From d231ad9e579bae2d1e39d985c84d51db5e0e3573 Mon Sep 17 00:00:00 2001 From: James Bunton Date: Wed, 6 Mar 2024 01:43:40 +1100 Subject: [PATCH] install/setup notes --- notes/desktop:debian-bookworm.txt | 101 ++++++++++++++++++++++ notes/flathub.txt | 5 ++ notes/raspi-headless:raspian-bookworm.txt | 45 ++++++++++ notes/snapper.txt | 20 +++++ 4 files changed, 171 insertions(+) create mode 100644 notes/desktop:debian-bookworm.txt create mode 100644 notes/flathub.txt create mode 100644 notes/raspi-headless:raspian-bookworm.txt create mode 100644 notes/snapper.txt diff --git a/notes/desktop:debian-bookworm.txt b/notes/desktop:debian-bookworm.txt new file mode 100644 index 0000000..da90f4c --- /dev/null +++ b/notes/desktop:debian-bookworm.txt @@ -0,0 +1,101 @@ +THE_DEV=/dev/sda +THE_HOSTNAME=somehost +THE_USERNAME=someuser + +gdisk $THE_DEV +ESP 200M ef00 +XBOOTLDR 824M +LUKSROOT + +vgcreate $THE_HOSTNAME /dev/disk/by-partlabel/LUKSROOT +lvcreate -L16G -nswap $THE_HOSTNAME +lvcreate -l100%FREE -nroot $THE_HOSTNAME + +mount /dev/mapper/$THE_HOSTNAME-root /mnt/ + +cd /mnt/ +btrfs fi label /mnt/ btrfsroot +btrfs subv create @root +btrfs subv set-default /mnt/@root +btrfs subv create @home +btrfs subv create @apt +btrfs subv create @vartmp +chmod 1777 @vartmp +umount /mnt/ +mount /dev/mapper/$THE_HOSTNAME-root /mnt/ + +mkdir -p /mnt/etc/ +cat < /mnt/etc/fstab +LABEL=btrfsroot / btrfs subvol=@root,discard,compress,nodev 0 0 +LABEL=btrfsroot /btrfs btrfs subvol=/,discard,compress,nodev,nosuid 0 0 +LABEL=btrfsroot /home btrfs subvol=@home,discard,compress,nodev,nosuid 0 0 +LABEL=btrfsroot /var/cache/apt btrfs subvol=@apt,discard,compress,nodev,nosuid 0 0 +LABEL=btrfsroot /var/tmp btrfs subvol=@vartmp,discard,compress,nodev,nosuid 0 0 +PARTLABEL=XBOOTLDR /boot ext4 discard,nodev,nosuid,noexec 0 0 +PARTLABEL=ESP /boot/efi vfat discard,nodev,nosuid,noexec 0 0 +LABEL=swap swap swap discard 0 0 +tmpfs /tmp tmpfs nosuid,nodev 0 0 +EOT + +debootstrap bookworm /mnt/ https://deb.debian.org/debian + +cat < /mnt/etc/apt/sources.list +deb https://deb.debian.org/debian bookworm main contrib non-free non-free-firmware +deb https://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware +deb https://deb.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware +EOT + +chroot /mnt/ + +mkdir -p /btrfs/ /boot/efi/ /home/ /var/cache/apt/ /var/tmp/ + +mkdir /run/systemd/resolve/ +[ -f /run/systemd/resolve/stub-resolv.conf ] || echo 'nameserver 1.1.1.1' > /run/systemd/resolve/stub-resolv.conf + +echo $THE_HOSTNAME > /etc/hostname +echo do_symlinks=no > /etc/kernel-img.conf + +cd /root/ +apt-get install aptitude curl git python3 vim +curl -sSfL https://code.delx.au/p/dotfiles | bash + +exit +for i in /dev /proc /sys /run /tmp; do mount --rbind $i /mnt$i; done +chroot /mnt/ +cd /root + +mkdir /root/bin/ +git clone https://code.delx.au/monosys +ln -s /root/monosys/bin /root/bin/monosys-bin + +mkdir /root/monosys/package-lists/local +ln -s /root/monosys/package-lists/local /root/.aptorphan +cd /root/monosys/package-lists/local +for i in base