The main thing keeping me from trying out Omarchy is the pain of setting up multiple displays. I haven't tried Hyprland, but whenever I've tried a non-mainstream desktop/wm in Linux that was the worst, especially if your setup changes often (as in, you have a laptop and move around and plug it in different places).
May be that just means I'm not enough of a tinkerer for these setups.
Is it a hard problem to remember more than one configuration and link them to the displays connected to your computer? Or is it just that Omarchy users really don't mind editing monitor.conf[1] often?
I use swaywm and kanshi [0]. It's write once, forget forever. I have one config for each of the display compositions I have (office, home, gaming, eDP...), and "it just works".
I don't really need it, but maybe my setup is too simple. I set my laptop monitor to auto-right, external display to auto-left and that's it. Set it and forget it for me.
Since Hyprland still supports wlr-output-management (AFAIK) you can use tools like wlr-randr and nwg-displays. I don't use Hyprland but I used Sway for many years and support for multiple outputs was top notch. You did have to edit your text-based Sway config file, since a major part of the draw for Sway was an i3-like mantra, but you could do declarative configuration for both output and input devices, and it worked well with hot plugging. Combined with handling mixed DPI setups better, the general situation feels a lot better for using multiple monitors with Linux these days.
Editing a text file to configure displays is definitely an acquired taste, though. Maybe Omarchy needs some utilities to provide a UI around those config files.
I was worried about that too but switching from one monitor to multiple ended up being plug and play for me. I installed hypermon before thinking I would need it, but I didn't as I got lucky that the monitors positioned themselves correctly and there was nothing else that needed to be changed otherwise.
I just have a bash script that runs on startup which just greps the output of xrandr to determine if I am connected to home/office/no monitors and then runs the appropriate xrandr commands to config them.
On the occasion when I (dis)connect monitors without restarting the laptop, I just have some command line aliases (home/office/laptop) which run the appropriate config
Yes, but you can have a similar setup to what he is describing, just with different commands.
I'm using niri instead hyperland.
I can either use `sed` on it's configuration file (on/off, resolution, position) or for some of its configurations I can use the cli (for output scale).
I recently moved my gaming desktop to CachyOS from Manjaro, but I have no idea what Omarchy is or whether or not I want it, and there's not a single link in the README.
> Omarchy skips installation of a login display manager. Instead, Hyprland autostarts and password protection is provided upon boot by the LUKS full disk encryption service.
My desktop box is running bazzite and is only used for gaming. I treat it has a console really, it isn't even connected to the internet and doesn't even receive updates unless I want to download a new game. It doesn't have any private data, the only secret I might have is that steam is already logged on but I don't have any payment account/card setup on my steam account.
Appart from the internet connection that might be useful for those gaming online I would expect most gamer machines would be like that.
Unix systems are inherently very multi-user (check how many lines are in your /etc/passwd!). Other login users would just need to log into via other means (ssh/etc..).*
Right...you still need a regular login user (and probably a good idea to have a password set)...also for things like sudo. But that facet wasn't one that actually concerned me with this setup
Normally I'd say I would be exactly the type of person that would use such a thing. But what scares me away and makes me stay with vanilla KDE Plasma is that perceived upfront cost of having to relearn everything and having to customize for hours to then have something that feels 100% better in some and 100% worse in other situations.
Maybe that just means I am currently at a point in my life where I haven't got the time or energy to play around with these things. I'd rather have KDE Plasma with a hint of tiling window manager than a tiling window manager with a hint of Plasma, if you get what I mean.
Omarchy and CachyOS are very interesting but they do not look serious about security [0] [1].
I mean in this day and age we all agree you need disk encryption (for a least 20 years) but what about SELinux, application sandboxing for example?
Especially for a desktop OS like Omarchy shipped with a bunch of apps and "plugins".
This has been a Linux Desktop weakness for more than a decade (compared to macOS, Windows and Android). App sandboxing is a bit sketchy and hard to get right.
The fact they do not explicitly state their strategy regarding those things make me believe this is a bit amateurish.
> Especially for a desktop OS like Omarchy shipped with a bunch of apps and "plugins".
Omarchy is _just_ a set of scripts to have a nice looking Arch Linux and some helper scripts for day to day tasks. It's not a distribution per se, it doesn't have repositories or packages of its own.
