commit 6d855446153f86b36467e0d1009a4b2df1098a2a Author: Henrik Lutzmann Date: Sun Dec 29 18:21:40 2024 +0100 Dateien nach "/" hochladen diff --git a/LinuxMint22_Flatpack.sh b/LinuxMint22_Flatpack.sh new file mode 100644 index 0000000..17debd9 --- /dev/null +++ b/LinuxMint22_Flatpack.sh @@ -0,0 +1,117 @@ +#!/bin/sh +# +if [ ! -f /etc/debian_version ]; then + echo "Unsupported Linux Distribution. Prepared for Debian" + exit 1 +fi +################################################################################ +# +# +# Install Flatpaks @Linux Mint / Linux Mint Debian Edition +# +# +################################################################################ +# +while : +do +clear +echo "" +echo "\033[1m I N S T A L L Flatpak @ LinuxMint22 " +echo " -----------------------------------------" +echo "\033[0m" +echo " 01.Setup Flatpak Themes" +echo " -----------------------------------------" +echo " 02.Install Flatseal" +echo " 03.Install FreeTube" +echo " 04.Install Bitwarden" +echo " 05.Install Jellyfin-Media-Player" +echo " 06.Install Lutris" +echo " 07.Install Cryptomator" +echo " 08.Install SaveDesktop" +echo " 09.Install Flatsweep" +echo " -----------------------------------------" +echo " 10.Reinstall Flatpack" +echo "" +echo " x. Exit" +echo "" +echo -n " Please enter option [01 - 10]" +read opt +case $opt in +################################################################################## +01) echo "************ Setup Flatpak Themes Arc-Dark **********************"; +################################################################################## +# Step 1: Give Flatpak apps access to GTK themes and icons location +sudo cp -r /usr/share/icons/Papirus-Dark ~/.icons/ +sudo cp -r /usr/share/icons/ePapirus-Dark ~/.icons/ +sudo cp -r /usr/share/themes/Arc-Dark ~/.themes/ + +sudo flatpak override --filesystem=$HOME/.themes +sudo flatpak override --filesystem=$HOME/.icons + +# Step 2: Tell Flatpak apps which theme/icon to use +sudo flatpak override --env=GTK_THEME=Arc-Dark +sudo flatpak override --env=ICON_THEME=Papirus-Dark +# sudo flatpak override --env=ICON_THEME=Papirus-Yaru-Dark +;; + +################################################################################## +02) echo "************ Install Flatseal ****************"; +################################################################################## +flatpak install -y flathub com.github.tchx84.Flatseal +;; + +################################################################################## +03) echo "************ Install FreeTube *****************"; +################################################################################## +flatpak install -y flathub io.freetubeapp.FreeTube +;; + +################################################################################## +04) echo "************ Install Bitwarden ******************"; +################################################################################## +flatpak install -y flathub com.bitwarden.desktop +;; + +################################################################################## +05) echo "************ Install Jellyfin-Media-Player **************************"; +################################################################################## +flatpak install -y flathub com.github.iwalton3.jellyfin-media-player +;; + +################################################################################## +06) echo "************ Install Lutris **************************"; +################################################################################## +flatpak install -y flathub net.lutris.Lutris +;; + +################################################################################## +07) echo "************ Install Cryptomator **************************"; +################################################################################## +flatpak install -y flathub org.cryptomator.Cryptomator +;; + +################################################################################## +08) echo "************ Install SaveDesktop **************************"; +################################################################################## +flatpak install -y flathub io.github.vikdevelop.SaveDesktop +;; + +################################################################################## +09) echo "************ Install Flatsweep **************************"; +################################################################################## +flatpak install -y flathub io.github.giantpinkrobots.flatsweep +;; + +################################################################################## +10) echo "************ Reinstall Flatpack **************************"; +################################################################################## +sudo apt remove -y flatpak --purge && sudo apt install -y flatpak --reinstall +sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo +;; + +x) echo ""; +exit 1;; +*) echo " Press [enter] key to continue. . ."; +read enterKey;; +esac +done diff --git a/LinuxMint22_KVM.sh b/LinuxMint22_KVM.sh new file mode 100644 index 0000000..abda4f8 --- /dev/null +++ b/LinuxMint22_KVM.sh @@ -0,0 +1,109 @@ +#!