Linux Machine Provisioning
Purpose: Rapidly set up a new Fedora Linux machine with Julian's toolchain, config, and customisations. Generated from audit of Pop!_OS "thinkpad" machine.
Supported Distributions
Auto-detected — no manual config needed:
| Family | Distros | Package Manager |
|---|---|---|
| Debian | Ubuntu, Pop!_OS, Debian, Linux Mint | apt |
| Fedora | Fedora Workstation, RHEL, CentOS | dnf |
Detection is in lib/distro.sh. It sets variables like $PKG_INSTALL,
$PKG_UPDATE, $GRUB_UPDATE etc. that all stage scripts use.
Quick Start
curl -fsSL https://git.julianprester.com/julianprester/linux-provisioning/archive/main.tar.gz | tar -xz -C /tmp/ && bash /tmp/linux-provisioning/provision.sh --all
Or run individual stages:
bash ~/linux-provision/provision.sh --stage 03-toolchains
bash ~/linux-provision/provision.sh --list
source ~/linux-provision/provision.sh --interactive
Structure
linux-provision/
├── README.md # This file
├── provision.sh # Master orchestrator — run with --all or --stage N
├── stages/ # Modular stage scripts, sourced by provision.sh
│ ├── 00-envcheck.sh # OS/sudo/environment checks
│ ├── 01-repos.sh # DNF repos (RPM Fusion, COPR, Microsoft, etc.)
│ ├── 02-packages.sh # System packages via DNF
│ ├── 03-toolchains.sh # nvm, Node, uv, Python
│ ├── 04-shell.sh # zsh, oh-my-zsh, powerlevel10k, configs
│ ├── 05-git.sh # Git config, SSH key setup
│ ├── 06-scripts.sh # ~/.local/bin (bw, zoom, env, etc.)
│ ├── 07-uv-projects.sh # Clone + install Julian's uv tools from ~/Development
│ ├── 08-systemd.sh # User systemd services (porridge, BW SSH, etc.)
│ ├── 09-desktop.sh # Keybindings, hotkeys, ghostty, fonts
│ ├── 10-docker.sh # Docker CE setup
│ ├── 11-tweaks.sh # sysctl, kernel params, TLP/powertop, modprobe
│ └── 12-other-apps.sh # Chrome, Signal, Zotero
├── config/ # Dotfiles and config files (installed by stages)
│ ├── git/gitconfig
│ ├── shell/{zshrc,p10k.zsh}
│ ├── scripts/{bw-load-ssh.sh,idle-battery-suspend.sh,zoom.sh,env.sh}
│ └── systemd/{porridge.service,...}
└── TODO.md # Post-provisioning manual steps
Stages Overview
| # | Stage | What it does |
|---|---|---|
| 00 | envcheck | Verify Fedora, sudo access, directory setup |
| 01 | repos | RPM Fusion free/nonfree, COPRs, Microsoft, Docker, Google, Signal, Tailscale |
| 02 | packages | Install all system packages (distro-mapped names) |
| 03 | toolchains | Install nvm + Node LTS, uv, Python |
| 04 | shell | Install zsh, oh-my-zsh, p10k, deploy .zshrc, .p10k.zsh |
| 05 | git | Deploy .gitconfig, generate SSH key |
| 06 | scripts | Deploy ~/.local/bin scripts (bw, bw-load-ssh, Zoom wrapper, etc.) |
| 07 | uv-projects | Clone all Julian's Python tool repos from GitHub, uv install (needs SSH keys) |
| 08 | systemd | Deploy and enable user systemd services |
| 09 | desktop | Configure keybindings, hotkeys, ghostty, fonts |
| 10 | docker | Install Docker CE, add user to docker group |
| 11 | tweaks | sysctl, kernel cmdline, TLP/powertop, modprobe blacklists |
| 12 | other-apps | Google Chrome, Signal, Zotero |
Post-Install Manual Steps
See TODO.md for things that can't be automated: restoring SSH keys
from Bitwarden, configuring Tailscale, importing GPG keys, etc.
Design Notes
- Distribution-agnostic — detects Debian/Ubuntu/Pop vs Fedora via
lib/distro.sh. Package manager commands, repo config, and package names adapt automatically. - Idempotent — safe to run multiple times. Stages check for existing installations before repeating work.
- Secrets out of repo — API keys live in
~/.zshrc.local(gitignored) and are loaded at shell startup from Bitwarden viabw+jq. - One stage per concern — comment out stages you don't need in
provision.shor pass--stageindividually. - Hardware-specific quirks commented out — AMD GPU kernel params, WiFi workarounds, etc. are documented but disabled by default.