Table of Contents

Information

Prerequisites

Notes

Software

Update

sudo pacman -Syyuu

Xorg

sudo pacman -S --needed xorg-server xorg-xrandr xf86-input-evdev xf86-input-libinput

Graphics

Mesa

mesa-libgl lib32-mesa-libgl

NVIDIA

nvidia nvidia-settings nvidia-utils opencl-nvidia  nvidia-libgl lib32-nvidia-libgl

Intel

xf86-video-intel mesa-libgl

Plasma

plasma-meta kde-applications-meta plasma-wayland-session phonon-qt4-gstreamer phonon-qt5-gstreamer gst-libav libx264 fcron xdg-user-dirs kdeconnect ttf-dejavu ttf-liberation sshfs telepathy-gabble

General

acpid alsa-tools amarok android-tools aria2 firefox filezilla gimp hidepid htop hunspell hunspell-en keepassx2 libreoffice-fresh lsof mesa-demos mpv networkmanager-openvpn openvpn perl-image-exiftool qbittorrent p7zip ufw unrar wget

Games

supertuxkart minetest neverball

Printing

cups hplip foomatic-db-engine system-config-printer

Wine

wine-staging winetricks wine_gecko wine-mono lib32-gst-plugins-base-libs lib32-libpulse lib32-openal lib32-gnutls lib32-giflib lib32-libpng lib32-lcms2 lib32-mpg123 lib32-libxml2 samba

Non-multilib

wine-staging winetricks wine_gecko wine-mono gst-plugins-base-libs libpulse openal gnutls giflib libpng lcms2 mpg123 libxml2 samba

AntiMicro

wget 'https://aur.archlinux.org/cgit/aur.git/snapshot/antimicro.tar.gz' -O ~/'Downloads/antimicro.tar.gz' && tar -xzvf ~/'Downloads/antimicro.tar.gz' -C ~/'Downloads' && cd ~/'Downloads/antimicro' && makepkg -sri --noconfirm && cd ~ && rm -Rf ~/'Downloads/antimicro.tar.gz' ~/'Downloads/antimicro' && sync

Video Decoding

Intel

libva-intel-driver

Mesa

mesa-vdpau

NVIDIA

nvidia-utils

OBS Studio

obs-studio

Kodi

kodi

Services

acpid

sudo systemctl enable 'acpid'

TRIM

sudo systemctl enable 'fstrim.timer' --now && sudo systemctl start 'fstrim' && sudo systemctl status 'fstrim' -l

SDDM

sudo systemctl enable 'sddm'

CUPS

sudo systemctl enable 'org.cups.cupsd.socket'

Settings

Plasma

Wallet

SDDM

Appearance

sudo -e '/etc/sddm.conf'
[Theme]
Current=breeze
CursorTheme=breeze_cursors

Auto-login

sudo -e '/etc/sddm.conf'
[Autologin]
User=espionage724
Session=plasma.desktop

Dolphin

Font

Keyboard Shortcuts

konsole
keepassx2

Network Profile

IPv4 DNS

Pi-hole

192.168.1.158

DNS.WATCH

84.200.69.80
84.200.70.40

Amarok

Uncomplicated Firewall

Initial

sudo ufw reset && sudo ufw default deny && sudo ufw logging off && sudo ufw enable && sudo systemctl enable 'ufw'

Secure Shell

sudo ufw limit '22'/'tcp'

Custom Rules

sudo -e '/etc/ufw/applications.d/custom'

Steam In-Home Streaming

[steam-ihs]
title=steam-ihs
description=Steam In-Home Streaming
ports=27031,27036/udp|27036,27037/tcp
sudo ufw allow 'steam-ihs'

KDE Connect

[kde-connect]
title=kde-connect
description=KDE Connect
ports=1714:1764/tcp|1714:1764/udp
sudo ufw allow 'kde-connect'

qBittorrent Web UI

[qbittorrent-web]
title=qbittorrent-web
description=qBittorrent Web UI
ports=8080/tcp
sudo ufw allow 'qbittorrent-web'

Kodi Remote

[kodi-remote]
title=kodi-remote
description=Kodi Remote Control
ports=8080/tcp|9777/udp
sudo ufw allow 'kodi-remote'

Boot Loader

GRUB

sudo -e '/etc/default/grub' && sudo grub-mkconfig -o '/boot/grub/grub.cfg'

systemd-boot

sudo -e '/boot/loader/entries/linux-kernel.conf'

