Installation

genfstab -U /mnt >> /mnt/etc/fstab
arch-chroot /mnt
ln -sf /usr/share/zoneinfo/Canada/Pacific /etc/localtime
hwclock --systohc
nano /etc/locale.gen

Uncomment: en_US.UTF-8 UTF-8

locale-gen
nano /etc/locale.conf

add: LANG=en_US.UTF-8

nano /etc/hostname

add: teletran4

nano /etc/hosts

add: teletran4 relevant stuff

ln -s /dev/null /etc/udev/rules.d/80-net-setup-link.rules
mkinitcpio -p linux
passwd

Bootloader

pacman -S grub
grub-install --target=i386-pc /dev/sda
pacman -S intel-ucode
grub-mkconfig -o /boot/grub/grub.cfg

Start network at boot

systemctl enable dhcpcd

Enable RAID

pacman -S mdadm
modprobe raid5
mdadm --detail --scan >> /etc/mdadm.conf
nano /etc/mdadm.conf

change md127 to md0

nano /etc/fstab

add: /dev/md0 /home ext3 defaults,noatime 0 0

Reboot the system

exit
umount /mnt
reboot

Basic system configuration

log in as root

Create a user

useradd -m -G wheel,audio -s /bin/bash gr0x0rd
passwd gr0x0rd

Set up sudo

pacman -S sudo
nano /etc/sudoers

comment out wheel group

exit

Set up system basics

log in as gr0x0rd

sudo pacman -S polkit
sudo pacman -S openssh
sudo nano /etc/ssh/sshd_config

change port 22 to 2112

sudo systemctl edit sshd.socket

create section [Socket] and set ListenStream=2112

sudo systemctl start sshd.socket
sudo systemctl enable sshd.socket

Graphic driver

sudo pacman -S nvidia
sudo mkinitcpio 
sudo reboot

confirm the system is using the nvidia driver via lspci -v

Install a desktop environment

sudo pacman -S xorg
sudo pacman -S xfce4
sudo nano /etc/X11/xinit/xinitrc

add: exec startxfce4

pacman -S alsa-utils
alsamixer

unmute the master, set the volume to a decent level

sudo pacman -S lightdm lightdm-gtk-greeter
sudo nano /etc/lightdm/lightdm.conf

add to [Seat:*] section: greeter-session=lightdm-yourgreeter-greeter

sudo systemctl enable lightdm

reboot or start the desktop environment via startxfce4

sudo pacman -S ttf-dejavu

resolves messed up terminal fonts in xfce

sudo pacman -S firefox gedit 

Server settings

sudo pacman -S nfs-utils

/etc/exports was copied from backup

sudo systemctl enable nfs-server.service
sudo systemctl start nfs-server.service

System monitor

sudo pacman -S conky

restored .conkyrc from backup sudo pacman -S eog sudo pacman -S xscreensaver xfce4-power-manager sudo pacman -S mariadb sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql sudo mysql_secure_installation sudo systemctl enable mariadb.service sudo systemctl start mariadb.service gunzip < mysql_backup.sql.gz | mysql -u root -p

1. passwords for users did not work after restore. accounts had to be deleted and re-created.
2. permisisons persisted after restoring.

sudo pacman -S pulseaudio xfce4-pulseaudio-plugin pavucontrol pulseaudio-alsa gst-plugins-good sudo pacman -S mplayer vlc ffmpeg kodi mencoder devede sudo pacman -S transmission-gtk transmission-cli sudo pacman -S apcupsd

1. restore /etc/apcupsd/apcupsd.conf from backup

sudo systemctl enable apcupsd.service sudo systemctl start apcupsd.service sudo pacman -S apache sudo systemctl enable httpd.service sudo systemctl start httpd.service sudo pacman -S php sudo nano /etc/php/php.ini

1. enable: date.timezone = America/Vancouver
2. enable: short_open_tag = On
3. enable: display_errors = On
4. enable: open_basedir = /srv/http/

sudo pacman -S php-apache sudo nano /etc/httpd/conf/httpd.conf

1. comment the line: LoadModule mpm_event_module modules/mod_mpm_event.so
2. uncomment the line: LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
3. add the following to the LoadModule list:
4. LoadModule php7_module modules/libphp7.so
5. AddHandler php7-script .php
6. add the following to the Include list:
7. Include conf/extra/php7_module.conf
8. Include conf/vhosts/*.conf

sudo mkdir /etc/httpd/conf/vhosts

1. copy the backups from the previous vhosts to the above folder and edit accordingly

sudo systemctl restart httpd sudo pacman -S --needed base-devel sudo mkdir -p /usr/local/aur sudo pacman -S git sudo chmod -R 777 /usr/local/aur cd /usr/local/aur/

git clone https://aur.archlinux.org/password-gorilla.git cd /usr/local/aur/password-gorilla makepkg -si sudo pacman -S jdk8-openjdk sudo pacman -S dcraw lib32-gcc-libs sudo nano /etc/pacman.conf

