Just deleted a bunch of words about linux after somebody asked for suggestions, because once I'd typed them out I kind of thought, I bet nobody else wants to live like this. Nobody's moving to Bouvet Island because Pitcairn Island or Alert are getting too mainstream.
Install Debian server edition, select ssh and nothing else. Immediately use the /usr/bin/policy-rc.d trick to disable future autostarting of any services.
Install screen, tmux, sway, cage, Firefox with ublock origin, noscript and disabling page-chosen fonts. Install nmtui and nmcli, glow, z, etc.
See: https://github.com/mhoye/moderntools/
Set user TasksMax to 95%. Install pulseaudio.
Set up htop and dmesg on tty11/tty12 respectively. Do not do this in prod. This is for pets, not cattle.
Next: aliases.
(Oh, also: install gedit, foot, toot, w3m.)
Now, put your own ~/bin/ at the front of $PATH and create your set of bash aliases. They mostly look like:
ff="cage -s firefox"
ddg="w3m lite.duckduckgo.com"
They mostly end with >& /dev/null && clear"
Set up the per-project shell history hack: https://gist.github.com/mhoye/469ed97d7887b451da5d45b87acb53f5
Set your console font. I made one - https://github.com/mhoye/city99 - but it's like cooking. Might be better to make your own, but if you can't, store bought's fine.
Finally, as you start doing more things regularly, start making more aliases for them. History | uniq -c | sort -n periodically will tell you what you should make a short, memorable aliases for.
Cage is a Wayland kiosk tool - it runs one program full screen, the -s option lets you switch away or back via c-a-Fn#. The only thing I think I'm missing here is something that automounts/ejects USB drives under ~/mnt, which I believe is possible in console-land but haven't figured out.
So: why? This is not the easy path. Exactly zero other people in the world have the computer problems I have now; error messages that do not exist anywhere except my screen and the program source if I'm lucky are part of my life. If something doesn't work, I'm on my own.
Honestly, the real reason is "because you're not the boss of me, that's why". I did this because I'm more stubborn than I am smart and I wanted to. Maybe why I wanted to will resonate with you, though.
First of all: it’s fast. As in "fast like computers are supposed to feel" fast.
The creator of Grep once famously said, the best way to make programs fast is to make them do almost nothing, and this computer - which is running a little four-core ARM SOC - feels responsive and snappy in a way that _nothing_ ever does anymore.
Second, it is - for the most part - comprehensible. At least as far as I can make it, building on the shifting sands of Systemd's treachery and DBus' ersatz convenience.
The other "do as little as possible by default" payoff is battery life. I haven't quantified it yet.
But the biggest reason is: this is my computer. A monument to some weirdo's idiosyncrasies, sure, but I'm the weirdo in question.
It never feels like the ghost of somebody's KPIs are rattling their chains in my attic or some sort of business-model chiropractor is about to refault my settings that are just a little too misaligned with their getting their bonus. It's just me, figuring it out.
@mhoye But sometimes it's worth knowing what the alternatives are, even if you don't adopt them. A penny for your thoughts?
@mhoye mind if I add in a couple of suggestions, with justifications?
@gnomon Of course.
- fail2ban to make the ssh service more resilient to brute force attacks
- etckeeper early on to keep /etc *and apt-get operations* logged and under version control. (Daily autocommits will also catch manual edits.)
- rsyslog & logrotate, because journalctl is of questionable utility
- smartmontools, mmc-utils, lm-sensors, fancontrol, i2c-tools, read-edid, dmidecode to read hardware & runtime info from various subsystems (temperature, wear levels, fault detection/correction, etc)
@mhoye then, in terms of personal user account configuration, three tricks have done me a lot of good:
1. installing gitwatch(1) and adding it as a user service to keep my ~/.config/ under version control, using inotify to trigger git commits when config files are changed
2. putting all my aliases and shell functions under ~/.bash.d/, one file per function, and loading them from my bashrc
3. putting all my dotfiles under version control _efficiently_ with one git init command & an alias: ...
```
git init ~/.dotfiles
git -C ~/.dotfiles config set 'status.showUntrackedFiles' 'no'
git -C ~/.dotfiles config set 'core.excludesFile' ~/.dotfiles_ignore
```
And the alias:
```
alias dotfiles='/usr/bin/git --git-dir=$HOME/.dotfiles/ --work-tree=$HOME'
```
Then I explicitly `dotfiles add …` anything I want tracked, and add entries in ~/.dotfiles_ignore for any files that might contain credentials or secrets, as a safeguard against my own inattention.
@gnomon @mhoye Are your dotfiles in a publicly available repo at all? Usually around the end of the year when I have probably more time than is healthy for me I start looking for new yak shaving projects like “How does this other person structure their dotfiles” to add to the list of other exercises in bovine barbering (like go through the password manager and clean up the rest of the hand-generated passwords with better randomly-generated ones).
@steevmi1 alas, they are not at the moment. I have about a half decade of history in there, including some accidents prior to installing those safeguards I mentioned, plus things like my postal address, GPS coordinates (for sunrise/sunset calculations and weather forecasts) - stuff that opsec dictates shouldn't really be public. I'd quite like to clean it up for publication at some point though.
@mhoye Suggest pmount for console-based mounting without needing root.
@kbm0 Thank you, I'll take a look.
@mhoye @kbm0 The tool I use is https://github.com/fernandotcl/udisks-glue with a configuration file that basically says to automount everything; I believe it works through udev events. pmount looks better if you want full manual control over the process, rather than sticking in a USB stick and voila, there's something in /mnt.
(Sometimes this is what I want. Sometimes, well, not so much. So far I've mostly lived with the magic.)
@mhoye I have been on both sides of this scenario — these days I keep things on my MacBook as stock as possible.
I have to use a work-supplied MacBook and appreciated my current approach when I had everything I needed up and running in a few hours and without having to copy over personal files onto a work computer.
@grmpyprogrammer There are definitely places where an appliance looks like the right tool, for sure. This is specifically not a work device, this is A Personal Computer.
@mhoye@mastodon.social Talking about battery life, how do you keep an eye on power usage in console land? So that it doesn't suddenly shut down in the middle of things.
@brecht On this specific computer, the situation is pretty manual, which is sort of unhappy-making. On other less exotic hardware, TLP and shoving the remaining percentage into $PS1 will usually save you.
@mhoye have you given Alpine a try? NixOS? I like how both allow for minimalism.
@nelson For a while - the systemd people broke schroot recently - I had Alpine set up as an alternate under this system, wrapped by a script called “become”. I could type “become alpine” and the system would. It was nice.
I haven’t tried NixOS yet - it… does not seem minimalist to me? More like what appears to be minimalism as an incidental byproduct of functional maximalism.
@mhoye I use Proxmox to let me have different flavors of LXC containers and VMs. I use Alpine a lot as the base system for things like Plex or Gotify.
I haven't used NixOS for real, it is not minimal in the sense of systemd, etc. But I like the declarative approach and wonder if Nix could be the basis of a much smaller Linux.
@nelson I definitely think there’s room out there for an “Ubuntu of NixOS”, in the same way nonspecialist-human-centric defaults of early Ubuntu were such a huge revelation in accessibility for Linux.
@mhoye SixOS: NixOS but with S6 instead of systemd. https://lobste.rs/s/kgqpqy/sixos_nix_os_without_systemd
@mhoye oh did you see that systemd 257 announced a new focus on an API to replace its own use of dbus, called varlink?
https://lwn.net/SubscriberLink/1002398/d8e7bd4a6107e0a7/
https://lwn.net/Articles/742675/ (from 2018, earlier announcement)
> Poettering noted¹ that one might say that documentation for sd-json and sd-varlink is ""barely existing"", but there are examples of using them within the systemd source tree.
@gnomon "we let the linux audio guy have init and now he's working at Microsoft" continues to go as well as that sounds like it would.
@mhoye @gnomon everyone loves systemd, the cool tool for a general purpose computer (10 minutes later) welcome to my ted talk about dm-verity, which totally isn't going to set us up for another android style "your banking app won't run on this rooted device" attestation bullshit disaster, trust me bro
@mhoye I sincerely do not know if this is human-generated text or whether you've finally given into the dark side and handed control of your account to some bastardized cross between a teenager's "hey I built my own LLM trained on stuff the public library was throwing out" and a comedy sketch delivered by John Cleese with a perfectly straight face. Well done, sir - well done.
@gvwilson I dispute your position that this would be "the dark side".
@mhoye You mentioned "Debian server edition" but you seem to be running X11 or Wayland. Is this actually Ubuntu?
@mhoye Fair enough! What is the advantage over using X with one of the old-style window managers like twm or Open box?
@kbm0 You could do either or both. Right now if you care about longevity the whole Linux graphical apps ecosystem is in such a terrible state. Wayland is mostly where things are going and is still all kinds of half-baked, a ton of useful X programs _will never_ be ported over, it's really a mess.
@mhoye Agreed. I miss the ability to do remote X11 which is sadly disappearing from many applications, not so much due to Wayland as dbus integration. I've not found the need to do Wayland at all though: If you are an old school Unix guy running Debian then I would heartily recommend one of the old X11 Window managers, they still work very well.
@kbm0 Yeah, ssh -X used to be damn near magic.
@mhoye Oh, I love the idea of htop and dmesg on high ttys, I've never thought of that :) thanks!