26.09.2021»»воскресенье

Install Fedora Free Repo

26.09.2021

To enable the Free repository, click the RPM Fusion free for Fedora version link on the page, where version is the Fedora release you are using. This prompts you to save or open the repo file. Open the file using the Software Install application. The Software application opens.

By clicking on and downloading Fedora, you agree to comply with the following terms and conditions.

By downloading Fedora software, you acknowledge that you understand all of the following: Fedora software and technical information may be subject to the U.S. Export Administration Regulations (the “EAR”) and other U.S. and foreign laws and may not be exported, re-exported or transferred (a) to any country listed in Country Group E:1 in Supplement No. 1 to part 740 of the EAR (currently, Cuba, Iran, North Korea, Sudan & Syria); (b) to any prohibited destination or to any end user who has been prohibited from participating in U.S. export transactions by any federal agency of the U.S. government; or (c) for use in connection with the design, development or production of nuclear, chemical or biological weapons, or rocket systems, space launch vehicles, or sounding rockets, or unmanned air vehicle systems. You may not download Fedora software or technical information if you are located in one of these countries or otherwise subject to these restrictions. You may not provide Fedora software or technical information to individuals or entities located in one of these countries or otherwise subject to these restrictions. You are also responsible for compliance with foreign law requirements applicable to the import, export and use of Fedora software and technical information.

Please feel free to raise any comments or issues on the website’s Github repository. Pull requests are very much appreciated.

In the following I will go through my post installation steps, i.e. which settings I choose and which apps I install and use.

Basic Steps

Go through welcome screen

This is self-explanatory. Usually I already set up Online Accounts for Nextcloud.

Get Thunderbolt Dock to work and adjust monitors

I use a Thunderbolt Dock (DELL TB16) with three monitors, which is great but also a bit tricky to set up. The most important step is to check in “Settings-Privacy-Thunderbolt”, whether “Dell Thunderbord Cable” and “Dell Thunderbord Dock” are both set to “Authorized”. You may need to go into your BIOS to make some changes as outlined on the Dell TB16 Archwiki. I noticed that sometimes I just need to plug the USB-C cable in and out a couple of times or turn it around to make it work. A reboot might help as well. Once it works, it usually keeps working, so this is annoying just for a short time :-) Once it works, I can arrange my three monitors in “Settings-Display”.

Wayland or Xorg

Maps

By Default Wayland is enabled. If you have a Nvidia card this is not working well, so you would have to disable it. Also MATLAB seems to work better on Xorg than Wayland, but I still need to test this. Anyways, on my Dell XPS 13 I usually stick to Wayland, whereas on my Dell Precision 7520 I disable it by uncommenting WaylandEnable=false and adding DefaultSession=gnome-xorg.desktop to the [daemon] section of /etc/gdm/custom.conf:

Next time you reboot the system it will boot into an Xorg Gnome session.

Nvidia

If you have a Nvidia card, run Xorg and the following:

DNF flags

I add some flags to the dnf conf file to speed it up:

Set hostname

By default my machine is called localhost; hence, I rename it for better accessability on the network:

Check locales

Let’s check if the locales and timezone is correctly set:

Looks good, if not see the help file on the two commands or change locales and timezone in Gnome-Settings.

btrfs filesystem optimizations

Fedora has not optimized the mount options for btrfs yet. I have found that there is some general agreement on the following mount options if you are on a SSD or NVME:

  • ssd: use SSD specific options for optimal use on SSD and NVME
  • noatime: prevent frequent disk writes by instructing the Linux kernel not to store the last access time of files and folders
  • space_cache: allows btrfs to store free space cache on the disk to make caching of a block group much quicker
  • commit=120: time interval in which data is written to the filesystem (value of 120 is taken from Manjaro’s minimal iso)
  • compress=zstd: allows to specify the compression algorithm which we want to use. btrfs provides lzo, zstd and zlib compression algorithms. Based on some Phoronix test cases, zstd seems to be the better performing candidate.
  • discard=async: Btrfs Async Discard Support Looks To Be Ready For Linux 5.6

So add these options to your btrfs subvolume mount points in your fstab:

Note that I also add a mountpoint for the btrfs root filesystem (this has always id 5) for easy access of all my subvolumes in /btrfs_pool. You would need to restart to make use of the new options. I usually first run updates and restart prior to restoring my backups, such that my restored files are using the optimized mount options such as compression.

