Skip to content

Instantly share code, notes, and snippets.

View plembo's full-sized avatar

Phil Lembo plembo

23 followers · 1 following
View GitHub Profile
@plembo
plembo / tpmsecbootwinkvm.md
Last active April 25, 2024 14:37
KVM libvirt qemu tpm secure boot Windows install

TPM and Secure Boot for Windows 11 guests on KVM

The latest KVM on Ubuntu Desktop 22.04 supports both TPM2.0 and Secure Boot for Windows 11 guests. To use it you'll need to make sure the ovmf package is installed.

If using Virtual Machine Manager (VMM, or virt-manager) to install Windows 11 from a Microsoft iso, be sure to check "Customize configuration before install" before clicking on the "Finish" button. While VMM will automatically detect the operating system version and customize many things, including TPM, it will not choose the correct setting for Secure Boot.

When you get to the VM's configuration screen in VMM, you'll find that a TPM vNone device has already been added. Setting up Secure Boot properly will require manually selecting the correct firmware. To do that:

  1. Select Overview
@plembo
plembo / virgl3d-ubuntu.md
Last active April 25, 2024 16:59
3d acceleration for Linux guests in KVM on Ubuntu Desktop

VirGL for Linux KVM guests on Ubuntu Desktop

NOTE: Please don't ask for help here, it was a miracle that I got it to work at all. Seek answers in the usual places (yes, even Stackoverflow knows more than I do).

The question: How can I get 3d accelerated graphics for Linux guests in KVM without using PCI passthrough?

The short answer is: Use VirGL. The long answer is more complicated, because the VirGL project has had slow but steady progress towards actually working reliably, but the degree to which any given Linux distribution (or related driver project) is in sync has varied greatly over time. Even if it works right now, today, on your machine, it might not tomorrow. Note that even when it works, graphics performance is mediocre to downright painful.

Tested on Ubuntu Desktop 22.04.04 LTS with qemu-kvm, in an "Ubuntu on Xorg" session (not Wayland). Linux quests must have spice-vdagent installed (Ubuntu installs this by default). The hardware is a AMD 5600G d

@plembo
plembo / newmutternostutter.md
Last active April 22, 2024 23:38
Upgrade mutter to eliminate stutter in Gnome terminal on Ubuntu

Upgrade mutter to eliminate stutter

This is a very hardware and O/S specific thing, but worth noting.

My personal workstation currently has a AMD 5600G and NVIDIA GTX3050 to run Ubuntu 22.04 Desktop with Ubuntu's customized Gnome Shell. I use the NVIDIA driver packages from Ubuntu. My desktop environment is Ubuntu on Wayland.

This machine doesn't play games, but I do fair amount of data analysis tasks and experimentation.

After a recent driver update I noticed a lot of stutter and lagging in all my Gnome terminal sessions. Switch to xterm relieved the problem somewhat, but wasn't a real solution. Neither was trying to switch back to the integrated AMD graphics.

Over a couple of weeks I found and tried a few recommended solutions from the Internet (which is almost always wrong). None worked. Then I stumbled on this post:

@plembo
plembo / shrinkpdfsize.md
Last active March 27, 2024 15:18
Massively shrink PDF size

Massively shrink the size of a PDF file

Use ghostscript:

$ gs -sDEVICE=pdfwrite \
-dCompatibilityLevel=1.4 \
-dPDFSETTINGS=/ebook \
-dNOPAUSE \
-dBATCH \
@plembo
plembo / dellchromelinux.md
Last active March 12, 2024 14:21
Linux on a Dell Chromebook 11

Linux on a Dell Chromebook 11

My retail (not enterprise) Dell Chromebook 11 (an Inspiron model 3181, not the 3180 or 3189) went EOL shortly after I purchased it new from Best Buy. Since then it saw some hard use in the family kitchen as a recipe lookup device, but was finally retired when replaced by a (relatively) newer Android tablet (that also reached EOL shortly thereafter).

NOTE: Ridiculously short lifespans for hardware devices definitely suck, as do all the manufacturers who make them. There should be a law against it.

With an overseas trip looming, I decided to look into refurbishing the Chromebook for use as a privacy hardened travel laptop. Frankly, the thought of TSA and Customs manhandling my trusty portable workstation was too much to bear.

I mostly followed the detailed instructions in the Chrultrabook Docs, using the firmware supplied by MrChromebox. As it turns out, the process was fairly painless, and seemed much more straig

@plembo
plembo / debiangnome.md
Last active February 16, 2024 16:43
Notes on Debian Gnome Desktop

Notes on Debian Gnome Desktop

Some notes on setting up the Gnome desktop on Debian.

This is only for Debian, not Ubuntu.

Base system is Debian 12 Stable (Bookworm).

No joy installing nvidia drivers. Sorry.

@plembo
plembo / ffoxandroidconfig.md
Last active February 12, 2024 14:25
Configuration checklist for Firefox on Android

Firefox on Android configuration checklist

All this is in Settings:

  1. Account > Manage account
  2. Account > Choose what to sync > Uncheck all but Bookmarks
  3. Search > DuckDuckGo
  4. Tabs > Close after one day
  5. Homepage > Shortcuts > Turn off all
  6. Homepage > Wallpapers > Select one
@plembo
plembo / firefox-install-checklist.md
Last active March 5, 2024 19:09
firefox new install customization checklist desktop (linux)

Firefox on Desktop new install checklist (Linux)

Installation

The following procedure was tested with Firefox 120.0.1 (64-bit) on Ubuntu 22.04 LTS running the default Gnome desktop.

For Linux desktops (and laptops) I install Firefox to /opt/firefox by downloading and extracting the latest binary package from Mozilla to /opt/firefox (tar xjf firefox-120.0.1.tar.bz2; sudo mv firefox /opt/; chown -R root:staff /opt/firefox). Once extracted, I make a symlink from /opt/firefox/firefox to /usr/local/bin/firefox. I then create a file for the desktop shortcut:

/usr/share/applications/firefox.desktop

[Desktop Entry]
@plembo
plembo / ubuntudesktopprint.md
Last active December 11, 2023 16:14
Printing on Ubuntu desktop

Printing on Ubuntu Desktop

Some notes I've brought back from the gist graveyard to address the finer points of printing with Ubuntu desktop.

Zeroconf and Printing

Zeroconf, or Zero Configuration may be a dream for developers: but can be an absolute nightmare for sysadmins and users. Zeroconf aims to allow the system to configure itself automatically for all kinds of external devices, from music players to printers. For many of the latest releases of Ubuntu Desktop, the system is designed to detect any and all printers on the local subnet that are advertising using a number of Zeroconf protocols, and automatically set them up for immediate use.

This is bad for so many reasons, but I'll posit one scenario that should give anyone pause: you sit down in your local coffee shop, acquire and Internet connection and then accidentally hit "print" on an Evince (PDF reader) window open to your

@plembo
plembo / resticbackup.md
Last active March 2, 2024 18:55
Restic backup

Backups with restic

We just recently began to use restic as our main backup solution at home. I'm posting this mostly to document the configuration for myself. Anyone interested in using restic should thoroughly read the documentation before proceeding.

By default, backups are run with encryption and compression enabled. Although many people have all hosts in a multi-host network sharing a single repo, I chose to separate them out (to limit the impact of any future data corruption and simplify security configuration).