Revision as of 21:15, 29 September 2018

Installation

genfstab -U /mnt >> /mnt/etc/fstab
arch-chroot /mnt
ln -sf /usr/share/zoneinfo/Canada/Pacific /etc/localtime
hwclock --systohc
nano /etc/locale.gen

Uncomment: en_US.UTF-8 UTF-8

locale-gen
nano /etc/locale.conf

add: LANG=en_US.UTF-8

nano /etc/hostname

add: teletran4

nano /etc/hosts

add: teletran4 relevant stuff

ln -s /dev/null /etc/udev/rules.d/80-net-setup-link.rules
mkinitcpio -p linux
passwd

Bootloader

pacman -S grub
grub-install --target=i386-pc /dev/sda
pacman -S intel-ucode
grub-mkconfig -o /boot/grub/grub.cfg

Start network at boot

systemctl enable dhcpcd

Enable RAID

pacman -S mdadm
modprobe raid5
mdadm --detail --scan >> /etc/mdadm.conf
nano /etc/mdadm.conf

change md127 to md0

nano /etc/fstab

add: /dev/md0 /home ext3 defaults,noatime 0 0

Reboot the system

exit
umount /mnt
reboot

Basic system configuration

log in as root

Create a user

useradd -m -G wheel,audio -s /bin/bash gr0x0rd
passwd gr0x0rd

Set up sudo

pacman -S sudo
nano /etc/sudoers

comment out wheel group

exit

Set up system basics

log in as gr0x0rd

sudo pacman -S polkit
sudo pacman -S openssh
sudo nano /etc/ssh/sshd_config

change port 22 to 2112

sudo systemctl edit sshd.socket

create section [Socket] and set ListenStream=2112

sudo systemctl start sshd.socket
sudo systemctl enable sshd.socket

Graphic driver

sudo pacman -S nvidia
sudo mkinitcpio 
sudo reboot

confirm the system is using the nvidia driver via lspci -v

Install a desktop environment

sudo pacman -S xorg
sudo pacman -S xfce4
sudo nano /etc/X11/xinit/xinitrc

add: exec startxfce4

pacman -S alsa-utils
alsamixer

unmute the master, set the volume to a decent level

sudo pacman -S lightdm lightdm-gtk-greeter
sudo nano /etc/lightdm/lightdm.conf

add to [Seat:*] section: greeter-session=lightdm-yourgreeter-greeter

sudo systemctl enable lightdm

reboot or start the desktop environment via startxfce4

sudo pacman -S ttf-dejavu

resolves messed up terminal fonts in xfce

sudo pacman -S firefox gedit

Server settings

sudo pacman -S nfs-utils

/etc/exports was copied from backup

sudo systemctl enable nfs-server.service
sudo systemctl start nfs-server.service

System monitor

sudo pacman -S conky

restored .conkyrc from backup

Image viewer

sudo pacman -S eog

Screen saver

sudo pacman -S xscreensaver xfce4-power-manager

Database server

sudo pacman -S mariadb
sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
sudo mysql_secure_installation
sudo systemctl enable mariadb.service
sudo systemctl start mariadb.service

Restore database from backup

gunzip < mysql_backup.sql.gz | mysql -u root -p

passwords for users did not work after restore. accounts had to be deleted and re-created. permisisons persisted after restoring.

Multimedia

sudo pacman -S pulseaudio xfce4-pulseaudio-plugin pavucontrol pulseaudio-alsa gst-plugins-good
sudo pacman -S mplayer vlc ffmpeg kodi mencoder devede

Torrent client

sudo pacman -S transmission-gtk transmission-cli

UPS

sudo pacman -S apcupsd

restore /etc/apcupsd/apcupsd.conf from backup

sudo systemctl enable apcupsd.service
sudo systemctl start apcupsd.service

Web Server

sudo pacman -S apache
sudo systemctl enable httpd.service
sudo systemctl start httpd.service

php

sudo pacman -S php php-apache
sudo nano /etc/php/php.ini

enable: date.timezone = America/Vancouver enable: short_open_tag = On enable: display_errors = On enable: open_basedir = /srv/http/

sudo nano /etc/httpd/conf/httpd.conf

comment the line: LoadModule mpm_event_module modules/mod_mpm_event.so

uncomment the line: LoadModule mpm_prefork_module modules/mod_mpm_prefork.so

add the following to the LoadModule list:

LoadModule php7_module modules/libphp7.so

AddHandler php7-script .php

add the following to the Include list:

Include conf/extra/php7_module.conf

Include conf/vhosts/*.conf

sudo mkdir /etc/httpd/conf/vhosts

copy the backups from the previous vhosts to the above folder and edit accordingly

sudo systemctl restart httpd

Arch User Repository

sudo pacman -S --needed base-devel
sudo mkdir -p /usr/local/aur
sudo pacman -S git
sudo chmod -R 777 /usr/local/aur