1. uncomment [multilib] and Include = /etc/pacman.d/mirrorlist

sudo pacman -Syu sudo pacman -S lib32-freetype2 cd /usr/local/aur/ git clone https://aur.archlinux.org/lib32-libmng.git /usr/local/aur/lib32-libmng gpg --recv-keys F54984BFA16C640F makepkg -si cd /usr/local/aur/ git clone https://aur.archlinux.org/lib32-qt4.git cd /usr/local/aur/lib32-qt4 makepkg -si git clone https://aur.archlinux.org/tsmuxer-ng-bin.git cd /usr/local/aur/tsmuxer-ng-bin makepkg -si git clone https://aur.archlinux.org/ums.git cd /usr/local/aur/ums makepkg -si

1. copy the .config/UMS from backup to the desired location.
2. create the file /usr/lib/systemd/system/ums.service
3. copy the contents from http://www.universalmediaserver.com/forum/viewtopic.php?f=3&t=1240&start=10#p7392 to the file and save it
4. change the user "UMS" to running user

sudo systemctl enable ums.service sudo systemctl start ums.service cd /usr/local/aur/ git clone https://aur.archlinux.org/plex-media-server-plexpass.git cd /usr/local/aur/plex-media-server-plexpass makepkg -si sudo systemctl enable plexmediaserver.service sudo systemctl start plexmediaserver.service

1. todo - how to import backup of libraries

sudo pacman -S virtualbox sudo pacman -S linux-headers cd /usr/local/aur/ git clone https://aur.archlinux.org/virtualbox-ext-oracle.git makepkg -si sudo modprobe vboxdrv sudo modprobe vboxnetadp sudo modprobe vboxnetflt sudo modprobe vboxpci sudo gpasswd -a gr0x0rd vboxusers sudo pacman -S hddtemp netcat

1. todo: configure hddtemp to run as a daemon with the correct drives

sudo pacman -S certbot certbot-apache sudo nano /etc/httpd/conf/extra/httpd-acme.conf

1. paste the contents from https://wiki.archlinux.org/index.php/Certbot#Apache

sudo nano /etc/httpd/conf/httpd.conf

1. add: Include conf/extra/httpd-acme.conf

sudo systemctl restart httpd sudo certbot certonly --email gr0x0rd@gmail.com --webroot -w /var/lib/letsencrypt/ -d gr0x0rd.com,blog.gr0x0rd.com,1291.gr0x0rd.com,pool.gr0x0rd.com,wiki.gr0x0rd.com,www.gr0x0rd.com

1. certs are now available at /etc/letsencrypt/live/gr0x0rd.com
2. private key: privkey.pem
3. cert: cert.pem
4. chain: chain.pem (for nginx)
5. fullchain: fullchain.pem

sudo nano /etc/httpd/conf/httpd.conf

1. uncomment: LoadModule ssl_module modules/mod_ssl.so
2. uncomment: LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
3. uncomment: Include conf/extra/httpd-ssl.conf
4. uncomment: LoadModule rewrite_module modules/mod_rewrite.so

sudo nano /etc/httpd/conf/extra/httpd-ssl.conf

1. add: SSLCertificateFile "/etc/letsencrypt/live/gr0x0rd.com/cert.pem"
2. add: SSLCertificateKeyFile "/etc/letsencrypt/live/gr0x0rd.com/privkey.pem"
3. add: SSLCertificateChainFile "/etc/letsencrypt/live/gr0x0rd.com/fullchain.pem"
4. add the same directives to the secure directive area in the applicable vhost file

sudo systemctl restart httpd

1. todo: https://wiki.archlinux.org/index.php/Certbot#Automatic_renewal

sudo pacman -S mediawiki imagemagick php-gd php-intl sudo nano /etc/php/php.ini

1. add: /var/lib/mediawiki/:/usr/share/webapps/:/tmp/:/usr/bin/ to the open_basedir directive
2. uncomment: extension=gd
3. uncomment: extension=intl
4. uncomment: extension=iconv
5. uncomment: extension=mysqli
6. uncomment: session.save_path = "/tmp"

sudo cp /etc/webapps/mediawiki/apache.example.conf /etc/httpd/conf/extra/mediawiki.conf sudo mkdir -p /srv/http/mediawiki sudo cp -r /usr/share/webapps/mediawiki/* /srv/http/mediawiki/

1. create the necessary file in /etc/httpd/conf/vhosts/

sudo systemctl restart httpd