Compare commits

..

No commits in common. "af7fee31a60d62a7b79ae0aea64e4a563613111f" and "93d393519735006e8ab01890ec4642b23094ff31" have entirely different histories.

8 changed files with 57 additions and 93 deletions

View File

@ -3,6 +3,6 @@ prompt 1
timeout 1 timeout 1
label linux label linux
menu label Debian menu label Debian Testing
linux /vmlinuz linux /vmlinuz
append initrd=/initrd.img ro quiet vga=0x314 root=LABEL=System append initrd=/initrd.img init=/bin/systemd ro quiet vga=0x314 root=UUID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

View File

@ -5,7 +5,7 @@ These are carefully crafted Nginx config files.
Do not forget the following: Do not forget the following:
sudo chown -R wwwrun.www /var/lib/nginx # if on openSUSE sudo chown -R wwwrun.www /var/lib/nginx
cd /etc/nginx/sites-conf cd /etc/nginx/sites-conf
sudo ln -s example.ssl default.ssl sudo ln -s example.ssl default.ssl

View File

@ -1,7 +1,4 @@
user www-data; user wwwrun www;
# Or, if on openSUSE:
# user wwwrun www;
worker_processes auto; worker_processes auto;
pid /run/nginx.pid; pid /run/nginx.pid;

View File

@ -2,11 +2,11 @@
A `chroot` environment can be used to modify a system installed to a different location. A `chroot` environment can be used to modify a system installed to a different location.
Combined with `aufs`, the technique can be used, for example, to modify a mounted ISO image. Combined with `aufs`, the technique can be used, for example, to modify an ISO live image.
## Setup ## Setup
MNT=/mnt MNT=/tmp/mnt/rootfs
mount -o bind /dev $MNT/dev mount -o bind /dev $MNT/dev
mount -o bind /dev/pts $MNT/dev/pts mount -o bind /dev/pts $MNT/dev/pts
mount -t proc none $MNT/proc mount -t proc none $MNT/proc
@ -15,8 +15,6 @@ Combined with `aufs`, the technique can be used, for example, to modify a mounte
cp /etc/resolv.conf $MNT/etc/resolv.conf cp /etc/resolv.conf $MNT/etc/resolv.conf
chroot $MNT chroot $MNT
`$MNT/etc/mtab` should be edited manually to correctly point to the root file system.
Umount the chroot environment: Umount the chroot environment:
umount $MNT/{sys,proc,dev/pts,dev} umount $MNT/{sys,proc,dev/pts,dev}
@ -25,7 +23,6 @@ Umount the chroot environment:
## AUFS Overlay ## AUFS Overlay
Mount a writeable version of `/tmp/mnt/root` to `/tmp/mnt/rootrw` Mount a writeable version of `/tmp/mnt/rootfs` to `/tmp/mnt/rootrw`
mkdir -p /tmp/mnt/{root,rootrw,aufs} mount -t aufs -o br:/tmp/mnt/aufs:/tmp/mnt/rootfs none /tmp/mnt/rootrw
mount -t aufs -o br:/tmp/mnt/aufs:/tmp/mnt/root none /tmp/mnt/rootrw

View File

@ -2,23 +2,21 @@ Prepare Image
============= =============
* Use the **VMDK format** * Use the **VMDK format**
* Use SCSI adapter type in VM, or:
* Add **mptspi** (SCSI driver) to the initrd * Add **mptspi** (SCSI driver) to the initrd
* openSUSE: Edit `/etc/dracut.conf` * openSUSE: Edit `/etc/dracut.conf`
1. Change the line `#add_drivers+=""` to `add_drivers+="mptspi"` Change the line `#add_drivers+=""` to `add_drivers+="mptspi"`
2. Execute `dracut -f` Then execute `dracut -f`
* openSUSE < 13.2: * openSUSE < 13.2:
1. Edit `/etc/sysconfig/kernel` 1. Edit `/etc/sysconfig/kernel`
2. Add it to `INITRD_MODULES` 2. Add it to `INITRD_MODULES`
3. Update initrd: `mkinitrd` 3. Update initrd: `mkinitrd`
* Debian
1. Edit `/etc/initramfs-tools/modules`
2. Execute `update-initramfs -u`
Copy VM to ESX Copy VM to ESX
============== ==============
1. Create a new VM using the vSphere Client 1. Create a new VM using the vSphere Client
* Create a disk image, but it will not be used afterwards.
2. Upload the VMDK disk image files 2. Upload the VMDK disk image files

