Box
Jump to navigation
Jump to search
General
A box, yer computer, physical (or abstract) box. [1]
These are the steps that I follow (and create) when I set-up Arch Linux. They are incomplete and I update them each time I go through the process.
See also Stack, *nix#Configuration 2, Server, Distros, Distros#Live Distro
- RFC 1178 - Choosing a name for your computer - In order to easily distinguish between multiple computers, we give them names. Experience has taught us that it is as easy to choose bad names as it is to choose good ones. This essay presents guidelines for deciding what makes a name good or bad.
Arch Linux stock install
- See also Distros#Custom ISO for creating your own Arch derivative.
Todo:
- convert parts into this style - https://github.com/unexicon/meta-unexicon ?
- https://github.com/Bleuzen/manjaro-kde-setup
Setup in the Arch install environment
Download the Arch iso, install it to USB/etc and boot from it, or use a netboot option.
# set keyboard for UK qwerty, gives access to pipe character, etc. loadkeys /usr/share/kbd/keymaps/i386/qwerty/uk.map.gz # check for potentially failed services (i.e. network DHCP if you have already plugged in an Ethernet cable) systemctl --failed
Network
# If you don't have an Ethernet cable and gateway to plug into but do have WiFi available; # for wifi-menu / wpa_cli to work vim /etc/wpa_supplicant/base.conf # new file ctrl_interface=/run/wpa_supplicant update_config=1 # get wifi interface name ip a wifi-menu (or) # start wpa_supplicant wpa_supplicant -B -i interfacename -c /etc/wpa_supplicant/base.conf # establish wifi data link wpa_cli scan scan_results add_network set_network 0 ssid "MYSSID" set_network 0 psk "passphrase" enable_network 0 # or for open wifi set_network 0 key_mgmt NONE enable_network 0 save_config q ### for wifi and ethernet??? # establish ip linkcli dhcpcd [interface]
Setup target storage
Either basic or LVM (or btrfs (to come))
Basic
# https://wiki.archlinux.org/index.php/Partitioning # there can be only 4 'primary' partitions in an MBR partition table. # or GPT can be used # if not using LVM, make the fourth 'extended' so it can contain further 'logical' partitions # filesystem partition size ideas: # /boot - 512M # contains boot kernel images (linux, linux-lts, linux-ck, etc.) - Type: linux (83 / 20) # [swap] # swap size to match RAM size - Type: Linux swap (82 / 19) # / # one large partition for the rest - Type: Linux (83 / 20) OR Linux LVM (8e / 31) # all-in-one partitioning, boot flag and swap partition setup echo -e "n\n\n\n\n+512M\n n\n\n\n\n+1G\n n\n\n\n\n\n a\n1\n t\n2\n82\nw\n"| fdisk /dev/vda # check drive partitions lsblk # formatting # boot as ext2 (no journal for less fuckups?) mkfs.ext2 /dev/sda1 e2label /dev/sda1 /boot mkfs.ext4 /dev/[partition] # create swap partition mkswap /dev/[swappartition] swapon /dev/[swappartition] # mount partitions - root first mount /dev/mapper/<lv-root> /mnt mkdir /mnt/boot mount /dev/sda1 /mnt/boot # give device label, for file managers - https://wiki.archlinux.org/index.php/Persistent_block_device_naming#by-label e2label /dev/XXX <label>
LVM (optional)
# managing storage devices with LVM allows for easier partition resizing, etc. later # see https://wiki.archlinux.org/index.php/LVM # you cannot have an LVM /boot, unless you are booting from a linux based bootloader such as coreboot, libreboot # an LVM swap is only worth it if the LVM setup is to be mirrored (for speed) # scan for available devices lvmdiskscan # create physical volume pvcreate /dev/DEVICE # confirm the above with either: pvdisplay pvscan pvs # create and add to internal drive volume group vgcreate <volume_group> /dev/DEVICE # or vgcreate <volume_group> /dev/sda2 /dev/sdb1 /dev/sdc # or vgextend <volume_group> <physical_volume> # confirm the above with: vgdisplay # logical volume / partition ideas: # root (/) logical volume, will contain /usr (includes installed programs) # minimum 100G # [swap] # match size of RAM if you use suspend-to-disk - Type # only worth it if the swap will be mirrored # var (/var) logical volume - contains misc. including spools, logs, packages downloaded for installation. separate to avoid running out of space # minimum 100G # home (/home) logical volume - contains user home folders # create partition group. -C = contiguous. lvcreate -C y -L 100G <volume_group> -n <lv_name> etc. # confirm the above lvs # confirm drive partitions lsblk # format drive partitions # boot as ext2 mkfs.ext2 /dev/sda1 e2label /dev/sda1 /boot mkfs.ext4 /dev/mapper/[partition] # repeat for each partition, excluding swap partition # create swap partition mkswap /dev/[swappartition] swapon /dev/[swappartition] # mount partitions - root first mount /dev/mapper/<lv-root> /mnt mkdir /mnt/boot mount /dev/sda1 /mnt/boot mkdir /mnt/var mount /dev/mapper/<lv-var> /mnt/var mkdir /mnt/home mount /dev/mapper/<lv-home> /mnt/home # if mirroring with raid1; lvconvert --type raid1 -m 1 /dev/milk-hdd-internal/logicalvolume /dev/sdd1 # give device label, for file managers - https://wiki.archlinux.org/index.php/Persistent_block_device_naming#by-label e2label /dev/XXX <label>
Bootstrap target system
# use geographically close arch package mirror vim /etc/pacman.d/mirrorlist # move local mirror at top of the list. this config is also copied across in the next step. pacman -S archlinux-keyring # bootstrap including the installation of pacman and a few extras pacstrap /mnt base base-devel linux linux-headers linux-lts linux-lts-headers vim syslinux gptfdisk pacman-contrib zsh polkit git netctl openssh p7zip reflector iotop mlocate ripgrep fzf tmux htop atop dmidecode ncdu dfc tree pkgfile wget bind-tools dhcping exfat-utils sshfs dateutils trash-cli wpa_supplicant dialog mediainfo python-pip python2-pip fasd go mpv nodejs npm rxvt-unicode-terminfo # generate file system configuration info genfstab -p /mnt >> /mnt/etc/fstab # chroot into new system arch-chroot /mnt
Accounts, names, time and language
# set root user password passwd # add your own user account and set a password useradd -m [USERNAME] passwd [USERNAME] # let wheel group use sudo for root permission visudo # uncomment %wheel ALL=(ALL) ALL ## USERNAME HOST_NAME= NOPASSWD: /usr/bin/halt,/usr/bin/poweroff,/usr/bin/reboot,/usr/bin/pacman -Syu # add user to wheel group for sudo/etc, access gpasswd -a [USERNAME] wheel # set a computer name echo computer_name > /etc/hostname # set the timezone ln -s /usr/share/zoneinfo/Europe/London /etc/localtime # uncomment en_GB.UTF-8 or appropriate locale vim /etc/locale.gen /#en_GB xZZ # generate locale locale-gen # set locale conf echo LANG=en_GB.UTF-8 > /etc/locale.conf # set persistant console keymap and font preferences in /etc/vconsole.conf vim /etc/vconsole.conf i KEYMAP=uk [esc]ZZ
Kernel images
# edit mkinitcpio.conf vim /etc/mkinitcpio.conf # add lvm2 to hooks HOOKS=" ... block lvm2 filesystems ... " # uncomment "xz" compression # build boot arch and lts boot images mkinitcpio -p linux linux-lts
x86 bootloader
syslinux
# install bootloader: syslinux (installed above) syslinux-install_update -i -a -m # the above does this: # fdisk for boot flag # dd bs=440 count=1 if=/usr/lib/syslinux/bios/mbr.bin of=/dev/sda #CAUTION - edit /boot/syslinux/syslinux.cfg to use correct device/mapper addresses
GRUB
# OR # install bootloader: GRUB # syslinux is easier to manage than GRUB #pacman -S grub #grub-install --recheck --target=i386-pc /dev/sdx # allow for saving the last booted kernel, edit /etc/default/grub, set #GRUB_DEFAULT=saved # and add #GRUB_SAVEDEFAULT=true # generate/regenerate config file #grub-mkconfig -o /boot/grub/grub.cfg
AUR and Git
su [non-root-username] # bootstrap AUR access with pacman wrapper AUR helper yay # (in terms of yay > trizen > pacaur w/ pacget > yaourt > * mkdir -p ~/pkgs && cd ~/pkgs && git clone https://aur.archlinux.org/yay-git.git && cd yay-git && makepkg -si # Install various handy apps yay -S --answeredit n --answerdiff n pkgcacheclean longoverdue inxi fd-rs localepurge dtrx downgrade topgrade # pkgcacheclean - Easy purging of older package cache files # longoverdue - System service update management made easy # inxi - Display various system hardware and software infos # fd-rs - fd command, improved find using gipgrep # localepurge - Script to remove disk space wasted for unneeded localizations. # dtrx - Do The Right X, an intelligent archive extraction tool # downgrade - Bash script for downgrading one or more packages to a version in your cache or the A.L.A. # topgrade - Invoke the upgrade proceadure of multiple package managers # If there is ever a missing gpg key; #gpg --recv-key [keyfromerror]
