essentialsoftware.md: attempt to recover from removing all flatpaks

Gemfile.lock

@@ -21,24 +21,24 @@ GEM
     bigdecimal (3.1.9)
     colorator (1.1.0)
     concurrent-ruby (1.3.5)
-    connection_pool (2.5.0)
+    connection_pool (2.5.3)
     csv (3.3.4)
     drb (2.2.1)
     em-websocket (0.5.3)
       eventmachine (>= 0.12.9)
       http_parser.rb (~> 0)
     eventmachine (1.2.7)
-    ffi (1.17.1)
-    ffi (1.17.1-aarch64-linux-gnu)
-    ffi (1.17.1-aarch64-linux-musl)
-    ffi (1.17.1-arm-linux-gnu)
-    ffi (1.17.1-arm-linux-musl)
-    ffi (1.17.1-arm64-darwin)
-    ffi (1.17.1-x86-linux-gnu)
-    ffi (1.17.1-x86-linux-musl)
-    ffi (1.17.1-x86_64-darwin)
-    ffi (1.17.1-x86_64-linux-gnu)
-    ffi (1.17.1-x86_64-linux-musl)
+    ffi (1.17.2)
+    ffi (1.17.2-aarch64-linux-gnu)
+    ffi (1.17.2-aarch64-linux-musl)
+    ffi (1.17.2-arm-linux-gnu)
+    ffi (1.17.2-arm-linux-musl)
+    ffi (1.17.2-arm64-darwin)
+    ffi (1.17.2-x86-linux-gnu)
+    ffi (1.17.2-x86-linux-musl)
+    ffi (1.17.2-x86_64-darwin)
+    ffi (1.17.2-x86_64-linux-gnu)
+    ffi (1.17.2-x86_64-linux-musl)
     forwardable-extended (2.6.0)
     google-protobuf (4.30.2)
       bigdecimal
@@ -102,7 +102,7 @@ GEM
       jekyll (>= 3.7, < 5.0)
     jekyll-watch (2.2.1)
       listen (~> 3.0)
-    json (2.10.2)
+    json (2.11.3)
     kramdown (2.5.1)
       rexml (>= 3.3.9)
     kramdown-parser-gfm (1.1.0)
@@ -119,24 +119,24 @@ GEM
       jekyll-feed (~> 0.9)
       jekyll-seo-tag (~> 2.1)
     minitest (5.25.5)
-    nokogiri (1.18.7)
+    nokogiri (1.18.8)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    nokogiri (1.18.7-aarch64-linux-gnu)
+    nokogiri (1.18.8-aarch64-linux-gnu)
       racc (~> 1.4)
-    nokogiri (1.18.7-aarch64-linux-musl)
+    nokogiri (1.18.8-aarch64-linux-musl)
       racc (~> 1.4)
-    nokogiri (1.18.7-arm-linux-gnu)
+    nokogiri (1.18.8-arm-linux-gnu)
       racc (~> 1.4)
-    nokogiri (1.18.7-arm-linux-musl)
+    nokogiri (1.18.8-arm-linux-musl)
       racc (~> 1.4)
-    nokogiri (1.18.7-arm64-darwin)
+    nokogiri (1.18.8-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.18.7-x86_64-darwin)
+    nokogiri (1.18.8-x86_64-darwin)
       racc (~> 1.4)
-    nokogiri (1.18.7-x86_64-linux-gnu)
+    nokogiri (1.18.8-x86_64-linux-gnu)
       racc (~> 1.4)
-    nokogiri (1.18.7-x86_64-linux-musl)
+    nokogiri (1.18.8-x86_64-linux-musl)
       racc (~> 1.4)
     pathutil (0.16.2)
       forwardable-extended (~> 2.6)
@@ -150,40 +150,40 @@ GEM
     rbs (3.9.2)
       logger
     rexml (3.4.1)
-    rouge (4.5.1)
+    rouge (4.5.2)
     safe_yaml (1.0.5)
-    sass-embedded (1.86.3)
+    sass-embedded (1.87.0)
       google-protobuf (~> 4.30)
       rake (>= 13)
-    sass-embedded (1.86.3-aarch64-linux-android)
+    sass-embedded (1.87.0-aarch64-linux-android)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-aarch64-linux-gnu)
+    sass-embedded (1.87.0-aarch64-linux-gnu)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-aarch64-linux-musl)
+    sass-embedded (1.87.0-aarch64-linux-musl)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-aarch64-mingw-ucrt)
+    sass-embedded (1.87.0-aarch64-mingw-ucrt)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-arm-linux-androideabi)
+    sass-embedded (1.87.0-arm-linux-androideabi)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-arm-linux-gnueabihf)
+    sass-embedded (1.87.0-arm-linux-gnueabihf)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-arm-linux-musleabihf)
+    sass-embedded (1.87.0-arm-linux-musleabihf)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-arm64-darwin)
+    sass-embedded (1.87.0-arm64-darwin)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-riscv64-linux-android)
+    sass-embedded (1.87.0-riscv64-linux-android)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-riscv64-linux-gnu)
+    sass-embedded (1.87.0-riscv64-linux-gnu)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-riscv64-linux-musl)
+    sass-embedded (1.87.0-riscv64-linux-musl)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-x86_64-darwin)
+    sass-embedded (1.87.0-x86_64-darwin)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-x86_64-linux-android)
+    sass-embedded (1.87.0-x86_64-linux-android)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-x86_64-linux-gnu)
+    sass-embedded (1.87.0-x86_64-linux-gnu)
       google-protobuf (~> 4.30)
-    sass-embedded (1.86.3-x86_64-linux-musl)
+    sass-embedded (1.87.0-x86_64-linux-musl)
       google-protobuf (~> 4.30)
     securerandom (0.4.1)
     syntax_tree (6.2.0)

