Difference between revisions of "Archlinux configuration"
| Line 56: | Line 56: | ||
sudo systemctl start sshd.socket | sudo systemctl start sshd.socket | ||
sudo systemctl enable sshd.socket | sudo systemctl enable sshd.socket | ||
| + | == Arch User Repository == | ||
| + | sudo pacman -S --needed base-devel | ||
| + | sudo mkdir -p /usr/local/aur | ||
| + | sudo pacman -S git | ||
| + | sudo chmod -R 777 /usr/local/aur | ||
| + | |||
| + | = Desktop environment = | ||
== Graphic driver == | == Graphic driver == | ||
sudo pacman -S nvidia | sudo pacman -S nvidia | ||
| Line 61: | Line 68: | ||
sudo reboot | sudo reboot | ||
confirm the system is using the nvidia driver via lspci -v | confirm the system is using the nvidia driver via lspci -v | ||
| − | == | + | == Window Manager == |
sudo pacman -S xorg | sudo pacman -S xorg | ||
sudo pacman -S xfce4 | sudo pacman -S xfce4 | ||
sudo nano /etc/X11/xinit/xinitrc | sudo nano /etc/X11/xinit/xinitrc | ||
add: exec startxfce4 | add: exec startxfce4 | ||
| − | |||
| − | |||
| − | |||
sudo pacman -S lightdm lightdm-gtk-greeter | sudo pacman -S lightdm lightdm-gtk-greeter | ||
sudo nano /etc/lightdm/lightdm.conf | sudo nano /etc/lightdm/lightdm.conf | ||
| Line 76: | Line 80: | ||
sudo pacman -S ttf-dejavu | sudo pacman -S ttf-dejavu | ||
resolves messed up terminal fonts in xfce | resolves messed up terminal fonts in xfce | ||
| + | == Sound == | ||
| + | pacman -S alsa-utils | ||
| + | alsamixer | ||
| + | unmute the master, set the volume to a decent level | ||
| + | |||
| + | == Basic desktop software == | ||
sudo pacman -S firefox gedit | sudo pacman -S firefox gedit | ||
| + | == Image viewer == | ||
| + | sudo pacman -S eog | ||
| + | == Screen saver == | ||
| + | sudo pacman -S xscreensaver xfce4-power-manager | ||
| + | == Multimedia == | ||
| + | sudo pacman -S pulseaudio xfce4-pulseaudio-plugin pavucontrol pulseaudio-alsa gst-plugins-good | ||
| + | sudo pacman -S mplayer vlc ffmpeg kodi mencoder devede | ||
| + | == Torrent client == | ||
| + | sudo pacman -S transmission-gtk transmission-cli | ||
| + | == Password Manager == | ||
| + | cd /usr/local/aur/ | ||
| + | git clone https://aur.archlinux.org/password-gorilla.git | ||
| + | cd /usr/local/aur/password-gorilla | ||
| + | makepkg -si | ||
| + | |||
= Server settings = | = Server settings = | ||
| + | |||
| + | == System monitor == | ||
| + | sudo pacman -S conky | ||
| + | restored .conkyrc from backup | ||
| + | == Hard disk temperature monitoring == | ||
| + | sudo pacman -S hddtemp netcat | ||
| + | todo: configure hddtemp to run as a daemon with the correct drives | ||
| + | == UPS == | ||
| + | sudo pacman -S apcupsd | ||
| + | restore /etc/apcupsd/apcupsd.conf from backup | ||
| + | sudo systemctl enable apcupsd.service | ||
| + | sudo systemctl start apcupsd.service | ||
== NFS Server == | == NFS Server == | ||
sudo pacman -S nfs-utils | sudo pacman -S nfs-utils | ||
| Line 84: | Line 121: | ||
sudo systemctl start nfs-server.service | sudo systemctl start nfs-server.service | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
== Database server == | == Database server == | ||
sudo pacman -S mariadb | sudo pacman -S mariadb | ||
| Line 101: | Line 131: | ||
passwords for users did not work after restore. accounts had to be deleted and re-created. | passwords for users did not work after restore. accounts had to be deleted and re-created. | ||