Furthermore, as I am using btrfs discard support, let’s check whether the discard option is passed on in /etc/crypttab (as I am using LUKS to encrypt my drives):

As both fstrim and discard=async mount option can peacefully co-exist, I also enable fstrim.timer:

Install updates and reboot

Fish - A Friendly Interactive Shell

I am trying out the Fish shell, due to its user-friendly features, so I install it and make it my default shell:

You will need to log out and back in for this change to take effect. Lastly, I want to add the ~/.local/bin to my $PATH persistently in Fish:

Also I make sure that it is in my $PATH also on bash:

If it isn’t then I make the necessary changes in my .bashrc, see below.

Gnome Extensions and Tweaks

Let’s install the extensions app, Gnome Tweaks, and some extensions:

I install Sound Input & Output Device Chooser using Firefox. Lastly, I also like Pop Shell, see below how to install it.

In Gnome Tweaks I make the following changes:

  • Disable “Suspend when laptop lid is closed” in General
  • Disable “Activities Overview Hot Corner” in Top Bar
  • Enable “Weekday” and “Date” in “Top Bar”
  • Enable Battery Percentage (also possible in Gnome Settings - Power)
  • Check Autostart programs

Additional repositories

I enable third party repositories by going into Software -> Software Repositories -> Third Party Repositories -> Enable All. I go through the list and enable all the repositories I think I need such as RPM Fusion NVIDIA Driver. Then I run

to enable the RPM Fusion free and nonfree repositories. Afterwards I run

Checkout sudo dnf grouplist -v to see available groups you might be interested in.

Flatpak support

Flatpak is installed by default on Fedora Workstation, but one needs to enable the Flathub store:

Snap support

Enabling snap support boils down to running the following commands:

Repo

The restart is needed to ensure snap’s paths are updated correctly. After the reboot, check whether there are any updates:

Restore from Backup

I mount my LUKS encrypted backup storage drive using nautilus (simply click on it in the file manager). Then let’s use rsync to copy over my files and important configuration scripts:

SSH keys

If I want to create a new SSH key, I run e.g.:

Usually, however, I restore my .ssh folder from my backup (see above). Either way, afterwards, one needs to add the file containing your key, usually id_rsa or id_ed25519, to the ssh-agent:

Don’t forget to add your public key to GitHub, Gitlab, Servers, etc.

Pop theme

I love the experience and theming of Gnome in Pop!_OS, so I make Fedora look and behave similarly:

Install Pop-Shell Tiling Extension

Logout and Login, then activate it in the Extensions App (I usually don’t activate Native Window Placement) and you get an icon in your system tray. Turn on Tiling by clicking on the icon. Note that this will overwrite several Keyboard shortcuts, which is for me a good thing as I am quite used to the shortcuts in Pop!_OS. If you want to be able to view these shortcuts in the icon in the tray, run the following:

Pop GTK theme

The following installs the Pop!_OS GTK theme:

Pop icon theme

The following installs the Pop!_OS icon theme:

Pop fonts

For fonts, install

and then go into Gnome Tweaks and make the following changes in Fonts:

  • Interface Text: Fira Sans Book 10
  • Document Text: Roboto Slab Regular 11
  • Monospace Text: Fira Mono Regular 11
  • Legacy Window Titles: Fira Sans SemiBold 10
  • Hinting: Slight
  • Antialiasing: Standard (greyscale)
  • Scaling Factor: 1.00

Pop Gnome Terminal Theme

Open gnome-terminal, go to Preferences and change the Theme variant to Default in the Global tab. Then create a new Profile called Pop with the following settings:

  • Text
    • Custom font: Fira Mono 12
    • Deactivate Terminal bell
  • Colors
    • Deactivate Use colors from system theme
    • Built-in schemes: Custom
    • Default color: Text #F2F2F2 Background: #333333
    • Bold color (unchecked) #73C48F
    • Cursor color (checked): Text #49B9C7 Background: #F6F6F6
    • Highlight color (checked): Text #FFFFFF Background: #48B9C7
    • Uncheck Transparend background
    • Palette colors:
      • 0: #333333 1: #CC0000 2: #4E9A06 3: #C4A000 4: #3465A4 5: #75507B 6: #06989A 7: #D3D7CF
      • 8: #88807C 9: #F15D22 10: #73C48F 11: #FFCE51 12: #48B9C7 13: #AD7FA8 14: #34E2E2 15: #EEEEEC
    • Uncheck Show bold text in bright colors

Right click on the Pop profile and set as default.

