archlinux-installation-standard

The standard of archlinux installation & configurations for me

For Lenovo user, Enter F12 for Boot Menu when on bootstrap stage

Pre-installation

  1. Update the system clock

    1
    # timedatectl set-ntp true
  2. Preparing the partitions

    Partition layout:

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    +-----------------------+------------------------+
    | Boot partition | LUKS2 encrypted system |
    | | partition |
    | | |
    | /boot | / |
    | | |
    | | /dev/mapper/cryptroot |
    |-----------------------|------------------------|
    | /dev/sda1 | /dev/sda2 |
    +-----------------------+------------------------+

    Preparing non-boot partitions

    1
    2
    3
    4
    # cryptsetup -y -v --pbkdf-memory=114514 luksFormat /dev/sda2
    # cryptsetup open /dev/sda2 cryptroot
    # mkfs.btrfs -L arch_os /dev/mapper/cryptroot
    # mount /dev/mapper/cryptroot /mnt

    You can set the filesystem label later by using btrfs filesystem label /dev/mapper/cryptroot "arch_os"

    Preparing the boot partition

    1
    # mkfs.fat -F32 /dev/sda1

Btrfs subvolumes

  1. Create top-level subvolumes
    1
    2
    3
    4
    # btrfs subvolume create /mnt/@
    # btrfs subvolume create /mnt/@snapshots
    # btrfs subvolume create /mnt/@home
    # btrfs subvolume create /mnt/@var_log
  2. Mount top-level subvolumes
    Unmount the system partition at /mnt.
    1
    # umount /mnt
    Now mount the newly created subvolumes by using the subvol= mount option (with enabled compress zstd).
    1
    2
    3
    4
    5
    6
    # mount -o compress=zstd,[email protected],discard /dev/mapper/cryptroot /mnt
    # mkdir -p /mnt/{boot,home,.snapshots,var/log}
    # mount -o discard /dev/sda1 /mnt/boot
    # mount -o compress=zstd,[email protected],discard /dev/mapper/cryptroot /mnt/home
    # mount -o compress=zstd,[email protected],discard /dev/mapper/cryptroot /mnt/.snapshots
    # mount -o compress=zstd,[email protected]_log,discard /dev/mapper/cryptroot /mnt/var/log
  3. Create nested subvolumes
    Create any nested subvolumes you do not want to have snapshots of when taking a snapshot of /.
    Every nested subvolume will be an empty directory inside the snapshot.
    Since the @ subvolume is mounted at /mnt you will need to create a subvolume at /mnt/var/cache/pacman/pkg as a nested subvolume
    You may have to create any parent directories first.
    1
    2
    3
    # mkdir -p /mnt/var/cache/pacman
    # btrfs subvolume create /mnt/var/cache/pacman/pkg
    # btrfs subvolume create /mnt/var/tmp

Installation

  1. Select the mirrors
    I will use huaweicloud as main mirror
    1
    # sed -i '1aServer = https://mirrors.huaweicloud.com/archlinux/$repo/os/$arch\n' /etc/pacman.d/mirrorlist
  2. Install essential packages
    1
    # pacstrap /mnt base base-devel linux linux-firmware btrfs-progs vim rng-tools git tmux openssh bash-completion zram-generator bluez bluez-utils snapper iwd

Configure the system

  1. Fstab

    1
    # genfstab -U /mnt >> /mnt/etc/fstab
  2. Chroot

    1
    # arch-chroot /mnt
  3. Time zone

    1
    2
    3
    # ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
    # timedatectl set-ntp true
    # hwclock --systohc
  4. Localization

    1
    2
    3
    4
    5
    # sed -i 's/#en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/g' /etc/locale.gen
    # sed -i 's/#zh_CN.UTF-8 UTF-8/zh_CN.UTF-8 UTF-8/g' /etc/locale.gen
    # locale-gen
    # echo "LANG=en_US.UTF-8" >> /etc/locale.conf
    # echo "KEYMAP=us" >> /etc/vconsole.conf
  5. Network configuration
    Create the /etc/hostname file:

    1
    # echo "myhostname" > /etc/hostname

    Add matching entries to hosts(5):

    /etc/hosts
    1
    2
    3
    127.0.0.1   localhost
    ::1 localhost
    127.0.1.1 myhostname.neo myhostname
  6. Configuring mkinitcpio
    Using the sd-encrypt hook with the systemd-base initramfs. (replace hook udev with systemd)

