103 lines
2.3 KiB
Plaintext
103 lines
2.3 KiB
Plaintext
|
Secret service
|
||
|
|
|
||
|
|
do not install kwallet
|
||
|
|
|
||
|
|
install kwallet-secrets from AUR instead. This provides org.freedesktop.secrets functionality, which is needed by Evolution and Docker Credential helper.
|
||
|
|
|
||
|
|
install docker cred helper: https://docs.docker.com/engine/reference/commandline/login/#credentials-store
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
SSH Agent
|
||
|
|
|
||
|
|
make sure ssh-agent and ssh-askpass are installed.
|
||
|
|
|
||
|
|
Add the following to /lib/systemd/user/ssh-agent.socket
|
||
|
|
|
||
|
|
|
||
|
|
[Unit]
|
||
|
|
Description=SSH key agent
|
||
|
|
|
||
|
|
[Service]
|
||
|
|
Type=simple
|
||
|
|
Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket
|
||
|
|
# DISPLAY required for ssh-askpass to work
|
||
|
|
Environment=DISPLAY=:0
|
||
|
|
ExecStart=/usr/bin/ssh-agent -D -a $SSH_AUTH_SOCK
|
||
|
|
|
||
|
|
[Install]
|
||
|
|
WantedBy=default.target
|
||
|
|
|
||
|
|
|
||
|
|
Add the following line to ~/.bash_profile
|
||
|
|
|
||
|
|
|
||
|
|
export SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/ssh-agent.socket"
|
||
|
|
|
||
|
|
|
||
|
|
Enable the user service
|
||
|
|
|
||
|
|
|
||
|
|
systemctl enable --user ssh-agent
|
||
|
|
|
||
|
|
|
||
|
|
(Note no use of sudo, this is a user service)
|
||
|
|
|
||
|
|
Restart.
|
||
|
|
|
||
|
|
At next login, SSH_AUTH_SOCK should be set at login by bash_profile, that variable is called
|
||
|
|
by the ssh-agent service which starts and daemonises ssh-agent on the socket specified by SSH_AUTH_SOCK
|
||
|
|
|
||
|
|
|
||
|
|
Nanorc, install nano-syntax-highlighting
|
||
|
|
mkdir ~/.config/nano
|
||
|
|
touch ~/.config/nano/nanorc
|
||
|
|
add
|
||
|
|
include /usr/share/nano/*.nanorc
|
||
|
|
to ~/.config/nano/nanorc
|
||
|
|
|
||
|
|
|
||
|
|
VS Code
|
||
|
|
|
||
|
|
D-bus secret service must be running first, install kwallet-secrets from the AUR
|
||
|
|
|
||
|
|
install code-marketplace and code-features from the AUR
|
||
|
|
install code package from community repo
|
||
|
|
install docker and docker-compose
|
||
|
|
Install docker-credential-secretservice from Aur
|
||
|
|
mkdir ~/.docker
|
||
|
|
nano ~/.docker/config.json
|
||
|
|
|
||
|
|
{
|
||
|
|
"credstore": "secretservice"
|
||
|
|
}
|
||
|
|
|
||
|
|
normal docker post install steps:
|
||
|
|
|
||
|
|
sudo usermod -aG docker <username>
|
||
|
|
sudo nano /etc/docker/daemon.json (assuming normal zfs setup with nvme/system/docker dataset mounted at /var/lib/docker )
|
||
|
|
|
||
|
|
{
|
||
|
|
"storage-driver": "zfs"
|
||
|
|
}
|
||
|
|
|
||
|
|
sudo systemctl enable/start docker.socket and docker.service
|
||
|
|
newgrp docker or reboot
|
||
|
|
|
||
|
|
login to the gitlab registry (for access to CCL containers)
|
||
|
|
|
||
|
|
docker login registry.gitlab.com -u "mbalsillie" -p "<pat token>"
|
||
|
|
|
||
|
|
Check kwallet, Secret service > Passwords > registry.gitlab.com to confirm password has been stored correctly.
|
||
|
|
|
||
|
|
Open vs code, install extensions:
|
||
|
|
|
||
|
|
remote-containers
|
||
|
|
ansible
|
||
|
|
terraform
|
||
|
|
pylance
|
||
|
|
|
||
|
|
Should be good to open the repo folder now and launch in container.
|