Box

From Things and Stuff Wiki
Jump to: navigation, search

Things and Stuff Wiki - An organically evolving personal wiki knowledge base with an on-the-fly taxonomy containing topic outlines, descriptions, notes and breadcrumbs, with links to sites, systems, software, manuals, organisations, people, articles, guides, slides, papers, books, comments, videos, screencasts, webcasts, scratchpads and more. Quality varies drastically. Use the Table of Contents to navigate long pages, use the Small-ToC and Tiny-ToC header links on longer pages. Not that mobile friendly atm. #tnswiki on freenode IRC for feedback chat, or see About for login and further information. / et / em

General

A box, yer computer, physical (or abstract) box. [1]

These are the steps that I follow (and create) when I set-up Arch Linux. They are incomplete.

See also Stack, *nix#Configuration 2, Server, Distros, Distros#Live Distro

Arch Linux install

Todo: convert parts into this style - https://github.com/unexicon/meta-unexicon

Initial setup

Setup for ArchISO environment.

# set keyboard for UK qwerty, gives access to pipe character, etc.
loadkeys /usr/share/kbd/keymaps/i386/qwerty/uk.map.gz

# check for potentially failed services (i.e. network dhcp)
systemctl --failed

# update pacman software list
pacman -Sy

# install terminfo for urxvt
pacman -S rxvt-unicode
# and reconnect via ssh

Network

# if there isn't a network already..

# for wifi-menu / wpa_cli to work
vim /etc/wpa_supplicant/base.conf
# new file

  ctrl_interface=/run/wpa_supplicant
  update_config=1

# get wifi interface name
ip a


wifi-menu

(or)

# start wpa_supplicant
wpa_supplicant -B -i interfacename -c /etc/wpa_supplicant/base.conf

# establish wifi data link
wpa_cli

  scan
  scan_results

  add_network
  set_network 0 ssid "MYSSID"
  set_network 0 psk "passphrase"
  enable_network 0

  # or for open wifi
  set_network 0 key_mgmt NONE
  enable_network 0

  save_config
  q


### for wifi and ethernet???
# establish ip linkcli
dhcpcd [interface]

File storage

Basic

# https://wiki.archlinux.org/index.php/Partitioning
# there can be only 4 'primary' partitions in the MBR. if not using LVM, make the fourth 'extended' so it can contain further 'logical' partitions
# filesystem partition size ideas:
# /boot - 512M
  # contains boot kernel images (linux, linux-lts, linux-ck, etc.) - Type: linux (83)
# [swap]
  # swap size to match RAM size - Type: linux swap (82)
# /
  # one large partition for the rest - Type: linux (83) OR linux LVM (8e)


# all-in-one partitioning, boot flag and swap partition setup
echo -e "n\n\n\n\n+512M\n n\n\n\n\n+1G\n n\n\n\n\n\n a\n1\n t\n2\n82\nw\n"|
fdisk /dev/vda


# check drive partitions
lsblk

# formatting
# boot as ext2 (no journal for less fuckups?)
mkfs.ext2 /dev/sda1
e2label /dev/sda1 /boot

mkfs.ext4 /dev/[partition]


# create swap partition
mkswap /dev/[swappartition]
swapon /dev/[swappartition]


# mount partitions - root first
mount /dev/mapper/<lv-root> /mnt
mkdir /mnt/boot
mount /dev/sda1 /mnt/boot


# give device label, for file managers - https://wiki.archlinux.org/index.php/Persistent_block_device_naming#by-label
e2label /dev/XXX <label>

LVM (optional)

# managing storage devices with LVM allows for easier partition resizing, etc. later
# see https://wiki.archlinux.org/index.php/LVM

# scan for available devices
lvmdiskscan

# create physical volume
pvcreate /dev/DEVICE
pvdisplay
pvscan
pvs

# create and add to internal drive volume group
vgcreate <volume_group> /dev/DEVICE
vgdisplay

vgextend <volume_group> <physical_volume>


# or
vgcreate <volume_group> /dev/sda2 /dev/sdb1 /dev/sdc


# lvm partition ideas:
#/ logical volume, will contain /usr (includes installed programs)
   # 100G - Bootable - Type: linux (83)
# /var logical volume - contains misc. including spools, logs, packages downloaded for installation. separate to avoid running out of space
   # 100G - Type: linux (83)
# /home logical volume - contains user home folders, where media will be stored
   # remainder Gb Type: linux (83)


# create partition group
lvcreate -C y -L 50G <volume_group> -n <lv_name>
lvs

...

