{"id":31432496,"url":"https://github.com/Michael-Sebero/Algiz-Linux","last_synced_at":"2025-09-30T11:02:45.772Z","repository":{"id":63639701,"uuid":"568579586","full_name":"Michael-Sebero/Algiz-Linux","owner":"Michael-Sebero","description":"Algiz Linux is a High-Performance, Security-Focused Meta-Distribution of Artix Linux.","archived":false,"fork":false,"pushed_at":"2025-09-24T19:20:54.000Z","size":63135,"stargazers_count":62,"open_issues_count":0,"forks_count":1,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-09-24T21:23:55.177Z","etag":null,"topics":["algiz-linux","alhp","apparmor","arch","arch-linux","artix","artix-linux","cachyos","encrypted-dns","gaming","installer","linux","mullvad","nosystemd","openrc","optimization","performance","pipewire","privacy","s6"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Michael-Sebero.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2022-11-21T00:14:32.000Z","updated_at":"2025-09-24T19:20:58.000Z","dependencies_parsed_at":"2024-12-26T18:50:01.607Z","dependency_job_id":"215c5611-2f09-4e7e-afdb-5dcdda15254c","html_url":"https://github.com/Michael-Sebero/Algiz-Linux","commit_stats":null,"previous_names":["michael-sebero/coolrune","michaelsebero/coolrune","michael-sebero/algiz-linux"],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/Michael-Sebero/Algiz-Linux","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Michael-Sebero%2FAlgiz-Linux","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Michael-Sebero%2FAlgiz-Linux/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Michael-Sebero%2FAlgiz-Linux/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Michael-Sebero%2FAlgiz-Linux/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Michael-Sebero","download_url":"https://codeload.github.com/Michael-Sebero/Algiz-Linux/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Michael-Sebero%2FAlgiz-Linux/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":277674998,"owners_count":25857712,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-30T02:00:09.208Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["algiz-linux","alhp","apparmor","arch","arch-linux","artix","artix-linux","cachyos","encrypted-dns","gaming","installer","linux","mullvad","nosystemd","openrc","optimization","performance","pipewire","privacy","s6"],"created_at":"2025-09-30T11:01:21.226Z","updated_at":"2025-09-30T11:02:45.766Z","avatar_url":"https://github.com/Michael-Sebero.png","language":"Shell","readme":"\u003cp align=\"center\"\u003e\n\t\u003cimg src=\"https://i.postimg.cc/TYCbKN6L/Life.png\" width=\"25%\" /\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\u003cstrong\u003e\u003cfont size=\"12\"\u003eAlgiz Linux\u003c/font\u003e\u003c/strong\u003e is a High-Performance, Security-Focused Meta-Distribution of Artix Linux\u003c/p\u003e\n\n## **Includes:**\n\n### **A Modified Kernel \u0026 Performance Tools**\n* [CachyOS Kernel](https://wiki.cachyos.org/features/kernel/)\n* [Earlyoom](https://github.com/rfjakob/earlyoom)\n* [GameMode](https://github.com/FeralInteractive/gamemode)\n* [Game Focus](https://github.com/Michael-Sebero/Game-Focus)\n\n### **Security Software**\n* [AppArmor](https://en.wikipedia.org/wiki/AppArmor)\n* [Chkrootkit](https://en.wikipedia.org/wiki/Chkrootkit)\n* [ClamAV](https://github.com/Cisco-Talos/clamav)\n* [DNSCrypt](https://github.com/DNSCrypt/dnscrypt-protocol)\n* [DNSMasq](https://thekelleys.org.uk/dnsmasq/doc.html)\n* [Fail2Ban](https://github.com/fail2ban/fail2ban)\n* [Linux Hardening Script](https://github.com/Michael-Sebero/Linux-Hardening-Script)\n* [Lynis](https://github.com/CISOfy/lynis)\n* [USBGuard](https://github.com/USBGuard/usbguard)\n* [UFW](https://en.wikipedia.org/wiki/Uncomplicated_Firewall)\n\n### **Tools \u0026 Utilities**\n* [Arch Package Dictionary](https://github.com/Michael-Sebero/Arch-Package-Dictionary)\n* [Archivist Tools](https://github.com/Michael-Sebero/Archivist-Tools)\n* [Audio Frequency Tools](https://github.com/Michael-Sebero/Audio-Frequency-Tools)\n* [Data Recovery Tools](https://github.com/Michael-Sebero/Data-Recovery-Tools)\n* [Document Tools](https://github.com/Michael-Sebero/Document-Tools)\n* [Fix Arch Linux](https://github.com/Michael-Sebero/Fix-Arch-Linux)\n* [Media Tools](https://github.com/Michael-Sebero/Media-Tools)\n\n### **Additional Features**\n* A comprehensive [manual](https://raw.githubusercontent.com/Michael-Sebero/Algiz-Linux/refs/heads/main/files/algiz-manual/Manual).