Uncomment to get a beep at grub start -#GRUB_INIT_TUNE="480 440 1" diff --git a/_bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf b/_bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf deleted file mode 100644 index 9699336..0000000 --- a/_bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf +++ /dev/null @@ -1,3 +0,0 @@ -blacklist nouveau -options nouveau modeset=0 - diff --git a/_bookworm/etc_files/web/etc/nftables.conf b/_bookworm/etc_files/web/etc/nftables.conf deleted file mode 100755 index ec6732a..0000000 --- a/_bookworm/etc_files/web/etc/nftables.conf +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/sbin/nft -f - -flush ruleset - -table inet filter { - chain input { - type filter hook input priority 0; policy drop; - iif lo accept comment "accept localhost traffic" - ct state invalid drop comment "drop invalid connections" - ct state established, related accept comment "accept traffic originated from us" - tcp dport 22 accept comment "accept SSH on default port" - tcp dport 80 accept comment "accept HTTP on default port" - tcp dport 443 accept comment "accept HTTPS on default port" - ip protocol icmp icmp type echo-request accept comment "accept ICMP for pinging" - } - chain forward { - type filter hook forward priority 0; policy drop; - } - chain output { - type filter hook output priority 0; policy accept; - } -} diff --git a/_bookworm/etc_files/web/etc/nginx/nginx.conf b/_bookworm/etc_files/web/etc/nginx/nginx.conf deleted file mode 100644 index 8320425..0000000 --- a/_bookworm/etc_files/web/etc/nginx/nginx.conf +++ /dev/null @@ -1,38 +0,0 @@ -# system integration -user www-data; -worker_processes auto; -pid /run/nginx.pid; -include /etc/nginx/modules-enabled/*.conf; - -# is expected even if empty -events { -} - -http { - # define content-type headers - include /etc/nginx/mime.types; - charset utf-8; - - # Some standard optimizations, i.e. Debian default. Explained in - # - # Not that I understand it all … - sendfile on; - tcp_nopush on; - tcp_nodelay on; - - # logging deactivated due to GDPR - #access_log /var/log/nginx/access.log; - #error_log /var/log/nginx/error.log; - access_log off; - error_log off; - - # virtual hosts: sites-enabled is the Debian way, conf.d the NGINX default - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-enabled/*; - - # Redirect all HTTP requests to HTTPS. - server { - listen 80; - return 301 https://$host$request_uri; - } -} diff --git a/_bookworm/home_files/h610m/.xinitrc_bonus b/_bookworm/home_files/h610m/.xinitrc_bonus deleted file mode 100644 index 1eaa7e8..0000000 --- a/_bookworm/home_files/h610m/.xinitrc_bonus +++ /dev/null @@ -1,2 +0,0 @@ -# Don't blank screen, as this will confuse the HDMI switch setup / lead to unrecoverable X sessions. -xset s noblank diff --git a/_bookworm/home_files/minimal/.bashrc b/_bookworm/home_files/minimal/.bashrc deleted file mode 100644 index 5c1d6b2..0000000 --- a/_bookworm/home_files/minimal/.bashrc +++ /dev/null @@ -1,30 +0,0 @@ -# Settings for interactive shells. - -# Fancy colors for ls. -alias ls="ls --color=auto" - -# Other helpful aliases -alias sshauth='eval $(ssh-agent) && ssh-add' -# alias xrandrbig='xrandr --output LVDS-1 --off' - -# Use vim as default editor for anything. -export VISUAL=vim -export EDITOR=$VISUAL - -# Colored prompt with username, hostname, date/time, directory. -colornumber=7 # Default to white if no color set via colornumber dotfile. -colornumber_file=~/.shell_prompt_color -if [ -f $colornumber_file ]; then - colornumber=`cat $colornumber_file` -fi -tput_color="$(tput setaf $colornumber)$(tput bold)" -tput_reset="$(tput sgr0)" -# Bash confuses the line length when not told to not count escape sequences. -if [ ! "$BASH" = "" ]; then - tput_color="\[$tput_color\]" - tput_reset="\[$tput_reset\]" -fi -PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset" -PS2="${tput_color}> $tput_reset" -PS3="${tput_color}select: $tput_reset" -PS4="${tput_color}+ $tput_reset" diff --git a/_bookworm/home_files/root/.shell_prompt_color b/_bookworm/home_files/root/.shell_prompt_color deleted file mode 100644 index d00491f..0000000 --- a/_bookworm/home_files/root/.shell_prompt_color +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/_bookworm/home_files/seedbox/.rtorrent.rc b/_bookworm/home_files/seedbox/.rtorrent.rc deleted file mode 100644 index 2513748..0000000 --- a/_bookworm/home_files/seedbox/.rtorrent.rc +++ /dev/null @@ -1,11 +0,0 @@ -# where to write downloads into -directory.default.set = ~/downloads - -# rtorrent's memory -session.path.set = ~/session - -# security and paranoia -dht.mode.set = disable -protocol.pex.set = no -protocol.encryption.set = require,require_RC4,allow_incoming,try_outgoing - diff --git a/_bookworm/home_files/user/.Xresources b/_bookworm/home_files/user/.Xresources deleted file mode 100644 index 45b10af..0000000 --- a/_bookworm/home_files/user/.Xresources +++ /dev/null @@ -1,56 +0,0 @@ -! otherwise various applications will assume merely 8 colors -XTerm.termName: xterm-256color - -! font -! actually, "mono" is already the default for faceName (it will -! pick whatever fc-match mono delivers), but we need to set _some_ -! faceName to trigger XTerm activating TrueType fonts -! (XTerm*fontRender by itself won't do the trick), and we want -! TrueType fonts because, well, they scale better, and XTerm lets them -! fall back on alternatives (hi there ttf-unifont) when a Unicode -! glyph is not found -XTerm*faceName: mono - -! white on black -XTerm*reverseVideo: on - -! blink screen instead of sound -XTerm*visualBell: on - -! proper ALT as META key treatment -XTerm*eightBitInput: false - -! font sizes -XTerm*faceSize: 8 -XTerm*faceSize1: 4 -XTerm*faceSize2: 5 -XTerm*faceSize3: 6 -XTerm*faceSize4: 8 -XTerm*faceSize5: 14 -XTerm*faceSize6: 25 - -! colors -! black -XTerm*color0: #202020 -XTerm*color8: #3F3F3F -! red -XTerm*color1: #A82020 -XTerm*color9: #E82020 -! green -XTerm*color2: #20A820 -XTerm*color10: #20E820 -! yellow -XTerm*color3: #A8A820 -XTerm*color11: #E8E820 -! blue -XTerm*color4: #3F3FFF -XTerm*color12: #9F9FFF -! magenta -XTerm*color5: #A83FFF -XTerm*color13: #E89FFF -! cyan -XTerm*color6: #3FA8FF -XTerm*color14: #9FE8FF -! white -XTerm*color7: #A8A8A8 -XTerm*color15: #E8E8E8 diff --git a/_bookworm/home_files/user/.borgrepos b/_bookworm/home_files/user/.borgrepos deleted file mode 100644 index c40eee3..0000000 --- a/_bookworm/home_files/user/.borgrepos +++ /dev/null @@ -1,4 +0,0 @@ -plom@plomlompom.com -plom@mail.plomlompom.com -plom@play.plomlompom.com -# file read ends at last newline diff --git a/_bookworm/home_files/user/.config/i3/config b/_bookworm/home_files/user/.config/i3/config deleted file mode 100644 index 7e4af34..0000000 --- a/_bookworm/home_files/user/.config/i3/config +++ /dev/null @@ -1,86 +0,0 @@ -# plomlompom's i3-wm configuration - -# Font for i3 text -font pango:Terminus 8px - -# Force "tabbed" as default layout for new windows. -workspace_layout tabbed - -# Make the Windows key the modifier key for all i3-wm actions. -set $mod Mod4 -floating_modifier $mod - -# Launch xterm. -bindsym $mod+Return exec xterm - -# Launch programs via dmenu. -bindsym $mod+d exec dmenu_run -bindsym $mod+x exec dmenu_run - -# Kill window. -bindsym $mod+Shift+Q kill - -# Move focus between windows. -bindsym $mod+Left focus left -bindsym $mod+Down focus down -bindsym $mod+Up focus up -bindsym $mod+Right focus right - -# Don't move focus with mouse. -focus_follows_mouse no - -# Move windows. -bindsym $mod+Shift+Left move left -bindsym $mod+Shift+Down move down -bindsym $mod+Shift+Up move up -bindsym $mod+Shift+Right move right - -# Resize windows -bindsym $mod+h resize shrink width 1 px or 1 ppt -bindsym $mod+l resize grow width 1 px or 1 ppt -bindsym $mod+j resize shrink height -bindsym $mod+k resize grow height - -# Toggle fullscreen for focused window. -bindsym $mod+f fullscreen - -# Toggle floating of window, focus on floating or tabbed windows. -bindsym $mod+Shift+space floating toggle -bindsym $mod+space focus mode_toggle - -# Switch to workspace x. -bindsym $mod+1 workspace 1 -bindsym $mod+2 workspace 2 -bindsym $mod+3 workspace 3 -bindsym $mod+4 workspace 4 -bindsym $mod+5 workspace 5 -bindsym $mod+6 workspace 6 -bindsym $mod+7 workspace 7 -bindsym $mod+8 workspace 8 -bindsym $mod+9 workspace 9 -bindsym $mod+0 workspace 10 - -# Move window to workspace x. -bindsym $mod+Shift+exclam move workspace 1 -bindsym $mod+Shift+quotedbl move workspace 2 -bindsym $mod+Shift+section move workspace 3 -bindsym $mod+Shift+dollar move workspace 4 -bindsym $mod+Shift+percent move workspace 5 -bindsym $mod+Shift+ampersand move workspace 6 -bindsym $mod+Shift+slash move workspace 7 -bindsym $mod+Shift+parenleft move workspace 8 -bindsym $mod+Shift+parenright move workspace 9 -bindsym $mod+Shift+equal move workspace 10 - -# Reload i3 config file, restart (keeping sesion) i3, exit i3. -bindsym $mod+Shift+C reload -bindsym $mod+Shift+R restart -bindsym $mod+Shift+P exit - -# Select "i3status" as i3 status bar, hide systray icons. -bar { - tray_output none - status_command i3status -} - -include ~/.config/i3/config_bonus diff --git a/_bookworm/home_files/user/.config/i3status/config b/_bookworm/home_files/user/.config/i3status/config deleted file mode 100644 index b9fb15f..0000000 --- a/_bookworm/home_files/user/.config/i3status/config +++ /dev/null @@ -1,82 +0,0 @@ -# plomlompom's i3 status bar configuration - -# Activate colors; set update interval of one second. -general { - colors = true - interval = 1 -} - -# Selection / order of status elements. -order += "disk /" -order += "disk /home/" -order += "wireless wlp3s0" -order += "ethernet enp0s25" -order += "battery 0" -order += "cpu_usage" -order += "load" -order += "cpu_temperature 0" -order += "time" -order += "volume master" - -# How much space is left in / ? -disk "/" { - format = "/: %avail available of %total" - separator_block_width = 25 -} - -# How much space is left in /home ? -disk "/home/" { - format = "/home: %avail available of %total" - separator_block_width = 25 -} - -# WLAN status: show IP and connection quality or "down". -wireless wlp3s0 { - format_up = "w: (%quality at %essid) %ip" - format_down = "w: down" - separator_block_width = 10 -} - -# Ethernet status: show IP or "down". -ethernet enp0s25 { - format_up = "e: %ip" - format_down = "e: down" - separator_block_width = 25 -} - -# Battery status: show FULL/CHARGING/BATTERY, storage, time left. -battery 0 { - format = "b: %status %percentage %remaining" - separator_block_width = 25 -} - -# Show CPU usage. -cpu_usage { - format = "cpu: %usage" - separator_block_width = 10 -} - -# Show system load during last 1/5/15 minutes. -load { - format = "%1min %5min %15min" - separator_block_width = 25 -} - -# Show CPU temperature in degrees of celsius. -cpu_temperature 0 { - format = "%degrees °C" - separator_block_width = 25 -} - -# Show date/time/timezone as "year-month-day hour:minute:second -# timezone_numeric/timezone_alphabetic". -time { - format = "%Y-%m-%d %H:%M:%S %z/%Z" - separator_block_width = 25 -} - -volume master { - format = "♪: %volume" - format_muted = "♪: muted (%volume)" - separator_block_width = 25 -} diff --git a/_bookworm/home_files/user/.emacs.d/init.el b/_bookworm/home_files/user/.emacs.d/init.el deleted file mode 100644 index 3868a75..0000000 --- a/_bookworm/home_files/user/.emacs.d/init.el +++ /dev/null @@ -1,323 +0,0 @@ -;; general layout -;; ============== - -;; need no stinkin emacs help screen as start up, and no menu bar -(setq inhibit-startup-screen t) -(menu-bar-mode -1) - -;; highlight cursor line, parentheses -(global-hl-line-mode 1) -(show-paren-mode 1) - -;; show line numbers, use separator space -(global-linum-mode) -(setq linum-format "%d ") - -;; count cursor column, row in mode line -(setq column-number-mode t) - -;; settings to make GUI tolerable -(if window-system - (progn - (add-to-list 'default-frame-alist '(foreground-color . "white")) - (add-to-list 'default-frame-alist '(background-color . "black")) - (set-face-attribute 'default nil :height 80) - (scroll-bar-mode -1) - (setq visible-bell t) - (setq linum-format "%d"))) - -;; use as default browser what XDG offers -(setq-default browse-url-browser-function 'browse-url-xdg-open) - - - -;; general keybindings -;; =================== - -;; create and use a minimal global map using just the self-insert command -;; bindings and a selection of some to me very common keystrokes -(setq minimal-map (make-sparse-keymap)) -(substitute-key-definition 'self-insert-command 'self-insert-command - minimal-map global-map) -(use-global-map minimal-map) -(global-set-key (kbd "DEL") 'backward-delete-char-untabify) -(global-set-key (kbd "RET") 'newline) -(global-set-key (kbd "TAB") 'indent-for-tab-command) -(global-set-key (kbd "") 'previous-line) -(global-set-key (kbd "") 'next-line) -(global-set-key (kbd "") 'left-char) -(global-set-key (kbd "") 'right-char) -(global-set-key (kbd "") 'scroll-down-command) -(global-set-key (kbd "") 'scroll-up-command) -(global-set-key (kbd "M-x") 'execute-extended-command) -(global-set-key (kbd "C-g") 'keyboard-quit) -;(global-set-key (kbd "") 'kmacro-start-macro-or-insert-counter) -;(global-set-key (kbd "") 'kmacro-end-or-call-macro) -;; note how to switch back to the original map: (use-global-map global-map) -(setq shr-map (make-sparse-keymap)) ; got annoying in elfeed-show on URLs - - - -;; minibuffer -;; ========== - -;; incremental minibuffer completion -(icomplete-mode 1) - - - -;; text editing -;; ============ - -;; tabs are evil -(setq-default indent-tabs-mode nil) -(setq-default tab-width 4) -(setq indent-line-function 'insert-tab) - -;; show trailing whitespace -(setq-default show-trailing-whitespace 1) - -;; on save, ask whether to ensure text file's last line ends in a -;; newline character -(setq require-final-newline 1) - -;; use dedicated directory for version-controlled, endless backups; -;; never delete old versions -(setq make-backup-files t - backup-directory-alist `(("." . "~/.emacs_backups")) - backup-by-copying t - version-control t - delete-old-versions 1) ;; neither t nor nil: never delete - - -;; package management -;; ================== - -;; where we get packages from -(setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/") - ("melpa-unstable" . "https://melpa.org/packages/") - ("melpa-stable" . "https://stable.melpa.org/packages/"))) - -;; ensure certain packages are installed (actually, we use Debian repos here) -;; credit to -;(setq package-list '(elfeed ledger-mode)) -;(package-initialize) -;(dolist (package package-list) -; (unless (package-installed-p package) -; (package-install package))) - - - -;;; window management -;;; ================= -; -;;; track window configurations to allow window config undo -;(winner-mode 1) - - - -;; mail setup -;; ========== - -(setq send-mail-function 'smtpmail-send-it) -(setq smtpmail-smtp-server "mail.plomlompom.com") -(setq smtpmail-smtp-service 465) -(setq smtpmail-stream-type 'ssl) -(setq smtpmail-smtp-user "plom") -(setq mml-secure-openpgp-encrypt-to-self t) -(add-hook 'message-setup-hook 'mml-secure-sign-pgpmime) - -;(setq gnutls-log-level 0) - -;; if we don't set this, we get this warning: -;; gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange -;; has been lowered to 256 bits and this may allow decryption of the session data -(setq gnutls-min-prime-bits 1024) - -;; there is a WEIRD bug somewhere in /network-stream-open-tls/ that disappears the -;; stream process, seemingly unless the /message/ function is called at the right -;; place (earliest in /nsm-verify-connection/ right before the "cond" there, latest -;; in /network-stream-get-response/ right after "(goto-char start)"; this works -;; unless /inhibit_message/ is