# check drive partitions
lsblk

# format drive partitions
# boot as ext2
mkfs.ext2 /dev/sda1
e2label /dev/sda1 /boot


mkfs.ext4 /dev/mapper/[partition]
# repeat for each partition, excluding swap partition

# create swap partition
mkswap /dev/[swappartition]
swapon /dev/[swappartition]

# mount partitions - root first
mount /dev/mapper/<lv-root> /mnt

mkdir /mnt/boot
mount /dev/sda1 /mnt/boot

mkdir /mnt/var
mount /dev/mapper/<lv-var> /mnt/var

mkdir /mnt/home
mount /dev/mapper/<lv-home> /mnt/home


# if mirroring with raid1;
lvconvert --type raid1 -m 1 /dev/milk-hdd-internal/logicalvolume /dev/sdd1


# give device label, for file managers - https://wiki.archlinux.org/index.php/Persistent_block_device_naming#by-label
e2label /dev/XXX <label>

Bootstrap

# use geographically close arch package mirror
vim /etc/pacman.d/mirrorlist
# move local mirror at top of the list. this config is also copied across in the next step.

# bootstrap including the installation of pacman and a few extras
pacstrap /mnt base base-devel archlinux-keyring pacman-contrib syslinux zsh polkit netctl openssh p7zip reflector iotop mlocate ripgrep fzf vim git tmux htop atop dmidecode fasd ncdu dfc tree pkgfile rxvt-unicode wget bind-tools dhcping


# generate file system configuration info
genfstab -p /mnt >> /mnt/etc/fstab

# chroot into new system
arch-chroot /mnt


#optional extra
pacman -S linux-headers linux-lts linux-lts-headers lvm2 

pacman -S wpa_supplicant dialog dnsmasq dnscrypt-proxy


Users

# set root user password
passwd

# add your own user account and set a password
useradd -m [USERNAME]
passwd [USERNAME]

# let wheel group use sudo for root permission
visudo
# uncomment %wheel      ALL=(ALL) ALL

## USERNAME HOST_NAME= NOPASSWD: /usr/bin/halt,/usr/bin/poweroff,/usr/bin/reboot,/usr/bin/pacman -Syu

# add user to wheel group for sudo/etc, access
gpasswd -a [USERNAME] wheel

Name, time, language

# set a hostname
echo computer_name > /etc/hostname

# set timezone
ln -s /usr/share/zoneinfo/Europe/London /etc/localtime

# uncomment en_GB.UTF-8 or appropriate locale
vim /etc/locale.gen
/#en_GB
xZZ

# generate locale
locale-gen

# set locale conf
echo LANG=en_GB.UTF-8 > /etc/locale.conf

# set persistant console keymap and font preferences in /etc/vconsole.conf
vim /etc/vconsole.conf
i
KEYMAP=uk
[esc]ZZ

Kernel images

# edit mkinitcpio.conf
vim /etc/mkinitcpio.conf
  # add lvm2 to hooks

  HOOKS=" ... block lvm2 filesystems ... "
 
  # uncomment "xz" compression

# build boot arch and lts boot images
mkinitcpio -p linux linux-lts

Bootloader

# install bootloader: syslinux (installed above)
syslinux-install_update -i -a -m
# the above does this:
# fdisk for boot flag
# dd bs=440 count=1 if=/usr/lib/syslinux/bios/mbr.bin of=/dev/sda
#CAUTION - edit /boot/syslinux/syslinux.cfg to use correct device/mapper addresses

# OR
# install bootloader: GRUB
# syslinux is easier to manage than GRUB
#pacman -S grub
#grub-install --recheck --target=i386-pc /dev/sdx

# allow for saving the last booted kernel, edit /etc/default/grub, set
#GRUB_DEFAULT=saved
# and add
#GRUB_SAVEDEFAULT=true

# generate/regenerate config file
#grub-mkconfig -o /boot/grub/grub.cfg

Network

# set better network interface device names in relation to their MAC (media access control) address.
#vim /etc/udev/rules.d/10-network.rules

# if only one active interface:
echo SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="$(cat /sys/class/net/$(ls /sys/class/net/ | grep -v lo | grep -v wlan)/address)", NAME="eth0" > /etc/udev/rules.d/10.network.rules

# if there is wifi (to fix):
#echo SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="$(cat /sys/class/net/**wifiinterfacename**/address)", NAME="wlan0" >> /etc/udev/rules.d/10.network.rules


