❌

Normal view

There are new articles available, click to refresh the page.
Today β€” 4 May 2025Dom Corriveau

Notes - Setting up my Debian desktops

βœ‡Dom Corriveau
3 May 2025 at 02:00

I have been following Zak’s posts about setting up their Debian desktop on a fresh install and I thought I would join in with mine. y This is how I setup a new Debian desktop with the base packages, apps, and configurations which will give me a fully functional desktop in about 20 minutes. I will then need to make some minor changes once everything is installed to tweak things I haven’t scripted yet. In total it takes me about an hour to have a brand new desktop fully setup and configured the way I like it.

Below are some of my raw notes on how I get the base setup and ready to use.

Step one: Install dotfile manager

I use chezmoi to manage all my dotfiles (config files). I have one repo for desktops and another for server. In the script above I have installing chezmoi via snap and then pulling the desktop repo (URL redacted) so all of my customizations and configurations are automatically applied.

⚠️ ⚠️ ⚠️ Since I self-host Forgejo, I am not concerned about sending sensitive files to my dotfile repo since it is not accessible outside of my LAN. This means I choose to use chezmoi to pull ssh keys and other files with private information. I would never push these files to a repo on Github or similar publicly hosted services. If someone has hacked into my LAN, I got bigger problems than my dotfiles.

I install this using snap. So, I have to install snapd first, then chezmoi.

sudo apt install snapd git
sudo snap install chezmoi --classic

Pulling the dotifles is simple:

chezmoi init --apply https://[REDACTED]

I have chezmoi sync the dotfiles for:

  • ~/.config
    • fdroidcl
    • helix
    • lazydocker
    • lazygit
    • fish
    • glow
    • tilda
    • shaarli
    • stew
    • termscp
    • tmux
    • yazi
  • ~/.fonts
  • ~/.icons
  • ~/.themes
  • ~/spotdl
  • ~/scripts
  • ~/.ssh
  • ~/.local/bin
  • ~/.bashrc

Since it pulls my configuration for fish, I also have all my aliases which point some of the programs to their custom configuration file.

Stew

Some programs I choose to run the binary straight from the devs Github repo and stew makes it simple to find, install, and keep them updated.

Using chezmoi I can sync the configuration for stew so I don’t have to manually find and install the binaries for each install. Then, I sync $HOME/.local/bin because that is the location of the actual binaries. Doing this means when I sync my dotfiles, it also pulls down the actual binaries and they are ready to run on the new PC install.

Step two: Run the installs script

For a while I was running this script manually. But, thanks to all around awesome individual Robert, AKA IrgndSonDepp on Mastodon, I now have it run after chezmoi pulls my dotfiles.

By adding this script to the dotfiles repo and naming it run_once_<script_name> it will automatically be executed after the dotfiles are pulled.

What about Ansible or NixOS?

I know there are other ways to accomplish this, including Ansible or NixOS.

If I can accomplish the same thing with Ansible, why change? I am clearly doing it just fine with chezmoi.

As far as NixOS, I’m not ready for that. I like Debian. I like how I install packages. I’m not interested in a declarative desktop. I don’t want to manage everything with a declarative file. It is not for me and I like it that way.

The installs script

After the script is finished I still need to login into services and do some configurations that can’t be scripted in some GUI apps.

This is the run_once script I have:

#!/bin/bash

# Create directories in user's home directory
mkdir -p ~/{bin,tmp,remote_systems,apps} 
mkdir -p ~/.local/bin

# Update package lists
sudo apt update

# Install packages
sudo apt install -y fish wget curl nfs-common cifs-utils unzip libvirt-daemon bridge-utils virtinst libvirt-daemon-system libguestfs-tools libosinfo-bin qemu-system virt-manager iperf3 gdu tmux gdebi xz-utils rsync speedtest-cli podman ufw wakeonlan flameshot tilda baobab gnome-disk-utility neofetch terminator nmap bat ncat pandoc tig ack asciidoctor catimg highlight ffmpeg sshfs btop duf smartmontools aptly file ffmpegthumbnailer unar jq poppler-utils fd-find ripgrep tilda fdroidcl 

# Install flatpak
sudo apt install -y flatpak
# Enable the flathub repo.
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
# Allow offline flatpak installs.
flatpak remote-modify --collection-id=org.flathub.Stable flathub

