• Solus ¹⁾
• Budgie ²⁾

• https://solus-project.com/download

• \EFI\goofiboot\goofibootx64.efi ³⁾

• https://packages.solus-project.com/shannon
• Used by-default ⁴⁾

• https://packages.solus-project.com/unstable
• This removes the stable repository and adds the unstable one

sudo eopkg rr 'Solus' && sudo eopkg ar 'Solus Unstable' 'https://packages.solus-project.com/unstable/eopkg-index.xml.xz'

sudo eopkg upgrade -y && sync

• Sets as system-wide default editor
• Sets nowrap and nonewlines for current user

export 'EDITOR=nano' && echo 'Defaults editor = /usr/bin/nano' | sudo tee --append '/etc/sudoers.d/nano' > '/dev/null' && echo 'set nowrap' | tee --append ~/'.nanorc' > '/dev/null' && echo 'set nonewlines' | tee --append ~/'.nanorc' > '/dev/null'

sudo eopkg install aria2 brasero filezilla gimp hplip htop keepassx p7zip perl-image-exiftool xfsprogs hdparm ffmpegthumbnailer evolution gnome-contacts mtpfs

libva-intel-driver xorg-driver-video-intel

libvdpau xorg-driver-video-radeon

wine-32bit winetricks libgnutls-32bit libjpeg-turbo-32bit libpng-32bit libtxc_dxtn-32bit cabextract

steam

• https://github.com/kozec/sc-controller

sc-controller

gnome-terminal

keepassxc

• 4 Tab width
• Insert Spaces for Tab mode

• See VPN.AC

84.200.69.80

84.200.70.40

2001:1608:10:25::1c04:b12f

2001:1608:10:25::9249:d69b

• Sort folders before files
• 2GB File Previews

• See Internet Radio

• Add settings separated by a space

sudo -e '/etc/kernel/cmdline'

• See I/O Schedulers in order to select an I/O scheduler

scsi_mod.use_blk_mq=y

acpi_osi=Linux

i915.enable_guc_loading=2 i915.enable_guc_submission=2

• Set to half of total cores if Intel HT is enabled

maxcpus=4

• btusb,hci_uart control Bluetooth
• uvcvideo controls Webcams
• iTCO_wdt controls Intel's Hardware Watchdog
• nowatchdog disables both soft and hard generic watchdogs

modprobe.blacklist=btusb,hci_uart,uvcvideo,iTCO_wdt nowatchdog

• This can speed up boot a tiny bit but apparently will prevent Snaps from working

apparmor=0 security=""

drm.debug=0xe

usbhid.quirks=0x1B1C:0x1B3C:0x20000000

sudo clr-boot-manager update

• https://dev.solus-project.com/T1199

• Only required when Full Disk Encryption is being used ⁵⁾
• Change UUID to reported value from blkid

sudo blkid | grep 'swap'

sudo -e '/etc/fstab'

UUID=x none swap defaults,discard 0 0

• Replace sda if necessary
• If using blk-mq, non-mq schedulers aren't present ⁶⁾

cat '/sys/block/sda/queue/scheduler'

• Good for average workloads and responsiveness
• May require blk_mq

echo 'ACTION=="add|change", KERNEL=="sd[a-z]", ATTR{queue/scheduler}="bfq"' | sudo tee '/etc/udev/rules.d/60-scheduler.rules' > '/dev/null' && sudo udevadm control --reload && sudo udevadm trigger

• Simple scheduler, good for fast drives and high throughput like Servers
• May require blk_mq

echo 'ACTION=="add|change", KERNEL=="sd[a-z]", ATTR{queue/scheduler}="kyber"' | sudo tee '/etc/udev/rules.d/60-scheduler.rules' > '/dev/null' && sudo udevadm control --reload && sudo udevadm trigger

• Requires blk_mq

echo 'ACTION=="add|change", KERNEL=="sd[a-z]", ATTR{queue/scheduler}="mq-deadline"' | sudo tee '/etc/udev/rules.d/60-scheduler.rules' > '/dev/null' && sudo udevadm control --reload && sudo udevadm trigger