I/O Scheduler

Deadline

elevator=deadline

blk_mq

scsi_mod.use_blk_mq=1

Disable NMI watchdog

nmi_watchdog=0

Disable Webcam and Bluetooth

modprobe.blacklist=uvcvideo,btusb,bluetooth

Disable Laptop Display

video=LVDS-1:d

makepkg

nano ~/'.makepkg.conf'
CFLAGS="-march=native -O3 -pipe"
CXXFLAGS="${CFLAGS}"
CPPFLAGS="${CFLAGS}"
MAKEFLAGS="-j$(nproc)"
PKGEXT='.pkg.tar'

Input

Flat Cursor Movement

sudo mkdir -p '/etc/X11/xorg.conf.d' && sudo -e '/etc/X11/xorg.conf.d/99-accel-disable.conf'
Section "InputClass"
    Identifier           "libinput pointer catchall"
    Driver               "libinput"
    MatchIsPointer       "yes"
    Option               "AccelProfile"                     "flat"
EndSection

Section "InputClass"
    Identifier           "libinput touchpad catchall"
    Driver               "libinput"
    MatchIsTouchpad      "yes"
    Option               "AccelProfile"                     "flat"
EndSection

Section "InputClass"
    Identifier           "libinput touchscreen catchall"
    Driver               "libinput"
    MatchIsTouchscreen   "yes"
    Option               "AccelProfile"                     "flat"
EndSection

Touchpad

sudo mkdir -p '/etc/X11/xorg.conf.d' && sudo -e '/etc/X11/xorg.conf.d/99-touchpad.conf'
Section "InputClass"
    Identifier      "libinput touchpad catchall"
    Driver          "libinput"
    MatchIsTouchpad "yes"
    Option          "DisableWhileTyping"    "0"
    Option          "MiddleEmulation"       "0"
    Option          "NaturalScrolling"      "0"
    Option          "ScrollMethod"          "twofinger"
    Option          "SendEventsMode"        "disabled-on-external-mouse"
    Option          "Tapping"               "0"
EndSection

Kernel Hardening

sudo -e '/etc/sysctl.d/harden.conf'
kernel.dmesg_restrict = 1
kernel.kptr_restrict = 1

mpv

mkdir -p ~/'.config/mpv' && nano ~/'.config/mpv/mpv.conf'
hwdec='vdpau'
vo='opengl-hq'
ao='pulse'

Pacman Hooks

systemd Initramfs Regenerate

sudo mkdir -p '/etc/pacman.d/hooks' && sudo -e '/etc/pacman.d/hooks/system-initramfs-regen.hook'
[Trigger]
Operation = Upgrade
Type = Package
Target = systemd

[Action]
Description = Generating initramfs...
Depends = linux
When = PostTransaction
Exec = /usr/bin/mkinitcpio -P

PulseAudio

mkdir -p ~/'.config/pulse' && nano ~/'.config/pulse/daemon.conf'
resample-method = soxr-mq
flat-volumes = no
deferred-volume-safety-margin-usec = 1

Secure Shell

Wine Staging

sudo -e '/etc/profile.d/wine-staging.sh'
export STAGING_SHARED_MEMORY=1
export STAGING_WRITECOPY=1

Computer-specific

Spinesnap

Open-Source Graphics

sudo mkdir -p '/etc/X11/xorg.conf.d' && sudo -e '/etc/X11/xorg.conf.d/graphics.conf'
Section "Device"
    Identifier      "Optimus"
    Driver          "modesetting"
EndSection

Proprietary Graphics

Xorg

sudo mkdir -p '/etc/X11/xorg.conf.d' && sudo -e '/etc/X11/xorg.conf.d/nvidia-optimus.conf'
Section "Module"
    Load        "modesetting"
EndSection

Section "Device"
    Identifier  "nvidia"
    Driver      "nvidia"
    BusID       "PCI:1:0:0"
    Option      "AllowEmptyInitialConfiguration"
    Option      "Coolbits"                          "8"
EndSection

SDDM

sudo -e '/usr/share/sddm/scripts/Xsetup'
xrandr --setprovideroutputsource 'modesetting' 'NVIDIA-0'
xrandr --auto

Hailrake

Graphics

sudo mkdir -p '/etc/X11/xorg.conf.d' && sudo -e '/etc/X11/xorg.conf.d/graphics.conf'
Section "Device"
    Identifier      "Kabini"
    Driver          "modesetting"
EndSection