set, indicating that writing to the *Messages* -;; buffer is not relevant, but maybe writing to the echo area is); activing the -;; gnutls logging is just a hack to achieve such calls to /message/ in the -;; /network-stream-open-tls/ flow. -(setq gnutls-log-level 1) ; miraculously makes smtpmail work - -;; constructs From: domain if mail composer directly called (from without -;; notmuch), but we don't actually intend to do that -;(setq mail-host-address "plomlompom.com") - -;; otherwise notmuch becomes extremely slow in some cases -(setq-default notmuch-show-indent-content nil) - -;; this only works if we use notmuch-mua-send instead of message-send -(setq notmuch-fcc-dirs '(("plom@plomlompom.com" . "maildir/Sent"))) - -;; this gets rid of "i-did-not-set--mail-host-address--so-tickle-me" -;; in the message ID -(setq mail-host-address "plomlompom.com") - -;; notmuch saved searches -(setq notmuch-saved-searches - '((:name "inbox" :query "tag:unread and folder:inbox") - (:name "all" :query "tag:unread not folder:maildir/Trash") - (:name "plomlompom.de" :query "tag:unread and folder:maildir/plomlompom.de") - (:name "nebenan" :query "tag:unread and folder:maildir/nebenan") - (:name "reflect-info" :query "tag:unread and folder:maildir/reflect-info") - (:name "gmail" :query "tag:unread and folder:maildir/gmail.com") - (:name "mutter" :query "tag:unread and folder:maildir/mutter"))) - - - -;; org mode -;; ======== - -;; unsure why, but to re-set the key map, we not only have to explicitely do it -;; only after org-mode loading, but also have to explicitely overwrite the -;; C-c keybinding; TODO: investigate -(with-eval-after-load 'org - (setq org-mode-map (make-sparse-keymap)) - (define-key org-mode-map (kbd "C-c") nil) - (define-key org-mode-map (kbd "TAB") 'org-cycle) - (define-key org-mode-map (kbd "") 'org-shifttab)) - -;; don't truncate lines by default -(setq org-startup-truncated nil) - -;; basic org-capture config -(setq org-capture-templates - '(("x" "test" plain (file "~/org/notes.org") "%T: %?"))) -(add-hook 'org-capture-mode-hook 'evil-insert-state) - -;; agenda view on startup -(load-library "find-lisp") -(setq org-agenda-files (find-lisp-find-files "~/org" "\.org$")) -(setq org-agenda-span 90) -(setq org-agenda-use-time-grid nil) -(add-hook 'emacs-startup-hook (lambda () - (org-agenda-list) - (switch-to-buffer "*Org Agenda*") - (other-window 1))) - -;;; for calendar, use ISO date style -;(setq calendar-date-style 'iso) -;(setq diary-number-of-entries 7) -;(diary) -;(setq org-agenda-time-grid '((today require-timed remove-match) -; #("----------------" 0 16 (org-heading t)) -; (0 200 400 600 800 1000 1200 -; 1400 1600 1800 2000 2200))) - -;; empty org-agenda-mode keybindings -(add-hook 'org-agenda-mode-hook - (lambda () - (setq org-agenda-mode-map (make-sparse-keymap)))) -(add-hook 'org-agenda-mode-hook - (lambda () - (use-local-map (make-sparse-keymap)))) - -;; org-publish-all -(setq org-publish-project-alist - '( - ("website" - :base-directory "~/org/web/" - :base-extension "org" - :publishing-directory "~/html/" - :recursive t - :publishing-function org-html-publish-to-html - :headline-levels 4 ; Just the default for this project. - :auto-preamble t - ))) - -;; use [ki:] syntax to hide stuff from exports -(defun classify-information (text backend info) - "Replaces '[ki:WHATEVER]' with '[klassifizierte Information]'." - (replace-regexp-in-string "\\[ki:[^\]]*\]" "[klassifizierte Information]" text)) -(add-hook 'org-export-filter-plain-text-functions 'classify-information) - -;; add HTML validator link to exports -(setq org-html-validation-link "Validate") - - - -;;; Info mode -;;; ========= - -(setq Info-mode-map (make-sparse-keymap)) -(define-key Info-mode-map (kbd "RET") 'Info-follow-nearest-node) -(define-key Info-mode-map (kbd "u") 'Info-up) -(define-key Info-mode-map (kbd "TAB") 'Info-next-reference) -(define-key Info-mode-map (kbd "") 'Info-prev-reference) -(define-key Info-mode-map (kbd "H") 'Info-history-back) -(define-key Info-mode-map (kbd "L") 'Info-history-forward) -(define-key Info-mode-map (kbd "I") 'Info-goto-node) -(define-key Info-mode-map (kbd "i") 'Info-index) - - - -;; help mode -;; ========= - -(setq help-mode-map (make-sparse-keymap)) -(define-key help-mode-map (kbd "TAB") 'forward-button) -(define-key help-mode-map (kbd "RET") 'help-follow) -(define-key help-mode-map (kbd "") 'backward-button) - - - -; ;; elfeed -; ;; ====== -; -; (require 'elfeed) ; needed so we can set the font faces -; (set-face-background 'elfeed-search-title-face "magenta") -; (set-face-background 'elfeed-search-unread-count-face "magenta") -; (setq elfeed-feeds -; '("https://capsurvival.blogspot.com/feeds/posts/default" -; "https://jungle.world/rss.xml" -; "http://news.dieweltistgarnichtso.net/bin/index.xml" -; "https://taz.de/!s=&ExportStatus=Intern&SuchRahmen=Online;rss/" -; "http://www.tagesschau.de/xml/atom")) -; (setq elfeed-search-mode-map (make-sparse-keymap)) -; (define-key elfeed-search-mode-map (kbd "RET") 'elfeed-search-show-entry) -; (defun elfeed-search-mark-as-read() (interactive) -; (elfeed-search-untag-all 'unread)) -; (define-key elfeed-search-mode-map (kbd "r") 'elfeed-search-mark-as-read) -; (define-key elfeed-search-mode-map (kbd "R") 'elfeed-search-tag-all-unread) -; (define-key elfeed-search-mode-map (kbd "f") 'elfeed-search-live-filter) -; (define-key elfeed-search-mode-map (kbd "u") 'elfeed-update) -; (setq elfeed-show-mode-map (make-sparse-keymap)) -; (define-key elfeed-show-mode-map (kbd "u") 'elfeed) -; (define-key elfeed-show-mode-map (kbd "TAB") 'shr-next-link) -; (define-key elfeed-show-mode-map (kbd "") 'shr-previous-link) -; (define-key elfeed-show-mode-map (kbd "a") 'elfeed-show-prev) -; (define-key elfeed-show-mode-map (kbd "d") 'elfeed-show-next) -; (define-key elfeed-show-mode-map (kbd "y") 'shr-copy-url) -; (define-key elfeed-show-mode-map (kbd "RET") 'shr-browse-url) -; -; -; -; ;; eww -; ;; === -; -; (setq eww-mode-map (make-sparse-keymap)) -; (define-key eww-mode-map (kbd "TAB") 'shr-next-link) -; (define-key eww-mode-map (kbd "") 'shr-previous-link) -; (define-key eww-mode-map (kbd "H") 'eww-back-url) -; (define-key eww-mode-map (kbd "L") 'eww-forward-url) - - - -;; ledger -;; ====== -(setq ledger-mode-map (make-sparse-keymap)) -(define-key ledger-mode-map (kbd "TAB") 'completion-at-point) - - - -;;; plomvi mode -;;; =========== - -(defvar plomvi-return-combo (kbd "C-c")) -(load "~/public_repos/plomvi.el/plomvi.el") -(plomvi-global-mode 1) diff --git a/_bookworm/home_files/user/.gitconfig b/_bookworm/home_files/user/.gitconfig deleted file mode 100644 index 8967d25..0000000 --- a/_bookworm/home_files/user/.gitconfig +++ /dev/null @@ -1,3 +0,0 @@ -[user] - email = c.heller@plomlompom.de - name = Christian Heller diff --git a/_bookworm/home_files/user/.mbsyncrc b/_bookworm/home_files/user/.mbsyncrc deleted file mode 100644 index 59d01a9..0000000 --- a/_bookworm/home_files/user/.mbsyncrc +++ /dev/null @@ -1,28 +0,0 @@ -IMAPAccount plom -# Address to connect to -Host mail.plomlompom.com -User plom -# For some reason, mbsync doesn't accept a PassCmd output beyond 79 chars, -# therefore the pw in ~/.authinfo should not be longer than that. -PassCmd "cat ~/.authinfo | cut -d' ' -f8-" -SSLType IMAPS -AuthMechs LOGIN - -IMAPStore core-remote -Account plom - -MaildirStore core-local -# The trailing "/" is important -Path ~/mail/maildir/ -Inbox ~/mail/inbox/ - -Channel core -Far :core-remote: -Near :core-local: -Patterns * -# Automatically create missing mailboxes, both locally and on the server -Create Both -# Save the synchronization state files in the relevant directory -SyncState * -# If a mail is marked T ("Trashed") or deleted, remove it for real everywhere -Expunge Both diff --git a/_bookworm/home_files/user/.notmuch-config b/_bookworm/home_files/user/.notmuch-config deleted file mode 100644 index 9532761..0000000 --- a/_bookworm/home_files/user/.notmuch-config +++ /dev/null @@ -1,9 +0,0 @@ -[database] -path=/home/plom/mail -[search] -exclude_tags=deleted;spam; -# the fields below set the From: if the mail composer is called from -# within notmuch -[user] -name=Christian Heller -primary_email=plom@plomlompom.com diff --git a/_bookworm/home_files/user/.shell_prompt_color b/_bookworm/home_files/user/.shell_prompt_color deleted file mode 100644 index 0cfbf08..0000000 --- a/_bookworm/home_files/user/.shell_prompt_color +++ /dev/null @@ -1 +0,0 @@ -2 diff --git a/_bookworm/home_files/user/.tridactylrc b/_bookworm/home_files/user/.tridactylrc deleted file mode 100644 index 8da0831..0000000 --- a/_bookworm/home_files/user/.tridactylrc +++ /dev/null @@ -1,18 +0,0 @@ -# sanitize tridactyllocal tridactylsync -# guiset tabs always -# guiset hoverlink left -# guiset statuspanel right -autocmd DocStart www.reddit.com urlmodify -t www.reddit old.reddit -# bind ö fillcmdline find -# bind n findnext 1 -# bind N findnext -1 -bind j scrollline 3 -bind k scrollline -3 -set hintuppercase false -set searchengine duckduckgo -set theme midnight -set searchurls.wiktionary https://en.wiktionary.org/w/index.php?search= -set searchurls.dictcc https://www.dict.cc/?s= -set hintchars 123456qwertasdfgyxcvb -guiset gui none -escapehatch diff --git a/_bookworm/home_files/user/.xinitrc b/_bookworm/home_files/user/.xinitrc deleted file mode 100644 index e1cbd6a..0000000 --- a/_bookworm/home_files/user/.xinitrc +++ /dev/null @@ -1,19 +0,0 @@ -# X init configuration - -# Set keymap. -setxkbmap de - -# Map CapsLock to Compose key. -xmodmap -e "clear Lock" -xmodmap -e "keycode 66 = Multi_key" - -# Load xterm settings -xrdb -merge ~/.Xresources - -# Redshift to Berlin, Germany. -redshift -rl 53:13 & - -sh .xinitrc_bonus - -# Launch window manager. -i3 diff --git a/_bookworm/home_files/user/mail_sync.sh b/_bookworm/home_files/user/mail_sync.sh deleted file mode 100755 index ffe6b4a..0000000 --- a/_bookworm/home_files/user/mail_sync.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/sh -set -e - -basedir="/home/plom/mail/maildir/" -# Ensure directories exist for all "dir:*" tags. -for tag in $(notmuch search --output=tags '*'); do - if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then - continue - fi - target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/" - if [ ! -d "${target_dir}" ]; then - echo "Directory ${target_dir} does not exist." - exit 1 - fi -done - -# Ensure all "dir:*"-tagged mails are in proper directories, -# remove all "dir:*" tags. -for tag in $(notmuch search --output=tags '*'); do - if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then - continue - fi - target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/" - for f in $(notmuch search --output=files tag:"${tag}"); do - new_name=$(basename "${f}" | sed -e 's/,U=[0-9]*//') - target_path="${target_dir}${new_name}" - if [ ! "${target_path}" = "${f}" ]; then - echo "Moving ${f} to ${target_path}." - mv "${f}" "${target_path}" - # NOTE: if we encounter an error here of ${f} not being findable, run "notmuch reindex tag:${tag}" to fix - fi - done - notmuch tag -"${tag}" tag:"${tag}" -done - -# Remove all "deleted"-tagged files from maildirs. -notmuch search --output=files tag:deleted | while read f; do - echo "Deleting ${f}" - rm "${f}" -done - -# Sync changes back to server and update notmuch index. -mbsync -a -notmuch new diff --git a/_bookworm/home_files/user/public_repos/repos b/_bookworm/home_files/user/public_repos/repos deleted file mode 100644 index 2414eec..0000000 --- a/_bookworm/home_files/user/public_repos/repos +++ /dev/null @@ -1,8 +0,0 @@ -# List of repos we want cloned in ~/public_repos -config -pingmail.git -plomlombot-irc.git -plomrogue -plomrogue2-experiments -plomvi.el -misc diff --git a/_bookworm/home_files/w530/.config/i3/config_bonus b/_bookworm/home_files/w530/.config/i3/config_bonus deleted file mode 100644 index 50af63e..0000000 --- a/_bookworm/home_files/w530/.config/i3/config_bonus +++ /dev/null @@ -1,14 +0,0 @@ -# put main workspaces on big monitor -workspace 1 output LVDS-1 -workspace 2 output HDMI-1-0 -workspace 3 output HDMI-1-0 -workspace 4 output HDMI-1-0 -workspace 5 output HDMI-1-0 -workspace 6 output HDMI-1-0 -workspace 7 output HDMI-1-0 -workspace 8 output HDMI-1-0 -workspace 9 output HDMI-1-0 -workspace 10 output HDMI-1-0 - -# default to big monitor's first workspace -# exec "i3-msg 'workspace 1'" diff --git a/_bookworm/home_files/w530/.xinitrc_bonus b/_bookworm/home_files/w530/.xinitrc_bonus deleted file mode 100644 index b3a221f..0000000 --- a/_bookworm/home_files/w530/.xinitrc_bonus +++ /dev/null @@ -1,2 +0,0 @@ -# The extreme --pos disconnects the cursor movement spaces, so mouse stays inside selected screen. -xrandr --output LVDS-1 --mode 1368x768 --output HDMI-1-0 --auto --pos 2000x2000 diff --git a/_bookworm/setup_scripts/_setup.sh b/_bookworm/setup_scripts/_setup.sh deleted file mode 100755 index 5f4bfda..0000000 --- a/_bookworm/setup_scripts/_setup.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/sh -set -e -. ./misc.sh -. ../../misc.sh - -expect_n_args 2 "(hostname, FQDN)" "$@" -hostname="$1" -fqdn="$2" -shift 2 - -cd "${setup_scripts_dir}" - -# Adapt /etc/ to our needs by copying from ./etc_files. This will set -# basic configurations affecting following steps, such as setup of APT -# and the locale selection, so needs to be right at the beginning. -./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" all "$@" - -# Set hostname and FQDN. -./set_hostname_and_fqdn.sh "${hostname}" "${fqdn}" - -# Ensure package installation state as defined by what packages are -# defined as required by Debian policy and by settings in ./apt-mark/. -apt update -./install_for_target.sh all "$@" -./purge_nonrequireds.sh all "$@" - -# Ensure our desired locale is available. -locale-gen - -# Only upgrade after reducing the system to the desired minimum, so that -# we don't need to get more data than necessary. -apt -y dist-upgrade - -# Set Berlin localtime. -ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime diff --git a/_bookworm/setup_scripts/copy_dirtree.sh b/_bookworm/setup_scripts/copy_dirtree.sh deleted file mode 100755 index fbc3d9d..0000000 --- a/_bookworm/setup_scripts/copy_dirtree.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/sh -# Copy files in argument-selected subdirectories of $1 to subdirectories -# of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2 -# of "" and $3 of "all", copy files below etc_files/all such as -# etc_files/all/etc/foo/bar to equivalent locations below / such as -# /etc/foo/bar. Create directories as necessary. Multiple arguments after -# $3 are possible. -# -# CAUTION: This removes original files at the affected paths. -set -e -. ./misc.sh -. ../../misc.sh - -expect_n_args 3 "(source root, target root, modules)" "$@" - -source_root="$1" -target_root="$2" -shift 2 - -for target_module in "$@"; do - mkdir -p "${source_root}/${target_module}" - cd "${source_root}/${target_module}" - for path in $(find . -type f); do - target_path="${target_root}"$(echo "${path}" | cut -c2-) - source_path=$(realpath "${path}") - dir=$(dirname "${target_path}") - mkdir -p "${dir}" - cp "${source_path}" "${target_path}" - done -done diff --git a/_bookworm/setup_scripts/init_user_and_keybased_login.sh b/_bookworm/setup_scripts/init_user_and_keybased_login.sh deleted file mode 120000 index f95539d..0000000 --- a/_bookworm/setup_scripts/init_user_and_keybased_login.sh +++ /dev/null @@ -1 +0,0 @@ -../../bullseye/setup_scripts/init_user_and_keybased_login.sh \ No newline at end of file diff --git a/_bookworm/setup_scripts/init_user_login.sh b/_bookworm/setup_scripts/init_user_login.sh deleted file mode 120000 index 0b0497d..0000000 --- a/_bookworm/setup_scripts/init_user_login.sh +++ /dev/null @@ -1 +0,0 @@ -../../bullseye/setup_scripts/init_user_login.sh \ No newline at end of file diff --git a/_bookworm/setup_scripts/install_for_target.sh b/_bookworm/setup_scripts/install_for_target.sh deleted file mode 100755 index 6d04152..0000000 --- a/_bookworm/setup_scripts/install_for_target.