Wireguard Roadwarrior setup using Ubuntu Server 18.04, Pi-hole and Google Wifi (with some double NAT)
Wireguard has had a lot of press because of its addition to the Linux Kernel. With this in mind I look to setup a Roadwarrior setup
Following on from last months post which was based on something most new distro users do, theming and finding applications. KDE has a huge amount of scope as a desktop environment to make it look just how you want it and it's well supported by a community who provide lots of themes, founts, widgets, icons and just about everything you need to provide you with your preferred desktop environment. Mine is very reminiscent of OSX.
As was noted by a handful of Reddit enthusiasts however KDE isn't OpenSUSE so this month I've been getting under the hood of what makes OpenSUSE different than other distros I've used over the years.
Remember when reading this, these are my personal opinions which mainly come from 20 years of hands on Linux experience not suggestion, here say or third party input. I’m not asking you to agree with me in any shape or form, I'm writing this as a personal journey not as an effort to start a flame war over which distro, desktop or package management tool is the best. This is just one guys journey not a personal a affront against your beliefs
Also I know I can't spell and my grammer is terrible, you don't need to tell me.
One of the things that has jumped out at me about OpenSUSE from an out of the box experience is it feels like a well thought out experience, and looking at its history and pedigree even before the 2003 Novell acquisition this is a Distro with strong roots in the foundations of Linux history and while over the last few years it seems to have been on a bit of a hunt for a long term home, what is offered is actually vastly different from many of the other distros I've personally used over the years.
What has struck me about using OpenSUSE over the last few months is how together it is, people have listened over the years and its ended up with a good set of stable user friendly tools which work well. The closest other distro I can think of like this is Linux Mint where the team write Mint specific tools for the Distro which upstream Ubuntu or Debian wouldn't never supply
This thought and care has lead to what just feels like a very mature distro, one that hasn't sprung up, looks pretty but misses the mark in so many other areas. Its got not only good hardware support, the configuration of that hardware has been thought about and interfces are provided. The fact you might want some Gnome Applications as part of your KDE install (or vice versa) is covered as part of that install process and once installed the Windowing wraps a warm KDE wrapper where it can round that Gnome app.
As well as apps you might want to run Virtualisation, a webserver or samba and you can choose this during the install, when you do all the Yast is setup and ready for you, if something isn't installed which you'd like to use in Yast, it gets installed.
This is care, this is maturity..
These are a few observations from my journey which I would call out as making OpenSUSE a very different distribution.
When its come to its branding the SUSE brand has made this gecko (apparently named Geeko) its own. Its changed a bit over the years, and I was trying to think of other logos from other Linux distros and other than the Ubuntu Logo nothing stood out as so brand aware.
While not a reason to change or use a distro, the amount of branded wallpapers around are amazing..
It's possible to write an entire blog post on the installer, many have and I won't here. Read about it here if you'd like to know/see more: https://linuxhint.com/install_opensuse/
What makes the installer stand out is the choice. Many other popular distros can get you thier stock install in about 7 screens, and you can give a take a few screens do the same with this installer. However if you want to fine tune settings for hardware or choose a larger or smaller group of applications to install, the OpenSUSE installer provides the option to do that in spades.
Its possible for some this choice may seem overwhelming, however if the Linux OS is all about choice, then having that especially during install has to be a good thing
Now this is a small point, however its one worth noting, in todays modern warfare of internet access, its quite nice to see a distro from install where the firewall is enabled. I went back and double checked this and Ubuntu, Fedora and Linux Mint the firewall isn't enabled by default. Its installed, just not on.
Once the OS is intalled you're going to want to get software installed (and in the case of Yast get things setup) OpenSUSE has a great selection of tools specific to this distro and cross platform tools for getting your preferred software installed
While Gnome has Control Panel and KDE has its Settings menu, these are very focussed to getting things setup on the Desktop UI you have chosen. OpenSUSE has a tool which goes deeper than this. Yast
YAst is comparable to Control Panel/Settings in Windows in so much as it goes further than options for your desktop configuration and provides multiple methods for setting up OS Level.
Examples of things which can be changed at a low level inclued Kernel Settings, setting up the inbuilt Virtualization options like KVM or Remote access to the box.
Yast can be used to add additional functionality and install programs.
Yast as a tool is synonomous with Suse, however it also has another trick up its sleeve because as well as being a GUI tool, Yast can be used from the command line.
While in the most part you may find yourself using the next tool on this list Zypper in the command line for installation of software, It's worth remembering Yast is about more than just installation of software, its about configuring the OS, and having the command line means that some of that configuration can be scripted.