Network
# set better network interface device names in relation to their MAC (media access control) address. #vim /etc/udev/rules.d/10-network.rules # if only one active interface: echo SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="$(cat /sys/class/net/$(ls /sys/class/net/ | grep -v lo | grep -v wlan)/address)", NAME="eth0" > /etc/udev/rules.d/10.network.rules # if there is wifi (to fix): #echo SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="$(cat /sys/class/net/**wifiinterfacename**/address)", NAME="wlan0" >> /etc/udev/rules.d/10.network.rules # enable DHCP # multiple network management methods are available # https://wiki.archlinux.org/index.php/Network_configuration#Dynamic_IP_address # dhcpcd for all interfaces systemctl enable dhcpcd systemctl start dhcpcd # netctl (arch dev grown systemd interface) cp /etc/netctl/examples/ethernet-dhcp /etc/netctl cp /etc/netctl/examples/wireless-wpa /etc/netctl vim /etc/netctl/wireless-wpa # change essid and key # test netctl ethernet profile netctl start ethernet-dhcp ip a ping bbc.co.uk netctl stop ethernet-dhcp # test netctl wireless-wpa profile netctl start ethernet-dhcp ip a ping bbc.co.uk netctl stop wireless-wpa # make ethernet profile persistant netctl enable ethernet-dhcp #optional network extras pacman -S dnsmasq dnscrypt-proxy systemctl enable dnsmasq # either use straight DNS # set dns resolver (router) # see https://wiki.archlinux.org/index.php/Resolv.conf#Alternative_DNS_servers for a pair of public DNS server address to set #vim /etc/resolv.conf # or use encrypted DNS # install dnscrypt # setup dnsmasq config to listen to port 40 instead of 53 vim /etc/dnsmasq.conf no-resolv server=127.0.0.1#40 listen-address=127.0.0.1 proxy-dnssec # make a network socket for dnscrypt to use port 40 systemctl edit dnscrypt-proxy.socket [Socket] ListenStream= ListenDatagram= ListenStream=127.0.0.1:40 ListenDatagram=127.0.0.1:40 # create a unit file for dnscrypt with your chosen resolver cp /usr/lib/systemd/system/dnscrypt-proxy.service /etc/systemd/system vim /etc/systemd/system/dnscrypt-proxy.service # following [https://github.com/jedisct1/dnscrypt-proxy/blob/master/dnscrypt-resolvers.csv resolver] works dnscrypt.eu-dk # make sure dnsmasq doesn't fall over due from dnscrypt not responding while it starts up cp /usr/lib/systemd/system/dnsmasq.service /etc/systemd/system/multi-user.target.wants vim /etc/systemd/system/multi-user.target.wants # edit to load After=dnscrypt-proxy.service systemctl daemon-reload # um.. could be above? edit file after auto copy rather than before? systemctl enable dnscrypt-proxy.service vim /etc/resolv.conf nameserver 127.0.0.1 # setup ssh access systemctl enable sshd systemctl start sshd # reboot # ctrl-alt-del is quickest # https://wiki.archlinux.org/index.php/fail2ban pacman -S fail2ban
SSH and dotfiles
# Make .ssh directory mkdir ~/.ssh # Generate an [[SSH]] key using EdDSA (SHA-512/256 and Curve25519) ssh-keygen -t ed25519 -b 4096 -C "your_email@example.com" -f $HOME/.ssh/id_KEYNAME # Ensure ssh-agent is enabled for this shell instance eval "$(ssh-agent -s)" # Add your SSH key to the ssh-agent ssh-add ~/.ssh/id_[whatever] # copy public SSH key to services # dotfile configuration management using GNU Stow pacman -S stow git clone https://github.com/mxmilkb/dotfiles ~/dotfiles && cd ~/dotfiles stow base stow zsh stow vim stow systemd stow yay stow bin #etcetc
Video drivers
# find out graphics chipset lspci | grep -e VGA -e 3D # find gfx chipset drivers to install pacman -Ss xf86-video | grep ##something## # install gfx drivers pacman -S xf86-video-ati # or whatever package # hardware video acceleration, framebuffer support pacman -S libva-mesa-driver xf86-video-fbdev
GUI
### fonts # yay -S --answeredit n --noedit gohfont ### GUI apps # yay -S --answeredit n --noedit mediainfo-gui rxvt-unicode-fontspacing-noinc-vteclear-secondarywheel urxvtcd emoji-keyboard-git
Do you want X11 or wayland?
