Aggiunto vari dotfiles

etc/NetworkManager/NetworkManager.conf

@@ -0,0 +1,5 @@
+[main]
+plugins=ifupdown,keyfile
+
+[ifupdown]
+managed=true

etc/NetworkManager/conf.d/00-macrandomize.conf

@@ -0,0 +1,7 @@
+[device]
+wifi.scan-rand-mac-address=yes
+
+[connection]
+wifi.cloned-mac-address=random
+ethernet.cloned-mac-address=random
+

etc/default/grub

@@ -0,0 +1,40 @@
+# If you change this file or any /etc/default/grub.d/*.cfg file,
+# run 'update-grub' afterwards to update /boot/grub/grub.cfg.
+# For full documentation of the options in these files, see:
+#   info -f grub -n 'Simple configuration'
+
+GRUB_DEFAULT=0
+GRUB_TIMEOUT=5
+GRUB_DISTRIBUTOR=`( . /etc/os-release; echo ${NAME:-Debian} ) 2>/dev/null || echo Debian`
+GRUB_CMDLINE_LINUX_DEFAULT="quiet systemd.show_status=1"
+GRUB_CMDLINE_LINUX=""
+GRUB_PASSWORD=""
+
+# If your computer has multiple operating systems installed, then you
+# probably want to run os-prober. However, if your computer is a host
+# for guest OSes installed via LVM or raw disk devices, running
+# os-prober can cause damage to those guest OSes as it mounts
+# filesystems to look for things.
+#GRUB_DISABLE_OS_PROBER=false
+
+# Uncomment to enable BadRAM filtering, modify to suit your needs
+# This works with Linux (no patch required) and with any kernel that obtains
+# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
+#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"
+
+# Uncomment to disable graphical terminal
+#GRUB_TERMINAL=console
+
+# The resolution used on graphical terminal
+# note that you can use only modes which your graphic card supports via VBE/GOP/UGA
+# you can see them in real GRUB with the command `videoinfo'
+GRUB_GFXMODE=1920x1080
+
+# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
+#GRUB_DISABLE_LINUX_UUID=true
+
+# Uncomment to disable generation of recovery mode menu entries
+#GRUB_DISABLE_RECOVERY="true"
+
+# Uncomment to get a beep at grub start
+#GRUB_INIT_TUNE="480 440 1"

etc/default/snapper

@@ -0,0 +1,9 @@
+## Path: System/Snapper
+
+## Type:        string
+## Default:     ""
+# List of snapper configurations.
+SNAPPER_CONFIGS="root"
+
+# if you want to disable snapshot per install/upgrade, then set "yes"
+DISABLE_APT_SNAPSHOT="no"

etc/default/ufw

@@ -0,0 +1,47 @@
+# /etc/default/ufw
+#
+
+# Set to yes to apply rules to support IPv6 (no means only IPv6 on loopback
+# accepted). You will need to 'disable' and then 'enable' the firewall for
+# the changes to take affect.
+IPV6=no
+
+# Set the default input policy to ACCEPT, DROP, or REJECT. Please note that if
+# you change this you will most likely want to adjust your rules.
+DEFAULT_INPUT_POLICY="DROP"
+
+# Set the default output policy to ACCEPT, DROP, or REJECT. Please note that if
+# you change this you will most likely want to adjust your rules.
+DEFAULT_OUTPUT_POLICY="ACCEPT"
+
+# Set the default forward policy to ACCEPT, DROP or REJECT.  Please note that
+# if you change this you will most likely want to adjust your rules
+DEFAULT_FORWARD_POLICY="DROP"
+
+# Set the default application policy to ACCEPT, DROP, REJECT or SKIP. Please
+# note that setting this to ACCEPT may be a security risk. See 'man ufw' for
+# details
+DEFAULT_APPLICATION_POLICY="SKIP"
+
+# By default, ufw only touches its own chains. Set this to 'yes' to have ufw
+# manage the built-in chains too. Warning: setting this to 'yes' will break
+# non-ufw managed firewall rules
+MANAGE_BUILTINS=no
+
+#
+# IPT backend
+#
+# only enable if using iptables backend
+IPT_SYSCTL=/etc/ufw/sysctl.conf
+
+# Extra connection tracking modules to load. IPT_MODULES should typically be
+# empty for new installations and modules added only as needed. See
+# 'CONNECTION HELPERS' from 'man ufw-framework' for details. Complete list can
+# be found in net/netfilter/Kconfig of your kernel source. Some common modules:
+# nf_conntrack_irc, nf_nat_irc: DCC (Direct Client to Client) support
+# nf_conntrack_netbios_ns: NetBIOS (samba) client support
+# nf_conntrack_pptp, nf_nat_pptp: PPTP over stateful firewall/NAT
+# nf_conntrack_ftp, nf_nat_ftp: active FTP support
+# nf_conntrack_tftp, nf_nat_tftp: TFTP support (server side)
+# nf_conntrack_sane: sane support
+IPT_MODULES=""

