-
Notifications
You must be signed in to change notification settings - Fork 3
/
install.ubuntu.11.04
416 lines (285 loc) · 12.7 KB
/
install.ubuntu.11.04
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
These are installs on a fresh system.
1.) Boot the install cd and follow instructions to do the base
install. Set up machine as desired. Fairly
self-explanatory. Partitioning should be roughly as follows, adjusted
for available disk size as appropriate (including for RAID). Disk
labels should be representative of the mount point.
Pysical Partitions:
1 1GB /boot
2 Rest physical volume for LVM*
* = Alternatively, do volume for encryption, containing a single LVM
partition.
- If you are doing RAID, then you want the above physical partition
scheme across multiple drives, with each one set up for "Physical
volume for RAID". Then you create MD devices for each pairing (same
partition on each drive) and then define it to be whatever it is
above, and continue on as normal from there.
- These should represent MINIMUM sizes. More is often better.
LVM Partitions
swap 2*RAM
usr_local 10GB /usr/local
tmp 2GB /tmp
var 5GB /var
root 10GB /
home Rest /home
(For some machines, a common area of /pub, or /shared, might be
appropriate, and should be taken out of /home)
## NOTE: All this stuff assumes that you're root, such as with "sudo -s"
2.) After machine is up, run synaptic, go to settings->repositories
make sure the following are enabled:
- main
- universe
- restricted
- multiverse
- source code
Select Download From, then choose "other" and select best server. Let
it run the speed tests and you're good.
Select other software tab and enable/add:
- partner
- partner (Source Code)
- independent
- independent (Source code)
Select updates tab and enable:
- natty-security
- natty-updates
- natty-backports
(or just grab sources.list from some reasonable machine)
Select Statistics and enable:
- submit statistical information
3.) Do:
aptitude update
aptitude full-upgrade
4.) Install things:
aptitude install phonon-backend-xine nmap traceroute emacs-snapshot emacs-goodies-el css-mode openssh-server symlinks sysstat ifstat dstat ssmtp heirloom-mailx apg whois powertop mii-diag gif2png cups-pdf units tofrodos gcc make g++ gdb autoconf libtool automake libc6-dev samba smbfs libsane-extras xsane scribus scribus-template texlive texlive-fonts-extra texlive-latex-extra latex2html latex2rtf gnuplot gnuplot-mode thunderbird enigmail firefox tracker tracker-utils unison unison-gtk digikam kipi-plugins meld ntp brag exiv2 unrar autossh openoffice.org xmlstarlet dvdrtools cdrskin logjam mesa-utils okular okular-extra-backends k3b libk3b6-extracodecs libtk-gbarr-perl subversion mono-runtime mono-2.0-devel monodevelop monodevelop-nunit monodevelop-versioncontrol monodoc-manual glade mono-gmcs libmono-dev smartmontools gstreamer0.10-ffmpeg gstreamer0.10-plugins-bad gstreamer0.10-plugins-bad-multiverse gstreamer0.10-plugins-ugly gstreamer0.10-plugins-ugly-multiverse vnc4server xvnc4viewer aspell aspell-en pidgin-extprefs pidgin-plugin-pack openjdk-6-demo openjdk-6-doc openjdk-6-jre openjdk-6-jre-headless openjdk-6-jre-lib openjdk-6-jdk gqview konqueror kaffeine xine-ui xchat mpg123 sox rhythmbox openoffice.org-help-en-us kcachegrind kcachegrind-converters graphviz hfsplus normalize-audio audacity libsox-fmt-all input-utils mysql-client nant sqlite3 libmono-i18n2.0-cil libmono-microsoft8.0-cil p7zip dvdbackup dia-gnome gsfonts-x11 ubuntustudio-font-meta fontmatrix kate powertop latencytop python-pycurl python-paramiko python-setuptools regexxer apt-show-versions gdm-guest-session git-core gitk git-svn speedcrunch mp3gain vorbisgain amarok kmail libmath-round-perl krita dosbox apt-file keepassx picocom qbrew manpages-posix manpages-posix-dev manpages-dev manpages c-cpp-reference ipcalc clusterssh logcheck preload mozplugger flashplugin-installer eclipse clusterssh pssh dh-make devscripts chromium-browser chromium-codecs-ffmpeg-extra deskbar-applet ubuntu-restricted-extras ktorrent shutter libgoo-canvas-perl gnome-web-photo portsentry sound-juicer djvulibre-bin djvulibre-plugin djvusmooth pdf2djvu gnome-swallow-applet usb-imagewriter iftop pidgin-skype sensors-applet sun-java6-jdk ia32-sun-java6-bin mail-notification wireshark atop gkrellm icewm icewm-themes icewm-gnome xubuntu-desktop xfce4-goodies xfce4-xfapplet-plugin tomboy
5.) Set up static IP's (for machines with them)
- edit /etc/network/interfaces, and add lines like:
auto iface eth0 inet static
address 192.168.9.1
netmask 255.255.255.0
gateway 192.168.9.254
ifdown eth0
ifup eth0
6.) Make ssh work:
## For an old machine, use the old keys - you did save /etc, didn't you?
## For a new machine, use the new keys generated by the distro.
- make sure to add to the firewall
ufw allow ssh
- set:
- PermitRootLogin no
- once you've set up public key auth, turn off password access. edit
/etc/ssh/sshd_config
and set
PasswordAuthentication no
sudo service ssh restart
7.) Turn on the firewall.