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/sh -# Walks through the package names in the argument-selected files of -# apt-mark/ and ensures the respective packages are installed. -# -# Ignores anything in an apt-mark/ file after the last newline. -set -e -. ./misc.sh - -for target in "$@"; do - path="${aptmark_dir}/${target}" - # TODO: continue if file at $path not found, to get rid of dummy files - cat "${path}" | while read line; do - echo "$line" - if [ ! $(echo "${line}" | cut -c1) = "#" ]; then - DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=--force-confold install "${line}" - fi - done -done diff --git a/_bookworm/setup_scripts/migrate_borg.sh b/_bookworm/setup_scripts/migrate_borg.sh deleted file mode 100755 index b08cf2d..0000000 --- a/_bookworm/setup_scripts/migrate_borg.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh -set -e -. ./misc.sh -. ../../misc.sh - -expect_n_args 1 "(old server IP)" "$@" -old_server="$1" -cp "${setup_scripts_dir}/misc.sh" /home/plom/ -cp "${setup_scripts_dir}/prepare_to_meet_server.sh" /home/plom/ -chown plom:plom /home/plom/prepare_to_meet_server.sh -su -lc "./prepare_to_meet_server.sh ${old_server}" plom -read -p'Hit Enter when you are done.' ignore -rm /home/plom/prepare_to_meet_server.sh -cp "${setup_scripts_dir}/mirror_dir.sh" /home/plom/ -su -lc "./mirror_dir.sh ${old_server} /home/plom/borg" plom -rm /home/plom/mirror_dir.sh -rm /home/plom/misc.sh diff --git a/_bookworm/setup_scripts/mirror_dir.sh b/_bookworm/setup_scripts/mirror_dir.sh deleted file mode 100755 index d650165..0000000 --- a/_bookworm/setup_scripts/mirror_dir.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh -# Mirror directory tree from remote to local server, keeping the path. -set -e -. ./misc.sh -. ../../misc.sh - -expect_n_args 2 "(server, directory)" "$@" -server=$1 -dir=$2 -path_package=/tmp/delete.tar - -eval `ssh-agent` -ssh-add -cd -ssh plom@"${server}" "cd \"${dir}\" && tar cf ${path_package} ." -scp plom@"${server}":"${path_package}" "${path_package}" -mkdir -p "${dir}" -cd "${dir}" -tar xf "${path_package}" -cd -rm "${path_package}" -ssh plom@"${server}" rm "${path_package}" diff --git a/_bookworm/setup_scripts/misc.sh b/_bookworm/setup_scripts/misc.sh deleted file mode 100644 index 30f8e8c..0000000 --- a/_bookworm/setup_scripts/misc.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -set -e -debian_version="bookworm" -legal_system_names="x220 w530 h610m" -config_tree_prefix="${HOME}/public_repos/config/${debian_version}" -if [ ! -d "${config_tree_prefix}" ]; then - config_tree_prefix="${HOME}/config/${debian_version}" -fi -setup_scripts_dir="${config_tree_prefix}/setup_scripts" -aptmark_dir="${config_tree_prefix}/apt-mark" - -expect_setup_finished_file() { - filename="$1" - setup_script="$2" - if [ ! -f "${HOME}/${filename}" ]; then - echo "First need to run ${setup_script}." - false - fi -} - -get_system_name_arg() { - found=0 - for system_name_i in $legal_system_names; do - if [ "$1" = "$system_name_i" ]; then - found=1 - system_name="${system_name_i}" - continue - fi - done - if [ "$found" = 0 ]; then - echo "Need legal system name." - false - fi -} diff --git a/_bookworm/setup_scripts/prepare_to_meet_server.sh b/_bookworm/setup_scripts/prepare_to_meet_server.sh deleted file mode 100755 index 8e54ca5..0000000 --- a/_bookworm/setup_scripts/prepare_to_meet_server.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/sh -# Do some of the steps necessary to SSH (key-based) with another server. -set -e -. ./misc.sh -. ../../misc.sh - -expect_n_args 1 "(server IP)" "$@" -target="$1" - -# We need a public key to copy over, so generate it if not found. -if [ ! -f ~/.ssh/id_rsa.pub ]; then - ssh-keygen -N "" -fi - -# Add target to ~/.ssh/known_hosts so we don't get -# asked for permission at inopportune moments. -ssh-keyscan -H "$target" >> ~/.ssh/known_hosts - -# Tell user what to do. -echo "APPEND FOLLOWING TO TARGET'S ~/.ssh/authorized_keys:" -cat ~/.ssh/id_rsa.pub diff --git a/_bookworm/setup_scripts/purge_nonrequireds.sh b/_bookworm/setup_scripts/purge_nonrequireds.sh deleted file mode 100755 index 95f2897..0000000 --- a/_bookworm/setup_scripts/purge_nonrequireds.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh -# This script removes all Debian packages that are not of Priority -# "required" or not depended on by packages of priority "required" -# or not listed in the argument-selected files of apt-mark/. -set -e -. ./misc.sh - -# FIXME packages listed twice in the aptmark_dir get blacklisted? - -dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted -for target in "$@"; do - path="${aptmark_dir}/${target}" - cat "${path}" | while read line; do - if [ ! $(echo "${line}" | cut -c1) = "#" ]; then - echo "${line}" >> /tmp/list_white_unsorted - fi - done -done -sort /tmp/list_white_unsorted > /tmp/list_white -dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages -sort /tmp/list_all_packages > /tmp/foo -mv /tmp/foo /tmp/list_all_packages -comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black -apt-mark auto `cat /tmp/list_black` -DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove -rm /tmp/list_all_packages /tmp/list_white_unsorted /tmp/list_white /tmp/list_black diff --git a/_bookworm/setup_scripts/set_hostname_and_fqdn.sh b/_bookworm/setup_scripts/set_hostname_and_fqdn.sh deleted file mode 100755 index 929d8bc..0000000 --- a/_bookworm/setup_scripts/set_hostname_and_fqdn.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/sh -# Sets hostname and optionally FQDN. -# -# Calls hostname, writes to /etc/hostname and /etc/hosts. For /etc/hosts -# writing follows recommendations from Debian manual at -# -# (section "The hostname resolution") on how to map hostname and possibly -# FQDN to a permanent IP if present (we assume here any non-private IP -# and non-loopback IP returned by hostname -I to fulfill that criterion -# on our systems) or to 127.0.1.1 if not. On the reasoning for separating -# localhost and hostname mapping to different IPs, see -# . -# -# Ignores IPv6s. -set -e -. ./misc.sh -. ../../misc.sh - -expect_n_args 1 "(hostname, fqdn)" "$@" - -hostname="$1" -fqdn="$2" -echo "${hostname}" > /etc/hostname -hostname "${hostname}" - -final_ip="127.0.1.1" -for ip in $(hostname -I); do - if [ $(echo "${ip}" | grep ':' | wc -l) -eq 1 ]; then - continue - fi - range_1=$(echo "${ip}" | cut -d "." -f 1) - range_2=$(echo "${ip}" | cut -d "." -f 2) - if [ "${range_1}" -eq 127 ]; then - continue - elif [ "${range_1}" -eq 10 ]; then - continue - elif [ "${range_1}" -eq 172 ]; then - if [ "${range_2}" -ge 16 ] && [ "${range_2}" -le 31 ]; then - continue - fi - elif [ "${range_1}" -eq 192 ]; then - if [ "${range_2}" -eq 168 ]; then - continue - fi - fi - final_ip="${ip}" -done - -echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts -echo "${final_ip} ${fqdn} ${hostname}" >> /etc/hosts diff --git a/_bookworm/setup_scripts/setup_desktop.sh b/_bookworm/setup_scripts/setup_desktop.sh deleted file mode 100755 index fe11b83..0000000 --- a/_bookworm/setup_scripts/setup_desktop.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/sh -set -e -. ./misc.sh -. ../../misc.sh - -expect_n_args 1 "(system name)" "$@" -get_system_name_arg "$1" - -# Set up system without user environment. -cd "${setup_scripts_dir}" -if [ "$system_name" = "w530" || "$system_name" = "x220"]; then - ./_setup.sh "${system_name}" "" user desktop thinkpad "${system_name}" -else - ./_setup.sh "${system_name}" "" user desktop "${system_name}" -fi - -# # Set up printer. -# ppd_deb="hll2350dwpdrv-4.0.0-1.i386.deb" -# wget "https://download.brother.com/welcome/dlf103566/${ppd_deb}" -# dpkg --add-architecture i386 -# apt update -# apt install -y "./${ppd_deb}" -# service cups restart -# # lpadmin -p 'Brother_HLL2350DW' -m 'brother-HLL2350DW-cups-en.ppd' -# rm "./${ppd_deb}" -# # TODO explore potential lpadmin options like -o 'OutputMode=NormalGray' - -# Set up NVIDIA eGPU config. -if [ "$system_name" = "w530" ]; then - cd - git clone https://github.com/NVIDIA/open-gpu-kernel-modules - cd open-gpu-kernel-modules - git checkout 337e28e - # git checkout 4c29105335610933e744f4ab2524ea63fc39edaf - make modules -j$(nproc) - make modules_install - cd - driver_version=535.86.05 - # driver_version=545.29.06 - runscript=NVIDIA-Linux-x86_64-${driver_version}.run - wget https://us.download.nvidia.com/XFree86/Linux-x86_64/${driver_version}/${runscript} - rmmod nouveau - chmod u+x ${runscript} - ./${runscript} --no-kernel-modules --silent - depmod - # TODO I suspect that the GPU falling of the bus may be mildened by running nvidia-persistenced, check https://github.com/NVIDIA/nvidia-persistenced/tree/main/init -fi - -# Set up user environments. -cd "${setup_scripts_dir}" -./copy_dirtree.sh "${config_tree_prefix}/home_files" "/root" minimal root -adduser --disabled-password --gecos "" plom -usermod -a -G sudo plom -passwd plom -cp -a ~/config /home/plom -chown -R plom:plom /home/plom/config diff --git a/_bookworm/setup_scripts/setup_firefox.sh b/_bookworm/setup_scripts/setup_firefox.sh deleted file mode 100755 index 5466b67..0000000 --- a/_bookworm/setup_scripts/setup_firefox.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh -set -e -. ./misc.sh - -# Install Firefox directly from Mozilla. -firefox_release="128.4.0esr" -firefox_filename="firefox-${firefox_release}.tar.bz2" -url_firefox="https://ftp.mozilla.org/pub/firefox/releases/${firefox_release}/linux-x86_64/en-US/${firefox_filename}" -wget "${url_firefox}" -mv "${firefox_filename}" /opt/ -cd /opt/ -tar xf "${firefox_filename}" -rm "${firefox_filename}" -ln -f -s /opt/firefox/firefox /usr/local/bin/ -update-alternatives --install /usr/bin/x-www-browser x-www-browser /opt/firefox/firefox 200 -update-alternatives --set x-www-browser /opt/firefox/firefox - -echo "TODO: Install uBlock Origin and tridactyl plugins, run :installnative and :source." - diff --git a/_bookworm/setup_scripts/setup_home.sh b/_bookworm/setup_scripts/setup_home.sh deleted file mode 100755 index 54f0db1..0000000 --- a/_bookworm/setup_scripts/setup_home.sh +++ /dev/null @@ -1,109 +0,0 @@ -#!/bin/sh -set -e -. ./misc.sh -. ../../misc.sh - -expect_n_args 1 "(system name)" "$@" -get_system_name_arg "$1" - -cd $setup_scripts_dir -./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}" - -secrets_dev="sdb" -source_dir_secrets="/media/${secrets_dev}/to_usb" -target_dir_secrets="${HOME}/tmp_secrets" -echo "Put secrets drive into slot for /dev/${secrets_dev}." -while [ ! -e /dev/"${secrets_dev}" ]; do - sleep 1 -done -stty -echo -printf "Secrets passphrase: " -read SECRETS_PASS -stty echo -echo "" # newline so user knows their input return was accepted -sudo -v -echo "${SECRETS_PASS}" | sudo pmount /dev/"${secrets_dev}" -cp -a "${source_dir_secrets}" "${target_dir_secrets}" -sudo chown -R plom:plom "${target_dir_secrets}" -sudo pumount "${secrets_dev}" -echo "You can remove /dev/${secrets_dev} now." - -# Set up iniitial non-public parts of infrastructure: SSH authentication. -ssh_dir=~/.ssh -cd "${target_dir_secrets}" -mkdir -p "${ssh_dir}" -echo "Setting up .ssh" -cp id_rsa ~/.ssh -stty -echo -ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub -stty echo -eval $(ssh-agent) -ssh-add -ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts - -# Fill ~/public_repos. -public_repos_dir="${HOME}/public_repos" -repos_list_file="${public_repos_dir}/repos" -mkdir -p "${public_repos_dir}" -cat "${repos_list_file}" | while read line; do - first_char=$(echo "${line}" | cut -c1) - if [ "${first_char}" = "#" ]; then - continue - fi - repo_name="${line}" - if [ ! -d "${public_repos_dir}/${repo_name}" ]; then - cd "${public_repos_dir}" - git clone plom@plomlompom.com:/var/repos/${repo_name} - fi -done - -# Remove redundant config repo copy. -config_tree_prefix="${public_repos_dir}/config/${debian_version}" -rm -rf ~/config - -# # Set up native messenger for tridactyl. -# version='ef9f02d0da258f68d7faf8898707f6d83d90d07a' -# curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash - -# Set up further non-public parts of infrastructure. -cd "${target_dir_secrets}" -script -c 'gpg --import secret_keys.asc' /dev/null -path_borgscript="${config_tree_prefix}//borg.sh" - -# borg setup -borgkeys_dir=~/.config/borg/keys -borgrepos_file=~/.borgrepos -tar xf borg_keyfiles.tar -mkdir -p "${borgkeys_dir}" -mv borg_keyfiles/* "${borgkeys_dir}" -# Sync org dir via borgbackup. For this we need the borgbackup servers -# in our .ssh/known_hosts file. -cat "${borgrepos_file}" | while read line; do - first_char=$(echo "${line}" | cut -c1) - if [ "${first_char}" = "#" ]; then - continue - fi - server=$(echo "${line}" | sed 's/.*@//') - ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts -done -BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull - -# .authinfo may not be present on every secrets drive yet -authinfo_file=.authinfo -if [ -f "${authinfo_file}" ]; then - cp "${authinfo_file}" ~ -fi -cd - -maildir=~/mail/maildir -# # Set up e-mail system. Note that we only do mbsync if the imap pass file -# # is found. It may not be present on every secrets drive yet, so we have to -# # deal with the possibility of it being absent at this point. -mkdir -p "${maildir}" # expected by mbsync/isync -if [ -f "${HOME}/${authinfo_file}" ]; then - mbsync -a - notmuch new -fi - -# # Final note on how to integrate tridactyl. -# echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start." diff --git a/_bookworm/setup_scripts/setup_nvidia.sh b/_bookworm/setup_scripts/setup_nvidia.sh deleted file mode 100755 index d05c8d1..0000000 --- a/_bookworm/setup_scripts/setup_nvidia.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -set -e -. ./misc.sh - -# Set up NVIDIA eGPU config. -cd -# git clone https://github.com/NVIDIA/open-gpu-kernel-modules -# cd open-gpu-kernel-modules -# git checkout 337e28e -# # git checkout 4c29105335610933e744f4ab2524ea63fc39edaf -# make modules -j$(nproc) -# make modules_install -# cd -driver_version=535.86.05 -# driver_version=545.29.06 -runscript=NVIDIA-Linux-x86_64-${driver_version}.run -# wget https://us.download.nvidia.com/XFree86/Linux-x86_64/${driver_version}/${runscript} -set +e -rmmod nouveau -set -e -chmod u+x ${runscript} -./${runscript} --no-kernel-modules --silent -depmod -# TODO I suspect that the GPU falling of the bus may be mildened by running nvidia-persistenced, check https://github.com/NVIDIA/nvidia-persistenced/tree/main/init diff --git a/_bookworm/setup_scripts/setup_seedbox.sh b/_bookworm/setup_scripts/setup_seedbox.sh deleted file mode 100755 index f641011..0000000 --- a/_bookworm/setup_scripts/setup_seedbox.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh -set -e -. ./misc.sh -. ../../misc.sh - -expect_setup_finished_file setup_server_has_been_run setup_server.sh - -plom_home_dir=/home/plom - -cd "${setup_scripts_dir}" -cp "${config_tree_prefix}/home_files/seedbox/.rtorrent.rc" "${plom_home_dir}" -chown plom:plom "${plom_home_dir}/.rtorrent.rc" -./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" seedbox -./install_for_target.sh seedbox -mkdir "${plom_home_dir}/downloads" -chown plom:plom "${plom_home_dir}/downloads" -mkdir "${plom_home_dir}/session" -chown plom:plom "${plom_home_dir}/session" -systemctl enable rtorrent.service --now diff --git a/_bookworm/setup_scripts/setup_server.sh b/_bookworm/setup_scripts/setup_server.sh deleted file mode 100755 index c854b95..0000000 --- a/_bookworm/setup_scripts/setup_server.