Linux CLI tips

• Wifi connection
• Grub2 complete explanation
• My grub2 config
• Swap Ctrl-Left and Alt-Left on your keyboard
• BTRFS snapshots with snapper
• Create Services in Alpine Linux
• Almalinux LXC setup

Wifi connection

Configure WiFi Connections

This articles comes from here.

This section explains how to establish a WiFi connection. It covers creating and modifying connections as well as directly connecting.

Establish a Wireless Connection

This section will show how to establish a wifi connection to the wireless network. Note that directly connecting will implicitly create a connection (that can be seen with “nmcli c”). The naming of such will follow “SSID N” pattern, where N is a number.

First, determine the name of the WiFi interface:

$ nmcli d
DEVICE             TYPE      STATE         CONNECTION
...
wlan0              wifi      disconnected     --

Make sure the WiFi radio is on (which is its default state):

$ nmcli r wifi on

Then, list the available WiFi networks:

$ nmcli d wifi list
*  SSID           MODE   CHAN  RATE       SIGNAL  BARS  SECURITY
   ...
   my_wifi      Infra  5     54 Mbit/s  89      ▂▄▆█  WPA2

As an example, to connect to the access point ‘my_wifi’, you would use the following command:

$ nmcli d wifi connect my_wifi password <password>

is the password for the connection which needs to have 8-63 characters or 64 hexadecimal characters to specify a full 256-bit key.

Connect to a Hidden Network

A hidden network is a normal wireless network that simply does not broadcast it’s SSID unless solicited. This means that its name cannot be searched and must be known from some other source.

Issue the following command to create a connection associated with a hidden network :

$ nmcli c add type wifi con-name <name> ifname wlan0 ssid <ssid>
$ nmcli c modify <name> wifi-sec.key-mgmt wpa-psk wifi-sec.psk <password>

Now you can establish a connection by typing:

$ nmcli c up <name>

is an arbitrary name given to the connection and is the password to the network. It needs to have between 8-63 characters or 64 hexadecimal characters in order to specify a full 256-bit key.

Further Information

You will find further information and more detailed examples on following page:

• https://developer.gnome.org/NetworkManager/unstable/nmcli.html

Grub2 complete explanation

Tutoriel trouvé sur cette page

Table des matières

sudo update-grub

GRUB_HIDDEN_TIMEOUT=0
GRUB_HIDDEN_TIMEOUT_QUIET=true
GRUB_TIMEOUT=0	# dépendance: lorsque GRUB_HIDDEN_TIMEOUT est actif, ce paramètre doit être défini à 0

GRUB_TIMEOUT_STYLE=hidden
GRUB_TIMEOUT=0

GRUB_HIDDEN_TIMEOUT=5
GRUB_HIDDEN_TIMEOUT_QUIET=false
GRUB_TIMEOUT=0	# dépendance: lorsque GRUB_HIDDEN_TIMEOUT est actif, ce paramètre doit être défini à 0

GRUB_TIMEOUT_STYLE=hidden
GRUB_TIMEOUT=5

#GRUB_HIDDEN_TIMEOUT=0
GRUB_HIDDEN_TIMEOUT_QUIET=true
GRUB_TIMEOUT=10	# ne pas laisser à zéro si vous voulez avoir le temps de sélectionner éventuellement un autre système.

GRUB_TIMEOUT_STYLE=menu
GRUB_TIMEOUT=10

GRUB_DISTRIBUTOR=`lsb_release -is 2> /dev/null || echo Debian`					# donne : Ubuntu GNU/Linux
GRUB_DISTRIBUTOR=`lsb_release -ds 2> /dev/null || echo Debian`					# donne : Ubuntu 16.04.1 LTS GNU/Linux
GRUB_DISTRIBUTOR=`echo -n $(lsb_release -cds 2> /dev/null || echo Debian)`			# donne : Ubuntu 16.04.1 LTS xenial GNU/Linux
GRUB_DISTRIBUTOR=`echo -n TITRE PERSONNALISÉ $(lsb_release -rs 2> /dev/null || echo Debian)`	# donne : TITRE PERSONNALISÉ 16.04 GNU/Linux
GRUB_DISTRIBUTOR=`echo -n TITRE PERSONNALISÉ`							# donne : TITRE PERSONNALISÉ GNU/Linux

