diff --git a/Bashrc.wiki b/Bashrc.wiki index 8123a0a..a3f54fc 100644 --- a/Bashrc.wiki +++ b/Bashrc.wiki @@ -1,2 +1,26 @@ =Bashrc= +Current configuration can always be found at https://git.thurstylark.com/vcsh/bashrc.git + +---- + +==Prompt== + +---- + +==Profile== + +---- + +==Weechat== + +The alias portion of my [[Weechat]] configuration is set in the .bashrc like so: + +{{{class="prettyprint" +# If you don't have weechat installed, connect to the existing tmux session through mosh +[[ ! -s /usr/bin/weechat ]] && alias weechat='mosh vps -- tmux attach -dt weechat' +# If you are thurstylark-vps, connect to the existing tmux session locally +[[ "$HOSTNAME" = "thurstylark-vps" ]] && alias weechat='tmux attach -dt weechat' +}}} + +For more info, see the [[Weechat]] page. diff --git a/Cgit.wiki b/Cgit.wiki index a7b4724..d85dee0 100644 --- a/Cgit.wiki +++ b/Cgit.wiki @@ -1,5 +1,6 @@ =CGit= +Current configuration can always be found at https://git.thurstylark.com/cgit.git/tree ===Push To Deploy=== diff --git a/SSH.wiki b/SSH.wiki new file mode 100644 index 0000000..7e93a16 --- /dev/null +++ b/SSH.wiki @@ -0,0 +1,74 @@ +=SSH= + +---- + +==User-Specific Client Config== + +Most directives that can be set in the system-wide client configuration can be set by each user in `~/.ssh/config`. This snippit contains a collection of my most used options: + +{{{class="prettyprint" +SendEnv LC_* # Send all LC env vars to the host +AddKeysToAgent yes # If asked to unlock a password-protected private + # key, automatically add that key to the ssh-agent + # so you no longer need to reenter the password + # again this session + +# Example Host Definition +Host foo # Arbitrary String. Use this definition by running `ssh foo` + HostName foo.bar.com # Actual DNS Hostname or IP address of the server + Port 12345 # Port number to connect to + User thurstylark # Username on the server to connect as + IdentityFile ~/.ssh/id_rsa # Private key to use for authentication + ServerAliveInterval 300 # Interval in seconds before a keepalive packet is sent to the server + ServerAliveCountMax 3 # Declare the connection dead after no response to this many keepalive packets + HostKeyAlgorithms ssh-dss # Use ssh-dss for host-key algorithm checking (ssh-dss is insecure. Use something else) + KexAlgorithms +kex # Add 'kex' to the list of Key Exchange Algorithms available for use. + StrictHostKeyChecking no # Turn off Strict Host Key Checking for only this host (insecure) + UserKnownHostsFile /dev/null # Discard this hosts host key instead of storing in ~/.ssh/known_hosts (not recommended) + VisualHostKey yes # Always use randomart in place of host key sums +}}} + +===Directive Notes=== + +* `Host` + * Can also refer to an actual hostname. See "Host-Specific Keys" below. +* `ServerAliveInterval` and `ServerAliveCountMax` + * It's common for a firewall to cause problems keeping connections open, so tweaking these settings can help. See "Broken Pipe Remedy" below. +* `HostKeyAlgorithms` + * ssh-dss is less secure than the alternatives/defaults. Only use this if necessary. +* `KexAlgorithms` + * I use this to add `diffie-hellman-group1-sha1` to the available Key Exchange Algorithms for connecting to older hardware that doesn't accept any currently allowed kex algorithms. Diffie Hellman is quite insecure, so please use caution. +* `StrictHostKeyChecking` + * Several servers I connect to are descrete servers, but they all are accessed through a single IP Address with a randomized port number. This allows me to continue connecting to the host without stopping to delete a line from `~/.ssh/known_hosts` before connecting. + + +===Host-Specific Keys=== + +User-specific ssh configs make it stupid easy to create several keys for several different uses. For instance, this allows you to have a separate key for each service that you use, and allows you less headache should one key be compromised. + +For example: Github allows you to push to your remote repositories over ssh by adding a public key to your account. Ideally, you should create a keypair for this specific purpose, and name it something like 'github'. Then you can add something like this to your `~/.ssh/config`: + +{{{class="prettyprint" +host github.com + IdentityFile ~/.ssh/github +}}} + +Now, when your repo's origin url is set to something like `git@github.com:username/reponame.git`, ssh will