User:Bjeanes/My setup

General

User:Altercation/Bullet_Proof_Arch_Install

Exceptions / Changes

Make /var/tmp, /var/log, and /var/cache BTRFS subvolumes. This will mean root volume snapshots don't preserve cache and also mean that when restoring a root snapshot, latest logs will still be preserved.

Use linux instead of linux-zen.

From /mnt chroot, before booting into system

pacman -S linux-firmware for wifi, BT, etc

echo KEYMAP=colemak > /etc/vconsole.conf

Post-boot setup

Change MAKEFLAGS="-j2" to MAKEFLAGS="-j$(nproc)" in /etc/makepkg.conf to use more threads (based on CPU).

Set up dev deps: sudo pacman -S --needed base-devel git

Install yay-bin^AUR (or yay^AUR):

$ cd ~/.cache
$ git clone https://aur.archlinux.org/yay-bin.git
$ cd yay-bin
$ makepkg -si
$ yay --save --noanswerclean --noanswerdiff --noansweredit --nocleanmenu --nodiffmenu --noeditmenu --noremovemake --nocleanafter --batchinstall

pacman -S wayland gdm gnome-terminal gnome-shell gnome-session gnome-tweaks gnome-keyring gnome-control-center gnome-bluetooth gnome-online-accounts gnome-screenshot tracker
systemctl enable gdm
systemctl start gdm

Snapshotting

timeshift^AUR and snapper are both reasonable options. Timeshift has a better UI and seems to be a nicer restore experience, but it is pretty picky about the setup and is not as well documented outside of Ubuntu.

Snapper

See Snapper.

Install snapper, snap-pac, and snapper-gui-gitAUR

$ yay -S snapper snap-pack snapper-gui-git

Create snapper configs

$ sudo snapper -c root create-config /
$ sudo snapper -c home create-config /home

Adjust permissions to make it more ergonomic (and less use of sudo):

$ chmod a+rx /.snapshots /home/.snapshots
$ chown :wheel /.snapshots
$ chown :users /home/.snapshots

Change ALLOW_USERS to include your user in /etc/snapper/configs/config (both root and home) and set SYNC_ACL="yes". Optionally, set ALLOW_GROUPS="wheel" in root config and ALLOW_GROUPS="users" in home config.

Unfortunately, snapper create-config creates subvolumes directly under the volumes it is snapshotting. This is fine but not ideal. If you have to restore a snapshot, you'll have to re-home those subvolumes or cross-mount them else you'll just have an empty .snapshots directory. So, as an optional improvement, you can move those snapshots subvolumes elsewhere (e.g. under root subvol) and add mounts to put them back in place. snapper doesn't seem to care. There may be a way to do this prior to snapper create-config, but I did:

As root

# mount o=defaults,x-mount.mkdir,compress=lzo,ssd,noatime LABEL=system /.btrfs-root # replace LABEL=system with whatever your BTRFS partition is
# cd /.btrfs-root
# mkdir -p snapshots
# mv @/.snapshots snapshots/@
# mv @home/.snapshots snapshots/@home

Add mount entries:

/etc/fstab

LABEL=system /.snapshots btrfs rw,noatime,compress=lzo,ssd,space_cache,subvol=snapshots/@ 0 0
/etc/fstab

The locate of your snapshots volume doesn't really matter. What's important is that it is a sibling not a child of the subvolume being snapshotted. Again, this is optional, but does make restoring to an older snapshot way simpler later.

Follow Snapper#Backup_non-btrfs_boot_partition_on_pacman_transactions to copy /boot into root volume before transaction if the a linux* package is being synced.

Follow Snapper#updatedb to exclude .snapshots from locate DB.

Enable snapper automated snapshots

$ systemctl enable --now snapper-timeline.timer # take regular snapshots
$ systemctl enable --now snapper-cleanup.timer  # cleanup old snapshots
$ systemctl enable --now snapper-boot.timer     # take a snapshot on successful boot

Timeshift

See this blog post for good information on this.

timeshift^AUR is really nice (UI-wise and for restoring) and timeshift-autosnap^AUR exists to wrap around pacman installations. However, it demands that the BTRFS subvolume layout is always @ for the root system and @home for the home subvolume. It does not support other subvolumes.

Nonetheless, this should be sufficient to install it:

Install timeshiftAUR, timeshift-autosnapAUR, and cronie

$ yay -S timeshift timeshift-autosnap cronie
$ systemctl enable --now cronie.service

Run timeshift to configure.

Emoji

1. Install ibus-uniemoji^AUR
2. Install an emoji font (such as noto-fonts-emoji; see Fonts#Emoji_and_symbols)
3. Add Uniemoji to GNOME input sources
4. Log out and back in again.
5. Workaround Firefox font issues Firefox#Font_troubleshooting, if present

Other packages

On both my current Arch machines, I've been experiencing issues importing GPG keys from the default key server. Following this forum post, I was able to rectify it with:

echo keyserver pool.sks-keyservers.net | tee -a ~/.gnupg/gpg.conf | sudo tee -a /etc/pacman.d/gnupg/gpg.conf

Install packages:

yay -S aur/git-delta-bin bat zerotier-one unzip ttf-dejavu ttf-droid tree the_platinum_searcher the_silver_searcher terminus-font rsync nemo-preview nemo-terminal nemo-dropbox nemo-fileroller nemo-megasync nemo-image-converter nemo-emblems youtube-dl kitty keybase-gui keybase-zsh-completion-git jq hunspell-en_AU hunspell-en_GB hunspell-en_US gnome-shell-extension-emoji-selector-git git-nautilus-icons flatpak docker docker-compose discord slack-desktop chromedriver awesome-terminal-fonts asdf-vm 1password-bin reflector

• git-delta-bin^AUR - delta command produces much nicer diffs than default git diff
• bat - a cat clone with syntax highlighting, built-in pager, and more

Enable ZeroTier

systemctl enable --now zerotier-one.service
sudo cat /var/lib/zerotier-one/authtoken.secret > ~/.zeroTierOneAuthToken # to be able to skip using `sudo`

Fix ZeroTier#Slow_shutdown.

Install reflector according to Reflector. Edit /etc/xdg/reflector/reflector.conf to just use appropriate countries (i.e. AU, NZ, SG).

TODO

• OpenSnitch (and upload my existing rule set somewhere)

Dell XPS 8930 (Tower)

Run systemctl enable --now NetworkManager. If networkmanager is not yet installed, temporarily use systemd-networkd (which IIUC is part of base) to get a network to install it. Disable and delete config after done:

/etc/systemd/network/20-wired.network

[Match]
Name=enp4s0

[Network]
DHCP=yes

systemctl enable --now systemd-networkd

NVIDIA drivers

In logs:

[    4.236963] nvidia-gpu 0000:01:00.3: i2c timeout error e0000000
[    4.236965] ucsi_ccg 0-0008: i2c_transfer failed -110
[    4.236967] ucsi_ccg 0-0008: ucsi_ccg_init failed - -110

Based on this forum post, the fix is simply installing the nvidia drivers. Regardless, I'm opting to do this for the best performance out of the card in this tower, until I can replace it with an AMDGPU.

yay -Sy nvidia nvidia-settings nvidia-utils
reboot

With NVIDIA drivers, can install nvidia-container-toolkit^AUR to have GPU-accelerated Docker images. Follow Docker#Run_GPU_accelerated_Docker_containers_with_NVIDIA_GPUs

Dell XPS 9370 (13" laptop)

Dell_XPS_13_(9370)

Set the machine to enter S3 deep sleep mode. Add quiet mem_sleep_default=deep to the Kernel parameters.

Enable GuC/HuC by adding i915.enable_guc=2 to kernel parameters (Intel_graphics#Enable_GuC_/_HuC_firmware_loading).

TODO

• Switch to Chrony (See Laptop#Network_time_syncing)
• Get hibernate working with my random-key encrypted swap :|
  • The steps on Dm-crypt/Swap_encryption seem reasonably straight forward. It would require storing a swap encryption key on the (encrypted) root volume, so that the mkinitcpio hook can decrypt swap at boot time before resume module take effect. The only missing link is how/when to rotate this key. I am not sure how yet, but a non-resume boot could potentially overwrite the key before swap is enabled, or replace the key after swap is turned off on a shutdown.
• Hibernate on low battery (See Laptop#Hibernate_on_low_battery_level). Depends on getting hiberate work as above.
• See if PSR works to perhaps improve battery life: https://hansdegoede.livejournal.com/18653.html. Dell_XPS_13_(9370)#Power_Saving claims it doesn't work, but I'd like to determine for myself that this is (still) true.
• Disable touch screen (disabling in BIOS has for some reason not been effective)