Password Manager

cd /usr/local/aur/
git clone https://aur.archlinux.org/password-gorilla.git
cd /usr/local/aur/password-gorilla
makepkg -si

Universal Media Server

sudo pacman -S jdk8-openjdk
sudo pacman -S dcraw lib32-gcc-libs 
sudo nano /etc/pacman.conf

uncomment [multilib] and Include = /etc/pacman.d/mirrorlist

sudo pacman -Syu
sudo pacman -S lib32-freetype2
cd /usr/local/aur/
git clone https://aur.archlinux.org/lib32-libmng.git
/usr/local/aur/lib32-libmng
gpg --recv-keys F54984BFA16C640F
makepkg -si
cd /usr/local/aur/
git clone https://aur.archlinux.org/lib32-qt4.git
cd /usr/local/aur/lib32-qt4
makepkg -si
git clone https://aur.archlinux.org/tsmuxer-ng-bin.git
cd /usr/local/aur/tsmuxer-ng-bin
makepkg -si
git clone https://aur.archlinux.org/ums.git
cd /usr/local/aur/ums
makepkg -si

copy the .config/UMS from backup to the desired location.

create the file /usr/lib/systemd/system/ums.service

copy the contents from http://www.universalmediaserver.com/forum/viewtopic.php?f=3&t=1240&start=10#p7392 to the file and save it

change the user "UMS" to running user

sudo systemctl enable ums.service
sudo systemctl start ums.service

Plex Media Server

This section is incomplete because its not fucking working

cd /usr/local/aur/
git clone https://aur.archlinux.org/plex-media-server-plexpass.git
cd /usr/local/aur/plex-media-server-plexpass
makepkg -si
sudo systemctl enable plexmediaserver.service
sudo systemctl start plexmediaserver.service

todo - how to import backup of libraries

Virtualbox

sudo pacman -S virtualbox
sudo pacman -S linux-headers
cd /usr/local/aur/
git clone https://aur.archlinux.org/virtualbox-ext-oracle.git 
makepkg -si
sudo modprobe vboxdrv
sudo modprobe vboxnetadp
sudo modprobe vboxnetflt
sudo modprobe vboxpci
sudo gpasswd -a gr0x0rd vboxusers

Hard disk temperature monitoring

sudo pacman -S hddtemp netcat

todo: configure hddtemp to run as a daemon with the correct drives

LetsEncypt certificate management

sudo pacman -S certbot certbot-apache
sudo nano /etc/httpd/conf/extra/httpd-acme.conf

paste the contents from https://wiki.archlinux.org/index.php/Certbot#Apache

sudo nano /etc/httpd/conf/httpd.conf

add: Include conf/extra/httpd-acme.conf

sudo systemctl restart httpd
sudo certbot certonly --email gr0x0rd@gmail.com --webroot -w /var/lib/letsencrypt/ -d gr0x0rd.com,blog.gr0x0rd.com,1291.gr0x0rd.com,pool.gr0x0rd.com,wiki.gr0x0rd.com,www.gr0x0rd.com

certs are now available at /etc/letsencrypt/live/gr0x0rd.com

private key: privkey.pem

cert: cert.pem

chain: chain.pem (for nginx)

fullchain: fullchain.pem

sudo nano /etc/httpd/conf/httpd.conf

uncomment: LoadModule ssl_module modules/mod_ssl.so

uncomment: LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

uncomment: Include conf/extra/httpd-ssl.conf

uncomment: LoadModule rewrite_module modules/mod_rewrite.so

sudo nano /etc/httpd/conf/extra/httpd-ssl.conf

add: SSLCertificateFile "/etc/letsencrypt/live/gr0x0rd.com/cert.pem"

add: SSLCertificateKeyFile "/etc/letsencrypt/live/gr0x0rd.com/privkey.pem"

add: SSLCertificateChainFile "/etc/letsencrypt/live/gr0x0rd.com/fullchain.pem"

add the same directives to the secure directive area in the applicable vhost file

sudo systemctl restart httpd

todo: https://wiki.archlinux.org/index.php/Certbot#Automatic_renewal

Mediawiki

sudo pacman -S mediawiki imagemagick php-gd php-intl
sudo nano /etc/php/php.ini

add: /var/lib/mediawiki/:/usr/share/webapps/:/tmp/:/usr/bin/ to the open_basedir directive

uncomment: extension=gd

uncomment: extension=intl

uncomment: extension=iconv

uncomment: extension=mysqli

uncomment: session.save_path = "/tmp"

sudo cp /etc/webapps/mediawiki/apache.example.conf /etc/httpd/conf/extra/mediawiki.conf
sudo mkdir -p /srv/http/mediawiki
sudo cp -r /usr/share/webapps/mediawiki/* /srv/http/mediawiki/

create the necessary file in /etc/httpd/conf/vhosts/

sudo systemctl restart httpd

Difference between revisions of "Archlinux configuration"