File: README.md Author: 4ndr0666 Edited: 5-25-24
sudo systemctl enable fstrim.timer --now
Edit /etc/systemd/system.conf
:
RebootWatchdogSec=10s
DefaultTimeoutStartSec=5s
DefaultTimeoutStopSec=5s
Edit /etc/makepkg.conf
:
- Add the following row (replace 7 with CPU threads-1):
MAKEFLAGS="-j7"
- Edit the row saying
COMPRESSXZ=(xz -c -z -)
toCOMPRESSXZ=(xz -c -z - --threads=0)
sudo pacman -S pigz
and edit the row sayingCOMPRESSGZ=(gzip -c -f -n)
toCOMPRESSGZ=(pigz -c -f -n)
Ensure the modules intel_agp i915
are first in the MODULES
array in /etc/mkinitcpio.conf
.
Ensure /etc/modprobe.d/i915.conf
exists. If not, create it with these values:
options i915 enable_guc=2
options i915 enable_fbc=1
sudo mkinitcpio -P
sudo grub-mkconfig -o /boot/grub/grub.cfg
NOTE: on some systems (Intel+AMD GPU) adding intel_agp
can cause issues with resume from hibernation. Reference.
Edit /etc/X11/xorg.conf.d/
, add the following conf file: 20-intel.conf
Section "Device"
Identifier "Intel Graphics"
Driver "intel"
Option "TearFree" "true"
EndSection
sudo mkinitcpio -p linux
sudo systemctl enable betterlockscreen@$USER.service
sudo pacman -S libva-mesa-driver mesa-vdpau
Make sure lz4
is installed.
Edit /etc/mkinitcpio.conf
:
- Add
lz4 lz4_compress
to theMODULES
list (delimited by()
) - Uncomment or add the line saying
COMPRESSION="lz4"
- Add a line saying
COMPRESSION_OPTIONS="-9"
- Add
shutdown
to theHOOKS
list (delimited by()
)
Run sudo mkinitcpio -p linux
to apply the mkinitcpio.conf changes.
Edit /etc/systemd/journald.conf
:
- Uncomment
SystemMaxUse=
and append200M
(or any size you like).
To improve performance and save disk space.
Edit /etc/systemd/coredump.conf
, under [Coredump]
uncomment Storage=external
and replace it with Storage=none
. Then run sudo systemctl daemon-reload
. This alone disables the saving of coredumps but they are still in memory.
If you want to disable core dumps completely add * hard core 0
to /etc/security/limits.conf
.
Verify that you're using the inefficient s2idle
sleep state before continuing:
cat /sys/power/mem_sleep
Inefficient | Efficient |
---|---|
[s2idle] deep |
s2idle [deep] |
Add mem_sleep_default=deep
to the kernel command line arguments.
sudo pacman -S cpupower
To change the governor for the current session run sudo cpupower frequency-set -g performance
.
To change the governor on boot create a systemd service.
Create /etc/systemd/system/cpupower.service
:
[Unit]
Description=Set CPU governor to performance
[Service]
Type=oneshot
ExecStart=/usr/bin/cpupower -c all frequency-set -g performance
[Install]
WantedBy=multi-user.target
Finally run sudo systemctl enable cpupower.service
.
NB: the default governor is powersave and you may want to leave it as it is.
Create /etc/udev/rules.d/50-scaling-governor.rules
as follows:
SUBSYSTEM=="module", ACTION=="add", KERNEL=="acpi_cpufreq", RUN+=" /bin/sh -c ' echo performance > /sys/devices/system/cpu/cpufreq/policy0/scaling_governor ' "
Create the script to optimize system memory and swap usage, freecache.sh:
#!/bin/bash
set -e
# AUTO_ESCALATE
if [ "$(id -u)" -ne 0 ]; then
sudo "$0" "$@"
exit $?