    /etc/mkinitcpio.conf
    1
    HOOKS=(base systemd autodetect keyboard sd-vconsole modconf block sd-encrypt filesystems fsck)

    Configure /etc/crypttab.initramfs (As /etc/crypttab but in initramfs)

    use blkid or lsblk -f to show persistent block device naming
    Here I enabled Discard/TRIM support for SSD

    /etc/crypttab.initramfs
    1
    cryptroot       UUID=<UUID_OF_ROOTFS>       -       discard

    Recreate the initramfs image

    1
    # mkinitcpio -P
  7. Users and password
    Create and use an unprivileged(non-root) user account(s) for most tasks

    1
    # useradd -m -s /bin/bash <Username>

    sudo: add user to sudoers and disable password prompt timeout

    1
    2
    # echo "<Username> ALL=(ALL) ALL" >> /etc/sudoers.d/<Username>
    # echo "Defaults passwd_timeout=0" > /etc/sudoers.d/notimeout

    Setting the new user and root user’s password

    1
    2
    # passwd <Username>
    # passwd root
  8. Boot loader
    Installing the EFI boot manager

    1
    # bootctl install

    Configuring the boot loader

    /boot/loader/loader.conf
    1
    2
    3
    4
    default  arch.conf
    timeout 4
    console-mode max
    editor no
    /boot/loader/entries/arch.conf
    1
    2
    3
    4
    title   Arch Linux
    linux /vmlinuz-linux
    initrd /initramfs-linux.img
    options root=/dev/mapper/cryptroot rootflags=compress=zstd,[email protected],discard
    /boot/loader/entries/arch-fallback.conf
    1
    2
    3
    4
    title Arch Linux (fallback)
    linux /vmlinuz-linux
    initrd /initramfs-linux-fallback.img
    options root=/dev/mapper/cryptroot rootflags=compress=zstd,[email protected],discard

Post-installation

Network

Using systemd-networkd & systemd-resolved & iwd

  • Wireless adapter configuration

    Use ip link to show network interface names

    /etc/systemd/network/25-wireless.network
    1
    2
    3
    4
    5
    6
    [Match]
    Name=<Your wireless interface name>

    [Network]
    DHCP=yes
    IgnoreCarrierLoss=3s
    Enable daemons and systemd-resolved stub mode:
    1
    2
    3
    4
    # systemctl enable iwd.service
    # systemctl enable systemd-networkd.service
    # systemctl enable systemd-resolved.service
    # ln -rsf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

Miscellaneous

  1. Random number generation
    1
    # systemctl enable rngd.service
  2. Enable sshd
    1
    # systemctl enable sshd.service

Configurate zram-generator

Configuration

/etc/systemd/zram-generator.conf
1
2
3
[zram0]
zram-size = min(min(ram, 4096) + max(ram - 4096, 0) / 2, 32 * 1024)
compression-algorithm = zstd

Applying changes

1
2
# systemctl daemon-reload
# systemctl restart [email protected]

Enable bluetooth auto power-on

1
# systemctl enable bluetooth.service

Bluetooth auto power-on after boot:

/etc/bluetooth/main.conf
1
2
[Policy]
AutoEnable=true

Bluetooth audio support:

1
# pacman -S pipewire-pulse

Userspace OOM daemon

Enable systemd-oomd

1
# systemctl enable systemd-oomd.service

Configure memory pressure killing (Here I set it slice wide to make it observable in oomctl):

1
# systemctl edit user.slice

Having this in your editor:

1
2
3
[Slice]
ManagedOOMMemoryPressure=kill
ManagedOOMMemoryPressureLimit=50%

Configure swap-based killing:

1
# systemctl edit --force -- -.slice

With this in your edior:

1
2
[Slice]
ManagedOOMSwap=kill

(Optional) See also oomd.conf(5):

/etc/systemd/oomd.conf
1
2
3
[OOM]
SwapUsedLimit=80%
DefaultMemoryPressureDurationSec=20s

Furthmore, you can set OOMPolicy=kill to a service unit, which says if one of the process belong to this service is being killed by systemd-oomd, the whole service will also get killed (this option sets service’s cgroup memory.oom.group to 1, which means all tasks belonging to this cgroup were killed together).

