n/essentialsoftware: note systemd equivalents (systemd-{oomd,resolved,networkd,timesyncd}

This commit is contained in:
Aminda Suomalainen 2023-09-30 10:43:17 +03:00
parent 70dbf93977
commit 2c925e73c3
Signed by: Mikaela
SSH Key Fingerprint: SHA256:CXLULpqNBdUKB6E6fLA1b/4SzG0HvKD19PbIePU175Q

View File

@ -30,15 +30,20 @@ This is just a quick personal reference so I don't have to guess.
- `apt-listchanges` changelogs are worth knowing when updating. - `apt-listchanges` changelogs are worth knowing when updating.
- `apt-listbugs` known bugs are especially nice when performing bigger updates. - `apt-listbugs` known bugs are especially nice when performing bigger updates.
- `chrony` - security demands the time to be correct, Chrony supports NTS and is proper NTP server instead of just SNTP like systemd-timesyncd. - `chrony` - security demands the time to be correct, Chrony supports NTS and is proper NTP server instead of just SNTP like systemd-timesyncd.
- alternatively configure `systemd-timesyncd`
- `unbound` - my choice for both DNSSEC validating and DNS-over-TLS, even if I had it connect to upstream dns\[crypt\]proxy - `unbound` - my choice for both DNSSEC validating and DNS-over-TLS, even if I had it connect to upstream dns\[crypt\]proxy
- alternatively configure `systemd-resolved`. Simultaneously `systemd-networkd` may be a good idea.
- `unattended-upgrades` or `dnf-automatic` so security updates are at least downloaded if not even directly installed (see configuration and systemd units!) - `unattended-upgrades` or `dnf-automatic` so security updates are at least downloaded if not even directly installed (see configuration and systemd units!)
## Usability ## Usability
- `nvim git tmux zsh` - good luck without these - `nvim git tmux zsh` - good luck without these
- if cryptographic operations are taking ages, consider something like `haveged`. It's controversial, so if there are no issues, don't install a random number generator. - if cryptographic operations are taking ages, consider something like `haveged`. It's controversial, so if there are no issues, don't install a random number generator.
- `earlyoom` - may avoid frozen systems, much more pleasant than dealing with a frozen system - userspace oom killer, may avoid frozen systems, much more pleasant than actually having to deal with a frozen system.
- `earlyoom`
- remember to `sudo systemctl enable --now earlyoom` - remember to `sudo systemctl enable --now earlyoom`
- `systemd-oomd`
- remember to `sudo systemctl enable --now systemd-oomd`
- `zram-tools` - small compressed swap in RAM - `zram-tools` - small compressed swap in RAM
- Remember to check configs! Fedora: `/etc/zram.conf` - Remember to check configs! Fedora: `/etc/zram.conf`
- `sudo systemctl enable --now zramswap.service zram-swap.service` - `sudo systemctl enable --now zramswap.service zram-swap.service`