• 98 Posts
  • 76 Comments
Joined 1 year ago
cake
Cake day: June 14th, 2023

help-circle

  • Yes, it’s something you write yourself. Bash is the language you use when you use the terminal. A bash script is just many lines of bash commands.

    A bash script could be as simple as

    dnf install package1 package2 package3
    dnf remove package4 package5 package6
    

    This script automates installing some packages and removing some packages. The bash script I use does a lot more, such as running commands to configure Gnome how I like it.

    If you’re not comfortable with the terminal, I would definitely recommend staying away from NixOS. To declaratively/reproducibly set up the system, it uses a language called Nix that is a fair bit more complicated than bash. It’s also just very different from traditional Linux systems like Fedora or Ubuntu.


  • Personally, I use Fedora Silverblue and use bash scripts for reproducibility. To set up a new system, all I need to to is install, reboot, run my bash script, reboot, and my system is 90% configured. With bash scripts, I am able to reproduce more of my system than I could when I used NixOS.

    A lot of people recommend Nix, but the thing about Nix is that you’re only declaring how the system is configured. Not your home folder. You need to rely on third party tools for that.

    Bash scripts can configure system and home folder. They can also be used on any distro, whereas a Nix configuration file only works on NixOS.

    Though the worst part about any new install is just signing back into everything, especially an annoyance when you have proper 2FA setup. Bash scripts or Nix can’t solve that unless you migrate data over.














  • For Secure Boot, the kernel is “signed” with a key. During boot up, Secure Boot checks to make sure that key is valid. Most kernels are signed with Microsoft’s key that is preloaded on basically every system. However, not all kernels can be signed with Microsoft’s key; if you install a proprietary driver (which you likely selected to during the setup), to continue using secure boot you need to sign the kernel using your own key.

    That’s what MOK management is for. You are adding your own key to your system to use for Secure Boot.

    Personally, I just disable Secure Boot. While it does have some security benefits, it’s not worth the headache IMO.























  • I have a bash script I use to script my Silverblue install. Something like this should work.

    # space-separated list of packages to install
    S_RPM_PACKAGES_TO_INSTALL="pkg1 pkg2 pkg3"
    
    # function to install the packages
    dnf_install () {
    	sudo dnf install -y $1
    }
    
    # call to function, passing the list
    dnf_install "$S_RPM_PACKAGES_TO_INSTALL"
    

    I have it set up this way so that I just have a bunch of bash variables describing the stuff I want to install all at the top of the file, but the function definitions and calls lower down since I don’t need to see them.

    It also does other things like removes packages from the system, removes some preinstalled flatpaks, installs flatpaks from Fedora Flatpaks / Flathub / gnome-nightly, and sets up gnome through a list gsettings commands.

    As I use my system, I add new apps to the list I want next time I install and remove apps I don’t use.