Audio

sudo -e '/etc/systemd/system/idt-audio.service' && sudo systemctl daemon-reload && sudo systemctl enable 'idt-audio' --now && sudo systemctl status 'idt-audio' -l
[Unit]
Description=IDT 92HD95 Audio Bass and Volume Fix

[Service]
Type=oneshot
ExecStart='/usr/bin/hda-verb' '/dev/snd/hwC1D0' '0x1a' '0x782' '0x61'
ExecStart='/usr/bin/hda-verb' '/dev/snd/hwC1D0' '0x1a' '0x773' '0x2d'

[Install]
WantedBy=multi-user.target

Oak

Open-Source Graphics

sudo mkdir -p '/etc/X11/xorg.conf.d' && sudo -e '/etc/X11/xorg.conf.d/graphics.conf'
Section "Device"
    Identifier      "R600"
    Driver          "modesetting"
EndSection

Filesystem Maintenance

Service

sudo -e '/etc/systemd/system/fs-m.service'
[Service]
Type=oneshot
ExecStart='/usr/bin/xfs_fsr' '/dev/sdb1'
ExecStart='/usr/bin/xfs_fsr' '/dev/sdc1'
ExecStart='/usr/bin/sync'

Timer

sudo -e '/etc/systemd/system/fs-m.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'fs-m.timer' --now && sudo systemctl start 'fs-m' && sudo systemctl status 'fs-m' -l
[Unit]
Description=Filesystem Maintenance

[Timer]
OnCalendar=weekly
Persistent=true

[Install]
WantedBy=timers.target

Chatters

Open-Source Graphics

sudo mkdir -p '/etc/X11/xorg.conf.d' && sudo -e '/etc/X11/xorg.conf.d/graphics.conf'
Section "Device"
    Identifier      "915GM"
    Driver          "intel"
EndSection

Cache Cleanup

Service

sudo -e '/etc/systemd/system/cache-cleanup.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/cache-cleanup.service'
[Service]
User=CHANGEME
Group=CHANGEME
Type=oneshot
ExecStart='/usr/bin/rm' -Rf '/home/CHANGEME/.bash_history'
ExecStart='/usr/bin/rm' -Rf '/home/CHANGEME/.cache/thumbnails'
ExecStart='/usr/bin/rm' -Rf '/home/CHANGEME/.cache/winetricks'
ExecStart='/usr/bin/rm' -Rf '/home/CHANGEME/.thumbnails'
ExecStart='/usr/bin/rm' -Rf '/home/CHANGEME/.nv'
ExecStart='/usr/bin/rm' -Rf '/home/CHANGEME/.local/share/recently-used.xbel'
ExecStart='/usr/bin/rm' -Rf '/home/CHANGEME/.local/share/Trash/expunged'
ExecStart='/usr/bin/rm' -Rf '/home/CHANGEME/.local/share/Trash/files'
ExecStart='/usr/bin/rm' -Rf '/home/CHANGEME/.local/share/Trash/info'
ExecStart='/usr/bin/rm' -Rf '/home/CHANGEME/.config/Trolltech.conf'
ExecStart='/usr/bin/kbuildsycoca4' --noincremental
ExecStart='/usr/bin/kbuildsycoca5' --noincremental
ExecStart='/usr/bin/sync'

Timer

sudo -e '/etc/systemd/system/cache-cleanup.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'cache-cleanup.timer' --now && sudo systemctl start 'cache-cleanup' && sudo systemctl status 'cache-cleanup' -l
[Unit]
Description=Temporary File and Cache Cleanup

[Timer]
OnCalendar=weekly
Persistent=true

[Install]
WantedBy=timers.target

Automatic Updates

Service

sudo -e '/etc/systemd/system/arch-up.service'
[Service]
Type=oneshot
ExecStart='/usr/bin/pacman' -Syyuu --noconfirm -q
ExecStart='/usr/bin/sync'

Timer

sudo -e '/etc/systemd/system/arch-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'arch-up.timer' --now && sudo systemctl start 'arch-up' && sudo systemctl status 'arch-up' -l
[Unit]
Description=Software Package Maintenance and Updater
Wants=network-online.target

