Finally, a few days ago, I enabled the service. I also created a package with the mirror’s list, userrepository-mirrors, available in my repository and AUR. The package has all the instructions for enabling the mirrors and what to do if you already have userrepository in your /etc/pacman.conf configuration.
The mirror service syncs every 4 hours. After each build, partial or full, the updated packages will be pushed to the servers with rsync.
If you’re wondering why it took me so long, the answer is simple: fibromyalgia and pain 24/7.
It took me a while to update you about the latest changes to my Arch and Arch-compatible Linux distributions repository. But first, let me apologize for the delay: work, personal life and, for about 3 weeks now, a horrible back pain (that just doesn’t stop, even with an handful of medication) have kept me from doing this in the time frame I expected.
First on the “agenda”, I experimented with increasing the zstd compression level for the packages like I said I would do in my last post about the repository. The trade-off was not worth it: the increase in packaging time was far superior to the small decrease in package size. So, I’ll keep the zstd compression level to “-12” in the foreseeable future.
Also, up to a few days ago, I would manually update the packages and, from time to time, do a full build. Now, I’m using a cron job and pueue to manage the tasks and it always does a full build.
If you don’t know pueue, this application is a command-line task management tool for sequential and parallel execution of long-running tasks. Besides adding tasks, you can watch the logs for them, the exit codes and even follow what the task is doing (just like using “tail -f /destination/file“). But pueue can do much more. Go check it out at Github.
Userrepository.eu also has a few more packages. For example: vimtips, wego, wttr, plymouth and performance-tweaks. All of them are at AUR and at the Git repository where I have userrepository.eu sources, if you want to take a look at the commits (just ignore some of the commit messages, because I can be lazy with them at times ^^’).
One last thing: please become a Patron if you want to support userrepository.eu. Even €1 will help cover the monthly expenses, just over €15. If I get enough patrons, I’ll be able to upgrade the virtual machine to one with better specs, which will allow a higher package compression level, shorter build times and maybe even packaged kernels. Thank you!
Now you are ready to start the Wireguard daemon, so it can accept connections. Just run:
wg-quick up wg0
Some things to know
Address: the private IPv4 addresses (you can also use IPv6 addresses) for the Wireguard server subnet. In this example, clients connection to the server will be assigned IPs ranging from 10.200.200.1 to 10.200.200.254.
ListenPort: the port where Wireguard will listen. Don’t forget to open it in your firewall.
PrivateKey: the content from server-private.key.
PostUp and PostDown: defines steps to be run after the interface is turned on or off, respectively. In this case, iptables is used to set IP masquerade rules to allow all the clients to share the server’s IPv4 address. The rules will then be cleared once the tunnel is down. Don’t forget to change eth0 to your server’s network device.
PublicKey: the content from laptop-public.key.
AllowedIPs: the subnet IP assigned to that client when it connects to the server
Set up the client
On the client side, you’ll also have to install Wireguard. If you’re using Debian, Ubuntu or any distribution based on the previous two, the command will be the same (I’m assuming Ubuntu uses the same package names. If not, change it to your needs). In Arch, the distribution I’m currently using, you can install packages with:
pacman -Syuv wireguard-dkms wireguard-tools
Configure the Wireguard client
Create the /etc/wireguard/wg0.conf file and populate it with the following content:
Address = 10.200.200.2/24
PrivateKey = <copy private key from laptop-private.key>
PublicKey = <copy public key from server-public.key>
AllowedIPs = 0.0.0.0/0
Endpoint = xxx.xxx.xxx.xxx:51820
PersistentKeepalive = 25
Some things to know
Addresss: the client’s IP address in Wiregard’s subnet.
PrivateKey: the content from laptop-private.key.
PublicKey: the content from server-public.key.
AllowedIPs: set it to 0.0.0.0/0 to forward all IPv4 traffic through Wireguard.
Endpoint: the server IP address, followed by the port to connect to.
PersistentKeepalive: the number of seconds you wish the client sends a keepalive packet to the server. This is useful if the client is behind NAT or a firewall
Test the connection
On the client side, run wg-quick up wg0. You should now have a working Wireguard connection just like any VPN.
If you found a typo or an error, please use the comment box to report it. Also, if you found the post useful, please share it on social media, so it can reach a larger audience.
My Arch buildbot, Jarvis, received an update today in the options logic. Now, it can receive an argument in the add (-a) and delete (-d) options, so the user can specify the package to add or delete.
The option to add a package, for now, only works for AUR. If you want to add a package that’s not in AUR, you’ll need to manually add the submodule. In the future, Jarvis will allow you to use a git repository with a PKGBUILD file.
I’ve been using Arch or Arch-based distributions for over a year now. In this time testing a few of them, I’ve always lacked a simple and logical way of installing the same “essential” software. To tackle this, I’ve created a metapackage with all this software and this is what I’ve got so far: