nftable-migration
  1#+TITLE: Wakasu Configuration
  2#+FILETAGS: imperative fedora desktop wakasu
  3
  4Configuration scripts for the Wakasu system, a Fedora-based desktop.
  5
  6* Overview
  7
  8This directory contains idempotent configuration scripts for the Wakasu host, which runs Fedora and is not managed by NixOS.
  9
 10** System Information
 11
 12- *Hostname:* wakasu
 13- *OS:* Fedora
 14- *Type:* Desktop
 15- *User:* vincent
 16- *VPN Address:* 10.100.0.90/24
 17
 18* Files
 19
 20** =apply.sh=
 21
 22The main configuration script that sets up the system. This script is designed to be run multiple times safely (idempotent).
 23
 24* Setup Components
 25
 26The =apply.sh= script configures the following:
 27
 28** Default Packages
 29- *helix* - Modern terminal-based text editor
 30- *acpi* - Command-line utilities for ACPI (power management)
 31
 32** Syncthing
 33- Installs Syncthing from Fedora repositories
 34- Enables and starts systemd user service for user =vincent=
 35- Enables loginctl lingering so service starts at boot
 36- Syncthing will be available at http://localhost:8384
 37
 38** Wireguard VPN
 39- Installs wireguard-tools package
 40- Creates =/etc/wireguard/wg0.conf= with VPN settings
 41- Connects to VPN endpoint at 167.99.17.238:51820
 42- Assigns client IP: 10.100.0.90/24
 43- Requires =WG_PRIVATE_KEY= environment variable
 44- Gracefully skips configuration if private key is not provided
 45
 46* Usage
 47
 48** Running the Script
 49
 50From the repository root:
 51
 52#+begin_src bash
 53# Basic run (wireguard config will be skipped)
 54sudo ./imperative/wakasu/apply.sh
 55
 56# With wireguard private key
 57sudo WG_PRIVATE_KEY="your-private-key-here" ./imperative/wakasu/apply.sh
 58#+end_src
 59
 60** First-Time Setup
 61
 621. Ensure you have root/sudo access
 632. Have your wireguard private key ready (optional)
 643. Run the script
 65
 66** Updating Configuration
 67
 68Simply re-run the script. It's designed to be idempotent, meaning running it multiple times will bring the system to the desired state without causing issues.
 69
 70** Enabling Wireguard
 71
 72After running the script with =WG_PRIVATE_KEY=:
 73
 74#+begin_src bash
 75# Start wireguard
 76sudo systemctl start wg-quick@wg0
 77
 78# Enable wireguard at boot
 79sudo systemctl enable wg-quick@wg0
 80
 81# Check status
 82sudo systemctl status wg-quick@wg0
 83#+end_src
 84
 85** Managing Syncthing
 86
 87#+begin_src bash
 88# Check syncthing status
 89systemctl --user status syncthing
 90
 91# Restart syncthing
 92systemctl --user restart syncthing
 93
 94# View syncthing logs
 95journalctl --user -u syncthing
 96#+end_src
 97
 98* Default Packages Explained
 99
100** Helix
101A modern, Kakoune/Neovim inspired editor with built-in LSP support and tree-sitter syntax highlighting. Provides a powerful terminal-based editing experience.
102
103** ACPI
104Utilities for monitoring battery, temperature, and power management on laptops. Useful for checking battery status and system power state.
105
106* Notes
107
108- The script uses =set -euo pipefail= for strict error handling
109- All setup functions are prefixed with =setup.=
110- Logging functions provide colored output for better readability
111- User-specific configuration is stored in the =USER_NAME= variable