Skip to content
My work environment
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
etc FF: fix white flash and white initial tab page Jun 6, 2019
home update FZF bindings May 6, 2019
scripts exclude when pass cmd is used to lookup password May 24, 2019
system-configuration
system-dependencies
.gitignore +livecd build script Feb 15, 2014
LICENSE.md +LICENSE May 30, 2019
README.md
arch-install.sh
provision.sh
pull-subtrees.sh remove old unused subtree pull Jan 14, 2019
ubuntu-remaster-livecd.sh rename remaster-livecd as is ubuntu specific Apr 3, 2019
user-configuration-naggie.sh
user-configuration.sh

README.md

This repository contains scripts that I use to provision my new computers/servers that I use day-to-day.

I maintain it so that I can be productive within 10 minutes of encountering a new or re-installed PC.

General Tools

Purpose Tool(s) Comments
Task management dstask See section on time management below. Another mental offload -- see GTD
Text editing vim / neovim FZF integration with gruvbox theme and polyglot syntax pack.
Password management pass Secured with Yubikey and GnuPG2, synchronised with git. Mental offload as it is no longer necessary to remember dozens of passwords. Browserpass used for Firefox integration.
Code search ripgrep + fzf See rgfzf and vimfzf commands in scripts/ and bindings below.
Version control git GnuPG2 used for code signing. GPG agent forwarded to remote hosts with gssh
SSH Agent GnuPG2 Used with a Yubikey. See my set up guide.
Security device Yubikey 5 Used with GnuPG2 to hold GPG keys and SSH key. Also used for 2FA.
Note taking git + vim / neovim I use a git repository of markdown files to organise ideas and other notes. Yet another mental offload.
Personal cryptography GnuPG2 Used with a Yubikey. See my set up guide.
Shell bash/zsh I used to use fish but it's incompatible with bourne shell which makes maintenance a pain.
Terminal multiplexing tmux Bindings adjusted to match vim
Terminal Alacritty GPU accelerated and minimal. I also use uxterm.
Terminal Font Hack Switched from Adobe Source Code Pro as 0 and 8 were too similar
Window management i3wm Much faster than Unity, Gnome 3 etc as there are no animations. See openbox if you don't like tiling window managers.

Specific tools

Purpose Tool(s) Comments
Web browser firefox Fast since Quantum. Animations disabled for speed.
VPN tinc Tinc has been 100% reliable and is able to work with most firewalls.
Disk space reclaim ncdu + tmpreaper Tools for clearing up disk space. I run the latter against /tmp/ with cron.
Server configuration ansible Idempotent, agentless configuration management. Used with git.
HTTP Client httpie curl alternative with better UX. Sometimes used with jq.
System backup restic
Cloud backup [rclone][39]
Diagramming draw.io Diagram creation software. See also dia, graphviz, tikz.
Music playback cmus Fast terminal music player. See also MPD, mopidy.
Audio/video conversion sox + ffmpeg + gstreamer
Web crawling httrack Better than wget for crawling (i.e. it works)
Document conversion pandoc See also pdflatex, which I use for formal reports.
Static blog hugo Chosen in an attempt to make myself stop writing blog engines and write articles instead.
Git history viewer tig

Notable features

  • Workflows and application configuration profiled for speed. See section on Latency for more information.
  • Prompt/hostname colour based on hostname to make it easy to distinguish between hosts.
  • SSH+GPG agent runs locally, forwarded remotely. SSH_AUTH_SOCK is synchronised between tmux sessions.
  • history is globally shared, as I use my history as a database to search
  • History is automaticall filtered: History is de-duplicated, most recent persists. History is also filtered leaving only useful commands. This increases the SNR in the history file about 5x, which makes searching the history using FZF quicker. History is only cleaned up on shell exit, so you won't lose your immediate history which allows for command correction.

Screenshot

Custom bindings

Binding Context Description
CTRL+p bash/zsh/vim Search current directory with FZF and launch editor with results. Tab to select multiple.
r <string> bash/zsh Search current directory with ripgrep for files containing <string>, filter with FZF and launch editor with results. Tab to select multiple.
CTRL+r bash/zsh History search using fzf.
tm bash/zsh Launch or connect tmux single session. This is automatic if there is already an unconnected session.
CTRL+s bash/zsh Prepend sudo to the prompt and move the cursor back to the end of the prompt.

See home/.aliases, bin/, home/.functions.sh and home/.tmux.conf for more handy shortcuts/wrappers/bindings.

