Random Stuff

Change keybord layout on arch permanently:

localectl set-x11-keymap de pc105

Console Neofetch

sudo pacman -S neofetch
sudo nano /etc/systemd/system/neofetch.service

Change conor to your username!
[Unit]
Description=Update /etc/issue with neofetch
Before=getty@tty1.service getty@tty2.service getty@tty3.service getty@tty4.service getty@tty5.service getty@tty6.service

[Service]
Type=oneshot
ExecStart=/bin/bash -c 'sudo -u conor neofetch | tee /etc/issue'

[Install]
WantedBy=multi-user.target

sudo systemctl enable neofetch

Unified Kernel Image Booting

This script will create .efi files for booting directly from your UEFI (I'm using coreboot with tianocore).

change kernel command line, esp location and check for right file locations (vmlinuz, initramfs, ...)

sudo nano /usr/bin/unikernelimg

#!/bin/bash

#check for root
if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root" 
   exit 1
fi

#directory with initramfs, EFI, etc.
ESP=/boot

#setup
mkdir /tmp/unikernelimg
mkdir -p $ESP/EFI/linux
cd /tmp/unikernelimg

#kernel commandline for default and fallback
echo "root=UUID=1677dcad-3458-4733-b975-05030376cef8 rw quiet vga=current loglevel=3 i915.fastboot=1 iomem=relaxed resume=UUID=ffc05108-e7d1-4e6a-91ec-4f0126512f19" >> cmdline
echo "root=UUID=1677dcad-3458-4733-b975-05030376cef8 rw iomem=relaxed resume=UUID=ffc05108-e7d1-4e6a-91ec-4f0126512f19" >> cmdline-fallback

#create unified initramfs with microcode
cat /boot/intel-ucode.img /boot/initramfs-linux-zen.img > uni-initramfs.img

#create default .efi
objcopy \
    --add-section .osrel="/usr/lib/os-release" --change-section-vma .osrel=0x20000 \
    --add-section .cmdline="/tmp/unikernelimg/cmdline" --change-section-vma .cmdline=0x30000 \
    --add-section .splash="/usr/share/systemd/bootctl/splash-arch.bmp" --change-section-vma .splash=0x40000 \
    --add-section .linux="$ESP/vmlinuz-linux-zen" --change-section-vma .linux=0x2000000 \
    --add-section .initrd="/tmp/unikernelimg/uni-initramfs.img" --change-section-vma .initrd=0x3000000 \
    "/usr/lib/systemd/boot/efi/linuxx64.efi.stub" "arch-default.efi"

#create fallback .efi
objcopy \
    --add-section .osrel="/usr/lib/os-release" --change-section-vma .osrel=0x20000 \
    --add-section .cmdline="/tmp/unikernelimg/cmdline-fallback" --change-section-vma .cmdline=0x30000 \
    --add-section .splash="/usr/share/systemd/bootctl/splash-arch.bmp" --change-section-vma .splash=0x40000 \
    --add-section .linux="$ESP/vmlinuz-linux-zen" --change-section-vma .linux=0x2000000 \
    --add-section .initrd="/boot/initramfs-linux-zen-fallback.img" --change-section-vma .initrd=0x3000000 \
    "/usr/lib/systemd/boot/efi/linuxx64.efi.stub" "arch-fallback.efi"

#move to esp
mv arch-default.efi $ESP/EFI/linux/
mv arch-fallback.efi $ESP/EFI/linux/

#cleanup
rm -rf /tmp/unikernelimg
echo "Done"

sudo chmod +x /usr/bin/unikernelimg
sudo unikernelimg

Add UEFI entries

sudo efibootmgr -c -d /dev/sda -p 1 -L Arch-Fallback -l "\EFI\linux\arch-fallback.efi"
sudo efibootmgr -c -d /dev/sda -p 1 -L Arch-Default -l "\EFI\linux\arch-default.efi"

pacman hook
sudo nano /etc/pacman.d/hooks/98-unikernelimg.hook

[Trigger]
Operation = Install
Operation = Upgrade
Type = Package
Target = linux

[Action]
Description = Updating Unified Kernel Images
When = PostTransaction
Exec = /usr/bin/unikernelimg

UFW Interface to Interface

ufw route allow in on <source-interface> out on <dest-interface> from <network/cidr>

Wireguard site to site notes

wget https://git.io/fjb5R -O easy-wg-quick
chmod +x easy-wg-quick
echo vpn.0xcb.dev > extnetip.txt
echo 19999 > portno.txt
echo 10.10.10.10 > intnetdns.txt
echo fdbc:dead:beef::c3ff:fe56:e45 > intnet6dns.txt
echo "10.11.11." > intnetaddress.txt
echo "fd90:dead:beef::" > intnet6address.txt
echo '10.10.0.0/20, fdbc:dead:beef::/64, 10.11.11.0/24, fd90:dead:beef::/64' > intnetallowedips.txt
nano add:

#!/bin/bash
echo Input client name:

read clientname

/root/easy-wg-quick $clientname

cp /root/wghub.conf /etc/wireguard

systemctl restart wg-quick@wghub

cat "wgclient_$clientname.conf"

chmod +x add
systemctl enable wg-quick@wghub.conf