Therefore, your criticism of app sandboxing is more for Arch than Omarchy IMHO.
> Therefore, your criticism of app sandboxing is more for Arch than Omarchy IMHO.
I've never been an Arch user but deeply respect the project since their wiki as always been my favorite documentation.
From what I understand Arch is very much DIY, non opinionated and you you need to decide and build the security level / strategy that fit your needs. It seems you can go Flatpak, SELinux but only if you want.
I was kind of lurking for an equivalent of SecureBlue in the Arch world, meaning an Arch derived distro with a strong security posture. Allowing me to get started without worrying too much about it.
At the end of the day, you do you, but my experience with SElinux is that using it on the desktop is vastly overkill.
At a high level, the essence of SElinux is to limit the possibilities of exploitation and escalation by carefully specifying which process can access which resources in which context. Now that makes sense for a server opened to the www, or a host shared with untrusted users. But Omarchy is a _sole developer_ focused flavor of Arch Linux, think your typical dev laptop. There's no service exposed there, you most likely can't even listen on the internet behind your typical home router. The realistic threats that you face is your laptop being stolen (which is why LUKS is a default) or your laptop sitting unlocked (which is why hypridle & hyprlock are a default).
Of course there's always the tails of a compromised software, but it's much more unlikely.
The distributed development model makes it tricky, because distributions themselves aren't necessarily the developers of sandboxing solutions, there's multiple approaches, many are incompatible with each other, none are fully mature and support every tool users could realistically want to run.
Same with selinux/apparmor/competitors, they're all mutually exclusive to some degree and have different pros and cons. RHEL shoves selinux down everyone's throat without caring how well that works in practice, and coincidentally 100% of RHEL systems I've interacted with have it disabled.
Until there's solutions that are mature, the best solution for distros is still to let users choose the lesser evil for their specific use case.
I skipped through the 38 minutes and landed on like 8 instances were he was switching themes/wallpaper and 4 showing of bash scripts that opens a webpage. It looks like all the fluxbox/openbox themed minimal desktops in the 2000s - function follows form. Feels really performative.
Its basically LARBS or an autoricing script. But its happening in kind of a cultural moment where Linux gaming is good enough and Windows is bad enough for people to see ricing and say "I want that!"
I think it is function follows form, but it turns out a lot of people actually want that.
Not to mention - if you're coming from Windows or MacOS and you've never had real tiling before, you could install a bunch of goofy electron launchers or whatever and still get form improvements.
I'm not a Rails guy, so I've always kind of thought their scaffolding system was a little silly. It's going to autogenerate a config and then I also have to edit it?
But I'm coming to terms with the idea that there is actually tremendous value to lowering the barrier to entry as much as possible, and providing scaffolding for people to learn along the way
DHH switched from Mac to Linux and is in the process of experimenting with his setup, but since he's famous within tech, it's getting a lot of attention. There's really nothing special about it.
Haven't "launchers" existed for decades at this point though? I remember Crunchbang (RIP) having something similar for example, and that must have been almost two decades ago at this point.
The main thing keeping me from trying out Omarchy is the pain of setting up multiple displays. I haven't tried Hyprland, but whenever I've tried a non-mainstream desktop/wm in Linux that was the worst, especially if your setup changes often (as in, you have a laptop and move around and plug it in different places).
May be that just means I'm not enough of a tinkerer for these setups.
Is it a hard problem to remember more than one configuration and link them to the displays connected to your computer? Or is it just that Omarchy users really don't mind editing monitor.conf[1] often?
[1]: https://learn.omacom.io/books/2/pages/86
I use swaywm and kanshi [0]. It's write once, forget forever. I have one config for each of the display compositions I have (office, home, gaming, eDP...), and "it just works".
[0] https://gitlab.freedesktop.org/emersion/kanshi
The community has written a TUI for this: https://github.com/erans/hyprmon
I don't really need it, but maybe my setup is too simple. I set my laptop monitor to auto-right, external display to auto-left and that's it. Set it and forget it for me.
If your external display isn't connected, what happens? Does Hyprland ignore that line from the config without an error and everything works normally?
It's ignored. This setup wouldn't suffice if my external displays used different scaling though, currently they all work fine at scale 1 for me.