fi
log_action() {
echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" >> /var/log/freecache.log
}
adjust_swappiness() {
local current_swappiness=$(sysctl vm.swappiness | awk '{print $3}')
local target_swappiness=60
if [[ "$FREE_RAM" -lt 1000 ]]; then
target_swappiness=80
elif [[ "$FREE_RAM" -gt 2000 ]]; then
target_swappiness=40
fi
if [[ "$current_swappiness" -ne "$target_swappiness" ]]; then
sudo sysctl vm.swappiness="$target_swappiness"
log_action "Swappiness adjusted to $target_swappiness"
fi
}
clear_ram_cache() {
if [ "$FREE_RAM" -lt 500 ]; then
sudo sh -c "echo 3 > /proc/sys/vm/drop_caches"
log_action "RAM cache cleared due to low free memory."
fi
}
clear_swap() {
if [ "$SWAP_USAGE" -gt 80 ]; then
sudo swapoff -a && sudo swapon -a
log_action "Swap cleared due to high swap usage."
fi
}
FREE_RAM=$(free -m | awk '/^Mem:/{print $4}')
SWAP_USAGE=$(free | awk '/^Swap:/{printf "%.0f", $3/$2 * 100}')
adjust_swappiness
clear_ram_cache
clear_swap
log_action "Memory and Swap Usage After Operations:"
free -h | tee -a /var/log/freecache.log
Create the monitoring script that will continuously check the system's free memory and update 'tmp/low_memory' when low.
#!/bin/bash
while true; do
FREE_RAM=$(free -m | awk '/^Mem:/{print $4}')
# Adjust this threshold as needed, ensuring it's higher than oomd's threshold
if [ "$FREE_RAM" -lt 1000 ]; then
touch /tmp/low_memory
else
rm -f /tmp/low_memory
fi
sleep 60 # Check every 60 seconds
done
Now the Systemd Service file for freecache.sh at /etc/systemd/system:
[Unit]
Description=Free Cache when Memory is Low
After=oomd.service # Ensures this service runs after oomd
[Service]
Type=oneshot
ExecStart=/usr/local/bin/System_utilities/freecache.sh
[Install]
WantedBy=
And its Path File at /etc/systemd/system:
[Unit]
Description=Monitor for Low Memory Condition
[Path]
PathExists=/tmp/low_memory
[Install]
WantedBy=multi-user.target
Service file for the monitoring script:
[Unit]
Description=Monitor Memory Usage
[Service]
Type=simple
ExecStart=/usr/local/bin/System_utilities/memory_monitor.sh
[Install]
WantedBy=multi-user.target
And finally, enable and start both the 'memory_monitor.service' and 'freecache.path':
sudo systemctl enable memory_monitor.service
sudo systemctl start memory_monitor.service
sudo systemctl enable freecache.path
sudo systemctl start freecache.path
Create a new service file, arch-audit.service
, in /etc/systemd/system/
.
sudo vim /etc/systemd/system/arch-audit.service
Add the following content to the file:
[Unit] Description=Arch Audit Vulnerability Checking Service
[Service] Type=oneshot ExecStart=/usr/bin/arch-audit -u
Create the Timer File
sudo vim /etc/systemd/system/arch-audit.timer
Add the following content to the timer file:
[Unit] Description=Runs arch-audit daily
[Timer] OnCalendar=daily Persistent=true
[Install] WantedBy=timers.target
Start the services
sudo systemctl daemon-reload
sudo systemctl enable arch-audit.timer
sudo systemctl start arch-audit.timer
* You can check the status of the timer with:
```bash
sudo systemctl status arch-audit.timer
- To see the next scheduled run:
sudo systemctl list-timers arch-audit.timer
NOTE: this setup implies that you use paru (AUR helper), gdm (display manager), and the default arch kernel.
paru -S plymouth-git gdm-plymouth
Edit /etc/mkinitcpio.conf
:
- In
HOOKS
afterbase udev
insertplymouth
- If you're using encryption, in
HOOKS
replaceencrypt
withplymouth-encrypt
- In
MODULES
insert your GPU driver module name as first item- For Intel GPUs:
i915
- For AMD GPUs:
radeon
(note: this is untested) - For NVIDIA GPUs:
nvidia
(note: this is untested) - For KVM/qemu VMs:
qxl
- For Intel GPUs:
Edit /boot/loader/entries/arch-linux.conf
: add these arguments in the kernel options (append to the options
section): quiet splash loglevel=3 rd.udev.log_priority=3 vt.global_cursor_default=1
sudo systemctl disable gdm
sudo systemctl enable gdm-plymouth
sudo mkinitcpio -p linux
GDM doesn't know how you configure your monitors. It just keep its default configuration and most of the time it's not the same of how you have them configured in your session.