Archlinuxcn’s repository

/etc/pacman.conf
1
2
3
4
[archlinuxcn]
Server = https://repo.archlinuxcn.org/$arch
## or install archlinuxcn-mirrorlist-git and use the mirrorlist
#Include = /etc/pacman.d/archlinuxcn-mirrorlist

Install archlinux-keyring:

1
# pacman -S archlinuxcn-keyring

Swapfile in a btrfs filesystem within dm-crypt and also hibernation support

  1. Swap file creation
    Create a zero length file, set the No_COW attribute on it with chattr, and make sure compression is disabled, then using dd to allocate a swap file:

    1
    2
    3
    4
    5
    6
    7
    # truncate -s 0 /.snapshots/swapfile
    # chattr +C /.snapshots/swapfile
    # btrfs property set /.snapshots/swapfile compression none
    # dd if=/dev/zero of=/.snapshots/swapfile bs=1M count=4096 status=progress
    # chmod 600 /.snapshots/swapfile
    # mkswap /.snapshots/swapfile
    # swapon /.snapshots/swapfile

    Adding the appropriate entry in fstab:

    /etc/fstab
    1
    2
    ...
    /.snapshots/swapfile none swap defaults 0 0
  2. Setting the required kernel parameters
    The resume_offset number can be computed using the tool btrfs_map_physical.c. Do not try to use the filefrag tool, on Btrfs the “physical” offset you get from filefrag is not the real physical offset on disk.

    1
    2
    3
    4
    5
    6
    7
    #  ./btrfs_map_physical /.snapshots/swapfile | head -n 2
    FILE OFFSET FILE SIZE EXTENT OFFSET EXTENT TYPE LOGICAL SIZE LOGICAL OFFSET PHYSICAL SIZE DEVID PHYSICAL OFFSET
    0 134217728 0 regular 134217728 2605207552 134217728 1 3687337984
    $ getconf PAGESIZE
    4096
    $ echo $((3687337984/4096))
    900229

    Note the the first physical offset returned by this tool. In this example, we see 3687337984.
    To compute the resume_offset value, divide the physical offset by the pagesize. In this example, it is 3687337984 / 4096 = 900229.

    Finally, edit the boot loader’s configuration:

    /boot/loader/entries/arch.conf
    1
    2
    ...
    options ... resume=/dev/mapper/cryptroot resume_offset=900229

AUR helper

Here I Using paru as AUR helper.

  1. Create makepkg wrapper makepkg-shallow to make makepkg do shallow clone
    /usr/bin/makepkg-shallow
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    #!/bin/bash

    git() {
    if [[ $# -gt 1 && $1 == 'clone' && $2 != '-s' ]]; then
    /bin/git "[email protected]" --depth=1 --no-single-branch
    elif [[ $# -gt 1 && $1 == 'fetch' ]]; then
    /bin/git fetch --depth=3 -p
    elif [[ $# -gt 1 && [$1 == 'describe' || $1 == 'rev-list'] ]]; then
    /bin/git fetch --unshallow -p
    /bin/git "[email protected]"
    else
    /bin/git "[email protected]"
    fi
    }

    source /bin/makepkg "[email protected]"
  2. Build & Install paru
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    # chmod 755 /usr/bin/makepkg-shallow
    # mkdir /build
    # chown -R <Username>:<Username> /build
    # cd /build
    # sudo -u <Username> git clone --depth=1 https://aur.archlinux.org/paru.git
    # cd paru
    # sudo -u <Username> makepkg-shallow --noconfirm -si
    # pacman -Qtdq | xargs -r pacman --noconfirm -Rcns
    # rm -rf /home/<Username>/.cache
    # rm -rf /build

Rebooting to installed system to ensure that systemd is running.

Btrfs snapshots & Snapper

Ensure /.snapshots is not mounted and does not exist as folder:

1
2
# umount /.snapshots
# rm -r /.snapshots

Then create a new configuration for /. Snapper create-config automatically creates a subvolume .snapshots with the root subvolume @ as its parent, that is not needed for current filesystem layout, and can be deleted.

1
2
3
# snapper -c root create-config /
# btrfs subvolume delete /.snapshots
# mkdir /.snapshots

Now mount @snapshots to /.snapshots:

1
# mount -o compress=zstd,[email protected],discard=async /dev/mapper/cryptroot /.snapshots

Pacman Hook:

1
pacman -S snap-pac

Unlocking encrypted root filesystem by using TPM 2

list installed TPMs and the driver in use:

1
$ systemd-cryptenroll --tpm2-device=list

If you encounter such message “TPM2 support is not installed” then try to install tpm2-tss

A key may be enrolled in both the TPM and the LUKS volume using only one command. The following example binds the key to PCRs 0 and 7 (the system firmware and Secure Boot state):

1
# systemd-cryptenroll --tpm2-device=/path/to/tpm2_device --tpm2-pcrs=0+7 /dev/sda2

Tip: If your computer has only one TPM installed, which is usually the case, you may instead specify --tpm2-device=auto to automatically select the only available TPM.