/bin/sh +# +if [ ! -f /etc/debian_version ]; then + echo "Unsupported Linux Distribution. Prepared for Debian" + exit 1 +fi +################################################################################ +# +# +# Install KVM @Linux Mint 22 +# +# +################################################################################ +# +# Preperations: +# - Warning your GPU has to support UEFI. +# - Check if your motherboard BIOS version is recent. (this can help you with having better IOMMU groups) +# - Check if your system is installed in UEFI mode. (CSM disabled in bios for AMD) +# +# AMD: +# - IOMMU = enabled +# - NX mode = enabled +# - SVM mode = enabled +# +################################################################################ +# +# wget https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso +# +# https://www.youtube.com/watch?v=_JTEsQufSx4 +# +################################################################################ +# +# journalctl -xeu libvirtd.service +# +################################################################################ +sudo apt install -y \ + qemu-kvm \ + qemu-system \ + libvirt-clients \ + libvirt-daemon-system \ + bridge-utils \ + virt-manager \ + ovmf \ + swtpm \ + virgl-server \ + libvirglrenderer1 \ + libguestfs-tools \ + libosinfo-bin + + +echo -e '\033[33m------Enable IOMMU------\033[33m' +echo -e "\033[0m" +sleep 2 +sudo cp /etc/default/grub /etc/default/grub_kvm +sudo sed -i 's/GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"/GRUB_CMDLINE_LINUX_DEFAULT="amd_iommu=on iommu=pt video=efifb:off quiet splash"/g' /etc/default/grub +sudo update-grub + + +echo -e '\033[33m------Configuring of Libvirt------\033[33m' +echo -e "\033[0m" +sleep 2 +sudo sed -i 's/#unix_sock_group = "libvirt"/unix_sock_group = "libvirt"/g' /etc/libvirt/libvirtd.conf +sudo sed -i 's/#unix_sock_rw_perms = "0770"/unix_sock_rw_perms = "0770"/g' /etc/libvirt/libvirtd.conf + +# IMPORTANT: You need this for detailed logs: +echo -e 'log_filters="1:qemu"' | sudo tee -a /etc/libvirt/libvirtd.conf +echo -e 'log_outputs="1:file:/var/log/libvirt/libvirtd.log"' | sudo tee -a /etc/libvirt/libvirtd.conf + +sudo usermod -a -G libvirt $(whoami) + +sudo sed -i 's/#user = "root"/user = "$USER"/g' /etc/libvirt/qemu.conf + +sudo systemctl enable --now libvirtd + +# Verify libvirt has been added to your users: +# sudo groups $(whoami) + + +echo -e '\033[33m------Configuring QEMU------\033[33m' +echo -e "\033[0m" +sleep 2 +sudo cp /etc/libvirt/qemu.conf /etc/libvirt/qemu.conf.default +sudo sed -i 's/#user = "libvirt-qemu"/user = "zulumann"/g' /etc/libvirt/qemu.conf +sudo sed -i 's/#group = "kvm"/group = "zulumann"/g' /etc/libvirt/qemu.conf + +sudo usermod -a -G kvm,libvirt $(whoami) + +# Verify libvirt and kvm has been added to your users groups: +# sudo groups $(whoami) + + +echo -e '\033[33m------Enabling the virtual machine default network------\033[33m' +echo -e "\033[0m" +sleep 2 +sudo virsh net-autostart default && sudo virsh net-start default + + +echo -e '\033[33m------Enabling copy-and-paste between the guest and the host------\033[33m' +echo -e "\033[0m" +sleep 2 +sudo apt install spice-vdagent +sudo systemctl enable --now spice-vdagentd.service + + +echo -e '\033[33m------Setup Directorys------\033[33m' +echo -e "\033[0m" +sleep 2 +#mkdir -p /home/$USER/VM-Images && sudo chown :kvm ~/VM-Images +#mkdir -p /home/$USER/ISOs && sudo chown :kvm ~/ISOs diff --git a/LinuxMint22_Software.sh b/LinuxMint22_Software.sh new file mode 100644 index 0000000..f10e420 --- /dev/null +++ b/LinuxMint22_Software.sh @@ -0,0 +1,120 @@ +#!/bin/sh +# +if [ ! -f /etc/debian_version ]; then + echo "Unsupported Linux Distribution. Prepared for Debian" + exit 1 +fi +# +################################################################################ +# +# +# post-installation script for Linux +# +# +# +################################################################################ +# +# root pass: master_user@vm-net#01 +# +################################################################################ +while : +do +clear +echo "" +echo "\033[1m I N S T A L L LinuxMint22 Software" +echo " -----------------------------------------" +echo "\033[0m" +echo " 01.Install Ananicy" +echo " 02.Install Brave Browser" +echo " 03.Install Telegram-Desktop" +echo " 04.Install OwnCloud-Client" +echo " 05.Install VSCodium" +echo " 06.Install Syncthing" +echo " 07.Install Steam DosBOX" +echo "" +echo " x. Exit" +echo "" +echo -n " Please enter option [01 - 07]" +read opt +case $opt in + +################################################################################## +01) echo "************ Install Ananicy **********************"; +################################################################################## +sudo apt install --assume-yes --install-recommends schedtool -f + +git clone https://github.com/kuche1/minq-ananicy.git +./minq-ananicy/package.sh debian +sudo dpkg -i ./minq-ananicy/*ananicy-*.deb + +sudo apt install --assume-yes --install-recommends gamemode -f +sudo apt install --assume-yes --install-recommends thermald -f +sudo apt install --assume-yes --install-recommends tuned -f + +sudo systemctl enable --now ananicy +;; + +################################################################################## +02) echo "************ Install Brave Browser **********************"; +################################################################################## +wget -qO - https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg | sudo gpg --dearmor -o /usr/share/keyrings/brave-browser-stable-keyring.gpg +echo "deb [arch=amd64 signed-by=/usr/share/keyrings/brave-browser-stable-keyring.gpg] https://brave-browser-apt-release.s3.brave.com/ stable main"|sudo tee /etc/apt/sources.list.d/brave-browser-release.list +sudo apt update && sudo apt install -y brave-browser +;; + +################################################################################## +03) echo "************ Install Telegram-Desktop **********************"; +################################################################################## +wget -O telegram.tar.xz https://telegram.org/dl/desktop/linux && tar xf telegram.tar.xz +sudo mv Telegram /opt/telegram && sudo ln -sf /opt/telegram/Telegram /usr/bin/telegram +/usr/bin/telegram +;; + +################################################################################## +04) echo "************ Install OwnCloud-Client **********************"; +################################################################################## +wget -nv https://download.owncloud.com/desktop/ownCloud/stable/latest/linux/Ubuntu_22.04/Release.key -O - | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/owncloud.gpg > /dev/null +echo 'deb https://download.owncloud.com/desktop/ownCloud/stable/latest/linux/Ubuntu_22.04/ /' | sudo tee -a /etc/apt/sources.list.d/owncloud.list +sudo apt update && sudo apt install -y owncloud-client +;; + +################################################################################## +05) echo "************ Install VSCodium **********************"; +################################################################################## +wget -O- https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg | sudo gpg --dearmor | sudo tee /usr/share/keyrings/vscodium.gpg +echo deb [signed-by=/usr/share/keyrings/vscodium.gpg] https://download.vscodium.com/debs vscodium main | sudo tee /etc/apt/sources.list.d/vscodium.list +sudo apt update && sudo apt install -y codium +;; + +################################################################################## +06) echo "************ Install Syncthing **********************"; +################################################################################## +sudo curl -s -o /usr/share/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg +echo "deb [signed-by=/usr/share/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list + +# Bevorzugung von Syncthing-Paketen ("Pinning") +printf "Package: *\nPin: origin apt.syncthing.net\nPin-Priority: 990\n" | sudo tee /etc/apt/preferences.d/syncthing + +sudo apt update && sudo apt install -y syncthing syncthing-gtk +systemctl --user enable syncthing && systemctl --user start syncthing +sudo ufw allow syncthing && sudo ufw reload +;; + +################################################################################## +07) echo "************ Install Steam DosBOX **********************"; +################################################################################## +sudo apt install -y \ + dosbox \ + gamemode \ + mangohud \ + steam \ + xboxdrv +;; + +x) echo ""; +exit 1;; +*) echo " Press [enter] key to continue. . ."; +read enterKey;; +esac +done + diff --git a/LinuxMint22_System.sh b/LinuxMint22_System.sh new file mode 100644 index 0000000..d854edc --- /dev/null +++ b/LinuxMint22_System.sh @@ -0,0 +1,1031 @@ +#!/bin/sh +# +if [ ! -f /etc/debian_version ]; then + echo "Unsupported Linux Distribution. Prepared for Debian" + exit 1 +fi +################################################################################ +# +# +# Linux Mint 21 System Install +# +# +################################################################################ +# +while : +do +clear +echo "" +echo "\033[1m I N S T A L L Linux Mint 22" +echo " ----------------------------------" +echo "\033[0m" +echo "01.Remove Fonts+Software" +echo "02.Install System" +echo "03.Install TLP" +echo "04.Install XanMod-Kernel" +echo " ----------------------------------------" +echo "06.Install Samba" +echo "07.Install OpenSSH-Server" +echo " ----------------------------------------" +echo "08.Install Software" +echo "09.Install DVD+Bluray" +echo "13.Install HPLIP+Plugin" +echo "17.Install Timeshift-Autosnap-APT" +echo " ----------------------------------------" +echo "20.Install AMD-GPU" +echo "21.Install Radeon-GPU" +echo "22.Install Intel-GPU" +echo "23.Install Nvidia-GPU" +echo " ----------------------------------------" +echo "24.Setup Home" +echo "25.Disable ipv6" +echo "26.Cleanup System" +echo "" +echo " x. Exit" +echo "" +echo -n " Please enter option [01 - 26]" +read opt +case $opt in +################################################################################## +01) echo "************ Remove Fonts+Software **********************"; +################################################################################## +sudo apt remove -y onboard transmission transmission-gtk rhythmbox + +# Remove most Asian font: +# ======================= +# If you're not a user of Asian fonts, you might remove a couple of those. That should free up several +# hundred MB's of disk space, but more importantly: the font selection box in Libre Office will become +# much less cluttered. +sudo apt remove -y fonts-kacst* fonts-khmeros* fonts-lklug-sinhala fonts-guru-extra fonts-nanum* fonts-noto-cjk +sudo apt remove -y fonts-takao* fonts-tibetan-machine fonts-lao fonts-sil-padauk fonts-sil-abyssinica fonts-tlwg-* +sudo apt remove -y fonts-lohit-* fonts-beng-extra fonts-gargi fonts-gubbi fonts-gujr-extra fonts-kalapi fonts-lohit-* +sudo apt remove -y fonts-samyak* fonts-navilu fonts-nakula fonts-orya-extra fonts-pagul fonts-sarai fonts-telu* fonts-wqy* +sudo apt remove -y fonts-smc* fonts-deva-extra +sudo dpkg-reconfigure fontconfig + +## Disable SystemD Service +#sudo systemctl stop ModemManager && sudo systemctl disable ModemManager +;; + +################################################################################## +02) echo "************ Install System **********************"; +################################################################################## +sudo apt install -y \ + apt-transport-https \ + ca-certificates \ + curl \ + wget \ + software-properties-common + +echo -e '\033[33m----Setup locales----\033[33m' +echo -e "\033[0m" +sleep 2 +sudo dpkg-reconfigure locales && sudo update-locale LANG=de_DE.UTF-8 && sudo locale-gen --purge --no-archive && sudo update-initramfs -u -k all + + +echo -e '\033[33m------Reconfigure Timezone------\033[33m' +echo -e "\033[0m" +sleep 2 +sudo dpkg-reconfigure tzdata +sudo timedatectl set-timezone Europe/Berlin + + +echo -e '\033[33m------Install Firmware & DKMS------\033[33m' +echo -e "\033[0m" +sleep 2 +sudo apt install -y \ + acpi \ + acpid + + + +echo -e '\033[33m----Setup FS-Tab----\033[33m' +echo -e "\033[0m" +sleep 2 +sudo cp /etc/fstab /etc/fstab.default +#sudo sed -i 's/errors=remount-ro/noatime,commit=600,errors=remount-ro/g' /etc/fstab +sudo sed -i 's/defaults,subvol=@/defaults,noatime,compress=zstd,subvol=@/g' /etc/fstab +sudo sed -i 's/defaults/defaults,noatime/g' /etc/fstab + +sudo sh -c 'echo " +# Secure shared memory +tmpfs /dev/shm tmpfs defaults,noexec,nosuid 0 0 + +# Tmpfs +tmpfs /var/tmp tmpfs defaults,noatime 0 0 +tmpfs /var/spool tmpfs defaults,noatime 0 0 +#tmpfs /var/lock tmpfs defaults 0 0 +#tmpfs /var/cache/apt/archives tmpfs size=15%,defaults 0 0 +" >> /etc/fstab' +sudo systemctl daemon-reload + +echo -e '\033[33m----Setup rc.local / Systemd Service----\033[33m' +echo -e "\033[0m" +sleep 2 +sudo bash -c 'cat << EOF > /etc/systemd/system/rc-local.service +[Unit] +Description=/etc/rc.local Compatibility +ConditionPathExists=/etc/rc.local + +[Service] +Type=forking +ExecStart=/etc/rc.local start +TimeoutSec=0 +StandardOutput=tty +RemainAfterExit=yes +SysVStartPriority=99 + +[Install] +WantedBy=multi-user.target +EOF' + +sudo bash -c 'cat << EOF > /etc/rc.local +#!/bin/sh -e +# +# rc.local +# +# This script is executed at the end of each multiuser runlevel. +# Make sure that the script will "exit 0" on success or any other +# value on error. +# +# In order to enable or disable this script just change the execution +# bits. +# +# By default this script does nothing. +#exit 0 +EOF' + +sudo sed -i 's/#exit 0/exit 0/g' /etc/rc.local +sudo chmod +x /etc/rc.local +sudo systemctl enable --now rc-local.service + +## Tmp mount +sudo cp /usr/share/systemd/tmp.mount /etc/systemd/system/ && sudo systemctl enable --now tmp.mount + +## Sytemd journald +sudo sh -c "echo 'SystemMaxUse=100M' >> /etc/systemd/journald.conf" + +## fstrim timer +sudo systemctl enable --now fstrim.timer + +## fstrim.service +sudo bash -c 'cat << EOF > /etc/systemd/system/fstrim.service +[Unit] +Description=Trim free cells on the SSD +After=local-fs.target + +[Service] +ExecStart=/sbin/fstrim / +ExecStart=/sbin/fstrim /home +Type=oneshot + +[Install] +WantedBy=multi-user.target +EOF' +sudo systemctl enable --now fstrim.service + + +echo -e '\033[33m----Setup Cron----\033[33m' +echo -e "\033[0m" +sleep 2 +sudo cp /etc/crontab /etc/crontab.default +sudo sh -c "echo '@weekly root apt autoremove && apt clean' >> /etc/crontab" + +echo -e '\033[33m----Setup Grub----\033[33m' +echo -e "\033[0m" +sleep 2 +sudo cp /etc/default/grub /etc/default/grub.default +sudo sed -i 's/#GRUB_GFXMODE=640x480/GRUB_GFXMODE=1920x1080x32/g' /etc/default/grub +sudo update-grub + + +echo -e '\033[33m----Install Fonts / Optimise Bitmap-Fonts----\033[33m' +echo -e "\033[0m" +sleep 2 +sudo apt install -y \ + fonts-terminus \ + fonts-noto \ + fonts-entypo \ + xfonts-75dpi \ + xfonts-100dpi \ + xfonts-terminus \ + ttf-mscorefonts-installer + +sudo bash -c 'cat << EOF > /etc/fonts/conf.avail/20-no-embedded.conf + + + + + + false + + + +EOF' + +sudo ln -s /etc/fonts/conf.avail/20-no-embedded.conf /etc/fonts/conf.d/ + + +echo -e '\033[33m----Install log2ram----\033[33m' +echo -e "\033[0m" +sleep 2 +curl -Lo log2ram.tar.gz https://github.com/azlux/log2ram/archive/master.tar.gz && tar xf log2ram.tar.gz +cd log2ram-master && chmod +x install.sh && sudo ./install.sh +sudo sed -i "s/SIZE=128M/SIZE=300M/g" /etc/log2ram.conf +sudo systemctl restart log2ram + +echo -e '\033[33m----Install zramswap----\033[33m' +echo -e "\033[0m" +sleep 2 +sudo swapoff --all && free + +sudo apt install zram-tools && sudo zramswap stop + +sudo mv /etc/default/zramswap /etc/default/zramswap.default + +sudo bash -c 'cat << EOF > /etc/default/zramswap +# Compression algorithm selection +# speed: lz4 > zstd > lzo +# compression: zstd > lzo > lz4 +# This is not inclusive of all that is available in latest kernels +# See /sys/block/zram0/comp_algorithm (when zram module is loaded) to see +# what is currently set and available for your kernel[1] +# [1] https://github.com/torvalds/linux/blob/master/Documentation/blockdev/zram.txt#L86 +ALGO=lz4 + +# Specifies the amount of RAM that should be used for zram +# based on a percentage the total amount of available memory +# This takes precedence and overrides SIZE below +#PERCENT=50 + +# Specifies a static amount of RAM that should be used for +# the ZRAM devices, this is in MiB +SIZE=1024 + +# Specifies the priority for the swap devices, see swapon(2) +# for more details. Higher number = higher priority +# This should probably be higher than hdd/ssd swaps. +PRIORITY=100 +EOF' + +sudo zramswap start +# cat /proc/swaps + + +echo -e '\033[33m----Setup Themes----\033[33m' +echo -e "\033[0m" +sudo apt install -y qt5-style-plugins +sudo sh -c 'echo "export QT_QPA_PLATFORMTHEME=gtk2" >> /etc/environment' + + +echo -e '\033[33m----Enable UFW Firewall----\033[33m' +echo -e "\033[0m" +sleep 2 +sudo ufw allow 5353 # MDNS +sudo ufw enable +;; + +################################################################################## +03) echo "************ Install TLP **********************"; +################################################################################## +sudo apt install -y \ + tlp \ + tlp-rdw + +# Auf ThinkPads installiert man zusätzlich: +# sudo apt install -y tp-smapi-dkms acpi-call-dkms +;; + +################################################################################## +04) echo "************ Install XanMod-Kernel **********************"; +################################################################################## +wget -qO - https://dl.xanmod.org/archive.key | sudo gpg --dearmor -vo /usr/share/keyrings/xanmod-archive-keyring.gpg +echo 'deb [signed-by=/usr/share/keyrings/xanmod-archive-keyring.gpg] http://deb.xanmod.org releases main' | sudo tee /etc/apt/sources.list.d/xanmod-release.list + +sudo apt update && sudo apt install -y linux-xanmod-x64v3 + +# Installieren Sie XanMod edge (empfohlen für den neuesten Kernel): +# sudo apt update && sudo apt install linux-xanmod-edge + +# XanMod Stable entfernen: +# sudo apt autoremove linux-xanmod --purge -y + +# XanMod-Kante entfernen: +# sudo apt autoremove linux-xanmod-edge --purge -y + +# Repository entfernen: +# sudo rm /etc/apt/sources.list.d/xanmod-kernel.list +;; + +################################################################################## +07) echo "************ Install Samba **********************"; +################################################################################## +sudo apt install -y \ + samba + +# Change the owner of the directory to root and the group to sambashare: +sudo chown -R root:sambashare /var/lib/samba/usershares + +# Change the permissions of the usershares directory so that users in the group sambashare can create files. +# This command also sets sticky bit, which