Lastly, we need to append some things to PS1 in our .bashrc to get the green prompt and some other neat colors in the terminal. Mine looks like this:

Security steps with Yubikey

I have two Yubikeys and use them

  • as second-factor for all admin/sudo tasks using authselect
  • to unlock my luks encrypted partitions using mkinitcpio-ykfde
  • for my private GPG key using the smart card capabilities of the yubikey

For this I need to install several packages:

Make sure that OpenPGP and PIV are enabled on both Yubikeys as shown above.

Yubikey: two-factor authentication for admin/sudo password

Let’s set up the Yubikeys as second-factor for everything related to sudo using the pam.d module and authselect:

Important: before you close the terminal, open a new one and check whether you can do sudo echo test:

Yubikey: two-factor authentication for luks

Let’s set up the Yubikeys as second-factor to unlock the luks partition. If you have brand new keys, then create a new key on them (BE CAREFUL TO NOT OVERWRITE, I.E. IF YOU HAVE ALREADY DONE THIS, DON’T RUN THIS COMMAND AGAIN):

Now we can enroll both yubikeys to the luks partition using mkinitcpio-ykfde.

Get the serial number(s) from your Yubikey(s):

and write them down. Get the luks mapping name by looking into the crypttab (it’s the first entry in each line):

Now, open /etc/ykfde.conf with a text editor and add your mapping name and serial numbers to the bottom of the file and save it:

Make sure to choose the appropriate LUKS slot; they are numbered from 0 and slot 0 is used by default and contains your passphrase chosen in the installer. Better check it with cryptsetup luksDump /dev/vda3 if you have other slots occupied.

Now, add your Yubikey with your 2-factor password of choice:

Set up your Yubikey challenges to run at boot with these two commands:

and update your GRUB bootloader configuration:

Reboot and check whether you can unlock your luks partitions using your Yubikey and the chosen 2nd-factor password. Try to unlock with and without the Yubikeys to make sure everything works as you expect.

Now, as I have a fully encrypted luks system and am the sole user of my computer, I can turn on automatic login in the settings.

Yubikey: private GPG key

Let’s use the private GPG key on the Yubikey (a tutorial on how to put it there is taken from Heise or YubiKey-Guide). Installing some packages first:

Insert your yubikey and check whether the card is readable by gpg:

If there is a No such device message, then try restarting pcscd by running:

This is a known bug, that is, if you ever run into the issue that gpg --card-status does not find your Yubikey, simply run sudo systemctl restart pcscd and it’ll work.

My public key is given in a file called /home/$USER/.gnupg/public.asc:

Apps

Browser

Firefox

I used to use Firefox for almost all of my browsing which is installed by default with the following:

  • Extensions
    • Bitwarden
    • Disable HTML5 Autoplay
    • GNOME Shell-Integration
    • HTTPS Everywhere
    • uBlock Origin
  • Plugins
    • OpenH264-Videocodec
    • Widevine Content Decryption Module
  • Theme: firefox-gnome-theme:

Vivaldi

I am in the process of switching to Vivaldi:

I use the following Extensions installable from the Chrome store:

  • Bitwarden
  • GNOME Shell-Integration
  • uBlock Origin

Google Chrome

If I ever need Google Chrome, then I enable the repo in the software manager and install it via the software shop.

Profile-sync-daemon

This neat little utility improves your browsing experience:

System utilities

Flatseal

Flatseal is a great tool to check or change the permissions of your flatpaks:

Timeshift

For Timeshift, you would need to change the subvolume layout of Fedora 33. I have described these steps in my Fedora 33 installation guide.

Virtual machines: Quickemu and other stuff

Fedora by default has KVM, Qemu, virt-manager and gnome-boxes set up; however, I have found a much easier tool for most virtualization tasks: Quickqemu which uses the snap package Qemu-virgil:

I keep the conf files for my virtual machines on an external SSD.

Networking

Dropbox

Unfortunately, I still have some use case for Dropbox:

Open dropbox and set it up, check options.

Nextcloud

I have all my files synced to my own Nextcloud server, so I need the sync client:

Open Nextcloud and set it up. Recheck options and note to ignore hidden files once the first folder sync is set up.