Since Hyprland still supports wlr-output-management (AFAIK) you can use tools like wlr-randr and nwg-displays. I don't use Hyprland but I used Sway for many years and support for multiple outputs was top notch. You did have to edit your text-based Sway config file, since a major part of the draw for Sway was an i3-like mantra, but you could do declarative configuration for both output and input devices, and it worked well with hot plugging. Combined with handling mixed DPI setups better, the general situation feels a lot better for using multiple monitors with Linux these days.
Editing a text file to configure displays is definitely an acquired taste, though. Maybe Omarchy needs some utilities to provide a UI around those config files.
I was worried about that too but switching from one monitor to multiple ended up being plug and play for me. I installed hypermon before thinking I would need it, but I didn't as I got lucky that the monitors positioned themselves correctly and there was nothing else that needed to be changed otherwise.
I simply have an NVIDIA card and I’m afraid of Hyprland because of that
I just have a bash script that runs on startup which just greps the output of xrandr to determine if I am connected to home/office/no monitors and then runs the appropriate xrandr commands to config them.
On the occasion when I (dis)connect monitors without restarting the laptop, I just have some command line aliases (home/office/laptop) which run the appropriate config
Correct me if I'm wrong but Hyprland is Wayland so xrandr is no go.
There are some utilities for this though. nwg-displays comes to mind
Yes, but you can have a similar setup to what he is describing, just with different commands.
I'm using niri instead hyperland. I can either use `sed` on it's configuration file (on/off, resolution, position) or for some of its configurations I can use the cli (for output scale).
But why is this necessary? Isn't Omarchy the opinionated setup... and that is all you need?
The README on this github link does not explain to me why this is necessary, or why someone is doing it.
It should probably start with WTF is Omarchy.
I recently moved my gaming desktop to CachyOS from Manjaro, but I have no idea what Omarchy is or whether or not I want it, and there's not a single link in the README.
Guess I'll go look it up.
Omarchy is an “opinionated” Arch distro by dhh of Ruby on Rails and Basecamp/Hey fame
> Omarchy skips installation of a login display manager. Instead, Hyprland autostarts and password protection is provided upon boot by the LUKS full disk encryption service.
Pretty unconventional...Is this a bad idea?
Can't be multiuser
And that's a reasonable tradeoff - In 30 years of using Linux, I've only used machines that were actually treated as multi-user on the server side.
There's space for both - some people do need password protected separate users, but not all of us do.
Also not ideal for security if you like to sleep/hibernate on a laptop.
Who am I kidding, how many laptops actually sleep or hibernate properly when running Linux anyway...
My desktop box is running bazzite and is only used for gaming. I treat it has a console really, it isn't even connected to the internet and doesn't even receive updates unless I want to download a new game. It doesn't have any private data, the only secret I might have is that steam is already logged on but I don't have any payment account/card setup on my steam account.
Appart from the internet connection that might be useful for those gaming online I would expect most gamer machines would be like that.
> Who am I kidding, how many laptops actually sleep or hibernate properly when running Linux anyway...
Or period?
My 2015-ish Macbook Air was unreliable at waking up from sleep, and so is my Windows ASUS ROG Zephyrus from ~2021.
Unix systems are inherently very multi-user (check how many lines are in your /etc/passwd!). Other login users would just need to log into via other means (ssh/etc..).*
i wonder how screen locking works then
I imagine the user account still has a password, it's just getty is configured to auto login on tty1
Right...you still need a regular login user (and probably a good idea to have a password set)...also for things like sudo. But that facet wasn't one that actually concerned me with this setup
what happens if the screen locker crashes?
That problem exists for all desktop environments, Omarchy or not.
An install script to create a strong and stable blend of Omarchy on top of CachyOS. You must install CachyOS first (please read the README file.)
Feedback and contributions welcome!
Personally I feel this diverges just enough from omarchy that it deserves its own name to avoid confusion.
Normally I'd say I would be exactly the type of person that would use such a thing. But what scares me away and makes me stay with vanilla KDE Plasma is that perceived upfront cost of having to relearn everything and having to customize for hours to then have something that feels 100% better in some and 100% worse in other situations.
Maybe that just means I am currently at a point in my life where I haven't got the time or energy to play around with these things. I'd rather have KDE Plasma with a hint of tiling window manager than a tiling window manager with a hint of Plasma, if you get what I mean.
Omarchy and CachyOS are very interesting but they do not look serious about security [0] [1].
I mean in this day and age we all agree you need disk encryption (for a least 20 years) but what about SELinux, application sandboxing for example?
Especially for a desktop OS like Omarchy shipped with a bunch of apps and "plugins".
This has been a Linux Desktop weakness for more than a decade (compared to macOS, Windows and Android). App sandboxing is a bit sketchy and hard to get right.
The fact they do not explicitly state their strategy regarding those things make me believe this is a bit amateurish.
- [0] https://wiki.cachyos.org/cachyos_basic/faq/#security--best-p...
- [1] https://learn.omacom.io/2/the-omarchy-manual/93/security
> Especially for a desktop OS like Omarchy shipped with a bunch of apps and "plugins".
Omarchy is _just_ a set of scripts to have a nice looking Arch Linux and some helper scripts for day to day tasks. It's not a distribution per se, it doesn't have repositories or packages of its own.
Therefore, your criticism of app sandboxing is more for Arch than Omarchy IMHO.
> Therefore, your criticism of app sandboxing is more for Arch than Omarchy IMHO.
I've never been an Arch user but deeply respect the project since their wiki as always been my favorite documentation.
From what I understand Arch is very much DIY, non opinionated and you you need to decide and build the security level / strategy that fit your needs. It seems you can go Flatpak, SELinux but only if you want.
I was kind of lurking for an equivalent of SecureBlue in the Arch world, meaning an Arch derived distro with a strong security posture. Allowing me to get started without worrying too much about it.
At the end of the day, you do you, but my experience with SElinux is that using it on the desktop is vastly overkill.
At a high level, the essence of SElinux is to limit the possibilities of exploitation and escalation by carefully specifying which process can access which resources in which context. Now that makes sense for a server opened to the www, or a host shared with untrusted users. But Omarchy is a _sole developer_ focused flavor of Arch Linux, think your typical dev laptop. There's no service exposed there, you most likely can't even listen on the internet behind your typical home router. The realistic threats that you face is your laptop being stolen (which is why LUKS is a default) or your laptop sitting unlocked (which is why hypridle & hyprlock are a default).
Of course there's always the tails of a compromised software, but it's much more unlikely.
The distributed development model makes it tricky, because distributions themselves aren't necessarily the developers of sandboxing solutions, there's multiple approaches, many are incompatible with each other, none are fully mature and support every tool users could realistically want to run.
Same with selinux/apparmor/competitors, they're all mutually exclusive to some degree and have different pros and cons. RHEL shoves selinux down everyone's throat without caring how well that works in practice, and coincidentally 100% of RHEL systems I've interacted with have it disabled.
Until there's solutions that are mature, the best solution for distros is still to let users choose the lesser evil for their specific use case.
So this is about setting up a UI.. with no screenshots of the UI. Nice
Video showcasing UI: https://omarchy.org/
I skipped through the 38 minutes and landed on like 8 instances were he was switching themes/wallpaper and 4 showing of bash scripts that opens a webpage. It looks like all the fluxbox/openbox themed minimal desktops in the 2000s - function follows form. Feels really performative.
Its basically LARBS or an autoricing script. But its happening in kind of a cultural moment where Linux gaming is good enough and Windows is bad enough for people to see ricing and say "I want that!"
I think it is function follows form, but it turns out a lot of people actually want that.
Not to mention - if you're coming from Windows or MacOS and you've never had real tiling before, you could install a bunch of goofy electron launchers or whatever and still get form improvements.
I'm not a Rails guy, so I've always kind of thought their scaffolding system was a little silly. It's going to autogenerate a config and then I also have to edit it?
But I'm coming to terms with the idea that there is actually tremendous value to lowering the barrier to entry as much as possible, and providing scaffolding for people to learn along the way
DHH switched from Mac to Linux and is in the process of experimenting with his setup, but since he's famous within tech, it's getting a lot of attention. There's really nothing special about it.
I mean.. that vscode-like command palette for system actions incl updating, installing and removing packages looks rather nifty
Haven't "launchers" existed for decades at this point though? I remember Crunchbang (RIP) having something similar for example, and that must have been almost two decades ago at this point.
There are a lot of them yeah.
In this case, Walker is the launcher being used in Omarchy, https://github.com/abenz1267/walker. It's not specific to Omarchy.
One of Walker's features is being able to create your own custom menus quite easily with shell scripts.
[dead]