is important to prevent users from deleting usershares of other users: +#sudo chmod 1770 /var/lib/samba/usershares + +sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.default + +sudo bash -c 'cat << EOF > /etc/samba/smb.conf +#======================= Global Settings ======================= +[global] +## Browsing/Identification ### +workgroup = WORKGROUP +server string = %h server +disable netbios = yes +unix extensions = yes +client min protocol = SMB2 +client max protocol = SMB3 +server min protocol = SMB2 +server max protocol = SMB3 +# protocol = SMB3 +wide links = no +follow symlinks = no +create mask = 0777 +directory mask = 0777 + +####### Authentication ####### +server role = standalone server +obey pam restrictions = yes +unix password sync = yes +passwd program = /usr/bin/passwd %u +passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . +pam password change = yes +invalid users = root +map to guest = bad user +guest account = nobody +guest ok = yes +usershare path = /var/lib/samba/usershares +usershare max shares = 100 +usershare allow guests = yes +usershare owner only = false + +####### Tuning ####### +socket options = TCP_NODELAY IPTOS_LOWDELAY +use sendfile = no +getwd cache = yes +stat cache = yes +min receivefile size = 16384 +write raw = yes +read raw = yes +max xmit = 32768 +deadtime = 15 +keepalive = 150 +sync always = no +large readwrite = yes +strict sync = no +strict allocate = Yes +strict locking = no +server multi channel support = yes +aio write size = 1 +aio read size = 1 + +#### Networking #### +;interfaces = 127.0.0.0/8 enp37s0 +;bind interfaces only = yes +;hosts allow = 127.0.0.0/8 192.168.10.0/24 192.168.70.0/24 +;hosts deny = all + +### Browsing election options ### +time server = no +wins support = no +multicast dns register = no +#dns forwarder = 192.168.10.1 +dns proxy = yes + +#### Debugging/Accounting #### +log file = /var/log/samba/log.%m +max log size = 1000 +logging = syslog +panic action = /usr/share/samba/panic-action %d +passdb backend = tdbsam +obey pam restrictions = no +log level = 0 + +####### Pinter ####### +load printers = no +disable spoolss = yes +printing = bsd +printcap name = /dev/null + +#======================= Share Definitions ======================= + +[printers] +comment = All Printers +browseable = no +path = /var/spool/samba +printable = yes +guest ok = no +read only = yes +create mask = 0700 + +# Windows clients look for this share name as a source of downloadable printer drivers +[print$] +comment = Printer Drivers +path = /var/lib/samba/printers +browseable = yes +read only = yes +guest ok = no +;write list = root, @lpadmin +EOF' + +sudo bash -c 'cat << EOF > /etc/avahi/services/smb.service + + + + %h - SMB/CIFS + + _smb._tcp + 445 + + +EOF' + + +sudo systemctl restart smbd.service +sudo systemctl restart nmbd.service +sudo systemctl restart avahi-daemon.service + +sudo ufw allow samba +sudo ufw reload + +# sudo usermod -aG sambashare $USER +sudo gpasswd sambashare -a $USER +sudo smbpasswd -a $USER + +# sudo apt install -y wsdd +# sudo ufw allow 3702/udp # wsdd +# sudo ufw allow 5357/tcp # wsdd +# sudo ufw reload +;; + + +################################################################################## +09) echo "************ Install OpenSSH-Server **********************"; +################################################################################## +sudo addgroup sshusers +sudo usermod -aG sshusers $USER + +sudo apt install -y openssh-server openssh-client + +sudo mv /etc/ssh/sshd_config /etc/ssh/sshd_config.default + +sudo bash -c 'cat << EOF > /etc/ssh/sshd_config +Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +HostKey /etc/ssh/ssh_host_rsa_key +HostKey /etc/ssh/ssh_host_ecdsa_key +HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +SyslogFacility AUTH +LogLevel INFO + +# Authentication: +DenyUsers root +DenyGroups root +AllowGroups sshusers + +LoginGraceTime 600 +PermitRootLogin no +#StrictModes yes +MaxAuthTries 3 +#MaxSessions 10 + +# To disable tunneled clear text passwords, change to no here! +PasswordAuthentication yes +PermitEmptyPasswords no + +# Change to yes to enable challenge-response passwords (beware issues with +# some PAM modules and threads) +ChallengeResponseAuthentication no + +# enable PAM authentication +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +PrintMotd no +#PrintLastLog yes +TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +ClientAliveInterval 1200 +ClientAliveCountMax 3 +#UseDNS no +PidFile /var/run/sshd.pid +MaxStartups 32 + +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* +EOF' + +sudo systemctl restart ssh.service + +sudo sh -c 'echo "sshd: ALL EXCEPT LOCAL" >> /etc/hosts.deny' +sudo sh -c 'echo "sshd: 192.168.10.0/255.255.255.0" >> /etc/hosts.allow' + +sudo apt install -y fail2ban + +sudo bash -c 'cat << EOF > /etc/fail2ban/jail.local +[sshd] +enabled = true +port = ssh +filter = sshd +logpath = /var/log/auth.log +maxretry = 3 +findtime = 300 +bantime = 3600 +ignoreip = 127.0.0.1 ::1 +EOF' + +sudo systemctl restart fail2ban.service + +sudo ufw allow ssh # Openssh-Server +sudo ufw reload + +# Monitoring With Fail2Ban-Client: +# sudo fail2ban-client status +# sudo fail2ban-client status sshd +;; + +################################################################################## +11) echo "************ Install Software **********************"; +################################################################################## +echo -e '\033[33m------Install COMMONLY USED APPLICATIONS------\033[33m' +echo -e "\033[0m" +sudo apt install -y \ + bmon \ + clang llvm \ + conky-all \ + fuseiso \ + git \ + localepurge \ + haveged \ + htop iotop iftop powertop atop \ + tmux \ + numlockx \ + screenfetch \ + screen \ + saidar \ + dfc \ + mc \ + md5deep \ + mtp-tools \ + ncdu \ + pwgen \ + ppa-purge \ + preload \ + renameutils \ + unrar unace p7zip-rar sharutils rar arj lunzip lzip + #apt install -y smartmontools glances hddtemp gpm + + +echo -e '\033[33m----Accessory Applications----\033[33m' +echo -e "\033[0m" +sudo apt