ufw enable
8.) Set up /etc/hosts.allow and /etc/hosts.deny:
- hosts.allow:
----------------
ALL: 127.0.0.1
sshd: ALL
-----------------
- hosts.deny:
----------------
ALL:ALL
-----------------
9.) Configure the bootloader
- edit /etc/default/grub
- comment out the GRUB_HIDDEN_TIMEOUT line
- set the GRUB_TIMEOUT line to 3
- set the GRUB_CMDLINE_LINUX_DEFAULT to "nosplash"
- sudo update-grub
10.) Install proprietary things (Medibuntu)
From: https://help.ubuntu.com/community/Medibuntu
sudo wget --output-document=/etc/apt/sources.list.d/medibuntu.list http://www.medibuntu.org/sources.list.d/$(lsb_release -cs).list
sudo chmod a+r /etc/apt/sources.list.d/medibuntu.list
sudo aptitude update
sudo apt-get --yes --allow-unauthenticated install medibuntu-keyring
sudo aptitude update
sudo aptitude install libdvdcss2 non-free-codecs googleearth-package app-install-data-medibuntu apport-hooks-medibuntu
11.) latex
- cd /usr/share/texmf/tex/latex
- sudo cp -a ~/system_stuff/latex/local .
- sudo chown -R root:root local
- then run texconfig and select "rehash"
- Also, set the paper to US
12.) ntpd (for fixed machines only, for mobile, the default is fine)
TODO - FIX THIS - we have no NTP server for now
## for server:
- add ntpd to hosts.allow list
ntpd: 192.168.9.0/24
## for server, make sure to add to ufw
ufw allow ntp
## for client
- edit /etc/ntpd.conf and comment out the line:
server ntp.ubuntu.com
- and add the line:
server 192.168.9.98 (this was daisy, should now be loki..)
13.) cups
- sudo system-config-printer
- add printers as appropriate
- Under Server->Settings select:
Show printers shared by other systems
- For servers, under "Server Settings", select:
Show printers shared by other systems
- make sure to enable it in the ufw
ufw allow ipp
14.) Set up samba:
- Servers
cd /etc/samba
mv smb.conf smb.conf.old
cp ~/system_stuff/samba/smb.conf.machine_name ./smb.conf
update-rc.d smbd defaults
update-rc.d nmbd defaults
service smbd start
service nmbd start
- make sure to add ufw rules for it
ufw allow netbios-ns
ufw allow netbios-dgm
ufw allow netbios-ssn
ufw allow microsoft-ds
- Other machines
- Remember to turn it off on places you don't want it.
update-rc.d smbd disable
update-rc.d nmbd disable
service smbd stop
service nmbd stop
15.) Set up ssmtp
cd /etc/ssmtp
mv ssmtp.conf ssmtp.conf.old
cp ~/system_stuff/ssmtp/ssmtp.conf .
chmod a+r ssmtp.conf
16.) Set up apache (if applicable)
aptitude install apache2 php5 php5-cli php-pear php-db php5-mysql php5-mcrypt mysql-server
- edit /etc/apache2/ports.conf and change:
Listen 80
- to
Listen 127.0.0.1:80
- and
Listen *:443
- to
Listen 127.0.0.1:443
- enable the userdir and rewrite modules
a2enmod userdir
a2enmod rewrite
sudo service apache2 restart
- for dev machines, you may not want it to start at boot
update-rc.d -f apache2 remove
update-rc.d -f mysql remove
17.) Add podget to my cron (one machine only)
TODO - port over. Stuff is in .hpodder.
crontab -e
then make it look like:
0 6 * * * /home/matt/bin/hpodder > /dev/null
so it will run every morning at 6am and log to nowhere
18.) set up rsnapshot (on appropriate machines)
aptitude install rsnapshot
cd /etc/
mv rsnapshot.conf rsnapshot.conf.old
cp ~/system_stuff/rsnapshot/rsnapshot.conf .
