julianprester/linux-provisioning
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
linux-provisioning/TODO.md
Julian Prester a249dec1ba Revert gitconfig/TODO/bw-login redactions; remove zshrc.local.example 
Public key, name, email, and self-hosted URLs are fine to publish.
Remove config/shell/zshrc.local.example instead of genericizing it —
it contained personal infrastructure details with no value to others.
2026-06-07 15:23:53 +10:00

5.2 KiB
Executable File
Raw Permalink Blame History

Post-Provisioning TODO

Things that can't be fully automated (require manual setup, credentials, or hardware-specific configuration).

1. SSH Keys & GitHub

  • Load SSH keys from Bitwarden or generate a new key: 
    # Option A: Generate fresh key
ssh-keygen -t ed25519 -C "hi@julianprester.com"

# Option B: Set up Bitwarden+SSH loading
bw login
bw unlock --raw > ~/.config/Bitwarden\ CLI/.session
chmod 600 ~/.config/Bitwarden\ CLI/.session
bw-load-ssh.sh

# Option C: Copy keys from old machine
# scp old-machine:~/.ssh/id_ed25519* ~/.ssh/
  • Add SSH public key to GitHub: https://github.com/settings/keys
  • Clone this repo and remaining repos: 
    git clone git@github.com:julianprester/linux-provision.git

2. Bitwarden & Environment Variables

API keys are loaded directly in .zshrc via bw + jq. No separate script.

  • Run bw login to authenticate with Bitwarden

  • Unlock vault and save session:

    bw unlock --raw > ~/.config/Bitwarden\ CLI/.session
chmod 600 ~/.config/Bitwarden\ CLI/.session

  • Create a Bitwarden item named "Environment" (type: Secure Note) with custom fields for each API key:

    | Field Name | Type | Example Value |
|---|---|---|
| `GROQ_API_KEY` | Hidden | `gsk_your_key` |
| `ANTHROPIC_API_KEY` | Hidden | `sk-ant-your-key` |
| `GOOGLE_API_KEY` | Hidden | `AIza_your_key` |
| `CANVAS_API_KEY` | Hidden | `3156~your_key` |
| `NC_PASSWORD` | Hidden | `your_nextcloud_password` |
| ... (22 vars total — see `config/shell/zshrc.local.example` for the full list) |

  • Open a new shell.zshrc exports them automatically

  • Verify: echo $GROQ_API_KEY (should show your key)

If you prefer a plain file instead of Bitwarden:

  • Edit ~/.zshrc.local with your API keys (template in config/shell/zshrc.local.example)
  • Uncomment the alternate source ~/.zshrc.local line in the deployed .zshrc

If you prefer a plain file instead of Bitwarden:

  • Edit ~/.zshrc.local with your API keys (template in config/shell/zshrc.local.example)
  • Uncomment the source ~/.zshrc.local line in your deployed .zshrc

3. Tailscale

  • Authenticate Tailscale: 
    sudo tailscale up
  • Verify connection: tailscale status
  • Note your Tailscale IP for services (Actual Budget, Nextcloud, etc.)

4. Nextcloud

  • Install Nextcloud Desktop Client (Flatpak or RPM)
  • Connect to https://nc.julianprester.com
  • Select sync folders (especially Nextcloud/3_bibliography/)
  • Update PandocCiter.DefaultBib in VS Code settings if bib path changes

5. Actual Budget

  • Verify connection: actualpy accounts
  • Update URL/password in ~/.config/actualpy/config.yaml

6. Docker & WinBoat

  • Log out and back in for docker group to take effect
  • Pull WinBoat image: docker pull ghcr.io/dockur/windows:5.14
  • Set up ~/.winboat/docker-compose.yml (see reference in repo notes)
  • Pull grobid: docker pull grobid/grobid
  • Run grobid: docker run -d -p 8070:8070 grobid/grobid

7. Zotero

  • Install Zotero (Flatpak or tarball from zotero.org)
  • Sign in to sync library
  • Install Zotero browser connector
  • Set ZOTERO_KEY env var in ~/.zshrc.local

8. GNOME Keybindings (if using GNOME)

  • Verify custom shortcuts were applied: 
    gsettings list-recursively org.gnome.settings-daemon.plugins.media-keys.custom-keybinding
  • Or add them manually via Settings → Keyboard → Keyboard Shortcuts

9. Fonts

  • If Nerd Font download failed, install manually:

10. Ghostty

  • Verify Ghostty runs and fonts look correct (nerd font icons in prompt)
  • If not, set font-family = "MesloLGS NF" in ~/.config/ghostty/config

11. VS Code

  • Open VS Code and verify extensions are installed
  • Sign in to GitHub → Settings → Sync (if you use Settings Sync)
  • Verify PandocCiter path to bibliography

12. Solaar (Logitech Peripherals)

  • Open Solaar from applications menu
  • Pair your Logitech receiver or connect via Bluetooth
  • The config will auto-save to ~/.config/solaar/config.yaml

13. Printer / Scanning

  • If using a printer, add via Settings → Printers
  • If using a scanner, install simple-scan: 
    sudo dnf install simple-scan

14. Reboot to Apply Kernel Changes

  • sudo reboot — required for:
    • GRUB kernel cmdline parameters (if uncommented)
    • sysctl settings (most apply at runtime, but reboot ensures)
    • Docker group membership
    • Desktop environment changes

15. Verify Everything

Run a quick sanity check after reboot:

# Development tools
node --version
npm --version
python3 --version
uv --version
git --version

# Docker
docker run --rm hello-world

# Shell
zsh --version
echo $SHELL

# Services
systemctl --user status porridge.service 2>/dev/null | head -5

# Network
tailscale status
ping -c 1 google.com

# Config files exist
ls -la ~/.zshrc ~/.zshrc.local ~/.gitconfig ~/.p10k.zsh ~/.local/bin/
Reference in New Issue View Git Blame Copy Permalink