sudo chmod -x /etc/grub.d/20_memtest86+

GRUB_OS_PROBER_SKIP_LIST="3a43c682-cb67-47e6-83cf-e647a72abb5d@/dev/sda3","1397cb72-27f1-4e01-acaf-86495341c71d@/dev/sda4"

GRUB_OS_PROBER_SKIP_LIST="3a43c682-cb67-47e6-83cf-e647a72abb5d@/dev/sda3 1397cb72-27f1-4e01-acaf-86495341c71d@/dev/sda4"

sudo mkdir /boot/grub/layouts
sudo grub-kbdcomp -o /boot/grub/layouts/fr.gkb fr

# Clavier fr
insmod keylayouts
keymap fr

GRUB_DEFAULT=saved
GRUB_SAVEDEFAULT=true

GRUB_DISABLE_OS_PROBER=true

 sudo chmod -x  /usr/sbin/grub-install

#!/bin/sh
exec tail -n +3 $0

menuentry "Windows 10" {
  insmod ntfs
  search --set=root --label WINDOWS_10 --hint hd0,msdos2
  ntldr /bootmgr
}
menuentry "Windows 10b" {
  insmod ntfs
  search --set=root --label WINDOWS_10b --hint hd0,msdos2
  ntldr /bootmgr
}
menuentry "Windows 7" {
  insmod ntfs
  set root='(hd0,3)'
  search --no-floppy --fs-uuid --set 94E84428E8440B46
  chainloader +1
}
menuentry "Windows 10 en mode bios legacy" {
  insmod ntfs
  set root='(hd1,msdos2)'
  chainloader +1
}
menuentry 'Bootloader Lilo sur sda7' {
  set root=(hd0,7)
  chainloader +1
}
menuentry "Menu grub2 sur sda8" {
  set root=(hd0,8)
  configfile /boot/grub/grub.cfg
}
menuentry "Menu grub-legacy sur sda6" {
  set root=(hd0,6)
  legacy_configfile /boot/grub/menu.lst
}

## ligne vide
menuentry "   " {
	true
}
## ligne de sous-titre
menuentry "-------------------     Dérivés Ubuntu     -------------------" {
	true
}

menuentry 'Arrêt du système' {
	halt
}
menuentry 'Redémarrage du système' {
	reboot
}

sudo update-grub

vbeinfo

GRUB_GFXMODE=1280x1024,1024x768x32

set gfxpayload=1024x768

convert ~/Images/"image exemple.jpg" -resize 1280x1024! -depth 16 ~/Bureau/"00_image_de_fond.jpg"
sudo mv ~/Bureau/"00_image_de_fond.jpg" /boot/grub/.

GRUB_BACKGROUND="/boot/grub/00_image_de_fond.jpg"

sudo update-grub

set color_normal=light-gray/black		# définit les couleurs de texte/fond d'écran autour du cadre de menu
set menu_color_normal=light-gray/black		# définit les couleurs de texte/fond d'écran dans le cadre de menu
set menu_color_highlight=yellow/light-blue	# définit les couleurs de texte/surbrillance pour la ligne de menu sélectionnée

sudo update-grub

GRUB_THEME="/boot/grub/themes/ubuntu-mate/theme.txt"

sudo update-grub

My grub2 config

Enable OS prober

If os-prober is disabled, add this line in /etc/default/grub:

GRUB_DISABLE_OS_PROBER=false

Add poweroff and reboot options

To add poweroff and reboot options to your grub, add those lines in /etc/grub.d/40_custom:

menuentry 'Power off' {
	halt
}
menuentry 'Reboot' {
	reboot
}

Install a theme (link to the github repo)

Installation:

Usage: sudo ./install.sh [OPTIONS...]