Supported OSes

AKA the OSes I actively use.

  • Ubuntu 16.04 LTS Server (x86_64)
  • Ubuntu 18.04 LTS Desktop/Server (x86_64)
  • MacOS Mojave
  • Raspbian Stretch (armv7)
  • Arch linux (Desktop)
  • Raspbian Jessie
  • RHEL5
  • RHEL6
  • Ubuntu 11.10
  • Ubuntu 12.04 LTS
  • Ubuntu 14.04 LTS

One liners

Obviously inspect the script to see what it does before you run it. Note that it will clobber your settings files.

curl -sL https://github.com/naggie/dotfiles/raw/master/provision.sh | bash && bash

Ubuntu 17.04 does not have curl by default.

wget -O - https://github.com/naggie/dotfiles/raw/master/provision.sh | bash && bash

Latency and speed

The UI latency of modern computers has gotten progressively worse in the last 30 years despite advancement in clock speed and computing power. Worse yet, a lot of user interfaces actually needlessly add latency by introducing pointless animations. See https://danluu.com/input-lag/ for an in-depth investigation, and https://news.ycombinator.com/item?id=19443076 for insightful discussion.

The lowest possible latency is a target for my workflow and code in this repository. Too many user interfaces waste time on stupid animations or are just generally slow; working with a setup that is perceptually instantaneous is very pleasant and makes other systems feel irritating to use. Beyond the configuration here, here are some other things that may help reduce latency:

Things that noticeably help

  • Use an accelerated terminal such as kitty or alacritty
  • Turn all animations off where possible. For example, Firefox's "cosmetic" animations and "smooth" scrolling.
  • Profile and optimise application startup time
  • Use a SSD (preferably NVMe m.2 PCI-E based)
  • Use a tiling window manager (no 3D nonsense, animations or time spent adjusting windows)
  • Adjust keyboard repeat rate to the lowest setting
  • Mitigate Bufferbloat

Things that may help

  • Use a monitor with low latency and high refresh rate. Again, gaming monitors are usually optimised for this.
  • Use a keyboard with a fast polling rate and minimal debounce time. A lot of gaming keyboards such as the Corsair K70 are optimised for this. MX Speed switches may also help.

Tips

  1. Run a vim selection through a command with :!cmd. Useful for formatting as well as copying on a mac: !pbcopy. Write from the clipboard with r!pbpaste.
  2. Keep useful local environment variables in ~/.env-local.sh

Operational security

With major services being compromised more and more, good OPSEC is important. I use:

  1. 2FA (U2F) where possible
  2. A different password for every service (important to prevent attacker pivot)
  3. Yubikey (as an openPGP smartcard) to store my SSH and GPG keys. See my set up guide.
  4. Full-disk encryption for every device
  5. Lock-screen for every device
  6. Backup 2FA codes, backup passwords and master passwords are in a physical fire safe
  7. I may switch to a password manager (pass or Keepassxc)
  8. UBlock origin on Firefox
  9. HTTPS everywhere on Firefox
  10. Own web services configured with A+ rating from ssllabs (best cipher suite, protocol etc)
  11. Regular updates of all software
  12. Subscription to vulnerability mailing lists
  13. Don't forward SSH/GPG agent by default

LiveCD

On an ubuntu host, run remaster-livecd.sh with an xubuntu ISO to produce a remastered xubuntu LiveCD with dotfiles preinstalled. I use this preconfigured with ./install-naggie.sh to allow me to start using new or foreign PCs immediately.

It will soon be replaced with an arch equivalent.

Mode of operation

Dotfiles can provision a fresh install of an OS, or build a live/install CD. In order to manage the combinatorial complexity of supporting so many platforms, the install process has been changed to the following:

  1. bootstrap -- Installs git and ensures the repository exists. Can operate independently from this repository. Uses sudo Detects platform and executes all of the next steps:
  2. install-dependencies -- Installs dependencies for the given platform
  3. system-configuration -- Configures global system settings for all users for the given platform, eg keyboard layout. A UK keyboard and timezone is assumed.
  4. user-configuration -- Installs generic user-specific configuration. No root required from now on.
  5. user-configuration-naggie -- Patches user configuration with configuration specific to my identity

There are 2 more scripts:

  1. arch-create-livecd: will enter a chroot environment and run bootstrap as above.
  2. arch-make-rootfs: creates a fully provisioned rootfs for the installer script.
  3. arch-install: will install to a given hard drive interactively using a prepared rootfs tar archive.
You can’t perform that action at this time.