The Living Thing / Notebooks :

Comfy Ubuntu setup for science and such

Encrypted folders

My latest roadbump. TODO: definitive fix.

From 18.04 along the system totally changed. The previous one turned out to be a bag of trouble. Is it worth trying FUSE alternatives, gocryptfs or ecryptfs or will they simply be too slow? Perhaps not.


I think this can also be done with But here is the apt method.

# Add the release PGP keys:
curl -s | sudo apt-key add -

# Add the "stable" channel to your APT sources:
echo "deb syncthing stable" | \
    sudo tee /etc/apt/sources.list.d/syncthing.list

# Update and install syncthing:
sudo apt-get update
sudo apt-get install syncthing

Now choose my autostart method. I probably want to do this as a user, not as a system service, because root access is from a different devops era.

But wait! Does it report my disk is full when I try to use filesystem monitors? I need to allocate more resources to that.

$ cat /proc/sys/fs/inotify/max_user_watches
$ sudo sh -c 'echo 204800 > /proc/sys/fs/inotify/max_user_watches'
$ echo "fs.inotify.max_user_watches=204800" | sudo tee -a /etc/sysctl.conf
$ cat /proc/sys/fs/inotify/max_user_watches

Google Chrome

If I want profile sync or some other features not in plain chromium, askubuntu says:

sudo bash
wget -q -O - | \
    apt-key add -
echo "deb [arch=amd64] stable main" >> \
apt-get update
apt-get install google-chrome-stable

Standard disclaimer: the other features that are not in plain chromium may include Google spyware.


I download julia as an plain installer package; it’s too rapidly evolving for anything else.


I give in, and just run anaconda. It is easy for science stuff.

Bonus: then I get pytorch and and other such tricky-GPU-dependency packages without messing about.

conda install pytorch torchvision cuda91 -c pytorch


Not all the good editors are packaged up. In fact the hiuppest ones are installed separately.

Also, a passable CLI editor:

sudo add-apt-repository ppa:neovim-ppa/stable
sudo apt-get update
sudo apt-get install neovim
sudo update-alternatives --install /usr/bin/vi vi /usr/bin/nvim 60
sudo update-alternatives --config vi
sudo update-alternatives --install /usr/bin/vim vim /usr/bin/nvim 60
sudo update-alternatives --config vim
sudo update-alternatives --install /usr/bin/editor editor /usr/bin/nvim 60
sudo update-alternatives --config editor

Non-packaged apps



sh -c "$(curl -fsSL \"
test -d ~/.linuxbrew && \
test -d /home/linuxbrew/.linuxbrew && \
test -r ~/.bash_profile && \
    echo "export PATH='$(brew --prefix)/bin:$(brew --prefix)/sbin'":'"$PATH"' \
echo "export PATH='$(brew --prefix)/bin:$(brew --prefix)/sbin'":'"$PATH"' \

Claims to support julia, but AFAICT that doesn’t work. node.js does, though.

Probably I want all the libraries which are too patent-encumbered or GPL’d to be bundled with my slightly-too-pious-for-me distribution. This means codecs and other content-related shit.

brew install libsamplerate libsndfile ffmpeg

Also linuxbrew will install fish, which is hopelessly outdated in e.g. Ubuntu 16.04.

Sandboxed app packages

Running apps that don’t come through the intimate Debian packaging, but rather as sandboxed binary thingies including all their own dependencies. Obviously there are several philosophically different approaches to this idea and I would not mind this if they didn’t waste so much hard disk space. Q: Are all these app platforms still going concerns? Did one of these sandboxed app platforms win?

Flatpak, Snaps, AppImages. Others? Here’s one author who mentions all three and gives some (not necessarily deep) intro to each. The explanation of flatpak in particular is vague. I need a better link.


The one I’ve actually used because there are some apps I want package as Snaps in the Ubuntu App Store.

Ubuntu explains snaps and how they are used by lots of linuces and this is convenient. is the landing zone.

