manjaro-os

记录manjaro的安装过程。

安装操作系统

https://manjaro.org/products/download/x86

GNOME is a modern desktop, the layout is different from other options but easy and intuitive to learn.

优化apt

Recommend: Add/Remove Software & Preferences->Use mirrors from: Change to China, and Refresh Mirrors.

Upgrade:

sudo pacman -Syu

#如果报错执行：
pacman-key --init
pacman-key --populate archlinuxarm
pacman -Sy archlinux-keyring
pacman -Syu

安装基础包

#pacman
#https://zhuanlan.zhihu.com/p/383694450
sudo pacman -S base-devel cmake pkgconf pacman-contrib vim xorg-mkfontscale net-tools jq lrzsz --noconfirm --needed

#yay
sudo pacman -S yay
#将 Yay 升级到新版本
yay -Sua
#升级所有包（含 AUR）
pacman -Syu
yay -Syu 
#清理不需要的依赖 
yay -Yc 
#降级软件包版本
yay -S downgrade
sudo downgrade 包名
#自动化安装
yay -S packagename --noconfirm --needed

#paru
#https://zhuanlan.zhihu.com/p/350920414
git clone https://aur.archlinux.org/paru.git
cd paru
makepkg -si
#usage like yay

#debtap
yay -S debtap
debtap package
sudo pacman -U package.xtz

#homebrew
#https://brew.sh/
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"


#安装输入法
#https://zhuanlan.zhihu.com/p/468426138
sudo pacman -Rs $(pacman -Qsq fcitx)
sudo pacman -S fcitx5 fcitx5-configtool fcitx5-qt fcitx5-gtk fcitx5-chinese-addons --noconfirm --needed

#安装Input Method Panel
https://extensions.gnome.org/extension/261/kimpanel/

#安装sogou
#yay -S fcitx5-sogou
#reboot

# Windows字体
https://rrroger.github.io/notebook/linux/Ubuntu%E5%AE%89%E8%A3%85%E5%BE%AE%E8%BD%AF%E5%AD%97%E4%BD%93.html
https://www.cnblogs.com/liutongqing/p/7923297.html

sudo git clone https://github.com/fernvenue/microsoft-yahei.git /usr/share/fonts/truetype/windows-font
sudo chmod -R 777  /usr/share/fonts/truetype/windows-font
cd /usr/share/fonts/truetype/windows-font
sudo rm -fr /usr/share/fonts/truetype/windows-font/.git
sudo mkfontscale
sudo mkfontdir
sudo fc-cache -fv
#查看已经安装的中文字体
fc-list :lang=zh

#常用软件
yay -S microsoft-edge-stable-bin 
#旧机器需要在/usr/share/applications/microsoft-edge.desktop中添加：Exec=/usr/bin/microsoft-edge-stable --disable-gpu %U
#betterbird安装后，需要安装plugin: Minimize on Close
yay -S betterbird
yay -S wps-office-cn
#yay -Ss visual-studio-code
yay -S visual-studio-code-bin
yay -S cursor-bin
yay -S safeeyes
yay -S snipaste
#rsync -avP dave@192.168.3.37:~/.config/tabby ~/.config/ 
yay -S tabby-bin
yay -S feishu-bin
yay -S google-chrome
yay -S lx-music
yay -S musicfree
yay -S wechat-bin
yay -S xunlei-bin
yay -S alacarte
yay -S keepassxc
yay -S figma-linux-bin
yay -S pwgen
yay -S media-downloader
#多屏壁纸
yay -S hydrapaper
#录屏
yay -S kooha
sudo pacman -Syu ffmpeg vlc mpv celluloid
#Typora
#https://github.com/SSRVodka/typora-aur-1.9.3-1
wget https://github.com/SSRVodka/typora-aur-1.9.3-1/releases/download/1.9.3/typora_1.9.3_amd64.deb
debtap typora_1.9.3_amd64.deb
sudo pacman -U typora-1.9.3-1-x86_64.pkg.tar.zst

