-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathinstall.debian.6.0
379 lines (256 loc) · 11.2 KB
/
install.debian.6.0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
1.) Boot the install cd and follow instructions to do the install (I
chose the normal install). Set up machine as desired. Fairly
self-explanatory. Partitioning should be roughly as follows, adjusted
for available disk size as appropriate (including for RAID). Disk
labels should be representative of the mount point.
Pysical Partitions:
1 1GB /boot
2 Rest physical volume for LVM*
* = Alternatively, do volume for encryption, containing a single LVM
partition.
- If you are doing RAID, then you want the above physical partition
scheme across multiple drives, with each one set up for "Physical
volume for RAID". Then you create MD devices for each pairing (same
partition on each drive) and then define it to be whatever it is
above, and continue on as normal from there.
- These should represent MINIMUM sizes. More is often better.
LVM Partitions
swap 2*RAM
usr_local 10GB /usr/local
tmp 2GB /tmp
var 5GB /var
root 10GB /
home Rest /home
(For some machines, a common area of /pub, or /shared, might be
appropriate, and should be taken out of /home)
2.) When asked what to install, you want:
* Graphical Desktop Environment
* SSH Server
* Laptop (for laptops)
* Standard system utilities
3.) Add user to the sudo group
usermod -a -G sudo matt
## NOTE: All this stuff assumes that you're root, such as with "sudo -s"
4.) Lock root
sudo usermod -L root
4.) After machine is up do:
sudo -e /etc/apt/sources.list
and add "contrib non-free" to each of the repository entries
(or just grab sources.list from some reasonable machine)
Also, add:
deb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free
deb-src http://backports.debian.org/debian-backports squeeze-backports main contrib non-free
5.) Wireless drivers (laptop only)
aptitude install firmware-iwlwifi
6.) Do:
aptitude update
aptitude full-upgrade
7.) Install things:
aptitude install nmap traceroute emacs emacs-goodies-el css-mode openssh-server symlinks sysstat ifstat dstat ssmtp heirloom-mailx apg whois powertop mii-diag gif2png cups-pdf units tofrodos gcc make g++ gdb autoconf libtool automake libc6-dev samba smbfs libsane-extras xsane scribus scribus-template texlive texlive-fonts-extra texlive-latex-extra latex2html latex2rtf gnuplot gnuplot-mode icedove enigmail iceweasel tracker tracker-utils unison unison-gtk digikam kipi-plugins meld ntp brag exiv2 unrar autossh openoffice.org xmlstarlet dvdrtools cdrskin logjam mesa-utils okular okular-extra-backends k3b libk3b6-extracodecs libtk-gbarr-perl subversion mono-runtime monodevelop monodevelop-nunit monodevelop-versioncontrol monodoc-manual glade mono-gmcs smartmontools gstreamer0.10-ffmpeg gstreamer0.10-plugins-bad gstreamer0.10-plugins-ugly vnc4server xvnc4viewer aspell aspell-en pidgin-extprefs pidgin-plugin-pack openjdk-6-demo openjdk-6-doc openjdk-6-jre openjdk-6-jre-headless openjdk-6-jre-lib openjdk-6-jdk gqview konqueror kaffeine xine-ui xchat mpg123 sox rhythmbox openoffice.org-help-en-us kcachegrind kcachegrind-converters graphviz hfsplus normalize-audio audacity libsox-fmt-all input-utils mysql-client nant sqlite3 libmono-i18n2.0-cil libmono-microsoft8.0-cil p7zip dvdbackup dia-gnome gsfonts-x11 fontmatrix kate powertop latencytop python-pycurl python-paramiko python-setuptools regexxer apt-show-versions git-core gitk git-svn speedcrunch mp3gain vorbisgain amarok kmail libmath-round-perl krita dosbox apt-file keepassx picocom qbrew manpages-posix manpages-posix-dev manpages-dev manpages c-cpp-reference ipcalc clusterssh logcheck preload mozplugger eclipse clusterssh pssh dh-make devscripts chromium-browser chromium-browser-l10n ktorrent shutter libgoo-canvas-perl portsentry sound-juicer djvulibre-bin djvulibre-plugin djvusmooth pdf2djvu iftop pidgin-skype sun-java6-jdk ia32-sun-java6-bin wireshark atop tomboy deborphan ia32-libs libc6-i386 ufw hpodder sensors-applet
8.) Set up static IP's (for machines with them)
- edit /etc/network/interfaces, and add lines like:
auto iface eth0 inet static
address 192.168.9.1
netmask 255.255.255.0
gateway 192.168.9.254
ifdown eth0
ifup eth0
9.) Make ssh work:
