Session Knowledge Capture: 2026-03-18 to 2026-03-23

Overview

This document consolidates knowledge, troubleshooting steps, and lessons learned from work sessions spanning 2026-03-18 to 2026-03-23. Topics include mobile terminal setup, SSH certificate authentication, secrets management, study tracking systems, and CLI mastery patterns.

Termux Mobile Setup

Environment

Component Value

Device

Samsung Z Fold 7

Terminal

Termux (F-Droid)

Shell

zsh (changed from bash default)

Prompt

Starship (oh-my-posh broken on ARM64)

User

u0_a385

Initial Setup Commands

# Install core packages
pkg update && pkg upgrade
pkg install git openssh gnupg zsh neovim curl

# Set zsh as default shell
chsh -s zsh

# If chsh doesn't persist, add to ~/.bashrc:
echo 'exec zsh' >> ~/.bashrc

# Storage access
termux-setup-storage

Oh-My-Posh ARM64 Issue

Problem: Oh-my-posh crashes on ARM64 Termux with Go runtime panic in writeSegmentsConcurrently. All themes crash, including built-in minimal themes. disable_async = true does not fix the issue.

Root Cause: Go runtime issue specific to ARM64 Android/Termux environment.

Solution: Use Starship instead.

# Install Starship
curl -sS https://starship.rs/install.sh | sh -s -- --bin-dir ~/.local/bin

# Add to .zshrc
eval "$(starship init zsh)"

# Apply preset theme
starship preset tokyo-night -o ~/.config/starship.toml

Result: Working prompt: 󰌽 u0_a385 …/dotfiles-optimus/apps main ! 20:11 ❯

gopass Clipboard Fix

Problem: gopass show -c hangs forever - clipboard commands never complete.

Root Cause: Termux clipboard requires both:

  1. termux-api package (CLI tools)

  2. Termux:API Android app (provides clipboard service)

Solution:

  1. Install F-Droid: f-droid.org/

  2. Install Termux:API app: f-droid.org/packages/com.termux.api/

  3. Grant permissions when prompted

# After installing Termux:API Android app
gopass show -c v3/personal/storage/extra-space
# ✔ Copied to clipboard. Will clear in 45 seconds.

Vault SSH Certificate Authentication

TTL Expiry Issue

Symptom: SSH connection fails with "Permission denied" despite valid signed certificate.

Cause: Vault SSH certificates have 8-hour TTL by default. Certificate expired.

Solution: Re-sign the public key:

# Check certificate validity
ssh-keygen -L -f ~/.ssh/id_ed25519_vault-cert.pub | grep Valid

# Re-sign (note: use $HOME, not tilde)
vault write -field=signed_key ssh/sign/domus-client \
    public_key=@$HOME/.ssh/id_ed25519_vault.pub \
    valid_principals="evanusmodestus,u0_a385" \
    > ~/.ssh/id_ed25519_vault-cert.pub

Tilde Expansion Issue

Problem: Vault commands with ~/.ssh/…​ fail:

# WRONG - tilde not expanded in @path
vault write ... public_key=@~/.ssh/id_ed25519_vault.pub
# Error: could not read file '~/.ssh/...'

# CORRECT - use $HOME
vault write ... public_key=@$HOME/.ssh/id_ed25519_vault.pub

Principals Configuration

Problem: SSH rejected with "Certificate has invalid principals."

Cause: Termux user is u0_a385, not evanusmodestus. Certificate must include both.

Solution: Update valid_principals in Vault SSH role and sign command:

# Include both usernames
vault write -field=signed_key ssh/sign/domus-client \
    public_key=@$HOME/.ssh/id_ed25519_vault.pub \
    valid_principals="evanusmodestus,u0_a385"

gopass Enhancements

Storage Unit Template

Added to gopass-personal-docs (Housing → Storage Unit):

  • Provider, facility address, city, state

  • Unit number, size, climate controlled, floor

  • Gate code (first line for quick gopass show -o copy)

  • Access hours, account number

  • Monthly rent, insurance, autopay, due day

  • Online account credentials

Location: v3/personal/storage/<provider-slug>

Usage:

# Run generator
gopass-personal-docs
# Select 9) Housing → 3) Storage Unit

# Quick access
gopass show -o v3/personal/storage/extra-space  # Gate code only
gopass show v3/personal/storage/extra-space     # Full details

