| fwupd/etc | ||
| kernel/etc | ||
| locale/etc | ||
| makepkg/etc | ||
| memtest86+/etc/pacman.d/hooks | ||
| mkinitcpio/etc | ||
| paccache/etc/conf.d | ||
| pacman/etc | ||
| paru/etc | ||
| reflector/etc/xdg/reflector | ||
| vconsole/etc | ||
| .stowrc | ||
| LICENSE.md | ||
| README.md | ||
etcfiles
This repository keeps my system configuration that I manage with Stow.
It's intended to be installed at /etc/dotfiles.
See also: dotfiles.
Additional setup
Some system configuration can't be managed by Stow.
Services
In alphabetical order:
-
Refresh fwupd's metadata regularly.
# systemctl enable fwupd-refresh.timer -
Clean the pacman cache regularly using paccache.
# systemctl enable paccache.timer -
Contribute to pkgstats.
# systemctl enable pkgstats.timer -
Enable power-profiles-daemon.
# systemctl enable power-profiles-daemon -
Refresh the pacman mirrorlist regularly and otherwise on boot using Reflector.
# systemctl enable reflector.timer # systemctl enable reflector -
Automatically update systemd-boot.
# systemctl enable systemd-boot-update
Paru
Run paru -Ly to initialize the local aur package repository.
Secure boot
Secure boot is managed with systemd-boot and systemd-ukify; read the ArchWiki article for more information.
# ukify genkey --config /etc/kernel/uki.conf
# /usr/lib/systemd/systemd-sbsign sign \
--private-key /etc/kernel/secure-boot-private-key.pem \
--certificate /etc/kernel/secure-boot-certificate.pem \
--output /usr/lib/systemd/boot/efi/systemd-bootx64.efi.signed \
/usr/lib/systemd/boot/efi/systemd-bootx64.efi
# bootctl install --secure-boot-auto-enroll yes \
--private-key /etc/kernel/secure-boot-private-key.pem
--certificate /etc/kernel/secure-boot-certificate.pem \
Then set secure-boot-enroll force in /boot/loader/loader.conf.
Pacman hooks are present to automatically sign fwupd and Memtest86+ EFI executables on update.
For Memtest86+, use /boot/memtest86+/memtest.efi.signed.