  -t, --theme                 theme variant(s)          [tela|vimix|stylish|whitesur]       (default is tela)
  -i, --icon                  icon variant(s)           [color|white|whitesur]              (default is color)
  -s, --screen                screen display variant(s) [1080p|2k|4k|ultrawide|ultrawide2k] (default is 1080p)
  -c, --custom-resolution     set custom resolution     (e.g., 1600x900)                    (disabled in default)
  -r, --remove                remove theme              [tela|vimix|stylish|whitesur]       (must add theme name option, default is tela)

  -b, --boot                  install theme into '/boot/grub' or '/boot/grub2'
  -g, --generate              do not install but generate theme into chosen directory       (must add your directory)

  -h, --help                  show this help

If no options are used, a user interface dialog will show up instead

Examples:

• Install Tela theme on 2k display device:

sudo ./install.sh -t tela -s 2k

• Install Tela theme with custom resolution:

sudo ./install.sh -t tela -c 1600x900

• Install Tela theme into /boot/grub/themes:

sudo ./install.sh -b -t tela

• Uninstall Tela theme:

sudo ./install.sh -r -t tela

Issues / tweaks:

Correcting display resolution:

• On the grub screen, press c to enter the command line
• Enter vbeinfo or videoinfo to check available resolutions
• Open /etc/default/grub, and edit GRUB_GFXMODE=[height]x[width]x32 to match your resolution
• Finally, run grub-mkconfig -o /boot/grub/grub.cfg to update your grub config

Setting a custom background:

• Make sure you have imagemagick installed, or at least something that provides convert
• Find the resolution of your display, and make sure your background matches the resolution
  • 1920x1080 >> 1080p
  • 2560x1080 >> ultrawide
  • 2560x1440 >> 2k
  • 3440x1440 >> ultrawide2k
  • 3840x2160 >> 4k
• Place your custom background inside the root of the project, and name it background.jpg
• Run the installer like normal, but with -s [YOUR_RESOLUTION] and -t [THEME] and -i [ICON]
  • Make sure to replace [YOUR_RESOLUTION] with your resolution and [THEME] with the theme
• Alternatively, use the -c option to set a custom resolution

Contributing:

• If you made changes to icons, or added a new one:
  • Delete the existing icon, if there is one
  • Run cd assets; ./render-all.sh
• Create a pull request from your branch or fork
• If any issues occur, report then to the issue page

Preview:

Documents

Grub2 theme reference

Grub2 theme tutorial

Customize the titles, order and entries shown with grub-customizer

To install grub-customizer:

sudo add-apt-repository ppa:danielrichter2007/grub-customizer
sudo apt-get update
sudo apt-get install grub-customizer

Preview:

Swap Ctrl-Left and Alt-Left on your keyboard

Introduction

I know, not everyone is a fan of Apple, but I enjoyed quite a bit the UX of my old MacBook Pro, so I always swap the left Ctrl key with the left Alt key, like the Command key and Option key from Apple.

The thing I liked about that is the simplicity of using the Ctrl shortcuts with the thumb without moving the left hand that much... a personal preference, but still enjoyable IMO.

But swapping keys is not always an easy task, because, if it only works partially, it may completely break your interactions and shortcuts... definitely not a good experience.

Configuration

The easiest and most compatible way I found is the following (it worked for me on Ubuntu and Archlinux):

1. Open a terminal
2. Type nano ~/.Xmodmap and then Enter (you can use whatever text editor you prefer: vi, vim, nvim, gedit...)
3. Type the following lines:

   clear control
   clear mod1
   keycode 37 = Alt_L Meta_L
   keycode 64 = Control_L
   add control = Control_L Control_R
   add mod1 = Alt_L Meta_L
   

4. Type Ctrl-X, then Y and then Enter (it may differ according to the text editor of your choice (Escape, :wq and Enter for vi, vim and nvim).
5. Finally type xmodmap ~/.Xmodmap to apply the new configuration.