chmod a+r rsnapshot.conf
- edit /etc/cron.d/rsnapshot and set the stuff to work like:
# min hour day month week
0 */4 * * * root /usr/bin/rsnapshot hourly
30 3 * * * root /usr/bin/rsnapshot daily
0 3 * * 1 root /usr/bin/rsnapshot weekly
30 2 1 * * root /usr/bin/rsnapshot monthly
19.) /etc/hosts
- add hosts to /etc/hosts as appropriate
20.) Remove gdm so X doesn't start (servers only)
update-rc.d gdm disable
21.) Set up CDEmu ppa
- Add the CDEmu repository
sudo add-apt-repository "deb http://ppa.launchpad.net/cdemu/ppa/ubuntu natty main"
sudo aptitude update
sudo aptitude full-upgrade
sudo aptitude install gcdemu cdemu-client
22.) Remove ubuntu one:
sudo aptitude purge ubuntuone-client
23.) Removed
24.) Set up email backups (case only)
crontab -e
then make it look like:
0 1 2 * * /home/matt/bin/backup_email > /dev/null
so it will on the second of the month at 1am and log to nowhere
25.) Set the java look and feel to not suck
sudo update-alternatives --config java
and select sun's java
Set the look and feel to not suck:
- edit /usr/lib/jvm/java-6-sun/jre/lib/swing.properties
- uncomment the GTKLookAndFeel line
- (note that the openJDK is
/usr/lib/jvm/java-6-openjdk/jre/lib/swing.properties)
-- Installed for skunkwerks
aptitude install netbeans sun-java6-jdk
26.) Set up sensors (if not set up automagically) for case
- For case / Gigabyte X48-DQ6 board
- add the following to /etc/modules:
it87
coretemp
(For new machines, this is accomplished by running sensors-detect and following prompts)
# FIXME - edit the conf file to fix scaling, etc.
27.) Removed
28.) Make tcl not ugly
sudo update-alternatives --config wish
and then set for wish8.5
29.) Fix volume hotkeys for hiro
sudo cp /sys/devices/platform/thinkpad_acpi/hotkey_all_mask /sys/devices/platform/thinkpad_acpi/hotkey_mask
30.) Set up logcheck
- edit /etc/cron.d/logcheck and set it to @daily and not every 2 hours
31.) Set up portsentry (which actually doesn't work for stuff running
firewalls...)
- edit /etc/default/portsentry and set it to atcp/audp mode
- sudo service portsentry restart
32.) Set up log monitoring
TODO - finish this
33.) Add mail notification from repos, because the default one doesn't do SSL
sudo apt-add-repository ppa:mail-notification-ssl/ppa
sudo aptitude update
sudo aptitude install mail-notification
34.) Removed
35.) Removed
36.) Install hpodder build dependencies (deprecated, if ported over to
a different podcatcher):
aptitude install haskell-compiler libghc6-configfile-dev libghc6-hdbc-dev libghc6-hdbc-sqlite3-dev libghc6-haxml-dev libghc6-missingh-dev libghc6-hslogger-dev libghc6-mtl-dev libghc6-network-dev libghc6-parsec-dev
37.) Install qbrew build dependencies:
aptitude install qt4-qmake libqt4-dev qt4-designer
38.) Install virtualbox bleeding edge
cd /etc/apt/sources.list.d
sudo -e virtualbox.list
add: deb http://download.virtualbox.org/virtualbox/debian natty contrib non-free
sudo chmod a+r virtualbox.list
wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add -
sudo aptitude update
sudo aptitude install virtualbox-4.0
47.) Remove the Airport express pulseaudio module (because it's broken)
sudo aptitude remove pulseaudio-module-raop
48.) Fix bash completion.
sudo -e /etc/bash_completion
go to line 1587
change -o defaults to -o filenames
49.) Remove xscreensaver (so it doesn't start)
sudo aptitude remove xscreensaver
=== Games ===
1.) Install openxcom supporting stuff so we can build it:
sudo aptitude install libsdl-gfx1.2-dev libyaml-dev
2.) Add GetDeb games repo (PlayDeb)
wget -q -O - http://archive.getdeb.net/getdeb-archive.key | sudo apt-key add -
sudo add-apt-repository "deb http://archive.getdeb.net/ubuntu natty-getdeb games"
and install a bunch of stuff from there (not all of this may work, the
repo seems a little ill-maintained at this time)
sudo aptitude update
sudo aptitude install warzone2100 enemy-territory smokinguns bloodfrontier bombic ufoai hedgewars
I had gotten this to do FreeOrion, but that's apparently not here...
3.) Install some games:
TODO - update with more? OpenTycoon, etc?
aptitude install boswars freecol lincity-ng warzone2100 freeciv-sound-standard freeciv-client-gtk
scummvm beneath-a-steel-sky flight-of-the-amazon-queen fluidsynth
4.) Add PlayOnLinux
echo "deb http://deb.playonlinux.com/ natty main" | \
sudo tee -a /etc/apt/sources.list.d/playonlinux-natty.list
sudo chmod a+r /etc/apt/sources.list.d/playonlinux-natty.list
sudo aptitude update
sudo aptitude install playonlinux
5.) Install updated wine
sudo apt-add-repository ppa:ubuntu-wine/ppa