YaST in text mode uses the ncurses library to provide an easy pseudo-graphical user interface. The ncurses library is installed by default. The minimum supported size of the terminal emulator in which to run YaST is 80x25 characters.
There is a really good stating point here for covering what Yast in the command line can do.
Installing software on Linux from the command line is varied across most linus Distros with Fedora moving to dnf, yum on many RPM distros, dpkg or apt on the Debian/Ubuntu derivatives, ecto on Sabayon it seems a right of passage that OpenSUSE has gone down its own path and has Zypper (Running yast or rpm from the command line also work)
As i'm running the Tumbleweed varianr of OpenSUSE i get a lot of use out of the zypper dup command pretty much daily for installing the multitude of updates the repos provide.
As this Zypper cheat sheet (found here) shows there are a multitude of things this tool can do when it comes to managing your installed
What tools like Zypper, apt and dnf are supposed to offer is extenability and help managing the files on your chosen platform. As an example of this when installing a rmp using the rpm command line you may get a response back that there is a conflict or problem with the package. Zypper expands on this by providing the options to move forward with the package such as possible config changes, removing other packages or just not bothering to install at all. Once chosen it will head off and sort out the problem depending on your choice.
Another interesting example of zypper helping is after a Tumbleweed update, often zypper reports back that the OS needs a reboot because there are files open. running
zypper ps -s
provides a list of these locked processed
The following running processes use deleted files
You may wish to restart these processes.
See 'man zypper' for information about the meaning of values in the above table.
Core libraries or services have been updated.
Reboot is required to ensure that your system benefits from these updates
There are a list of features which Zypper provide which i've only just started looking at (possibly more later in the series) on the OpenSUSE webpage
Great question, and the answer on a reddit sub seems to give the best response I can find
Both YaST and zypper use libzypp under the hood. The YaST gui provides a lot of flexibility and functions which, while most can also be done in zypper, are easier to do in YaST. Having said that, zypper can install anything that YaST can and takes care of dependencies the same way. So, bottom line, it's a matter of preference.
The last method of installing repository based applications is 1-Click Install. Out of the box this works fine with the default Firefox install, however using Chrome I was a bit hit and miss even after following a few suggestions online. Most point to plugins that no longer exist.
1-Click install is just what it says on the tin
You will end up webpages which look like the two above, and there will be a button which you can click on. This will launch a .ymp file, this will then handle literally everything about getting that package onto your OpenSUSE installation from repository management to installation. It does this utilising the Yast interface so you can see what is happening all the way through.
Once installed using 1-Click install the package is managed the same way as your other packages installed using Yast or Zypper.
For a new starter to the OpenSUSE community who wants to run through the software on the https://software.opensuse.org/explore webpage and just get up and going this is huge and i'm honestly suprised more distros don't do this instead of pointing the user to a "software center" type app.
As well as installing software from OpenSUSE supported repositorories or RPM files the plaform also has support for Snap, and Flatpack
Snap is owned by Canonical and places its base snap over the underlying distro, while Flatpak is a Red Hat initiative that places a Yocto distro over the underlying distro. Also, unlike with Snap where developers need to pay to Canonical, Flatpak is free to use
I tend to use Snap over Flatpak out of personal choice as there are no Flatpak images for some of the things I want to install (one being the rather excellent Termius)
A recent exchange on a Reddit sub about a previous post in this series however would indicated that Flatpak would be preferred
The problem with Snap is that Canonical does not appear to affect support in other distributions, despite their universality claims.
Not long ago our former president was tweeting
"The u/SUSE security team just closed the bug for addressing security concerns preventing u/snapcraftio being included in u/openSUSE due to a lack of response by the upstream developers & packagers.. I guess u/FlatpakApps wins the new-age packaging war by default""
The reason explains it himself in another tweet
I'd like to point out that the reason for the closure was not a failure at addressing any of the raised issues, but a failure to reply to either of the requests for a status update in July and September.
Both are supported at time of writing and both have pros and cons i guess however both seem to essentially provide another method of getting workng apps onto a Linux Distro.
You can choose the filesystem you install on during the installation of the OS, and like most distros out there the default choice is EXT4, during the installation however there is another option which may make sense.
Btrfs is an open-source, general-purpose file system for Linux. The name derives from the use of B-trees to store internal file system structures. Different names are used for the file system, including “Butter F S” and “B-tree F S.”
