I've used Linux as my desktop system for 21 years now, starting my Linux voyage with GNOME 1 and RedHat 6.1 Cartman, using lots of different distros through the years (RedHat, SuSE, Mandrake, Debian, Ubuntu, Stormix, Progeny, Sidux, Ubuntu), desktop environments (WindowMaker, Fluxbox, KDE, GNOME 1-3), apps and scripts. This article describes where I'm currently at in my Linux story. Hope you enjoy reading how I've set everything it up and don't hesitate to send me feedback or suggestions.
Lean and mean
Operating system - Debian GNU/Linux buster/stable
After using RedHat the first two years, I started with Debian Potato back in 2001 and apart from a year using Arch, haven't used anything else.
For work, I've used a lot of RHEL, CentOS and Ubuntu (as well as some Solaris, FreeBSD, SuSE) but I've never been tempted to move away from Debian on my own machine. It's stable, rock solid and I know my way around it.
The drawback of Debian stable, is that the software is old. I'm normally 2 years behind my Arch, Ubuntu and Fedora using colleagues. To mitigate this, I run LXD system containers with Ubuntu, CentOS or whatever I need to get an environment with the versions I need.
But my base, the rock I build on, that stays at Debian stable.
This approach of using LXD when I need newer software is new. In the
passed, I've used APT pinning and pulled in newer packages from
Debian's testing
and, occasionally, unstable
pools. The problem is
that the system quickly becomes more testing
than stable
.
A better approach, I find, is to use
backports, but I currently appreciate
having a simple sources.list
with only the stable
pool +
security. I have a feeling my system is more stable with only sources
from stable
(no pun intended), but I haven't re-installed my machine
enough to have evidences of this. It's just a gut feeling.
Desktop environment - i3
Login manager - XDM
The more fancy ones like GDM have security issues and have botched my Bluetooth setup more than once, besides, I don't really need to switch DE, I'm happy with i3.
After logging in, my environment is set up with this .xsession script.
Text is king
Sometimes, I use my laptop as my main machine, other times, I ssh
into it and use it as a remote workstation. I therefore set up as much
as possible in text mode.
Colours
Text based Linux shouldn't stand much back from GUI based Linux IMO. To achieve this, it's paramount that everything supports 24 bit colours so that we get the same amount of colours GUI apps get to play with.
Create a termcap file for 24 bit colours
Create a xterm-24bit.terminfo file as is described in the GNU Emacs FAQ and installed it in your local termcap registry with:
$ tic -x -o ~/.terminfo xterm-24bit.terminfo
Set TERM to xterm-24bit
You can now use the above termcap file by setting the TERM
environment variable. You can either export it (put export
TERM=xterm-24bit
in your .bashrc
) or just put it in front of the
command you want to run with 24 bit colours:
$ TERM=xterm-24bit emacs -nw
Low latency SSH sessions
Compile mosh from source to get 24 bit colour support.
First, install dependencies:
# apt-get install \
autoconf \
protobuf-compiler \
libncurses-dev \
libssl-dev \
pkg-config
Then compile and install mosh
from source:
$ git clone https://github.com/mobile-shell/mosh
$ cd mosh
$ ./autogen.sh
$ ./configure
$ make
$ su -
# make install
This gives you mosh
with 24 bit colours which lets my use the most
colourful editor colour themes, and they're indistinguishable from the
GUI version.
Open links displayed on remote server in desktop browser
The Kitty terminal has this
covered out of the box. If a URL is anywhere in the terminal, I can
open it by doing Ctrl + Shift + e
and selecting which URL by the
number Kitty has inserted.
Have remote Emacs open links in the desktop browser
When links are rendered in Emacs, for instance when reading email in mu4e or viewing notes in org-mode, the URL is hidden, like on a web page. When running a GUI Emacs, hitting enter on these links will open them in the desktop browser. However, when Emacs runs on a remote machine, a hack is needed.
First off, I set Emacs to write all links to a file instead of opening them in Firefox:
(setq browse-url-generic-program "/home/torstein/bin/firefox"
browse-url-browser-function 'browse-url-generic)
Normally, this firefox
points to /usr/bin/firefox
or similar, but
on my server, it's a just a shell script:
#! /bin/bash
echo "$@" >> $HOME/tmp/links.txt
I then use ssh
to keep a local copy:
$ ssh ssh.example.com tail -f ~/tmp/links.txt > ~/tmp/links.txt
The final piece of the puzzle is this call to
inotify which
listens for changes to links.txt
and opens the last link written in
Firefox.
$ while inotifywait -e modify ~/tmp/links.txt; do firefox $(tail -1 ~/tmp/links.txt); done
Display images in the terminal
kitty can display images in the
terminal, even
over ssh
:
Run ssh
using the kitty ssh kitten:
$ kitty +kitten ssh remote.example.com
Then, on the remote server, install kitty
(yes, even though it
doesn't have X):
# apt-get install kitty
You can now view images by running:
$ kitty +kitten icat image.jpg
I find it useful to have the last command as an alias in my .zshrc
(same works in .bashrc
if you're using bash
):
alias icat='kitty +kitten icat'
Note that this doesn't
work in multiplexers
like screen
and tmux
.
Clipboard
I use greenclip as my clip board manager. This allows me to select as many copied items as I want to, not just the previous selection or text I hit Ctrl + c. After using a clipboard manager for many years, I can never go back to just having the default one, being able to only copy one text at a time.
Say I want to pay a bill in my online bank and I have the invoice as a
PDF. With greenclip
, I can copy the amount, the KID number and the
recipient's account number and em then swithc to my bank's web site
and paste them in one after another, without switching back and forth
between the bank site and the invoice PDF.
As front end for greenclip
, I use rofi via a i3
shortcut. That
even gives me fuzzy search, so if there's a password I paste often,
and I remember parts of it, like I know there's a double 7
in it, I
hit Ctrl + Alt + i to lauch rofi,
then type 77
and it's on my clipboard. I then switch to the
application where I need it and hit Shift +
Insert to paste it in.
Copy text to clipboard over SSH
Most of the time, I prefer using kitty's clipboard kitten, which allows me to copy text to the local clipboard with:
$ echo hello world | kitty +kitten clipboard
$ cat /etc/hosts | kitty +kitten clipboard
If I only need a line or two, I select the text with the mouse and it
goes straight to the local clipboard thanks to these settings in my
~/.conf/kitty/kitty.conf
:
copy_on_select yes
strip_trailing_spaces always
Security and privacy
Disk encryption
I've set up full disk
encryption
including the /boot
partition where the kernels reside.
Passwords
For several years now, I've had my passwords in the git backed, PGP encrypted password manager aptly named pass
Chat
My family and most of my friends are all on Signal, I believe they strike a good balance between convenience, privacy and security.
Surfing the web
After using Firefox Developer Edition for a long time, I've switched
to Firefox
ESR. It
works well for my use and it's wonderful that it comes with the
operating system, I only need to apt-get install
it from the default
repositories.
Browser extensions
To be a wee bit more secure and private when surfing the interweb, I use these browser plugins:
I also grown fond of these plugins:
The look
These days, I prefer the Sweet theme and have managed to hunt down or create configuration for most of the apps I use every day to use these colours.
- In Mozilla Firefox, I use the Minimal Dark Sweet
- In Google Chrome, I use the Dracula Chrome Theme - Dark and Minimal
- In Emacs, I use the sweet-theme, installed from MELPA.
- In Kitty, I've written my own sweet theme
- In i3, I've written my own sweet theme colour config
- In rofi, I've written my own sweet rasi file