Kuba Kodzi

Zwiększenie ilości RAM-u dla GPU w /boot/config.txt pomogło:

gpu_mem=256

Warto dodać też:

dtoverlay=vc4-kms-v3d

yay linux-header
sudo modprobe v4l2loopback

ls -1 /sys/devices/virtual/video4linux # sprawdzamy które urządzenie jest wirtualne

ffmpeg -f v4l2 -framerate 25 -pix_fmt nv12 -i /dev/video0 -f v4l2 -vcodec rawvideo -vf scale=-1:720 /dev/video6

Bardziej zaawansowany skrypt, z elementami GUI:

Uwaga! Wymaga v4l2-loopback-git z AUR

#!/bin/zsh -x

if [ ! -d /sys/devices/virtual/video4linux ] || [ $(ls -1 /sys/devices/virtual/video4linux | wc -l) -eq 0 ]; then
  sudo modprobe v4l2loopback  #exclusive_caps=1 "card_label=UVC Camera 2"
fi

DEVICE_NO=19

int_handler()
{
  sudo v4l2loopback-ctl delete $DEVICE_NO
  echo EXITING;
  exit 1;
}

trap 'int_handler' INT


vdev=$(ls -1 /sys/devices/virtual/video4linux | head -n 1 | sed 's/\n//') # sprawdzamy które urządzenie jest wirtualne
dev=$(~/bin/pick-video-device.sh)
resolution=$(echo "1080p\n1920:1080\n720p\n1280:720\n480p\n853:480\n234p\n416:234" | zenity --list --column=resolution --column=resolution-value --hide-column=2 --print-column=2)
width=$(echo $resolution | awk -F: '{print $1}')
height=$(echo $resolution | awk -F: '{print $2}')

sudo v4l2loopback-ctl add \
     -n "loopy doopy ${DEVICE_NO} ${height}p" \
     -w $width \
     -h $height \
     -x 1 \
     -v \
     /dev/video$DEVICE_NO

sudo v4l2loopback-ctl set-caps /dev/video$DEVICE_NO YU12:${width}x${height}@25

#ffmpeg -f v4l2 -framerate 25 -pix_fmt nv12 -i $dev -f v4l2 -vcodec rawvideo -vf "scale=-1:480" /dev/$vdev

# this worked: 
ffmpeg -f v4l2 -pix_fmt nv12 -i $dev -f v4l2 -vf "scale=$resolution,format=yuv420p" /dev/video$DEVICE_NO

Był wyłączony systemd-resolved.service

Dodatkowo, /etc/resolv.conf nie był symlinkiem do ustawień systemd-resolved. Za https://wiki.archlinux.org/title/Systemd-resolved#DNS:

ln -rsf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

https://qasimk.io/2018/single-application-vpn/

Ustaw VPN za pomocą openvpn. powinien się utworzyć interfejs np. tun0.

Utwórz plik /root/netns.sh:

# create the namespace                                                                                                                                                                                             
ip netns add nordvpn                                                                                                                                                                                               
                                                                                                                                                                                                                   
run_namespace="ip netns exec nordvpn"                                                                                                                                                                              
                                                                                                                                                                                                                   
$run_namespace ip link set lo up                                                                                                                                                                                   
                                                                                                                                                                                                                   
# get the ipv4 address of the device in vpn and the vpn gateway                                                                                                                                                    
IP_4=$(ip a | grep -A 5 tun0 | grep "inet " | awk '{print $2}')                                                                                                                                                    
VPN_GATEWAY=$(ip r | grep tun0 | grep via | head -n 1 | awk '{print $3"/"32}')                                                                                                                                     
                                                                                                                                                                                                                   
# transfer the tun0 into the namespace                                                                                                                                                                             
ip link set tun0 netns nordvpn                                                                                                                                                                                     
# up the interface                                                                                                                                                                                                 
$run_namespace ip link set tun0 up                                                                                                                                                                                 
# set the proper address for the tun0 after transfer                                                                                                                                                               
$run_namespace ip addr add $IP_4 peer $VPN_GATEWAY dev tun0                                                                                                                                                        
$run_namespace ip route add default dev tun0                                                                                                                                                                       
                                                                                                                                                                                                                   