automatically use your github key instead of needing to specify it in the command, or using your username and password with HTTPS every time. + +===Broken Pipe Remedy=== + +Often times a firewall or inconsistent connection can cause an ssh connection to be closed prematurely and give a "Write Failed: broken pipe" error message. Some firewalls are configured to close connections that have sent no data after a certain interval, thus causing a broken pipe error when the connection was otherwise healthy. This can usually be solved by sending data through the connection before that interval is up, thus resetting the firewall's timer. + +The `ServerAliveInterval` option sends a keepalive packet if no data has been received within the interval specified. All the keepalive packet does is request a response from the server to verify the connection is still good. By default, this option is disabled. + +Additionally, the `ServerAliveCountMax` option specifies the number of keepalive packets that may be sent without a response before ssh terminates the connection. By default this is set to `3`, but if your connection is unreliable, you can set this higher to give your server a better chance at responding the next time a keepalive packet is sent. + + It is important to note that messages sent by the `TTYKeepAlive` option are not sent through the encrypted channel and can be spoofed, but the "server alive" messages are sent through the encrypted channel and cannot be spoofed. Do not use `TTYKeepAlive` messages for determining the quality or security of a connection! See `ssh-config(5)` for more info. + +---- + +==SSH Host Configuration== + +===Google Authenticator=== + + diff --git a/Thurstylark-VPS.wiki b/Thurstylark-VPS.wiki index b2643c5..bc11a1d 100644 --- a/Thurstylark-VPS.wiki +++ b/Thurstylark-VPS.wiki @@ -7,3 +7,4 @@ Just a little Linode VPS running Arch, but it's a powerful little sucker. * [[Cgit]] * Apache * [[Weechat]] +* Custom Repo diff --git a/Weechat.wiki b/Weechat.wiki index 0e42719..6093ff5 100644 --- a/Weechat.wiki +++ b/Weechat.wiki @@ -1,5 +1,7 @@ =Weechat= +Current configuration can always be found at https://git.thurstylark.com/vcsh/weechat.git + Requirements: * Not dependent on graphical session (terminal-based client) diff --git a/Xinitrc.wiki b/Xinitrc.wiki new file mode 100644 index 0000000..ec95be0 --- /dev/null +++ b/Xinitrc.wiki @@ -0,0 +1,23 @@ +=Xinitrc= + +Source: https://git.thurstylark.com/vcsh/xinitrc.git + +---- + +==srandrd== + +---- + +==Screen Locker== + +---- + +==NumLock== + +---- + +==ssh-agent== + +---- + + diff --git a/i3.wiki b/i3.wiki new file mode 100644 index 0000000..c78b1c5 --- /dev/null +++ b/i3.wiki @@ -0,0 +1,142 @@ +=i3 Configuration= + +Source: https://git.thurstylark.com/vcsh/i3.git + +==j4-make-config== + +The final config that actually is read by i3 is created using j4-make-config. This is done in the [[Xinitrc]]. + +Simple usage: + +{{{class="prettyprint" +j4-make-config -a $(hostname).config archlinux +}}} + +This creates `~/.config/i3/config` by merging `~/.config/i3/config.base` and `~/.config/i3/$HOSTNAME.config`, and adds the 'archlinux' theme (included with j4-make-config). Optionally, you can add `-r` to tell i3 to reload the config after `j4-make-config` has completed. + +Since using `j4-make-config`, the command for reloading the config has been changed to the following: + +{{{class="prettyprint" +# rebuild and reload the configuration file +bindsym $mod+Shift+c exec "j4-make-config -r -a $HOSTNAME.config archlinux" +}}} + +===Reference=== + +https://github.com/okraits/j4-make-config + +---- + +==Media Keys== + +===Volume=== + +This differs depending on if you're using ALSA or Pulseaudio. Thus, I include these instructions in the host-specific configs instead of the base config + +ALSA: +{{{class="prettyprint" +# Alsa Volume controls +bindsym XF86AudioRaiseVolume exec --no-startup-id amixer set Master 5%+ #increase sound volume +bindsym XF86AudioLowerVolume exec --no-startup-id amixer set Master 5%- #decrease sound volume +bindsym XF86AudioMute exec --no-startup-id amixer set Master toggle # mute sound +}}} + +PulseAudio: +{{{class="prettyprint" +# PulseAudio Volume controls +bindsym XF86AudioRaiseVolume exec --no-startup-id pactl set-sink-volume @DEFAULT_SINK@ +5% #increase sound volume +bindsym XF86AudioLowerVolume exec --no-startup-id pactl