I need some extra config to keep disk usage under control. Per default, it keeps many expired versions of every app lying around for no particular reason that I understand.

sudo snap set system refresh.retain=2

or to remove inactive expired versions right now (bash shell)

sudo bash
snap list --all | while read snapname ver rev trk pub notes; do
    if [[ $notes = *disabled* ]];
    then snap remove "$snapname" --revision="$rev";


flatpak enables many sandboxed apps via flathub. It is shiny and gui-friendly, and seems to include update infrastructure.

sudo add-apt-repository ppa:alexlarsson/flatpak
sudo apt update
sudo apt install flatpak
sudo apt install gnome-software-plugin-flatpak
flatpak remote-add --if-not-exists flathub

NB uses lots of disk space under /var. I haven’t worked out how to contain that since all my needful apps seem to be Snaps at the moment.


Also there are .AppImage files around. See the site. AFAICT you don’t need to install anything to make this go. It’s simply an executable packaged app format. chmod a+x might be needed to make it executable.

Password manager

How painful is passwordstore? Because it looks like the best one in terms of supporting everything, albeit clunkily.

sudo apt-get install pass

To mention: keybase.

Clipboard manager

CopyQ (every desktop) seem most popular and works well.

sudo add-apt-repository ppa:hluk/copyq
sudo apt update
sudo apt install copyq copyq-plugins

Useful: CopyQ Keyboard shortcuts.

Alternatively, Zazu offers a clipboard manager.

These raise security questions, i.e. in CopyQ there is no way of marking passwords on the clipboard as secret unless they come from certain password apps, and that is quite tedious, and presumes you aren’t using a command-line password manager, or a browser plugin.

See also clipboard managers for some in-depth and cross-platform comparison.


Hmmm. They are all a bit shit.

If you are worried that your current terminal doesn’t use enough RAM, you can use hyper which is a javascript app version of terminal. It’s not too bad for one of these web technology desktop apps It has lots of sexy features and graphics, and UX detailwork, to compensate for the hefty RAM usage.

Terminator seems to be an acceptable default option for a pure native app without many frills, or much resource usage.

There are many more half-arsed options available.

Switching applications, why can’t it be smooth like on a Mac did Apple patent intuitiveness?

One could use a custom [launcher]{filename}, e.g. Zazu or do. But the built-in launcher on Gnome is pretty good, so I do not bother.


Also trackpad buttons. For my Razerblade there were extra things to do. There are also some tips there about making settings persist.

Kai Koenig reveals that I can have the button assignments different between mouse and keyboard. This is useful for me, since I mouse left-handed and trackpad right-handed, for reasons of avoiding RSI.

This needs the xinput trick

xinput -list

to find the name of my mouse, then

xinput set-button-map "2.4G Mouse" 3 2 1 &&

Making it work generically for all peripherals requires fancier footwork.

Desktop could be nicer

Ubuntu 17.0 or later: GNOME

Oh wait Unity desktop is over now I need to convert all the classic tweaking to GNOME. See comfy GNOME shell.

Ubuntu before 17.10: Unity

Here are the keyboard shortcuts needed to have a civilised desktop experience.

The default OS switcher is configurable

sudo apt-get install compizconfig-settings-manager compiz-plugins

I simply don’t like the default Unity alt-tab application switcher. It may work for a lot of people, but it just slows me down. For me it’s faster to have a single application switcher that cycles through all open windows, possibly within one desktop, but I’m not sure about that. I am really not compatible with the default unity switcher that groups windows, for example terminals, together so when hitting alt-tab you can’t (in an effective way) switch between terminals. Having a different key combo for that slows my brain down. […] Open compizconfig-settings-manager with alt-F2, type ccsm.

Scroll down to “Ubuntu Unity Plugin”. Choose the tab “Switcher”. Disable the alt-tab and shift-alt-tab key bindings. (“Key to start the switcher” and “Key to switch to the previous window in the Switcher”. Click the “Back” button.

Scroll down to the “Window management” section. Here you can select another switcher. I enable the “Static Application Switcher”, resolve any potential conflicts by setting the setting for “Static Application Switcher”. Now you can tweak the switcher by clicking on it. I have changed alt-tab and shift-alt-tab to “Next window (All windows)” and “Prev window (All windows)”.

Unity tweak tool does unity-specific tweaks of this kind of nonsense.

sudo add-apt-repository ppa:freyja-dev/unity-tweak-tool-daily
sudo apt-get install unity-tweak-tool

See also the nifty run-or-raise hack.