View File

@ -6,8 +6,6 @@ a basic copy of a Debian derivative into a folder.
This guide explains how to install a full Kubuntu system with debootstrap. This guide explains how to install a full Kubuntu system with debootstrap.
However, any Ubuntu flavour can be installed this way. However, any Ubuntu flavour can be installed this way.
This guide uses Bashisms.
# Procedure # Procedure
## Basic Minimal Installation ## Basic Minimal Installation
@ -19,13 +17,8 @@ The subsequent commands are all executed inside a
## Basic Configuration ## Basic Configuration
### Mark packages
apt-mark showmanual | xargs apt-mark auto
### Set language ### Set language
apt-get install locales
locale-gen en_US.UTF-8 locale-gen en_US.UTF-8
update-locale LANG=en_US.UTF-8 update-locale LANG=en_US.UTF-8
@ -35,37 +28,23 @@ The subsequent commands are all executed inside a
### Basic configuration ### Basic configuration
echo > /etc/fstab Do not forget to edit `fstab`, `hostname`, and `hosts` in /etc.
echo "LABEL=System / ext4 errors=remount-ro,noatime 0 1" >> /etc/fstab
echo > /etc/hosts An example fstab might look like:
echo "127.0.0.1 localhost" >> /etc/hosts
echo "127.0.0.1 your-host" >> /etc/hosts
echo "::1 ip6-localhost ip6-loopback" >> /etc/hosts
echo "your-host" > /etc/hostname
echo > /etc/network/interfaces.d/eth0 LABEL=System / ext4 errors=remount-ro,noatime,discard 0 1
echo auto eth0 >> /etc/network/interfaces.d/eth0
echo iface eth0 inet dhcp >> /etc/network/interfaces.d/eth0
Note: The option `discard` can be added in `/etc/fstab` for SSD disks. Note: `discard` is useful for SSD disks.
### Configure keyboard (optional) ### Optionally, configure keyboard
dpkg-reconfigure keyboard-configuration dpkg-reconfigure keyboard-configuration
### Configure APT (optional) ### Optionally, configure APT
echo 'APT::AutoRemove::RecommendsImportant "true";' >> /etc/apt/apt.conf.d/99no-recommends # /etc/apt/apt.conf.d/99recommends
echo 'APT::Install-Recommends "false";' >> /etc/apt/apt.conf.d/99no-recommends APT::AutoRemove::RecommendsImportant
echo 'APT::Get::Purge "true";' >> /etc/apt/apt.conf.d/99always-purge APT::Install-Recommends
### ACPI support (optional)
apt-get install acpi-support-base
systemctl enable acpid
Note: This enables ACPI shutdown as commonly used in VMs.
## Ubuntu Installation ## Ubuntu Installation
@ -73,8 +52,9 @@ Note: This enables ACPI shutdown as commonly used in VMs.
apt-get install ubuntu-minimal apt-get install ubuntu-minimal
`ubuntu-minimal` contains useful packages ubuntu-minimal contains useful packages
which would have to be installed manually in Debian. which would have to be installed manually in Debian.
These include: `cron logrotate nano netbase net-tools isc-dhcp-client sudo rsyslog` These include: `cron logrotate nano netbase net-tools isc-dhcp-client sudo rsyslog`
### Add a regular user ### Add a regular user
@ -90,24 +70,14 @@ In Ubuntu, the default secondary user groups are:
To install a bootable system, the kernel and a bootloader To install a bootable system, the kernel and a bootloader
have to be installed. have to be installed.
apt-get install linux-generic
The following command installs Grub for EFI with Secure Boot enabled: The following command installs Grub for EFI with Secure Boot enabled:
apt-get install grub-efi-amd64-signed shim-signed apt-get install linux-generic grub-efi-amd64-signed shim-signed
For BIOS: For BIOS, `grub-pc` has to be installed.
apt-get install grub-pc Alternatively, extlinux can be installed instead of grub.
That section has yet to be written though...
Alternatively, extlinux can be installed:
apt-get install extlinux
mkdir /boot/extlinux
extlinux -i /boot/extlinux
cat /usr/lib/EXTLINUX/mbr.bin > /dev/sda
Copy [extlinux.conf](../conf/extlinux.conf) to `/boot/extlinux`.
### Install desktop system ### Install desktop system
@ -119,18 +89,18 @@ It is a good time to add some repositories.
All Ubuntu repositories are enabled using the following configuration: All Ubuntu repositories are enabled using the following configuration:
echo > /etc/apt/sources.list # /etc/apt/sources.list
echo "deb http://ch.archive.ubuntu.com/ubuntu wily main restricted universe multiverse" >> /etc/apt/sources.list deb http://ch.archive.ubuntu.com/ubuntu/ wily main restricted universe multiverse
echo "deb http://ch.archive.ubuntu.com/ubuntu wily-security main restricted universe multiverse" >> /etc/apt/sources.list deb http://ch.archive.ubuntu.com/ubuntu/ wily-security main restricted universe multiverse
echo "deb http://ch.archive.ubuntu.com/ubuntu wily-updates main restricted universe multiverse" >> /etc/apt/sources.list deb http://ch.archive.ubuntu.com/ubuntu/ wily-updates main restricted universe multiverse
echo "deb http://archive.canonical.com/ubuntu wily partner" >> /etc/apt/sources.list deb http://archive.canonical.com/ubuntu wily partner
Also refer to the [Ubuntu Help](https://help.ubuntu.com/community/Repositories/Ubuntu) Also refer to the [Ubuntu Help](https://help.ubuntu.com/community/Repositories/Ubuntu)
to read about the different components. to find about the different components.
Some PPAs are needed to ensure the latest software versions are installed. Some PPAs are needed to be sure to get the latest software versions.
First, the `add-apt-repository` helper is installed, First the `add-apt-repository` helper is installed,
and then, those repositories are added: and then those repositories are added:
apt-get install software-properties-common apt-get install software-properties-common
apt-mark auto software-properties-common apt-mark auto software-properties-common
@ -138,12 +108,13 @@ and then, those repositories are added:
add-apt-repository ppa:libreoffice/ppa add-apt-repository ppa:libreoffice/ppa
add-apt-repository ppa:rvm/smplayer add-apt-repository ppa:rvm/smplayer
add-apt-repository ppa:qtbittorrent-team/qtbittorrent-stable add-apt-repository ppa:qtbittorrent-team/qtbittorrent-stable
echo "deb http://debian-mirrors.sdinet.de/debian-multimedia testing main" > /etc/apt/sources.list.d/deb-multimedia.list echo deb http://debian-mirrors.sdinet.de/debian-multimedia testing main \
> /etc/apt/sources.list.d/deb-multimedia.list
#### Install desktop packages #### Install desktop packages
apt-get update Now do an `apt-get update` and install the desktop system:
apt-get install --allow-unauthenticated -y deb-multimedia-keyring
apt-get install --install-recommends ubuntu-standard kubuntu-desktop kubuntu-restricted-extras language-pack-kde-en apt-get install --install-recommends ubuntu-standard kubuntu-desktop kubuntu-restricted-extras language-pack-kde-en
Personally, I like to use Chrome and SMPlayer: Personally, I like to use Chrome and SMPlayer:
@ -155,3 +126,5 @@ Personally, I like to use Chrome and SMPlayer:
Sometimes, some packages have to be pulled Sometimes, some packages have to be pulled
from [packages.debian.org](http://packages.debian.org) manually. from [packages.debian.org](http://packages.debian.org) manually.
## Finished!