• Probably shouldn't use this

echo 'ACTION=="add|change", KERNEL=="sd[a-z]", ATTR{queue/scheduler}="none"' | sudo tee '/etc/udev/rules.d/60-scheduler.rules' > '/dev/null' && sudo udevadm control --reload && sudo udevadm trigger

gsettings set 'org.gnome.desktop.peripherals.touchpad' 'send-events' 'disabled-on-external-mouse'

gsettings set 'org.gnome.desktop.peripherals.touchpad' 'natural-scroll' 'false'

gsettings set 'org.gnome.desktop.peripherals.mouse' 'accel-profile' 'flat'

gsettings set 'org.gnome.desktop.peripherals.touchpad' 'tap-to-click' 'false'

gsettings set 'org.gnome.desktop.peripherals.touchpad' 'tap-and-drag' 'false'

gsettings set 'org.gnome.desktop.peripherals.touchpad' 'disable-while-typing' 'false'

sudo -e '/etc/sysctl.d/99-custom.conf'

kernel.dmesg_restrict = 1
kernel.kptr_restrict = 1
kernel.sysrq = 1

• With GNOME mpv, this config file needs to be manually selected from Preferences
• hwdec can be either vdpau or vaapi depending on the GPU/driver used ⁷⁾

mkdir -p ~/'.config/mpv' && nano ~/'.config/mpv/mpv.conf'

hwdec='vaapi'
profile='opengl-hq'
ao='pulse'

~/.config/mpv/mpv.conf

sudo mkdir -p '/etc/NetworkManager/conf.d' && sudo -e '/etc/NetworkManager/conf.d/99-custom.conf'

[device-mac-randomization]
wifi.scan-rand-mac-address=yes

[connection-mac-randomization]
ethernet.cloned-mac-address=random
wifi.cloned-mac-address=random

[connection]
wifi.powersave=2

nano ~/'.config/pulse/daemon.conf'

resample-method = soxr-vhq
flat-volumes = no

• See Secure Shell

sudo mkdir -p '/etc/systemd/journald.conf.d' && sudo -e '/etc/systemd/journald.conf.d/logging.conf'

[Journal]
SystemMaxUse=50M
RuntimeMaxUse=50M

• The weekly timer should already be enabled

sudo systemctl start 'fstrim' && sync && sudo systemctl status 'fstrim' 'fstrim.timer' -l

sudo mkdir -p '/etc/profile.d' && sudo -e '/etc/profile.d/wine-staging.sh'

# Tweaks
export STAGING_SHARED_MEMORY=1
export STAGING_WRITECOPY=1

• https://blog.packagecloud.io/eng/2017/02/21/set-environment-variable-save-thousands-of-system-calls

sudo mkdir -p '/etc/profile.d' && echo 'export TZ=:/etc/localtime' | sudo tee '/etc/profile.d/tz.sh' > '/dev/null'

• https://bugzilla.kernel.org/show_bug.cgi?id=195049

sudo eopkg install 'alsa-tools' -y && sudo -e '/etc/systemd/system/acer-speakers.service' && sudo systemctl daemon-reload && sudo systemctl enable 'acer-speakers' && sudo systemctl start 'acer-speakers' && sudo systemctl status 'acer-speakers' -l

[Unit]
Description=Acer Predator G9-791 Internal Speaker Fix
After=sound.target
Wants=sound.target

[Service]
Type=oneshot
ExecStart=/usr/bin/hda-verb '/dev/snd/hwC0D0' '0x1b' '0x300' '0x9000'
ExecStart=/usr/bin/hda-verb '/dev/snd/hwC0D0' '0x1b' '0x300' '0xa000'
ExecStart=/usr/bin/hda-verb '/dev/snd/hwC0D0' '0x1b' '0x707' '0x60'

[Install]
WantedBy=sound.target

sudo -e '/usr/lib/systemd/system-sleep/acer-speakers.sleep' && sudo chmod +x '/usr/lib/systemd/system-sleep/acer-speakers.sleep'

#!/bin/sh
'/usr/bin/hda-verb' '/dev/snd/hwC0D0' '0x1b' '0x300' '0x9000'
'/usr/bin/hda-verb' '/dev/snd/hwC0D0' '0x1b' '0x300' '0xa000'
'/usr/bin/hda-verb' '/dev/snd/hwC0D0' '0x1b' '0x707' '0x60'

sudo -e '/etc/X11/xorg.conf.d/99-graphics.conf'

Section "Device"
    Identifier      "Optimus"
    Driver          "modesetting"
EndSection

sudo -e '/etc/X11/xorg.conf.d/99-graphics.conf'