Structured Queries with gopass-query

New CLI tool for querying structured YAML entries:

gopass-query bills              # All bills with totals
gopass-query bills storage      # Just storage bills
gopass-query storage            # Storage units with gate codes
gopass-query subscriptions      # All subscriptions
gopass-query credentials <path> # Username + copy password
gopass-query summary            # Count all entries
gopass-query search provider "Extra Space"  # Find by field
gopass-query export storage     # Export to JSON

Dotfiles Management with Stow

Proper Structure

dotfiles-optimus/
└── base/
    └── bin/
        └── .local/
            └── bin/
                ├── gopass-audit
                ├── gopass-migrate
                ├── gopass-personal-docs
                ├── gopass-query
                ├── vault-ssh-sign
                └── ... (34 scripts)

Stow Commands

# Deploy all bin scripts
cd ~/atelier/_projects/personal/dotfiles-optimus/base
stow -t ~ bin

# Handle conflicts (adopt existing files)
stow -t ~ --adopt bin
git checkout -- bin/  # Restore stow versions if needed

Symlink Types

  • Relative (stow-style): ../../atelier/_projects/personal/…​

  • Absolute (manual): /home/user/…​ - not stow-compatible

Mobile Productivity Workflow

Repos to Clone on Phone

mkdir -p ~/atelier/_bibliotheca

# Primary repos for mobile
git clone git@github.com:EvanusModestus/domus-captures.git ~/atelier/_bibliotheca/domus-captures
git clone git@github.com:EvanusModestus/domus-infra-ops.git ~/atelier/_bibliotheca/domus-infra-ops
git clone git@github.com:EvanusModestus/domus-netapi-docs.git ~/atelier/_bibliotheca/domus-netapi-docs

Productivity Aliases

# Add to ~/.zshrc
alias dcap='cd ~/atelier/_bibliotheca/domus-captures'
alias dinfra='cd ~/atelier/_bibliotheca/domus-infra-ops'
alias regex='cd ~/atelier/_bibliotheca/domus-captures/docs/modules/ROOT/pages/education/training/regex && nvim .'
alias wrklog='nvim ~/atelier/_bibliotheca/domus-captures/docs/modules/ROOT/pages/$(date +%Y/%m)/WRKLOG-$(date +%Y-%m-%d).adoc'

Safety Warning

Never use phone with unfolded display while walking in public, especially abroad. Use only in secure seated locations (apartment, café with wall-facing table, coworking space).

Latin Study: Lingua Latina per se Illustrata

Current Text

  • Book: Lingua Latina per se Illustrata, Pars I: Familia Romana

  • Author: Hans H. Ørberg

  • Method: Natural/Direct - 100% Latin from page 1

  • Chapters: 35 capitula total

Progress Tracking

Full 35-chapter tracker added to partials/trackers/education/linguistics.adoc with tag latin.

Why Latin for Spanish Mastery

Benefit Application

Case System

Understanding Spanish pronoun forms (le/lo/la) as Latin remnants

Verb Conjugation

Latin verb system → Spanish patterns become logical

Vocabulary

80%+ of Spanish derives from Latin

Subjunctive

Latin subjunctive illuminates Spanish subjunctive

Register

Formal Spanish preserves more Latin structures

Don Quijote Study System

Migration from Principia

Migrated 126 chapters from Principia to domus-captures:

quijote/
├── index.adoc
├── primera-parte/     # 52 chapters (1605)
│   ├── index.adoc
│   └── capitulo-001..052.adoc
└── segunda-parte/     # 74 chapters (1615)
    ├── index.adoc
    └── capitulo-001..074.adoc

DELE C1/C2 Writing Practice

Each chapter template now includes:

  • Mi Análisis Personal - Write 200+ words in Spanish per chapter

  • Apéndice Literario (6 tables):

    • Autores Mencionados/Referenciados

    • Personajes y Arquetipos Literarios

    • Vocabulario con Doble Sentido

    • Arcaísmos y Vocabulario Especial

    • Referencias Bíblicas y Clásicas

    • Juegos de Palabras Cervantinos

Example: Vocabulario con Doble Sentido

Término Significado Literal Significado Secundario

cola

peluca, adorno

sexualidad (connotación)