\n* MAC address randomization via [Macchanger](https://www.kali.org/tools/macchanger/).\n* Low latency [PipeWire](https://github.com/PipeWire/pipewire) audio processing.\n* [ALHP](https://wiki.archlinux.org/title/Unofficial_user_repositories#ALHP), [Chaotic AUR](https://github.com/chaotic-aur/packages) and [Flatpak](https://flatpak.org/) repositories.\n* Steam [Proton GE](https://github.com/GloriousEggroll/proton-ge-custom) prefix.\n* [ZFS](https://github.com/openzfs/zfs) compatiblity (for server preset only).\n* [Booster](https://github.com/anatol/booster) (mkinitcpio replacement).\n* Battery life optimizations for laptops via [TLP](https://github.com/linrunner/TLP).\n* [Power Manager](https://github.com/Michael-Sebero/Power-Manager) (laptop battery manager).\n* [Mimalloc](https://github.com/microsoft/mimalloc) (high-performance memory allocator).\n* [Tmpfs Overlay](https://github.com/Michael-Sebero/Tmpfs-Overlay) speeds up temporary directories and reduces disk I/O.\n* [Real-time](https://gitlab.archlinux.org/archlinux/packaging/packages/realtime-privileges) audio processing.\n* A [Lynis](https://github.com/CISOfy/lynis) system hardening rating of **80** on desktop and **78** for laptop.\n\n## Summary / TLDR\nThis project is a combination of significant upgrades and micro-optimizations. I've implemented most of the known \u0026 esoteric Linux performance tweaks along with some original implementations. The philosophy behind this \"meta-distribution\" is to utilize current hardware features and resources generously (when needed) while increasing system hardness greatly beyond the default.\n\nThe configuration files `sysctl.conf`, `limits.conf` and `grub` are pre-configured for specific workloads. Depending on the variant chosen there's specific changes tailored for each. These presets are **AMD/Intel**, **NVIDIA**, **Laptop**, **Performance**, **Server** and **AI**. They can be chosen in the installer and by running the `optional` command post-installation.\n\nOriginally I was inspired by Luke Smith's [LARBS](https://github.com/LukeSmithxyz/LARBS) which is why Algiz's installer is script-based rather than an ISO. This project is packaged similarly to an ISO due to the configurations and content being stored inside various archives. If you want to see what changes I've made you can view them [here](https://github.com/Michael-Sebero/Algiz-Linux/tree/main/files/algiz-packages).\n\n## How Algiz Linux Works\n\n### Kernel \u0026 Security Hardening\nAlgiz Linux implements kernel hardening which increases security and performance. The system prevents privilege escalation attacks through restricted ptrace access and disabled unprivileged BPF operations, while eliminating core dump generation to reduce attack surface. Process handling is optimized for high-concurrency workloads with expanded PID limits and disabled automatic NUMA balancing.\n\n### Memory Management\nRAM usage has the highest priority over swapping, keeping active data in memory reduces wear on the drive and increases system responsiveness. Swapping is still possible but only used when RAM is nearly filled. The VM subsystem is configured to reduce unnecessary memory compaction overhead while maintaining balanced VFS cache pressure for responsive file operations. HugePages are dynamically allocated on demand, providing up to 3968 large pages to reduce overhead and memory fragmentation for large memory workloads without consuming RAM upfront.\n\n**Zram Integration:** The system configures a zram-based swap device `/dev/zram0` to provide fast, compressed virtual memory. Its size is dynamically set to 25% of total RAM. The device is initialized with `mkswap` and immediately activated with `swapon`. Compression is set to `lz4`, prioritizing low CPU overhead and high performance over maximum compression ratio.