Skip to content
/ Linux-config Public

My personal Linux setup, with instructions. This makes it easy to restore everything back to normal everytime

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

BoscoDomingo/Linux-config

BranchesTags

Repository files navigation

Linux Setup

  1. Prerequisites
  2. Installation
  3. Tool managers
    1. mise
      1. Installing directly from repos
    2. Homebrew
    3. Built-in package managers
  4. GPG, commit signing and authentication
    1. Importing keys
    2. SSH authentication with GPG
    3. WSL setup
    4. Use TUI pinentry
  5. WSL
    1. Detecting WSL inside shell scripts

Prerequisites

  • The private GPG key as an .asc file
  • Git configured with the basics to download the repo. If needed, check #GPG and commit signing.
  • VS Code or Cursor installed.

Installation

You can try running the ./run.sh file directly, although it is untested and will likely not work.

Otherwise, just run the commands manually.

Tool managers

mise

Recommended since you can manage multiple language SDKs + tools at once, not needing a version manager for each.

It also works directly with GitHub repos, asdf plugins, and a bunch of other backends (aqua, vfox, etc), so you can manage pretty much anything with it. Pretty neat!

The biggest drawback is that they won't be available until you activate mise for the given shell during initialisation, unless you reference them manually. Generally speaking, some tools will require using the built-in package manager or Homebrew. All that don't, however, probably wise to install with mise.

Node + pnpm

Use npm to install pnpm because otherwise the cache and installed modules are lost every time pnpm is updated.

npx pnpm i -g pnpm # To save pnpm to $PNPM_HOME so cache won't be lost on updates

Optional extras:

  • ni pnpm i -g @antfu/ni
  • taze npm i -g taze - pnpm doesn't need it but it's still useful
  • ncu npm i -g npm-check-updates - pnpm doesn't need it. Taze is better, but always nice to have an alternative.

Go

 
mise use -g go@latest golangci-lint@latest

Python

 
# Only use this if `mise use -g python@latest` fails to install due to pkg-config issues
brew unlink pkg-config && \
CFLAGS="-I$(brew --prefix openssl)/include" \
LDFLAGS="-L$(brew --prefix openssl)/lib" \
mise use -g python@latest; \
brew link pkg-config

Installing directly from repos

If a tool is not directly available in mise, you can install it from its GitHub repo.

The easiest way is to add the org_or_user/repo slug to the ~/.config/mise/config.toml file in the [alias] section.

[alias]
"tldr++" = "ubi:isacikgoz/tldr"

and then run mise use <alias> to install it.

This is better than using mise use -g ubi:<org_or_user>/<repo> because the name won't be polluted with the ubi: prefix.

Homebrew

See ./run.sh for a list of tools installed with Homebrew.

Built-in package managers

When the tools must be available at all points during the startup process (even if something fails) and we don't care much about pinning a version.

GPG, commit signing and authentication

GPG uses a main key that can have multiple subkeys with different purposes (Signing (SC), Encryption (E), and/or Authentication (A)).

Once created, a subkey cannot be modified.

Importing keys

gpg --import <path/to/secret_key.asc>
gpg -K --keyid-format=long # Verify it was imported correctly
gpg --edit-key <email>
# Inside gpg
trust
# 5 = ultimate trust
5
# Save and quit
y
# Exit gpg
quit

SSH authentication with GPG

To use your GPG key for SSH authentication, add the authentication subkey's keygrip to ~/.gnupg/sshcontrol:

# List keys and find the [A] or [SEA] subkey's keygrip
gpg --list-keys --with-keygrip boscodomingob@gmail.com # Or use the key id

# Add the auth subkey keygrip to sshcontrol
echo "<auth-subkey-keygrip>" >> ~/.gnupg/sshcontrol

# Export SSH public key and add to GitHub/services
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
ssh-add -L

# Restart agent to apply changes
gpgconf --kill gpg-agent
gpgconf --launch gpg-agent

Note that this is not necessary. You can always generate SSH keys on each device and add those to GitHub

It is however likely more convenient. Do whatever you prefer!

ssh-keygen -t ed25519 -C "boscodomingob@gmail.com"

and add the public key to GitHub/services.

cat ~/.ssh/id_ed25519.pub

WSL setup

Note that you don't need GPG4Win, you can use everything from Linux itself. However, GPG4Win can be useful if you ever plan on using Windows directly to develop or sign anything.

Also, note thatkeys can only be cached for as long as the agent is running. Rebooting the machine will clear the cache.

Follow any of these guides:

You may need to fix issues:

Use TUI pinentry

You can use pinentry which prompts with a TUI, or pinentry-tty which uses stdin directly, as sudo does.

Example:

# Either one should work
sudo apt install pinentry-tty
brew install pinentry-tty

and modify your ~/.gnupg/gpg-agent.conf to use the built-in pinentry:

pinentry-program /usr/bin/pinentry-tty
pinentry-program /home/linuxbrew/.linuxbrew/bin/pinentry-tty

WSL

Detecting WSL inside shell scripts

if [ -f "/etc/wsl.conf" ] || [ -z "$WSL_DISTRO_NAME" ]; then
	echo "WSL detected"
else
	echo "Not WSL"
fi

About

My personal Linux setup, with instructions. This makes it easy to restore everything back to normal everytime

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages