I personally prefer the classics of Microsoft.
Me reading this post:
Debugging things and stuff!
I personally prefer the classics of Microsoft.
Me reading this post:
Debugging things and stuff!
LOL IT’S ONLY MS DOS.
On arch linux, which packages do you use for slack and discord? The one built with Electron? Don’t they take up lot of CPU resources?
They do. But I’ve got plenty of Ram and CPU resources.
So, that’s my A E S T H E T I C setup.
The wallpaper changes it’s color and brightness based on time. This is the evening/morning wallpaper, the night one is darker and purplish, the day one is brighter and overall more day-ish.
I gave Gnome3 a try just a while ago and so far I like it. It has a much smoother workflow than XFCE which I used before (although you can propably tweak it to be similar), looks nice and I have 16Gig anyways.
It doesn’t feel as 1338 as a tiling wm though
Well, first, thanks for the summon @pry0cc.
I will take this opportunity to explaining you guys what is the perfect setup for me. I’m not caring so much about fancy widgets or shiny desktop, I’m well more concerned about the maintainance and enhancement aspect of my workingstations.
Through this mindset, I’m able to reset to factory and deploy all my tools in a few minutes, which could be quite usefull when … you know … shit happens.
I currently run 3 main workingstations, for professional purposes (Work), personal work (Ghost) as well as for slacking (I let you guess which OS run on this one;))
Classical windows 10 enterprise with a few tools but nothing fancy The only “must have” that I could recommand is cmder. It aims to replace the ugly cmd and powershell CLI. Highly customizable, it makes me feel as I’m on Linux
intel i7 7600 2.8Ghz
16G of ram
Intel HD Graphic
Archlinux and i3 windows manager. In a few words, simple and efficient.
Intel i5-6600K 3.50Ghz
32G of ram
AMD RX 480
250G SSD & 1T HDD
MacOS. Nothing more to say about this one
8G of ram
Intel HD 6000
As you can see above, each of my workingstation is as leightweight as possible. The only common point between them is, Docker.
In fact, once my system updated and configured, I use a bunch of docker containers to reduce external dependancies, etc. I’m tired to waste my time rollbacking libraries cause version compatiblity and so on.
Consequently, all my machines are at 100% stable and I can process all security and operating system updates straight forward, without any kind of trouble!
All my tools and fancy scripts are contained in docker containers. Here is a few examples:
As you may have already understood, I use docker for everything. If I want to dev in python, I fireup a new container. Wanna play with golang? New container again. I think that you got it :).
Thanks to this strategy, I successfuly annihilated any dependancy issues and my operating system stays clean and stable on the long run.
Upstream quickly deploying my setup, my containers are attached to their own internal subnet, providing an additionnal layer of security on my host.
Ok, now you know what I’m running and how but, what about my network?
The network environment is as important as your setup should be
Due to my work and a certain degree of paranoia, I decided to segment and segregate my network. Yes it is overkill. Yes I’m completly off it but I’m fucking loving it.
I currently have 5 subnets:
I think their names are quite self explanatory and you may quickly understand why I did that
To do so, I used a fortigate 30E from Fortinet which is, according to my needs and my requirements, the best fit available on the market.
Well… I think that I’m done. I hope you enjoyed this more or less short answer .
I feel super lame here because I don’t actually pimp my setup all that much, but I am very particular about my workspace and workflow. I also don’t think of my setup in terms of one box. It’s all about a workflow and an infrastructure for me. I don’t operate a computer; I harness the power of cloud computing to bend the internet to my will Where possible, I have included the link directly on Github. If that’s not available, I have linked to the tool’s homepage which almost always has a link to the source. Some of the linked didn’t unfurl. Sue me.
Now while everything that follows runs on my main box (MacOS), it’s designed with portability in mind. This means that more often than not, I chose the simpler configuration because it also worked on Linux or other operating systems. I opted for a password manager that I could share the contents of rather easily, and use a simple tmux and vim configuration.
I do as much editing on remote machines as a do on my local box, so I consider my homedir and clusters of machines as my workspace, not the single local physical box I type from.
My main machine is usually a Mac, so Homebrew is very necessary for me. First thing I do is get Brew installed, then I initialize my home directory as a git repo so I can install my dotfiles.
This is currently not a part of my dotfiles but needs to be: Moving machines is a hassle when you have a lot of stuff in Homebrew, so I use
brew bundle dump from time to time and export that to a Brewfile, which I can then use to install my exact homebrew environment on a new machine. Portability, yo.
brew bundle dump brew bundle
For the sake of workflow and ergonomics, I have a few tools I consider essential. No, not talking about languages and stuff, that comes later. These are all miscellaneous tools that aren’t specific to development but that I use daily and can’t live without.
pass. I have to have my password manager. Got to. And
passis my manager of chouse because it’s CLI-driven and uses GPG for encryption. Backed by git, I can (and do) push it to a private git repo to distribute it among the several machines that use the same database.
This is probably the least complicated but also the one I’m the most picky about. I have to work with 2 monitors, preferably big ones (I use 2x27" on my desk right now). I take those and use MacOS’s “workspaces” thingie and create 10 permanent workspaces. Two go on the left monitor, 8 go on the right, and each workspace has an assigned purpose. I switch between them with Ctrl + (workspace number), so I effectively have a hotkey to get to the workspace that has the thing I want to do, in order, here is how they’re arranged.