#ulauncher
#https://ulauncher.io/
cd /tmp && git clone https://aur.archlinux.org/ulauncher.git && cd ulauncher && makepkg -is


#Tweaks->Startup Applications
Betterbird
Ulauncher
Safe Eyes
Snipate
Feishu

#快捷键
Snipaste  Snipaste snip -> F1
ulauncher ulauncher-toggle -> Alt+Space
xdg-open  xdg-open . -> Super+E
显示桌面：搜索Hide all normal windows，设置Super+D

#kubectl:
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x ./kubectl
sudo mv kubectl /usr/local/bin/

#.zshrc
alias ll="ls -l"
alias history='history 1'
alias yay="yay --noconfirm --needed"
alias pacman="pacman --noconfirm --needed"
alias paru="paru --noconfirm --needed"
alias sudo='sudo '
alias rm="/works/shell/rm.sh"
alias k=kubectl
#source <(kubectl completion bash | sed s/kubectl/k/g)

function proxy_off(){
    unset http_proxy
    unset https_proxy
    echo -e "The proxy has been closed!"
}
function proxy_on() {
    export no_proxy="127.0.0.1,localhost,10.0.0.0/8,172.0.0.0/8,192.168.0.0/16,*.zerofinance.net,*.aliyun.com,*.163.com,*.docker-cn.com,registry.gcalls.cn"
    export http_proxy="http://127.0.0.1:1082"
    export https_proxy=$http_proxy
    echo -e "The proxy has been opened!"
}

. ~/.zshrc

#git
git config --global user.name "dave.zhao"
git config --global user.email dave.zhao@zerofinance.com
git config --global core.autocrlf false
git config --global core.safecrlf warn
git config --global core.filemode false
git config --global core.whitespace cr-at-eol
git config --global credential.helper store

Yay命令

https://wiki.archlinuxcn.org/wiki/Yay

https://ehewen.com/blog/yay/

功能	                  命令
搜索包（官方 + AUR）	      yay 包名
安装软件包	               yay -S 包名
升级所有包（含 AUR）	      yay -Syu
清理缓存文件	             yay -Sc
删除无用依赖	             yay -Yc
删除软件包及配置	          yay -Rns 包名
仅安装 AUR 包	             yay -S 包名 --aur
仅安装官方包	             yay -S 包名 --repo
搜索安装包	               yay -Ss 包名
查看包信息	               yay -Si 包名
查看包的文件路径	           yay -Ql 包名
查找某文件属于哪个包	       yay -Qo 路径
查看包的详情	              yay -Qi 包名
查看所有 AUR 安装包	        yay -Qm
清理系统垃圾	              yay -Sc && yay -Yc

howdy

#https://www.cnblogs.com/gardenialyx/p/19104354
#https://www.cnblogs.com/dingnosakura/p/18223572
yay -S howdy-git

#list camera
v4l2-ctl --list-devices

#修改 Howdy 配置文件
sudo vim /etc/howdy/config.ini
certainty = 4.5
device_path = /dev/video0


#如果你的摄像头有红外功能，还可以在最后一行加上这一句来让你的人脸识别在黑暗的环境下给你自动补光：
use_ir = true

#录入面部信息
#sudo howdy add -U dave
sudo howdy add

#删除人脸
#sudo howdy -U dave clear
sudo howdy clear

sudo vim /etc/pam.d/system-auth
#%PAM-1.0

auth sufficient pam_unix.so try_first_pass likeauth nullok
auth sufficient /usr/lib/security/pam_howdy.so