View File

@ -50,9 +50,9 @@ Security
* Disable root account (put an asterisk `*` as password) * Disable root account (put an asterisk `*` as password)
* Create SSH user: * Create SSH user:
* `echo "sshuser:x:999:65534::/run:/bin/bash" >> /etc/passwd` * /etc/passwd: `sshuser:x:999:65534::/run:/bin/bash`
* `echo "sshuser:*:16436:0:99999::::" >> /etc/shadow` * /etc/shadow: `sshuser:*:16436:0:99999::::`
* Change the password: `sudo passwd sshuser` * Change its password: `$ sudo passwd sshuser`
* Edit SSH config `/etc/ssh/sshd_config`: * Edit SSH config `/etc/ssh/sshd_config`:
Port xxx Port xxx
@ -119,18 +119,19 @@ Debian `/etc/cron.*` times:
AWstats AWstats
======= =======
mkdir /usr/local/awstats && cd /usr/local/awstats && git init mkdir /usr/local/awstats; cd /usr/local/awstats
git remote add origin https://github.com/eldy/awstats.git git init
git fetch --depth=1 origin tag AWSTATS_7_4 git remote add origin git://git.code.sf.net/p/awstats/code
git checkout AWSTATS_7_4 git fetch --depth=1 origin tag AWSTATS_7_3
git checkout AWSTATS_7_3
mkdir /usr/local/share/cgi-bin
ln -s /usr/local/awstats/wwwroot /usr/local/share/cgi-bin/awstats
Check version tags: Check version tags:
git ls-remote git ls-remote
To use it with [AWstats](../conf/nginx/sites-available/example),
set: `DirIcons="/awstatsicons"`
Free Space Free Space
========== ==========

View File

@ -37,7 +37,8 @@ The safe update script which is listed below.
## Universal Safe Update ## Universal Safe Update
Copy the file [git-safe-update.sh](../scripts/git-safe-update.sh) and make it executable. The script is located in [scripts/git-safe-update.sh](../scripts/git-safe-update.sh).
Copy the file to `/path/to/safe-update` and make it executable.
It can be used to update any repository. It takes two arguments: It can be used to update any repository. It takes two arguments:
@ -62,7 +63,7 @@ It executes `safe-update` only when the master branch is updated.
read oldid newid ref read oldid newid ref
if [ "$ref" = "refs/heads/master" ]; then if [ "$ref" = "refs/heads/master" ]; then
sudo /path/to/safe-update /path/to/deploy-target www-data.www-data sudo /path/to/safe-update /path/to/deploy-target wwwrun.www
fi fi
``` ```
@ -74,11 +75,8 @@ a `file:` URL as the remote.
The *master* branch is assumed to be a deployable version. The *master* branch is assumed to be a deployable version.
Hence, use the following command to add the remote: Hence, use the following command to add the remote:
cd /path/to/deploy-target
git init
git remote add -t master origin file:///path/to/main.git git remote add -t master origin file:///path/to/main.git
git fetch --depth=1 git branch -u origin/master
git checkout master
## Sudo Configuration ## Sudo Configuration