                                                                                                                                                                                                                   
# set a bridge to local network so it's possible to communicate with transmission                                                                                                                                  
                                                                                                                                                                                                                   
ip link add vpn0 type veth peer name vpn1                                                                                                                                                                          
ip link set vpn0 up                                                                                                                                                                                                
ip link set vpn1 netns nordvpn up                                                                                                                                                                                  
                                                                                                                                                                                                                   
ip addr add 10.200.200.1/24 dev vpn0                                                                                                                                                                               
ip netns exec nordvpn ip addr add 10.200.200.2/24 dev vpn1                                                                                                                                                         
ip netns exec nordvpn ip route add 192.168.0.0/24 via 10.200.200.1 dev vpn1 # local network                                                                                                                        
iptables -A INPUT \! -i vpn0 -s 10.200.200.0/24 -j DROP                                                                                                                                                            
iptables -t nat -A POSTROUTING -s 10.200.200.0/24 -o wl+ -j MASQUERADE                                                                                                                                             
                                                                                                                                                                                                                   
# forward ports for the webadmin panel                                                                                                                                                                             
iptables -t nat -A PREROUTING -p tcp --dport 9091 -j DNAT --to-destination 10.200.200.2:9091                                                                                                                       
iptables -t nat -A POSTROUTING -p tcp --dport 9091 -j MASQUERADE                                                                                                                                                   
                                                                                                                                                                                                                   
sysctl -q net.ipv4.ip_forward=1                                                                                                                                                                                    
                                                                                                                                                                                                                   
$run_namespace ip r                                                                                                                                                                                                
$run_namespace curl ifconfig.co                                                                                                                                                                                    
$run_namespace ping 192.168.0.13       

Utwórz plik /etc/systemd/system/netns-nordvpn.service:

[Unit]                                                                                                                                                                                                             
Description=Create a nordvpn ip namespace                                                                                                                                                                          
Requires=openvpn-client@nordvpn.service                                                                                                                                                                            
                                                                                                                                                                                                                   
[Service]                                                                                                                                                                                                          
Type=oneshot                                                                                                                                                                                                       
RemainAfterExit=yes                                                                                                                                                                                                
ExecStart=/root/netns.sh                                                                                                                                                                                  
                                                                                                                                                                                                                   
[Install]                                                                                                                                                                                                          
WantedBy=multi-user.target 

Utwórz plik /etc/systemd/system/namespaced-transmission.service:

[Unit]
Description=Transmission BitTorrent Daemon
After=network.target openvpn@nordvpn.service
Requires=netns-nordvpn.service
Alias=transmission.service

[Service]
Type=simple
#NetworkNamespacePath=/var/run/netns/nordvpn
ExecStart=ip netns exec nordvpn sudo -u debian-transmission /usr/bin/transmission-daemon -f --log-error
ExecStop=/bin/kill -s STOP $MAINPID
ExecReload=/bin/kill -s HUP $MAINPID

[Install]
WantedBy=multi-user.target

następnie:

sudo systemctl enable nordvpn-ns-gateway.service
sudo systemctl enable namespaced-transmission
sudo setcap 'cap_net_admin,cap_net_raw+ep' $(which transmission-daemon)

Domyślnie tylko user root ma uprawnienia do dostępu do urządzenia tworzonego przez libcec (bodajże jest to /dev/cec).

Gdy kodi nie jest odpalane jako root, to nie ma dostępu do tego pilota i rzuca błąd na starcie.

Aby to naprawić, trzeba dodać do użytkownika, który będzie odpalać kodi grupy video, lock oraz uucp:

sudo usermod -a -G video pi
sudo usermod -a -G lock pi
sudo usermod -a -G uucp pi

Najłatwiej jest to zrobić za pomocą Delgue, które ma tę funkcję wbudowaną

  1. Pobrać rbedit
  2. ./rbedit-linux-amd64 put --input publish.sh.torrent --inplace --json "[\"https://up.kuba-orlik.name/pliki/qt-creator-android.ova\"]" url-list

Trzeba dodać to do ~/.zshrc:

. /etc/profile.d/vte.sh

Add to HTML:

	<script src="/node_modules/react/umd/react.production.min.js"></script>
	<script src="/node_modules/react-dom/umd/react-dom.production.min.js"></script>

In typescript, import React like so:

import React from "react";

When using something from the React library, use e.g. React.useEffect rather than import {useEffect} from "react".