## For an old machine, use the old keys - you did save /etc, didn't you?
## For a new machine, use the new keys generated by the distro.
- make sure to add to the firewall
ufw allow ssh
- set:
- PermitRootLogin no
- once you've set up public key auth, turn off password access. edit
/etc/ssh/sshd_config
and set
PasswordAuthentication no
sudo service ssh restart
10.) Turn on the firewall.
ufw enable
11.) Set up /etc/hosts.allow and /etc/hosts.deny:
- hosts.allow:
----------------
ALL: 127.0.0.1
sshd: ALL
-----------------
- hosts.deny:
----------------
ALL:ALL
-----------------
12.) Configure the bootloader
- edit /etc/default/grub
- comment out the GRUB_HIDDEN_TIMEOUT line
- set the GRUB_TIMEOUT line to 3
- set the GRUB_CMDLINE_LINUX_DEFAULT to "nosplash"
- sudo update-grub
13.) Install multimedia things
add the following to /etc/apt/sources.list.d/multimedia.list
deb http://www.debian-multimedia.org squeeze main non-free
sudo chmod a+r /etc/apt/sources.list.d/multimedia.list
sudo aptitude update
sudo apt-get install debian-multimedia-keyring
sudo aptitude update
sudo aptitude full-upgrade
sudo aptitude install libdvdcss2 googleearth-package
14.) latex
- cd /usr/share/texmf/tex/latex
- sudo cp -a ~/system_stuff/latex/local .
- sudo chown -R root:root local
- then run texconfig and select "rehash"
- Also, set the paper to US
15.) ntpd (for fixed machines only, for mobile, the default is fine)
TODO - FIX THIS - we have no NTP server for now
## for server:
- add ntpd to hosts.allow list
ntpd: 192.168.9.0/24
## for server, make sure to add to ufw
ufw allow ntp
## for client
- edit /etc/ntpd.conf and comment out the line:
server ntp.ubuntu.com
- and add the line:
server 192.168.9.98 (this was daisy, should now be loki..)
16.) cups
- sudo system-config-printer
- add printers as appropriate
- Under Server->Settings select:
Show printers shared by other systems
- For servers, under "Server Settings", select:
Show printers shared by other systems
- make sure to enable it in the ufw
ufw allow ipp
17.) Set up samba:
- Servers
cd /etc/samba
mv smb.conf smb.conf.old
cp ~/system_stuff/samba/smb.conf.machine_name ./smb.conf
update-rc.d smbd defaults
update-rc.d nmbd defaults
service smbd start
service nmbd start
- make sure to add ufw rules for it
ufw allow netbios-ns
ufw allow netbios-dgm
ufw allow netbios-ssn
ufw allow microsoft-ds
- Other machines
- Remember to turn it off on places you don't want it.
echo "manual" >> /etc/init/smbd.override
echo "manual" >> /etc/init/nmbd.override
service smbd stop
service nmbd stop
18.) Set up ssmtp
cd /etc/ssmtp
mv ssmtp.conf ssmtp.conf.old
cp ~/system_stuff/ssmtp/ssmtp.conf .
chmod a+r ssmtp.conf
19.) Set up apache (if applicable)
aptitude install apache2 php5 php5-cli php-pear php-db php5-mysql php5-mcrypt mysql-server
- edit /etc/apache2/ports.conf and change:
Listen 80
- to
Listen 127.0.0.1:80
- and
Listen *:443
- to
Listen 127.0.0.1:443
- enable the userdir and rewrite modules
a2enmod userdir
a2enmod rewrite
sudo service apache2 restart
- for dev machines, you may not want it to start at boot
update-rc.d -f apache2 remove
echo "manual" >> /etc/init/mysql.override
20.) Add podget to my cron (one machine only)
TODO - port over. Stuff is in .hpodder.
