Ironing Out the Wrinkles

So I just re-installed Arch EndeavourOS on both my laptop and desktop and decided it was time to do some much needed re-architecting. I also wanted to keep track of what changes I made in this post so I can maybe someday make an Ansible playbook to set these things up.

A few new things this time:

  • I’m starting from EOS KDE edition, switch to KDE utils
  • EndeavourOS installs firewalld, let’s learn to use it
  • Tailscale

Problem 1: Firewalld and Tailscale

Tailscaled sets up the tailscale0 interface, and since it is not managed by NetworkManger, it doesn’t integrate into firewalld directly.



Description=Update tailscale's firewalld zone after its interface comes online

ExecStart=firewall-cmd --zone=trusted --add-interface=tailscale0


systemctl daemon-reload
systemctl enable --now tailscale-firewalld

Problem 2: profile sync daemon

Profile sync daemon is a daemon which keeps a browser’s profile in tmpfs to speed it up.

However, if you have multiple profiles or a lot of profiles, it can use a lot of RAM.

Solution 1:

Let’s increase our runtime directory size.


# ...
RuntimeDirectorySize=15%   # Increased from 10%

Solution 2:

Reads will be cached perfectly fine by the browser and kernel, let’s only worry about writes. Use the overlay filesystem.


%users ALL=(ALL)NOPASSWD: /usr/bin/psd-overlay-helper