From 44872306eb1c86b05462950f6867fb7f03ba8086 Mon Sep 17 00:00:00 2001 From: rene Date: Sun, 15 Mar 2026 12:44:54 +0100 Subject: [PATCH 1/3] setup-desktop: source ~/.secrets in .zshrc fuer API-Keys --- setup-desktop-asahi.sh | 231 +++++++++++++++++++++++++++++++++++++++++ setup-desktop.sh | 10 ++ 2 files changed, 241 insertions(+) create mode 100644 setup-desktop-asahi.sh diff --git a/setup-desktop-asahi.sh b/setup-desktop-asahi.sh new file mode 100644 index 0000000..38e40e1 --- /dev/null +++ b/setup-desktop-asahi.sh @@ -0,0 +1,231 @@ +#!/bin/bash +# macbook-setup/setup-desktop-asahi.sh +# Desktop-Setup fuer Asahi Linux (Fedora Remix) auf Apple Silicon M1 +# Braucht eine laufende Desktop-Session (XFCE) — NICHT in chroot ausfuehren! +# Verwendung: bash setup-desktop-asahi.sh +# Wird automatisch beim ersten Login gestartet (via Autostart) + +export LANG=en_US.UTF-8 +FORGEJO="https://git.motocamp.de" +DOTFILES_REPO="$FORGEJO/rene/dotfiles-rene.git" + +# ── Farben ────────────────────────────────────────────────────────────── +RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m' +ok() { echo -e "${GREEN}[OK] $*${NC}"; } +warn() { echo -e "${YELLOW}[!!] $*${NC}"; } +fail() { echo -e "${RED}[FAIL] $*${NC}"; } + +# ── Root-Check ─────────────────────────────────────────────────────────── +[[ $EUID -eq 0 ]] && { fail "Nicht als root ausfuehren!"; exit 1; } + +echo "" +echo "============================================" +echo " setup-desktop-asahi.sh startet" +echo "============================================" + +# ── 1. oh-my-zsh ──────────────────────────────────────────────────────── +echo -e "\n=== 1/8 oh-my-zsh ===" +if [[ ! -d ~/.oh-my-zsh ]]; then + sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended +fi +ok "oh-my-zsh installiert" + +# ── 2. Zsh-Plugins & Powerlevel10k ────────────────────────────────────── +echo -e "\n=== 2/8 Zsh-Plugins & Powerlevel10k ===" + +# zsh-syntax-highlighting +ZSH_SHL_DIR="${ZSH_CUSTOM:-$HOME/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting" +if [[ ! -d "$ZSH_SHL_DIR/.git" ]]; then + rm -rf "$ZSH_SHL_DIR" + git clone https://github.com/zsh-users/zsh-syntax-highlighting.git "$ZSH_SHL_DIR" +fi +ok "zsh-syntax-highlighting" + +# Powerlevel10k +P10K_DIR="${ZSH_CUSTOM:-$HOME/.oh-my-zsh/custom}/themes/powerlevel10k" +if [[ ! -d "$P10K_DIR/.git" ]]; then + rm -rf "$P10K_DIR" + git clone --depth=1 https://github.com/romkatv/powerlevel10k.git "$P10K_DIR" +fi +ok "Powerlevel10k" + +# ── 3. MesloLGS NF Font (Powerlevel10k-Icons) ─────────────────────────── +echo -e "\n=== 3/8 MesloLGS NF Font ===" +FONT_DIR="$HOME/.local/share/fonts" +mkdir -p "$FONT_DIR" +FONT_BASE="https://github.com/romkatv/powerlevel10k-media/raw/master" +for font in "MesloLGS NF Regular.ttf" "MesloLGS NF Bold.ttf" \ + "MesloLGS NF Italic.ttf" "MesloLGS NF Bold Italic.ttf"; do + if [[ ! -f "$FONT_DIR/$font" ]]; then + curl -fsSL -o "$FONT_DIR/$font" "$FONT_BASE/${font// /%20}" + fi +done +fc-cache -f "$FONT_DIR" 2>/dev/null || true +ok "MesloLGS NF Fonts installiert" + +# ── 4. npm global + Claude Code ───────────────────────────────────────── +echo -e "\n=== 4/8 Claude Code ===" +mkdir -p ~/.npm-global +npm config set prefix '~/.npm-global' +export PATH="$HOME/.npm-global/bin:$PATH" +npm install -g @anthropic-ai/claude-code +ok "Claude Code installiert" + +# ── 5. Flatpak-Apps (Brave + ggf. weitere) ────────────────────────────── +echo -e "\n=== 5/8 Flatpak-Apps ===" +flatpak remote-add --user --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo + +# Brave Browser +flatpak install --user -y flathub com.brave.Browser +ok "Brave Browser installiert (Flatpak)" + +# PrusaSlicer — ARM64-Flatpak evtl. nicht verfuegbar +if flatpak install --user -y flathub com.prusa3d.PrusaSlicer 2>/dev/null; then + ok "PrusaSlicer installiert (Flatpak)" +else + warn "PrusaSlicer Flatpak nicht verfuegbar fuer ARM64 — ggf. aus Source bauen" +fi + +# ── 6. PlatformIO (pipx) ──────────────────────────────────────────────── +echo -e "\n=== 6/8 PlatformIO ===" +if ! command -v pio &>/dev/null; then + if pipx install platformio 2>/dev/null; then + pipx ensurepath + ok "PlatformIO installiert (pipx)" + else + warn "PlatformIO: Installation fehlgeschlagen (ARM64-Toolchains evtl. nicht verfuegbar)" + fi +else + ok "PlatformIO bereits installiert" +fi + +# ── 7. Dot-Files ──────────────────────────────────────────────────────── +echo -e "\n=== 7/8 Dot-Files ===" +DOTFILES_DIR="$HOME/git-projekte/dotfiles-rene" +if [[ ! -d "$DOTFILES_DIR" ]]; then + mkdir -p "$HOME/git-projekte" + git clone "$DOTFILES_REPO" "$DOTFILES_DIR" +fi + +# Neovim +if [[ -f "$DOTFILES_DIR/nvim/install-nvim-dotfiles.sh" ]]; then + bash "$DOTFILES_DIR/nvim/install-nvim-dotfiles.sh" + ok "Dot-Files: nvim" +fi + +# Micro +if [[ -f "$DOTFILES_DIR/micro/install-micro-dotfiles.sh" ]]; then + bash "$DOTFILES_DIR/micro/install-micro-dotfiles.sh" + ok "Dot-Files: micro" +fi + +# oh-my-zsh custom (platformio.zsh etc.) +if [[ -d "$DOTFILES_DIR/oh-my-zsh/custom" ]] && [[ -d ~/.oh-my-zsh/custom ]]; then + for f in "$DOTFILES_DIR/oh-my-zsh/custom"/*.zsh; do + [[ -f "$f" ]] && ln -sf "$f" ~/.oh-my-zsh/custom/ + done + ok "Dot-Files: oh-my-zsh custom" +fi + +# heic-scripts nach ~/bin +mkdir -p ~/bin +if [[ -d "$DOTFILES_DIR/heic-scripts" ]]; then + for script in "$DOTFILES_DIR/heic-scripts"/*; do + [[ -f "$script" ]] && chmod +x "$script" && ln -sf "$script" ~/bin/ + done + ok "Dot-Files: heic-scripts -> ~/bin" +fi + +# git-check-all.sh + git-update-all.sh nach ~/ +if [[ -d "$DOTFILES_DIR/bin" ]]; then + for script in "$DOTFILES_DIR/bin"/*; do + [[ -f "$script" ]] && chmod +x "$script" && ln -sf "$script" ~/ + done + ok "Dot-Files: git-check-all.sh, git-update-all.sh, git-sync-all.sh -> ~/" +fi + +# .zshrc (Symlink aus dotfiles-rene) +if [[ -f "$DOTFILES_DIR/zsh/install-zsh-dotfiles.sh" ]]; then + bash "$DOTFILES_DIR/zsh/install-zsh-dotfiles.sh" + ok "Dot-Files: .zshrc" +fi + +# ~/.secrets fuer API-Keys (source in .zshrc