Section "Device"
    Identifier      "Skylake GT2"
    Driver          "intel"
    BusID           "PCI:0:2:0"
    Option          "DRI"       "3"
EndSection

Section "Device"
    Identifier      "NV124"
    Driver          "nouveau"
    BusID           "PCI:1:0:0"
    Option          "DRI"       "3"
EndSection

• TODO: Figure this out again

• Not necessary to be ran, only here for reference
• Requires msr-tools ⁸⁾

• 0x770 needs to report 1

sudo rdmsr --all --decimal '0x770'

sudo wrmsr --all '0x770' '1'

• 0x1FC needs to be set to whatever it reports

sudo rdmsr --all --decimal '0x1FC'

sudo wrmsr --all '0x1FC' 'x'

sudo -e '/etc/systemd/system/hosts-up.service'

[Service]
Type=oneshot
WorkingDirectory=/tmp
ExecStartPre=/bin/rm -Rf '/tmp/master.zip' '/tmp/hosts-master'
ExecStartPre=/usr/bin/wget 'https://github.com/StevenBlack/hosts/archive/master.zip' -O '/tmp/master.zip'
ExecStartPre=/usr/bin/unzip '/tmp/master.zip' -d '/tmp'
ExecStart=/usr/bin/python3 '/tmp/hosts-master/updateHostsFile.py' --auto --replace --flush-dns-cache --extensions 'gambling' 'fakenews'
ExecStartPost=/bin/rm -Rf '/tmp/master.zip' '/tmp/hosts-master'
ExecStartPost=/bin/sync

sudo -e '/etc/systemd/system/hosts-up.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'hosts-up.timer' && sudo systemctl start 'hosts-up.timer' 'hosts-up' && sudo systemctl status 'hosts-up' -l

[Unit]
Description=Steven Black's Unified Hosts File Sources Updater
After=network-online.target
Wants=network-online.target

[Timer]
OnCalendar=weekly
Persistent=true

[Install]
WantedBy=timers.target

• Use Disconnect.me strict protection Block List

cd ~/'.mozilla/firefox/'*'.default' && nano 'user.js' && cd ~

user_pref("layout.frame_rate.precise", true);
user_pref("mousewheel.min_line_scroll_amount", 40);
user_pref("browser.sessionstore.interval", 300000);
user_pref("extensions.jid1-BoFifL9Vbdl2zQ@jetpack.showReleaseNotes", false);
user_pref("dom.storage.enabled", true);
user_pref("dom.event.clipboardevents.enabled", true);
user_pref("extensions.pocket.enabled", false);
user_pref("loop.enabled", false);
user_pref("reader.parse-on-load.enabled", false);
user_pref("media.peerconnection.enabled", false);
user_pref("security.ssl.require_safe_negotiation", false);
user_pref("network.captive-portal-service.enabled", false);
user_pref("network.cookie.cookieBehavior", 1);
user_pref("browser.sessionstore.privacy_level", 2);
user_pref("browser.cache.disk.enable", false);
user_pref("privacy.popups.disable_from_plugins", 3);
user_pref("dom.battery.enabled", false);
user_pref("media.peerconnection.ice.default_address_only", true);
user_pref("security.ssl3.dhe_rsa_aes_128_sha", false);
user_pref("security.ssl3.dhe_rsa_aes_256_sha", false);
user_pref("toolkit.telemetry.enabled", false);
user_pref("privacy.donottrackheader.enabled", true);
user_pref("geo.enabled", false);
user_pref("browser.safebrowsing.malware.enabled", false);
user_pref("browser.safebrowsing.phishing.enabled", false);
user_pref("browser.safebrowsing.downloads.enabled", false);
user_pref("webgl.disabled", true);
user_pref("media.mediasource.ignore_codecs", true);
user_pref("network.cookie.lifetimePolicy", 2);
user_pref("browser.display.use_document_fonts", 0);
user_pref("network.http.referer.userControlPolicy", 0);
user_pref("dom.webaudio.enabled", false);
user_pref("dom.webnotifications.enabled", false);

user_pref("browser.tabs.remote.autostart.2", false);