#测试人脸识别
sudo howdy test
#测试 sudo
sudo -i

扩展

#go to https://extensions.gnome.org/ and search:
Desktop Widgets(Desktop Clock)
Disable 3 Finger Gestures Redux
Input Method Panel

toupad

三指拖放：https://github.com/ferstar/gestures.git

#https://blog.ferstar.org/posts/linux-touchpad-gestures-drag/
#https://github.com/ferstar/blog/issues/73
wget https://github.com/ferstar/gestures/releases/download/v0.8.2/gestures-linux-x86_64.tar.gz
tar zxvf gestures-linux-x86_64.tar.gz
sudo cp -a gestures-linux-x86_64/gestures /usr/local/bin/

sudo pacman -S libinput xdotool
yay -S ydotool

#Start ydotool Service
systemctl --user enable --now ydotool

# 1. Generate config file (first time only)
gestures generate-config

✓ Configuration file created at: /home/dave/.config/gestures.kdl

Edit the file to customize your gestures:
  vim /home/dave/.config/gestures.kdl

After editing, reload the config:
  gestures reload

View full documentation:
  https://github.com/ferstar/gestures/blob/dev/config.md

# 2. Install service file
gestures install-service

# 3. Enable and start the service
systemctl --user enable --now gestures.service

#禁止休眠
# 一次性禁止所有休眠相关目标（sleep/suspend/hibernate/hybrid-sleep）
sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target
#恢复
sudo systemctl unmask sleep.target suspend.target hibernate.target hybrid-sleep.target

#iso to usb
#https://etcher.balena.io/
yay -S balena-etcher

ssh

sudo pacman -S openssh
sudo sed -i 's;#PermitRootLogin.*;PermitRootLogin yes;g' /etc/ssh/sshd_config
sudo systemctl enable sshd
sudo systemctl start sshd

Securecrt

#https://www.cnblogs.com/amsilence/p/19151338
#https://github.com/amsilence/Linux-tools
yay --editmenu --editor=nano -S scrt
#把里面的source地址改为：https://eli.xir.no/VanDyke/scrt-9.6.4-3695.ubuntu24-64.x86_64.deb
git clone https://github.com/amsilence/Linux-tools.git
cd Linux-tools
#rm -fr /tmp/.securecrt.tmp
chmod +x ./securecrt_linux_crack.pl
sudo ./securecrt_linux_crack.pl /usr/bin/SecureCRT
#注册:替换VanDyke目前后再继续，不然还得重复注册
Name: ygeR
Company: TEAM ZWT
Serial Number: 03-38-361120
Issue Date: 10-19-2025
License Key: ACVG1Z 96MXM2 UP86HH UDGR4C ABKBJK 2NW3BH ZC23H5 GEWB7W

Remote Desktop

#向日葵
https://comate.baidu.com/zh/page/lbqpmkldtwh

#rustdesk
https://rustdesk.com/zh-cn/
https://github.com/rustdesk/rustdesk

NVM

curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.4/install.sh | bash
. ~/.bashrc
#显示有远端的版本
#nvm ls-remote
#安装对应的版本
nvm install 12
nvm install 22
nvm alias default 22

Python Venv

#python -m venv /works/python_venv
#. /works/python_venv/bin/activate
wget https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh
bash Miniconda3-latest-Linux-x86_64.sh
#Python3.12
conda create --name py312 python=3.12
conda activate py312

waydroid

https://geek-blogs.com/blog/best-android-emulator-for-linux/

pip install dbus-python gbinder PyGObject
yay -S waydroid
sudo waydroid init -s GAPPS
sudo systemctl start waydroid-container
# 启动 Waydroid 图形界面
waydroid show-full-ui

#完全停止
waydroid session stop
sudo systemctl stop waydroid-container

Fix: This device isn’t Play Protect certified

#获取 Waydroid 的 Android ID（GSF ID）
sudo waydroid shell -- sh -c "sqlite3 /data/data/com.google.android.gsf/databases/gservices.db 'select value from main where name = \"android_id\";'"
#输出是一串长数字（比如 1234567890123456789），这就是你的 android_id。

在浏览器注册设备

打开任何浏览器（Manjaro 的 Firefox/Chrome 都行），访问：
https://www.google.com/android/uncertified
用你要登录 Play Store 的 同一个 Google 账号 登录。
输入刚才复制的 android_id（只复制数字，不要带 android_id|）。
完成 reCAPTCHA（可能要点图片验证）。
点击 Register。
页面会显示 “Device registered” 或类似（如果卡住不动，别慌，注册已成功）。