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Next setup steps for a server whose login policy has just been set from -# the outside via ./init_user_login.sh or ./init_user_and_keybased_login.sh -set -e -. ./misc.sh -. ../../misc.sh - -expect_n_args 2 "(hostname, FQDN)" "$@" -hostname="$1" -fqdn="$2" -additional_arg="$3" - -# Set up basic server system. -cd "${setup_scripts_dir}" -./_setup.sh "${hostname}" "${fqdn}" server "$@" - -# If we have not yet set the shell for user plom, ensure it here. This -# is mostly for convenience. -usermod -s /bin/bash plom - -# Enable firewall. -systemctl enable nftables.service - -touch "$HOME/setup_server_has_been_run" diff --git a/_bookworm/setup_scripts/setup_static_website.sh b/_bookworm/setup_scripts/setup_static_website.sh deleted file mode 100755 index bdfb7d3..0000000 --- a/_bookworm/setup_scripts/setup_static_website.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/sh -set -e -. ./misc.sh -. ../../misc.sh - -expect_setup_finished_file setup_web_has_been_run setup_web.sh - -expect_n_args 1 "(website template, i.e. status.plomlompom.com, tube.plomlompom.com …)" "$@" -website_template="$1" -shift 1 - -mirror_ip="" -mirror_state="not mirroring automatically, since no IP given" -domain="${website_template}" -mail="plom+webmaster@plomlompom.com" -if [ "$#" -gt 0 ]; then - domain="$1" - if [ "$#" -gt 1 ]; then - mail="$2" - if [ "$#" -gt 2 ]; then - mirror_ip="$3" - mirror_state="mirroring automatically from ${mirror_ip}" - fi - fi -fi -echo "Assuming domain ${domain} and letsencrypt support mail address ${mail} and ${mirror_state}, abort and provide as arguments in this order if other desired! (Otherwise just hit Return.)" -read _ - -if [ ! -z "${mirror_ip}" ]; then - # Set up connection to old server. - cp "${setup_scripts_dir}/misc.sh" /home/plom/ - cp "${setup_scripts_dir}/prepare_to_meet_server.sh" /home/plom/ - chown plom:plom /home/plom/prepare_to_meet_server.sh - su -lc "./prepare_to_meet_server.sh ${mirror_ip}" plom - read -p 'Hit Enter when you are done.' ignore - rm /home/plom/prepare_to_meet_server.sh - - # Mirror dirs. - cp "${setup_scripts_dir}/mirror_dir.sh" /home/plom/ - su -lc "./mirror_dir.sh ${mirror_ip} /var/www/${website_template}" plom - rm /home/plom/mirror_dir.sh - rm /home/plom/misc.sh -fi - -# Install configs, set up firewall. -./install_for_target.sh "${website_template}" -./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" "${website_template}" -nft -f /etc/nftables.conf - -# Set up letsencrypt certificate. TODO: Is it auto-renewed? -ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default -certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}" -rm /etc/nginx/sites-enabled/default - -# Prepare NGINX. -sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" "/etc/nginx/sites-available/${website_template}.nginx" -ln -s "/etc/nginx/sites-available/${website_template}.nginx" "/etc/nginx/sites-enabled/${website_template}.nginx" - -service nginx restart - diff --git a/_bookworm/setup_scripts/setup_web.sh b/_bookworm/setup_scripts/setup_web.sh deleted file mode 100755 index 4807e8a..0000000 --- a/_bookworm/setup_scripts/setup_web.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/sh -set -e -. ./misc.sh -. ../../misc.sh - -expect_setup_finished_file setup_server_has_been_run setup_server.sh - -expect_n_args 1 "(domain name)" "$@" -domain="$1" - -# Install configs, set up firewall. -./install_for_target.sh web -./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web -nft -f /etc/nftables.conf - -chown plom /var/www - -# # Set up letsencrypt certificate. TODO: Is it auto-renewed? -# ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default -# certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}" -# rm /etc/nginx/sites-enabled/default - -# # Prepare NGINX for status.plomlompom.com. -# sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/status.plomlompom.com.nginx -# ln -s /etc/nginx/sites-available/status.plomlompom.com.nginx /etc/nginx/sites-enabled/status.plomlompom.com.nginx -# -# service nginx restart - -touch "$HOME/setup_web_has_been_run" diff --git a/_bookworm/setup_scripts/upgrade_from_older_release.sh b/_bookworm/setup_scripts/upgrade_from_older_release.sh deleted file mode 100755 index c13b8ca..0000000 --- a/_bookworm/setup_scripts/upgrade_from_older_release.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh - -# Upgrade a fresh (!) system to Bookworm, as per [1]. Fresh, because: Don't -# expect any customized config files to survive this. If you run this on a -# remote machine, take care not to loose anything you need to re-connect, e.g. -# any relevant adaptations you did to /etc/ssh/sshd_config … - -set -e -. ./misc.sh -. ../../misc.sh - -path_sources_list="/etc/apt/sources.list" - -export DEBIAN_FRONTEND=noninteractive -apt update -apt -y -o Dpkg::Options::="--force-confnew" upgrade -apt -y -o Dpkg::Options::="--force-confnew" full-upgrade -cp "${config_tree_prefix}/etc_files/all${path_sources_list}" "${path_sources_list}" -apt clean -apt update -apt -y -o Dpkg::Options::="--force-confnew" upgrade -apt -y -o Dpkg::Options::="--force-confnew" full-upgrade -apt -y autoremove -cp "${local_path_sshd_config}" "${system_path_sshd_config}" diff --git a/archived/bookworm/apt-mark/all b/archived/bookworm/apt-mark/all new file mode 100644 index 0000000..abd02d6 --- /dev/null +++ b/archived/bookworm/apt-mark/all @@ -0,0 +1,14 @@ +# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client +# unpredictably so +ifupdown +isc-dhcp-client +# git for the setup directory; cloning works with ca-certificates +ca-certificates +git +# to avoid constant warnings about no locale being found +locales +# extremely useful for basic network debugging; missed these more than once in an emergency +netcat-traditional +iputils-ping +# what would we do without this … +apt diff --git a/archived/bookworm/apt-mark/h610m b/archived/bookworm/apt-mark/h610m new file mode 100644 index 0000000..02b95cc --- /dev/null +++ b/archived/bookworm/apt-mark/h610m @@ -0,0 +1,10 @@ +# for X to start at all +linux-headers-amd64 +nvidia-driver +firmware-misc-nonfree +# X input: keyboard +xserver-xorg-input-evdev +# CUDA +nvidia-cuda-dev +nvidia-cuda-toolkit + diff --git a/archived/bookworm/apt-mark/seedbox b/archived/bookworm/apt-mark/seedbox new file mode 100644 index 0000000..7129acf --- /dev/null +++ b/archived/bookworm/apt-mark/seedbox @@ -0,0 +1,5 @@ +# needed for torrenting +rtorrent +# needed for torrenting session +screen + diff --git a/archived/bookworm/apt-mark/server b/archived/bookworm/apt-mark/server new file mode 100644 index 0000000..ecca45d --- /dev/null +++ b/archived/bookworm/apt-mark/server @@ -0,0 +1,12 @@ +# so we can login at all … +openssh-server +# firewalling +nftables +# We want to be able to use ALL our servers as borg backup destinations. +borgbackup +# not only pull in systemd, but also /sbin/reboot and /sbin/shutdown +systemd-sysv +# necessary on _some_ vservers +net-tools +quota + diff --git a/archived/bookworm/apt-mark/thinkpad b/archived/bookworm/apt-mark/thinkpad new file mode 100644 index 0000000..fa7bd38 --- /dev/null +++ b/archived/bookworm/apt-mark/thinkpad @@ -0,0 +1,16 @@ +# for wifi +firmware-iwlwifi +network-manager +wpasupplicant +# for tlp +tlp +tp-smapi-dkms +# for X to start at all +xserver-xorg-video-intel +# X input: keyboard and touchpad +xserver-xorg-input-evdev +xserver-xorg-input-synaptics +# to use printer +cups +# + diff --git a/archived/bookworm/apt-mark/user b/archived/bookworm/apt-mark/user new file mode 100644 index 0000000..831b81c --- /dev/null +++ b/archived/bookworm/apt-mark/user @@ -0,0 +1,56 @@ +# to avoid booting problems with encrypted LVM, see +cryptsetup-initramfs +lvm2 +# this provides setupcon which reads /etc/default/console-setup +console-setup +# for startx +xinit +# for xrdb +x11-xserver-utils +# for startx to run for non-root user +libpam-systemd +# window environment +i3 +i3status +suckless-tools +xterm +# to get sleepy at night +redshift +# for alsamixer +alsa-utils +# also useful +vim +sudo +less +man-db +manpages +procps +# firefox install dependencies +wget +bzip2 +# firefox running dependencies +libgtk-3-0 +libdbus-glib-1-2 +# tridactyl install recommendations +vim-gtk3 +curl +# for firefox to emit sound +pulseaudio +# emacs +emacs +emacs-common-non-dfsg +emacs-el +elpa-ledger +ledger +# to mount encrypted USB stick and use its contents +pmount +cryptsetup +openssh-client +# for syncing +borgbackup +# mail setup +isync +notmuch +elpa-notmuch +pinentry-gtk2 +# diff --git a/archived/bookworm/apt-mark/w530 b/archived/bookworm/apt-mark/w530 new file mode 100644 index 0000000..6c2cfd7 --- /dev/null +++ b/archived/bookworm/apt-mark/w530 @@ -0,0 +1,13 @@ +# for open-gpu-kernel-modules building +gcc +g++ +make +linux-headers-amd64 +xz-utils +# for NVIDIA driver .run --no-kernel-modules +libvulkan1 +libglvnd-dev +pkg-config +# so we can add nvidia.NVreg_OpenRmEnableUnsupportedGpus=1 to default grub +grub-efi-amd64 + diff --git a/archived/bookworm/apt-mark/web b/archived/bookworm/apt-mark/web new file mode 100644 index 0000000..4912b8a --- /dev/null +++ b/archived/bookworm/apt-mark/web @@ -0,0 +1,4 @@ +nginx-light +# for SSL +certbot +python3-certbot-nginx diff --git a/archived/bookworm/borg.sh b/archived/bookworm/borg.sh new file mode 120000 index 0000000..358132c --- /dev/null +++ b/archived/bookworm/borg.sh @@ -0,0 +1 @@ +../bullseye/borg.sh \ No newline at end of file diff --git a/archived/bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies b/archived/bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies new file mode 100644 index 0000000..4aaef79 --- /dev/null +++ b/archived/bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies @@ -0,0 +1,4 @@ +APT::AutoRemove::RecommendsImportant "false"; +APT::AutoRemove::SuggestsImportant "false"; +APT::Install-Recommends "false"; +APT::Install-Suggests "false"; diff --git a/archived/bookworm/etc_files/all/etc/apt/sources.list b/archived/bookworm/etc_files/all/etc/apt/sources.list new file mode 100644 index 0000000..72b0ffb --- /dev/null +++ b/archived/bookworm/etc_files/all/etc/apt/sources.list @@ -0,0 +1,4 @@ +deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware +deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware +deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware +deb http://ftp.debian.org/debian bookworm-backports main contrib non-free non-free-firmware diff --git a/archived/bookworm/etc_files/all/etc/default/locale b/archived/bookworm/etc_files/all/etc/default/locale new file mode 100644 index 0000000..dd6eee3 --- /dev/null +++ b/archived/bookworm/etc_files/all/etc/default/locale @@ -0,0 +1 @@ +LANG="en_US.UTF-8" diff --git a/archived/bookworm/etc_files/all/etc/locale.gen b/archived/bookworm/etc_files/all/etc/locale.gen new file mode 100644 index 0000000..a28cfa4 --- /dev/null +++ b/archived/bookworm/etc_files/all/etc/locale.gen @@ -0,0 +1,483 @@ +# This file lists locales that you wish to have built. You can find a list +# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add +# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change +# this file, you need to rerun locale-gen. + + +# aa_DJ ISO-8859-1 +# aa_DJ.UTF-8 UTF-8 +# aa_ER UTF-8 +# aa_ER@saaho UTF-8 +# aa_ET UTF-8 +# af_ZA ISO-8859-1 +# af_ZA.UTF-8 UTF-8 +# ak_GH UTF-8 +# am_ET UTF-8 +# an_ES ISO-8859-15 +# an_ES.UTF-8 UTF-8 +# anp_IN UTF-8 +# ar_AE ISO-8859-6 +# ar_AE.UTF-8 UTF-8 +# ar_BH ISO-8859-6 +# ar_BH.UTF-8 UTF-8 +# ar_DZ ISO-8859-6 +# ar_DZ.UTF-8 UTF-8 +# ar_EG ISO-8859-6 +# ar_EG.UTF-8 UTF-8 +# ar_IN UTF-8 +# ar_IQ ISO-8859-6 +# ar_IQ.UTF-8 UTF-8 +# ar_JO ISO-8859-6 +# ar_JO.UTF-8 UTF-8 +# ar_KW ISO-8859-6 +# ar_KW.UTF-8 UTF-8 +# ar_LB ISO-8859-6 +# ar_LB.UTF-8 UTF-8 +# ar_LY ISO-8859-6 +# ar_LY.UTF-8 UTF-8 +# ar_MA ISO-8859-6 +# ar_MA.UTF-8 UTF-8 +# ar_OM ISO-8859-6 +# ar_OM.UTF-8 UTF-8 +# ar_QA ISO-8859-6 +# ar_QA.UTF-8 UTF-8 +# ar_SA ISO-8859-6 +# ar_SA.UTF-8 UTF-8 +# ar_SD ISO-8859-6 +# ar_SD.UTF-8 UTF-8 +# ar_SS UTF-8 +# ar_SY ISO-8859-6 +# ar_SY.UTF-8 UTF-8 +# ar_TN ISO-8859-6 +# ar_TN.UTF-8 UTF-8 +# ar_YE ISO-8859-6 +# ar_YE.UTF-8 UTF-8 +# as_IN UTF-8 +# ast_ES ISO-8859-15 +# ast_ES.UTF-8 UTF-8 +# ayc_PE UTF-8 +# az_AZ UTF-8 +# be_BY CP1251 +# be_BY.UTF-8 UTF-8 +# be_BY@latin UTF-8 +# bem_ZM UTF-8 +# ber_DZ UTF-8 +# ber_MA UTF-8 +# bg_BG CP1251 +# bg_BG.UTF-8 UTF-8 +# bhb_IN.UTF-8 UTF-8 +# bho_IN UTF-8 +# bn_BD UTF-8 +# bn_IN UTF-8 +# bo_CN UTF-8 +# bo_IN UTF-8 +# br_FR ISO-8859-1 +# br_FR.UTF-8 UTF-8 +# br_FR@euro ISO-8859-15 +# brx_IN UTF-8 +# bs_BA ISO-8859-2 +# bs_BA.UTF-8 UTF-8 +# byn_ER UTF-8 +# ca_AD ISO-8859-15 +# ca_AD.UTF-8 UTF-8 +# ca_ES ISO-8859-1 +# ca_ES.UTF-8 UTF-8 +# ca_ES.UTF-8@valencia UTF-8 +# ca_ES@euro ISO-8859-15 +# ca_ES@valencia ISO-8859-15 +# ca_FR ISO-8859-15 +# ca_FR.UTF-8 UTF-8 +# ca_IT ISO-8859-15 +# ca_IT.UTF-8 UTF-8 +# ce_RU UTF-8 +# chr_US UTF-8 +# cmn_TW UTF-8 +# crh_UA UTF-8 +# cs_CZ ISO-8859-2 +# cs_CZ.UTF-8 UTF-8 +# csb_PL UTF-8 +# cv_RU UTF-8 +# cy_GB ISO-8859-14 +# cy_GB.UTF-8 UTF-8 +# da_DK ISO-8859-1 +# da_DK.UTF-8 UTF-8 +# de_AT ISO-8859-1 +# de_AT.UTF-8 UTF-8 +# de_AT@euro ISO-8859-15 +# de_BE ISO-8859-1 +# de_BE.UTF-8 UTF-8 +# de_BE@euro ISO-8859-15 +# de_CH ISO-8859-1 +# de_CH.UTF-8 UTF-8 +# de_DE ISO-8859-1 +# de_DE.UTF-8 UTF-8 +# de_DE@euro ISO-8859-15 +# de_IT ISO-8859-1 +# de_IT.UTF-8 UTF-8 +# de_LI.UTF-8 UTF-8 +# de_LU ISO-8859-1 +# de_LU.UTF-8 UTF-8 +# de_LU@euro ISO-8859-15 +# doi_IN UTF-8 +# dv_MV UTF-8 +# dz_BT UTF-8 +# el_CY ISO-8859-7 +# el_CY.UTF-8 UTF-8 +# el_GR ISO-8859-7 +# el_GR.UTF-8 UTF-8 +# en_AG UTF-8 +# en_AU ISO-8859-1 +# en_AU.UTF-8 UTF-8 +# en_BW ISO-8859-1 +# en_BW.UTF-8 UTF-8 +# en_CA ISO-8859-1 +# en_CA.UTF-8 UTF-8 +# en_DK ISO-8859-1 +# en_DK.ISO-8859-15 ISO-8859-15 +# en_DK.UTF-8 UTF-8 +# en_GB ISO-8859-1 +# en_GB.ISO-8859-15 ISO-8859-15 +# en_GB.UTF-8 UTF-8 +# en_HK ISO-8859-1 +# en_HK.UTF-8 UTF-8 +# en_IE ISO-8859-1 +# en_IE.UTF-8 UTF-8 +# en_IE@euro ISO-8859-15 +# en_IL UTF-8 +# en_IN UTF-8 +# en_NG UTF-8 +# en_NZ ISO-8859-1 +# en_NZ.UTF-8 UTF-8 +# en_PH ISO-8859-1 +# en_PH.UTF-8 UTF-8 +# en_SG ISO-8859-1 +# en_SG.UTF-8 UTF-8 +# en_US ISO-8859-1 +# en_US.ISO-8859-15 ISO-8859-15 +en_US.UTF-8 UTF-8 +# en_ZA ISO-8859-1 +# en_ZA.UTF-8 UTF-8 +# en_ZM UTF-8 +# en_ZW ISO-8859-1 +# en_ZW.UTF-8 UTF-8 +# eo UTF-8 +# es_AR ISO-8859-1 +# es_AR.UTF-8 UTF-8 +# es_BO ISO-8859-1 +# es_BO.UTF-8 UTF-8 +# es_CL ISO-8859-1 +# es_CL.UTF-8 UTF-8 +# es_CO ISO-8859-1 +# es_CO.UTF-8 UTF-8 +# es_CR ISO-8859-1 +# es_CR.UTF-8 UTF-8 +# es_CU UTF-8 +# es_DO ISO-8859-1 +# es_DO.UTF-8 UTF-8 +# es_EC ISO-8859-1 +# es_EC.UTF-8 UTF-8 +# es_ES ISO-8859-1 +# es_ES.UTF-8 UTF-8 +# es_ES@euro ISO-8859-15 +# es_GT ISO-8859-1 +# es_GT.UTF-8 UTF-8 +# es_HN ISO-8859-1 +# es_HN.UTF-8 UTF-8 +# es_MX ISO-8859-1 +# es_MX.UTF-8 UTF-8 +# es_NI ISO-8859-1 +# es_NI.UTF-8 UTF-8 +# es_PA ISO-8859-1 +# es_PA.UTF-8 UTF-8 +# es_PE ISO-8859-1 +# es_PE.UTF-8 UTF-8 +# es_PR ISO-8859-1 +# es_PR.UTF-8 UTF-8 +# es_PY ISO-8859-1 +# es_PY.UTF-8 UTF-8 +# es_SV ISO-8859-1 +# es_SV.UTF-8 UTF-8 +# es_US ISO-8859-1 +# es_US.UTF-8 UTF-8 +# es_UY ISO-8859-1 +# es_UY.UTF-8 UTF-8 +# es_VE ISO-8859-1 +# es_VE.UTF-8 UTF-8 +# et_EE ISO-8859-1 +# et_EE.ISO-8859-15 ISO-8859-15 +# et_EE.UTF-8 UTF-8 +# eu_ES ISO-8859-1 +# eu_ES.UTF-8 UTF-8 +# eu_ES@euro ISO-8859-15 +# eu_FR ISO-8859-1 +# eu_FR.UTF-8 UTF-8 +# eu_FR@euro ISO-8859-15 +# fa_IR UTF-8 +# ff_SN UTF-8 +# fi_FI ISO-8859-1 +# fi_FI.UTF-8 UTF-8 +# fi_FI@euro ISO-8859-15 +# fil_PH UTF-8 +# fo_FO ISO-8859-1 +# fo_FO.UTF-8 UTF-8 +# fr_BE ISO-8859-1 +# fr_BE.UTF-8 UTF-8 +# fr_BE@euro ISO-8859-15 +# fr_CA ISO-8859-1 +# fr_CA.UTF-8 UTF-8 +# fr_CH ISO-8859-1 +# fr_CH.UTF-8 UTF-8 +# fr_FR ISO-8859-1 +# fr_FR.UTF-8 UTF-8 +# fr_FR@euro ISO-8859-15 +# fr_LU ISO-8859-1 +# fr_LU.UTF-8 