crontab -e
then make it look like:
0 6 * * * /home/matt/bin/hpodder > /dev/null
so it will run every morning at 6am and log to nowhere
21.) Removed
22.) /etc/hosts
- add hosts to /etc/hosts as appropriate
23.) Remove gdm so X doesn't start (servers only)
update-rc.d gdm disable
24.) Set up CDEmu ppa
- Add the CDEmu repository
sudo add-apt-repository "deb http://ppa.launchpad.net/cdemu/ppa/ubuntu oneiric main"
sudo aptitude update
sudo aptitude full-upgrade
sudo aptitude install gcdemu cdemu-client
25.) Removed
26.) Removed
27.) Set up email backups (case only)
crontab -e
then make it look like:
0 1 2 * * /home/matt/bin/backup_email > /dev/null
so it will on the second of the month at 1am and log to nowhere
28.) Set the java look and feel to not suck
sudo update-alternatives --config java
and select sun's java
Set the look and feel to not suck:
- edit /usr/lib/jvm/java-6-sun/jre/lib/swing.properties
- uncomment the GTKLookAndFeel line
- (note that the openJDK is
/usr/lib/jvm/java-6-openjdk/jre/lib/swing.properties)
-- Installed for skunkwerks
aptitude install netbeans sun-java6-jdk
-- SUSPENDED FOR SQUEEZE - not there, nut sure we care
29.) Set up sensors (if not set up automagically) for case
- For case / Gigabyte X48-DQ6 board
- add the following to /etc/modules:
it87
coretemp
(For new machines, this is accomplished by running sensors-detect and following prompts)
# FIXME - edit the conf file to fix scaling, etc.
30.) Removed
31.) Make tcl not ugly
sudo update-alternatives --config wish
and then set for wish8.5
32.) Fix volume hotkeys for hiro
sudo cp /sys/devices/platform/thinkpad_acpi/hotkey_all_mask /sys/devices/platform/thinkpad_acpi/hotkey_mask
33.) Set up logcheck
- edit /etc/cron.d/logcheck and set it to @daily and not every 2 hours
34.) Set up portsentry (which actually doesn't work for stuff running
firewalls...)
- edit /etc/default/portsentry and set it to atcp/audp mode
- sudo service portsentry restart
35.) Set up log monitoring
TODO - finish this
36.) Install qbrew build dependencies:
aptitude install qt4-qmake libqt4-dev qt4-designer
37.) Install virtualbox latest
echo "deb http://download.virtualbox.org/virtualbox/debian squeeze contrib non-free" | sudo tee /etc/apt/sources.list.d/virtualbox.list
sudo chmod a+r /etc/apt/sources.list.d/chromium.list
wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add -
sudo aptitude update
sudo aptitude install virtualbox-4.1
=== Repos ===
additional repositories can be found here:
http://wiki.debian.org/UnofficialRepositories
=== Games ===
1.) Install openxcom supporting stuff so we can build it:
sudo aptitude install libsdl-gfx1.2-dev libyaml-dev
2.) Add GetDeb games repo (PlayDeb)
wget -q -O - http://archive.getdeb.net/getdeb-archive.key | sudo apt-key add -
sudo add-apt-repository "deb http://archive.getdeb.net/ubuntu oneiric-getdeb games"
and install a bunch of stuff from there (not all of this may work, the
repo seems a little ill-maintained at this time)
sudo aptitude update
sudo aptitude install warzone2100 enemy-territory smokinguns bloodfrontier bombic ufoai hedgewars
I had gotten this to do FreeOrion, but that's apparently not here...
3.) Install some games:
TODO - update with more? OpenTycoon, etc?
aptitude install boswars freecol lincity-ng warzone2100 freeciv-sound-standard freeciv-client-gtk scummvm beneath-a-steel-sky flight-of-the-amazon-queen fluidsynth
4.) Add PlayOnLinux
echo "deb http://deb.playonlinux.com/ oneric main" | \
sudo tee -a /etc/apt/sources.list.d/playonlinux-oneric.list
sudo chmod a+r /etc/apt/sources.list.d/playonlinux-oneric.list
sudo aptitude update
sudo aptitude install playonlinux
5.) Install updated wine
sudo apt-add-repository ppa:ubuntu-wine/ppa
sudo aptitude update
sudo aptitude full-upgrade