etc/default/zramswap

@@ -0,0 +1,22 @@
+# Compression algorithm selection
+# speed: lz4 > zstd > lzo
+# compression: zstd > lzo > lz4
+# This is not inclusive of all that is available in latest kernels
+# See /sys/block/zram0/comp_algorithm (when zram module is loaded) to see
+# what is currently set and available for your kernel[1]
+# [1]  https://github.com/torvalds/linux/blob/master/Documentation/blockdev/zram.txt#L86
+ALGO=lz4
+
+# Specifies the amount of RAM that should be used for zram
+# based on a percentage the total amount of available memory
+# This takes precedence and overrides SIZE below
+PERCENT=50
+
+# Specifies a static amount of RAM that should be used for
+# the ZRAM devices, this is in MiB
+#SIZE=256
+
+# Specifies the priority for the swap devices, see swapon(2)
+# for more details. Higher number = higher priority
+# This should probably be higher than hdd/ssd swaps.
+#PRIORITY=100

etc/fstab

@@ -0,0 +1,17 @@
+# <file system> <mount point>   <type>  <options>       <dump>  <pass>
+# /boot was on /dev/nvme0n1p2 during installation
+UUID=4459df68-1076-47ef-bd54-3bdb2d9879d4 /boot           ext4    defaults        0       2
+# /boot/efi was on /dev/nvme0n1p1 during installation
+UUID=420D-B320  /boot/efi       vfat    umask=0077      0       1
+
+/dev/mapper/VG0-LV0 /	btrfs	noatime,space_cache=v2,compress=zstd:1,ssd,discard=async,subvol=@	0	0
+/dev/mapper/VG0-LV0 /.snapshots	btrfs	noatime,space_cache=v2,compress=zstd:1,ssd,discard=async,subvol=@snapshots	0	0
+/dev/mapper/VG0-LV0 /home	btrfs	noatime,space_cache=v2,compress=zstd:1,ssd,discard=async,subvol=@home	0	0
+/dev/mapper/VG0-LV0 /var/cache	btrfs	noatime,space_cache=v2,compress=zstd:1,ssd,discard=async,subvol=@cache	0	0
+/dev/mapper/VG0-LV0 /var/crash	btrfs	noatime,space_cache=v2,compress=zstd:1,ssd,discard=async,subvol=@crash	0	0
+/dev/mapper/VG0-LV0 /var/lib/AccountsService	btrfs	noatime,space_cache=v2,compress=zstd:1,ssd,discard=async,subvol=@AccountsService	0	0
+/dev/mapper/VG0-LV0 /var/lib/gdm3	btrfs	noatime,space_cache=v2,compress=zstd:1,ssd,discard=async,subvol=@gdm	0	0
+/dev/mapper/VG0-LV0 /var/log	btrfs	noatime,space_cache=v2,compress=zstd:1,ssd,discard=async,subvol=@log	0	0
+/dev/mapper/VG0-LV0 /var/tmp	btrfs	noatime,space_cache=v2,compress=zstd:1,ssd,discard=async,subvol=@tmp	0	0
+
+/dev/md1 /media/dado/Backup ext4 defaults,nofail,x-systemd.device-timeout=15  0 2

etc/snapper/configs/root

@@ -0,0 +1,63 @@
+
+# subvolume to snapshot
+SUBVOLUME="/"
+
+# filesystem type
+FSTYPE="btrfs"
+
+
+# btrfs qgroup for space aware cleanup algorithms
+QGROUP=""
+
+
+# fraction or absolute size of the filesystems space the snapshots may use
+SPACE_LIMIT="0.5"
+
+# fraction or absolute size of the filesystems space that should be free
+FREE_LIMIT="0.2"
+
+
+# users and groups allowed to work with config
+ALLOW_USERS=""
+ALLOW_GROUPS="sudo"
+
+# sync users and groups from ALLOW_USERS and ALLOW_GROUPS to .snapshots
+# directory
+SYNC_ACL="yes"
+
+
+# start comparing pre- and post-snapshot in background after creating
+# post-snapshot
+BACKGROUND_COMPARISON="yes"
+
+
+# run daily number cleanup
+NUMBER_CLEANUP="yes"
+
+# limit for number cleanup
+NUMBER_MIN_AGE="1800"
+NUMBER_LIMIT="10"
+NUMBER_LIMIT_IMPORTANT="10"
+
+
+# create hourly snapshots
+TIMELINE_CREATE="yes"
+
+# cleanup hourly snapshots after some time
+TIMELINE_CLEANUP="yes"
+
+# limits for timeline cleanup
+TIMELINE_MIN_AGE="1800"
+TIMELINE_LIMIT_HOURLY="5"
+TIMELINE_LIMIT_DAILY="7"
+TIMELINE_LIMIT_WEEKLY="0"
+TIMELINE_LIMIT_MONTHLY="0"
+TIMELINE_LIMIT_YEARLY="0"
+
+
+# cleanup empty pre-post-pairs
+EMPTY_PRE_POST_CLEANUP="yes"
+
+# limits for empty pre-post-pair cleanup
+EMPTY_PRE_POST_MIN_AGE="1800"
+