等待 + 清理缓存（关键步骤，很多坑在这里）
注册后 不要马上登录 Play Store，等 5-30 分钟（有时需几小时，Google 服务器同步慢）。
在 Waydroid 里：
去 设置 > 应用 > 查看所有应用 > Google Play Store → 强制停止 + 清除缓存 + 清除数据。
同上，对 Google Play Services 也清除缓存（别清数据，除非必要）。

重启 Waydroid：

waydroid session stop
sudo systemctl restart waydroid-container
waydroid show-full-ui

安装apk

waydroid session start
waydroid app install /path/to/your.apk

Samba

sudo pacman -Syu samba smbclient

#共享 /works/share 文件夹
sudo vim /etc/samba/smb.conf
[share]
   comment = share
   path = /works/share
   browseable = yes
   writable = yes
   create mask = 0700
   directory mask = 0700
   valid users = dave

#创建共享目录并设置权限
mkdir -p /works/share
chmod 777 /works/share

#添加 Samba 用户
sudo smbpasswd -a $USER
# 启用该用户
sudo smbpasswd -e $USER

#禁用AppArmor
sudo aa-complain /usr/sbin/smbd

#启动并设置为开机自启
sudo systemctl enable --now smb

#检查状态
sudo systemctl status smb
# 检查配置文件是否有语法错误
testparm

#连接测试
smbclient //192.168.3.10/share -U dave

aria2

yay -Syu aria2

mkdir -p /works/aria2 /works/aria2/Downloads
vim /works/aria2/aria2.conf
# 基本设置
dir=/works/aria2/Downloads
file-allocation=falloc
continue=true
allow-overwrite=true

# 速度与连接优化（根据你带宽调整）
max-concurrent-downloads=10
max-connection-per-server=16
min-split-size=1M
split=16

# RPC 设置（给 AriaNg、Motrix、手机App等前端用，必开）
enable-rpc=true
rpc-listen-all=true
rpc-listen-port=6800
rpc-secret=Aa123456
rpc-allow-origin-all=true

# BT相关（可选）
enable-dht=true
enable-peer-exchange=true
bt-enable-lpd=true
bt-max-peers=0
seed-ratio=0.0

# 其他优化
disk-cache=64M
http-accept-gzip=true
user-agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36

#测试启动
aria2c --conf-path=/works/aria2/aria2.conf

#做成 systemd服务
sudo nano /etc/systemd/system/aria2.service
[Unit]
Description=aria2 download utility
After=network.target

[Service]
Type=simple
User=dave
ExecStart=/usr/bin/aria2c --conf-path=/works/aria2/aria2.conf --log=/works/aria2/aria2.log
Restart=on-failure
RestartSec=5

[Install]
WantedBy=default.target

sudo systemctl daemon-reload
sudo systemctl enable --now aria2.service
sudo systemctl status aria2

# nano ~/.config/systemd/user/aria2.service
# systemctl --user daemon-reload
# systemctl --user enable --now aria2.service
# systemctl --user status aria2

#aria2-explorer 
https://chromewebstore.google.com/detail/aria2-explorer/mpkodccbngfoacfalldjimigbofkhgjn?pli=1
系统设置->常规设置：配置对应的RPC即可

openwrt

安装后，配置好网络。DHCP/DNS -> 过滤器 -> 勾掉”重绑定保护”

中文包

OpenWRT -> System -> Software -> Filter
填入： luci-i18n-base-zh-cn

theme-argon

参考以下文章安装主题：https://kwx.cc/post/3880

#https://github.com/jerrykuku/luci-theme-argon
#https://github.com/jerrykuku/luci-app-argon-config
wget https://github.com/jerrykuku/luci-theme-argon/releases/download/v2.3.2/luci-theme-argon_2.3.2-r20250207_all.ipk -O luci-theme-argon_2.3.2-r20250207_all.ipk

opkg update
opkg install luci-theme-argon_2.3.2-r20250207_all.ipk

#https://github.com/Openwrt-Passwall/openwrt-passwall /etc/config/passwall opkg install kmod-nft-socket
#https://github.com/lxiaya/openwrt-homeproxy  /etc/config/homeproxy
#https://github.com/vernesong/openclash

