1
0
Fork 0
dot/README.md

188 lines
5.8 KiB
Markdown
Raw Normal View History

2024-02-11 10:29:14 +01:00
# dot
This repo tracks user and system configuration files, installed packages
and used commands for several machines or virtual servers. All are
running Debian. The `milano` section documents our desktop setup based
on `sway`, `foot`, `neovim` and `fuzzel`.
## milano
2024-01-27 22:02:29 +01:00
```sh
2024-02-11 10:29:14 +01:00
# urosm@milano
## bootstrap dotfiles
2024-01-27 22:02:29 +01:00
sudo apt install git
2024-01-27 23:31:55 +01:00
git init -b main
2024-01-27 22:02:29 +01:00
git remote add origin gitea@git.kompot.si:urosm/dot.git
2024-02-11 10:29:14 +01:00
git pull origin main
## disable annoying .sudo_as_admin_successful file
2024-01-27 23:31:55 +01:00
sudo cp -ri .config/sudoers.d /etc/
2024-02-11 10:29:14 +01:00
## update to debian testing
2024-01-27 23:31:55 +01:00
sudo cp -ri .config/apt /etc/
2024-02-11 10:29:14 +01:00
sudo apt update
sudo apt full-upgrade
## reconfigure locales
2024-01-27 22:02:29 +01:00
sudo dpkg-reconfigure locales
2024-02-11 10:29:14 +01:00
## install tasksel packages
sudo tasksel install web-server
sudo tasksel install ssh-server
## harden ssh
sudo cp -ri .config/ssh /etc/
systemctl restart sshd
## install and configure fail2ban
sudo apt install fail2ban python3-pyinotify python3-systemd whois
sudo cp -ir .config/fail2ban /etc/
systemctl restart fail2ban
## install and configure firewall
2024-01-27 22:02:29 +01:00
sudo apt install ufw
sudo ufw allow "SSH"
sudo ufw allow 1194/udp
sudo ufw enable
2024-02-11 10:29:14 +01:00
## install utils
sudo apt install network-manager
sudo cp -ir .config/network /etc/
sudo apt install udisks2
sudo apt install screen
sudo apt install jq
## install neovim
2024-01-27 22:02:29 +01:00
sudo apt install neovim
2024-02-11 10:29:14 +01:00
## install desktop packages
sudo apt install sway
2024-01-27 22:02:29 +01:00
sudo apt install swayidle swaylock
2024-02-11 10:29:14 +01:00
sudo apt install fuzzel
2024-01-27 22:02:29 +01:00
sudo apt install brightnessctl wlsunset
sudo apt install wl-clipboard grim
sudo apt install libnotify-bin mako-notifier
2024-02-11 10:29:14 +01:00
sudo apt install fonts-ibm-plex
## install and configure audio packages
sudo apt install pipewire-audio
systemctl --user enable --now wireplumber.service
## install writing packages
sudo apt install make
2024-01-27 22:02:29 +01:00
sudo apt install pandoc
sudo apt install texlive-latex-extra
sudo apt install texlive-lang-european
2024-02-11 10:29:14 +01:00
## install web packages
2024-01-27 22:02:29 +01:00
sudo apt install firefox
sudo apt install thunderbird
2024-02-11 10:29:14 +01:00
## install media packages
2024-01-27 22:02:29 +01:00
sudo apt install mpv
sudo apt install zathura
sudo apt install inkscape
2024-02-11 10:29:14 +01:00
## install office packages
2024-01-27 22:02:29 +01:00
sudo apt install libreoffice libreoffice-gtk3
sudo apt install libreoffice-l10n-sl
2024-02-11 10:29:14 +01:00
## install printing packages
2024-01-27 22:02:29 +01:00
sudo apt install cups printer-driver-all
2024-02-11 10:29:14 +01:00
sudo adduser urosm lpadmin
## install scanning packages
2024-01-27 22:02:29 +01:00
sudo apt install simple-scan
2024-02-11 10:29:14 +01:00
## install pdf processing packages
sudo apt install qpdf ocrmypdf
## install rdp packages
2024-01-27 22:02:29 +01:00
sudo apt install remmina
2024-02-11 10:29:14 +01:00
## install and setup ikiwiki
2024-01-27 22:02:29 +01:00
sudo apt install ikiwiki
2024-02-11 10:29:14 +01:00