If it doesn't work for you, it may be because of a couple of reasons:

• your keyboard is not mapped the same way (different keycodes)
• you don't have xmodmap
• another reason I don't know of...

If the reason is the first one, you may be interested to see that post (where I found that tip).

BTRFS snapshots with snapper

Picked from an article here.

Set up automatic snapshots of a BTRFS root subvolume, add these snapshots to the GRUB boot menu, and gain the ability to rollback an Arch Linux system to an earlier state.

Let's go!

See "A(rch) to Z(ram)" for my step-by-step install of Arch, where I created:

• @ subvolume, mounted to /. Create snapshots of this root subvolume.
• @snapshots and other subvolumes, which are excluded from root snapshots.

1. Install Snapper and snap-pac

Snapper is a tool for managing BTRFS snapshots. It can create and restore snapshots, and provides scheduled auto-snapping. Snap-pac provides a Pacman hook that uses Snapper to create pre- and post- BTRFS snapshots triggered by use of the package manager.

Install ...

$ sudo pacman -S snapper snap-pac

2. Create snapshot configuration for root subvolume

Snapper's create-config command assumes:

• Subvolume @ already exists and is mounted at /.
• /.snapshots directory is not mounted and doesn't exist.

During my Arch install, I created the @ and @snapshots subvolumes, and /.snapshots mountpoint. Before letting Snapper do its config thing, I need to move my earlier snapshot setup out of the way.

Unmount the subvolume and remove the mountpoint ...

$ sudo umount /.snapshots
$ sudo rm -rf /.snapshots

Create a new root config ...

$ sudo snapper -c root create-config /

This generates:

• Configuration file at /etc/snapper/configs/root.
• Add root to SNAPPER_CONFIGS in /etc/conf.d/snapper.
• Subvolume .snapshots where future snapshots for this configuration will be stored.

3. Setup /.snapshots

List subvolumes ...

$ sudo btrfs subvolume list /
ID 256 gen 199 top level 5 path @
ID 257 gen 186 top level 5 path @home
ID 258 gen 9 top level 5 path @snapshots
[...]
ID 265 gen 199 top level 256 path .snapshots

Note the @snapshots subvolume I had created earlier, and the .snapshots created by Snapper.

I prefer my @snapshots setup over .snapshots, so I delete the Snapper-generated subvolume ...

$ sudo btrfs subvolume delete .snapshots
Delete subvolume (no-commit): '//.snapshots'

Re-create and re-mount /.snapshots mountpoint ...

$ sudo mkdir /.snapshots
$ sudo mount -a

This setup will make all snapshots created by Snapper be stored outside of the @ subvolume. This allows replacing @ without losing the snapshots.

Set permissions. Owner must be root, and I allow members of wheel to browse through snapshots ...

$ sudo chmod 750 /.snapshots
$ sudo chown :wheel /.snapshots

4. Manual snapshot

Example of taking a manual snapshot of a fresh install ...

$ sudo snapper -c root create -d "**Base system install**"

5. Automatic timeline snapshots

Setup timed auto-snapshots by modifying /etc/snapper/configs/root.

Allow user (example: foo) to work with snapshots ...

ALLOW_USERS="foo"

Example: Set some timed snapshot limits ...

TIMELINE_MIN_AGE="1800"
TIMELINE_LIMIT_HOURLY="5"
TIMELINE_LIMIT_DAILY="7"
TIMELINE_LIMIT_WEEKLY="0"
TIMELINE_LIMIT_MONTHLY="0"
TIMELINE_LIMIT_YEARLY="0"

Start and enable snapper-timeline.timer to launch the automatic snapshot timeline, and snapper-cleanup.timer to periodically clean up older snapshots...