# enable DHCP
# multiple network management methods are available
# https://wiki.archlinux.org/index.php/Network_configuration#Dynamic_IP_address

# dhcpcd for all interfaces
systemctl enable dhcpcd
systemctl start dhcpcd


# netctl (arch dev grown systemd interface)
cp /etc/netctl/examples/ethernet-dhcp /etc/netctl
cp /etc/netctl/examples/wireless-wpa /etc/netctl
vim /etc/netctl/wireless-wpa
# change essid and key

# test netctl ethernet profile
netctl start ethernet-dhcp
ip a
ping bbc.co.uk
netctl stop ethernet-dhcp

# test netctl wireless-wpa profile
netctl start ethernet-dhcp
ip a
ping bbc.co.uk
netctl stop wireless-wpa

# make ethernet profile persistant
netctl enable ethernet-dhcp


systemctl enable dnsmasq

# either use straight DNS
# set dns resolver (router)
# see https://wiki.archlinux.org/index.php/Resolv.conf#Alternative_DNS_servers for a pair of public DNS server address to set
#vim /etc/resolv.conf

# or use encrypted DNS
# install dnscrypt

# setup dnsmasq config to listen to port 40 instead of 53
vim /etc/dnsmasq.conf

  no-resolv
  server=127.0.0.1#40
  listen-address=127.0.0.1
  proxy-dnssec

# make a network socket for dnscrypt to use port 40
systemctl edit dnscrypt-proxy.socket

  [Socket]
  ListenStream=
  ListenDatagram=
  ListenStream=127.0.0.1:40
  ListenDatagram=127.0.0.1:40

# create a unit file for dnscrypt with your chosen resolver
cp /usr/lib/systemd/system/dnscrypt-proxy.service /etc/systemd/system
vim /etc/systemd/system/dnscrypt-proxy.service

   # following [https://github.com/jedisct1/dnscrypt-proxy/blob/master/dnscrypt-resolvers.csv resolver] works
   dnscrypt.eu-dk

# make sure dnsmasq doesn't fall over due from dnscrypt not responding while it starts up
cp /usr/lib/systemd/system/dnsmasq.service /etc/systemd/system/multi-user.target.wants
vim /etc/systemd/system/multi-user.target.wants

   # edit to load After=dnscrypt-proxy.service
 
systemctl daemon-reload

# um.. could be above? edit file after auto copy rather than before?
systemctl enable dnscrypt-proxy.service

 vim /etc/resolv.conf

   nameserver 127.0.0.1


# setup ssh access
systemctl enable sshd
systemctl start sshd
# reboot
# ctrl-alt-del is quickest


# https://wiki.archlinux.org/index.php/fail2ban
pacman -S fail2ban

Video drivers

# find out graphics chipset
lspci | grep -e VGA -e 3D

# find gfx chipset drivers to install
pacman -Ss xf86-video | grep ##something##

# install gfx drivers
pacman -S xf86-video-ati # or whatever package

# hardware video acceleration, framebuffer support
pacman -S libva-mesa-driver xf86-video-fbdev

AUR and Git

# bootstrap AUR access with AUR helper pacaur
# https://www.digitalocean.com/community/tutorials/how-to-use-yaourt-to-easily-download-arch-linux-community-packages
# yay > yay > pacaur w/ pacget > yaourt > *

mkdir -p ~/pkgs && cd ~/pkgs && git clone https://aur.archlinux.org/yay-git.git && cd yay-git && makepkg -si

yay -S --answeredit n --answerdiff n pkgcacheclean cower longoverdue inxi fd-rs localepurge neobundle-git dtrx


#gpg --recv-key [keyfromerror]

SSH and dotfiles

# Make .ssh directory
mkdir ~/.ssh

# Generate an [[SSH]] key using EdDSA (SHA-512/256 and Curve25519)
ssh-keygen -t ed25519 -b 4096 -C "your_email@example.com" -f $HOME/.ssh/id_[keynamehere]