set-sink-volume @DEFAULT_SINK@ -5% #decrease sound volume +bindsym XF86AudioMute exec --no-startup-id pactl set-sink-mute @DEFAULT_SINK@ toggle # mute sound +}}} + +===Brightness=== + +Brightness can be universal unless the utility for changing brightness differs between machines, so this snippit lives in the base config. + +{{{class="prettyprint" +# Sreen brightness controls (requires light(1) from the AUR) +bindsym XF86MonBrightnessUp exec light -A 10 # increase screen brightness +bindsym XF86MonBrightnessDown exec light -U 10 # decrease screen brightness +}}} + +===Playhead Control=== + +This also is universal if the same tool is being used across hosts. I use `playerctl` mainly for its compatibility with Spotify's Linux client. + +{{{class="prettyprint" +# Music Player controls +bindsym XF86AudioPlay exec --no-startup-id playerctl play-pause +bindsym XF86AudioNext exec --no-startup-id playerctl next +bindsym XF86AudioPrev exec --no-startup-id playerctl previous +}}} + +===References=== + +https://wiki.archlinux.org/index.php/Extra_keyboard_keys +https://wiki.archlinux.org/index.php/Advanced_Linux_Sound_Architecture#Keyboard_volume_control +https://wiki.archlinux.org/index.php/PulseAudio#Keyboard_volume_control +https://wiki.archlinux.org/index.php/Backlight +https://wiki.archlinux.org/index.php/Spotify#Global_media_hotkeys + + +---- + +==Screen Locker== + +The screen locker is already set up in [[Xinitrc]], so all that is necessary in the i3 config is to set the key combination that should spawn `xautolock -locknow`. + +{{{class="prettyprint" +# Ctrl+Alt+L to lock the screen +# Locker is set in ~/.xinitrc +bindsym Mod1+Control+l exec "xautolock -locknow" +}}} + +---- + +==i3Bar== + +This is another host-specific configuration, since `bar {}` has host-specific options apart from just the i3status config. It also includes the `j4-make-config` theme placeholder, since the theme definitions for the bar are separate from the main config. + +I'll only demonstrate the most complicated of my current i3bar configuration. The rest can be viewed on the git repo. + +{{{class="prettyprint" +bar { + status_command i3status -c ~/.config/i3/status/$HOSTNAME.config + tray_output primary + output eDP1 # Which display should i3bar be bound to? + # $i3-theme-bar +} +}}} + +---- + +==i3Status== + +Most of the i3Status configuration is pretty standard, and is well documented by [[https://i3wm.org/i3status/manpage.html|the upstream docs]], so I'll only document the specific directives I crafted/modified myself + +===Volume=== + +This directive chooses ALSA by default, PulseAudio can be specified by adding `device = "pulse"` to the end of this directive. + +{{{class="prettyprint" +volume master { + format = "🔈%volume" # U+1F508 + format_muted = "🔇" # U+1F507 +} +}}} + +===SPVPN=== + +This is a simple pidfile watcher used with one of my [[VPN]] configurations that gets started with systemd. + +{{{class="prettyprint" +run_watch SPVPN { + pidfile = "/var/run/spvpn@*.pid" +} +}}} + +---- + +==Nagbar== + +The nagbar is intensely annoying to encounter mainly because you can only use the mouse for interacting with it. It has been removed from my config altogether, and I plan on replacing it with dmenu in the future. diff --git a/index.wiki b/index.wiki index 38e1e5a..5e5429c 100644 --- a/index.wiki +++ b/index.wiki @@ -4,18 +4,29 @@ * [[Vimwiki]] -- This very wiki, and how it's hosted * [[Eudyptula Challenge]] -* Cgit -- Configuration and hosting of [[https://git.thurstylark.com/|git.thurstylark.com]] -* [[Automating Android App Builds]] -- Doccumentation of my setup for building AsteroidOS Sync from https://www.github.com/asteroidos/AsteroidOSSync +* [[Cgit]] -- Configuration and hosting of [[https://git.thurstylark.com/|git.thurstylark.com]] +* [[Automating Android App Builds]] -- Documentation of my setup for building AsteroidOS Sync from https://www.github.com/asteroidos/AsteroidOSSync + +===Dotfiles=== + +* [[Bashrc]] +* Tmux +* [[i3]] +* Vimrc +* [[Xinitrc]] -- Includes `srandrd` and X screen locker configuration +* Pkglists +* [[SSH]] + +===Misc.=== + +* st +* VPN === Reference === * [[Thurstylark-VPS]] -- All the services and little tweaks unique to my VPS * [[LetsEncrypt]] -- Usage of certbot, and relevant info for Apache configuration -===Dotfiles=== - -* [[Bashrc]] - === General === * [[Tasks]] -- Things to be done