eintragen) +if ! grep -q 'source ~/.secrets' ~/.zshrc 2>/dev/null; then + echo '' >> ~/.zshrc + echo '# API-Keys (nicht ins Repo!)' >> ~/.zshrc + echo '[[ -f ~/.secrets ]] && source ~/.secrets' >> ~/.zshrc + ok "source ~/.secrets in .zshrc eingetragen" +fi + +# .p10k.zsh +if [[ -f "$DOTFILES_DIR/.p10k.zsh" ]]; then + cp "$DOTFILES_DIR/.p10k.zsh" ~/.p10k.zsh + ok "Dot-Files: .p10k.zsh" +else + warn ".p10k.zsh nicht im Dotfiles-Repo — beim ersten zsh-Start 'p10k configure' ausfuehren" +fi + +# ── 8. XFCE-Einstellungen ─────────────────────────────────────────────── +echo -e "\n=== 8/8 XFCE-Einstellungen ===" + +# Keyboard: XFCE soll System-Layout respektieren +if command -v xfconf-query &>/dev/null; then + xfconf-query -c keyboard-layout -p /Default/XkbDisable -n -t bool -s true 2>/dev/null || true + ok "XFCE Keyboard: System-Layout wird verwendet" +fi + +# Energieeinstellungen +if command -v xfconf-query &>/dev/null; then + xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/dpms-on-ac-off -s 0 --create -t int + xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/dpms-on-ac-sleep -s 0 --create -t int + xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/blank-on-ac -s 0 --create -t int + xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/blank-on-battery -s 5 --create -t int + xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/dpms-on-battery-sleep -s 6 --create -t int + xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/dpms-on-battery-off -s 7 --create -t int + ok "XFCE Power Manager konfiguriert" +else + warn "xfconf-query nicht gefunden — XFCE Energieeinstellungen uebersprungen" +fi + +# XFCE Terminal: MesloLGS NF als Schriftart setzen +XFCE_TERM_RC="$HOME/.config/xfce4/terminal/terminalrc" +if [[ -d "$HOME/.config/xfce4" ]]; then + mkdir -p "$(dirname "$XFCE_TERM_RC")" + if [[ -f "$XFCE_TERM_RC" ]]; then + sed -i 's/^FontName=.*/FontName=MesloLGS NF 11/' "$XFCE_TERM_RC" 2>/dev/null || true + else + cat > "$XFCE_TERM_RC" <<'TERMEOF' +[Configuration] +FontName=MesloLGS NF 11 +MiscAlwaysShowTabs=FALSE +MiscBell=FALSE +MiscDefaultGeometry=120x35 +ScrollingBar=TERMINAL_SCROLLBAR_NONE +TERMEOF + fi + ok "XFCE Terminal: MesloLGS NF Schriftart" +fi + +# ── Autostart entfernen ───────────────────────────────────────────────── +AUTOSTART_FILE="$HOME/.config/autostart/macbook-setup-desktop.desktop" +if [[ -f "$AUTOSTART_FILE" ]]; then + rm "$AUTOSTART_FILE" + ok "Firstboot-Autostart entfernt" +fi + +# ── Zusammenfassung ────────────────────────────────────────────────────── +echo "" +echo "============================================" +echo -e " ${GREEN}Desktop-Setup abgeschlossen!${NC}" +echo "============================================" +echo "" +warn "Noch manuell erledigen:" +echo " 1. Synology Drive Client installieren (falls ARM64-Version verfuegbar)" +echo " 2. Thunderbird starten -> Profil aus Synology Drive einbinden" +echo " 3. Brave starten -> Synchronisation einrichten" +echo " 4. Falls p10k-Icons fehlen: Terminal-Schriftart auf 'MesloLGS NF' setzen" +echo " 5. API-Key aus Bitwarden in ~/.secrets eintragen:" +echo " echo 'export ANTHROPIC_API_KEY=\"sk-ant-...