\n\n**Tmpfs Overlay:** Temporary directories `/tmp`, `/var/tmp`, `/var/log`, `/var/cache`, `/home/$USER/.cache/` are mounted as tmpfs to leverage RAM for high-speed file storage. Each mount has a predefined limit `/tmp` = 5G, `/var/tmp` = 1G, `/var/log` = 512M, `/var/cache` = 2G, `/home/$USER/.cache` = 2G. Essential directories `/var/cache/pacman`, `/home/$USER/.cache/paru`, `/home/$USER/.cache/nvidia`, `/home/$USER/.cache/mesa_shader_cache`, `/home/$USER/.cache/mesa_shader_cache_db` are excluded and bind-mounted on local storage.\n\n* Periodic cleanup: Removes files older than 10 minutes.\n\n* Safe removal: Ensures files in use are never deleted.\n\n### Network Management\nNetwork performance leverages `BBR` congestion control and `fq_codel` queue management to improve performance and reduce latency. The TCP stack uses expanded buffer sizes and enables fast connection establishment. IPv6 is configured with privacy extensions but with restrictive security settings that prioritize security over performance. NetworkManager is set to use `dhclient` for DHCP with hostname handling disabled along with DNS encryption via [Mullvad](https://mullvad.net/en).\n\n### Filesystem \u0026 I/O Optimization\nDisk and SSD performance is tuned through scheduler and queue optimizations. SSDs use the `mq-deadline` scheduler for predictable low-latency I/O, while HDDs default to `BFQ` to balance performance under heavy multi-process workloads. Read-ahead is increased to 4096 KB, improving sequential file access, while I/O queue depth is raised to 128 for SATA and 512 for NVMe for higher parallelism. Write throttling is disabled to prevent artificial slowdowns and Native Command Queuing (NCQ) is enabled for SATA drives to improve multi-request handling.\n\n**F2FS:** Drives formatted to F2FS are optimized with background garbage collection, shorter idle intervals and faster urgency triggers ensuring flash-based storage maintains performance consistency over time. To preserve SSD longevity and prevent write performance degradation the system runs weekly TRIM operations which reclaim unused blocks. Together these adjustments ensure sustained high performance and efficient resource use.\n\n### CPU Architecture Detection \u0026 ALHP Repository Integration\nCPU architecture is automatically detected on installation to ensure optimal package installation. The system integrates some of ALHP's repositories which provide architecture-specific builds optimized for modern processor capabilities while keeping Artix's core system packages.\n\n### Hardware-Specific Presets\n* **AMD/Intel** - Configured for maximum performance.\n\n* **NVIDIA** - Tweaked for maximum visual fidelity and performance.\n\n* **Laptop** - Balanced between power saving and performance, at 85% battery + AC connection performance is increased and reduced at 10%.\n\n### Optional Workload-Specific Presets\n* **Performance** - Maximum performance configuration with no security mitigations, CPU scheduling and expanded memory limits.\n\n* **Server** - The system expands TCP/UDP buffer sizes up to 16MB for high-performance connections. TCP stack handling is tuned for scalability with up to 2 million `TIME_WAIT` sockets, window scaling and reuse enabled for faster turnaround. Security and stability are reinforced with SYN cookies, strict reverse path filtering, martian packet logging, disabled source routing and ICMP redirects. IPv4/IPv6 are both hardened with rate limiting for ICMP, challenge ACK limits and disabled router advertisements. These settings balance low latency with resilience against common network abuse patterns.\n\n* **AI** - Specialized for AI workloads with larger HugePages allocation and no security mitigations.\n\n\u003cp align=\"center\"\u003e\n\t\u003cimg src=\"https://i.postimg.cc/C53HDLTZ/ksnip-20240224-100057.png\" /\u003e\n\n## Donations and Contact\n* [PayPal](https://www.paypal.com/donate/?cmd=_donations\u0026business=YYGU9JWJEE2AG)\n* [Email](michaelsebero@disroot.org)\n","funding_links":["https://www.paypal.com/donate/?cmd=_donations\u0026business=YYGU9JWJEE2AG"],"categories":["Active"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMichael-Sebero%2FAlgiz-Linux","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FMichael-Sebero%2FAlgiz-Linux","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMichael-Sebero%2FAlgiz-Linux/lists"}