base-hw desktop-base desktop-gnome desktop-gnome-software desktop-plymouth desktop-printing filesystems multimedia-players wifi; do ln -s ../debian/$i; done +cp ../debian/system . + +apt-get update +aptorphan + +dpkg-reconfigure locales +systemctl disable ssh +find /etc/systemd/system -xtype l -delete + +mv /etc/default/grub{,.bak} +cp /root/monosys/etc/default/grub /etc/default/grub +grub-install +update-grub + +passwd root +adduser $THE_USER +gpasswd -a $THE_USER sudo + +plymouth-set-default-theme spinner + + + +reboot + +timedatectl set-timezone Australia/Sydney + +flatpak remote-add flathub https://dl.flathub.org/repo/flathub.flatpakrepo diff --git a/notes/flathub.txt b/notes/flathub.txt new file mode 100644 index 0000000..272fd08 --- /dev/null +++ b/notes/flathub.txt @@ -0,0 +1,5 @@ +flatpak install +- firefox +- flatseal +- libreoffice +- keepassxc diff --git a/notes/raspi-headless:raspian-bookworm.txt b/notes/raspi-headless:raspian-bookworm.txt new file mode 100644 index 0000000..12adc9f --- /dev/null +++ b/notes/raspi-headless:raspian-bookworm.txt @@ -0,0 +1,45 @@ +# https://www.raspberrypi.com/documentation/computers/configuration.html#set-up-a-headless-raspberry-pi +# https://www.raspberrypi.com/software/operating-systems/ + +xzcat image.xz | pv > /dev/mmcblk0 + +mount /dev/mmcblk0p1 /mnt +touch /mnt/ssh +echo "pitmp:$(echo 'password1A!' | openssl passwd -6 -stdin)" > /mnt/userconf.txt + +# boot +THE_IP=192.168.1.XXX + +ssh-copy-id pitmp@$THE_IP +ssh pitmp@$THE_IP sudo cp -R ~pitmp/.ssh /root/.ssh + +ssh root@$THE_IP + +deluser pitmp +rm -rf /home/pitmp + +hostnamectl set-hostname XYZ +timedatectl set-timezone Australia/Sydney +localectl set-locale en_AU.UTF-8 + +rm -rf /var/log/journal +systemctl restart systemd-journald + +rm /initrd.img /initrd.img.old /vmlinuz /vmlinuz.old +echo 'do_symlinks=no' > /etc/kernel-img.conf + +apt-get install git python3 screen vim +curl -sSfL https://code.delx.au/p/dotfiles | bash + +git clone https://code.delx.au/monosys + +cp monosys/etc/ssh/sshd_config sshd_config +(cd /etc/ssh/; rm ssh_host_ecdsa_key ssh_host_ecdsa_key.pub ssh_host_rsa_key ssh_host_rsa_key.pub) + +cp monosys/etc/systemd/network/ethernet.network /etc/systemd/network/ethernet.network +systemctl stop networking +systemctl start systemd-networkd +systemctl enable systemd-networkd +for i in ModemManager NetworkManager avahi-daemon{,.socket} triggerhappy{,.socket} wpa_supplicant udisks2; do systemctl disable --now $i; done + +find /etc/systemd/system -xtype l -delete diff --git a/notes/snapper.txt b/notes/snapper.txt new file mode 100644 index 0000000..072ac9b --- /dev/null +++ b/notes/snapper.txt @@ -0,0 +1,20 @@ +snapper -c root create-config / +snapper -c home create-config /home + +vim /etc/snapper/configs/* +``` +SUBVOLUME="/" +FSTYPE="btrfs" + +SPACE_LIMIT="0.5" +FREE_LIMIT="0.2" + +TIMELINE_CREATE="yes" +TIMELINE_CLEANUP="yes" +TIMELINE_MIN_AGE="1800" +TIMELINE_LIMIT_HOURLY="10" +TIMELINE_LIMIT_DAILY="60" +TIMELINE_LIMIT_WEEKLY="0" +TIMELINE_LIMIT_MONTHLY="0" +TIMELINE_LIMIT_YEARLY="0" +``` -- 2.39.2