sudo apt install libfile-mimeinfo-perl libhighlight-perl libhtml-tree-perl libimage-magick-perl liblocale-gettext-perl libmailtools-perl libnet-amazon-s3-perl libnet-inet6glue-perl libsearch-xapian-perl libsort-naturally-perl libtext-csv-perl libtext-multimarkdown-perl libtext-textile-perl libtext-typography-perl libtext-wikicreole-perl libtext-wikiformat-perl libxml-feed-perl libxml-writer-perl
chmod 711 $HOME
sudo a2enmod userdir
sudo a2enmod cgi
sudo cp .config/apache2/sites-available/kontrakurs.localhost.conf /etc/apache2/sites-available/
sudo cp .config/apache2/sites-available/bavbavhaus.localhost.conf /etc/apache2/sites-available/
sudo a2ensite kontrakurs.localhost bavbavhaus.localhost
systemctl restart apache2
```
## padova
```sh
ssh root@padova
adduser urosm
adduser urosm sudo
exit
ssh-copy-id urosm@padova
ssh urosm@padova
## bootstrap dotfiles
sudo apt install git
git init -b main
git remote add origin gitea@git.kompot.si:urosm/dot.git
git pull origin main
## additional config in `etc`
sudo cp -ri .config/sudoers.d /etc/
## install screen
sudo apt install screen
## install and configure firewall
sudo apt install ufw
sudo ufw allow "SSH"
sudo ufw allow 1194/udp
sudo ufw enable
## harden ssh
sudo cp -ri .config/ssh /etc/
sudo systemctl restart sshd
## install and configure fail2ban
sudo apt install fail2ban python3-pyinotify python3-systemd whois
sudo cp -ir .config/fail2ban /etc/
sudo systemctl restart fail2ban
## install and configure wireguard
sudo cp -ir .config/sysctl.d /etc/
sudo sysctl -p
sudo apt install wireguard
sudo cp -i .config/wireguard/padova.conf /etc/wireguard/
wg-quick up padova
## enable unattended-upgrades
sudo apt install unattended-upgrades apt-listchanges
sudo dpkg-reconfigure -plow unattended-upgrades
```
## tivoli
```sh
# urosm@tivoli
ssh root@tivoli
adduser urosm
adduser urosm sudo
exit
ssh-copy-id urosm@tivoli
ssh urosm@tivoli
## bootstrap dotfiles
sudo apt install git
git init -b main
git remote add origin gitea@git.kompot.si:urosm/dot.git
git pull origin main
## additional config in `etc`
sudo cp -ri .config/sudoers.d /etc/
## install screen
sudo apt install screen
## install and configure firewall
sudo apt install ufw
sudo ufw allow "SSH"
sudo ufw allow "WWW Full"
sudo ufw enable
## harden ssh
sudo cp -ir .config/ssh /etc/
sudo systemctl restart sshd
## install and configure fail2ban
sudo apt install fail2ban python3-pyinotify python3-systemd whois
sudo cp -ir .config/fail2ban /etc/
sudo systemctl restart fail2ban
## install and configure webserver
sudo tasksel install web-server
sudo a2enmod rewrite
sudo a2enmod userdir
sudo a2enmod cgi
chmod 711 "$HOME"
sudo cp -ir .config/apache2/sites-available /etc/apache2/
sudo a2ensite bavbavhaus.net
sudo a2ensite kontrakurs.org
sudo systemctl reload apache2
## install certbot
sudo apt install certbot
sudo apt install python3-certbot-apache
sudo certbot --apache
## install ikiwiki
sudo apt install --install-recommends ikiwiki
sudo apt install libfile-mimeinfo-perl libhighlight-perl libhtml-tree-perl libimage-magick-perl liblocale-gettext-perl libmailtools-perl libnet-amazon-s3-perl libnet-inet6glue-perl libsearch-xapian-perl libsort-naturally-perl libtext-csv-perl libtext-multimarkdown-perl libtext-textile-perl libtext-typography-perl libtext-wikicreole-perl libtext-wikiformat-perl libxml-feed-perl libxml-writer-perl
## enable unattended-upgrades
sudo apt install unattended-upgrades apt-listchanges
sudo dpkg-reconfigure -plow unattended-upgrades
2024-01-27 22:02:29 +01:00
```