permisisons persisted after restoring. | permisisons persisted after restoring. | ||
| − | + | ||
| − | + | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
== Web Server == | == Web Server == | ||
sudo pacman -S apache | sudo pacman -S apache | ||
| Line 142: | Line 164: | ||
copy the backups from the previous vhosts to the above folder and edit accordingly | copy the backups from the previous vhosts to the above folder and edit accordingly | ||
sudo systemctl restart httpd | sudo systemctl restart httpd | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
== LetsEncypt certificate management == | == LetsEncypt certificate management == | ||
sudo pacman -S certbot certbot-apache | sudo pacman -S certbot certbot-apache | ||
| Line 272: | Line 230: | ||
When satisfied, create the applicable vhosts file in apache and... | When satisfied, create the applicable vhosts file in apache and... | ||
sudo systemctl restart httpd | sudo systemctl restart httpd | ||
| + | |||
| + | == Universal Media Server == | ||
| + | sudo pacman -S jdk8-openjdk | ||
| + | sudo pacman -S dcraw lib32-gcc-libs | ||
| + | sudo nano /etc/pacman.conf | ||
| + | uncomment [multilib] and Include = /etc/pacman.d/mirrorlist | ||
| + | sudo pacman -Syu | ||
| + | sudo pacman -S lib32-freetype2 | ||
| + | cd /usr/local/aur/ | ||
| + | git clone https://aur.archlinux.org/lib32-libmng.git | ||
| + | /usr/local/aur/lib32-libmng | ||
| + | gpg --recv-keys F54984BFA16C640F | ||
| + | makepkg -si | ||
| + | cd /usr/local/aur/ | ||
| + | git clone https://aur.archlinux.org/lib32-qt4.git | ||
| + | cd /usr/local/aur/lib32-qt4 | ||
| + | makepkg -si | ||
| + | git clone https://aur.archlinux.org/tsmuxer-ng-bin.git | ||
| + | cd /usr/local/aur/tsmuxer-ng-bin | ||
| + | makepkg -si | ||
| + | git clone https://aur.archlinux.org/ums.git | ||
| + | cd /usr/local/aur/ums | ||
| + | makepkg -si | ||
| + | copy the .config/UMS from backup to the desired location. | ||
| + | |||
| + | create the file /usr/lib/systemd/system/ums.service | ||
| + | |||
| + | copy the contents from http://www.universalmediaserver.com/forum/viewtopic.php?f=3&t=1240&start=10#p7392 to the file and save it | ||
| + | |||
| + | change the user "UMS" to running user | ||
| + | sudo systemctl enable ums.service | ||
| + | sudo systemctl start ums.service | ||
| + | |||
| + | == Plex Media Server == | ||
| + | This section is incomplete because its not fucking working | ||
| + | cd /usr/local/aur/ | ||
| + | git clone https://aur.archlinux.org/plex-media-server-plexpass.git | ||
| + | cd /usr/local/aur/plex-media-server-plexpass | ||
| + | makepkg -si | ||
| + | sudo systemctl enable plexmediaserver.service | ||
| + | sudo systemctl start plexmediaserver.service | ||
| + | todo - how to import backup of libraries | ||
| + | == Virtualbox == | ||
| + | sudo pacman -S virtualbox | ||
| + | sudo pacman -S linux-headers | ||
| + | cd /usr/local/aur/ | ||
| + | git clone https://aur.archlinux.org/virtualbox-ext-oracle.git | ||
| + | makepkg -si | ||
| + | sudo modprobe vboxdrv | ||
| + | sudo modprobe vboxnetadp | ||
| + | sudo modprobe vboxnetflt | ||
| + | sudo modprobe vboxpci | ||
| + | sudo gpasswd -a gr0x0rd vboxusers | ||
Revision as of 09:42, 30 September 2018
Installation
genfstab -U /mnt >> /mnt/etc/fstab arch-chroot /mnt ln -sf /usr/share/zoneinfo/Canada/Pacific /etc/localtime hwclock --systohc nano /etc/locale.gen
