julianprester/linux-provisioning
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a79d2b3fa2deb1b5701bce6ef2a1b88420a8d134
linux-provisioning/README.md
Julian Prester a79d2b3fa2 README: use curl+tar zip download instead of git clone 
Works on a fresh machine with no credentials or SSH keys configured.
GitHub serves public archives without authentication.
2026-06-07 15:37:01 +10:00

99 lines
4.5 KiB
Markdown
Executable File
Raw Blame History

# Linux Machine Provisioning
**Purpose:** Rapidly set up a new Fedora Linux machine with Julian's toolchain,
config, and customisations. Generated from audit of Pop!_OS "thinkpad" machine.
## Supported Distributions
Auto-detected — no manual config needed:
| Family | Distros | Package Manager |
|--------|---------|-----------------|
| **Debian** | Ubuntu, Pop!_OS, Debian, Linux Mint | `apt` |
| **Fedora** | Fedora Workstation, RHEL, CentOS | `dnf` |
Detection is in `lib/distro.sh`. It sets variables like `$PKG_INSTALL`,
`$PKG_UPDATE`, `$GRUB_UPDATE` etc. that all stage scripts use.
## Quick Start
```bash
curl -fsSL https://github.com/julianprester/linux-provision/archive/refs/heads/main.tar.gz | tar -xz -C ~ --one-top-level=linux-provision --strip-components=1 && bash ~/linux-provision/provision.sh --all
```
Or run individual stages:
```bash
bash ~/linux-provision/provision.sh --stage 03-toolchains
bash ~/linux-provision/provision.sh --list
source ~/linux-provision/provision.sh --interactive
```
## Structure
```
linux-provision/
├── README.md # This file
├── provision.sh # Master orchestrator — run with --all or --stage N
├── stages/ # Modular stage scripts, sourced by provision.sh
│ ├── 00-envcheck.sh # OS/sudo/environment checks
│ ├── 01-repos.sh # DNF repos (RPM Fusion, COPR, Microsoft, etc.)
│ ├── 02-packages.sh # System packages via DNF
│ ├── 03-toolchains.sh # nvm, Node, uv, Python
│ ├── 04-shell.sh # zsh, oh-my-zsh, powerlevel10k, configs
│ ├── 05-git.sh # Git config, SSH key setup
│ ├── 06-scripts.sh # ~/.local/bin (bw, zoom, env, etc.)
│ ├── 07-uv-projects.sh # Clone + install Julian's uv tools from ~/Development
│ ├── 08-systemd.sh # User systemd services (porridge, swayidle, etc.)
│ ├── 09-desktop.sh # Keybindings, hotkeys, ghostty, fonts
│ ├── 10-docker.sh # Docker CE setup
│ ├── 11-tweaks.sh # sysctl, kernel params, TLP/powertop, modprobe
│ └── 12-other-apps.sh # Chrome, Signal, Zotero
├── config/ # Dotfiles and config files (installed by stages)
│ ├── git/gitconfig
│ ├── shell/{zshrc,p10k.zsh}
│ ├── scripts/{bw-load-ssh.sh,idle-battery-suspend.sh,zoom.sh,env.sh}
│ ├── systemd/{porridge.service,...}
│ ├── sysctl/99-custom.conf
│ └── modprobe/{system76-power.conf,pop-default-settings-dirty-frag.conf}
├── etc/ # System-level configs (copied to /etc)
└── TODO.md # Post-provisioning manual steps
```
## Stages Overview
| # | Stage | What it does |
| --- | --- | --- |
| 00 | envcheck | Verify Fedora, sudo access, directory setup |
| 01 | repos | RPM Fusion free/nonfree, COPRs, Microsoft, Docker, Google, Signal, Tailscale |
| 02 | packages | Install all system packages (distro-mapped names) |
| 03 | toolchains | Install nvm + Node LTS, uv, Python |
| 04 | shell | Install zsh, oh-my-zsh, p10k, deploy .zshrc, .p10k.zsh |
| 05 | git | Deploy .gitconfig, generate SSH key |
| 06 | scripts | Deploy ~/.local/bin scripts (bw, bw-load-ssh, Zoom wrapper, etc.) |
| 07 | uv-projects | Clone all Julian's Python tool repos from GitHub, uv install (needs SSH keys) |
| 08 | systemd | Deploy and enable user systemd services |
| 09 | desktop | Configure keybindings, hotkeys, ghostty, fonts |
| 10 | docker | Install Docker CE, add user to docker group |
| 11 | tweaks | sysctl, kernel cmdline, TLP/powertop, modprobe blacklists |
| 12 | other-apps | Google Chrome, Signal, Zotero |
## Post-Install Manual Steps
See `TODO.md` for things that can't be automated: restoring SSH keys
from Bitwarden, configuring Tailscale, importing GPG keys, etc.
## Design Notes
- **Distribution-agnostic** — detects Debian/Ubuntu/Pop vs Fedora via
`lib/distro.sh`. Package manager commands, repo config, and package
names adapt automatically.
- **Idempotent** — safe to run multiple times. Stages check for existing
installations before repeating work.
- **Secrets out of repo** — API keys live in `~/.zshrc.local` (gitignored)
and are loaded at shell startup from Bitwarden via `bw` + `jq`.
- **One stage per concern** — comment out stages you don't need in
`provision.sh` or pass `--stage` individually.
- **Hardware-specific quirks commented out** — AMD GPU kernel params,
WiFi workarounds, etc. are documented but disabled by default.
Reference in New Issue View Git Blame Copy Permalink