• 8 Extensions

gio open 'https://addons.mozilla.org/en-US/firefox/addon/privacy-settings/versions' && gio open 'https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/versions' && gio open 'https://www.eff.org/https-everywhere' && gio open 'https://addons.mozilla.org/en-US/firefox/addon/umatrix/versions' && gio open 'https://addons.mozilla.org/en-US/firefox/addon/cookie-autodelete/versions' && gio open 'https://addons.mozilla.org/en-US/firefox/addon/https-by-default/versions' && gio open 'https://addons.mozilla.org/en-US/firefox/addon/no-resource-uri-leak/versions' && gio open 'https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/versions'

• Enable Active Mode
• Don't Log Total Number Of Cookies Deleted
• Don't Show Notification After Cookie CleanUp
• Clean Cookies from Open Tabs on StartUp

• Use the Observatory

• Block Web-exposed subset of chrome URIs

• Full Privacy

• EasyList
• EasyPrivacy
• Malware Domain List
• Malware domains
• Peter Lowe’s Ad and tracking server list​​​​​​​​

https://secure.fanboy.co.nz/fanboy-problematic-sites.txt
https://secure.fanboy.co.nz/enhancedstats.txt
https://secure.fanboy.co.nz/fanboy-antifacebook.txt
https://secure.fanboy.co.nz/fanboy-antifonts.txt
https://raw.githubusercontent.com/ryanbr/fanboy-adblock/master/fake-news.txt
https://easylist-downloads.adblockplus.org/antiadblockfilters.txt
https://xuhaiyang1234.gitlab.io/AAK-Cont/dist/aak-cont-list-ubo.txt
https://raw.githubusercontent.com/jspenguin2017/uBlockProtector/master/uBlockProtectorList.txt

• Auto-update hosts files

/usr/share/applications

~/.local/share/applications

/usr/share/icons/hicolor

~/.local/share/icons/hicolor

sudo fstrim -v --all

gio open '/var/log/Xorg.0.log'

LIBGL_DEBUG='verbose' glxinfo | grep 'libgl'

inxi -xG

grep 'MHz' '/proc/cpuinfo'

watch -n 0.1 grep \'cpu MHz\' '/proc/cpuinfo'

df -hT

sudo cryptsetup -v status '/dev/dm-0'

• The suspend is needed to release frozen drive state ⁹⁾

sudo eopkg install 'hdparm' -y && sync

systemctl suspend

lsblk

sudo hdparm -I '/dev/sda' | grep 'not'

sudo hdparm --user-master u --security-set-pass 'x' '/dev/sda'

sudo hdparm --user-master u --security-erase 'x' '/dev/sda'

sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sda'

• Performs security-erase followed by security-erase-enhanced

sudo hdparm --user-master u --security-set-pass 'x' '/dev/sda' && sudo hdparm --user-master u --security-erase 'x' '/dev/sda' && sudo hdparm --user-master u --security-set-pass 'x' '/dev/sda' && sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sda' && sync

sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdb' && sudo hdparm --user-master u --security-erase 'x' '/dev/sdb' && sudo hdparm --user-master u --security-set-pass 'x' '/dev/sdb' && sudo hdparm --user-master u --security-erase-enhanced 'x' '/dev/sdb' && sync

• This is only verified on Spinesnap, other computers beware as this can cause a brick apparently
• This is an easier way of clearing boot entries outside of efibootmgr and manually deleting each entry

sudo rm -f '/sys/firmware/efi/efivars/'* || sync

• This wasn't necessary on Solus 3, but should efivars need to be rw, the following command does that

sudo mount -o 'remount' '/sys/firmware/efi/efivars' -o 'rw,nosuid,nodev,noexec,noatime'

• Only applicable when using FakeRAID/Intel RST

sudo mdadm --detail-platform

• https://nouveau.freedesktop.org/wiki/Optimus
• DIS: Discrete GPU
• IGD: Integrated Graphics
• DIS-Audio: The audio device exported by your discrete GPU for HDMI sound playback
• +: This device is connected to graphics connectors
• OFF: The device is powered off
• ON: The device is powered on
• DynOff: The device is currently powered off but will be powered on when needed
• DynPwr: The device is currently powered on but will be powered off when not needed

sudo cat '/sys/kernel/debug/vgaswitcheroo/switch'

sudo cat '/sys/kernel/debug/dri/0/i915_guc_info'

sudo cat '/sys/kernel/debug/dri/0/i915_guc_load_status'

gcc -v -E -x c -march=native -mtune=native - < /dev/null 2>&1 | grep cc1 | perl -pe 's/ -mno-\S+//g; s/^.* - //g;'

exiftool -all= *.* -overwrite_original