###

ocserv

opkg update
opkg install ocserv luci-app-ocserv luci-i18n-ocserv-zh-cn

##vim /etc/sysctl.conf 
#net.ipv4.ip_forward=1
#net.ipv4.conf.all.proxy_arp=1

#sysctl -p

通用配置：

用户身份验证: plan
端口： 443
VPN IPv4–网络地址： 192.168.4.1
DNS 服务器： 223.5.5.5

用户设置中配置账户信息即可。

配置vpns+规则：

进入：网络->防火墙->常规设置：

#路由器模式：
#wan/lan: 
"入站数据	出站数据	区域内转发":都接受，勾选“IP 动态伪装“
#lan: 编辑：
高级设置：覆盖的设备：vpns+  地址族限制：仅IPv4
#防火墙 - 通信规则: 
名称：Allow-Ocserv，源区域: wan  目标端口: 14443 操作:接受

#旁路由模式：
#lan: 
"入站数据	出站数据	区域内转发":都接受，勾选“IP 动态伪装“
#lan: 编辑：
高级设置：覆盖的设备：vpns+  地址族限制：仅IPv4
#防火墙 - 通信规则（旁路由模式）: 
名称：Allow-Ocserv，源区域: lan  目标端口: 14443 操作:接受

配置其他网段的route:

#vim /etc/config/ocserv

config routes
        option ip '192.168.111.0/24'
        option netmask '255.255.255.0'

config routes
        option ip '192.168.112.0/24'
        option netmask '255.255.255.0'
......

#重启
/etc/init.d/ocserv restart

ssl证书：

#VPN->OpenConect VPN->编辑模板：
server-cert = /data/ocserv/ssl/xxxx.net.pem
server-key = /data/ocserv/ssl/xxxx.net.key
#提交并重启
/etc/init.d/ocserv restart

#blog的备份文件：backup/vpn/ocserv.zip

手机openconnect后，dns无效时，把DNS从8.8.8.8改为223.5.5.5即可

Proxmox

安装debain 13

#下载debain
#https://www.debian.org/CD/http-ftp/
#https://mirror.lzu.edu.cn/debian-cd/13.3.0/
wget https://mirror.lzu.edu.cn/debian-cd/13.3.0/amd64/iso-dvd/debian-13.3.0-amd64-DVD-1.iso
#正常安装系统

安装Proxmox 9

#安装Proxmox 9 on debain 13，按照以下文档安装即可
#https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_13_Trixie

#Connect to the Proxmox VE Web Interface
Connect to the admin web interface (https://your-ip-address:8006). 
If you have a fresh install and have not added any users yet, you should select PAM authentication realm 
and login with root user account.

创建网桥

Create a Linux Bridge called vmbr0, and add your first network interface to it.

The recommended default configuration can be adapted from the example given in the documentation.
See the default configuration using a bridge：
https://pve.proxmox.com/wiki/Network_Configuration#_default_configuration_using_a_bridge

编辑文件：

vim /etc/network/interfaces:

auto lo
iface lo inet loopback

iface enp1s0 inet manual
iface enp2s0 inet manual
iface wlo1 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.3.10/24
        gateway 192.168.3.1
        bridge-ports enp1s0
        bridge-stp off
        bridge-fd 0

        post-up   echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '192.168.3.0/24' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '192.168.3.0/24' -o vmbr0 -j MASQUERADE

#重新加载：
apt install ifupdown2
ifreload -a

安装CT

#https://mirrors.ustc.edu.cn/help/proxmox.html
#https://prox4-rs5.gd.ddnsto.com/pve-docs/chapter-pct.html#pct_container_images
pveam update
pveam available

#安装ubuntu 24
pveam download local ubuntu-24.04-standard_24.04-2_amd64.tar.zst
pveam list local