My dotfiles are primarily for 3 things: aliases, environment variables (such as for Go), and Vim configuration. Aliases are pretty straightforward if you read my Dotfiles. Nothing surprising there. I keep VimPlug source code in my Dotfiles to make it easy to install and use Neovim as my editor. With this setup, I can clone in my dotfiles and install Neovim, start the editor and run
:PlugUpdate and get all my plugins installed pretty quickly.
I keep it simple. Just a handful of plugins. I don’t care. Markup/syntax highlights, some colors, and that’s about it for me.
Likewise, I keep it simple with Tmux. I’d rather it work on all my machines than have something tuned for just one box. I share dotfiles across several operating systems, remember?
I primarily write in 3 languages: Terrarom for infrastructure, Python and Golang for tooling. My team uses additional languages like Coffeescript, Typescript, Node, Scala, and Elixir, so I occasionally need to have dev stuff setup for them. Finally, I work in Docker and Kubernetes all day, so I have to be able to interact with those easily.
I use a LOT of environment variables, and many of them have secrets like API keys or STS tokens, so I don’t want those constantly exported. Often times, there are also namespace collisions with environment variable names, so having something to manage this is essential for me. To that end, I use Vaulted to manage that stuff. With Vaulted, you can set up a new “vault” which lets you set AWS credentials, environment variables, and more. This vault only exports those values when you activate it and only exports them for the current shell. It has a default expiration time of 2 hours for time-delimited credentials such as AWS STS tokens.
This comes in super handy for things like Terraform or Hashicorp Vault, which rely heavily on API keys exported in your shell.
brew install vaulted to get started.
This is pretty simple. I install python3 from Brew because Mac’s python version is old and terrible and using system python causes problems sometimes. Therefore, I also make sure to pull in
pip and use
virtualenv to create local python installs I use for each project. Now I’m kind of stuck in my ways here with
Pipenv is way better and you should be using that as a replacement instead.
Just like python, this is simple for me.
brew install terraform and then jump into a Vaulted vault to run my code. I have a few aliases in my dotfiles to shorten up commands.
I don’t actually do anything fancy with Go here. I just curl in the newest Golang binary every now and again. I’m not happy with the fact that I don’t get to keep my Go projects with the rest of my code. It has to live in my $GOPATH instead. $GOBIN and $GOPATH are set in my dotfiles.
Helm is a package manager for Kubernetes that uses templates to produce the .yaml files which k8s then reads as manifests to install/configure services. Because the Helm people are so picky (talking about you, Reinhard), you should update Helm frequently to make sure you’re generating the latest templates if you are writing new Helm charts to submit upstream.
To make it easier to interact with Kubernetes clusters, I use k8sh, which is a fantastic little wrapper that shortens up a lot of k8s commands and gives you useful information about your current context right in your $PS1
Note: If you use Vaulted and k8sh together, you should start a vaulted shell first and then start your k8sh session. It also has a tendency to break GPG sockets for me, so if you use
pass, don’t do it from within k8sh.
Finally for kubernetes, I use Minikube as a development environment when I can’t access the dev cluster at work. It spins up a little single-node k8s “cluster” on a VBox VM that you can access and deploy to locally. It’s perfect for testing helm charts.
Keen on trying out a distro that has awesome driver support and just works? Give Pop_OS! by System76 a chance. It’s not exactly lightweight, but so far it’s proven to be more stable than Windows 10 while looking a lot better. If you do though, try not to impulsively restart your PC or laptop if you accidentally lock up your system with a runaway while loop because if Pop Shop is installing updates in the background, you might find yourself trying to fix X11 using tty3 like I did
Wow dude this is a freaking insane setup.
It’s like you’ve made your desktop almost immutable. Do you have a build script for your arch install? Using docker, you could deploy your full setup really easily.
It’s freaking cool you’ve got a Fortigate at home too, does that one have deep SSL packet inspection + NGFW?
Wow dude. I am going to have to take some notes on your setup. Also, that i3wm config looks very familiar
Yep, you got the idea and yes I stealed the i3 theme from someone
I must make one, this is on my todolist.
I indeed purchased the whole bundle with:
It’s a great product!
You have fortisandbox too! Damn man.
This setup is paranoid as hell and I love it.
What are you using for outbound firewall on your machine?
It’s like a drive a ferrari after having used a bicycle. Haha, is too hard come back to window$ for job being used a tiling windows manager.
Which one is the ferrari? I3wm vs DE? I always find i3wm is so much more efficient.
Isn’t the sandbox feature crazy expensive?
But all in all, pretty good setup
@pry0cc, Well, inbound and outbound connections are handle by the fortigate so, … ^^
Cheers mate. The hardware appliance is fucking expensive not the one included in your forticloud licence
Man that is hella clean. I never knew KDE could look that good.
Also. +1 for Archlinux ALSO, is that vmware workstation? I didn’t know they made that for linux?
Jaja thanks a lot, yeah, and it works great
Dude that’s a cool ass setup… but my LXDE setup is cooler.
For Windows 10, use the Windows Subsystem for Linux which is a real distro running inside of Windows. You can download it from the MS Store for Debian, Ubuntu, Kali, and Suse. It’s way better than using Cmder.