n/essentialsoftware.md

@@ -25,6 +25,10 @@ _{{ page.excerpt }}_
 - [Security](#security)
 - [Usability](#usability)
   - [pipx](#pipx)
+- [Fedora Atomic](#fedora-atomic)
+  - [Flatpaks](#flatpaks)
+    - [Pay attention](#pay-attention)
+  - [Other essential atomic/kinoite/flatpak/gayming reading](#other-essential-atomickinoiteflatpakgayming-reading)
 - [Essential system configuration](#essential-system-configuration)
   - [Debian console](#debian-console)
   - [Terminus on Fedora](#terminus-on-fedora)
@@ -40,10 +44,11 @@ _{{ page.excerpt }}_
   - [sshd](#sshd)
   - [Encrypted DNS](#encrypted-dns)
   - [`/etc/xdg/autostart`](#etcxdgautostart)
-  - [`aminda-*.{service,socket]`](#aminda-servicesocket)
+  - [`aminda-*.{service,socket}`](#aminda-servicesocket)
 - [Remember!](#remember)
   - [Accessing UEFI setup without key smashing](#accessing-uefi-setup-without-key-smashing)
   - [Recovering selinux policy issues](#recovering-selinux-policy-issues)
+  - [Removing all flatpaks](#removing-all-flatpaks)
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
 
@@ -137,9 +142,106 @@ apps written in Python. Here is a small list to remember in no particular order.
 - `pipx install "git+https://github.com/aajanki/yle-dl"`
   - Downloader for `{areena,arenan}.yle.fi`, Finnish public broadcaster web
     portal.
+- `pipx install "git+https://github.com/syncplay/syncplay.git"`
+  - Client (and server) for synchronising playback of a file. All parties need
+    the same file, but seeking, playing and pausing are synchronized. Mpv
+    recommended!
 
 Just remember to `pipx upgrade-all` occassionally!
 