To copy your user's monitors configuration over to GDM, use these commands:
sudo cp $HOME/.config/monitors.xml /var/lib/gdm/.config/
sudo chown gdm:gdm /var/lib/gdm/.config/monitors.xml
A form of swap is required to enable hibernation.
In this example we will allocate a 8G swap file.
sudo dd if=/dev/zero of=/home/swapfile bs=1M count=8192
sudo chmod 600 /home/swapfile
sudo mkswap /home/swapfile
sudo swapon /home/swapfile # this enables the swap file for the current session
Edit /etc/fstab
adding the following line:
/home/swapfile none swap defaults 0 0
sudo swapoff -a
Edit /etc/fstab
and remove the swapfile entry, and finally:
sudo rm -f /home/swapfile
Use systemd-swap for automated and dynamic swapfile allocation and use. Consult the GitHub project page for more info.
Make the script:
#!/bin/bash
# This command frees only RAM cache
#echo "echo 3 > /proc/sys/vm/drop_caches"
# This command frees RAM cache and swap
su -c "echo 3 >'/proc/sys/vm/drop_caches' && swapoff -a && swapon -a && printf '\n%s\n' 'Ram-cache and Swap Cleared'" root
Make it executable:
chmod 755 freecache
Make the crontab:
crontab -e
Append the below line, save and exit to run it at 2 am daily:
0 2 * * * /usr/local/bin/freecache
Add this line to a file inside /etc/sysctl.d/
(ie: 99-sysctl.conf
)
kernel.sysrq=1
sudo pacman -S reflector
sudo reflector --latest 20 --protocol http --protocol https --sort rate --save /etc/pacman.d/mirrorlist
Edit /etc/makepkg.conf
:
- Add the following row (replace 7 with CPU threads-1):
MAKEFLAGS="-j7"
- Edit the row saying
COMPRESSXZ=(xz -c -z -)
toCOMPRESSXZ=(xz -c -z - --threads=0)
sudo pacman -S pigz
and edit the row sayingCOMPRESSGZ=(gzip -c -f -n)
toCOMPRESSGZ=(pigz -c -f -n)
Encrypt your DNS traffic so your ISP can't spy on you. Use pdnsd
as a proxy and cache for it.
sudo pacman -S dnscrypt-proxy pdnsd
Edit /etc/dnscrypt-proxy/dnscrypt-proxy.toml
:
- Uncomment the
server_names
list (line 30) and change it as follows:server_names = ['de.dnsmaschine.net', 'trashvpn']
(see Note below) - Change the
listen_address
list (line 36) to an empty list:listen_address = []
(we're using systemd socket, this avoids port conflicts)
Note: you can find more "Resolvers" in /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv
or here
Edit /usr/lib/systemd/system/dnscrypt-proxy.service
to include the following:
[Service]
DynamicUser=yes
Edit /usr/lib/systemd/system/dnscrypt-proxy.socket
to change the port dnscrypt runs on. Here is a snippet:
[Socket]
ListenStream=127.0.0.1:53000
ListenDatagram=127.0.0.1:53000
Create /etc/pdnsd.conf
like so:
global {
perm_cache=1024;
cache_dir="/var/cache/pdnsd";
# pid_file = /var/run/pdnsd.pid;
run_as="pdnsd";
server_ip = 127.0.0.1; # Use eth0 here if you want to allow other
# machines on your network to query pdnsd.
status_ctl = on;
# paranoid=on; # This option reduces the chance of cache poisoning
# but may make pdnsd less efficient, unfortunately.
query_method=udp_tcp;
min_ttl=15m; # Retain cached entries at least 15 minutes.
max_ttl=1w; # One week.
timeout=10; # Global timeout option (10 seconds).
neg_domain_pol=on;
udpbufsize=1024; # Upper limit on the size of UDP messages.