X11
# if you want a graphical login, install a display manager # https://wiki.archlinux.org/index.php/display_manager #yay -S --answeredit n lightdm lightdm-gtk-greeter #systemctl enable lightdm.service localectl set-x11-keymap gb # install basic X11 related yay -S --answeredit n --noedit xorg-server xorg-xinit xorg-xsetroot xorg-xrdb xorg-xset xorg-xev \ py3status checkupdates-aur xorg-xinput arandr xorg-xprop xorg-xhost # set X11 keyboard layout sudoedit /etc/X11/xorg.conf.d/20-keyboard.conf Section "InputClass" Identifier "keyboard" MatchIsKeyboard "yes" Option "XkbLayout" "gb" Option "XkbVariant" "nodeadkeys" EndSection # install X11 window manager # bspwm-git sxhkd-git - using i3 now. yay -S --answeredit n i3-gaps # install other X11 related yay -S --answeredit n autocutsel xscreensaver compton dunst hsetroot feh dmenu pnmixer-git redshift unclutter \ radiotray lxappearance workrave xorg-xdpyinfo xdotool glxinfo systemd-numlockontty gohufont # enable numlock for ttys and X systemctl enable numLockOnTty # doesn't work? # set the default browser gio mime x-scheme-handler/http google-chrome.desktop gio mime x-scheme-handler/https google-chrome.desktop
Wayland
yay -S sway swaylock swayidle
Miscellaneous
# install software yay -S --answeredit n --answerdiff n links-g-directfb smartmontools gsmartcontrol youtube-dl-git dnscrypt-proxy-gui meld xcwd-git google-chrome caffeine-ng dolphin dolphin-plugins qt5ct fortune-mod ttf-symbola # update pkgfile search cache sudo pkgfile --update systemctl enable pkgfile-update.timer # set Git config # if not using vcsh managed git config #git config --global user.name USERNAME #git config --global user.email MAILADDRESS
Sync
to check
yay -S --answeredit n syncthing syncthing-gtk syncthing-inotify systemctl --user enable syncthing.service syncthing-gtk # to get api key mkdir /etc/systemd/user/syncthing-inotify.service.d/ sudoedit /etc/systemd/user/syncthing-inotify.service.d/start.conf [Unit] ExecStart= ExecStart=/usr/bin/syncthing-inotify -logflags=0 -api="0M6ubcgtcy7KBLucu0jeXrgqB8U7YKp9" RuntimeDirectory=syncthing-inotify edit api systemctl --user enable syncthing-inotify.service #sudo ln -s /home/milk/.zshrc /root/.zshrc #sudo ln -s /home/milk/.zsh /root/.zsh #sudo ln -s /home/milk/.vimrc /root/.vimrc #sudo ln -s /home/milk/.vim /root/.vim
Backup
to actually sort
See also Backup
yay -S --answeredit n pakbak-git sudo mkdir -p /var/backup/pakbak sudoedit /etc/pakbak.conf # edit backup folder to /var/backup/pakbak systemctl enable pakbak * tar -cjf pacman_database.tar.bz2 /var/lib/pacman/local ### Borg # list intentionally installed packages #pacman -Qqe # Backup paths; # # /home/* # /etc # /var # /boot # /opt? # etc..? # Exclude #/var/tmp
Virtual machine
yay -S --answeredit n linux-headers virtualbox virtualbox-host-dkms sudoedit /etc/mkinitcpio.conf vboxdrv # add to end of modules (not hooks!) sudo mkinitcpio -p linux sudo modprobe vboxdrv virtualbox
Audio
# install some apps yay -S --answeredit n jack2 pulseaudio-jack cadence-git carla-git lv2-plugins sequencer64 audacity audacity-extras
Extra notes
Laptop