# Ensure ssh-agent is enabled for this shell instance
eval "$(ssh-agent -s)"

# Add your SSH key to the ssh-agent
ssh-add ~/.ssh/id_[whatever]


# install; vcsh myrepos
yay -S --answeredit n --answerdiff n  vcsh-git myrepos-git

git clone https://github.com/tarjoilija/zgen.git ~/.zgen

mkdir -p ~/.zsh/cache/`hostname --short`

# bootstrap vcsh
vcsh clone git@github.com:milkmiruku/vcsh_mr.git

# edit config.d symlinks to available.d
cd .config/mr/available.d
#etc.

# mr bootstrap
mr up

X11

# if you want a graphical login, install a display manager # https://wiki.archlinux.org/index.php/display_manager
#yay -S --answeredit n lightdm lightdm-gtk-greeter
#systemctl enable lightdm.service

localectl set-x11-keymap gb

# install basic X11 related
yay -S --answeredit n --noedit xorg-server xorg-xinit xorg-xsetroot xorg-xrdb xorg-xset xorg-xev \
 rxvt-unicode-fontspacing-noinc-vteclear-secondarywheel terminus-font terminus-font-ttf ttf-ms-fonts \
 urxvtcd py3status checkupdates-aur xorg-xinput arandr xorg-xprop


# set X11 keyboard layout
sudoedit /etc/X11/xorg.conf.d/20-keyboard.conf

 Section "InputClass"
    Identifier "keyboard"
    MatchIsKeyboard "yes"
    Option "XkbLayout" "gb"
    Option "XkbVariant" "nodeadkeys"
 EndSection


# install X11 window manager
# bspwm-git sxhkd-git - using i3 now.

yay -S --answeredit n i3-gaps


# install other X11 related
yay -S --answeredit n autocutsel xscreensaver compton dunst hsetroot feh dmenu pnmixer-git redshift unclutter \
 radiotray lxappearance workrave xorg-xdpyinfo xdotool glxinfo systemd-numlockontty gohufont



# enable numlock for ttys and X
systemctl enable numLockOnTty
# doesn't work?


# set the default browser
gio mime x-scheme-handler/http google-chrome.desktop
gio mime x-scheme-handler/https google-chrome.desktop

Misc

# install software
yay -S --answeredit n --answerdiff n links-g-directfb smartmontools youtube-dl-git dnscrypt-proxy-gui meld xcwd-git google-chrome caffeine-ng dolphin dolphin-plugins qt5ct fortune-mod ttf-symbola


# update pkgfile search cache
sudo pkgfile --update

systemctl enable pkgfile-update.timer



# set Git config
# if not using vcsh managed git config
#git config --global user.name USERNAME
#git config --global user.email MAILADDRESS

Laptop

# Set up ACPI
yay -S --answeredit n apci acpid vattery wicd wicd-gtk tlp hdparm mons

systemctl enable acpid.service
# https://wiki.archlinux.org/index.php/Acpid

sudoedit /etc/udev/rules.d/99-lowbat.rules

  # Suspend the system when battery level drops to 5% or lower
  SUBSYSTEM=="power_supply", ATTR{status}=="Discharging", ATTR{capacity}=="[0-5]", RUN+="/usr/bin/systemctl hibernate"

# add vattery and wicd-gkt --tray to .xinitrc

# Set up touchpad

yay -S --answeredit n xf86-input-libinput


# intel video chipset?
sv /etc/X11/xorg.conf

Section "Device"
    Identifier  "Card0"
    Driver      "intel"
    Option      "Backlight"  "intel_backlight"
EndSection


sv /etc/X11/xorg.conf.d/30-touchpad.conf

Section "InputClass"
        Identifier "MyTouchpad"
        MatchIsTouchpad "on"
        Driver "libinput"
        Option "Tapping" "on"
EndSection

Sync

to check


yay -S --answeredit n syncthing syncthing-gtk syncthing-inotify

systemctl --user enable syncthing.service

syncthing-gtk
# to get api key

mkdir /etc/systemd/user/syncthing-inotify.service.d/

sudoedit /etc/systemd/user/syncthing-inotify.service.d/start.conf

  [Unit]
  ExecStart=
  ExecStart=/usr/bin/syncthing-inotify -logflags=0 -api="0M6ubcgtcy7KBLucu0jeXrgqB8U7YKp9"
  RuntimeDirectory=syncthing-inotify

  edit api

systemctl --user enable syncthing-inotify.service


#sudo ln -s /home/milk/.zshrc /root/.zshrc
#sudo ln -s /home/milk/.zsh /root/.zsh
#sudo ln -s /home/milk/.vimrc /root/.vimrc
#sudo ln -s /home/milk/.vim /root/.vim