}
server {
label = "dnscrypt-proxy";
ip = 127.0.0.1;
port = 53000;
timeout = 4;
proxy_only = on;
}
source {
owner=localhost;
# serve_aliases=on;
file="/etc/hosts";
}
rr {
name=localhost;
reverse=on;
a=127.0.0.1;
owner=localhost;
soa=localhost,root.localhost,42,86400,900,86400,86400;
}
Reload systemd daemons, enable and start services:
sudo systemctl daemon-reload
sudo systemctl enable dnscrypt-proxy.service pdnsd.service
sudo systemctl start dnscrypt-proxy.service pdnsd.service
Edit your NetworkManager configuration to point to the following IPs for respectively IPv4 and IPv6 DNSes:
127.0.0.1
::1
- Install the smooth video project or SVP4
Ensure all i915 intel packages with:
yay --needed --noconfirm libva-intel-driver vulkan-intel libvdpau-va-gl lib32-vulkan-intel vulkan-intel libva-intel-driver libva-utils lib32-mesa mesa libva libva-mesa-driver libva-vdpau-driver libva-utils lib32-libva lib32-libva-intel-driver lib32-libva-mesa-driver lib32-libva-vdpau-driver intel-ucode iucode-tool
vulkan-intel lib32-vulkan-intel intel-gmmlib intel-graphics-compiler intel-compute-runtime intel-gpu-tools intel-media-driver intel-media-sdk intel-opencl-clang libmfx
Create a new profile for SVP and add it to the config file. This is my completed mpv.conf file and here is how to add the svp profile.
- Edit
~/.config/mpv/mpv.conf
to include the following:
```bash
# --- // Constants:
--loop-file=inf
--speed=0.50
osc=no
#--loop-playlist=yes
ontop=yes
#border=no
window-scale=0.4
geometry=100%:100%
# --- // SVP_PROFILE:
--profile-add= svp
[svp]
--input-ipc-server=/tmp/mpvsocket
--hr-seek-framedrop=no
--opengl-early-flush=yes
--vf= format=fmt=yuv420p
hwdec=auto-copy
hwdec-codecs=all
--no-resume-playback
--ignore-path-in-watch-later-config=yes
# --- // PLAYER_SETTINGS //
#--loop-playlist=yes
#setpts=PTS*2
#--vd-lavc-dr=yes
#--vd-lavc-assume-old-x264= yes
#--user-agent=libmpv
#--x11-bypass-compositor=no
#--player-operation-mode= pseudo-gui
--sub-visibility=no
#--video-output-levels= full
#--override-display-fps= 60
#--rar-list-all-volumes= yes
#--directory-mode= recursive
#--corner-rounding= 1
# --- // AUDIO_SETTINGS //
#--video-sync=desync
#--video-sync= display-resample
#--audio-device=
#--alsa/sysdefault:CARD= PCH
#audio-pitch-correction=no
#audio-channels=5.1
#audio-channels=auto
#volume-max=250
#--no-audio
# --- // WINDOW_MARGINS //
#--window-scale= 0.500
#geometry=50%:50%
#--snap-window= yes
#--spirv-compiler= shaderc
--stop-screensaver= always
#--osd-blur= 2
#--osd-border-size= 1
#--osd-duration= 8000
#--osd-on-seek= msg-bar
#--force-window= immediate
#--force-seekable= yes
#--display-tags= Title, Channerl_URL, service_name
#--fs= no
#--autofit-smaller= yes
#--geometry=50%+10+10/2
#--geometry=100%:100%
#--keep-open=always
#--keep-open-pause=no
#--taskbar-progress=yes
#--term-title= yes
--title= ${?media-title:${media-title}}- mpv
#--no-border
#--osd-level=1
#--osd-bar=no
#save-position-on-quit=yes
#--video-rotate=<0-359|no>
#keepaspect=no
#--ontop= yes
#--on-all-workspaces= yes
# --- // PROFILES //
#[vdpau]
#--hqscaling=9
#--scale=ewa_lanczossharp
#--scale=bilinear
#--cscale=bilinear
#--cscale=spline36
#--zimg-dither= error-diffusion
#--zimg-scaler= spline36
#--zimg-scaler-chroma= spline36
#--no-correct-pts
#--deband= yes
#--deinterlace= yes
#--interpolation= yes
#--interpolation-preserve= yes
#--linear-upscaling= yes
#--interpolation-threshold= 0.03
#--tscale-param1= mitchell
#--tscale-param2= 0.5
#--sws-scaler= lanczos
#--sws-fast=no
#--sws-allow-zimg=yes
#--zimg-fast=no
#--tone-mapping-max-boost=2.0
#sharpen=5
#--gpu-dumb-mode=yes
#--gpu-context=wayland
#vo=gpu
#vo=gl
#vo=vdpau
#[Act as a web browser]