install -y \ + doublecmd-gtk \ + diodon \ + gtkhash \ + keepassxc \ + shutter \ + plank \ + cherrytree + + # caffeine \ + + +echo -e '\033[33m----Grafik Applications----\033[33m' +echo -e "\033[0m" +sleep 2 +sudo apt install -y \ + gimp gimp-gap gimp-gutenprint gimp-plugin-registry gimp-help-de \ + flameshot \ + pinta + +echo -e '\033[33m------Install Codec------\033[33m' +echo -e "\033[0m" +sudo apt install -y \ + faac \ + faad \ + flac \ + flvstreamer \ + ffmpeg \ + gstreamer1.0-x \ + gstreamer1.0-tools \ + gstreamer1.0-plugins-bad \ + gstreamer1.0-plugins-base \ + gstreamer1.0-plugins-good \ + gstreamer1.0-pulseaudio \ + gstreamer1.0-plugins-ugly \ + lame \ + libquicktime2 \ + libasound2-plugins-extra \ + mppenc \ + mint-meta-codecs \ + vorbis-tools vorbisgain \ + ogmtools \ + opus-tools \ + wavpack \ + x264 \ + x265 + +echo -e '\033[33m----Multimedia Applications----\033[33m' +echo -e "\033[0m" +sudo apt install -y \ + audacious \ + easytag \ + mediainfo mediainfo-gui \ + mpv \ + pavucontrol \ + soundconverter \ + vlc vlc-plugin-samba + # puddletag python-musicbrainz2 libchromaprint-tools + + +echo -e '\033[33m----Internet Applications----\033[33m' +echo -e "\033[0m" +sudo apt install -y \ + filezilla \ + firejail \ + uget \ + mailnag \ + remmina \ + remmina-plugin-rdp \ + remmina-plugin-secret \ + remmina-plugin-spice + #quiterss \ + #deluge-gtk \ + + +echo -e '\033[33m----Office Applications----\033[33m' +echo -e "\033[0m" +sudo apt install -y \ + evolution \ + meld \ + libreoffice-evolution \ + pdfarranger \ + xchm + + +echo -e '\033[33m------Install Nemo Addons------\033[33m' +echo -e "\033[0m" +sudo apt install -y \ + nemo-compare \ + nemo-gtkhash \ + nemo-fileroller \ + nemo-media-columns \ + nemo-share \ + nemo-seahorse + + +echo -e '\033[33m----System Applications----\033[33m' +echo -e "\033[0m" +sudo apt install -y \ + backintime-qt \ + bleachbit \ + gparted \ + gsmartcontrol \ + hardinfo \ + tilda \ + notify-osd \ + libnotify-bin + + +echo -e '\033[33m------Install Themes------\033[33m' +echo -e "\033[0m" +sudo apt install -y \ + chameleon-cursor-theme + +ln -s /etc/alternatives/x-cursor-theme /usr/share/icons/default/index.theme +sudo update-alternatives --config x-cursor-theme + + +echo -e '\033[33m------Install Profile-Sync-Daemon------\033[33m' +echo -e "\033[0m" +sudo apt install -y profile-sync-daemon + +# Enable and start psd service: +systemctl --user enable psd && systemctl --user start psd + +cp -r /home/$USER/.mozilla /home/$USER/.mozilla.backup +mv /home/$USER/.config/psd/psd.conf /home/$USER/.config/psd/psd.conf.default + +cat > ~/.config/psd/psd.conf <<"EOF" +## NOTE the following: +## To protect data from corruption, in the event that you do make an edit while +## psd is active, any changes made will be applied the next time you start psd. + +# Uncomment and set to "yes" to use overlayfs instead of a full copy to reduce +# the memory costs and to improve sync/unsync operations. Note that your kernel +# MUST have this module available in order to use this mode +# +USE_OVERLAYFS="yes" + +# List browsers separated by spaces to include in the sync. Useful if you do not +# wish to have all possible browser profiles sync'ed which is the default if +# this variable is left commented. +# +BROWSERS="firefox" + +# Uncomment and set to "no" to completely disable the crash recovery feature. +# +# The default is to create crash recovery backups if the system is ungracefully +# powered-down due to a kernel panic, hitting the reset switch, battery going +# dead, etc. Some users keep very diligent backups and don't care to have this +# feature enabled. +USE_BACKUPS="yes" +EOF + + +sudo sh -c "echo '$USER ALL=(ALL) NOPASSWD: /usr/bin/psd-overlay-helper' >> /etc/sudoers" + +# Restart psd service: +systemctl --user restart psd + +# Preview the Profile-sync-daemon settings +# You can preview what exactly Psd is doing by passing the option -p +# psd p + + +# Change sync intervals +# By default, Profile-sync-daemon runs every one hour + +#crontab -e +#*/15 * * * * /usr/bin/profile-sync-daemon sync &> /dev/null +;; + +################################################################################## +13) echo "************ Install DVD+Bluray **********************"; +################################################################################## +sudo apt install -y \ + asunder \ + libaacs0 \ + libbluray-bdj \ + libdvdcss2 + +# Setup config aacs +mkdir -p /home/$USER/.config/aacs/ +cd /home/$USER/.config/aacs/ && wget --no-check-certificate http://vlc-bluray.whoknowsmy.name/files/KEYDB.cfg +;; + +################################################################################## +13) echo "************ Install HPLIP+Plugin **********************"; +################################################################################## +sudo apt install --assume-yes \ + printer-driver-cups-pdf \ + hplip \ + hplip-gui + +# Download and Install HPLIP-Plugin: +mkdir -p ~/.install/ && cd ~/.install/ +wget https://developers.hp.com/sites/default/files/hplip-3.23.12-plugin.run +chmod u+x hplip*.run && sh hplip*.run +sleep 10 + +sudo ufw allow 515 # LPD (Printer) +sudo ufw allow 427 # IPP (Printer) / SLP (Printer scanner) +sudo ufw reload +;; + +################################################################################## +17) echo "************ Install Timeshift-Autosnap-APT **********************"; +################################################################################## +sudo apt install -y btrfs-progs + +mkdir -p /home/$USER/.install/ + +git clone https://github.com/wmutschl/timeshift-autosnap-apt.git /home/$USER/.install/timeshift-autosnap-apt +cd /home/$USER/.install/timeshift-autosnap-apt +sudo make install + +git clone https://github.com/Antynea/grub-btrfs.git /home/$USER/.install/grub-btrfs +cd /home/$USER/.install/grub-btrfs +sudo make install + +# For example, as we do not have a dedicated /boot partition, we can set snapshotBoot=false +# in the timeshift-autosnap-apt-conf file to not rsync +# the /boot directory to /boot.backup. Note that the EFI partition is still rsynced into your +# snapshot to /boot.backup/efi. For grub-btrfs, +sudo cp /etc/timeshift-autosnap-apt.conf /etc/timeshift-autosnap-apt.conf.default +sudo sed -i 's/snapshotBoot=true/snapshotBoot=false/g' /etc/timeshift-autosnap-apt.conf + + +# I change GRUB_BTRFS_SUBMENUNAME to “My BTRFS Snapshots”. +sudo cp /etc/default/grub-btrfs/config /etc/default/grub-btrfs/config.default +sudo sed -i 's/#GRUB_BTRFS_SUBMENUNAME="Arch Linux snapshots"/GRUB_BTRFS_SUBMENUNAME="My BTRFS Snapshots"/g' /etc/default/grub-btrfs/config + +# Check if everything is working: +sudo timeshift-autosnap-apt +;; + + +################################################################################## +20) echo "************ Install AMD-GPU **********************"; +################################################################################## +sudo apt install -y \ + libglx-mesa0 \ + libglx-mesa0:i386 \ + libgl1-mesa-dri \ + libgl1-mesa-dri:i386 \ + mesa-vulkan-drivers \ + mesa-vulkan-drivers:i386 \ + mesa-va-drivers \ + mesa-va-drivers:i386 \ + libvulkan-dev \ + libvulkan-dev:i386 \ + mesa-utils \ + vulkan-tools \ + mesa-common-dev \ + mesa-vdpau-drivers \ + mesa-vdpau-drivers:i386 \ + vkbasalt \ + vdpau-driver-all \ + libvdpau-va-gl1 \ + vdpauinfo \ + vainfo + + +sudo bash -c 'cat << EOF > /etc/X11/xorg.conf.d/20-amdgpu.conf +Section "Device" + Identifier "AMD" + Driver "amdgpu" + Option "TearFree" "true" + Option "DRI" "3" +EndSection +EOF' + +sudo cp /etc/environment /etc/environment.default && +echo -e "ENABLE_VKBASALT=1" | sudo tee -a /etc/environment && +echo -e "RADV_PERFTEST=aco,sam,nggc" | sudo tee -a /etc/environment && +echo -e "mesa_glthread=true" | sudo tee -a /etc/environment + + +# echo "export ENABLE_VKBASALT=1" >> ~/.profile +# echo "export RADV_PERFTEST=aco" >> ~/.profile +# echo "export mesa_glthread=true" >> ~/.profile +;; + +################################################################################## +21) echo "************ Install Radeon-GPU **********************"; +################################################################################## +sudo bash -c 'cat << EOF > /etc/X11/xorg.conf.d/20-radeon.conf +Section "Device" + Identifier "Radeon" + Driver "radeon" + Option "TearFree" "true" + Option "DRI" "3" +EndSection +EOF' +;; + +################################################################################## +22) echo "************ Install Intel-GPU **********************"; +################################################################################## +sudo bash -c 'cat << EOF > /etc/X11/xorg.conf.d/20-intel.conf +Section "Device" + Identifier "Intel Graphics" + Driver "intel" + Option "TearFree" "true" + Option "AccelMethod" "uxa" + Option "TripleBuffer" "true" +EndSection +EOF' +;; + +################################################################################## +23) echo "************ Install Nvidia-GPU **********************"; +################################################################################## +;; + +################################################################################## +24) echo "************ Setup Home **********************"; +################################################################################## +# Setup compose-cache +mkdir /home/$USER/.compose-cache/ && ln -sfv /run/user/$UID/ /home/$USER/.compose-cache + +# Setup Dirs +rm -R /home/$USER/Dokumente +#rm -R /home/$USER/Musik +#rm -R /home/$USER/Videos +#rm -R /home/$USER/Öffentlich +mkdir -p /home/$USER/bin +mkdir -p /home/$USER/Backup +mkdir -p /home/$USER/Backup/rotate +mkdir -p /home/$USER/GIT +mkdir -p /home/$USER/Sync +mkdir -p /home/$USER/Share +mkdir -p /home/$USER/MyStuff +mkdir -p /home/$USER/MyStuff/Dokumente +mkdir -p /home/$USER/MyStuff/Script + +ln -sf /home/$USER/MyStuff/Dokumente ~/Dokumente +ln -sf /home/$USER/MyStuff/Script ~/Script + +## Hide the plank icon from plank: +gsettings set net.launchpad.plank.dock.settings:/net/launchpad/plank/docks/dock1/ show-dock-item false + +## Papierkorb automatisch leeren, wenn Inhalt älter als 3 Tage: +gsettings set org.gnome.desktop.privacy old-files-age "3" +gsettings set org.gnome.desktop.privacy remove-old-trash-files true + +## Maximales Alter der Daten im Thumbnail-Cache in Tagen: +gsettings set org.gnome.desktop.thumbnail-cache maximum-age 14 + +## Maximale Größe des Thumbnail-Caches in MB: +gsettings set org.gnome.desktop.thumbnail-cache maximum-size 256 + +# Setup ~/.fonts.conf +# This will enable subpixel-hinting and font-smoothing. +# Now just restart X.org (log out, then back in again). +# Read more here: +# https://wiki.debian.org/Fonts + +cat > /home/$USER/.fonts.conf <<"EOF" + + + + + + rgb + + + + + true + + + + + hintslight + + + + + true + + + + + lcddefault + + + +EOF +;; + +################################################################################## +25) echo "************ Disable ipv6 **********************"; +################################################################################## +sudo bash -c 'cat << EOF > /etc/sysctl.d/70-disable-ipv6.conf +net.ipv6.conf.all.disable_ipv6 = 1 +EOF' + +sudo sysctl -p -f /etc/sysctl.d/70-disable-ipv6.conf + +#Remove IPv6 hosts: +sudo sed -i '/::/s%^%#%g' /etc/hosts +;; + +################################################################################## +26) echo "************ Cleanup System **********************"; +################################################################################## +# du -sh /var/cache/apt/archives +sudo apt clean && sudo apt autoremove && sudo apt autoremove --purge + +# Check the size of your system’s thumbnail before deleting them using the command: +#du -sh ~/.cache/thumbnails +sudo rm -rf ~/.cache/thumbnails/* + +sudo rm -rf ~/.local/share/Trash/* +# sudo rm -rf /root/.local/share/Trash/* + +# Paketlisten aufräumen: +# Im Laufe der Zeit kann es passieren, dass sich in /var/lib/apt/lists/ eine Menge an Listen ansammelt. Nicht alle davon werden benötigt. +sudo rm -rf /var/lib/apt/lists/* && sudo apt update +;; + + +x) echo ""; +exit 1;; +*) echo " Press [enter] key to continue. . ."; +read enterKey;; +esac +done diff --git a/LinuxMint22_sysctl.conf.sh b/LinuxMint22_sysctl.conf.sh new file mode 100644 index 0000000..a7e0806 --- /dev/null +++ b/LinuxMint22_sysctl.conf.sh @@ -0,0 +1,131 @@ +#!