UTF-8 +# fr_LU@euro ISO-8859-15 +# fur_IT UTF-8 +# fy_DE UTF-8 +# fy_NL UTF-8 +# ga_IE ISO-8859-1 +# ga_IE.UTF-8 UTF-8 +# ga_IE@euro ISO-8859-15 +# gd_GB ISO-8859-15 +# gd_GB.UTF-8 UTF-8 +# gez_ER UTF-8 +# gez_ER@abegede UTF-8 +# gez_ET UTF-8 +# gez_ET@abegede UTF-8 +# gl_ES ISO-8859-1 +# gl_ES.UTF-8 UTF-8 +# gl_ES@euro ISO-8859-15 +# gu_IN UTF-8 +# gv_GB ISO-8859-1 +# gv_GB.UTF-8 UTF-8 +# ha_NG UTF-8 +# hak_TW UTF-8 +# he_IL ISO-8859-8 +# he_IL.UTF-8 UTF-8 +# hi_IN UTF-8 +# hne_IN UTF-8 +# hr_HR ISO-8859-2 +# hr_HR.UTF-8 UTF-8 +# hsb_DE ISO-8859-2 +# hsb_DE.UTF-8 UTF-8 +# ht_HT UTF-8 +# hu_HU ISO-8859-2 +# hu_HU.UTF-8 UTF-8 +# hy_AM UTF-8 +# hy_AM.ARMSCII-8 ARMSCII-8 +# ia_FR UTF-8 +# id_ID ISO-8859-1 +# id_ID.UTF-8 UTF-8 +# ig_NG UTF-8 +# ik_CA UTF-8 +# is_IS ISO-8859-1 +# is_IS.UTF-8 UTF-8 +# it_CH ISO-8859-1 +# it_CH.UTF-8 UTF-8 +# it_IT ISO-8859-1 +# it_IT.UTF-8 UTF-8 +# it_IT@euro ISO-8859-15 +# iu_CA UTF-8 +# ja_JP.EUC-JP EUC-JP +# ja_JP.UTF-8 UTF-8 +# ka_GE GEORGIAN-PS +# ka_GE.UTF-8 UTF-8 +# kk_KZ PT154 +# kk_KZ.RK1048 RK1048 +# kk_KZ.UTF-8 UTF-8 +# kl_GL ISO-8859-1 +# kl_GL.UTF-8 UTF-8 +# km_KH UTF-8 +# kn_IN UTF-8 +# ko_KR.EUC-KR EUC-KR +# ko_KR.UTF-8 UTF-8 +# kok_IN UTF-8 +# ks_IN UTF-8 +# ks_IN@devanagari UTF-8 +# ku_TR ISO-8859-9 +# ku_TR.UTF-8 UTF-8 +# kw_GB ISO-8859-1 +# kw_GB.UTF-8 UTF-8 +# ky_KG UTF-8 +# lb_LU UTF-8 +# lg_UG ISO-8859-10 +# lg_UG.UTF-8 UTF-8 +# li_BE UTF-8 +# li_NL UTF-8 +# lij_IT UTF-8 +# ln_CD UTF-8 +# lo_LA UTF-8 +# lt_LT ISO-8859-13 +# lt_LT.UTF-8 UTF-8 +# lv_LV ISO-8859-13 +# lv_LV.UTF-8 UTF-8 +# lzh_TW UTF-8 +# mag_IN UTF-8 +# mai_IN UTF-8 +# mg_MG ISO-8859-15 +# mg_MG.UTF-8 UTF-8 +# mhr_RU UTF-8 +# mi_NZ ISO-8859-13 +# mi_NZ.UTF-8 UTF-8 +# mk_MK ISO-8859-5 +# mk_MK.UTF-8 UTF-8 +# ml_IN UTF-8 +# mn_MN UTF-8 +# mni_IN UTF-8 +# mr_IN UTF-8 +# ms_MY ISO-8859-1 +# ms_MY.UTF-8 UTF-8 +# mt_MT ISO-8859-3 +# mt_MT.UTF-8 UTF-8 +# my_MM UTF-8 +# nan_TW UTF-8 +# nan_TW@latin UTF-8 +# nb_NO ISO-8859-1 +# nb_NO.UTF-8 UTF-8 +# nds_DE UTF-8 +# nds_NL UTF-8 +# ne_NP UTF-8 +# nhn_MX UTF-8 +# niu_NU UTF-8 +# niu_NZ UTF-8 +# nl_AW UTF-8 +# nl_BE ISO-8859-1 +# nl_BE.UTF-8 UTF-8 +# nl_BE@euro ISO-8859-15 +# nl_NL ISO-8859-1 +# nl_NL.UTF-8 UTF-8 +# nl_NL@euro ISO-8859-15 +# nn_NO ISO-8859-1 +# nn_NO.UTF-8 UTF-8 +# nr_ZA UTF-8 +# nso_ZA UTF-8 +# oc_FR ISO-8859-1 +# oc_FR.UTF-8 UTF-8 +# om_ET UTF-8 +# om_KE ISO-8859-1 +# om_KE.UTF-8 UTF-8 +# or_IN UTF-8 +# os_RU UTF-8 +# pa_IN UTF-8 +# pa_PK UTF-8 +# pap_AW UTF-8 +# pap_CW UTF-8 +# pl_PL ISO-8859-2 +# pl_PL.UTF-8 UTF-8 +# ps_AF UTF-8 +# pt_BR ISO-8859-1 +# pt_BR.UTF-8 UTF-8 +# pt_PT ISO-8859-1 +# pt_PT.UTF-8 UTF-8 +# pt_PT@euro ISO-8859-15 +# quz_PE UTF-8 +# raj_IN UTF-8 +# ro_RO ISO-8859-2 +# ro_RO.UTF-8 UTF-8 +# ru_RU ISO-8859-5 +# ru_RU.CP1251 CP1251 +# ru_RU.KOI8-R KOI8-R +# ru_RU.UTF-8 UTF-8 +# ru_UA KOI8-U +# ru_UA.UTF-8 UTF-8 +# rw_RW UTF-8 +# sa_IN UTF-8 +# sat_IN UTF-8 +# sc_IT UTF-8 +# sd_IN UTF-8 +# sd_IN@devanagari UTF-8 +# se_NO UTF-8 +# sgs_LT UTF-8 +# shs_CA UTF-8 +# si_LK UTF-8 +# sid_ET UTF-8 +# sk_SK ISO-8859-2 +# sk_SK.UTF-8 UTF-8 +# sl_SI ISO-8859-2 +# sl_SI.UTF-8 UTF-8 +# so_DJ ISO-8859-1 +# so_DJ.UTF-8 UTF-8 +# so_ET UTF-8 +# so_KE ISO-8859-1 +# so_KE.UTF-8 UTF-8 +# so_SO ISO-8859-1 +# so_SO.UTF-8 UTF-8 +# sq_AL ISO-8859-1 +# sq_AL.UTF-8 UTF-8 +# sq_MK UTF-8 +# sr_ME UTF-8 +# sr_RS UTF-8 +# sr_RS@latin UTF-8 +# ss_ZA UTF-8 +# st_ZA ISO-8859-1 +# st_ZA.UTF-8 UTF-8 +# sv_FI ISO-8859-1 +# sv_FI.UTF-8 UTF-8 +# sv_FI@euro ISO-8859-15 +# sv_SE ISO-8859-1 +# sv_SE.ISO-8859-15 ISO-8859-15 +# sv_SE.UTF-8 UTF-8 +# sw_KE UTF-8 +# sw_TZ UTF-8 +# szl_PL UTF-8 +# ta_IN UTF-8 +# ta_LK UTF-8 +# tcy_IN.UTF-8 UTF-8 +# te_IN UTF-8 +# tg_TJ KOI8-T +# tg_TJ.UTF-8 UTF-8 +# th_TH TIS-620 +# th_TH.UTF-8 UTF-8 +# the_NP UTF-8 +# ti_ER UTF-8 +# ti_ET UTF-8 +# tig_ER UTF-8 +# tk_TM UTF-8 +# tl_PH ISO-8859-1 +# tl_PH.UTF-8 UTF-8 +# tn_ZA UTF-8 +# tr_CY ISO-8859-9 +# tr_CY.UTF-8 UTF-8 +# tr_TR ISO-8859-9 +# tr_TR.UTF-8 UTF-8 +# ts_ZA UTF-8 +# tt_RU UTF-8 +# tt_RU@iqtelif UTF-8 +# ug_CN UTF-8 +# uk_UA KOI8-U +# uk_UA.UTF-8 UTF-8 +# unm_US UTF-8 +# ur_IN UTF-8 +# ur_PK UTF-8 +# uz_UZ ISO-8859-1 +# uz_UZ.UTF-8 UTF-8 +# uz_UZ@cyrillic UTF-8 +# ve_ZA UTF-8 +# vi_VN UTF-8 +# wa_BE ISO-8859-1 +# wa_BE.UTF-8 UTF-8 +# wa_BE@euro ISO-8859-15 +# wae_CH UTF-8 +# wal_ET UTF-8 +# wo_SN UTF-8 +# xh_ZA ISO-8859-1 +# xh_ZA.UTF-8 UTF-8 +# yi_US CP1255 +# yi_US.UTF-8 UTF-8 +# yo_NG UTF-8 +# yue_HK UTF-8 +# zh_CN GB2312 +# zh_CN.GB18030 GB18030 +# zh_CN.GBK GBK +# zh_CN.UTF-8 UTF-8 +# zh_HK BIG5-HKSCS +# zh_HK.UTF-8 UTF-8 +# zh_SG GB2312 +# zh_SG.GBK GBK +# zh_SG.UTF-8 UTF-8 +# zh_TW BIG5 +# zh_TW.EUC-TW EUC-TW +# zh_TW.UTF-8 UTF-8 +# zu_ZA ISO-8859-1 +# zu_ZA.UTF-8 UTF-8 diff --git a/archived/bookworm/etc_files/all/etc/timezone b/archived/bookworm/etc_files/all/etc/timezone new file mode 100644 index 0000000..94d5acc --- /dev/null +++ b/archived/bookworm/etc_files/all/etc/timezone @@ -0,0 +1 @@ +Europe/Berlin diff --git a/archived/bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service b/archived/bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service new file mode 100644 index 0000000..babfd36 --- /dev/null +++ b/archived/bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service @@ -0,0 +1,17 @@ +[Unit] +Description=rtorrent session +After=network.target + +[Service] +Type=simple +User=plom +Group=plom +WorkingDirectory=/home/plom +ExecStartPre=-/bin/rm -f /home/plom/session/rtorrent.lock +ExecStart=/usr/bin/screen -S rtorrent -Dm /usr/bin/rtorrent +ExecStop=/usr/bin/screen -S rtorrent -X quit +Restart=on-failure +RestartSec=3 + +[Install] +WantedBy=multi-user.target diff --git a/archived/bookworm/etc_files/server/etc/ssh/sshd_config b/archived/bookworm/etc_files/server/etc/ssh/sshd_config new file mode 100644 index 0000000..e952cb3 --- /dev/null +++ b/archived/bookworm/etc_files/server/etc/ssh/sshd_config @@ -0,0 +1,123 @@ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/bin:/usr/games + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +Include /etc/ssh/sshd_config.d/*.conf + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +#PermitRootLogin prohibit-password +PermitRootLogin no # plomlompom's security rule +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# Expect .ssh/authorized_keys2 to be disregarded by default in future. +#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +PasswordAuthentication no +#PermitEmptyPasswords no + +# Change to yes to enable challenge-response passwords (beware issues with +# some PAM modules and threads) +KbdInteractiveAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes +#GSSAPIStrictAcceptorCheck yes +#GSSAPIKeyExchange no + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the KbdInteractiveAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via KbdInteractiveAuthentication may bypass +# the setting of "PermitRootLogin prohibit-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and KbdInteractiveAuthentication to 'no'. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +PrintMotd no +#PrintLastLog yes +#TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +ClientAliveInterval 15 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* + +# override default of no subsystems +Subsystem sftp /usr/lib/openssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server diff --git a/archived/bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx b/archived/bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx new file mode 100644 index 0000000..99c19d2 --- /dev/null +++ b/archived/bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx @@ -0,0 +1,16 @@ +server { + listen 443 ssl; + server_name REPLACE_fqdn_ECALPER; + ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem; + root /var/www/status.plomlompom.com/; + + location = / { + return 301 /users/plomlompom.html; + } + + # re-direct to .html endings + location ~ ^/(notice|users)/([^\.]*)/?$ { + rewrite ^/(notice|users)/([^\./]*)/?$ /$1/$2.html permanent; + } +} diff --git a/archived/bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx b/archived/bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx new file mode 100644 index 0000000..57b084a --- /dev/null +++ b/archived/bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx @@ -0,0 +1,12 @@ +server { + listen 443 ssl; + server_name REPLACE_fqdn_ECALPER; + ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem; + root /var/www/tube.plomlompom.com/; + + # re-direct to .html endings + location ~ ^/videos/watch/([^\.]*)/?$ { + rewrite ^/videos/watch/([^\./]*)/?$ /videos/watch/$1.html permanent; + } +} diff --git a/archived/bookworm/etc_files/w530/etc/default/grub b/archived/bookworm/etc_files/w530/etc/default/grub new file mode 100644 index 0000000..ff1b598 --- /dev/null +++ b/archived/bookworm/etc_files/w530/etc/default/grub @@ -0,0 +1,32 @@ +# If you change this file, run 'update-grub' afterwards to update +# /boot/grub/grub.cfg. +# For full documentation of the options in this file, see: +# info -f grub -n 'Simple configuration' + +GRUB_DEFAULT=0 +GRUB_TIMEOUT=5 +GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` +GRUB_CMDLINE_LINUX_DEFAULT="quiet nvidia.NVreg_OpenRmEnableUnsupportedGpus=1" +GRUB_CMDLINE_LINUX="" + +# Uncomment to enable BadRAM filtering, modify to suit your needs +# This works with Linux (no patch required) and with any kernel that obtains +# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) +#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" + +# Uncomment to disable graphical terminal (grub-pc only) +#GRUB_TERMINAL=console + +# The resolution used on graphical terminal +# note that you can use only modes which your graphic card supports via VBE +# you can see them in real GRUB with the command `vbeinfo' +#GRUB_GFXMODE=640x480 + +# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux +#GRUB_DISABLE_LINUX_UUID=true + +# Uncomment to disable generation of recovery mode menu entries +#GRUB_DISABLE_RECOVERY="true" + +# Uncomment to get a beep at grub start +#GRUB_INIT_TUNE="480 440 1" diff --git a/archived/bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf b/archived/bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf new file mode 100644 index 0000000..9699336 --- /dev/null +++ b/archived/bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf @@ -0,0 +1,3 @@ +blacklist nouveau +options nouveau modeset=0 + diff --git a/archived/bookworm/etc_files/web/etc/nftables.conf b/archived/bookworm/etc_files/web/etc/nftables.conf new file mode 100755 index 0000000..ec6732a --- /dev/null +++ b/archived/bookworm/etc_files/web/etc/nftables.conf @@ -0,0 +1,22 @@ +#!/usr/sbin/nft -f + +flush ruleset + +table inet filter { + chain input { + type filter hook input priority 0; policy drop; + iif lo accept comment "accept localhost traffic" + ct state invalid drop comment "drop invalid connections" + ct state established, related accept comment "accept traffic originated from us" + tcp dport 22 accept comment "accept SSH on default port" + tcp dport 80 accept comment "accept HTTP on default port" + tcp dport 443 accept comment "accept HTTPS on default port" + ip protocol icmp icmp type echo-request accept comment "accept ICMP for pinging" + } + chain forward { + type filter hook forward priority 0; policy drop; + } + chain output { + type filter hook output priority 0; policy accept; + } +} diff --git a/archived/bookworm/etc_files/web/etc/nginx/nginx.conf b/archived/bookworm/etc_files/web/etc/nginx/nginx.conf new file mode 100644 index 0000000..8320425 --- /dev/null +++ b/archived/bookworm/etc_files/web/etc/nginx/nginx.conf @@ -0,0 +1,38 @@ +# system integration +user www-data; +worker_processes auto; +pid /run/nginx.pid; +include /etc/nginx/modules-enabled/*.conf; + +# is expected even if empty +events { +} + +http { + # define content-type headers + include /etc/nginx/mime.types; + charset utf-8; + + # Some standard optimizations, i.e. Debian default. Explained in + # + # Not that I understand it all … + sendfile on; + tcp_nopush on; + tcp_nodelay on; + + # logging deactivated due to GDPR + #access_log /var/log/nginx/access.log; + #error_log /var/log/nginx/error.log; + access_log off; + error_log off; + + # virtual hosts: sites-enabled is the Debian way, conf.d the NGINX default + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; + + # Redirect all HTTP requests to HTTPS. + server { + listen 80; + return 301 https://$host$request_uri; + } +} diff --git a/archived/bookworm/home_files/h610m/.xinitrc_bonus b/archived/bookworm/home_files/h610m/.xinitrc_bonus new file mode 100644 index 0000000..1eaa7e8 --- /dev/null +++ b/archived/bookworm/home_files/h610m/.xinitrc_bonus @@ -0,0 +1,2 @@ +# Don't blank screen, as this will confuse the HDMI switch setup / lead to unrecoverable X sessions. +xset s noblank diff --git a/archived/bookworm/home_files/minimal/.bashrc b/archived/bookworm/home_files/minimal/.bashrc new file mode 100644 index 0000000..5c1d6b2 --- /dev/null +++ b/archived/bookworm/home_files/minimal/.bashrc @@ -0,0 +1,30 @@ +# Settings for interactive shells. + +# Fancy colors for ls. +alias ls="ls --color=auto" + +# Other helpful aliases +alias sshauth='eval $(ssh-agent) && ssh-add' +# alias xrandrbig='xrandr --output LVDS-1 --off' + +# Use vim as default editor for anything. +export VISUAL=vim +export EDITOR=$VISUAL + +# Colored prompt with username, hostname, date/time, directory. +colornumber=7 # Default to white if no color set via colornumber dotfile. +colornumber_file=~/.shell_prompt_color +if [ -f $colornumber_file ]; then + colornumber=`cat $colornumber_file` +fi +tput_color="$(tput setaf $colornumber)$(tput bold)" +tput_reset="$(tput sgr0)" +# Bash confuses the line length when not told to not count escape sequences. +if [ ! "$BASH" = "" ]; then + tput_color="\[$tput_color\]" + tput_reset="\[$tput_reset\]" +fi +PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset" +PS2="${tput_color}> $tput_reset" +PS3="${tput_color}select: $tput_reset" +PS4="${tput_color}+ $tput_reset" diff --git a/archived/bookworm/home_files/root/.shell_prompt_color b/archived/bookworm/home_files/root/.shell_prompt_color new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/archived/bookworm/home_files/root/.shell_prompt_color @@ -0,0 +1 @@ +1 diff --git a/archived/bookworm/home_files/seedbox/.rtorrent.rc b/archived/bookworm/home_files/seedbox/.rtorrent.rc new file mode 100644 index 0000000..2513748 --- /dev/null +++ b/archived/bookworm/home_files/seedbox/.rtorrent.rc @@ -0,0 +1,11 @@ +# where to write downloads into +directory.default.set = ~/downloads + +# rtorrent's memory +session.path.set = ~/session + +# security and paranoia +dht.mode.set = disable +protocol.pex.set = no +protocol.encryption.set = require,require_RC4,allow_incoming,try_outgoing + diff --git a/archived/bookworm/home_files/user/.Xresources b/archived/bookworm/home_files/user/.Xresources new file mode 100644 index 0000000..45b10af --- /dev/null +++ b/archived/bookworm/home_files/user/.Xresources @@ -0,0 +1,56 @@ +! otherwise various applications will assume merely 8 colors +XTerm.termName: xterm-256color + +! font +! actually, "mono" is already the default for faceName (it will +! pick whatever fc-match mono delivers), but we need to set _some_ +! faceName to trigger XTerm activating TrueType fonts +! (XTerm*fontRender by itself won't do the trick), and we want +! TrueType fonts because, well, they scale better, and XTerm lets them +! fall back on alternatives (hi there ttf-unifont) when a Unicode +! glyph is not found +XTerm*faceName: mono + +! white on black +XTerm*reverseVideo: on + +! blink screen instead of sound +XTerm*visualBell: on + +! proper ALT as META key treatment +XTerm*eightBitInput: false + +! font sizes +XTerm*faceSize: 8 +XTerm*faceSize1: 4 +XTerm*faceSize2: 5 +XTerm*faceSize3: 6 +XTerm*faceSize4: 8 +XTerm*faceSize5: 14 +XTerm*faceSize6: 25 + +! colors +! black +XTerm*color0: #202020 +XTerm*color8: #3F3F3F +! red +XTerm*color1: #A82020 +XTerm*color9: #E82020 +! green +XTerm*color2: #20A820 +XTerm*color10: #20E820 +! yellow +XTerm*color3: #A8A820 +XTerm*color11: #E8E820 +! blue +XTerm*color4: #3F3FFF +XTerm*color12: #9F9FFF +! magenta +XTerm*color5: #A83FFF +XTerm*color13: #E89FFF +! cyan +XTerm*color6: #3FA8FF +XTerm*color14: #9FE8FF +! white +XTerm*color7: #A8A8A8 +XTerm*color15: #E8E8E8 diff --git a/archived/bookworm/home_files/user/.borgrepos b/archived/bookworm/home_files/user/.borgrepos new file mode 100644 index 0000000..c40eee3 --- /dev/null +++ b/archived/bookworm/home_files/user/.borgrepos @@ -0,0 +1,4 @@ +plom@plomlompom.com +plom@mail.plomlompom.com +plom@play.plomlompom.com +# file read ends at last newline diff --git a/archived/bookworm/home_files/user/.config/i3/config b/archived/bookworm/home_files/user/.config/i3/config new file mode 100644 index 0000000..7e4af34 --- /dev/null +++ b/archived/bookworm/home_files/user/.config/i3/config @@ -0,0 +1,86 @@ +# plomlompom's i3-wm configuration + +# Font for i3 text +font pango:Terminus 8px + +# Force "tabbed" as default layout for new windows. +workspace_layout tabbed + +# Make the Windows key the modifier key for all i3-wm actions. +set $mod Mod4 +floating_modifier $mod + +# Launch xterm. +bindsym $mod+Return exec xterm + +# Launch programs via dmenu. +bindsym $mod+d exec dmenu_run +bindsym $mod+x exec dmenu_run + +# Kill window. +bindsym $mod+Shift+Q kill + +# Move focus between windows. +bindsym $mod+Left focus left +bindsym $mod+Down focus down +bindsym $mod+Up focus up +bindsym $mod+Right focus right + +# Don't move focus with mouse. +focus_follows_mouse no + +# Move windows. +bindsym $mod+Shift+Left move left +bindsym $mod+Shift+Down move down +bindsym $mod+Shift+Up move up +bindsym $mod+Shift+Right move right + +# Resize windows +bindsym $mod+h resize shrink width 1 px or 1 ppt +bindsym $mod+l resize grow width 1 px or 1 ppt +bindsym $mod+j resize shrink height +bindsym $mod+k resize grow height + +# Toggle fullscreen for focused window. +bindsym $mod+f fullscreen + +# Toggle floating of window, focus on floating or tabbed windows. +bindsym $mod+Shift+space floating toggle +bindsym $mod+space focus mode_toggle + +# Switch to workspace x. +bindsym $mod+1 workspace 1 +bindsym $mod+2 workspace 2 +bindsym $mod+3 workspace 3 +bindsym $mod+4 workspace 4 +bindsym $mod+5 workspace 5 +bindsym $mod+6 workspace 6 +bindsym $mod+7 workspace 7 +bindsym $mod+8 workspace 8 +bindsym $mod+9 workspace 9 +bindsym $mod+0 workspace 10 + +# Move window to workspace x. +bindsym $mod+Shift+exclam move workspace 1 +bindsym $mod+Shift+quotedbl move workspace 2 +bindsym $mod+Shift+section move workspace 3 +bindsym $mod+Shift+dollar move workspace 4 +bindsym $mod+Shift+percent move workspace 5 +bindsym $mod+Shift+ampersand move workspace 6 +bindsym $mod+Shift+slash move workspace 7 +bindsym $mod+Shift+parenleft move workspace 8 +bindsym $mod+Shift+parenright move workspace 9 +bindsym $mod+Shift+equal move workspace 10 + +# Reload i3 config file, restart (keeping sesion) i3, exit i3. +bindsym $mod+Shift+C reload +bindsym $mod+Shift+R restart +bindsym $mod+Shift+P exit + +# Select "i3status" as i3 status bar, hide systray icons. +bar { + tray_output none + status_command i3status +} + +include ~/.config/i3/config_bonus diff --git a/archived/bookworm/home_files/user/.config/i3status/config b/archived/bookworm/home_files/user/.config/i3status/config new file mode 100644 index 0000000..b9fb15f --- /dev/null +++ b/archived/bookworm/home_files/user/.config/i3status/config @@ -0,0 +1,82 @@ +# plomlompom's i3 status bar configuration + +# Activate colors; set update interval of one second. +general { + colors = true + interval = 1 +} + +# Selection / order of status elements. +order += "disk /" +order += "disk /home/" +order += "wireless wlp3s0" +order += "ethernet enp0s25" +order += "battery 0" +order += "cpu_usage" +order += "load" +order += "cpu_temperature 0" +order += "time" +order += "volume master" + +# How much space is left in / ? +disk "/" { + format = "/: %avail available of %total" + separator_block_width = 25 +} + +# How much space is left in /home ? +disk "/home/" { + format = "/home: %avail available of %total" + separator_block_width = 25 +} + +# WLAN status: show IP and connection quality or "down". +wireless wlp3s0 { + format_up = "w: (%quality at %essid) %ip" + format_down = "w: down" + separator_block_width = 10 +} + +# Ethernet status: show IP or "down". +ethernet enp0s25 { + format_up = "e: %ip" + format_down = "e: down" + separator_block_width = 25 +} + +# Battery status: show FULL/CHARGING/BATTERY, storage, time left. +battery 0 { + format = "b: %status %percentage %remaining" + separator_block_width = 25 +} + +# Show CPU usage. +cpu_usage { + format = "cpu: %usage" + separator_block_width = 10 +} + +# Show system load during last 1/5/15 minutes. +load { + format = "%1min %5min %15min" + separator_block_width = 25 +} + +# Show CPU temperature in degrees of celsius. +cpu_temperature 0 { + format = "%degrees °C" + separator_block_width = 25 +} + +# Show date/time/timezone as "year-month-day hour:minute:second +# timezone_numeric/timezone_alphabetic". +time { + format = "%Y-%m-%d %H:%M:%S %z/%Z" + separator_block_width = 25 +} + +volume master { + format = "♪: %volume" + format_muted = "♪: muted (%volume)" + separator_block_width = 25 +} diff --git a/archived/bookworm/home_files/user/.emacs.d/init.el b/archived/bookworm/home_files/user/.emacs.d/init.el new file mode 100644 index 0000000..3868a75 --- /dev/null +++ b/archived/bookworm/home_files/user/.emacs.d/init.el @@ -0,0 +1,323 @@ +;; general layout +;; ============== + +;; need no stinkin emacs help screen as start up, and no menu bar +(setq inhibit-startup-screen t) +(menu-bar-mode -1) + +;; highlight cursor line, parentheses +(global-hl-line-mode 1) +(show-paren-mode 1) + +;; show line numbers, use separator space +(global-linum-mode) +(setq linum-format "%d ") + +;; count cursor column, row in mode line +(setq column-number-mode t) + +;; settings to make GUI tolerable +(if window-system + (progn + (add-to-list 'default-frame-alist '(foreground-color . "white")) + (add-to-list 'default-frame-alist '(background-color . "black")) + (set-face-attribute 'default nil :height 80) + (scroll-bar-mode -1) + (setq visible-bell t) + (setq linum-format "%d"))) + +;; use as default browser what XDG offers +(setq-default browse-url-browser-function 'browse-url-xdg-open) + + + +;; general keybindings +;; =================== + +;; create and use a minimal global map using just the self-insert command +;; bindings and a selection of some to me very common keystrokes +(setq minimal-map (make-sparse-keymap)) +(substitute-key-definition 'self-insert-command 'self-insert-command + minimal-map global-map) +(use-global-map minimal-map) +(global-set-key (kbd "DEL") 'backward-delete-char-untabify) +(global-set-key (kbd "RET") 'newline) +(global-set-key (kbd "TAB") 'indent-for-tab-command) +(global-set-key (kbd "") 'previous-line) +(global-set-key (kbd "") 'next-line) +(global-set-key (kbd "") 'left-char) +(global-set-key (kbd "") 'right-char) +(global-set-key (kbd "") 'scroll-down-command) +(global-set-key (kbd "") 'scroll-up-command) +(global-set-key (kbd "M-x") 'execute-extended-command) +(global-set-key (kbd "C-g") 'keyboard-quit) +;(global-set-key (kbd "") 'kmacro-start-macro-or-insert-counter) +;(global-set-key (kbd "") 'kmacro-end-or-call-macro) +;; note how to switch back to the original map: (use-global-map global-map) +(setq shr-map (make-sparse-keymap)) ; got annoying in elfeed-show on URLs + + + +;; minibuffer +;; ========== + +;; incremental minibuffer completion +(icomplete-mode 1) + + + +;; text editing +;; ============ + +;; tabs are evil +(setq-default indent-tabs-mode nil) +(setq-default tab-width 4) +(setq indent-line-function 'insert-tab) + +;; show trailing whitespace +(setq-default show-trailing-whitespace 1) + +;; on save, ask whether to ensure text file's last line ends in a +;; newline character +(setq require-final-newline 1) + +;; use dedicated directory for version-controlled, endless backups; +;; never delete old versions +(setq make-backup-files t + backup-directory-alist `(("." . "~/.emacs_backups")) + backup-by-copying t + version-control t + delete-old-versions 1) ;; neither t nor nil: never delete + + +;; package management +;; ================== + +;; where we get packages from +(setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/") + ("melpa-unstable" . "https://melpa.org/packages/") + ("melpa-stable" . "https://stable.melpa.org/packages/"))) + +;; ensure certain packages are installed (actually, we use Debian repos here) +;; credit to +;(setq package-list '(elfeed ledger-mode)) +;(package-initialize) +;(dolist (package package-list) +; (unless (package-installed-p package) +; (package-install package))) + + + +;;; window management +;;; ================= +; +;;; track window configurations to allow window config undo +;(winner-mode 1) + + + +;; mail setup +;; ========== + +(setq send-mail-function 'smtpmail-send-it) +(setq smtpmail-smtp-server "mail.plomlompom.com") +(setq smtpmail-smtp-service 465) +(setq smtpmail-stream-type 'ssl) +(setq smtpmail-smtp-user "plom") +(setq mml-secure-openpgp-encrypt-to-self t) +(add-hook 'message-setup-hook 'mml-secure-sign-pgpmime) + +;(setq gnutls-log-level 0) + +;; if we don't set this, we get this warning: +;; gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange +;; has been lowered to 256 bits and this may allow decryption of the session data +(setq gnutls-min-prime-bits 1024) + +;; there is a WEIRD bug somewhere in /network-stream-open-tls/ that disappears the +;; stream process, seemingly unless the /message/ function is called at the right +;; place (earliest in /nsm-verify-connection/ right before the "cond" there, latest +;; in /network-stream-get-response/ right after "(goto-char start)"; this works +;; unless /inhibit_message/ is set, indicating that writing to the *Messages* +;; buffer is not relevant, but maybe writing to the echo area is); activing the +;; gnutls logging is just a hack to achieve such calls to /message/ in the +;; /network-stream-open-tls/ flow. +(setq gnutls-log-level 1) ; miraculously makes smtpmail work + +;; constructs From: domain if mail composer directly called (from without +;; notmuch), but we don't actually intend to do that +;(setq mail-host-address "plomlompom.com") + +;; otherwise notmuch becomes extremely slow in some cases +(setq-default notmuch-show-indent-content nil) + +;; this only works if we use notmuch-mua-send instead of message-send +(setq notmuch-fcc-dirs '(("plom@plomlompom.com" . "maildir/Sent"))) + +;; this gets rid of "i-did-not-set--mail-host-address--so-tickle-me" +;; in the message ID +(setq mail-host-address "plomlompom.com") + +;; notmuch saved searches +(setq notmuch-saved-searches + '((:name "inbox" :query "tag:unread and folder:inbox") + (:name "all" :query "tag:unread not folder:maildir/Trash") + (:name "plomlompom.de" :query "tag:unread and folder:maildir/plomlompom.de") + (:name "nebenan" :query "tag:unread and folder:maildir/nebenan") + (:name "reflect-info" :query "tag:unread and folder:maildir/reflect-info") + (:name "gmail" :query "tag:unread and folder:maildir/gmail.com") + (:name "mutter" :query "tag:unread and folder:maildir/mutter"))) + + + +;; org mode +;; ======== + +;; unsure why, but to re-set the key map, we not only have to explicitely do it +;; only after org-mode loading, but also have to explicitely overwrite the +;; C-c keybinding; TODO: investigate +(with-eval-after-load 'org + (setq org-mode-map (make-sparse-keymap)) + (define-key org-mode-map (kbd "C-c") nil) + (define-key org-mode-map (kbd "TAB") 'org-cycle) + (define-key org-mode-map (kbd "") 'org-shifttab)) + +;; don't truncate lines by default +(setq org-startup-truncated nil) + +;; basic org-capture config +(setq org-capture-templates + '(("x" "test" plain (file "~/org/notes.org") "%T: %?"))) +(add-hook 'org-capture-mode-hook 'evil-insert-state) + +;; agenda view on startup +(load-library "find-lisp") +(setq org-agenda-files (find-lisp-find-files "~/org" "\.org$")) +(setq org-agenda-span 90) +(setq org-agenda-use-time-grid nil) +(add-hook 'emacs-startup-hook (lambda () + (org-agenda-list) + (switch-to-buffer "*Org Agenda*") + (other-window 1))) + +;;; for calendar, use ISO date style +;(setq calendar-date-style 'iso) +;(setq diary-number-of-entries 7) +;(diary) +;(setq org-agenda-time-grid '((today require-timed remove-match) +; #("----------------" 0 16 (org-heading t)) +; (0 200 400 600 800 1000 1200 +; 1400 1600 1800 2000 2200))) + +;; empty org-agenda-mode keybindings +(add-hook 'org-agenda-mode-hook + (lambda () + (setq org-agenda-mode-map (make-sparse-keymap)))) +(add-hook 'org-agenda-mode-hook + (lambda () + (use-local-map (make-sparse-keymap)))) + +;; org-publish-all +(setq org-publish-project-alist + '( + ("website" + :base-directory "~/org/web/" + :base-extension "org" + :publishing-directory "~/html/" + :recursive t + :publishing-function org-html-publish-to-html + :headline-levels 4 ; Just the default for this project. + :auto-preamble t + ))) + +;; use [ki:] syntax to hide stuff from exports +(defun classify-information (text backend info) + "Replaces '[ki:WHATEVER]' with '[klassifizierte Information]'." + (replace-regexp-in-string "\\[ki:[^\]]*\]" "[klassifizierte Information]" text)) +(add-hook 'org-export-filter-plain-text-functions 'classify-information) + +;; add HTML validator link to exports +(setq org-html-validation-link "Validate") + + + +;;; Info mode +;;; ========= + +(setq Info-mode-map (make-sparse-keymap)) +(define-key Info-mode-map (kbd "RET") 'Info-follow-nearest-node) +(define-key Info-mode-map (kbd "u") 'Info-up) +(define-key Info-mode-map (kbd "TAB") 'Info-next-reference) +(define-key Info-mode-map (kbd "") 'Info-prev-reference) +(define-key Info-mode-map (kbd "H") 'Info-history-back) +(define-key Info-mode-map (kbd "L") 'Info-history-forward) +(define-key Info-mode-map (kbd "I") 'Info-goto-node) +(define-key Info-mode-map (kbd "i") 'Info-index) + + + +;; help mode +;; ========= + +(setq help-mode-map (make-sparse-keymap)) +(define-key help-mode-map (kbd "TAB") 'forward-button) +(define-key help-mode-map (kbd "RET") 'help-follow) +(define-key help-mode-map (kbd "") 'backward-button) + + + +; ;; elfeed +; ;; ====== +; +; (require 'elfeed) ; needed so we can set the font faces +; (set-face-background 'elfeed-search-title-face "magenta") +; (set-face-background 'elfeed-search-unread-count-face "magenta") +; (setq elfeed-feeds +; '("https://capsurvival.blogspot.com/feeds/posts/default" +; "https://jungle.world/rss.xml" +; "http://news.dieweltistgarnichtso.net/bin/index.xml" +; "https://taz.de/!s=&ExportStatus=Intern&SuchRahmen=Online;rss/" +; "http://www.tagesschau.de/xml/atom")) +; (setq elfeed-search-mode-map (make-sparse-keymap)) +; (define-key elfeed-search-mode-map (kbd "RET") 'elfeed-search-show-entry) +; (defun elfeed-search-mark-as-read() (interactive) +; (elfeed-search-untag-all 'unread)) +; (define-key elfeed-search-mode-map (kbd "r") 'elfeed-search-mark-as-read) +; (define-key elfeed-search-mode-map (kbd "R") 'elfeed-search-tag-all-unread) +; (define-key elfeed-search-mode-map (kbd "f") 'elfeed-search-live-filter) +; (define-key elfeed-search-mode-map (kbd "u") 'elfeed-update) +; (setq elfeed-show-mode-map (make-sparse-keymap)) +; (define-key elfeed-show-mode-map (kbd "u") 'elfeed) +; (define-key elfeed-show-mode-map (kbd "TAB") 'shr-next-link) +; (define-key elfeed-show-mode-map (kbd "") 'shr-previous-link) +; (define-key elfeed-show-mode-map (kbd "a") 'elfeed-show-prev) +; (define-key elfeed-show-mode-map (kbd "d") 'elfeed-show-next) +; (define-key elfeed-show-mode-map (kbd "y") 'shr-copy-url) +; (define-key elfeed-show-mode-map (kbd "RET") 'shr-browse-url) +; +; +; +; ;; eww +; ;; === +; +; (setq eww-mode-map (make-sparse-keymap)) +; (define-key eww-mode-map (kbd "TAB") 'shr-next-link) +; (define-key eww-mode-map (kbd "") 'shr-previous-link) +; (define-key eww-mode-map (kbd "H") 'eww-back-url) +; (define-key eww-mode-map (kbd "L") 'eww-forward-url) + + + +;; ledger +;; ====== +(setq ledger-mode-map (make-sparse-keymap)) +(define-key ledger-mode-map (kbd "TAB") 'completion-at-point) + + + +;;; plomvi mode +;;; =========== + +(defvar plomvi-return-combo (kbd "C-c")) +(load "~/public_repos/plomvi.el/plomvi.el") +(plomvi-global-mode 1) diff --git a/archived/bookworm/home_files/user/.gitconfig b/archived/bookworm/home_files/user/.gitconfig new file mode 100644 index 0000000..8967d25 --- /dev/null +++ b/archived/bookworm/home_files/user/.gitconfig @@ -0,0 +1,3 @@ +[user] + email = c.heller@plomlompom.de + name = Christian Heller diff --git a/archived/bookworm/home_files/user/.mbsyncrc b/archived/bookworm/home_files/user/.mbsyncrc new file mode 100644 index 0000000..59d01a9 --- /dev/null +++ b/archived/bookworm/home_files/user/.mbsyncrc @@ -0,0 +1,28 @@ +IMAPAccount plom +# Address to connect to +Host mail.plomlompom.com +User plom +# For some reason, mbsync doesn't accept a PassCmd output beyond 79 chars, +# therefore the pw in ~/.authinfo should not be longer than that. +PassCmd "cat ~/.authinfo | cut -d' ' -f8-" +SSLType IMAPS +AuthMechs LOGIN + +IMAPStore core-remote +Account plom + +MaildirStore core-local +# The trailing "/" is important +Path ~/mail/maildir/ +Inbox ~/mail/inbox/ + +Channel core +Far :core-remote: +Near :core-local: +Patterns * +# Automatically create missing mailboxes, both locally and on the server +Create Both +# Save the synchronization state files in the relevant directory +SyncState * +# If a mail is marked T ("Trashed") or deleted, remove it for real everywhere +Expunge Both diff --git a/archived/bookworm/home_files/user/.notmuch-config b/archived/bookworm/home_files/user/.notmuch-config new file mode 100644 index 0000000..9532761 --- /dev/null +++ b/archived/bookworm/home_files/user/.notmuch-config @@ -0,0 +1,9 @@ +[database] +path=/home/plom/mail +[search] +exclude_tags=deleted;spam; +# the fields below set the From: if the mail composer is called from +# within notmuch +[user] +name=Christian Heller +primary_email=plom@plomlompom.com diff --git a/archived/bookworm/home_files/user/.shell_prompt_color b/archived/bookworm/home_files/user/.shell_prompt_color new file mode 100644 index 0000000..0cfbf08 --- /dev/null +++ b/archived/bookworm/home_files/user/.shell_prompt_color @@ -0,0 +1 @@ +2 diff --git a/archived/bookworm/home_files/user/.tridactylrc b/archived/bookworm/home_files/user/.tridactylrc new file mode 100644 index 0000000..8da0831 --- /dev/null +++ b/archived/bookworm/home_files/user/.tridactylrc @@ -0,0 +1,18 @@ +# sanitize tridactyllocal tridactylsync +# guiset tabs always +# guiset hoverlink left +# guiset statuspanel right +autocmd DocStart www.reddit.com urlmodify -t www.reddit old.reddit +# bind ö fillcmdline find +# bind n findnext 1 +# bind N findnext -1 +bind j scrollline 3 +bind k scrollline -3 +set hintuppercase false +set searchengine duckduckgo +set theme midnight +set searchurls.wiktionary https://en.wiktionary.org/w/index.php?search= +set searchurls.dictcc https://www.dict.cc/?s= +set hintchars 123456qwertasdfgyxcvb +guiset gui none +escapehatch diff --git a/archived/bookworm/home_files/user/.xinitrc b/archived/bookworm/home_files/user/.xinitrc new file mode 100644 index 0000000..e1cbd6a --- /dev/null +++ b/archived/bookworm/home_files/user/.xinitrc @@ -0,0 +1,19 @@ +# X init configuration + +# Set keymap. +setxkbmap de + +# Map CapsLock to Compose key. +xmodmap -e "clear Lock" +xmodmap -e "keycode 66 = Multi_key" + +# Load xterm settings +xrdb -merge ~/.Xresources + +# Redshift to Berlin, Germany. +redshift -rl 53:13 & + +sh .xinitrc_bonus + +# Launch window manager. +i3 diff --git a/archived/bookworm/home_files/user/mail_sync.sh b/archived/bookworm/home_files/user/mail_sync.sh new file mode 100755 index 0000000..ffe6b4a --- /dev/null +++ b/archived/bookworm/home_files/user/mail_sync.sh @@ -0,0 +1,44 @@ +#!/bin/sh +set -e + +basedir="/home/plom/mail/maildir/" +# Ensure directories exist for all "dir:*" tags. +for tag in $(notmuch search --output=tags '*'); do + if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then + continue + fi + target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/" + if [ ! -d "${target_dir}" ]; then + echo "Directory ${target_dir} does not exist." + exit 1 + fi +done + +# Ensure all "dir:*"-tagged mails are in proper directories, +# remove all "dir:*" tags. +for tag in $(notmuch search --output=tags '*'); do + if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then + continue + fi + target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/" + for f in $(notmuch search --output=files tag:"${tag}"); do + new_name=$(basename "${f}" | sed -e 's/,U=[0-9]*//') + target_path="${target_dir}${new_name}" + if [ ! "${target_path}" = "${f}" ]; then + echo "Moving ${f} to ${target_path}." + mv "${f}" "${target_path}" + # NOTE: if we encounter an error here of ${f} not being findable, run "notmuch reindex tag:${tag}" to fix + fi + done + notmuch tag -"${tag}" tag:"${tag}" +done + +# Remove all "deleted"-tagged files from maildirs. +notmuch search --output=files tag:deleted | while read f; do + echo "Deleting ${f}" + rm "${f}" +done + +# Sync changes back to server and update notmuch index. +mbsync -a +notmuch new diff --git a/archived/bookworm/home_files/user/public_repos/repos b/archived/bookworm/home_files/user/public_repos/repos new file mode 100644 index 0000000..2414eec --- /dev/null +++ b/archived/bookworm/home_files/user/public_repos/repos @@ -0,0 +1,8 @@ +# List of repos we want cloned in ~/public_repos +config +pingmail.git +plomlombot-irc.git +plomrogue +plomrogue2-experiments +plomvi.el +misc diff --git a/archived/bookworm/home_files/w530/.config/i3/config_bonus b/archived/bookworm/home_files/w530/.config/i3/config_bonus new file mode 100644 index 0000000..50af63e --- /dev/null +++ b/archived/bookworm/home_files/w530/.config/i3/config_bonus @@ -0,0 +1,14 @@ +# put main workspaces on big monitor +workspace 1 output LVDS-1 +workspace 2 output HDMI-1-0 +workspace 3 output HDMI-1-0 +workspace 4 output HDMI-1-0 +workspace 5 output HDMI-1-0 +workspace 6 output HDMI-1-0 +workspace 7 output HDMI-1-0 +workspace 8 output HDMI-1-0 +workspace 9 output HDMI-1-0 +workspace 10 output HDMI-1-0 + +# default to big monitor's first workspace +# exec "i3-msg 'workspace 1'" diff --git a/archived/bookworm/home_files/w530/.xinitrc_bonus b/archived/bookworm/home_files/w530/.xinitrc_bonus new file mode 100644 index 0000000..b3a221f --- /dev/null +++ b/archived/bookworm/home_files/w530/.xinitrc_bonus @@ -0,0 +1,2 @@ +# The extreme --pos disconnects the cursor movement spaces, so mouse stays inside selected screen. +xrandr --output LVDS-1 --mode 1368x768 --output HDMI-1-0 --auto --pos 2000x2000 diff --git a/archived/bookworm/setup_scripts/_setup.sh b/archived/bookworm/setup_scripts/_setup.sh new file mode 100755 index 0000000..5f4bfda --- /dev/null +++ b/archived/bookworm/setup_scripts/_setup.sh @@ -0,0 +1,35 @@ +#!/bin/sh +set -e +. ./misc.sh +. ../../misc.sh + +expect_n_args 2 "(hostname, FQDN)" "$@" +hostname="$1" +fqdn="$2" +shift 2 + +cd "${setup_scripts_dir}" + +# Adapt /etc/ to our needs by copying from ./etc_files. This will set +# basic configurations affecting following steps, such as setup of APT +# and the locale selection, so needs to be right at the beginning. +./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" all "$@" + +# Set hostname and FQDN. +./set_hostname_and_fqdn.sh "${hostname}" "${fqdn}" + +# Ensure package installation state as defined by what packages are +# defined as required by Debian policy and by settings in ./apt-mark/. +apt update +./install_for_target.sh all "$@" +./purge_nonrequireds.sh all "$@" + +# Ensure our desired locale is available. +locale-gen + +# Only upgrade after reducing the system to the desired minimum, so that +# we don't need to get more data than necessary. +apt -y dist-upgrade + +# Set Berlin localtime. +ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime diff --git a/archived/bookworm/setup_scripts/copy_dirtree.sh b/archived/bookworm/setup_scripts/copy_dirtree.sh new file mode 100755 index 0000000..fbc3d9d --- /dev/null +++ b/archived/bookworm/setup_scripts/copy_dirtree.sh @@ -0,0 +1,30 @@ +#!/bin/sh +# Copy files in argument-selected subdirectories of $1 to subdirectories +# of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2 +# of "" and $3 of "all", copy files below etc_files/all such as +# etc_files/all/etc/foo/bar to equivalent locations below / such as +# /etc/foo/bar. Create directories as necessary. Multiple arguments after +# $3 are possible. +# +# CAUTION: This removes original files at the affected paths. +set -e +. ./misc.sh +. ../../misc.sh + +expect_n_args 3 "(source root, target root, modules)" "$@" + +source_root="$1" +target_root="$2" +shift 2 + +for target_module in "$@"; do + mkdir -p "${source_root}/${target_module}" + cd "${source_root}/${target_module}" + for path in $(find . -type f); do + target_path="${target_root}"$(echo "${path}" | cut -c2-) + source_path=$(realpath "${path}") + dir=$(dirname "${target_path}") + mkdir -p "${dir}" + cp "${source_path}" "${target_path}" + done +done diff --git a/archived/bookworm/setup_scripts/init_user_and_keybased_login.sh b/archived/bookworm/setup_scripts/init_user_and_keybased_login.sh new file mode 120000 index 0000000..f95539d --- /dev/null +++ b/archived/bookworm/setup_scripts/init_user_and_keybased_login.sh @@ -0,0 +1 @@ +../../bullseye/setup_scripts/init_user_and_keybased_login.sh \ No newline at end of file diff --git a/archived/bookworm/setup_scripts/init_user_login.sh b/archived/bookworm/setup_scripts/init_user_login.sh new file mode 120000 index 0000000..0b0497d --- /dev/null +++ b/archived/bookworm/setup_scripts/init_user_login.sh @@ -0,0 +1 @@ +../../bullseye/setup_scripts/init_user_login.sh \ No newline at end of file diff --git a/archived/bookworm/setup_scripts/install_for_target.sh b/archived/bookworm/setup_scripts/install_for_target.sh new file mode 100755 index 0000000..6d04152 --- /dev/null +++ b/archived/bookworm/setup_scripts/install_for_target.sh @@ -0,0 +1,18 @@ +#!/bin/sh +# Walks through the package names in the argument-selected files of +# apt-mark/ and ensures the respective packages are installed. +# +# Ignores anything in an apt-mark/ file after the last newline. +set -e +. ./misc.sh + +for target in "$@"; do + path="${aptmark_dir}/${target}" + # TODO: continue if file at $path not found, to get rid of dummy files + cat "${path}" | while read line; do + echo "$line" + if [ ! $(echo "${line}" | cut -c1) = "#" ]; then + DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=--force-confold install "${line}" + fi + done +done diff --git a/archived/bookworm/setup_scripts/migrate_borg.sh b/archived/bookworm/setup_scripts/migrate_borg.sh new file mode 100755 index 0000000..b08cf2d --- /dev/null +++ b/archived/bookworm/setup_scripts/migrate_borg.sh @@ -0,0 +1,17 @@ +#!/bin/sh +set -e +. ./misc.sh +. ../../misc.sh + +expect_n_args 1 "(old server IP)" "$@" +old_server="$1" +cp "${setup_scripts_dir}/misc.sh" /home/plom/ +cp "${setup_scripts_dir}/prepare_to_meet_server.sh" /home/plom/ +chown plom:plom /home/plom/prepare_to_meet_server.sh +su -lc "./prepare_to_meet_server.sh ${old_server}" plom +read -p'Hit Enter when you are done.' ignore +rm /home/plom/prepare_to_meet_server.sh +cp "${setup_scripts_dir}/mirror_dir.sh" /home/plom/ +su -lc "./mirror_dir.sh ${old_server} /home/plom/borg" plom +rm /home/plom/mirror_dir.sh +rm /home/plom/misc.sh diff --git a/archived/bookworm/setup_scripts/mirror_dir.sh b/archived/bookworm/setup_scripts/mirror_dir.sh new file mode 100755 index 0000000..d650165 --- /dev/null +++ b/archived/bookworm/setup_scripts/mirror_dir.sh @@ -0,0 +1,22 @@ +#!/bin/sh +# Mirror directory tree from remote to local server, keeping the path. +set -e +. ./misc.sh +. ../../misc.sh + +expect_n_args 2 "(server, directory)" "$@" +server=$1 +dir=$2 +path_package=/tmp/delete.tar + +eval `ssh-agent` +ssh-add +cd +ssh plom@"${server}" "cd \"${dir}\" && tar cf ${path_package} ." +scp plom@"${server}":"${path_package}" "${path_package}" +mkdir -p "${dir}" +cd "${dir}" +tar xf "${path_package}" +cd +rm "${path_package}" +ssh plom@"${server}" rm "${path_package}" diff --git a/archived/bookworm/setup_scripts/misc.sh b/archived/bookworm/setup_scripts/misc.sh new file mode 100644 index 0000000..30f8e8c --- /dev/null +++ b/archived/bookworm/setup_scripts/misc.sh @@ -0,0 +1,34 @@ +#!/bin/sh +set -e +debian_version="bookworm" +legal_system_names="x220 w530 h610m" +config_tree_prefix="${HOME}/public_repos/config/${debian_version}" +if [ ! -d "${config_tree_prefix}" ]; then + config_tree_prefix="${HOME}/config/${debian_version}" +fi +setup_scripts_dir="${config_tree_prefix}/setup_scripts" +aptmark_dir="${config_tree_prefix}/apt-mark" + +expect_setup_finished_file() { + filename="$1" + setup_script="$2" + if [ ! -f "${HOME}/${filename}" ]; then + echo "First need to run ${setup_script}." + false + fi +} + +get_system_name_arg() { + found=0 + for system_name_i in $legal_system_names; do + if [ "$1" = "$system_name_i" ]; then + found=1 + system_name="${system_name_i}" + continue + fi + done + if [ "$found" = 0 ]; then + echo "Need legal system name." + false + fi +} diff --git a/archived/bookworm/setup_scripts/prepare_to_meet_server.sh b/archived/bookworm/setup_scripts/prepare_to_meet_server.sh new file mode 100755 index 0000000..8e54ca5 --- /dev/null +++ b/archived/bookworm/setup_scripts/prepare_to_meet_server.sh @@ -0,0 +1,21 @@ +#!/bin/sh +# Do some of the steps necessary to SSH (key-based) with another server. +set -e +. ./misc.sh +. ../../misc.sh + +expect_n_args 1 "(server IP)" "$@" +target="$1" + +# We need a public key to copy over, so generate it if not found. +if [ ! -f ~/.ssh/id_rsa.pub ]; then + ssh-keygen -N "" +fi + +# Add target to ~/.ssh/known_hosts so we don't get +# asked for permission at inopportune moments. +ssh-keyscan -H "$target" >> ~/.ssh/known_hosts + +# Tell user what to do. +echo "APPEND FOLLOWING TO TARGET'S ~/.ssh/authorized_keys:" +cat ~/.ssh/id_rsa.pub diff --git a/archived/bookworm/setup_scripts/purge_nonrequireds.sh b/archived/bookworm/setup_scripts/purge_nonrequireds.sh new file mode 100755 index 0000000..95f2897 --- /dev/null +++ b/archived/bookworm/setup_scripts/purge_nonrequireds.sh @@ -0,0 +1,26 @@ +#!/bin/sh +# This script removes all Debian packages that are not of Priority +# "required" or not depended on by packages of priority "required" +# or not listed in the argument-selected files of apt-mark/. +set -e +. ./misc.sh + +# FIXME packages listed twice in the aptmark_dir get blacklisted? + +dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted +for target in "$@"; do + path="${aptmark_dir}/${target}" + cat "${path}" | while read line; do + if [ ! $(echo "${line}" | cut -c1) = "#" ]; then + echo "${line}" >> /tmp/list_white_unsorted + fi + done +done +sort /tmp/list_white_unsorted > /tmp/list_white +dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages +sort /tmp/list_all_packages > /tmp/foo +mv /tmp/foo /tmp/list_all_packages +comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black +apt-mark auto `cat /tmp/list_black` +DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove +rm /tmp/list_all_packages /tmp/list_white_unsorted /tmp/list_white /tmp/list_black diff --git a/archived/bookworm/setup_scripts/set_hostname_and_fqdn.sh b/archived/bookworm/setup_scripts/set_hostname_and_fqdn.sh new file mode 100755 index 0000000..929d8bc --- /dev/null +++ b/archived/bookworm/setup_scripts/set_hostname_and_fqdn.sh @@ -0,0 +1,50 @@ +#!