\"' > ~/.secrets && chmod 600 ~/.secrets" +echo " 6. Falls PrusaSlicer fehlt: aus Source bauen (kein ARM64-Flatpak)" +echo " 7. PlatformIO testen: ESP32-Toolchains evtl. nur x86 verfuegbar" diff --git a/setup-desktop.sh b/setup-desktop.sh index edf3128..15e0b2a 100755 --- a/setup-desktop.sh +++ b/setup-desktop.sh @@ -138,6 +138,14 @@ if [[ -f "$DOTFILES_DIR/zsh/install-zsh-dotfiles.sh" ]]; then ok "Dot-Files: .zshrc" fi +# ~/.secrets fuer API-Keys (source in .zshrc eintragen) +if ! grep -q 'source ~/.secrets' ~/.zshrc 2>/dev/null; then + echo '' >> ~/.zshrc + echo '# API-Keys (nicht ins Repo!)' >> ~/.zshrc + echo '[[ -f ~/.secrets ]] && source ~/.secrets' >> ~/.zshrc + ok "source ~/.secrets in .zshrc eingetragen" +fi + # .p10k.zsh (vom Mac kopieren, falls im Repo vorhanden, sonst Wizard beim ersten Start) if [[ -f "$DOTFILES_DIR/.p10k.zsh" ]]; then cp "$DOTFILES_DIR/.p10k.zsh" ~/.p10k.zsh @@ -205,3 +213,5 @@ echo " 1. Synology Drive Client installieren (.deb von synology.com)" echo " 2. Thunderbird starten → Profil aus Synology Drive einbinden" echo " 3. Brave starten → Synchronisation einrichten" echo " 4. Falls p10k-Icons fehlen: Terminal-Schriftart auf 'MesloLGS NF' setzen" +echo " 5. API-Key aus Bitwarden in ~/.secrets eintragen:" +echo " echo 'export ANTHROPIC_API_KEY=\"sk-ant-...\"' > ~/.secrets && chmod 600 ~/.secrets" From f3755553c6b9671fee9e7500bfa4442fb4fe8f3d Mon Sep 17 00:00:00 2001 From: rene Date: Sun, 15 Mar 2026 12:52:44 +0100 Subject: [PATCH 2/3] setup-desktop: API-Key/secrets Einrichtung entfernt API-Key ueber ~/.secrets verursacht Zusatzkosten (separates API-Abrechnungssystem, nicht im Claude-Abo enthalten). Claude Code authentifiziert sich stattdessen per OAuth-Login ueber das Abo. --- setup-desktop.sh | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/setup-desktop.sh b/setup-desktop.sh index 15e0b2a..edf3128 100755 --- a/setup-desktop.sh +++ b/setup-desktop.sh @@ -138,14 +138,6 @@ if [[ -f "$DOTFILES_DIR/zsh/install-zsh-dotfiles.sh" ]]; then ok "Dot-Files: .zshrc" fi -# ~/.secrets fuer API-Keys (source in .zshrc eintragen) -if ! grep -q 'source ~/.secrets' ~/.zshrc 2>/dev/null; then - echo '' >> ~/.zshrc - echo '# API-Keys (nicht ins Repo!)' >> ~/.zshrc - echo '[[ -f ~/.secrets ]] && source ~/.secrets' >> ~/.zshrc - ok "source ~/.secrets in .zshrc eingetragen" -fi - # .p10k.zsh (vom Mac kopieren, falls im Repo vorhanden, sonst Wizard beim ersten Start) if [[ -f "$DOTFILES_DIR/.p10k.zsh" ]]; then cp "$DOTFILES_DIR/.p10k.zsh" ~/.p10k.zsh @@ -213,5 +205,3 @@ echo " 1. Synology Drive Client installieren (.deb von synology.com)" echo " 2. Thunderbird starten → Profil aus Synology Drive einbinden" echo " 3. Brave starten → Synchronisation einrichten" echo " 4. Falls p10k-Icons fehlen: Terminal-Schriftart auf 'MesloLGS NF' setzen" -echo " 5. API-Key aus Bitwarden in ~/.secrets eintragen:" -echo " echo 'export ANTHROPIC_API_KEY=\"sk-ant-...