Backup

to actually sort

See also Backup

yay -S --answeredit n pakbak-git

sudo mkdir -p /var/backup/pakbak

sudoedit /etc/pakbak.conf

 # edit backup folder to /var/backup/pakbak

systemctl enable pakbak

* tar -cjf pacman_database.tar.bz2 /var/lib/pacman/local


### Borg


# list intentionally installed packages
#pacman -Qqe



# Backup paths;
#
# /home/*
# /etc
# /var
# /boot
# /opt?
# etc..?

# Exclude
#/var/tmp

Virtual machine

yay -S --answeredit n linux-headers virtualbox virtualbox-host-dkms

sudoedit /etc/mkinitcpio.conf

  vboxdrv
    # add to end of modules (not hooks!)

sudo mkinitcpio -p linux

sudo modprobe vboxdrv

virtualbox

Audio

# install some apps
yay -S --answeredit n jack2 pulseaudio-jack cadence-git carla-git lv2-plugins sequencer64

slim (old)

i'm using lightdm now

yay -S --answeredit n slim slim-themes 

# make slim login desktop manager start automatically
systemctl enable slim.service

# edit slim config - default_user, focus_password, current_theme sleep-openbox
vi /etc/slim.conf

Environment

## usb drive partition - 8Gb
/boot

## lvm raid 1
# root filesystem
/
/usr
/usr/src
/etc
/opt
/dev
/media     # external media mount point
/proc      # process info virtual filesystem
/sys       # system and kernel info virtual filesystem
/run       # running system shit virtual filesystem

/home
  /milk

  /lmedia  # large block size

/var
/var/cache
/var/tmp
/var/log

# ramdisk 
/tmp

# swap 
[SWAP]

Fonts:

noto-fonts-cjk
droid sans mono 10
gohufont

Config management

??? b0rken?

yay -S --answeredit n vcsh myrepos
ssh-keygen -t rsa -b 4096 -f ~/.ssh/github_rsa
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/github_rsa
< ~/.ssh/github_rsa.pub
# add new key on https://github.com/settings/ssh
ssh git@github.com
mkdir ~/.zsh/cache/$HOST
touch ~/.zsh/cache/$HOST/last-working-dir
# rm ~/.gtkrc-2.0
vcsh clone git://github.com/RichiH/vcsh_mr_template.git mr
mr up

???


Once all is working:

vcsh enter whateverrepo
  # only need to do this to change git remotes n such, not for general config editing
exit
vcsh foreach add -u
  # add all tracked but uncomitted files in all repos

vcsh commit
  # commit all

vcsh push
  # push all repos

Old Ubuntu setup

ooold

hostname new.host.name

sudo apt-get update
sudo apt-get install tmux git
git clone git@github.com:milkmiruku/dottmux.git ~/.tmux
ln -s ~/.tmux/.tmux.conf ~/.tmux.conf
tmux

sudo apt-get install curl zsh ncdu htop tree mercurial build-essential gcc libc6-dev ncurses-dev

sudo git clone git@github.com:milkmiruku/zsh.git ~/.zsh && cd ~/.zsh && sudo git submodule init && sudo git submodule update
  # edit zshrc location config 
useradd -m -s /usr/bin/zsh milk
passwd milk
adduser milk sudo

sudo apt-get remove vim vim-runtime gvim
  # (disable distro vim. not possible with apt on ubuntu [2])
mkdir ~/src && mkdir ~/src/vim
hg clone https://vim.googlecode.com/hg/ ~/src/vim && cd ~/src/vim && ./configure --enable-pythoninterp=yes && make && sudo make install
cd

git clone git@github.com:milkmiruku/dotvim.git ~/.vim
ln -s ~/.vim/vimrc ~/.vimrc
mkdir ~/.vim/bundle
git clone git://github.com/Shougo/neobundle.vim ~/.vim/bundle/neobundle.vim
echo ':NeoBundleInstall' > ~/viminit.txt
echo ':q' >> ~/viminit.vim
vim -s ~/viminit.vim
rm ~/viminit.vim
git clone    vimproc ......

wget -O src/atop.tar.gz http://www.atoptool.nl/download/atop-2.0.2.tar.gz && cd ~/src && tar zxvf atop.tar.gz && cd ~/src/atop && ./configure && make && make install
cd

vim /etc/ssh/sshd_config
  # disable root, change port, etc.
ssh-keygen -t rsa
  # (for user and root?)


To sort: multiuser config. permissions? Or /usr/share/config/ ...

apt-get install php mariadb
apt-get install ruby rubygems
apt-get install python pip

backup

Silver


Live USB

See Distros#Live Distro