/bin/sh +# Sets hostname and optionally FQDN. +# +# Calls hostname, writes to /etc/hostname and /etc/hosts. For /etc/hosts +# writing follows recommendations from Debian manual at +# +# (section "The hostname resolution") on how to map hostname and possibly +# FQDN to a permanent IP if present (we assume here any non-private IP +# and non-loopback IP returned by hostname -I to fulfill that criterion +# on our systems) or to 127.0.1.1 if not. On the reasoning for separating +# localhost and hostname mapping to different IPs, see +# . +# +# Ignores IPv6s. +set -e +. ./misc.sh +. ../../misc.sh + +expect_n_args 1 "(hostname, fqdn)" "$@" + +hostname="$1" +fqdn="$2" +echo "${hostname}" > /etc/hostname +hostname "${hostname}" + +final_ip="127.0.1.1" +for ip in $(hostname -I); do + if [ $(echo "${ip}" | grep ':' | wc -l) -eq 1 ]; then + continue + fi + range_1=$(echo "${ip}" | cut -d "." -f 1) + range_2=$(echo "${ip}" | cut -d "." -f 2) + if [ "${range_1}" -eq 127 ]; then + continue + elif [ "${range_1}" -eq 10 ]; then + continue + elif [ "${range_1}" -eq 172 ]; then + if [ "${range_2}" -ge 16 ] && [ "${range_2}" -le 31 ]; then + continue + fi + elif [ "${range_1}" -eq 192 ]; then + if [ "${range_2}" -eq 168 ]; then + continue + fi + fi + final_ip="${ip}" +done + +echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts +echo "${final_ip} ${fqdn} ${hostname}" >> /etc/hosts diff --git a/archived/bookworm/setup_scripts/setup_desktop.sh b/archived/bookworm/setup_scripts/setup_desktop.sh new file mode 100755 index 0000000..fe11b83 --- /dev/null +++ b/archived/bookworm/setup_scripts/setup_desktop.sh @@ -0,0 +1,56 @@ +#!/bin/sh +set -e +. ./misc.sh +. ../../misc.sh + +expect_n_args 1 "(system name)" "$@" +get_system_name_arg "$1" + +# Set up system without user environment. +cd "${setup_scripts_dir}" +if [ "$system_name" = "w530" || "$system_name" = "x220"]; then + ./_setup.sh "${system_name}" "" user desktop thinkpad "${system_name}" +else + ./_setup.sh "${system_name}" "" user desktop "${system_name}" +fi + +# # Set up printer. +# ppd_deb="hll2350dwpdrv-4.0.0-1.i386.deb" +# wget "https://download.brother.com/welcome/dlf103566/${ppd_deb}" +# dpkg --add-architecture i386 +# apt update +# apt install -y "./${ppd_deb}" +# service cups restart +# # lpadmin -p 'Brother_HLL2350DW' -m 'brother-HLL2350DW-cups-en.ppd' +# rm "./${ppd_deb}" +# # TODO explore potential lpadmin options like -o 'OutputMode=NormalGray' + +# Set up NVIDIA eGPU config. +if [ "$system_name" = "w530" ]; then + cd + git clone https://github.com/NVIDIA/open-gpu-kernel-modules + cd open-gpu-kernel-modules + git checkout 337e28e + # git checkout 4c29105335610933e744f4ab2524ea63fc39edaf + make modules -j$(nproc) + make modules_install + cd + driver_version=535.86.05 + # driver_version=545.29.06 + runscript=NVIDIA-Linux-x86_64-${driver_version}.run + wget https://us.download.nvidia.com/XFree86/Linux-x86_64/${driver_version}/${runscript} + rmmod nouveau + chmod u+x ${runscript} + ./${runscript} --no-kernel-modules --silent + depmod + # TODO I suspect that the GPU falling of the bus may be mildened by running nvidia-persistenced, check https://github.com/NVIDIA/nvidia-persistenced/tree/main/init +fi + +# Set up user environments. +cd "${setup_scripts_dir}" +./copy_dirtree.sh "${config_tree_prefix}/home_files" "/root" minimal root +adduser --disabled-password --gecos "" plom +usermod -a -G sudo plom +passwd plom +cp -a ~/config /home/plom +chown -R plom:plom /home/plom/config diff --git a/archived/bookworm/setup_scripts/setup_firefox.sh b/archived/bookworm/setup_scripts/setup_firefox.sh new file mode 100755 index 0000000..5466b67 --- /dev/null +++ b/archived/bookworm/setup_scripts/setup_firefox.sh @@ -0,0 +1,19 @@ +#!/bin/sh +set -e +. ./misc.sh + +# Install Firefox directly from Mozilla. +firefox_release="128.4.0esr" +firefox_filename="firefox-${firefox_release}.tar.bz2" +url_firefox="https://ftp.mozilla.org/pub/firefox/releases/${firefox_release}/linux-x86_64/en-US/${firefox_filename}" +wget "${url_firefox}" +mv "${firefox_filename}" /opt/ +cd /opt/ +tar xf "${firefox_filename}" +rm "${firefox_filename}" +ln -f -s /opt/firefox/firefox /usr/local/bin/ +update-alternatives --install /usr/bin/x-www-browser x-www-browser /opt/firefox/firefox 200 +update-alternatives --set x-www-browser /opt/firefox/firefox + +echo "TODO: Install uBlock Origin and tridactyl plugins, run :installnative and :source." + diff --git a/archived/bookworm/setup_scripts/setup_home.sh b/archived/bookworm/setup_scripts/setup_home.sh new file mode 100755 index 0000000..54f0db1 --- /dev/null +++ b/archived/bookworm/setup_scripts/setup_home.sh @@ -0,0 +1,109 @@ +#!/bin/sh +set -e +. ./misc.sh +. ../../misc.sh + +expect_n_args 1 "(system name)" "$@" +get_system_name_arg "$1" + +cd $setup_scripts_dir +./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}" + +secrets_dev="sdb" +source_dir_secrets="/media/${secrets_dev}/to_usb" +target_dir_secrets="${HOME}/tmp_secrets" +echo "Put secrets drive into slot for /dev/${secrets_dev}." +while [ ! -e /dev/"${secrets_dev}" ]; do + sleep 1 +done +stty -echo +printf "Secrets passphrase: " +read SECRETS_PASS +stty echo +echo "" # newline so user knows their input return was accepted +sudo -v +echo "${SECRETS_PASS}" | sudo pmount /dev/"${secrets_dev}" +cp -a "${source_dir_secrets}" "${target_dir_secrets}" +sudo chown -R plom:plom "${target_dir_secrets}" +sudo pumount "${secrets_dev}" +echo "You can remove /dev/${secrets_dev} now." + +# Set up iniitial non-public parts of infrastructure: SSH authentication. +ssh_dir=~/.ssh +cd "${target_dir_secrets}" +mkdir -p "${ssh_dir}" +echo "Setting up .ssh" +cp id_rsa ~/.ssh +stty -echo +ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub +stty echo +eval $(ssh-agent) +ssh-add +ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts + +# Fill ~/public_repos. +public_repos_dir="${HOME}/public_repos" +repos_list_file="${public_repos_dir}/repos" +mkdir -p "${public_repos_dir}" +cat "${repos_list_file}" | while read line; do + first_char=$(echo "${line}" | cut -c1) + if [ "${first_char}" = "#" ]; then + continue + fi + repo_name="${line}" + if [ ! -d "${public_repos_dir}/${repo_name}" ]; then + cd "${public_repos_dir}" + git clone plom@plomlompom.com:/var/repos/${repo_name} + fi +done + +# Remove redundant config repo copy. +config_tree_prefix="${public_repos_dir}/config/${debian_version}" +rm -rf ~/config + +# # Set up native messenger for tridactyl. +# version='ef9f02d0da258f68d7faf8898707f6d83d90d07a' +# curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash + +# Set up further non-public parts of infrastructure. +cd "${target_dir_secrets}" +script -c 'gpg --import secret_keys.asc' /dev/null +path_borgscript="${config_tree_prefix}//borg.sh" + +# borg setup +borgkeys_dir=~/.config/borg/keys +borgrepos_file=~/.borgrepos +tar xf borg_keyfiles.tar +mkdir -p "${borgkeys_dir}" +mv borg_keyfiles/* "${borgkeys_dir}" +# Sync org dir via borgbackup. For this we need the borgbackup servers +# in our .ssh/known_hosts file. +cat "${borgrepos_file}" | while read line; do + first_char=$(echo "${line}" | cut -c1) + if [ "${first_char}" = "#" ]; then + continue + fi + server=$(echo "${line}" | sed 's/.*@//') + ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts +done +BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull + +# .authinfo may not be present on every secrets drive yet +authinfo_file=.authinfo +if [ -f "${authinfo_file}" ]; then + cp "${authinfo_file}" ~ +fi +cd + +maildir=~/mail/maildir +# # Set up e-mail system. Note that we only do mbsync if the imap pass file +# # is found. It may not be present on every secrets drive yet, so we have to +# # deal with the possibility of it being absent at this point. +mkdir -p "${maildir}" # expected by mbsync/isync +if [ -f "${HOME}/${authinfo_file}" ]; then + mbsync -a + notmuch new +fi + +# # Final note on how to integrate tridactyl. +# echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start." diff --git a/archived/bookworm/setup_scripts/setup_nvidia.sh b/archived/bookworm/setup_scripts/setup_nvidia.sh new file mode 100755 index 0000000..d05c8d1 --- /dev/null +++ b/archived/bookworm/setup_scripts/setup_nvidia.sh @@ -0,0 +1,24 @@ +#!/bin/sh +set -e +. ./misc.sh + +# Set up NVIDIA eGPU config. +cd +# git clone https://github.com/NVIDIA/open-gpu-kernel-modules +# cd open-gpu-kernel-modules +# git checkout 337e28e +# # git checkout 4c29105335610933e744f4ab2524ea63fc39edaf +# make modules -j$(nproc) +# make modules_install +# cd +driver_version=535.86.05 +# driver_version=545.29.06 +runscript=NVIDIA-Linux-x86_64-${driver_version}.run +# wget https://us.download.nvidia.com/XFree86/Linux-x86_64/${driver_version}/${runscript} +set +e +rmmod nouveau +set -e +chmod u+x ${runscript} +./${runscript} --no-kernel-modules --silent +depmod +# TODO I suspect that the GPU falling of the bus may be mildened by running nvidia-persistenced, check https://github.com/NVIDIA/nvidia-persistenced/tree/main/init diff --git a/archived/bookworm/setup_scripts/setup_seedbox.sh b/archived/bookworm/setup_scripts/setup_seedbox.sh new file mode 100755 index 0000000..f641011 --- /dev/null +++ b/archived/bookworm/setup_scripts/setup_seedbox.sh @@ -0,0 +1,19 @@ +#!/bin/sh +set -e +. ./misc.sh +. ../../misc.sh + +expect_setup_finished_file setup_server_has_been_run setup_server.sh + +plom_home_dir=/home/plom + +cd "${setup_scripts_dir}" +cp "${config_tree_prefix}/home_files/seedbox/.rtorrent.rc" "${plom_home_dir}" +chown plom:plom "${plom_home_dir}/.rtorrent.rc" +./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" seedbox +./install_for_target.sh seedbox +mkdir "${plom_home_dir}/downloads" +chown plom:plom "${plom_home_dir}/downloads" +mkdir "${plom_home_dir}/session" +chown plom:plom "${plom_home_dir}/session" +systemctl enable rtorrent.service --now diff --git a/archived/bookworm/setup_scripts/setup_server.sh b/archived/bookworm/setup_scripts/setup_server.sh new file mode 100755 index 0000000..c854b95 --- /dev/null +++ b/archived/bookworm/setup_scripts/setup_server.sh @@ -0,0 +1,24 @@ +#!/bin/sh +# Next setup steps for a server whose login policy has just been set from +# the outside via ./init_user_login.sh or ./init_user_and_keybased_login.sh +set -e +. ./misc.sh +. ../../misc.sh + +expect_n_args 2 "(hostname, FQDN)" "$@" +hostname="$1" +fqdn="$2" +additional_arg="$3" + +# Set up basic server system. +cd "${setup_scripts_dir}" +./_setup.sh "${hostname}" "${fqdn}" server "$@" + +# If we have not yet set the shell for user plom, ensure it here. This +# is mostly for convenience. +usermod -s /bin/bash plom + +# Enable firewall. +systemctl enable nftables.service + +touch "$HOME/setup_server_has_been_run" diff --git a/archived/bookworm/setup_scripts/setup_static_website.sh b/archived/bookworm/setup_scripts/setup_static_website.sh new file mode 100755 index 0000000..bdfb7d3 --- /dev/null +++ b/archived/bookworm/setup_scripts/setup_static_website.sh @@ -0,0 +1,60 @@ +#!/bin/sh +set -e +. ./misc.sh +. ../../misc.sh + +expect_setup_finished_file setup_web_has_been_run setup_web.sh + +expect_n_args 1 "(website template, i.e. status.plomlompom.com, tube.plomlompom.com …)" "$@" +website_template="$1" +shift 1 + +mirror_ip="" +mirror_state="not mirroring automatically, since no IP given" +domain="${website_template}" +mail="plom+webmaster@plomlompom.com" +if [ "$#" -gt 0 ]; then + domain="$1" + if [ "$#" -gt 1 ]; then + mail="$2" + if [ "$#" -gt 2 ]; then + mirror_ip="$3" + mirror_state="mirroring automatically from ${mirror_ip}" + fi + fi +fi +echo "Assuming domain ${domain} and letsencrypt support mail address ${mail} and ${mirror_state}, abort and provide as arguments in this order if other desired! (Otherwise just hit Return.)" +read _ + +if [ ! -z "${mirror_ip}" ]; then + # Set up connection to old server. + cp "${setup_scripts_dir}/misc.sh" /home/plom/ + cp "${setup_scripts_dir}/prepare_to_meet_server.sh" /home/plom/ + chown plom:plom /home/plom/prepare_to_meet_server.sh + su -lc "./prepare_to_meet_server.sh ${mirror_ip}" plom + read -p 'Hit Enter when you are done.' ignore + rm /home/plom/prepare_to_meet_server.sh + + # Mirror dirs. + cp "${setup_scripts_dir}/mirror_dir.sh" /home/plom/ + su -lc "./mirror_dir.sh ${mirror_ip} /var/www/${website_template}" plom + rm /home/plom/mirror_dir.sh + rm /home/plom/misc.sh +fi + +# Install configs, set up firewall. +./install_for_target.sh "${website_template}" +./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" "${website_template}" +nft -f /etc/nftables.conf + +# Set up letsencrypt certificate. TODO: Is it auto-renewed? +ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default +certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}" +rm /etc/nginx/sites-enabled/default + +# Prepare NGINX. +sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" "/etc/nginx/sites-available/${website_template}.nginx" +ln -s "/etc/nginx/sites-available/${website_template}.nginx" "/etc/nginx/sites-enabled/${website_template}.nginx" + +service nginx restart + diff --git a/archived/bookworm/setup_scripts/setup_web.sh b/archived/bookworm/setup_scripts/setup_web.sh new file mode 100755 index 0000000..4807e8a --- /dev/null +++ b/archived/bookworm/setup_scripts/setup_web.sh @@ -0,0 +1,29 @@ +#!/bin/sh +set -e +. ./misc.sh +. ../../misc.sh + +expect_setup_finished_file setup_server_has_been_run setup_server.sh + +expect_n_args 1 "(domain name)" "$@" +domain="$1" + +# Install configs, set up firewall. +./install_for_target.sh web +./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web +nft -f /etc/nftables.conf + +chown plom /var/www + +# # Set up letsencrypt certificate. TODO: Is it auto-renewed? +# ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default +# certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}" +# rm /etc/nginx/sites-enabled/default + +# # Prepare NGINX for status.plomlompom.com. +# sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/status.plomlompom.com.nginx +# ln -s /etc/nginx/sites-available/status.plomlompom.com.nginx /etc/nginx/sites-enabled/status.plomlompom.com.nginx +# +# service nginx restart + +touch "$HOME/setup_web_has_been_run" diff --git a/archived/bookworm/setup_scripts/upgrade_from_older_release.sh b/archived/bookworm/setup_scripts/upgrade_from_older_release.sh new file mode 100755 index 0000000..c13b8ca --- /dev/null +++ b/archived/bookworm/setup_scripts/upgrade_from_older_release.sh @@ -0,0 +1,24 @@ +#!/bin/sh + +# Upgrade a fresh (!) system to Bookworm, as per [1]. Fresh, because: Don't +# expect any customized config files to survive this. If you run this on a +# remote machine, take care not to loose anything you need to re-connect, e.g. +# any relevant adaptations you did to /etc/ssh/sshd_config … + +set -e +. ./misc.sh +. ../../misc.sh + +path_sources_list="/etc/apt/sources.list" + +export DEBIAN_FRONTEND=noninteractive +apt update +apt -y -o Dpkg::Options::="--force-confnew" upgrade +apt -y -o Dpkg::Options::="--force-confnew" full-upgrade +cp "${config_tree_prefix}/etc_files/all${path_sources_list}" "${path_sources_list}" +apt clean +apt update +apt -y -o Dpkg::Options::="--force-confnew" upgrade +apt -y -o Dpkg::Options::="--force-confnew" full-upgrade +apt -y autoremove +cp "${local_path_sshd_config}" "${system_path_sshd_config}"