[Timer]
OnCalendar=*-*-* 05:10:00
Persistent=true

[Install]
WantedBy=timers.target

Pacman Mirrorlist

Service

sudo -e '/etc/systemd/system/mirrors-up.service'
[Service]
Type=oneshot
ExecStart='/usr/bin/wget' 'https://www.archlinux.org/mirrorlist/?country=US&protocol=https&ip_version=4' -O '/tmp/mirrorlist'
ExecStart='/usr/bin/sed' -i 's/#Server/Server/g' '/tmp/mirrorlist'
ExecStart='/usr/bin/mv' '/tmp/mirrorlist' '/etc/pacman.d/mirrorlist'
ExecStart='/usr/bin/sync'

Timer

sudo -e '/etc/systemd/system/mirrors-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'mirrors-up.timer' --now && sudo systemctl start 'mirrors-up' && sudo systemctl status 'mirrors-up' -l
[Unit]
Description=Pacman Mirrorlist Generator
Wants=network-online.target

[Timer]
OnCalendar=weekly
Persistent=true

[Install]
WantedBy=timers.target

Steven Black's Unified Hosts File

Service

sudo -e '/etc/systemd/system/hosts-up.service'
[Service]
Type=oneshot
ExecStart='/usr/bin/wget' 'https://github.com/StevenBlack/hosts/archive/master.zip' -O '/tmp/master.zip'
ExecStart='/usr/bin/unzip' '/tmp/master.zip' -d '/tmp'
ExecStart='/usr/bin/python3' '/tmp/hosts-master/updateHostsFile.py' --auto --replace
ExecStart='/usr/bin/rm' -Rf '/tmp/master.zip' '/tmp/hosts-master'
ExecStart='/usr/bin/sync'

Timer

sudo -e '/etc/systemd/system/hosts-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'hosts-up.timer' --now && sudo systemctl start 'hosts-up' && sudo systemctl status 'hosts-up' -l
[Unit]
Description=Hosts File Protection Updater
Wants=network-online.target

[Timer]
OnCalendar=weekly
Persistent=true

[Install]
WantedBy=timers.target

Mozilla Firefox

about:config

cd ~/'.mozilla/firefox/'*'.default' && nano 'user.js' && cd ~
user_pref("layout.frame_rate.precise", true);
user_pref("mousewheel.min_line_scroll_amount", 40);
user_pref("extensions.jid1-BoFifL9Vbdl2zQ@jetpack.showReleaseNotes", false);
user_pref("dom.storage.enabled", true);
user_pref("dom.event.clipboardevents.enabled", true);
user_pref("extensions.pocket.enabled", false);
user_pref("loop.enabled", false);
user_pref("reader.parse-on-load.enabled", false);
user_pref("media.peerconnection.enabled", false);

Extensions

xdg-open 'https://addons.mozilla.org/en-US/firefox/addon/privacy-settings/versions' && xdg-open 'https://www.eff.org/privacybadger' && xdg-open 'https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/versions' && xdg-open 'https://addons.mozilla.org/en-US/firefox/addon/gnotifier/versions' && xdg-open 'https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/versions' && xdg-open 'https://www.eff.org/https-everywhere' && xdg-open 'https://addons.mozilla.org/en-US/firefox/addon/umatrix/versions'

Hailrake

uBlock Origin

uMatrix

Privacy Settings

Notable Folders and Commands

Shortcuts

/usr/share/applications
~/.local/share/applications

Icons

/usr/share/icons/hicolor
~/.local/share/icons/hicolor

fstrim

sudo fstrim -v --all

Xorg Debug

xdg-open '/var/log/Xorg.0.log'

Verify DRI3

LIBGL_DEBUG='verbose' glxinfo | grep 'libgl'

Show CPU Frequency

grep 'MHz' '/proc/cpuinfo'
watch -n 0.1 grep \'cpu MHz\' '/proc/cpuinfo'

Partition Information

df -hT

hdparm Secure Erase

sudo hdparm -I '/dev/sda' | grep 'not'
sudo hdparm --user-master u --security-set-pass 'x' '/dev/sda'
sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sda'

Optimal GCC compiler flags

gcc -v -E -x c -march=native -mtune=native - < /dev/null 2>&1 | grep cc1 | perl -pe 's/ -mno-\S+//g; s/^.* - //g;'

Remove EXIF data

exiftool -all= *.* -overwrite_original
1)
https://www.archlinux.org
2)
https://www.kde.org/workspaces/plasmadesktop
3)
can apparently mess with DKMS or the ZEN-specific NVIDIA driver from AUR
4)
https://bbs.archlinux.org/viewtopic.php?id=217880
5)
modesetting doesn't work
6)
5:10 Spinesnap, 5:20 Hailrake, 6:00 Oak