/bin/bash +# +echo -e '\033[33m----Optimise tcp ip----\033[33m' +echo -e "\033[0m" +sleep 2 +sudo mv /etc/sysctl.conf /etc/sysctl.conf.default + +sudo bash -c 'cat << EOF > /etc/sysctl.conf +############################# +## Battery life tweaks # +############################# +#vm.dirty_writeback_centisecs=3000 +#vm.dirty_expire_centisecs=500 +# +############################# +## CPU tweaks # +############################# +# +## Queue size modifications +net.core.optmem_max=20480 +net.unix.max_dgram_qlen=50 +# +## Net Core Settings +## Location: /proc/sys/net/core +net.core.wmem_max=524288 +net.core.rmem_max=524288 +net.core.rmem_default=256960 +net.core.wmem_default=256960 +# +############################# +## VM & Filesystem tweaks # +############################# +fs.lease-break-time=10 +fs.file-max=65536 +vm.overcommit_memory=1 +vm.oom_dump_tasks=1 +vm.page-cluster=0 +vm.swappiness = 26 +vm.vfs_cache_pressure = 10000 +vm.dirty_ratio = 10 +vm.dirty_background_ratio = 5 +# +############################# +## Net Speed tweaks # +############################# +# +net.core.default_qdisc = cake +net.ipv4.tcp_congestion_control = bbr +#net.ipv4.tcp_congestion_control=cubic +net.ipv4.tcp_mtu_probing = 1 +net.ipv4.tcp_fastopen = 3 +net.ipv4.tcp_keepalive_time = 60 +net.ipv4.tcp_keepalive_intvl = 10 +net.ipv4.tcp_keepalive_probes = 6 +# +# # Hardening the TCP/IP stack to SYN attacks +net.ipv4.tcp_syncookies=1 +net.ipv4.conf.all.rp_filter=1 +net.ipv4.conf.default.rp_filter=1 +net.ipv4.tcp_synack_retries=2 +net.ipv4.tcp_syn_retries=2 +net.ipv4.tcp_max_syn_backlog=1024 +net.ipv4.tcp_max_tw_buckets=16384 +net.ipv4.icmp_echo_ignore_all=1 +net.ipv4.icmp_ignore_bogus_error_responses=1 +net.ipv4.tcp_no_metrics_save=1 +net.ipv4.tcp_fin_timeout=15 +net.ipv4.tcp_keepalive_time=1800 +net.ipv4.ip_forward=0 +net.ipv4.tcp_moderate_rcvbuf=1 +net.ipv4.route.flush=1 +net.ipv4.udp_rmem_min=6144 +net.ipv4.udp_wmem_min=6144 +net.ipv4.tcp_rfc1337=1 +net.ipv4.ip_no_pmtu_disc=0 +net.ipv4.tcp_ecn=0 +net.ipv4.tcp_sack=1 +net.ipv4.tcp_fack=1 +# +# Dont accept source routing +net.ipv4.conf.default.accept_source_route=0 +net.ipv4.conf.all.accept_source_route=0 +# +# Dont accept redirects +net.ipv4.conf.all.accept_redirects=0 +net.ipv4.conf.default.accept_redirects=0 +net.ipv4.conf.all.secure_redirects=0 +net.ipv4.conf.default.secure_redirects=0 +EOF' +sudo /sbin/sysctl -p + + + +#--------------------------------------------------------------------- +# Network and memory-related optimizationss for 32GB +#--------------------------------------------------------------------- +kernel.sysrq = 1 # Enable SysRQ for rebooting the machine properly if it freezes. [Source](https://oglo.dev/tutorials/sysrq/index.html) +net.core.netdev_max_backlog = 30000 # Help prevent packet loss during high traffic periods. +net.core.rmem_default = 262144 # Default socket receive buffer size, improve network performance & applications that use sockets. Adjusted for 32GB RAM. +net.core.rmem_max = 67108864 # Maximum socket receive buffer size, determine the amount of data that can be buffered in memory for network operations. Adjusted for 32GB RAM. +net.core.wmem_default = 262144 # Default socket send buffer size, improve network performance & applications that use sockets. Adjusted for 32GB RAM. +net.core.wmem_max = 67108864 # Maximum socket send buffer size, determine the amount of data that can be buffered in memory for network operations. Adjusted for 32GB RAM. +net.core.default_qdisc = fq +net.ipv4.tcp_congestion_control = bbr +net.ipv4.tcp_fastopen = 3 +net.ipv4.tcp_keepalive_intvl = 10 # TCP keepalive interval between probes to detect if a connection is still alive. +net.ipv4.tcp_keepalive_probes = 5 # TCP keepalive probes to detect if a connection is still alive. +net.ipv4.tcp_keepalive_time = 60 # TCP keepalive interval in seconds to detect if a connection is still alive. +vm.dirty_background_bytes = 134217728 # 128 MB +vm.dirty_bytes = 402653184 # 384 MB +vm.min_free_kbytes = 65536 # Minimum free memory for safety (in KB), helping prevent memory exhaustion situations. Adjusted for 32GB RAM. +vm.swappiness = 5 # Adjust how aggressively the kernel swaps data from RAM to disk. Lower values prioritize keeping data in RAM. Adjusted for 32GB RAM. +vm.vfs_cache_pressure = 90 # Adjust vfs_cache_pressure (0-1000) to manage memory used for caching filesystem objects. Adjusted for 32GB RAM. +#--------------------------------------------------------------------- +# Nobara Tweaks +#--------------------------------------------------------------------- +fs.aio-max-nr = 1000000 # defines the maximum number of asynchronous I/O requests that can be in progress at a given time. 1048576 +fs.inotify.max_user_watches = 65536 # sets the maximum number of file system watches, enhancing file system monitoring capabilities. Default: 8192 TWEAKED: 524288 +kernel.panic = 5 # Reboot after 5 seconds on kernel panic Default: 0 +kernel.pid_max = 131072 # allows a large number of processes and threads to be managed Default: 32768 TWEAKED: 4194304 + +#--------------------------------------------------------------------- +# SSD tweaks: Adjust settings for an SSD to optimize performance. +#--------------------------------------------------------------------- +vm.dirty_background_ratio = 40 # Set the ratio of dirty memory at which background writeback starts (5%). Adjusted for SSD. +vm.dirty_expire_centisecs = 3000 # Set the time at which dirty data is old enough to be eligible for writeout (6000 centiseconds). Adjusted for SSD. +vm.dirty_ratio = 80 # Set the ratio of dirty memory at which a process is forced to write out dirty data (10%). Adjusted for SSD. +vm.dirty_writeback_centisecs = 300 # Set the interval between two consecutive background writeback passes (500 centiseconds) + + +