Specifying the root volume using the /etc/crypttab.initramfs:

/etc/crypttab.initramfs
1
cryptroot       UUID=<UUID_OF_ROOTFS>       -       tpm2-device=auto,discard

Regenerate the initramfs:

1
# mkinitcpio -P

To remove a key enrolled using this method, run:

1
# systemd-cryptenroll /dev/sdX --wipe-slot=slot_number

where slot_number is the numeric LUKS slot number in which your TPM key is stored.
Alternatively, run:

1
# systemd-cryptenroll /dev/sdX --wipe-slot=tpm2

to remove all TPM-associated keys from your LUKS volume.

Secure Boot by using a signed boot loader (shim)

Install shim-signed[AUR], sbsigntools and efibootmgr

1
# paru -S shim-signed sbsigntools efibootmgr

As shim tries to launch grubx64.efi, rename systemd boot loader to it.

1
# cp /boot/EFI/systemd/systemd-bootx64.efi /boot/EFI/BOOT/grubx64.efi

Copy shim and MokManager to boot loader directory:

1
2
# cp /usr/share/shim-signed/shimx64.efi /boot/EFI/BOOT/BOOTx64.EFI
# cp /usr/share/shim-signed/mmx64.efi /boot/EFI/BOOT/

(Optional) create a new NVRAM entry to boot BOOTx64.EFI:

1
# efibootmgr --verbose --disk /dev/sda --part 1 --create --label "Shim" --loader /EFI/BOOT/BOOTx64.EFI

Generate a Machine Owner Key:

1
2
$ openssl req -newkey rsa:4096 -nodes -keyout MOK.key -new -x509 -sha256 -days 3650 -subj "/CN=my Machine Owner Key/" -out MOK.crt
$ openssl x509 -outform DER -in MOK.crt -out MOK.cer

Sign boot loader (named grubx64.efi) and kernel:

1
2
# sbsign --key MOK.key --cert MOK.crt --output /boot/vmlinuz-linux /boot/vmlinuz-linux
# sbsign --key MOK.key --cert MOK.crt --output /boot/EFI/BOOT/grubx64.efi /boot/EFI/BOOT/grubx64.efi

We can automate the kernel signing with a pacman hook:

Create pacman’s default hooks directory if it doesn’s exist:

1
# mkdir /etc/pacman.d/hooks
/etc/pacman.d/hooks/999-sign_kernel_for_secureboot.hook
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[Trigger]
Operation = Install
Operation = Upgrade
Type = Package
Target = linux
Target = linux-lts
Target = linux-hardened
Target = linux-zen

[Action]
Description = Signing kernel with Machine Owner Key for Secure Boot
When = PostTransaction
Exec = /usr/bin/find /boot/ -maxdepth 1 -name 'vmlinuz-*' -exec /usr/bin/sh -c 'if ! /usr/bin/sbverify --list {} 2>/dev/null | /usr/bin/grep -q "signature certificates"; then /usr/bin/sbsign --key /etc/pacman.d/hooks/MOK.key --cert /etc/pacman.d/hooks/MOK.crt --output {} {}; fi' ;
Depends = sbsigntools
Depends = findutils
Depends = grep

Also, there is a pacman hook for systemd-boot upgrades:

/etc/pacman.d/hooks/100-systemd-boot.hook
1
2
3
4
5
6
7
8
9
10
11
[Trigger]
Type = Package
Operation = Upgrade
Target = systemd

[Action]
Description = Gracefully upgrading systemd-boot...
When = PostTransaction
Exec = /bin/sh -c '/usr/bin/systemctl restart systemd-boot-update.service && cp /boot/EFI/systemd/systemd-bootx64.efi /boot/EFI/BOOT/grubx64.efi && cp /usr/share/shim-signed/shimx64.efi /boot/EFI/BOOT/BOOTx64.EFI && sbsign --key /etc/pacman.d/hooks/MOK.key --cert /etc/pacman.d/hooks/MOK.crt --output /boot/EFI/BOOT/grubx64.efi /boot/EFI/BOOT/grubx64.efi'
Depends = shim-signed
Depends = sbsigntools

Then copy Mok.key and MOK.crt to the path which is specified above:

1
# cp MOK.key MOK.crt /etc/pacman.d/hooks/

Copy MOK.cer to a FAT formatted file system (you can use EFI system partition).