# Flatpak installs
flatpak install -y --noninteractive flathub \
    org.videolan.VLC \
    io.mpv.Mpv \
    org.geany.Geany \
    com.github.tchx84.Flatseal \
    io.github.flattool.Warehouse \
    md.obsidian.Obsidian \
    org.kde.kdenlive \
    org.gimp.GIMP \
    org.audacityteam.Audacity \
    fr.handbrake.ghb \
    org.keepassxc.KeePassXC \
    com.github.paolostivanin.OTPClient \
    org.mozilla.Thunderbird \
    net.minetest.Minetest \
    io.freetubeapp.FreeTube \
    org.mozilla.firefox \
    com.makemkv.MakeMKV \
    com.transmissionbt.Transmission \
    com.github.zocker_160.SyncThingy \
    com.bitwarden.desktop \
    com.tomjwatson.Emote \
    org.gnome.PowerStats \
    org.localsend.localsend_app \
    xyz.armcord.ArmCord \
    org.kiwix.desktop \
    org.cryptomator.Cryptomator \
    io.github.mpobaschnig.Vaults \
    org.raspberrypi.rpi-imager \
    com.discordapp.Discord \
    org.kde.okular

# Python3-pip and pipx
sudo apt install python3-pip pipx
pipx ensurepath

# Glow for markdown rendering in the terminal.
sudo mkdir -p /etc/apt/keyrings

curl -fsSL https://repo.charm.sh/apt/gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/charm.gpg

echo "deb [signed-by=/etc/apt/keyrings/charm.gpg] https://repo.charm.sh/apt/ * *" | sudo tee /etc/apt/sources.list.d/charm.list

sudo apt update && sudo apt install glow

# gping for ping with graphs.
echo "deb [signed-by=/usr/share/keyrings/azlux-archive-keyring.gpg] http://packages.azlux.fr/debian/ stable main" | sudo tee /etc/apt/sources.list.d/azlux.list

sudo wget -O /usr/share/keyrings/azlux-archive-keyring.gpg  https://azlux.fr/repo.gpg

sudo apt install gping -y

# Install timeshift for root backups.
sudo apt install -y timeshift

# Install deja-dup for $HOME backups.
sudo apt install -y deja-dup

# Set fish as default shell, add to $PATH, and update completions.
chsh -s /usr/bin/fish
fish -c 'fish_add_path ~/.local/bin; fish_add_path ~/bin; fish_update_completions' &

# Install Distrobox
wget https://raw.githubusercontent.com/89luca89/distrobox/main/install | sudo sh

# Install Docker from their script
cd ~/tmp && curl -fsSL https://get.docker.com -o get-docker.sh && sudo sh get-docker.sh && sudo usermod -aG docker $USER

# HiSHtory setup
curl https://hishtory.dev/install.py | python3 -
hishtory init [REDACTED]

# Install snap packages
sudo snap refresh
sudo snap install helix --classic
sudo snap install marksman
sudo snap install bash-language-server --classic
sudo snap install fast
sudo snap install bottom

# Configure bottom
sudo snap connect bottom:mount-observe && sudo snap connect bottom:hardware-observe && sudo snap connect bottom:system-observe && sudo snap connect bottom:process-control

# Misc.
# Shaarli CLI client to PUT/GET bookmarks from the terminal.
pipx install shaarli-client
# Terminal effects when running a command or ssh connections. 
pipx install terminaltexteffects
# Download Spotify playlists from YouTube.
pipx install spotdl
# YT-DLP install and config. 
sudo curl -L https://github.com/yt-dlp/yt-dlp/releases/latest/download/yt-dlp -o /usr/local/bin/yt-dlp
sudo chmod a+rx /usr/local/bin/yt-dlp
# Install Tailscale 
curl -fsSL https://tailscale.com/install.sh | sh

# Enable UFW firewall and allow traffic from my LAN.
sudo ufw enable
sudo ufw allow from 192.168.1.0/24
sudo ufw reload

# Add entries to /etc/hosts
echo "Adding custom entries to /etc/hosts..."
cat <<EOF | sudo tee -a /etc/hosts
[REDACTED]

EOF

if [ $? -eq 0 ]; then
    echo "Successfully added entries to /etc/hosts."
else
    echo "Failed to add entries to /etc/hosts. This may require sudo privileges."
fi

# The deed is done.
echo "Installation complete!"
echo "Fish shell is now set as the default shell."
echo "Log out and log back in to use Docker without sudo."
echo "UFW firewall has been enabled."

After the base is ready

Once this is all done, I need to go around and log into apps and make some desktop appearance changes.

To be honest, I am a heavy user of Clonezilla and I have a clone of my desktop on a 120GB drive. When I have a new desktop to setup, I’ll use Clonezilla to write that clone to the new HDD, reboot, and then use GParted Live to expand the partitions appropriately.

I like doing it this way because then all I have to do after is change the static IP on the box and I’m completely setup.

However, I went through the process of a dotfile repo and an install script for when my clone is too far out of date or I want to start completely over. Both ways work fine and I just pick which one is best for the scenario.

- - - - -

Thank you for reading! If you would like to comment on this post you can start a conversation on the Fediverse. Message me on Mastodon at @cinimodev@masto.ctms.me. Or, you may email me at blog.discourse904@8alias.com. This is an intentionally masked email address that will be forwarded to the correct inbox.

Thank you for following this blog with RSS. Keep supporting the open web! RSS puts you in charge of how to collect, read, and archive information.
❌
❌