In esbuild.config.js:

let skipReactImports = {
    name: 'skipReactImports',
    setup(build) {
        build.onResolve({ filter: /^react(-dom)?$/ }, (args) => {
            return {
                path: args.path,
                namespace: `globalExternal_${args.path}`,
            };
        });

        build.onLoad(
            { filter: /.*/, namespace: 'globalExternal_react' },
            () => {
                return {
                    contents: `module.exports = globalThis.React`,
                    loader: 'js',
                };
            }
        );

        build.onLoad(
            { filter: /.*/, namespace: 'globalExternal_react-dom' },
            () => {
                return {
                    contents: `module.exports = globalThis.ReactDOM`,
                    loader: 'js',
                };
            }
        );
    },
};

And in the build config:

        plugins: [skipReactImports],
        external: ['react', 'react-dom'],

Note – perhaps not every step above is necessary, but after a lot of searching I did this here and it finally worked.

The motivation for this was that if the React code is bundled with the app, then Mozilla Linter raises warnings on direct DOM manipulation without sanitizing.

Due to both security and performance concerns, this may not be set using dynamic values which have not been adequately sanitized. This can lead to security issues or fairly serious performance degradation.

Inspired by this answer: https://github.com/evanw/esbuild/issues/806#issuecomment-779138268

Źródła:

$ timedatectl set-ntp true

$ parted

(parted) mklabel gpt
(parted) mkpart "EFI system partition" fat32 1MiB 301MiB
(parted) set 1 esp on
(parted) mkpart cryptroot ext4 301MiB 100%
^C

$ mkfs.fat -F 32 /dev/nvme0n1p1

$ cryptsetup luksFormat /dev/nvme0n1p2
$ cryptsetup open /dev/nvme0n1p2 cryptlvm
$ pvcreate /dev/mapper/cryptlvm
$ vgcreate MyVolGroup /dev/mapper/cryptlvm
$ lvcreate -L 8G MyVolGroup -n swap # tyle GB ile ramu
$ lvcreate -l 100%FREE MyVolGroup -n root

$ mkswap /dev/MyVolGroup/swap
$ mkfs.ext4 /dev/MyVolGroup/root

$ mount /dev/MyVolGroup/root /mnt
$ mkdir /mnt/boot
$ mount /dev/nvme0n1p1 /mnt/boot
$ swapon /dev/MyVolGroup/swap

$ reflector --latest 5 --sort rate --save /etc/pacman.d/mirrorlist
$ pacstrap /mnt base linux linux-firmware dhcpcd iwd git emacs man-db man-pages lvm2 grub efibootmgr sudo base-devel

$ genfstab -U /mnt >> /mnt/etc/fstab
$ arch-chroot /mnt
$ ln -sf /usr/share/zoneinfo/Poland /etc/localtime
$ hwclock --systohc

# odkomentuj en_US.UTF-8 i pl_PL.UTF-8 w /etc/locale.gen
$ locale-gen
$ echo "LANG=en_US.UTF-8" > /etc/locale.conf
$ echo "mojkomp" > /etc/hostname

Wyedytuj /etc/mkinitcpio.conf tak, aby linijka HOOKS wyglądała tak:

HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems fsck)
$ mkinitcpio -P

Wczytaj UUID partycji z lvm2:

$ lsblk -dno UUID /dev/nvme0n1p2

następnie w /etc/default/grub dodaj do GRUB_CMDLINE_LINUX_DEFAULT:

cryptdevice=UUID=%%%%%:cryptlvm root=/dev/MyVolGroup/root

(%%% należy zastąpić UUID z poprzedniego kroku)

grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB
grub-mkconfig -o /boot/grub/grub.cfg

Utwórz użytkownika

useradd kuba
passwd kuba

# odkomentuj linijkę %sudo ALL=(ALL:ALL) ALL w visudo

groupadd sudo
usermod -a -G sudo kuba