+## Fedora Atomic
+
+_By which I mean Fedora Kinoite unless otherwise specified._ A system where
+everyone runs the same image, except that as this section shows, I alter it a
+bit...
+
+```bash
+# Alter base image by adding packages I need on the base system
+sudo rpm-ostree install btop clang darkman duperemove gamescope git-lfs gnome-console htop mosh mpv neovim pipx pre-commit sshguard steam-devices symlinks syncthing terminus-fonts-console tmux tor unbound zsh
+# Delete kernel boot arguments that would display boot splash screen and hide verbose kernel messages
+sudo rpm-ostree kargs --delete=rhgb --delete=quiet
+# Add kernel boot arguments for stricter lockdown mode and CPU vulnerability mitigation
+sudo rpm-ostree kargs --append=lockdown=confidentiality --append=mitigations=auto,nosmt
+```
+
+### Flatpaks
+
+These also affect non-Fedora-Kinoite. And my first Fedora Kinoite installation
+is on a Steam Deck, so gayming related things have suddenly became essential.
+
+```bash
+# Considering everything is installed from there, it should exist
+sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
+# I need Nheko
+sudo flatpak remote-add --if-not-exists nheko-nightly https://nheko.im/nheko-reborn/nheko/-/raw/master/nheko-nightly.flatpakrepo
+# Flathub installations
+sudo flatpak install flathub com.github.tchx84.Flatseal com.github.wwmm.easyeffects com.heroicgameslauncher.hgl com.nextcloud.desktopclient.nextcloud com.rafaelmardojai.Blanket com.valvesoftware.Steam com.valvesoftware.Steam.CompatibilityTool.Proton-GE de.haeckerfelix.Shortwave im.dino.Dino it.mijorus.gearlever me.kozec.syncthingtk org.fedoraproject.MediaWriter net.davidotek.pupgui2 org.briarproject.Briar org.libreoffice.LibreOffice org.libreoffice.LibreOffice.BundledExtension.Voikko org.pulseaudio.pavucontrol org.signal.Signal org.squidowl.halloy org.telegram.desktop org.torproject.torbrowser-launcher org.mozilla.firefox org.videolan.VLC --assumeyes
+# Nheko nightly
+sudo flatpak install nheko-nightly im.nheko.Nheko//master --assumeyes
+```
+
+- Flatseal is a permission/override manager GUI, although one is integrated with
+  KDE Plasma systemsettings
+- Easyeffects features autogain, limiter, equalizer amongst other useful audio
+  features. I wasn't sure whether to include it here, but I do autostart it most
+  of the time...
+- HeroicGames supports GOG and Epic Games (and Amazon)
+- NextCloud is selfhosted Google/Office/whatever suite and the desktop client is
+  kind of Dropbox.
+- Blanket gives nice sounds for e.g. focusing, white and nature noise inclued
+- Steam needs no explanation
+- Proton GE is improved version of Proton, the WINE based compatibility layer
+  for playing Windows games and probably needs no introduction either
+- Shortwave is Radio Browser using Internet Radio app and woof approves having
+  it at paw
+- Dino is a modern XMPP client
+- Gearlever makes appimages less annoying a bit
+- Syncthing-gtk is a GUI for syncthing providing desktop notifications without
+  browser.
+- Spread the love of Fedora Kinoite by having Fedora Imagewriter!
+- ProtonUp allows downloading newer versions of Proton including Proton GE, in
+  flatpaks it's mainly useful for either SteamOS users or Heroic Games which
+  might actually have its integrated manager...
+- Briar is a P2P messenger using Tor or LAN, no bluetooth on desktop yet?
+- LibreOffice is world-famous office suite and Voikko Finnish spellchecking
+  support
+- pavucontrol is the volume manager and needs no introduction especially if one
+  looks at it
+- Signal is E2EE messenger
+- Halloy is a modern IRC client
+- Telegram is a common chat-app although not that secure
+- Tor Browser just must exist everywhere just in case!
+- Firefox is the last major non-Chromium web browser and while installed by
+  default, it may not survive `flatpak uninstall --all`.
+- VLC is a world-famous media player supporting ~everything and the flathub
+  apparently bundles libdvdcss having the capacity to play DVDs.
+- Nheko nightly is simply the best Matrix client
+
+#### Pay attention
+
+```bash
+sudo flatpak install org.freedesktop.Platform.VulkanLayer.MangoHud//23.08 org.freedesktop.Platform.VulkanLayer.gamescope//23.08
+```
+
+MangoHud and gamescope can be used by Heroic Games or manually in Steam (see
+gayming README below), but they might require specific version or branch, so
+after the dualslash change the branch from `23.08` if they decide to update to
+require a newer version.
+
+```bash
+# May be huge, especially TeXlive
+sudo flatpak install flathub org.freedesktop.Sdk.Extension.texlive org.kde.kile
+```
+
+### Other essential atomic/kinoite/flatpak/gayming reading
+
+- [init-browser-policies.bash](https://codeberg.org/Aminda/shell-things/src/branch/cxefa/etc/init-browser-policies.bash)
+  for setting up Firefox policies. It's shipped by default in Kinoite, otherwise
+  I would list it above.
+- [gayming/README.md](https://gitea.blesmrt.net/mikaela/gist/src/branch/master/gayming/README.md)
+  for earlier or other notes that didn't fit here or I don't want to duplicate
+  then.
+
 ## Essential system configuration
 