Development of Btrfs began at Oracle in 2007, and now a number of companies (including Red Hat, Fujitsu, Intel, SUSE, and many others) are contributing to the development effort. Btrfs is included in the mainline Linux kernel
BTRFS aims to implement advanced features, fault tolerance and ease administration. Despite its name BTRFS is not a proper filesystem. As a matter of fact BTRFS is also capable of spanning across multiple devices and provide RAID functionality but it is also capable of manage partitions dynamically acting as a volume manager like LVM.
As you can see it packs quite a few functions under the hood, much more than a file system should, that’s why it isn’t entirely correct to call it a filesystem, it is a sort of “evolution”. Another filesystem of this kind is ZFS.
It seems at present OpenSUSE is the main contributor to the btrfs file system.
Have aread here for some more information on this Filesystem
So why do you care about this?
To be honest you don't really need to on a day to day level, unless of course something breaks, then you'll be very glad you were using it as I was a week or so ago.
In my example, each time you run Zypper through the command line something interesting happens, the OS takes a snapshot of your system prior to the update being applied.
My understanding is, and I'm happy to be corrected, that the underlying btrfs takes care of this, and you use a coppy of the tool snapper to view and manage those snapshots.
As you can see from my example following an update I was having no end of problems with the KDE UI starting up, using the snapper tool I was able to revert to the snapshot prior to zypper running and the system then booted up fine.
24hrs later I ran the zypper dup again, and the problem was solved upstream and i am back on a fully updated Tumbleweed.
While we know that data backup is important for our files, i love how this is baked into the OS providing a simple OS level backup which should help a lot of problems be solved where I've just previously given up on other distros.
This is a good entry level tutorial into Snapper
So installation and software management aside there were a few tools I started using and looking at this month, these are not
This is the default method on OpenSUSE, baked in, for running Virtual machines, its equivelent might be Virtualbox or VMware player.
I stumbled on this because i wanted to (and subsequently mis read the instructions for) get Openshift 4 version of Minishift working on my laptop. The Container system eventually would only work on Centos/Redhat however as part of the journey it needed KVM installed, the native equivelent of Virtualbox on Linux.
Installing KDE through the Yast interface was really easy find Virtualisation and click on install Hypervisor and Tools
Click on KVM server and KVM Tools and accept
and I was done after a few minutes.
Compared to something like Virtualbox from a user experiance point of view i think Virtualbox is still a much better option for most users, its a lot simpler to get setup for networking etc. However having managed to setup both CentOS and Windows in KVM its not rocket science and work well. It does seem to be less CPU/RAM intrusive than Virtualbox and I think from my perpective its learning how to use a new system.
Once big gribe however was on Virtualbox there are Guest tools which install really easily. I'm not sure if this was my install, OpenSUSE or normal, the installation of the KVM guest tool equivelent was not easy realise where to get the files from, and how to use them. Again this might just be learning.
There is also a requirement to use TigerVNC to gain access to your Virtual machines, this caused me a problem as I use VNCConnect as a method of connecting to machines. There is apparently no way to run both RealVNC and TightVNC together on OpenSUSE.
Note: I know VNC isn't secure, i have a specific use case.
I can't work out if i love this or its a pain yet, linking the OpenSUSE KDE desktop to my Android mobile, so i could use my phone as a touchpad seemed like a good idea, and seeing the notifications from my mobile on my desktop is nice. I think at least once this month transferring files from my phone to my desktop using KDE Connect has been a bonus too.
At its purest essence KDE Connect is a method of linking your phone and your desktop. It provides methods for transferring files, clipboard, messages and such between the KDE Connect Android app and the KDE Widget.
For all the discovery this month hasn't been without a few issues, and i'm not getting great feedback off the OpenSUSE community or the Reddit channel, too complex or abstract i guess.
I had an issue where after an update I was unable to login to KDE, or at a command prompt after a reboot. I'd noted as well that sudo wasn't working after a zypper dup and put that down to needing a reboot.
The root cause ended up being the previous linking my login to my home AD server. Winbind had lost the connection so the logins were failing, i removed the winbind entry from the pamd.d files common-session-pc and common-auth-pc and reboot.
Over the last few updates the battery life has droped from 10hours to about 6/7 hours. This could be down to chuff i've installed, however powertop and htop are not showing anything obvious.
As i said above, its fustrating KVM has a need to use TightVNC and block RealVNC, this breaks my workflow.
I've still not hit anything which has broken my workflow or i can't get working on this distro yet and i'mve got over the need to distro hop so far. I was happy to fix the problem with the login because i thought I might need to reinstall the OS.