Uncomment: en_US.UTF-8 UTF-8
locale-gen nano /etc/locale.conf
add: LANG=en_US.UTF-8
nano /etc/hostname
add: teletran4
nano /etc/hosts
add: teletran4 relevant stuff
ln -s /dev/null /etc/udev/rules.d/80-net-setup-link.rules mkinitcpio -p linux passwd
Bootloader
pacman -S grub grub-install --target=i386-pc /dev/sda pacman -S intel-ucode grub-mkconfig -o /boot/grub/grub.cfg
Start network at boot
systemctl enable dhcpcd
Enable RAID
pacman -S mdadm modprobe raid5 mdadm --detail --scan >> /etc/mdadm.conf nano /etc/mdadm.conf
change md127 to md0
nano /etc/fstab
add: /dev/md0 /home ext3 defaults,noatime 0 0
Reboot the system
exit umount /mnt reboot
Basic system configuration
log in as root
Create a user
useradd -m -G wheel,audio -s /bin/bash gr0x0rd passwd gr0x0rd
Set up sudo
pacman -S sudo nano /etc/sudoers
comment out wheel group
exit
Set up system basics
log in as gr0x0rd
sudo pacman -S polkit sudo pacman -S openssh sudo nano /etc/ssh/sshd_config
change port 22 to 2112
sudo systemctl edit sshd.socket
create section [Socket] and set ListenStream=2112
sudo systemctl start sshd.socket sudo systemctl enable sshd.socket
Arch User Repository
sudo pacman -S --needed base-devel sudo mkdir -p /usr/local/aur sudo pacman -S git sudo chmod -R 777 /usr/local/aur
Desktop environment
Graphic driver
sudo pacman -S nvidia sudo mkinitcpio sudo reboot
confirm the system is using the nvidia driver via lspci -v
Window Manager
sudo pacman -S xorg sudo pacman -S xfce4 sudo nano /etc/X11/xinit/xinitrc
add: exec startxfce4
sudo pacman -S lightdm lightdm-gtk-greeter sudo nano /etc/lightdm/lightdm.conf
add to [Seat:*] section: greeter-session=lightdm-yourgreeter-greeter
sudo systemctl enable lightdm
reboot or start the desktop environment via startxfce4
sudo pacman -S ttf-dejavu
resolves messed up terminal fonts in xfce
Sound
pacman -S alsa-utils alsamixer
unmute the master, set the volume to a decent level
Basic desktop software
sudo pacman -S firefox gedit
Image viewer
sudo pacman -S eog
Screen saver
sudo pacman -S xscreensaver xfce4-power-manager
Multimedia
sudo pacman -S pulseaudio xfce4-pulseaudio-plugin pavucontrol pulseaudio-alsa gst-plugins-good sudo pacman -S mplayer vlc ffmpeg kodi mencoder devede
Torrent client
sudo pacman -S transmission-gtk transmission-cli
Password Manager
cd /usr/local/aur/ git clone https://aur.archlinux.org/password-gorilla.git cd /usr/local/aur/password-gorilla makepkg -si
Server settings
System monitor
sudo pacman -S conky
restored .conkyrc from backup
Hard disk temperature monitoring
sudo pacman -S hddtemp netcat
todo: configure hddtemp to run as a daemon with the correct drives
UPS
sudo pacman -S apcupsd
restore /etc/apcupsd/apcupsd.conf from backup
sudo systemctl enable apcupsd.service sudo systemctl start apcupsd.service
NFS Server
sudo pacman -S nfs-utils
/etc/exports was copied from backup
sudo systemctl enable nfs-server.service sudo systemctl start nfs-server.service
Database server
sudo pacman -S mariadb sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql sudo mysql_secure_installation sudo systemctl enable mariadb.service sudo systemctl start mariadb.service
Restore database from backup
gunzip < mysql_backup.sql.gz | mysql -u root -p
passwords for users did not work after restore. accounts had to be deleted and re-created. permisisons persisted after restoring.