宿主机进入容器：

#在web界面安装好后，宿主机进入容器
> pct enter <容器id>
nano /etc/ssh/sshd_config
# 找到 PermitRootLogin，修改为：
PermitRootLogin yes
# 重启服务
systemctl restart ssh

#配置文件位于宿主机：nano /etc/pve/lxc/<ct-id>.conf

Openwrt

#https://downloads.openwrt.org/releases/25.12.0/targets/x86/64/
cd /var/lib/vz/template/cache/
#wget https://downloads.openwrt.org/releases/25.12.0/targets/x86/64/openwrt-25.12.0-x86-64-rootfs.tar.gz
wget https://downloads.openwrt.org/releases/24.10.5/targets/x86/64/openwrt-24.10.5-x86-64-rootfs.tar.gz

pct create 100 /var/lib/vz/template/cache/openwrt-24.10.5-x86-64-rootfs.tar.gz \
  --arch amd64 \
  --hostname OpenWrt-24.10 \
  --rootfs local:1 \
  --memory 512 \
  --cores 1 \
  --ostype unmanaged \
  --net0 name=eth0,bridge=vmbr0,ip=192.168.3.3/24,gw=192.168.3.1 \
  --unprivileged 0

#在web界面安装好后，宿主机进入容器:安装后IP有些问题，需要手动进入容器改一下IP
> pct enter <容器id>
vi /etc/config/network
...
config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        list ipaddr '192.168.3.3/24'
        option ip6assign '60'
        option gateway '192.168.3.1'
        option multipath 'off'

#/etc/resolv.conf是软链，不能被修改，需要删除重建
# 删除现有的软链接
rm /etc/resolv.conf

# 创建一个真实的普通文件并写入你的 DNS
cat <<EOF > /etc/resolv.conf
search lan
nameserver 223.5.5.5
nameserver 8.8.8.8
EOF

...
#reboot

Arch linux

#http://download.proxmox.com
cd /var/lib/vz/template/cache/
wget http://download.proxmox.com/images/system/archlinux-base_20240911-1_amd64.tar.zst
# 或用镜像：https://images.linuxcontainers.org/
wget https://images.linuxcontainers.org/images/archlinux/current/amd64/default/20260310_04:18/rootfs.tar.xz
# 重命名成更易认的（Proxmox 会显示这个名字）
mv rootfs.tar.xz archlinuxarm-amd64-latest.tar.gz

#arm64
wget http://os.archlinuxarm.org/os/ArchLinuxARM-aarch64-latest.tar.gz

#配置：
cd /etc/systemd/network/,删除无用的network配置，否则ip获取错误。
#DisableSandbox
#打开配置文件：
nano /etc/pacman.conf
找到 [options] 部分，添加：
DisableSandbox
#Upgrade:
pacman-key --init
pacman-key --populate archlinuxarm
pacman -Sy archlinux-keyring
pacman -Syu

#安装yay
nano /etc/pve/lxc/102.conf
features: nesting=1
lxc.cap.drop: 
# 安装 sudo（如果还没装）
pacman -Syu sudo
# 创建新用户（例如叫 builduser）
useradd -m dave
passwd dave
# 将用户加入 wheel 组并允许 sudo
# 使用 visudo 去掉 '%wheel ALL=(ALL:ALL) ALL' 前面的注释
echo 'dave ALL=(ALL:ALL) ALL' >> /etc/sudoers
# 切换到该用户
su - dave
pacman -S --needed git base-devel
git clone https://aur.archlinux.org/yay.git
cd yay
makepkg -si

Ubuntu arm64

#https://github.com/jiangcuo/pxvirt/issues/174
#https://jenkins.linuxcontainers.org/job/image-ubuntu/
wget -O "ubuntu-noble-20250409_arm64.tar.xz" "https://jenkins.linuxcontainers.org/job/image-ubuntu/architecture=arm64,release=noble,variant=default/lastSuccessfulBuild/artifact/rootfs.tar.xz"