Encryption and verification infrastructure

Encrypting, signing, certifying, swapping keys etc. For when one is worried about the state apparatus interfering with your life:

sudo apt-get install debian-keyring  ## keys of extra-paranoid nerds
sudo add-apt-repository ppa:tails-team/tails-installer
sudo apt-get install tails-installer  ## for installing the paranois tails OS
sudo apt-get-install pius signing-party  ## citizen identity verification

Don’t confuse Windows time/date when dual booting

Windows updates the time not the time zone to stay compatible with MS-DOS. Who knew.

Linux has to bear the compatibility burden on this bit of arse-backwardsery, but the command in that link seems to work more or less. I also needed to kick the hardware clock for consistency.

timedatectl set-local-rtc 1 --adjust-system-clock
hwclock -w --localtime

To revert to sanity:

timedatectl set-local-rtc 0 --adjust-system-clock
hwclock -w --utc

Or, my life hack: tell Windows OS that the timezone is in UTC and deal with Windows thinking it is 4am when I am at work. Since I only use Windows for an hour here and there each month it’s much easier. (Not recommended: tell Windows to use UTC via advanced registry settings but still set a non-trivial time-zone.)

Fish shell

If Ubuntu 16.04, I either use linuxbrew for an updated shell or use an updated PPA. In 18.04 such is no longer needed.

The former: Add /home/linuxbrew/.linuxbrew/bin/fish to /etc/shells. Then run

chsh -s /home/linuxbrew/.linuxbrew/bin/fish

The latter:

sudo apt-add-repository ppa:fish-shell/release-2
sudo apt-get update
sudo apt-get install fish
chsh -s /usr/bin/fish

Offline documentation

Zeal is not bad.

sudo add-apt-repository ppa:zeal-developers/ppa


See comfy razer.

Oh arse I have to do design stuff

Install Scribus

sudo add-apt-repository ppa:scribus/ppa
sudo apt-get update
sudo apt-get install scribus-ng

Typing non-ascii characters from a US keyboard how does that work again?

See applied Typography.

Virtual machines

I want to run virtual machines?? Be aware Ubuntu may have special needs wrt config.

virtualbox is passable. These days I prefer libvirt, unless there is some particular machine image that I need that only runs on virtualbox for some reason.


Easyish! fast! open!

    sudo apt install virt-manager libvirt-bin qemu-kvm


Confusing! Circuitous! Opaque! Hard to delete.

wget -q -O- | sudo apt-key add -
wget -q -O- | sudo apt-key add -
sudo add-apt-repository ' contrib'
sudo apt-get install virtualbox virtualbox-ext-pack

macOS-style quicklook previews

Gnome Sushi does that

sudo apt-get install gnome-sushi

If only I could temporarily disable lock screen


Mounting that Windows partition on login

By default the various disks that I plug in to your machine are visible in the sidebar, but util you click on them they are not actually mounted so you can’t use the files. “Clicking on stuff” is not a satisfactory workflow, especially if you have other scripts which depend on data on your external drive. So fix that.

GUI automount

The official option

sudo apt install dconf-editor

Now in set automount to True.

Apparently this is equivalent to

gsettings set automount true


dconf write /org/gnome/desktop/media-handling/automount true

GUIless automount

e.g. for the server. Install usbmount. I didn’t try this.


Userspace mounting is not hard but the command is not at all obvious. The virtue of this method is that it works also without root privileges, in principle. However, it also requires logging out and in again to test and frequently fails for me and I don’t know where the error logs go.

udisksctl mount --block-device /dev/disk/by-uuid/[uuid]

Or perhaps it is the slightly easier

/usr/bin/udisks --mount /dev/[sdc1 or something]

except that this one mounts it in the wrong place because otherwise it would be too useful.

But what is the UUID? Find it using blkid

sudo blkid

or if you are not root

ls /dev/disk/by-uuid

and apply some deduction.

NB: this could be slightly easier for external disks which have a label. Then it’s something like

udisksctl mount --block-device /dev/disk/by-label/[label]

This works on some of my Ubuntu machines but not others; can’t work out why.


Fiddly on Linux. See VPN

Signal desktop

Note, this is not recommended - increase your attack surface?

curl -s | sudo apt-key add -
echo "deb [arch=amd64] xenial main" \
 | sudo tee -a /etc/apt/sources.list.d/signal-xenial.list
sudo apt update && sudo apt install signal-desktop

Additional config


Ubuntu journald can get very big because there is no limit per default /etc/systemd/journald.conf:


Manual cleanup right now:

sudo journalctl --rotate
sudo journalctl --vacuum-time=2d