{"id":17279683,"url":"https://github.com/ortham/linux-scripts","last_synced_at":"2025-03-26T14:46:09.851Z","repository":{"id":256366950,"uuid":"854719779","full_name":"Ortham/linux-scripts","owner":"Ortham","description":"A collection of misc. Linux scripts.","archived":false,"fork":false,"pushed_at":"2024-11-19T21:55:01.000Z","size":29,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-31T16:15:44.610Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Ortham.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-09-09T16:59:00.000Z","updated_at":"2024-11-19T21:55:04.000Z","dependencies_parsed_at":null,"dependency_job_id":"e8978522-4381-4d58-9078-1332df26b7c7","html_url":"https://github.com/Ortham/linux-scripts","commit_stats":null,"previous_names":["ortham/linux-scripts"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ortham%2Flinux-scripts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ortham%2Flinux-scripts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ortham%2Flinux-scripts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ortham%2Flinux-scripts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Ortham","download_url":"https://codeload.github.com/Ortham/linux-scripts/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245675610,"owners_count":20654430,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-15T09:18:16.291Z","updated_at":"2025-03-26T14:46:09.829Z","avatar_url":"https://github.com/Ortham.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"Linux scripts\n=============\n\n## Backup\n\nI tested out Kopia and Restic, but ended up going with Restic, so the Kopia script is a little older and less fleshed out.\n\nAll the scripts except `backup/restic/check-backup-status.sh` need to be run as root as that's needed to create the BTRFS snapshot, and so it makes sense to restrict the config files (which include credentials) to the root user.\n\nThe backup scripts need various configuration files to be created. Some are included in this repository, but most contain credentials and so are not included.\n\nCreate the services using `sudo systemctl edit --full --force \u003cname\u003e.service` and the timers using `sudo systemctl edit --full --force \u003cname\u003e.timer`, then enable the latter using `sudo systemctl enable \u003cname\u003e.timer`.\n\nFor some reason the system services need to call `/bin/sh` explicitly to avoid an exit code of 203, even though the scripts start with a shebang.\n\n### Kopia\n\nThe Kopia backup script assumes that `kopia repository create` and `kopia repository connect` have already been run to create the repositories and their config files.\n\nThe `home.kopiaignore` file should be installed at `$HOME/.kopiaignore`, while `root.kopiaignore` should be installed at `/.kopiaignore`. Unfortunately if you configure a path to a dot ignore file (as opposed to just a filename), as part of a repository's policy, then snapshots will fail, e.g.:\n\n```\n$ kopia --config-file hdd-repository.config policy set / --add-dot-ignore /root/.config/kopia/ignore\n\n$ kopia snapshot create / --config-file hdd-repository.config --log-level debug\n...\nSnapshotting root@linux-desktop:/ ...\nDEBUG uploading {\"source\":\"root@linux-desktop:/\",\"previousManifests\":0,\"parallel\":6}\nDEBUG snapshotted directory     {\"path\":\".\",\"error\":\"unable to parse ignore file ignore: unable to open ignore file: unable to open local file: open //ignore: no such file or directory\",\"dur\":\"97.659µs\"}\n...\nERROR upload error: no such file or directory\n```\n\n### Restic\n\nThe Restic backup script assumes that the same password is used for the local and remote repositories, that the local repository was created using:\n\n```\nrestic -r \"$MOUNT_POINT/Backups/Restic\" init\n```\n\nand that the remote repository was created in S3-compatible storage using:\n\n```\nexport AWS_PROFILE=restic\nexport AWS_SHARED_CREDENTIALS_FILE=/root/.config/restic/aws-credentials\nrestic -r s3:$BUCKET_LOCATION init --from-repo $MOUNT_POINT/Backups/Restic/ --copy-chunker-params\n```\n\nwhere `$MOUNT_POINT` is the mount point of a drive that holds the local backup, `$BUCKET_LOCATION` is the bucket that holds the remote repository, and the file at `$AWS_SHARED_CREDENTIALS_FILE` already exists and contains a `restic` profile with valid credentials.\n\n`EXTERNAL_DRIVE_UUID` in `backup/run-in-btrfs-snapshot.sh` needs to be the UUID of the partition that holds the local backup repository.\n\nIf the backup repository's path within that partition is not `Backups/Restic` then `LOCAL_REPOSITORY` in `restic-backup.sh` will need to be updated to reflect that.\n\nIf the source directories are not `/etc`, `/home` and `/root`, then `SOURCE_PATHS` in `backup/restic/restic-backup.sh` will need to be updated.\n\n#### Status check\n\nThe `backup/restic/check-backup-status.sh` script can be installed to `$HOME/.local/bin`, then add the following to `$HOME/.bashrc`:\n\n```\n. \"$HOME/.local/bin/check-backup-status.sh\"\n```\n\nThe status of the last backup run will then be displayed whenever you open a new terminal.\n\n## Flatpak\n\nThe `flatpak/overrides` folder contains files that can be copied to `$HOME/.local/share/flatpak/overrides`. The overrides restrict the permissions of Flatpak apps, removing those that don't seem necessary for the features I use. In general they:\n\n- remove X11-related permissions for apps that have good Wayland support\n- remove blanket filesystem access to things like `host`, `home`, etc. and replacing them with more specific items (e.g. `xdg-pictures` for Inkscape)\n- remove network access unless that's required for functionality that I use\n\nI haven't extensively tested the apps with these restrictions, so parts of them may not work correctly, and there are some that have optional functionality that I don't use that is broken by these restrictions.\n\nThe install script sets up a couple of Flathub remotes, installs the overrides and then installs some applications.\n\n## Games\n\nThe input CSV is most easily created using Playnite's \"Library Exporter Advanced\" extension, with the Game Id and Sources export options ticked. For Humble Bundle games, I have the Humble library extension configured to \"Ignore third party store games\" so that Playnite only lists games that are downloadable from Humble Bundle, and not games that I bought on Humble Bundle but that are downloaded through Steam or other clients.\n\nChecking if Linux downloads are available for itch.io games requires an itch.io API key: if one is not provided, the checks will be skipped.\n\nRun the script as:\n\n```\ncd games\npython -m venv .venv\n.venv\\Scripts\\activate\npip install -r docs/requirements.txt\npython .\\check-games-compatibility.py [-i \u003citch.io API key\u003e] \u003cpath to exported library CSV\u003e \u003cpath to output CSV\u003e\n```\n\nThat assumes you're running the script on Windows, as although it can run on Linux, Playnite is a Windows application.\n\n## Syncthing\n\nThe syncything-conflict-detector service can be installed as a systemd user service.\n\n1. Put `syncthing/notify-syncthing-conflicts.sh` in `$HOME/.local/bin`.\n2. Copy the contents of `syncthing/syncthing-conflict-detectors.service` into the editor opened when you run `systemctl --user edit --full --force syncthing-conflict-detector.service`.\n3. Run `systemctl --user enable syncthing-conflict-detector` to enable the service.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fortham%2Flinux-scripts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fortham%2Flinux-scripts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fortham%2Flinux-scripts/lists"}