# Pretend to be a web browser. Might fix playback with some streaming sites,
# but also will break with shoutcast streams.
#user-agent="Mozilla/5.0"
#cache=yes
#demuxer-max-bytes=123400KiB
#cache-pause=no
#demuxer-readahead-secs=20
# --- // Screenshots:
--screenshot-format=png
--screenshot-png-compression=0
--screenshot-directory="~/Pictures/Screens"
--screenshot-template="%F - [%P]v%#01n"
#--screenshot-webp-lossless=yes
#--screenshot-webp-quality=100
# --- // Extension_behavior:
image-display-duration=inf
[extension.gif]
loop-file=inf
[extension.webm]
loop-file=inf
[extension.jpg]
--pause=yes
[extension.png]
--pause=yes
sudo pacman -S libvirt ebtables dnsmasq bridge-utils virt-manager
sudo gpasswd -a $USERNAME libvirt
sudo gpasswd -a $USERNAME kvm
sudo systemctl enable libvirtd
sudo systemctl start libvirtd
Make sure to relogin after following the steps above. To create a network:
- Open virt-manager
- Click on QEMU/KVM
- Click Edit > Connection Details in the menu
- Click the Virtual Networks tab
- Click the
+
(plus sign) button in the bottom left corner of the newly opened window - Name it whatever
- Select NAT as Mode
- Leave everything else as it is
- Click finish
- To start the network, select it in the sidebar and press the
▶️ (play icon) button - To stop the network, press the icon to its left with the 🛑 (stop street sign icon) button (note: the icons could be different depending on the theme)
- To start the network on boot, select it in the sidebar and toggle the checkbox that says Autostart: On Boot
- Install
qt5ct
from the repos andadwaita-qt
from the AUR - Open up the
qt5ct
application and select your favorite Adwaita flavor with the default color scheme and press apply - Add the following to
~/.pam_environment
:
QT_QPA_PLATFORMTHEME=qt5ct
- Add the following to
~/.profile
:
[ "$XDG_CURRENT_DESKTOP" = "Openbox" ] || export QT_QPA_PLATFORMTHEME="qt5ct"
Edit ~/.Xresources
Xft.dpi: 110
Xft.autohint: 0
Xft.lcdfilter: lcdlegacy
Xft.hintstyle: hintfull
Xft.hinting: 1
Xft.antialias: 1
Xft.rgba: rgb
! Style: nightfox
! Upstream: https://github.com/edeneast/nightfox.nvim/raw/main/extra/nightfox/nightfox.Xresources
*background: #192330
*foreground: #cdcecf
*color0: #393b44
*color1: #c94f6d
*color2: #81b29a
*color3: #dbc074
*color4: #719cd6
*color5: #9d79d6
*color6: #63cdcf
*color7: #dfdfe0
*color8: #575860
*color9: #d16983
*color10: #8ebaa4
*color11: #e0c989
*color12: #86abdc
*color13: #baa1e2
*color14: #7ad5d6
*color15: #e4e4e5