I get two anoying issues with Nextcloud, which will probably be fixed in the future. For now the following works for me:

  1. If you have many subfolders (which I do), there are not enough inotify-watches and Nextcloud does not sync instantenously but only periodically. This can be solved by

The same issue happens with Visual Studio Code and the workaround is taken from there instructions page.

  1. If you use X11 instead of Wayland, the app indicator icon does not show if I enable autostart of Nextcloud in its settings menu. The problem is, that while the nextcloud client is actually running after being autostarted, there is no tray icon (I use the ‘KStatusNotifierItem/AppIndicator Support’ extension). Whereas, if I start the client manually after logging in (without autostart or after killing the autostarted instance), the icon is there. For anyone experiencing this issue the workaround is to delay the autostart. That is, make the following changes to the .desktop file which resides in the subdirectory ~/.config/autostart of the users home directory:

What it does is simply waiting 3+5 seconds before launching the client. Your mileage may vary - perhaps you need to give it more time if your startup takes longer than mine.

Alternatively, you might install TopIcons Plus Gnome Extension in addition to the KStatusNotifierItem/AppIndicator Support Extension. I set the ‘Icon size’ to 18 in the settings of TopIcons Plus, the ‘Tray horizontal alignment’ to ‘Right’ and ‘Tray offset’ to 1, see also Mattermost.

OpenConnect and OpenVPN

Go to Settings-Network-VPN and add openconnect for my university VPN and openvpn for ProtonVPN, check connections.

Remote desktop

To access our University remote Windows desktop session:

Note that this also adds a shortcut to the menu.

Coding

git related packages:

git and git-lfs are very important tools for me; as a GUI I like to use GitKraken:

The flatpak version of GitKraken works perfectly. Open GitKraken and set up Accounts and Settings (or restore from Backup see above). Note that for the flatpak version, one needs to add the following Custom Terminal Command: flatpak-spawn --host gnome-terminal %d to be able to open the repository quickly in the terminal.

Dynare related packages

I am a developer of Dynare and need these packages to compile it from source and run it optimally on a Fedora-based system:

Next, we need to compile slicot and x13as from source as it is not packaged in Fedora (yet):

Lastly, after installing Matlab, I am compiling several versions of Dynare from source:

MATLAB

I have a license for MATLAB R2020a and R2020b; which I both install. In the following I will focus on the latest, but mention some details for the other version if needed.

First download the installation files from Mathworks, then unzip the installation files. The normal installer does not work for me as I am getting a “terminate called after throwing an instance of ‘std::runtime_error’; what(): Unable to launch the MATLAB Window application Aborted” error, so I run the legacy installer:

Note that I don’t run this as root as I am installing it into my home folder under /home/$USER/MATLAB/R2020b and will create the symbolic links myself. If you want to install MATLAB into the default directory /usr/local/MATLAB/R2020b you have to run the installer as root.

Unfortunately, there is no matlab-support package as for Debian-based systems, so I need to do several things by hand using the Arch Wiki on MATLAB as a main reference.

Install Fedora Free Repo Download

  1. Make sure you have ownership of the configuration and installation files (probably not necessary)
  1. Create a symbolic linkIn order to open MATLAB from the terminal, create a symbolic link into your .local/bin folder:

Now open MATLAB in the terminal and activate your license. Make note of any errors and warnings in the terminal such as

Inside MATLAB try opening Settings and the Add-Ons Manager and make note of any errors. For instance, I get all sorts of matlab.internal.webwindow and matlab.internal.cef.webwindow when I try to open e.g. the AddOns window. We will solve this later, for now exit MATLAB again.

  1. Create desktop entry

First download a MATLAB icon from here or here. Then we create a desktop entry for the local user:

  1. Use system libraries instead of MATLAB’s shipped librariesRenaming or excluding some libraries from MATLAB solves a whole bunch of issues (actually almost all), so let’s do it! First, install minimal development tools:

Then put the shipped libraries from MATLAB into exclude folders:

  1. OpenGL acceleration (and some other graphics issues)

Force Mesa to use the old driver which seems to be more performant on Gnome and solves many graphics issues in MATLAB like OpenGL acceleration:

Open a new terminal (or better reboot) and check the following:

If you run into a shared resources-for-x11-graphics bug, this can be solved by

  1. gtk modules

This is more of a cosmetic issue if you run MATLAB from the terminal you get some warnings. To get rid of them:

  1. Help browser issues

The quick help (F1) only displays the help message once after that it stops working for me, unfortunately. I don’t have a solution yet…, maybe webutils.htmlrenderer('basic'); Clicking on Open Help Browser does give me the relevant help page, so this is not severe for me.

If MATLAB works as it should, I change some settings to use Windows type shortcuts on the Keyboard, add mod files as supported extensions. Also I do not use MATLAB’s source control capabilities and enable antialiasing in the fonts section.

R

For teaching and data analysis there is nothing better than R and RStudio:

Open rstudio, set it up to your liking.

Java via Openjdk

Install the default OpenJDK Runtime Environment:

Visual Studio Code

I am in the process of transitioning all my coding to Visual Studio code:

I sync my settings and extensions inside VScode. Similar to Nextcloud there is an error labeled “Visual Studio Code is unable to watch for file changes in this large workspace” (error ENOSPC) which has to do with the limit of inotify. The workaround (if you haven’t done so already) is to run:

The same issue happens with Nextcloud.

Text-processing

Hugo

My website uses the Academic Template for Hugo, which is based on Go. As I need the extended version I don’t install hugo from the repo, but instead download the official release binary from Github:

Latex related packages

I write all my papers and presentations with Latex using either TexStudio or VScode as editors:

Open texstudio and set it up.

Microsoft Fonts

Sometimes I get documents which require fonts from Microsoft:

Masterpdf

I have purchased a license for Master PDF in case I need advanced PDF editing tools:

Open masterpdf and enter license. Also I use flatseal to give the app full access to my home folder.

Softmaker Office

I have a personal license for Softmaker Office, which needs to be installed via its own repo:

Open it and enter license.

Zotero

Zotero is great to keep track of the literature I use in my research and teaching. I install it via a flatpak:

Open zotero, log in to account, install extension better-bibtex and sync.

Communication

Mattermost

Our Dynare team communication is happening via Mattermost which can be installed via flatpak:

Unfortunately, I still have an issue with the tray icon as it is only shown when turning the KStatusNotifierItem/AppIndicator Support Extension off and on again. However, what works for me is to additionally install the TopIcons Plus Gnome Extension. I set the ‘Icon size’ to 18 in the settings of TopIcons Plus, the ‘Tray horizontal alignment’ to ‘Right’ and ‘Tray offset’ to 1.

Skype

Skype can be installed either via snap or flatpak. I find the flatpak version works better with the system tray icons:

Open skype, log in and set up audio and video.

Zoom

Zoom can be installed either via snap or flatpak. I find the flatpak version works better with the system tray icons:

Open zoom, log in and set up audio and video.

Multimedia

VLC

The best video player:

Open it and check whether it works.

Multimedia Codecs

If you have VLC installed, you should be fine as it has builtin support for all relevant audio and video codecs. In other cases, I have found that the following commands install all required stuff for Audio and Video:

For OpenH264 in Firefox I run:

Afterwards you need to open Firefox, go to menu → Add-ons → Plugins and enable OpenH264 plugin. You can do a simple test whether your H.264 works in RTC on this page (check Require H.264 video).

OBS

I like that the snap version has all popular extensions included, so I use it:

Open OBS and set it up, import your scenes, etc.

Gnome Settings

  • Set up Wifi, Ethernet and VPN
  • Turn off bluetooth
  • Change wallpaper
  • Automatically delete recent files and trash
  • Turn of screen after 15 min
  • Turn on night mode
  • Add online account for Nextcloud and Fedora
  • Deactivate system sounds, mute mic
  • Turn of suspend, shutdown for power button
  • Turn on natural scrolling for mouse touchpad
  • Go through keyboard shortcuts and adapt, I also add custom ones:
    • xkill on CTRL+ALT+X
    • gnome-terminal on CTRL+ALT+T
  • Change clock to 24h format
  • Display battery as percentage
  • Check your default programs

Other stuff

  • Bookmarks for netdrives: Using CTRL+L in nautilus, I can open the following links inside nautilus and add bookmarks to these drives for easy access:
  • Reorder Favorites: I like to reorder the favorites on the gnome launcher (when one hits the SUPER) key
  • Go through all programs: Hit META+A and go through all programs, decide whether you need them or uninstall these
  • Check autostart programs in Gnome Tweaks
  • In the file manager preferences I enable “Sort folders before files
  • Click on the clock and set the location for your weather forecast

Related Posts

 cleardn.ajkernilphamari.co © 2021