\"' > ~/.secrets && chmod 600 ~/.secrets" From b27d5c81c1e82f34b295500ada77885b5b5da750 Mon Sep 17 00:00:00 2001 From: rene Date: Sun, 15 Mar 2026 14:48:36 +0100 Subject: [PATCH 3/3] setup-base-asahi: auf Terminal-Grundsetup reduziert Fokus auf sichere, testbare Pakete (zsh, Terminal-Tools, Spass-Tools). System-spezifisches (XFCE, HiDPI, WireGuard, Energie) wird vor Ort auf dem Asahi-System eingerichtet und getestet. --- setup-base-asahi.sh | 139 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 139 insertions(+) create mode 100644 setup-base-asahi.sh diff --git a/setup-base-asahi.sh b/setup-base-asahi.sh new file mode 100644 index 0000000..de5ff7c --- /dev/null +++ b/setup-base-asahi.sh @@ -0,0 +1,139 @@ +#!/bin/bash +# macbook-setup/setup-base-asahi.sh +# Basis-Setup fuer Asahi Linux (Fedora Remix) auf Apple Silicon M1 +# Fokus: Terminal-Umgebung (zsh, Tools, Screensaver) +# System-spezifisches (XFCE, HiDPI, WireGuard, Energie) wird vor Ort gemacht +# Verwendung: sudo bash setup-base-asahi.sh +# Kann mehrfach ausgefuehrt werden (idempotent) + +# ── Farben ────────────────────────────────────────────────────────────── +RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; NC='\033[0m' +ok() { echo -e "${GREEN}[OK] $*${NC}"; } +warn() { echo -e "${YELLOW}[!!] $*${NC}"; } +fail() { echo -e "${RED}[FAIL] $*${NC}"; } + +# ── Root-Check ───────────────────────────────────────────────────────── +[[ $EUID -ne 0 ]] && { fail "Bitte als root ausfuehren (sudo)"; exit 1; } + +echo "" +echo "============================================" +echo " setup-base-asahi.sh fuer M1 (Asahi Linux)" +echo " Terminal-Grundsetup" +echo "============================================" + +# ── 1. sudoers ─────────────────────────────────────────────────────────── +echo -e "\n=== 1/7 sudoers ===" +cat > /etc/sudoers <<'SUDOEOF' +Defaults env_reset +Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + +root ALL=(ALL:ALL) ALL +%wheel ALL=(ALL:ALL) ALL + +@includedir /etc/sudoers.d +SUDOEOF +chmod 440 /etc/sudoers +echo "rene ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/rene +chmod 440 /etc/sudoers.d/rene +ok "sudoers: Linux-Standard + NOPASSWD fuer rene" + +# ── 2. Locale & Timezone ──────────────────────────────────────────────── +echo -e "\n=== 2/7 Locale & Timezone ===" +dnf install -y glibc-langpack-de 2>/dev/null || true +localectl set-locale LANG=de_DE.UTF-8 +timedatectl set-timezone Europe/Berlin 2>/dev/null || true +ok "Locale: de_DE.UTF-8, Timezone: Europe/Berlin" + +# ── 3. Sleep verhindern waehrend Installation ─────────────────────────── +echo -e "\n=== 3/7 Sleep verhindern ===" +systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target 2>/dev/null || true +ok "Sleep/Suspend deaktiviert (fuer Installation)" + +# ── 4. System aktualisieren ───────────────────────────────────────────── +echo -e "\n=== 4/7 System aktualisieren ===" +dnf upgrade -y || warn "dnf upgrade hatte Probleme" +ok "System aktuell" + +# ── 5. Pakete installieren ────────────────────────────────────────────── +echo -e "\n=== 5/7 Pakete installieren ===" + +# Basis-Tools +dnf install -y \ + git curl wget \ + zsh neovim micro \ + python3 python3-pip pipx \ + nodejs npm \ + openssh-server \ + bc \ +|| warn "Einige Basis-Pakete konnten nicht installiert werden" + +# Terminal-Tools +dnf install -y \ + bat eza fd-find fzf ripgrep tldr ncdu duf \ + zoxide \ + htop btop \ + fastfetch \ +|| warn "Einige Terminal-Tools konnten nicht installiert werden" + +# Spass-Tools +dnf install -y \ + cowsay fortune-mod \ + cmatrix \ + perl-Curses \ +|| warn "Einige Spass-Tools konnten nicht installiert werden" + +ok "Pakete installiert" + +# asciiquarium (Perl-basiert, nicht in Fedora-Repos) +echo "" +perl -MTerm::Animation -e1 2>/dev/null || cpan -T Term::Animation +if ! command -v asciiquarium &>/dev/null; then + curl -fsSL https://robobunny.com/projects/asciiquarium/asciiquarium_1.1.tar.gz -o /tmp/asciiquarium.tar.gz \ + && tar xzf /tmp/asciiquarium.tar.gz -C /tmp \ + && cp /tmp/asciiquarium_1.1/asciiquarium /usr/local/bin/ \ + && chmod +x /usr/local/bin/asciiquarium \ + && ok "asciiquarium installiert" \ + || warn "asciiquarium uebersprungen" + # Patch: beliebige Taste beendet asciiquarium (statt nur 'q') + if [ -f /usr/local/bin/asciiquarium ]; then + sed -i '/\$in eq .q.*quit/d' /usr/local/bin/asciiquarium + sed -i "s/elsif( \$in eq 'r'/if ( \$in eq 'r'/" /usr/local/bin/asciiquarium + sed -i "/\$in eq 'p'.*paused/a\\\t\t\telsif( \$in ne ERR ) { quit(); } # Any key exits" /usr/local/bin/asciiquarium + fi + rm -rf /tmp/asciiquarium* +fi + +# ── 6. /etc/hosts ─────────────────────────────────────────────────────── +echo -e "\n=== 6/7 /etc/hosts ===" +for entry in "10.47.11.10 dsm.motocamp.de" "10.47.11.23 git.motocamp.de"; do + host="${entry##* }" + if ! grep -q "$host" /etc/hosts; then + echo "$entry" >> /etc/hosts + ok "/etc/hosts: $host" + else + ok "/etc/hosts: $host (bereits vorhanden)" + fi +done + +# ── 7. Services & Shell ───────────────────────────────────────────────── +echo -e "\n=== 7/7 Services & Shell ===" +systemctl enable sshd 2>/dev/null || true +systemctl start sshd 2>/dev/null || true + +# zsh als Standard-Shell +chsh -s /bin/zsh rene 2>/dev/null || true +ok "sshd aktiviert, zsh als Standard-Shell" + +# Sleep wieder erlauben +systemctl unmask sleep.target suspend.target hibernate.target hybrid-sleep.target 2>/dev/null || true + +# ── Zusammenfassung ────────────────────────────────────────────────────── +echo "" +echo "============================================" +echo -e " ${GREEN}Terminal-Grundsetup abgeschlossen!${NC}" +echo "============================================" +echo "" +echo "Naechste Schritte:" +echo " 1. Ausloggen und als rene mit zsh neu einloggen" +echo " 2. setup-desktop-asahi.sh ausfuehren (oh-my-zsh, Dotfiles, p10k)" +echo " 3. System-Setup (XFCE, HiDPI, WireGuard etc.) vor Ort machen"