# Set up ACPI yay -S --answeredit n apci acpid vattery wicd wicd-gtk tlp hdparm mons systemctl enable acpid.service # https://wiki.archlinux.org/index.php/Acpid sudoedit /etc/udev/rules.d/99-lowbat.rules # Suspend the system when battery level drops to 5% or lower SUBSYSTEM=="power_supply", ATTR{status}=="Discharging", ATTR{capacity}=="[0-5]", RUN+="/usr/bin/systemctl hibernate" # add vattery and wicd-gkt --tray to .xinitrc # Set up touchpad yay -S --answeredit n xf86-input-libinput # intel video chipset? sv /etc/X11/xorg.conf Section "Device" Identifier "Card0" Driver "intel" Option "Backlight" "intel_backlight" EndSection sv /etc/X11/xorg.conf.d/30-touchpad.conf Section "InputClass" Identifier "MyTouchpad" MatchIsTouchpad "on" Driver "libinput" Option "Tapping" "on" EndSection
Mobile
yay -S kdeconnect indicator-kdeconnect exec --no-startup-id /usr/bin/indicator-kdeconnect # in .xinitrc
ODROID-N2
pacman -S sudo git tmux su USERNAME pacman -S --needed base base base-devel sudo vim git tmux archlinux-keyring pacman-contrib zsh polkit netctl openssh p7zip iotop mlocate ripgrep fzf htop atop dmidecode fasd ncdu dfc tree pkgfile wget bind-tools dhcping exfat-utils sshfs dateutils trash-cli python2-pip lvm2 wpa_supplicant dialog #not on arm syslinux reflector mediainfo-cli pip mkdir -p ~/pkgs && cd ~/pkgs && git clone https://aur.archlinux.org/yay-git.git || true && cd yay-git && makepkg -si yay -S --answeredit n --answerdiff n pkgcacheclean longoverdue downgrade inxi fd-rs localepurge neobundle-git dtrx pkgfile --update # put this in .bashrc eval "$(fasd --init auto)" passwd # change root password useradd -m USERNAME passwd USERNAME # change your password visudo # uncomment first wheel directive gpasswd -a USERNAME wheel echo NEWHOSTNAME > /etc/hostname rm /etc/localtime ln -s /usr/share/zoneinfo/Europe/London /etc/localtime
aconfmgr
scp milk@rose:~/state/aconfmgr ~/state/aconfmgr ??
Environment
old?
## usb drive partition - 8Gb /boot ## lvm raid 1 # root filesystem / /usr /usr/src /etc /opt /dev /media # external media mount point /proc # process info virtual filesystem /sys # system and kernel info virtual filesystem /run # running system shit virtual filesystem /home /milk /lmedia # large block size /var /var/cache /var/tmp /var/log # ramdisk /tmp # swap [SWAP]
Fonts:
noto-fonts-cjk droid sans mono 10 gohufont
Old Ubuntu setup
ooold
hostname new.host.name sudo apt-get update sudo apt-get install tmux git git clone git@github.com:milkmiruku/dottmux.git ~/.tmux ln -s ~/.tmux/.tmux.conf ~/.tmux.conf tmux sudo apt-get install curl zsh ncdu htop tree mercurial build-essential gcc libc6-dev ncurses-dev sudo git clone git@github.com:milkmiruku/zsh.git ~/.zsh && cd ~/.zsh && sudo git submodule init && sudo git submodule update # edit zshrc location config useradd -m -s /usr/bin/zsh milk passwd milk adduser milk sudo sudo apt-get remove vim vim-runtime gvim # (disable distro vim. not possible with apt on ubuntu [2]) mkdir ~/src && mkdir ~/src/vim hg clone https://vim.googlecode.com/hg/ ~/src/vim && cd ~/src/vim && ./configure --enable-pythoninterp=yes && make && sudo make install cd git clone git@github.com:milkmiruku/dotvim.git ~/.vim ln -s ~/.vim/vimrc ~/.vimrc mkdir ~/.vim/bundle git clone git://github.com/Shougo/neobundle.vim ~/.vim/bundle/neobundle.vim echo ':NeoBundleInstall' > ~/viminit.txt echo ':q' >> ~/viminit.vim vim -s ~/viminit.vim rm ~/viminit.vim
git clone vimproc ...... wget -O src/atop.tar.gz http://www.atoptool.nl/download/atop-2.0.2.tar.gz && cd ~/src && tar zxvf atop.tar.gz && cd ~/src/atop && ./configure && make && make install cd vim /etc/ssh/sshd_config # disable root, change port, etc.
ssh-keygen -t rsa # (for user and root?)
To sort: multiuser config. permissions? Or /usr/share/config/ ...
apt-get install php mariadb apt-get install ruby rubygems apt-get install python pip
backup