Rocinante

rocín + antes

"antes rocín" Y "primero de los rocines"

Quijote

pieza de armadura (muslo)

nombre ridículo

CLI Lab Notebook

Created examples/lab/ directory for CLI experimentation:

lab/
├── README.adoc       # Entry format template
├── shell/            # Brace expansion, globs, quoting
├── regex/            # Pattern matching
├── awk/              # Field processing
├── sed/              # Stream editing
├── find/             # File discovery
├── jq/               # JSON processing
├── networking/       # nmcli, ip, ss
└── api/              # REST, GraphQL experiments

Entry Format

Each experiment should include:

  1. STATUS: WORKING, BROKEN, or PARTIAL

  2. What I tried: The command attempted

  3. Why it failed: Root cause analysis

  4. Correct approach: Working solution

  5. What I learned: Key takeaway

First Entry: Brace Expansion

Broken:

head -5 capitulo{01,52}.adoc
# Error: No such file

Working:

head -5 capitulo-0{01,52}.adoc
# Success - expands to capitulo-001.adoc capitulo-052.adoc

Key insight: Brace expansion is literal substitution. Missing -0 prefix means wrong filenames.

Life Admin Tracking

Expanded partials/trackers/personal/life-admin.adoc with tagged sections:

  • urgent - Critical items

  • completed - Done items

  • medical - Health-related

  • financial - Billing, accounts

  • legal - Documents, court

  • subscriptions - Recurring services

  • vehicles - Auto-related

  • insurance - Policies

  • housing - Residence, storage

  • ids - DMV, passports, etc.

Storage Unit Entry

Location: v3/personal/storage/extra-space

Field Value

Provider

Extra Space Storage

Unit Size

8x11

Climate Controlled

Yes

Monthly Rent

$227.00

Insurance

$14.20

Total Monthly

$241.20

Move-in Date

2026-03-17

reMarkable Workbook System

Workbook Generator Scripts

Location: scripts/remarkable/

Script Purpose Pages

generate-asciidoc-complete-reference.py

AsciiDoc syntax reference

126+

generate-regex-mastery-workbook.py

Regex proficiency training

110+

generate-idea-capture-enhanced.py

10-category idea capture

332

pdf-template-linked.py

Template for custom workbooks

-

Upload to reMarkable

cd scripts/remarkable/
python generate-regex-mastery-workbook.py
rmapi put --force regex-mastery-workbook.pdf Domus/Reference/

Planned Workbooks

Technical Mastery Series:

  • AWK Mastery

  • sed Mastery

  • Bash Mastery

  • Python Mastery

  • jq Mastery

  • Vim Mastery

Personal Organization:

  • Ideas Collection (enhanced - 332 pages)

  • Items Owned (inventory/asset tracking)

Key Commits

Commit Description

c4d5f99

gopass Storage Unit template

5234b82

gopass-query tool

77fba34

Stow migration for gopass scripts

eb16e03

README scripts inventory

cb547eb

Termux Phase 9-10 (zsh, productivity repos)

c665f50

Latin tracking (35 capitula)

d8dd251

Don Quijote migration (126 chapters)

35b374e

DELE C1/C2 writing practice + Apéndice Literario

33d73ea

CLI Lab notebook

Lessons Learned

Termux Specific

  • Always use $HOME instead of ~ in paths passed to tools

  • Termux:API Android app is required for clipboard - CLI package alone is insufficient

  • oh-my-posh broken on ARM64 - use Starship instead

  • chsh -s zsh may not persist - fallback: echo 'exec zsh' >> ~/.bashrc

Vault SSH Certificates

  • Default TTL is 8 hours - re-sign frequently

  • Principals must include both workstation user AND mobile user

  • Tilde expansion doesn’t work with @path syntax in Vault

Stow Best Practices

  • Use --adopt to pull existing files into stow management

  • Relative symlinks are stow-compatible; absolute are not

  • Structure: base/<module>/.local/bin/script~/.local/bin/script

gopass Structured Entries

  • First line is the password/code for quick gopass show -o access

  • YAML structure enables field-level queries

  • Consistent schemas enable scripting and automation

Related Documents

Session knowledge captured from work sessions 2026-03-18 to 2026-03-23