$ sudo systemctl enable --now snapper-timeline.timer
$ sudo systemctl enable --now snapper-cleanup.timer

6. Pacman snapshots

Pacman pre- and post- snapshots are triggered before and after a significant change (such as a system update).

Example: I install tree, which triggers a pre and post install snapshot.

List configs ...

$ snapper list-configs
Config | Subvolume
-------+----------
root   | /

List snapshots taken for root ...

$ snapper -c root list
 # | Type   | Pre # | Date                        | User | Cleanup  | Description             | Userdata
---+--------+-------+-----------------------------+------+----------+-------------------------+---------
0  | single |       |                             | root |          | current                 |         
1  | single |       | Sat 20 Aug 2022 11:21:53 AM | root |          | **Base system install** |         
2  | pre    |       | Sat 20 Aug 2022 11:22:39 AM | root | number   | pacman -S tree          |         
3  | post   |     2 | Sat 20 Aug 2022 11:22:39 AM | root | number   | tree                    |
4  | single |       | Sat 20 Aug 2022 12:00:04 PM | root | timeline | timeline                |

List updated subvolumes list, which now includes the snapshots ...

$ sudo btrfs subvolume list /
ID 256 gen 270 top level 5 path @
ID 257 gen 270 top level 5 path @home
ID 258 gen 257 top level 5 path @snapshots
[...]
ID 266 gen 216 top level 258 path @snapshots/1/snapshot
ID 267 gen 218 top level 258 path @snapshots/2/snapshot
ID 268 gen 219 top level 258 path @snapshots/3/snapshot
ID 269 gen 237 top level 258 path @snapshots/4/snapshot

7. Updatedb

If locate is installed, skip indexing .snapshots directory by adding to /etc/updatedb.conf ...

PRUNENAMES = ".snapshots"

8. Grub-btrfs

Include the snapshots as boot options in the GRUB boot loader menu.

Install ...

$ sudo pacman -S grub-btrfs

Set the location of the directory containing the grub.cfg file in /etc/default/grub-btrfs/config.

Example: My grub.cfg is located in /efi/grub ...

GRUB_BTRFS_GRUB_DIRNAME="/efi/grub"

9. Auto-update GRUB

Enable grub-btrfs.path to auto-regenerate grub-btrfs.cfg whenever a modification appears in /.snapshots ...

$ sudo systemctl enable --now grub-btrfs.path

At the next boot, there is an submenu in GRUB for Arch Linux snapshots.

10. Read-only snapshots and overlayfs

Booting on a snapshot is done in read-only mode.

This can be tricky:

An elegant way is to boot this snapshot using overlayfs ... Using overlayfs, the booted snapshot will behave like a live-cd in non-persistent mode. The snapshot will not be modified, the system will be able to boot correctly, because a writeable folder will be included in the RAM ... Any changes in this system thus started will be lost when the system is rebooted/shutdown.

Add the hook grub-btrfs-overlayfs at the end of HOOKS in /etc/mkinitcpio.conf ...

HOOKS=(base ... fsck grub-btrfs-overlayfs)

Re-generate initramfs ...

$ sudo mkinitcpio -P

Note: Any snapshots that do not include this modified initramfs will not be able to use overlayfs.

11. System rollback the 'Arch Way'

Snapper includes a rollback tool, but on Arch systems the preferred method is a manual rollback.

After booting into a snapshot mounted rw courtesy of overlayfs, mount the toplevel subvolume (subvolid=5). That is, omit any subvolid or subvol mount flags (example: an encrypted device map labelled cryptdev) ...

$ sudo mount /dev/mapper/cryptdev /mnt

Move the broken @ subvolume out of the way ...

$ sudo mv /mnt/@ /mnt/@.broken

Or simply delete the subvolume ...

$ sudo btrfs subvolume delete /mnt/@

Find the number of the snapshot that you want to recover ...