Web Server
sudo pacman -S apache sudo systemctl enable httpd.service sudo systemctl start httpd.service
php
sudo pacman -S php php-apache sudo nano /etc/php/php.ini
enable: date.timezone = America/Vancouver enable: short_open_tag = On enable: display_errors = On enable: open_basedir = /srv/http/
sudo nano /etc/httpd/conf/httpd.conf
comment the line: LoadModule mpm_event_module modules/mod_mpm_event.so
uncomment the line: LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
add the following to the LoadModule list:
LoadModule php7_module modules/libphp7.so
AddHandler php7-script .php
add the following to the Include list:
Include conf/extra/php7_module.conf
Include conf/vhosts/*.conf
sudo mkdir /etc/httpd/conf/vhosts
copy the backups from the previous vhosts to the above folder and edit accordingly
sudo systemctl restart httpd
LetsEncypt certificate management
sudo pacman -S certbot certbot-apache sudo nano /etc/httpd/conf/extra/httpd-acme.conf
paste the contents from https://wiki.archlinux.org/index.php/Certbot#Apache
sudo nano /etc/httpd/conf/httpd.conf
add: Include conf/extra/httpd-acme.conf
sudo systemctl restart httpd sudo certbot certonly --email gr0x0rd@gmail.com --webroot -w /var/lib/letsencrypt/ -d gr0x0rd.com,blog.gr0x0rd.com,1291.gr0x0rd.com,pool.gr0x0rd.com,wiki.gr0x0rd.com,www.gr0x0rd.com
certs are now available at /etc/letsencrypt/live/gr0x0rd.com
private key: privkey.pem
cert: cert.pem
chain: chain.pem (for nginx)
fullchain: fullchain.pem
sudo nano /etc/httpd/conf/httpd.conf
uncomment: LoadModule ssl_module modules/mod_ssl.so
uncomment: LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
uncomment: Include conf/extra/httpd-ssl.conf
uncomment: LoadModule rewrite_module modules/mod_rewrite.so
sudo nano /etc/httpd/conf/extra/httpd-ssl.conf
add: SSLCertificateFile "/etc/letsencrypt/live/gr0x0rd.com/cert.pem"
add: SSLCertificateKeyFile "/etc/letsencrypt/live/gr0x0rd.com/privkey.pem"
add: SSLCertificateChainFile "/etc/letsencrypt/live/gr0x0rd.com/fullchain.pem"
add the same directives to the secure directive area in the applicable vhost file
sudo systemctl restart httpd
todo: https://wiki.archlinux.org/index.php/Certbot#Automatic_renewal
Mediawiki
sudo pacman -S mediawiki imagemagick php-gd php-intl sudo nano /etc/php/php.ini
add: /var/lib/mediawiki/:/usr/share/webapps/:/tmp/:/usr/bin/ to the open_basedir directive
uncomment: extension=gd
uncomment: extension=intl
uncomment: extension=iconv
uncomment: extension=mysqli
uncomment: session.save_path = "/tmp"
sudo mkdir -p /srv/http/mediawiki sudo cp -r /usr/share/webapps/mediawiki/* /srv/http/mediawiki/
create the necessary file in /etc/httpd/conf/vhosts/
sudo systemctl restart httpd
Wordpress
sudo pacman -S wordpress sudo mkdir -p /srv/http/wordpress sudo cp -r /usr/share/webapps/wordpress/* /srv/http/wordpress/
If you have any backed up content or an existing site, copy the relevant files (such as wp-content) to the new instance.
There are a number of php extensions that need to be enabled for wordpress to work properly. If you've already completed the steps above, these should all be ready to go.
When satisfied, create the applicable vhosts file in apache and...
sudo systemctl restart httpd
Universal Media Server
sudo pacman -S jdk8-openjdk sudo pacman -S dcraw lib32-gcc-libs sudo nano /etc/pacman.conf
uncomment [multilib] and Include = /etc/pacman.d/mirrorlist
sudo pacman -Syu sudo pacman -S lib32-freetype2 cd /usr/local/aur/ git clone https://aur.archlinux.org/lib32-libmng.git /usr/local/aur/lib32-libmng gpg --recv-keys F54984BFA16C640F makepkg -si cd /usr/local/aur/ git clone https://aur.archlinux.org/lib32-qt4.git cd /usr/local/aur/lib32-qt4 makepkg -si git clone https://aur.archlinux.org/tsmuxer-ng-bin.git cd /usr/local/aur/tsmuxer-ng-bin makepkg -si git clone https://aur.archlinux.org/ums.git cd /usr/local/aur/ums makepkg -si
copy the .config/UMS from backup to the desired location.
create the file /usr/lib/systemd/system/ums.service
copy the contents from http://www.universalmediaserver.com/forum/viewtopic.php?f=3&t=1240&start=10#p7392 to the file and save it
change the user "UMS" to running user
sudo systemctl enable ums.service sudo systemctl start ums.service
Plex Media Server
This section is incomplete because its not fucking working
cd /usr/local/aur/ git clone https://aur.archlinux.org/plex-media-server-plexpass.git cd /usr/local/aur/plex-media-server-plexpass makepkg -si sudo systemctl enable plexmediaserver.service sudo systemctl start plexmediaserver.service
todo - how to import backup of libraries
Virtualbox
sudo pacman -S virtualbox sudo pacman -S linux-headers cd /usr/local/aur/ git clone https://aur.archlinux.org/virtualbox-ext-oracle.git makepkg -si sudo modprobe vboxdrv sudo modprobe vboxnetadp sudo modprobe vboxnetflt sudo modprobe vboxpci sudo gpasswd -a gr0x0rd vboxusers