1
# cp MOK.cer /boot/

Reboot and enable Secure Boot. If shim does not find the certificate grubx64.efi is signed with in MokList it will launch MokManager (mmx64.efi).
In MokManager select Enroll key from disk, find MOK.cer and add it to MokList. When done select Continue boot and your boot loader will launch and it will be capable launching any binary signed with your Machine Owner Key.

NVIDIA & NVIDIA Optimus

Using PRIME render offload which was official method supported by NVIDIA

  1. The nvidia-prime package provides a script that can be used to run programs on the NVIDIA card.
    1
    # pacman -S nvidia nvidia-prime
    To run a program on the NVIDIA card you can use the prime-run command:
    1
    2
    $ prime-run glxinfo | grep "OpenGL renderer"
    $ prime-run vulkaninfo
  2. Dynamic power management of the dGPU
    • Enable runtime power management for each PCI function

      1
      2
      # echo auto > /sys/bus/pci/devices/<Domain>:<Bus>:<Device>.<Function>/power/control
      # modprobe nvidia "NVreg_DynamicPowerManagement=0x02"
    • The automated ways to perform the manual steps mentioned above so that this feature works seamlessly after boot:

      1. Create a file named 80-nvidia-pm.rules in /lib/udev/rules.d/ directory
        /lib/udev/rules.d/80-nvidia-pm.rules
        1
        2
        3
        4
        5
        6
        7
        8
        # Remove NVIDIA Audio devices, if present
        ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{remove}="1"

        # Enable runtime PM for NVIDIA VGA/3D controller devices on driver bind
        ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="auto"

        # Disable runtime PM for NVIDIA VGA/3D controller devices on driver unbind
        ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="on"

        You can use udevadm info --attribute-walk --path=/sys/bus/pci/devices/<Domain>\:<Bus>\:<Slot>.<Function> to get a PCI device’s attribution

      2. Set the driver option via the kernel module configuration files
        /etc/modprobe.d/nvidia.conf
        1
        options nvidia "NVreg_DynamicPowerManagement=0x02"
      3. Reboot the system

Desktop Environment

  1. Installation
    • KDE
      1
      2
      # pacman -S plasma-meta konsole dolphin kdegraphics-thumbnailers gwenview kimageformats ark kio-fuse
      # systemctl enable sddm.service
    • GNOME

      Some packages require archlinuxcn’s repository

      1
      2
      3
      4
      5
      6
      $ paru -S gnome-shell gnome-shell-extensions gdm \
      nautilus file-roller gvfs-mtp sushi seahorse eog \
      gnome-{control-center,terminal,tweaks,keyring,backgrounds,clocks,logs,screenshot,menus} \
      gtk-engine-murrine materia-gtk-theme \
      dconf-editor loginized gpaste
      # systemctl enable gdm.service
  2. (Optional) Install & Configure input method:
    1
    2
    # pacman -S fcitx5-im fcitx5-chinese-addons
    # cp /usr/share/applications/org.fcitx.Fcitx5.desktop ~/.config/autostart/
    ~/.pam_environment
    1
    2
    3
    GTK_IM_MODULE DEFAULT=fcitx
    QT_IM_MODULE DEFAULT=fcitx
    XMODIFIERS DEFAULT=\@im=fcitx
  3. (Optional|KDE) Turn off screen (DPMS) together with locking session:
    Go to: System Settings > Notifications > Applications(The button “Configure”) > Search “Screen Saver” > Configure Events:
    Select Screen locked and check box “Run command”, paste /bin/sleep 2; /usr/bin/xset dpms force off into it.

Troubleshot

  1. Disable media automount in GNOME
    1
    2
    $ gsettings set org.gnome.desktop.media-handling automount false
    $ gsettings set org.gnome.desktop.media-handling automount-open false
  2. Video Decode is disabled in Microsoft Edge
    ~/.config/microsoft-edge-dev-flags.conf
    1
    2
    3
    --ignore-gpu-blocklist
    --enable-features=VaapiVideoDecoder
    --enable-accelerated-video-decode
  3. In Surface Devices:

    I use KDE for more smooth experience

    • Instal linux-surface kernel
      1
      2
      3
      4
      $ curl -s https://raw.githubusercontent.com/linux-surface/linux-surface/master/pkg/keys/surface.asc \
      | sudo pacman-key --add -
      $ sudo pacman-key --finger 56C464BAAC421453
      $ sudo pacman-key --lsign-key 56C464BAAC421453
      Add the repository:
      /etc/pacman.conf
      1
      2
      [linux-surface]
      Server = https://pkg.surfacelinux.com/arch/
      Then you can install the linux-surface kernel and its dependencies. You should also enable the iptsd service for touchscreen and stylus support:
      1
      2
      3
      $ sudo pacman -Syu
      $ sudo pacman -S linux-surface linux-surface-headers iptsd
      $ sudo systemctl enable iptsd
      Don’t forget to change the corresponding loader entries’ config
    • SDDM has problem with NetworkManager & Long loading time:
      Use GDM as a replace, don’t forget to configure KDE Wallet’s PAM:
      /etc/pam.d/gdm-password
      1
      2
      3
      ...
      auth optional pam_kwallet5.so
      session optional pam_kwallet5.so auto_start
    • Auto disable touch screen after login (X11):
      First install xorg-xinput.
      Then create a shell script:
      disable_touch_screen.sh
      1
      2
      3
      4
      #!/bin/bash
      if [[ ${XDG_SESSION_TYPE} = "x11" ]]; then
      xinput disable `xinput list | egrep -o "IPTS Touch.+id=[0-9]+" | egrep -o "[0-9]+"`
      fi
      Finally go to System Settings > Startup and Shutdown > Autostart:
      Press Add button and select Add Login Script, choose the script you just created.

Additional Packages

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
## GNOME
[AUR] gnome-shell-extension-appindicator
[AUR] gnome-shell-extension-kimpanel-git
[AUR] gnome-shell-extension-dash-to-dock
[AUR] gnome-shell-extension-desktop-icons-ng
[AUR] gnome-shell-extension-freon-git

noto-fonts{,-cjk,-emoji}

[AUR] fcitx5-pinyin-zhwiki
fcitx5-material-color

## GPU
xf86-video-intel
vulkan-intel
vulkan-tools
libva-utils
intel-media-driver
^[AUR] libva-intel-driver-hybrid
- [AUR] intel-hybrid-codec-driver

## Misc
bpytop
htop
docker
docker-compose
zerotier-one
man
cmake
gdb
arch-install-scripts
pacman-contrib
rsync
tree
nmap
traceroute
compsize
wireguard-tools
picocom # ($ picocom -b 1500000 /dev/ttyUSB0, Ctrl-a Ctrl-q to quit)
[AUR] tealdeer
[AUR] cppman
ncdu
openbsd-netcat
bc
p7zip
unrar

zsh
zsh-autosuggestions
zsh-syntax-highlighting
zsh-history-substring-search

## TUI apps
cmus # Music Player

## Desktop apps
anki
blender
krita
libreoffice-still
mpv
obs-studio
remmina
- libvncserver
- freerdp
telegram-desktop
thunderbird

[AUR] bitwarden
[AUR] yesplaymusic-electron
[AUR] microsoft-edge-dev-bin
[AUR] qv2ray
[AUR] visual-studio-code-bin
- gnome-keyring # required to store vscode login token
- seahorse # GUI to manage keyring

## Gaming
## Yep, probably the fastest way to set up a 32 runtime environment
steam
- ttf-liberation
- lib32-vulkan-intel

lutris
wine
- lib32-giflib
- lib32-gnutls
- lib32-mpg123
- lib32-openal
- lib32-v4l-utils
- lib32-libpulse
- lib32-libxcomposite
- lib32-libxinerama
- lib32-libxslt
- lib32-gst-plugins-base-libs

python-pip
python-matplotlib
python-pandas
python-seaborn

npm
[AUR] hexo-cli

texlive-most
- [AUR] tllocalmgr-git

## MATLAB
libxcrypt-compat
gtk2

## KDE file shareing
## This enable dolphin accesses fileshares of another Windows machine.
samba
kdenetwork-filesharing
[AUR] wsdd2

## Vim's things
ripgrep
fzf
ctags

## Systemd-nspawn bootstrap
debootstrap
ubuntu-keyring

## VM
virt-manager
libvirt
- dmidecode
- dnsmasq
- ebtables
- edk2-ovmf
- qemu
^[AUR] qemu-user-static
- [AUR] binfmt-qemu-static-all-arch

[AUR] xray
[AUR] v2raya
[Archlinuxcn] fcitx5-pinyin-moegirl
[AUR] syncthing-gtk
qtcreator
Author

Ndoskrnl

Posted on

2020-10-20

Updated on

2022-06-19

Licensed under