$ sudo grep -r '<date>' /mnt/@snapshots/*/info.xml
[...]
/.snapshots/8/info.xml:  <date>2022-08-20 15:21:53</date>
/.snapshots/9/info.xml:  <date>2022-08-20 15:22:39</date>

Create a read-write snapshot of the read-only snapshot taken by Snapper ...

$ sudo btrfs subvolume snapshot /mnt/@snapshots/number/snapshot /mnt/@

Where number is the snapshot you wish to restore as the new @.

Unmount /mnt.

Reboot and rollback!

Create Services in Alpine Linux

I began my development adventure, as everyone else, with simple CLI apps (mostly incredibly useless...), and my next step was with web development.

First with Golang, then Node.js and then others.

Little by little, I learned to create decent-looking websites and I wanted to deploy them in my homelab. First, I did it on my first dedicated server, a Raspberry Pi 5 8Gb and it worked great! But then I bought a Dell Poweredge Rack Server to have a server hosting VMs.

There, I wanted to deploy my websites (my Portfolio and other little projects that could be of interest), but I wanted to keep the VMs really simple and lightweight, so I chose Alpine Linux, a great Linux distribution that keep things quite essential. I knew of it because it's one of the most used images with Docker, so it explains its optimization.

But, what if the VM crashes or needs to be rebooted, or, simply, if I need to reboot the Server?

Then I would need to restart manually all webservers in the many VMs... a lot of hassle and possible issues.

The answer to that problematic is to create a service that is started at boot time.

In systemd distributions, you need to create a service file, but Alpine Linux uses OpenRC instead.

Creating an OpenRC file

OpenRC files are located in /etc/init.d/, so first, you need to create a file there (the name of the file will be the name of the service):

sudo vim /etc/init.d/webserver

Then write your OpenRC file:

#!/sbin/openrc-run

# Service description
#
# This service starts the web server application
name=$RC_SVNAME
pidfile="/run/${RC_SVNAME}.pid"
# switch webserver to the name of your service in the two following lines (they are both optional configurations)
output_log="/var/log/webserver.log"
error_log="/var/log/webserver.err"

# Command needed to run the application
command="/path/to/your/webserver/executable"
# you can put all arguments below:
command_args="arg1 arg2 arg3"

# Command settings
command_background=true
# specify the user you wish to execute your webserver as:
command_user="www-data:www-data"

# Dependencies (most likely the network if it's a webserver, and there might be more if your application is more demanding)
depend() {
	need net
}

Make the file executable, otherwise, you'll not be able to run anything and the start command will fail:

sudo chmod 755 /etc/init.d/webserver

Warning!

You might need to give writing access to the user defined in the command_user line for the output_log and error_log files if you decide to specify them (they are optional)

Using Environment variables

If you need to use environment variables in your OpenRC, you need to create a configuration file in /etc/conf.d/ with the same name as the OpenRC file.

In it you can export all environment variables you might need, for example:

export WEBSERVER_PORT=4000

and then you can call it in the OpenRC file, for example:

command_args="port=${WEBSERVER_PORT}"

Managing the service created

Consult that Official documentation from the Alpine Linux website if you wish to know more about it from the official page.

To manipulate your service, you can use those three commands (replace webserver with the name of the service):

rc-service webserver start

rc-service webserver status

rc-service webserver stop

To enable your service at the default level (when booting the system normally):

Replace webserver with the name of the service.

rc-update add webserver default

To remove your service from all levels:

rc-update delete webserver -a

With that, you should be able to create your services and execute them automatically at boot time in your Alpine Linux servers!

Happy coding!

Almalinux LXC setup

Here is a simple review of what should be done in a newly created LXC using the image from Proxmox VE.

1. Install important packages

   • update and upgrade

     dnf update -y && dnf upgrade -y
     

   • install basic packages

     dnf install -y vim git wget net-tools openssh-server
     

2. Create a user with sudo privileges

   adduser thorgan
   usermod -aG wheel thorgan
   passwd thorgan
   

3. Start and enable sshd to accept SSH connections

   service sshd start && systemctl enable sshd