 Since software being present and doing nothing may not actually do anything.
@@ -304,7 +406,7 @@ Name=Tmux in Console
 Icon=org.gnome.Console
 ```
 
-### `aminda-*.{service,socket]`
+### `aminda-*.{service,socket}`
 
 They workaround either me or the distribution messing things up. While at it,
 don't forget `/etc/sysctl.d`
@@ -341,3 +443,12 @@ it.
 - Boot with flags `enforcing=0 autorelabel` to temporarily have permissive mode
   and automatic fixing.
 - What actually worked was booting with `enforcing=0` and `sudo restorecon -R /`
+
+### Removing all flatpaks
+
+```bash
+sudo flatpak uninstall --all --assumeyes
+```
+
+Now that overwhelmingly sinking into them has been resolved, you can reinstall a
+lot of them and feel overwhelmed again!

package.json

@@ -9,6 +9,6 @@
 		"prettier-plugin-sh": "0.17.2",
 		"prettier-plugin-toml": "2.0.4"
 	},
-	"packageManager": "pnpm@10.8.1+sha512.c50088ba998c67b8ca8c99df8a5e02fd2ae2e2b29aaf238feaa9e124248d3f48f9fb6db2424949ff901cffbb5e0f0cc1ad6aedb602cd29450751d11c35023677",
+	"packageManager": "pnpm@10.10.0+sha512.d615db246fe70f25dcfea6d8d73dee782ce23e2245e3c4f6f888249fb568149318637dca73c2c5c8ef2a4ca0d5657fb9567188bfab47f566d1ee6ce987815c39",
 	"prettier": "@aminda/global-prettier-config"
 }

pnpm-lock.yaml

@@ -55,10 +55,10 @@ packages:
     peerDependencies:
       prettier: ^3.0.0
 
-  "@reteps/dockerfmt@0.3.5":
+  "@reteps/dockerfmt@0.3.6":
     resolution:
       {
-        integrity: sha512-ib1LU/3lXHAH63hxaGu9O+G3nbe5JlCg5WoMS7zzfuuBUPenCeuO7cOhYhI7IwD2QaD1NBy8AJ+FrKyhaHtWLA==,
+        integrity: sha512-Tb5wIMvBf/nLejTQ61krK644/CEMB/cpiaIFXqGApfGqO3GwcR3qnI0DbmkFVCl2OyEp8LnLX3EkucoL0+tbFg==,
       }
     engines: { node: ^v12.20.0 || ^14.13.0 || >=16.0.0 }
 
@@ -132,10 +132,10 @@ packages:
         integrity: sha512-tlbJqcMHnPKI9zSrystikWKwHkBqu2a/Sgw01h3zFjvYrMxEDYHzzoMZnUrbIfpTFEsoRnnviOXNCzFiSc54Qw==,
       }
 
-  sh-syntax@0.5.6:
+  sh-syntax@0.5.7:
     resolution:
       {
-        integrity: sha512-hUprXSSgi3HLdIxufSsr0lceThj6vKsgOHcVVGujDGLWg9RD5Mt6j2m642qkTAU/7GFX65ed/g9h2jeURGuTlQ==,
+        integrity: sha512-74m9dt91konrF5+m0kASugzi37VxKsnTJQ6yvdDZu3IijG5/vIZpImP6FadsJLWNt2X2YD0VaTwW5W7Ox7mFVg==,
       }
     engines: { node: ">=16.0.0" }
 
@@ -165,7 +165,7 @@ snapshots:
       "@xml-tools/parser": 1.0.11
       prettier: 3.5.3
 
-  "@reteps/dockerfmt@0.3.5": {}
+  "@reteps/dockerfmt@0.3.6": {}
 
   "@taplo/core@0.2.0": {}
 
@@ -187,9 +187,9 @@ snapshots:
 
   prettier-plugin-sh@0.17.2(prettier@3.5.3):
     dependencies:
-      "@reteps/dockerfmt": 0.3.5
+      "@reteps/dockerfmt": 0.3.6
       prettier: 3.5.3
-      sh-syntax: 0.5.6
+      sh-syntax: 0.5.7
 
   prettier-plugin-toml@2.0.4(prettier@3.5.3):
     dependencies:
@@ -200,7 +200,7 @@ snapshots:
 
   regexp-to-ast@0.5.0: {}
 
-  sh-syntax@0.5.6:
+  sh-syntax@0.5.7:
     dependencies:
       tslib: 2.8.1